Danish Authorities Refer Nordea Finans Danmark for Criminal Investigation Over AML Failures

The Danish Financial Supervisory Authority, known as Finanstilsynet, has formally referred Nordea Finans Danmark A/S to the National Unit for Serious Crime for investigation over serious suspected violations of the country’s Money Laundering Act. The referral stems from an extensive inspection carried out in June 2023, which uncovered major shortcomings in the institution’s customer due diligence procedures. Regulators concluded that the company lacked sufficient understanding of the business relationships held with a large segment of its credit card customers, prompting a criminal report under section 78 of the national anti-money laundering framework. The findings point to deep-rooted weaknesses in how the institution assessed risk and documented customer intent within its operations.

The case represents a significant development in financial oversight across the Nordic region, as authorities intensify scrutiny of systemic compliance failures. According to Finanstilsynet’s conclusions, Nordea Finans Danmark A/S repeatedly failed to meet the essential obligations outlined in Section 11 and Section 30 of the Money Laundering Act. At the heart of the issue is the widespread issuance of credit cards to a large customer base without the legally required qualitative analysis. Effective anti-money laundering systems require institutions not only to verify customer identities but also to understand the rationale behind the financial products they request. In this instance, the company did not adequately investigate or record why many customers sought credit cards or how they intended to use them. This absence of insight created significant vulnerabilities, allowing potential illicit funds to be cycled through credit facilities without detection. Regulators emphasized that the documentation contained in customer files was insufficient to justify the establishment of these relationships, leaving the institution effectively unaware of the risks associated with these accounts. The failures were characterized as systemic rather than incidental, indicating a breakdown in internal controls rather than isolated errors. Authorities suggested that the company’s approach reflected a prioritization of rapid product distribution over adherence to mandatory legal safeguards designed to prevent financial crime.

The report further revealed that the deficiencies extended beyond documentation gaps to include a complete lack of proper risk assessment and classification for a substantial portion of customers. Under modern compliance standards, financial institutions are required to apply a risk-based approach to every client relationship, evaluating factors such as geographic exposure, occupation, and expected transaction behavior. Nordea Finans Danmark A/S failed to implement such measures, effectively treating high-risk and low-risk clients identically. This represents a direct breach of international anti-money laundering standards, as it prevents institutions from identifying and mitigating heightened risks associated with money laundering or terrorist financing. The absence of risk categorization is particularly concerning in the context of credit card services, which offer both liquidity and international reach. Without assigning risk levels, the institution could not apply enhanced due diligence where necessary, leaving potential threats unaddressed. Finanstilsynet made clear that these shortcomings go beyond administrative negligence, describing them as a failure to comply with the fundamental purpose of the AML legislation. By escalating the matter to the National Unit for Serious Crime, regulators have signaled that the issue may carry criminal consequences rather than remaining a purely supervisory matter. The case illustrates how even major financial institutions are expected to maintain rigorous compliance systems capable of identifying risks linked to their products and clientele. The lack of a structured risk framework also weakens the effectiveness of financial intelligence units, as it reduces the quality and reliability of suspicious activity reporting, ultimately undermining national efforts to combat organized crime.

Legal consequences for the company will center on section 78 of the AML Act, which allows for criminal liability in cases of systematic or severe violations. Authorities believe that the institution’s failure to implement adequate customer due diligence procedures may have opened pathways for illicit financial flows within Denmark. The National Unit for Serious Crime will now assess the scope of the deficiencies and determine whether they resulted from negligence or deeper organizational failures. The effectiveness of the financial system’s defenses depends heavily on banks and financial service providers acting as the first line of protection. When institutions neglect to establish the purpose and nature of customer relationships, the entire framework for detecting financial crime becomes compromised. Findings from the June 2023 inspection made it clear that Nordea Finans Danmark A/S lacked awareness of risk factors that should have been evident under standard compliance practices. This case also reflects a broader shift among European regulators toward stricter enforcement, moving beyond fines to pursue criminal accountability in cases involving systemic compliance breakdowns. The emphasis is increasingly on holding institutions responsible for enabling financial flows, rather than solely focusing on recovering illicit funds. As the investigation proceeds, attention is likely to turn to the company’s internal compliance culture and why previous warnings or audits failed to prevent these widespread deficiencies. For the wider financial sector, the message is unmistakable: proper documentation and risk classification are not optional procedures but essential components of lawful operation within both Denmark and the European Union.

The situation also highlights specific money laundering patterns that can emerge when credit card systems are inadequately monitored. These include the layering of funds across multiple credit cards to obscure origins, the rapid repayment of large balances using cash or third-party transfers, and inconsistencies between declared and actual card usage. Additional warning signs involve structured overpayments that create withdrawable positive balances, circular fund movements designed to simulate legitimate transactions, and frequent cross-border activity inconsistent with a card’s stated purpose. Such typologies underscore the importance of robust oversight and reinforce the risks posed when financial institutions fail to implement effective compliance controls.

By fLEXI tEAM