Deutsche Bank: Criminal from the Top Down?

Another day, another Deutsche bank scandal. 

Given Deutsche Bank’s questionable reputation, it’s almost too easy of a subject.  However, this is a critical case.  It’s an example of the pressure compliance officers sometimes have to face, when it comes to choosing between doing what’s right and conforming to groupthink.  Let’s look at the facts.

In 2013, Deutsche Bank onboarded the now deceased Jeffrey Epstein as a client.  At that time, Epstein’s involvement in sex trafficking was already public knowledge.  He was a well-known, convicted sex offender who’s lawyers were able to negotiate a lax sentence.

During the onboarding, the KYC process revealed information on Epstein’s history.  The relationship coordinator, working on the case, prepared a memorandum for the relationship manager to send to the Co-Head and COO of the Wealth division at Deutsche Bank.  It included the following statement:

“Epstein was charged with soliciting an underage prostitution [SIC] in 2007,” that “[h]e served 13 months out of his 18-month sentence,” and that “[h]e was accused of paying young woman [SIC] for massages in his Florida home.” 

The statement also highlighted Mr. Epstein’s involvement in 17 out-of-court civil settlements related to his conduct in 2007. 

The relationship manager added an email to the memorandum, indicating they believed the relationship could attract cash flows of $100-300 million and an estimated revenue of $2-4 million, annually, over time.

The Co-Head of the Wealth division cleared the relationship, saying he spoke with the Head of AML Compliance — and the General Counsel — and neither of them objected, as long as nothing else would come up in KYC and AML.

Unfortunately, over the years, more would come up. 

Two of the most serious AML offenses were:

1. Sending transactions to known co-conspirators from the previous Epstein case
2. The structuring of cash withdrawals

Deutsche Bank did not act on these compliance breaches at the time.  And, the relationship with Epstein wasn’t terminated until 2018, after the Miami Herald published an article detailing the 2007 plea deal.

A company culture of willful blindness

Deutsche Bank has apologized for their conduct in regards to the Epstein case.  They acknowledge it was a mistake to onboard Epstein as a client, and confirm there are weaknesses in their process.  They also said they have learned from their mistakes and shortcomings and promised to invest one billion dollars into training, controls, and operational processes.  The bank has also added 1500 new employees to beef up its financial crime division.

Even still, while reading the New York State Department of Financial Services report about this case, there remains a feeling that Deutsche Bank has a lot more to deal with than mistakes and shortcomings.  The report details how — out of the numerous suspicious transactions on Epstein’s accounts – only a number would be questioned.  Additionally, the concerns of AML and compliance officers were repeatedly downplayed and ignored.

This isn’t the first time Deutsche Bank has been scrutinized by authorities.  Their reputation isn’t positive, but does that mean they’re an evil bank that employs bad people?

Structural change can’t be forced by sham measures

In an organization the size of Deutsche Bank, the effect of hiring 1500 new employees is hardly a drop in the ocean. These people and the billions of dollars invested in training, control, and processes won’t improve anything if the core of Deutsche Banks’ problems isn’t addressed. 1500 people and some corporate training can’t change the company’s culture. These 1500 people will learn how Deutsche Bank roles soon enough. And when they do, they will conform to it. Because that’s human nature.

It’s such a cliché but only because it’s true, especially in this case. The company culture needs to be changed from the top down. We would expect these new hires to include a couple of replacements for that to work. A new head of compliance. A new Co-Head and COO of the Wealth division. But what should these people do to change Deutsche Banks’ culture?

Creating a culture of ethical conduct

It’s easy to condemn Deutsche Bank for it’s misconduct. But, the truth of the matter is that anyone could fall into the trap of bad behavior—even good people. Certain social mechanisms influence people’s behavior. One powerful mechanism is that of social inclusion. People conform to what the majority of the group does to be included, which works the same in an organization. Knowing this, organizations should use it to work on creating a culture of ethical conduct.

In his book Why Good People Sometimes Do Bad Things, prof. dr. Meul Kaptein writes about the 7 factors that prevent unethical behavior. These are:

1. Clear expectations as to what ethical behavior is and isn’t.
2. Role-modeling the behavior you want to see.
3. Provide employees with equipment so they can achieve their goals, tasks, and responsibilities.
4. Treating people with respect and involving them in the organization.
5. Being transparent in behavior.
6. Openness to a discussion on viewpoints, emotions, dilemmas, and transgressions.
7. Enforcement of behavior in the form of rewards and sanctions.

We expect that the investments Deutsche Bank is planning, will have an effect on the third factor. And here’s where we see why Deutsche Bank is falling into the same trap over and over again. All seven factors need to be addressed for ethical behavior to become part of the company culture.

At the same time, we must not turn Deutsche Bank into the black sheep of the banking industry. As there are at least two glaring, industry wide issues that shouldn’t be ignored.

What can we learn from the Deutsche Bank – Epstein case?

The seven factors protecting against unethical behavior teach us two things about the structural issues in banking compliance. Two of the elements aren’t met within the banking industry as a whole. Those are the first determinator–clear expectations on ethical behavior– and, the third factor–providing employees with the equipment to properly do their work.

As much as we like to believe that compliance regulations set clear expectations on how banks are to fulfil their gatekeepers role, it isn’t. Especially the framework of KYC is problematic in this regard. Lawmakers have purposefully crafted KYC as a set of guidelines that aren’t too specific. The thought behind this is that they didn’t want banks to do the bare minimum only to comply with KYC. But also, the ever-changing rules that are hard to keep up with, make the entire compliance system confusing. This is something that’s seemingly out of the hands of banks, but it would be beneficial if they’d actively participate in discussions around setting compliance standards. Not from a perspective of trying to minimize the gatekeepers role but from a perspective of creating consensus with other banks around the world.

The other prominent problem in banking compliance is that compliance staff is crossed continuously when it comes to doing their work properly. There are far too many banks with understaffed compliance departments, outdated systems, and colleagues trying to push for transactions to be processed. It’s entirely within the hands of banks to solve these problems. It would mean prioritizing compliance. Even if there’s no clear return on investment.

Every Head of Compliance, COO, CFO, CEO and Board of every bank should absorb this information and work overtime on implementing it. Not only because being compliant is your duty. Also because customers expect it from you.