London Daily

Focus on the big picture.
Thursday, Jul 24, 2025

Questionable Client: Lessons From Deutsche Bank's Epstein Fine

Questionable Client: Lessons From Deutsche Bank's Epstein Fine

Banking high-risk clients can be difficult enough for financial institutions. Banking wealthy, and notorious sex offenders can be not only difficult, but costly too.

Such was the basic lesson Deutsche Bank (DB) learned earlier this month, after the New York State Department of Financial Services (DFS) imposed a $150-million monetary penalty against the lender over its failure to properly mitigate the financial-crime risks of its client Jeffrey Epstein. The agency, which also cited compliance failings linked to Deutsche Bank’s relationships with Danske Bank Estonia and FMBE Bank, concluded that the German institution “inexcusably failed to detect or prevent millions of dollars of suspicious transactions” involving Epstein.

The DFS consent order recounts how the bank went wrong “despite knowing Mr. Epstein’s terrible criminal history”, and offers a number of important lessons for compliance teams reviewing high-risk customers of their own.

Relationship onboarding

DB initiated its relationship with Epstein and his related entities in August 2013 and maintained it until December 2018, when the relationship was terminated due to renewed negative media coverage over his past criminal conduct. Even before commencing the relationship, there had been widespread media reports of Epstein’s trafficking and abuse of underage women. In September 2007, Epstein was convicted in Florida of two prostitution charges, including the solicitation of a minor to engage in prostitution.

A related deferred prosecution agreement made public in 2009 revealed details that Epstein may have conspired to use interstate commerce to induce minors to engage in prostitution, to engage in illegal sexual conduct with minors and to traffic minors. The agreement also showed that prosecutors produced a list of alleged “victims” and that Epstein funded their legal costs. The media continued to publish articles, on a regular basis, about Epstein and his activities up to and beyond August 2013 when DB onboarded Epstein as a client.

In December 2012, a Relationship Manager (RM1) joined DB from another institution where he had previously overseen Epstein’s accounts. RM1 suggested to DB management that Epstein could be a lucrative client who could generate millions in revenue and who facilitate introductions to his wealthy associates.

As expected, DB conducted due diligence on Epstein prior to onboarding. A memo sent to senior DB management noted Epstein’s 2007 criminal conviction, his 18-month prison sentence and 17 out-of-court civil settlements linked to the conviction. RM1 opined that, over time, there could be investments of $100-300 million generating revenues of $2-4 million. Although DB had a Reputational Risk Committee (RRC) in the US, it did not discuss nor consider any reputation risk posed by an association with Epstein.

Onboarding occurred in August 2013 with brokerage accounts opened for Epstein-linked companies based in the British Virgin Islands in order to hold marketable securities and cash, and to invest with the bank over time. Eventually, there were over 40 Epstein linked accounts held at DB. A compliance officer approved the initial onboarding based on an email sent by a senior manager who, after consulting both DB’s US General Counsel and the US Head of Compliance, approved the onboarding in principle, subject to the due diligence exercise not revealing any concerns. The compliance officer failed to speak to any of his senior colleagues prior to granting his own onboarding approval.

Suspicious transactions

As the Epstein relationship was deemed to be “high-risk” and as he was assessed to be a “Honorary PEP” due to his known links to senior politicians, the Epstein accounts were subject to enhanced transaction monitoring. However, such monitoring did not address the individual risks posed by Epstein.

In January 2014, DB opened a bank account for the Epstein-linked “Butterfly Trust”. The account’s stated purpose was to pay taxes and trust fees. The Trust’s beneficiaries included some of Epstein’s co-conspirators and several women with eastern European names. When questioned by DB, Epstein said the beneficiaries were employees or friends. At the point of onboarding, DB learned that one beneficiary was a female co-conspirator of Epstein. However, the account was approved based on the original earlier email from a senior manager and because the female co-conspirator had not been tried or convicted in a criminal court.

The Butterfly Trust account was used to make 120 payments totalling $2.65 million to the beneficiaries for their rent, expenses and tuition. More suspiciously, the Trust account was used to pay $7 million in multiple legal settlements via many law firms and to pay $6 million in legal fees for Epstein and his co-conspirators.

Questions raised

By early 2015, Financial Crime staff escalated concerns following media reports that a 2008 plea bargain by Epstein would be made available to his alleged victims, highlighting his links to a former senior US politician as well as to a member of a European royal family. Despite the nature of the allegations, a senior manager accepted without question Epstein’s observations on these media reports.

