“A whistleblower is like a smoke detector. Every building should have one. Sometimes, the smoke detector goes off, and there’s no fire,” Howard Wilkinson told the Danish Parliament on Nov. 19, 2018. “But sometimes a smoke detector goes off when there’s a fire that’s in the basement that no one’s found.”

Some years before, Wilkinson, as a trader in the Estonian branch of Danske Bank in Tallinn, had discovered the first signs of a $230 billion money-laundering scheme.

“What’s happened in this case? … Well, the smoke detector went off four times,” he told the rapt Danish Parliament, referring to the four times he warned Danske Bank, the largest financial institution in Denmark. “There was a huge fire. The smoke was filling the corridors. The bank didn’t just ignore the smoke detector; it actively tried to switch the smoke detector off. … The smoke detector should not be turned off.”

During his testimony before the Danish Parliament, and the European Parliament the next day, Wilkinson told how he discovered, during his Estonia Danske position, that at least 10 international banks were involved in the flow of suspicious money, including three Danske entities. Government agencies on two continents continue their investigations on how the money wound its way through money-laundering channels.

Wilkinson will tell his story of courage at the 31st Annual ACFE Global Fraud Conference June 21-26 in Boston. The ACFE will present him with the Cliff Robertson Sentinel Award “For Choosing Truth Over Self.”

Suspicious Danske customer account

From December 2006 to April of 2014, Wilkinson, a British citizen, worked at the Estonian branch of Danske Bank where he was responsible for the financial markets operations of three Baltic branches.

“I knew that the non-resident business was the key income driver for the Estonia branch and for the Baltics as a whole,” says Wilkinson during a recent Fraud Magazine interview. An internal memo later uncovered said that 90% of Danske’s Estonia profits came from non-residents. “However, we were all repeatedly told that the risks were carefully managed. … We were told that Estonia had the best AML procedures in the group.”

In summer of 2012, an account manager asked Wilkinson for help in obtaining financial information on a supposed British customer, Lantana Trade LLP. “Lantana Trade had accounts open and wanted to start doing foreign exchange transactions,” Wilkinson says. He was curious about this business, so he spent one pound to buy Lantana’s filing history from the UK Companies House website.

For the period ending May 31, 2012, Lantana was a “Dormant Limited Liability Partnership Account” with zero pounds to its name on the balance sheet. “This of course was not consistent with the company having had accounts open in the bank for several months prior to the account period end date of 31 May 2012, with significant activity level and account balances,” Wilkinson says. “It was on the face of it suspicious.”

When Wilkinson found the false account filing, he contacted the Danske account manager and compliance officer, and later branch management, to explain the problem. “The compliance officer promised to follow-up with the customer,” he says. “The member of branch management later told me that the customer had made a mistake with its filing and would refile with amended accounts.

“In the absence of any context of general concern on my part, this seemed plausible,” he says. “Clients often controlled several companies with accounts in the bank, which opened and closed down frequently. All account openings for non-residents had to be approved by a special committee, so frequent openings and closings didn’t give me any particular concern. It was not impossible that in isolation the filings for two companies could have gotten mixed up.”

In September 2013, a year after Wilkinson’s Lantana discovery, a senior bank official had told him that Lantana was no longer a Danske client and said that another official told him that one of Lantana’s owners was a relative of Vladimir Putin.

“In general, chucking bad clients out of the bank is a positive sign,” Wilkinson says. “However, given the context that this client was exactly the one that I had highlighted the year before as having filed false accounts, this was a concern. The colorful links that the senior official mentioned to me — that Lantana’s beneficial owners included officials from the FSB [Russia’s internal security and counterintelligence service, Federal Security Service] and a relative of President Putin — only added to my concern.”

During his 2013 Christmas break, Wilkinson visited the UK Companies House website and paid another pound for Lantana’s amended account. “The amended accounts at least showed that the company was not dormant,” he says. “However, they were still false and bore no resemblance to the actual activity level or cash balance of the company. Given back in summer of 2012 I had alerted relevant people in the branch — including a member of management — to the initial false accounts and received assurances from management that things would be sorted out, this indicated that something was very wrong.”

Wilkinson then sent an email to four Danske officials in Copenhagen — the chief risk officer on the executive board, group chief auditor (head of internal audit), group head of AML and head of the Baltic Banking division — about AML issues surrounding Lantana. The email subject line read, “Whistleblowing disclosure — knowingly dealing with criminals in Estonia branch.” He said that he felt he had no option but to approach senior group employees directly because the credibility of the branch could be questioned.

“It is not appropriate to raise these issues within the branch due to their serious nature, that it is unclear at what level in the branch there was knowledge of the incident and because of a general problem regarding confidentiality in the branch,” Wilkinson wrote in the email.

Lantana's filing history with Danske bank for the period ending May 31, 2012 and Lantana's amended account, accessed during Wikinson's 2013 Christmas break.

After he described to the Danske officials his investigation’s findings, he emphasized these problems:

  • The bank knowingly continued to deal with a company that had committed a crime (probably there is some tax fraud here too).
  • An employee of the bank co-operated with the company to fix the “error.”
  • The bank continued dealing with the company even after it had committed another crime by submitting amended false accounts.
  • The bank in the first place managed to open an account for a dormant company — quite an achievement.

