2019 was a rough year for European banks.
Setting aside the problems of Deutsche Bank, this spring, a scandal that started in a remote outpost on the frontiers of capitalism - the Estonian branch of Danske Bank, Denmark's largest lender - infected some of the biggest banks in Scandinavia, and exposed the holes in the European banking system that, for years, had been routinely exploited by criminals and corrupt politicians in the CIS.
Late last year, we learned about the troubles at Danske Bank, which allowed roughly $230 billion in potentially tainted money to flow through its now-shuttered Estonian branch. Indeed, the business, which Danske inherited during the takeover of Sampo Bank, had always been lucrative. For years, the bank's leaders had deliberately ignored it, fearing that scrutiny would uncover...welll...exactly what was uncovered. But that changed in 2018.
In the spring, the scandal spread to Swedbank and Nordea (the latter is the biggest bank in Scandinavia). Local regulators, as well as the DoJ, SEC and New York State, are still investigating the wrongdoing. Some of the investigations are said to have originated with the massive leak of client information from Panamanian offshore law firm Mossack Fonseca back in April 2016.
Now, Bloomberg reports, regulators in Tallin, Riga and Vilnius are opening up a new front in the war against money laundering in the European periphery: They're targeting payment service providers, which sometimes help criminals send money around the world at low costs, in addition to their state purpose of facilitating e-commerce.
We get the sense that the story was probably leaked to Bloomberg by regulators in the Baltic states, who are understandably trying to burnish their reputations after the string of banking scandals originating in the region. But many analysts and experts have argued that it's the broader European banking system, with its fractured system of oversight, that enables criminals to abuse the system.
And by exploiting one of the hottest trends in fintech, it shows that criminals are good at staying one step ahead of regulators.
Police in Estonia arrested the employees of GFC Good Finance Company this month over allegations of money laundering and embezzlement. GFC, which once controlled more than half of the $200 million market, had its license withdrawn earlier this year after authorities alleged that it had "seriously" violated KYC procedures.
In Lithuania, the central bank fined payment company MisterTango UAB $270,000 for violating AML and counter-terrorist financing rules in what authorities said was its third breach since 2016.
Regulators in Latvia are concerned that some local companies service clients with questionable backgrounds because of systemic weaknesses in banks' client-vetting systems.
As one regulator said, criminals need to clean their money somehow.
"Funds likely received through crime must be legalized somehow," said Krista Aas, representing the criminal police. "Using payment services is ideal for this."
Those fears are still evident today.
"E-money institutions and payment companies are a really big danger," Ilze Znotina, head of Latvia’s Financial Intelligence Unit, said in September.
But it looks like European regulators are trying to send a message: This door is also closed.