The RRC considered the Epstein accounts in January 2015, but contrary to bank policy, no minutes of their deliberations were taken. Immediately following the meeting, a Committee member emailed a colleague that the Committee was “comfortable with things continuing” and that another Committee member “noted a number of recent sizable deals”.

Poor internal communications

A few days after the RRC meeting, a Committee member outlined, via an email to senior colleagues, the three conditions the RRC placed on continuing the business relationship. Firstly, transactions need not have Compliance pre-approval provided that the business assessed that the trades weren’t suspicious, unusual, used a novel structure or very large. Secondly, the business monitored the transactions to ensure compliance with the first condition. Finally, accounts could be opened where DB’s US Wealth Management Division had approved the activity.

Although these conditions were widely circulated through DB in New York, including to the bank’s US CEO, they were not communicated to Epstein’s relationship team, which continued to conduct business in the same manner as before. This failing was significantly compounded when a compliance officer interpreted the first RRC condition as being assessed against Epstein’s previous dealings rather than being assessed objectively. This interpretation was communicated to the transaction monitoring team. For example, a March 2017 transaction alert on payments to a Russian model and agency was closed as being “normal for this client” and hence not suspicious.

The compliance officer further instructed the transaction monitoring team to verify, using Internet searches, that any female linked to an Epstein payment was aged 18 or over, and to only flag those transfers for which there was no discernible rational transaction. This instruction had little effect on DB’s relationship with Epstein.

More red flags ignored

In January 2016, an accountant representing Epstein requested an account be opened for Gratitude America, Epstein’s private charity. The RRC Secretary ordered that an external due diligence report on Epstein be commissioned. When the relationship team requested additional information from the accountant to assist the exercise, they were advised that Epstein had resigned from the charity and hence the new account was no longer needed. As a result, no due diligence report was produced.

A new Relationship Manager (RM2) replaced RM1 in April 2016. Although RM2 had reviewed the Epstein KYC file and he was aware of the reference to the RRC, he was not aware of the three RRC conditions on continuing the Epstein relationship.

A May 2018 transaction alert was raised about payments to accounts in the names of eastern European women at a Russian bank. An Epstein accountant advised RM2 that the payments were for tuition fees. When a compliance officer queried why the account was being used for tuition fees, RM2 said that Epstein’s staff used any account that was in credit to make payments on his behalf.

Suspicious cash transactions

Between 2013 and 2017, Epstein’s personal lawyer withdrew $7,500 in cash two or three times per month from a New York DB branch. In total, there were 97 such withdrawals. The bank’s limit for withdrawals by a third party on an account was $7,500. When queried, the lawyer explained the payments were for travel, tipping and expenses.

In 2014, the lawyer inquired into how much he could withdraw on Epstein’s behalf without DB being required to submit a report to the US authorities. It is unclear whether DB responded to the query. In 2017, the same lawyer further inquired whether a withdrawal of $10,000 would generate a report to the authorities. Following an affirmative response, he split the withdrawal over two days.

DB compliance staff discussed the constant cash withdrawals and their reporting obligations with the lawyer. Nevertheless, Epstein’s lawyer reassured DB that all was well, so much so that DB continued to permit the cash withdrawals. In 2017, on one occasion, the lawyer withdrew $100,000 in cash explaining it was needed for tipping and household expenses.

Over a four-year period, the lawyer withdrew $800,000 in cash. Although DB met their legal obligations by submitting cash reports to the authorities, it readily accepted the explanation that the withdrawals were for tipping, travel and household expenses.

What lessons can be drawn?

DB terminated its relationship with Epstein in December 2018 following a media report the previous month setting out his 2008 plea bargain. This episode provides numerous lessons that compliance officers can learn from.

Firstly, where an institution decides to conduct business with a high-risk client, it must tailor its due diligence and transaction monitoring to mitigate the risks posed by that particular client rather than seeking to mitigate generic risks.

Secondly, DB failed to adequately monitor Epstein’s account activity for the type of activity that Epstein was notorious for, although the bank was aware of his criminal conviction, prison sentence and the allegations against various co-conspirators. Despite this knowledge, DB failed to block payments to the named co-conspirator and the young women, or to effectively probe why Epstein needed $200,000 in cash withdrawals per year.

Thirdly, the failure by DB to “join the dots” between their knowledge of Epstein’s past and his account activity, and thus consider whether there were any grounds for suspicion, represents a “major compliance breach” in the view of DFS.