In the email, he summed up the problems:

  • The bank may itself have committed a criminal offense.
  • The bank can be seen as having aided a company that turned out to be doing suspicious transactions (helping to launder money?).
  • The bank has likely breached numerous regulatory requirements.
  • The bank has behaved unethically.
  • There has been a near total process failure.

Investigating three most profitable LLP clients

Wilkinson says he wanted to ensure that the Lantana case really was just a one-off. “So, being curious, I independently decided to dig a little more and looked at the accounts of three of the most profitable LLP clients in the branch,” he says. “They were all false and looked very similar to the previous one; they were inconsistent with actual activity levels and actual cash balances,” Wilkinson says. “These three also turned out to share the same registered address in the U.K. This was scary. It appeared there was something systemically really bad going on.” He sent a second whistleblowing report in January 2014 to the internal auditor who’d been tasked to look into the issues from Wilkinson’s first report.

Wilkinson says that for a while the internal audit investigations seemed to proceed properly. However, by the beginning of March 2014, it became clear to him that group management wasn’t going to take the necessary urgent action. He checked 12 additional profitable LLP clients. “All had the same registered address as the three in my second whistleblowing report,” he says. “All looked basically the same and were wholly inconsistent with actual activity on the bank accounts. ... In total, I looked at 16 large limited liability partnerships [LLP] clients — all with false accounts and 15 with the same registered address.

“Later that month [March], I made a third whistleblowing report [concerning these 12 additional LLPs],” he says. He then gave a fourth whistleblowing report to an executive board member and senior lawyer. “After a refreshing ski holiday, I returned to Estonia and, following advice from a leading Estonian lawyer, resigned in April. In my resignation letter I warned that, given the failure of the bank actually to do anything substantive, I was considering making my own report to the relevant authorities.”

Danish FSA eventually investigates

The Danish Financial Supervisory Authority (FSA) eventually began investigations after Wilkinson’s reports to Danske. “Danske Bank has historically not lived up to its obligations in the AML area,” according to a May 3, 2018, summary memo from the FSA to the Danske Bank board of directors and executive board.

The FSA wrote that Danske Bank Group’s internal audit department’s (GIA) Feb. 7, 2014, audit letter reported:

  • Some customers had companies that existed for less than two years in order to be able to avoid submitting financial statements.
  • The corporate structures were complicated with activities in countries of the former Soviet Union and companies in other countries, including tax havens.
  • The beneficial owners of companies that were customers of the branch were not known by the bank or were known but not registered in the relevant systems of the branch.
  • Branch management stated that the reason for the lack of identification of the beneficial owners was that the customers could experience problems if Russian authorities requested information.
  • The branch cooperated with nine unregulated Russian intermediaries on customers’ payments out of Russia. In this connection, as part of the transactions, the branch bought Russian bonds and entered into foreign exchange transactions with the intermediaries.

According to the Danish FSA memo, “In the period after the whistleblower [Wilkinson] report, there were several indications that members of the management and/or employees of the branch were colluding with non-resident customers in criminal activities or, at least, knew of such activities. The bank did not, however, investigate this, and there were no managers or employees who were dismissed or relocated because of such a suspicion.”

Wilkinson says that the Danish FSA never contacted him during its investigations, which a European Parliament report described as “grossly negligent.”

Subsequently, Danske Bank internally investigated itself in fits and starts with various work groups and GIA, and often reluctantly cooperated with the Danish FSA, according to the FSA memo. The Estonian FSA also conducted AML inspections at the Estonia branch and was “very critical in its reporting,” according to the memo.

In 2014, Danske’s executive board intended to close the Estonia branch’s non-resident portfolio, according to the Danish FSA memo, potentially by selling all or some of it, but it didn’t do so until January 2016. “It took more than one and half years from [Wilkinson’s] whistleblower report until the branch management was replaced after pressure from Estonian FSA,” according to the memo.

“It was not until September 2017 that the bank initiated an investigation into the extent of suspicious transactions and customer relationships due to the insufficient handling of AML at the branch, and in December 2017, the bank retained an external law firm to handle and supervise the investigation, that is, not until four years after the whistleblower report and after external pressure on the bank,” according to the Danish FSA memo.

“[Danske] management’s priorities and means of conduct have damaged the credibility and reputation of the bank,” the memo read. “Considering the bank’s systemic significance and international presence, the reputation of the Danish sector of financial institutions may be damaged as well.”

In May 2018, the Danish FSA ordered Danske’s “Board of Directors and the Executive Board to ensure that when there is suspicion of the bank’s managers or employees colluding with customers in criminal activities or knowing of customers’ criminal activities, the bank conducts adequate investigations and takes the suspicion into consideration on an ongoing basis when allocating tasks to these managers or employees,” among many other orders and reprimands.

