Anti-money laundering and terrorist financing
Everything Swedbank does should be characterised by high ethical standards, where Swedbank and its employees actively assess every transaction, relationship and activity from the standpoint of the bank’s ethical norms and positions. According to the Anti-Money Laundering Act (the Money Laundering and Terrorist Financing (Prevention Act), Swedbank is obligated, without delay, to report suspicions of money laundering or terrorist financing (SAR) to the Financial Intelligence Unit within the Swedish Police.
Intelligence and collaborations
For security work to be effective, access is needed to intelligence. Swedbank works with a number of public and private actors to track and understand threats to the financial sector. Swedbank’s security response team collaborates with others in the sector, in addition to police authorities. As a bank, Swedbank is obligated to report suspicions of market abuse such as insider trading, market manipulation and unlawful disclosure of inside information (MAR).
To prevent its payment systems from being exploited for criminal activity, Swedbank has built up a set of internal rules, processes and support functions to ensure that we comply with applicable laws and regulations in the area. Swedbank has an obligation to know all its customers, understand where their money comes from and why they want a relationship with the bank, to better detect unusual behaviour. Through the “Know Your Customer” process, where systems monitor transactions and reconciliations of customer databases against sanction lists, Swedbank minimises these risks.
Internal alerts process (”whistle blowing”)
For Swedbank it is important that irregularities within the Group are detected and addressed in time. For this reason an Internal alert process (“whistle blowing”) has been established within the Group, where employees can anonymously report suspected violations of internal or external rules. In 2018 a total of 58 reports were filed within the internal alerts process.
Swedbank has organised a central function responsible for coordinating and leading information security work. It is led by the bank’s Chief Information Security Officer (CISO) and maintains a management system for information security as well as functions for incident response and proactive security testing of the bank’s IT environment. Every business area also has Information Security Managers, who coordinate security work locally. Swedbank’s security and Incident Response team is a certified TF-CSIRT Trusted Introducer since 2010.
Training for employees
Swedbank is actively working to prevent financial crime, where the preventive work mainly consists of various trainings, guidelines and materials connected to the work. All Swedbank employees shall undergo an annual training on countering money laundering and terrorist financing, there are further in-depth training within the subject that are adapted to the type of role and tasks that the employee has. Furthermore, all Swedbank employees undergo a mandatory training within Swedbank's code of conduct and a general safety training.