Finally, these substantive breaches were compounded by a series of procedural failings. The initial onboarding was not reviewed by the RRC, itself a breach of DB policy. Instead, approval was granted by an email based on two offhand conversations. That initial email was later used as the basis to open further Epstein accounts. When the RRC subsequently considered the issue, they were satisfied upon the basis of an undocumented meeting between Epstein and two front office staff. Again, bank policy was breached as the RRC deliberations went undocumented. The three RRC conditions on the Epstein relationship were not communicated to relevant staff or were misinterpreted.

Across the world, many banks have been sanctioned for unknowingly failing to identify high-risk clients. In this case, Deutsche Bank staff were aware they were dealing with a high-risk client, but were perhaps driven by business considerations and failed to adopt a suitably sceptical mindset when dealing with him. Those banks with historic links to Epstein should consider consulting their lawyers while all banks should assess whether they have properly implemented controls to mitigate all the risks introduced by their risky clients.

Newsletter

Related Articles

0:00
0:00
Close
TSUNAMI: Trump Just Crossed the Rubicon—And There’s No Turning Back
Over 120 Criminal Cases Dismissed in Boston Amid Public Defender Shortage
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
The Podcaster Who Accidentally Revealed He Earns Over $10 Million a Year
Trump Announces $550 Billion Japanese Investment and New Trade Agreements with Indonesia and the Philippines
US Treasury Secretary Calls for Institutional Review of Federal Reserve Amid AI‑Driven Growth Expectations
UK Government Considers Dropping Demand for Apple Encryption Backdoor
Severe Flooding in South Korea Claims Lives Amid Ongoing Rescue Operations
Japanese Man Discovers Family Connection Through DNA Testing After Decades of Separation
Russia Signals Openness to Ukraine Peace Talks Amid Escalating Drone Warfare
Switzerland Implements Ban on Mammography Screening
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
Pogacar Extends Dominance with Stage Fifteen Triumph at Tour de France
CEO Resigns Amid Controversy Over Relationship with HR Executive
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
NVIDIA Achieves $4 Trillion Valuation Amid AI Demand
US Revokes Visas of Brazilian Corrupted Judges Amid Fake Bolsonaro Investigation
U.S. Congress Approves Rescissions Act Cutting Federal Funding for NPR and PBS
North Korea Restricts Foreign Tourist Access to New Seaside Resort
Brazil's Supreme Court Imposes Radical Restrictions on Former President Bolsonaro
Centrist Criticism of von der Leyen Resurfaces as she Survives EU Confidence Vote
Judge Criticizes DOJ Over Secrecy in Dropping Charges Against Gang Leader
Apple Closes $16.5 Billion Tax Dispute With Ireland
Von der Leyen Faces Setback Over €2 Trillion EU Budget Proposal
UK and Germany Collaborate on Global Military Equipment Sales
Trump Plans Over 10% Tariffs on African and Caribbean Nations
Flying Taxi CEO Reclaims Billionaire Status After Stock Surge
Epstein Files Deepen Republican Party Divide
Zuckerberg Faces $8 Billion Privacy Lawsuit From Meta Shareholders
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
SpaceX Nears $400 Billion Valuation With New Share Sale
Microsoft, US Lab to Use AI for Faster Nuclear Plant Licensing
Trump Walks Back Talk of Firing Fed Chair Jerome Powell
Zelensky Reshuffles Cabinet to Win Support at Home and in Washington
"Can You Hit Moscow?" Trump Asked Zelensky To Make Putin "Feel The Pain"
Irish Tech Worker Detained 100 days by US Authorities for Overstaying Visa
Dimon Warns on Fed Independence as Trump Administration Eyes Powell’s Succession
Church of England Removes 1991 Sexuality Guidelines from Clergy Selection
Superman Franchise Achieves Success with Latest Release
Hungary's Viktor Orban Rejects Agreements on Illegal Migration
Jeff Bezos Considers Purchasing Condé Nast as a Wedding Gift
Ghislaine Maxwell Says She’s Ready to Testify Before Congress on Epstein’s Criminal Empire
Bal des Pompiers: A Celebration of Community and Firefighter Culture in France
FBI Chief Kash Patel Denies Resignation Speculations Amid Epstein List Controversy
Air India Pilot’s Mental Health Records Under Scrutiny
Google Secures Windsurf AI Coding Team in $2.4 Billion Licence Deal
Jamie Dimon Warns Europe Is Losing Global Competitiveness and Flags Market Complacency
South African Police Minister Suspended Amid Organised Crime Allegations
Nvidia CEO Claims Chinese Military Reluctance to Use US AI Technology
×