Danske’s late report; reporter reveals Wilkinson

On Sept. 19, 2018, the Danish law firm, which Danske hired, released a report of the findings of its investigations into Danske’s Estonia branch. “The Bank has clearly failed to live up to its responsibility in this matter,” said Ole Anderson, chairman of the bank’s board of directors after the company released the report. “There is no doubt that the problems related to the Estonian branch were much bigger than anticipated when we initiated the investigations. The findings of the investigations point to some very unacceptable and unpleasant matters at our Estonian branch, and they also point to the fact that a number of controls at the Group level were inadequate in relation to Estonia.”

Danske’s law firm says in its report, page 15, that the investigation was neither impartial nor independent: “While accordingly this investigation is not presented as ‘impartial’, the investigation is following general principles laid out for impartial investigations by the Association of Danish Law Firms. In order to avoid misunderstandings, the investigation is also not presented as (fully) ‘independent’, although obviously Bruun & Hjejle has maintained its independence as required under the Code of Conduct for the Danish Bar and Law Society adopted by the General Council of the Danish Bar and Law Society.”

After the bank released the lawyers’ report, its CEO, Thomas F. Borgen, resigned that same day.

An Estonian newspaper reporter revealed Wilkinson as the Danske whistleblower in September 2018. Shortly after, the Danish Parliament and the European Parliament asked him to testify that November.

[Because investigations are ongoing, Wilkinson won’t confirm if he also sent his whistleblowing reports to government agencies. However, The Wall Street Journal said in an Oct. 4, 2018, article that a whistleblower had filed a confidential report on Danske Bank to the U.S. Securities and Exchange Commission (SEC) more than two years earlier. See Danske Bank Under Criminal Investigation by U.S. Justice Department, by Drew Hinshaw, The Wall Street Journal, Oct. 4, 2018.]

The Copenhagen international financial crimes unit brought charges against Danske on Nov. 28, 2018. (See Danske Bank charged in money laundering case, AFP, The Local, Nov. 28, 2018.)

In May 2019, Danish prosecutors “preliminarily” charged Borgen (who’d managed Danske’s international operations, including Estonia, between 2009 and 2012) and nine other Danske Bank officials and searched their homes. Danish prosecutors haven’t revealed the charges, and at publication time haven’t reported on the investigation’s status.

In February 2019, Estonian regulators ordered Danske to close its operations in Estonia. Danske then said it would also close its activities in Latvia, Lithuania and Russia. The bank had already closed the nonresident business line in Estonia. (See Danske Bank to Shut Estonia Branch, by Samuel Rubenfeld and Dominic Chopping, The Wall Street Journal, Feb. 19, 2019.)

On Feb. 21, 2019, Danske finally confirmed that the SEC is conducting a criminal investigation in relation to the Estonia money laundering case.

Aivar Rehe, CEO of the Estonia Danske branch, was found dead Sept. 18, 2019 in a suspected suicide. A police statement said it didn’t find any signs of violence nor an accident. (See Former Head of Danske Bank’s Estonian Branch Found Dead, by Dominic Chipping and Patricia Kowsmann, The Wall Street Journal, Sept. 25, 2019.)

Money-laundering prevention

Dr. Joseph T. Wells, CFE, CPA, founded the ACFE with the purpose of teaching fraud examiners not just to discover evidence but to prevent and deter fraud before it happens. Wilkinson knows that banks — with or without international branches — must help prevent money laundering before it metastasizes.

“The Danske Bank case really has two dimensions: the suspicious transactions themselves — the Estonia side of the story — and the failures at group level to prevent, detect or report — the Copenhagen side of the story,” Wilkinson says. “If we are talking about preventing money laundering before it metastasizes, we are really talking about the group level,” he says. “It may seem rather trite but a very good starting point for preventing money laundering surely is that a bank’s board hire a CEO, executive board members and a chief internal auditor … that actually discharge their duties regarding preventing money laundering properly.

“The most satisfaction would be if steps are taken proactively to stop things like this happening again,” he says. “We now have the EU Whistleblowing Directive that will come into force in 2021, and we have plans for an EU-level body to fight money laundering — given the failure of several national authorities.

“We now have a newly heightened awareness of money-laundering risks in several European countries that seemed to have regarded themselves as exempt. Maybe one other outcome will be a clarification and tightening of the responsibilities of U.S.-dollar correspondent banks,” he says.

“But there is much more to do — notably to tackle the abuse of U.K. limited liability partnership and special limited partnership businesses as front companies for suspicious activities and to focus attention on the enablers — lawyers, company formation agents and so on,” Wilkinson says.

‘Slide back into obscurity’

Wilkinson is now living a quiet life in the British countryside with his wife and young daughters. Since he was identified as the Danske whistleblower, he’s tried to keep a low profile. “It seems that some of the clients involved in the suspicious transactions are particularly unpleasant people,” he says. “So, necessary precautions need to be taken for my family and me. I’m not sure that I would be the most popular person were I to visit Estonia again in the next few years. … I’m hoping to slide back into obscurity with my family!”

Regardless of the inevitable changes in his life from blowing the whistle, Wilkinson feels satisfaction about his investigations and speaking up. “And I’ll have a lot more satisfaction if authorities manage to recover suspicious money and if and when those involved have been held to account,” he says.

Dick Carozza, CFE, is editor-in-chief of Fraud Magazine. Contact him at dcarozza@ACFE.com.