10 March 2017
The Central Bank of Ireland imposes a fine of €125,000 on Drimnagh Credit Union Limited for breaches of the Credit Union Act 1997 and the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010
The Central Bank of Ireland (the “Central Bank”) has fined Drimnagh Credit Union Limited (“Drimnagh Credit Union”) €125,000 and reprimanded it for two breaches of the Credit Union Act 1997 (the “CUA 1997”) and five breaches of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (the “CJA 2010”). All seven breaches have been admitted by Drimnagh Credit Union.
The breaches of the CUA 1997 occurred from 1 August 2013 to 30 November 2014 and relate to the following:
- The prohibited payments to certain directors and a Board Oversight Committee member of Drimnagh Credit Union in breach of section 68 of the CUA 1997; and
- Failings in Drimnagh Credit Union’s systems of control in relation to the claiming, recording and approving of officers’ expenses.
In addition, the Central Bank’s investigation also found that for more than five years, from the enactment of the CJA 2010 on 15 July 2010 to 25 September 2015, Drimnagh Credit Union breached a number of key provisions of the CJA 2010. The five breaches identified by the Central Bank’s investigation represent significant and widespread failings in Drimnagh Credit Union’s anti-money laundering/countering of the financing of terrorism (“AML/CFT”) framework, particularly with regard to its implementation of policies and procedures, conducting customer due diligence, monitoring its dealings with members as well as the monitoring and management of its compliance with the CJA 2010.
Director of Enforcement, Derville Rowland, said:
“The credit union sector is an important and unique component of the Irish financial services industry. There are over 3.26 million credit union members in Ireland, with collective savings approaching €13.4 billion. Credit unions are established to enable members to save together and lend to each other at fair and reasonable rates of interest, operating on a not for profit basis and in accordance with the voluntary ethos of the sector.
Credit union members should be entitled to expect that the funds they have invested will be safeguarded, and that those charged with the stewardship of a credit union will ensure that any payments made to officers of the credit union, whether acting in a voluntary capacity or otherwise, will be done so in compliance with the applicable legislation. The making of prohibited payments to officers in breach of the CUA 1997, and the lack of robust systems of control in this regard, meant that Drimnagh Credit Union was failing in its primary purpose, to safeguard and protect members’ funds. This is highly concerning behaviour and breaches of this nature will not be tolerated by the Central Bank.
Credit unions are also required to comply with the provisions of the CJA 2010, using a risk based approach to assist them in implementing and adopting adequate policies and procedures appropriate to their business to prevent and detect the commission of money laundering and terrorist financing. It is unacceptable that Drimnagh Credit Union had no AML/CFT policies or procedures at all in place for a period of 11 months. When such policies and procedures were adopted, almost a full year after they should have been introduced, they were wholly inadequate in key areas such as customer due diligence, transaction monitoring, suspicious transaction reporting and training. In addition, Drimnagh Credit Union did not monitor and manage compliance with the policies once adopted and did not ensure they were internally communicated to staff members. Further, the failure by Drimnagh Credit Union to apply adequate identification and verification measures to members and to scrutinise their transactions meant that it was unable to properly fulfil its statutory obligations to monitor, identify and report unusual and potentially suspicious activity and created an unacceptable risk of money laundering and terrorist financing.
This is the third enforcement case which the Central Bank has taken against a credit union since the Administrative Sanctions Procedure became fully applicable to credit unions in August 2013. The fine and reprimand demonstrates that the Central Bank will not hesitate to take enforcement cases against credit unions to ensure the highest standards of regulatory compliance across the sector.
It is incumbent upon all credit unions, irrespective of their size or scale, to be aware of and to comply with all applicable regulatory requirements and to have robust systems and controls in place to ensure full compliance. Failure to do so can undermine the credibility and financial stability of the sector and the Central Bank will take action as appropriate where non-compliance is identified.”
Drimnagh Credit Union is a regulated financial service provider and is registered as a credit union under the CUA 1997. The principal activity of Drimnagh Credit Union involves the provision of financial services to 7,312 members.
The breaches were identified during on-site inspections of Drimnagh Credit Union by the Central Bank’s Registry of Credit Unions Division and Anti-Money Laundering Division in 2014. Following these inspections, an investigation was commenced in December 2015 by the Central Bank’s Enforcement Division.
The Central Bank identified two breaches of the CUA 1997, occurring between 1 August 2013 and 30 November 2014 and five breaches of the CJA 2010, occurring between 15 July 2010 and 25 September 2015. Details of the breaches are set out below.
CUA 1997 Breaches
Prohibited Payment of Remuneration
Section 68 of the CUA 1997 provides that credit unions shall not pay any remuneration (either directly or indirectly) to directors or to members of a principal committee of a credit union for any service performed by that person in their capacity as director or member. Such directors or members (who act as volunteers) are, however, entitled to be reimbursed for expenses necessarily incurred by them when carrying out a service on behalf of, or for the benefit of, the credit union where such expenses are approved by the credit union’s board.
Between 1 August 2013 and 30 November 2014, Drimnagh Credit Union made a number of payments, totalling €16,175.82, to directors and a Board Oversight Committee member in breach of Section 68 of the CUA 1997. These included payments made to directors and a Board Oversight Committee member both for services performed in their normal capacity (€1,498.33) and for expenses not necessarily incurred by them (€14,677.49), for example:
- payments made for attendance at an Irish League of Credit Unions AGM;
- claims for both an overnight and day allowance when only an overnight allowance should have been claimed; and
- payments made by way of ‘rounding up’ expenses whereby otherwise legitimate expense claims were increased to a round figure in excess of the actual underlying cost.
