The Finance Intelligence Analysis Unit (FIAU) has ordered Novum Bank Limited to pay an administrative penalty of €89,516 and has also issued the entity with a reprimand and remediation directive over a number of breaches.

Novum Bank Limited is a private credit institution that operates under, and applies, the European Union banking regulatory framework. The bank is licenced and regulated by the Malta Financial Services Authority (MFSA) to operate outside Malta. It’s main two lines of products deal with card/store value as well as micro-lending.

Following an onsite compliance review carried out by the FIAU in 2019, the national financial intelligence and supervisory authority proceeded with taking action against the bank, flagging concerns with customer risk assessments, customer due diligence and ongoing monitoring.

Customer Risk Assessment

During a review of the CRAs and the CRA methodology applied by the Bank, it was noted that while the Bank had implemented a methodology to risk assess customers, this was not considered to be comprehensive enough, since although all the four risk pillars were being covered at times not all the risk factors were being taken into consideration. This in turn could have led the Bank to apply inadequate levels of CDD such as by classifying customers as low risk while another risk classification may have been more appropriate.

Providing an example of this, it was noted that the geographical risk being taken into consideration by Novum Bank when assessing risk levels of clients was limited to the residence of a customer without consideration to any connection customers might have with other jurisdiction.

Customer Due Diligence – Identification and Verification of Legal Persons

It was observed that in one file, the link between the corporate entity and the parent company had not been verified by independent sources. In their representations, the Bank confirmed the shortcoming.

However, argued that this was one instance out of many review files, whilst also confirming that this information would be publicly available on online domains. The committee acknowledged that since this shortcoming was only present in one file it was more of an oversight and that good measures for identifying and verifying corporate customers were in place. However, it could not overlook that this information had not been gathered by the Bank

Customer Due Diligence – Purpose and Intended Nature of the Business Relationship

The compliance review highlighted several files where the Bank did not gather enough information on the purpose and intended nature of business relationships it engaged in. From the reviewed files, officials observed that in three relationships involving individual lenders, the information held on file for them was deemed to be either generic or was not available on file.

Ongoing Monitoring – Scrutiny of Transactions

Whilst reviewing these corporate files, Officials took note of two corporate files, in which there was no underlying rationale behind the transactions conducted between the corporate entities and the respective third parties.

For a more detailed review of the FIAU’s rationale and key take aways, click here.

More than 1,500 Maltese companies post profits over €1 million

February 22, 2024
by Robert Fenech

The total number of firms that registered over €100,000 in profit in 2022 amounted to 5,044

First phase of Ħal Far race track receives Planning Authority approval

February 22, 2024
by Anthea Cachia

Works are expected to start in the coming weeks

Would you live here? Tiny studio apartment in Gozo sparks debate

February 22, 2024
by Anthea Cachia

‘If I had no money, I would be happy with a dry place and necessary equipment for an affordable price’