Wednesday, June 15, 2022

Deutsche Bank CEOs undermined AML systems to keep ultra-rich, but risky clients

By Rodney F. Tonkovic, J.D.

A complaint alleging that top Deutsche Bank executives overruled compliance staff to keep or continue relationships with rich, but risky clients, such as Jeffrey Epstein and Russian oligarchs survived dismissal. According to the complaint, Deutsche Bank's former and current CEOs were personally involved in securing relationships with very rich but high-risk clients for the bank's wealth management business and that these clients were essentially not vetted at all. Despite this practice, the CEOs signed statements describing the bank's efforts to strengthen its anti-money laundering and know-your-customer processes. The court found that that the complaint adequately alleged that the CEOs know about the deficiencies in the banks practices that made their statements false and misleading (Karimi v. Deutsche Bank Aktiengesellschaft, June 13, 2022, Rakoff, J.).

Risky business. This securities fraud suit arises from the requirement that Deutsche Bank maintain anti-money laundering ("AML") and know-your-customer ("KYC") systems to prevent money laundering. The complaint alleged that several recent Deutsche Bank CEOs and CFOs misrepresented the bank's AML and KYC processes between March 2017 and May 2020. Specifically, allegations from eleven confidential witnesses working in the bank's compliance department describe that the procedures did not work as described, or, in the case of certain rich and risky clients, were effectively nonexistent.

According to the confidential witnesses, Deutsche Bank executives routinely overruled the AML and KYC staff when it came to doing business with high-risk and politically-exposed clients. These clients included convicted sex trafficker Jeffrey Epstein, notorious Russian oligarchs, founders and funders of terrorist organizations, and people associated with Mexican drug cartels. Despite identified risks, the complaint says, the decision to take these risky clients on board through the bank's wealth management business was made at the highest levels. These clients were then given special exceptions from the KYC procedures because of the amount of business they generated. Despite internal audits finding AML and KYC deficiencies, the Deutsche Bank defendants made public statements that the bank was exiting risky relationships while strengthening its on-boarding process for higher-risk clients, including specifics about strict KYC procedures. When Deutsche Bank's relationships with these clients were revealed, its stock lost value and harmed the investor plaintiffs.

Beyond puffery. Deutsche Bank first argued that the challenged statements were merely aspirational or puffery. The court disagreed, finding that the statements went beyond mere puffery because they provided specific descriptions of the bank's client-vetting processes and continuous monitoring that the complaint alleged were routinely ignored or did not exist in practice for certain high-net-worth and politically connected clients. And, this failure to apply policies was material because these clients were a likely source of problems.

Deutsche Bank then asserted that its failures were already well-known to investors. The bank argued that the complaint relied on a number of news articles and government reports revealing that its AML and KYC processes had failed to stop criminals from laundering money and that Deutsche Bank itself had acknowledged "weaknesses" over the years. The court rejected the suggestion that Deutsche Bank's general disclaimers could be used to substantively mitigate the effect of specific alleged misrepresentations. Plus, as a procedural matter, the "truth-on-the-market" defense is generally inappropriate for dismissal on the pleadings because of its fact-specific nature.

Falsity alleged. Deutsche Bank then contended that the complaint failed because it did not allege that the bank never reviewed or attempted to improve its processes. The court acknowledged that there was something to this argument because some of the challenged statements spoke only about the bank's efforts to improve. But even these statements could be misleading where the efforts to improve screening were systematically undermined by executives seeking to on-board ultra-rich clients; the allegations in this case went beyond mere mismanagement. The court therefore concluded that the complaint adequately alleged falsity because the challenged statements allegedly misrepresented the bank’s AML and KYC practices, not just that its management failed to successfully implement in all cases policies that were generally adequate and appropriately described.

Scienter for CEOs. Finally, the court found that the complaint alleged scienter against Deutsche Bank's CEOs, but not against its CFOs. During the time at issue, John Cryan was Deutsche Bank's CEO until April 2018, and he was succeeded by Christian Sewing, who still holds that position. The complaint identified several reports of investigations by government regulators and settlements that provided red flags pointing to deficient AML and KYC practices as applied to high-risk clients. It was sufficiently plausible at this stage to the court that the CEOs, by virtue of their positions, were aware of these proceedings, and Sewing was specifically alleged to have been aware of them. In addition, there were news reports of internal audits to which Deutsche Bank replied by publicly denying that its systems were deficient, and such denials are sufficient to support an inference of scienter. Allegations by confidential witnesses that the top executives were personally involved in the decisions surrounding high-risk clients bolstered the inference of scienter. However, the court found that the complaint alleged no connections between Deutsche Bank's CFOs and the deficiencies at issue and dismissed the claims against them.

The case is No. 22-cv-2854.