Accounting Records and Systems of Control
Section 108 of the CUA 1997 requires credit unions to keep proper accounting records and establish and maintain systems of control of its business and records. It is alleged that between 1 August 2013 and 30 November 2014, Drimnagh Credit Union did not maintain proper accounting records or maintain systems of control of its business and records in relation to the claiming, recording and approving of officer expenses. For example, Drimnagh Credit Union did not have a suitable Officer Expense Policy, expense claims were not appropriately approved, appropriate records were not kept and, in some instances, officers’ expenses were paid without the provision of documentary evidence from the claimant.
CJA 2010 Breaches
Policies and Procedures
A key feature in the effort to prevent the use of credit unions for the purposes of money laundering and terrorist financing is the adoption of adequate and robust policies and procedures as required by the CJA 2010.
Drimnagh Credit Union failed to adopt any policies or procedures to prevent and detect money laundering and terrorist financing until June 2011. Between June 2011 and September 2015, the policies and procedures it did adopt were inadequate, particularly in the following key areas: customer due diligence, transaction monitoring, suspicious transaction reporting and staff training. For example, the policies and procedures did not contain sufficient information and guidance to enable staff to meet Drimnagh Credit Union’s customer due diligence obligations as required by the CJA 2010.
Customer Due Diligence
In accordance with the CJA 2010, credit unions must identify and verify members both when they join and when the credit union has concerns relating to documents previously obtained for the purposes of identifying and verifying them. This customer due diligence process is a key control for money laundering and terrorist financing prevention and it is vital that credit unions undertake robust identification and verification of their members.
The Central Bank identified the following two failings in respect of Drimnagh Credit Union’s customer due diligence, namely:
- Section 33(1)(a) of the CJA 2010 requires credit unions to identify and verify the identity of new members prior to establishing a business relationship with them. Drimnagh Credit Union failed to apply adequate customer due diligence measures (i.e. obtaining evidence of address and/or identity) to certain of its members prior to establishing a business relationship with them; and
- Section 33(1)(d) of the CJA 2010 requires credit unions to complete customer due diligence prior to carrying out a service for an existing member where there are reasonable grounds to doubt that existing members’ documents and information are adequate and accurate for the purposes of verifying or confirming the members’ identity. Drimnagh Credit Union failed to apply adequate customer due diligence to certain of its existing members, prior to carrying out a service for them, where it had reasonable grounds to doubt the adequacy of the documentation or information previously obtained for the purposes of verifying the identify of those members (i.e. no evidence of address and/or identity held on file in respect of those members).
Monitoring Dealings with Members
Credit unions must monitor dealings with members with whom they have a business relationship in order to comply with section 35(3) of the CJA 2010. This involves scrutinising transactions, as well as the source of wealth or source of funds for those transactions, to determine whether or not the transaction is consistent with the credit union’s knowledge of the member and the member’s business and pattern of transactions. This is essential to enable credit unions to identify complex or unusual transactions which may merit further investigation to prevent and detect the risk of money laundering and terrorist financing.
A sample of files reviewed by the Central Bank as part of its investigation did not include information in relation to occupation or source of funds which meant that Drimnagh Credit Union did not have sufficient knowledge to enable it to scrutinise transactions with those members to determine if they were consistent with the credit union’s knowledge of the customer and their business and pattern of transactions.
Monitoring and Management of Compliance with the CJA 2010
Section 54(4) of the CJA 2010 requires credit unions to adopt policies and procedures setting out how they will monitor and manage compliance with and internally communicate the policies and procedures required under the CJA 2010.
Drimnagh Credit Union failed, over a period of five years and two months (from July 2010 to September 2015), to adopt policies and procedures in relation to the monitoring and management of AML/CFT compliance. Furthermore, Drimnagh Credit Union’s policies and procedures were not internally communicated to relevant staff.
PENALTY DECISION FACTORS
In deciding the appropriate penalty to impose, the Central Bank considered the following matters:
- The seriousness of the breaches of the CUA 1997 involving a number of prohibited payments and a total lack of internal controls in relation to the making of payments to officers.
- The widespread failure of Drimnagh Credit Union to implement a number of key requirements of the CJA 2010 and the lack of a robust framework to combat the threat of money laundering/terrorist financing.
- The extended period of time over which the breaches occurred, spanning the period from 15 July 2010 to 25 September 2015 (5 years and 2 months).
- The fact that the monetary penalty will be payable from Drimnagh Credit Union’s reserves and the level of reserves available.
The Central Bank confirms that its investigation into Drimnagh Credit Union in respect of this matter is now closed. Drimnagh Credit Union has taken steps to rectify the breaches identified in the Central Bank investigation.
1. The Credit Union Act 1997 is available on the Central Bank’s website www.centralbank.ie or to download here. The Administrative Sanctions Procedure became fully applicable to breaches of the Credit Union Act 1997 on 1 August 2013.
2. The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 is available on the Central Bank’s website www.centralbank.ie or to download here.
3. In May 2015, the Central Bank published the “Report on Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT) and Financial Sanctions (FS) Compliance in the Irish Credit Union Sector” which can be found on the Central Bank’s website www.centralbank.ie or to download here.
4. The Credit Union Handbook, the latest version of which was published by the Central Bank in January 2016, is available on the Central Bank’s website.
5. The fine reflects the application of the maximum percentage settlement discount of 30% as per the Early Settlement Discount Scheme set out in the Central Bank’s “Outline of the Administrative Sanctions Procedure” which is here.
6. Funds collected from penalties are included in the Central Bank’s Surplus Income, which is payable directly to the Exchequer, following approval of the Statement of Accounts. The penalties are not included in general Central Bank revenue. In 2015 the Central Bank’s Surplus Income amounted to €1,795.2 million (2014: €1,708.8 million), all of which was paid to the Exchequer.