Skip to main content

Global Financial Institution Fines for AML, Data Privacy and MiFID Rise 27% in 2020

Fenergo, the leading provider of digital transformation, customer journey and client lifecycle management (CLM) solutions, today released its annual findings on global financial institution fines which show that in 2020, penalties have totalled $10.6 billion for non-compliance with Anti-Money Laundering (AML), Know your Customer (KYC), data privacy and MiFID (Markets in Financial Instruments Directive) regulations. The total volume of fines levied to financial institutions for these breaches was 759 compared to 97 in same period the year prior. The average value of enforcement actions against financial institutions for AML related compliance breaches was 35% lower than in 2019.

Notable findings of the annual report:

  • Landmark action against Goldman Sachs totalling $6.8 billion (from multiple regulators) for its involvement in 1MBD scandal – including the second biggest enforcement action imposed against one bank since 2015
  • Major Australian bank fined almost $1bn for its money laundering scandal with links to serious crimes
  • In 2019 nine fines amounting to $2.4 billion were issued by US regulators to foreign banks (UK and Italy) for sanctions violations. This year there was just one significant sanctions fine by the Office of Financial Sanctions Implementation (OFSI) to a UK bank for breaking Russian sanctions violations. It was the largest ever fine imposed by the regulator at $25.4 million
  • Approx. 212 individuals were fined $99.3 million in 2020 for AML and MiFID compliance breaches in the US, Europe and China
  • Global data privacy related fines exceeded $95.1 million

2020 was quite a momentous year for financial regulation. There have been two notable shifts, APAC has overtaken the US in terms of the value of enforcement actions for the first time since 2015 – driven by recent FATF activity and the repercussions of the 1MDB scandal, and there has been an increased focus on individuals being penalised than we have seen in previous years. In addition to imposing penalties on financial institutions, regulators and authorities in China, the UK and the US have held individuals accountable for compliance failings. While banks may hold reserves explicitly to settle enforcement actions, individuals will suffer a far greater personal impact. This along with greater whistleblowing protection and incentives will make a difference in tackling the industry-wide issue of financial crime.

Rachel Woolley, Global Director of Financial Crime at Fenergo


Regulators in APAC, including the Securities Commission Malaysia and AUSTRAC in Australia, were among those handing out the biggest enforcement actions to banks involved in the 1MBD scandal and the Australian bank embroiled in a high-profile money laundering scandal.  However, the U.S. Department of Justice was also more punitive this year, issuing enforcement actions totalling $1,924,071,850 to Goldman Sachs, Bank Hapoalim and Union Bancaire Privée.

Collectively, financial institutions headquartered in the US received the highest value of fines, accounting for $7,490,024,158.  The fines levied towards Goldman Sachs accounted for 91% of the US total.

It is estimated that fewer than 1% of criminal funds laundered through the financial system gets confiscated by authorities. The recent FinCEN files has proven that the industry must work better together to address this growing problem. We must establish a common best practice and replace onerous manual Know Your Customer (KYC) and Anti Money Laundering (AML) risk assessment and compliance processes with technology and tools that enable financial institutions, authorities and non-financial firms to better detect and prevent financial crime.

Marc Murphy, CEO, Fenergo


Countries that issued the most fines by value:

  • USA  $ 4,401,300,754
  • Malaysia $ 3,900,000,000
  • Australia $ 921,587,910
  • Sweden $ 550,169,770
  • UK $ 231,269,347

There was also a significant rise in the number of data privacy fines this year while the administrative sanctions handed out for MiFID violations are lower in volume and value compared to 2019. In 2020 a total of 34 fines were issued to financial institutions and individuals at the value of $7 million, compared to 2019 when two fines alone amounted to $81.5 million. On the data privacy side, while GDPR fines are comparable to 2019 at $1.7 million, the number of data privacy fines issued in the APAC region increased significantly with a large $529,027 fine issued in India and seven fines issued in China totalling $6,338,969. The most significant fine levied for data privacy was to Capital One for $80,000,000 by US regulator, Office of the Comptroller of the Currency (OCC), for its 2019 cloud data breach.

Click here to watch Fenergo’s recent webinar on the FinCEN files scandal.