Confidential banking documents obtained by OCCRP show how DNB and Nordea, ignoring risks and red flags, banked shady clients at their Baltic branches as they shifted billions in suspicious transactions.
In May 2019, auditors concluded investigations into high-risk clients of Luminor, which had been formed by a merger of the Baltic branches of DNB and Nordea.
They discovered billions may have been laundered through suspect accounts at the legacy banks.
The first report found 3.9 billion euros in problematic transfers, including “unexplained wire activity” and more. A further 17.3 billion euros warranted more investigation, it said.
The audits, never before revealed, detail dozens of questionable clients that had banked with Nordea and DNB, including oligarchs and suspected money launderers.
In 2016, Finnish bank Nordea and Norwegian bank DNB announced they would merge their Estonian, Latvian, and Lithuanian branches to form Luminor, which would become the third-biggest bank in the Baltic states, with more than a million clients.
Luminor’s chairman said the following year that the merger, which brought together six of Nordea and DNB’s divisions across the region, would lead to better opportunities for locals. On paper, the deal was so tantalizing that the giant American investment fund Blackstone bought a 60 percent stake in Luminor in 2018, leaving Nordea and DNB with 20 percent each.
But while all this was unfolding, OCCRP and Danish newspaper Berlingske
exposed a vast money laundering operation in the Baltic operations of Danske Bank. These were initially meant to form part of the DNB-Nordea merger, but were dropped as a result of the scandal.
Pressed by Finnish media, the then-CEO of Nordea, Casper von Koskull, denied his bank had any issues at its Baltic branches.
“There has never been any suspicion of money laundering against Luminor and the amount of international transactions in the bank is very small,” he told newspaper Helsingin Sanomat in October 2018.
OCCRP has now obtained two never-released audit reports that found billions of dollars may have been laundered through Nordea and DNB banks before the merger. The reports, concluded in May 2019 by a team of internal auditors and by U.S.-based consulting company Alvarez & Marsal, combed through a decade’s worth of records covering 1.6 trillion euros of transactions in the six banks that had merged.
The first audit identified some 3.9 billion euros of problematic transfers, including “high-volume transactions with counterparties associated with potential financial crime schemes, unexplained wire activity, shell companies, and adverse media.” A further 17.3 billion euros warranted more investigation, it said.
Former CEO of Luminor, Erkki Raasuke, ordered audits of his bank after seeing the fallout from the Danske Bank money laundering scandal.
Priit Simson/Ekspress Meedia
The auditors’ findings detailed dozens of shady clients that had banked with Nordea and DNB, including suspected money launderers and Russian oligarchs.
Erkki Raasuke, then-CEO of Luminor, said he ordered the reports after seeing the fallout from the Danske Bank money laundering scandal. “We realized that we must have the answers if we are to be asked at some point. The question was not whether we liked these answers or not, but that we must have them,” he said.
Yet the reports’ explosive findings were never made public. The head of Transparency International’s Lithuanian branch, Sergejus Muravjovas, said they should have been.
“We’ve got … red flags, data that shows this is likely to be a problematic situation,” Muravjovas told OCCRP. “Is this a question of resources, reporting, or miscommunication? Or is it simply a consequence of the bank’s culture, where some risky actions — since it was big money — were in principle tolerated?”
Luminor said that the bank “engaged with all relevant regulators” throughout the development of the report and shared the findings “where appropriate.” The bank declined to confirm if it carried out further investigations after the audits, but said it didn’t find any systemic weaknesses in its approach to managing customer risk as part of the review.
Nordea didn’t respond to specific questions from reporters, but emphasized the need for a “closer collaboration between banks and authorities to identify and prevent financial crime.”
“There have been no measures from the authorities against banks we have owned in the Baltics,” a spokesperson for DNB told Aftenposten. “We are not allowed to reveal investigations, indications of money laundering, or which transactions that are reported to the police.”
A DNB Client Who Bribed With “FSB Money”
In June 2016, prominent Russian opposition politician Nikita Belykh walked into a Moscow restaurant. A short while later, he was arrested with some 150,000 euros in cash laid out on the table in front of him.
The pile of money was part of some 400,000 euros in bribes that Belykh was convicted of receiving while he was a regional governor in Russia. Though Belykh maintained that the money was meant for local projects, a Russian court sentenced him to eight years in prison after the man he met in the restaurant testified against him.
That man, a German citizen named Juri Sudheimer, confessed last year to Swiss investigators, who interviewed him for a fraud case he brought against a former business partner, that the money he gave Belykh came from agents from Russia’s security service, the FSB.
A picture released by the Russian Investigative Commitee shows Nikita Belykh with thousands of euros of cash laid out on the table.
Russian Investigative Commitee
“That fraudster forced me to give him money,” Sudheimer said, according to a transcript obtained by Siena. “But the bribe received by Nikita Belykh did not belong to me. It was the FSB’s money.”
Contacted by reporters, Sudheimer said the phrase “FSB’s money” had been taken out of context, though he did not explain how. “All the actions of the investigation were carried out in accordance with the laws and procedures of the Russian Federation,” his office said in a statement.
Sudheimer’s engine lubricant company, SCT Lubricants, was also a client of DNB in Lithuania, one of the Luminor audits found.
And Russia wasn’t the only repressive regime he worked with. According to auditors, SCT Lubricants used accounts at DNB to do business with an oil refinery belonging to Belarus’ government called Naftan.
Naftan was sanctioned by the U.S. in August 2011 after Lukashenko launched a brutal crackdown on dissidents following a disputed election. The audit found SCT Lubricants made 9.93 million euros’ worth of transactions with Naftan through DNB Lithuania accounts after this date, continuing up until September 2017.
Dimitri Ignatov, SCT Lubricants’ CEO, said European Union sanctions were only imposed this month, so the company had not violated them when it dealt with Naftan. The company said it had only bought raw materials from Naftan, and it “complies with the requirements of international sanctions set by … Lithuania, the EU, the United Nations and the United States.”
The SCT Lubricants facility in Klaipėda, Lithuania.
In total, the auditors found 2.7 billion euros flowed through SCT Lubricants’ DNB accounts between 2008 and 2018. Of this, they flagged 217 million euros of potential “exposure” due to money laundering concerns, identifying multiple payments from the Commonwealth of Independent States and large money flows to and from tax havens.
These included 47 transactions worth more than 16.19 million euros and $25.88 million between DNB accounts and four shell companies: St. Anne Limited, Yispi Trading Inc, Efi Partners S.A. and Yispi Efi Partners LLP. Including $6.4 million that SCT Lubricants paid to Yispi Trading in 2017-18, a total of $32.36 million moved between the companies.
The auditors could find no reasonable explanations for SCT Lubricants’ dealings with these companies, all of which banked in
the financial secrecy haven of Switzerland. But reporters established that all of them were all at some point connected to Sudheimer’s company.
Muravjovas of Transparency International Lithuania said these transactions should have been treated, “at the very least,” as “indicators of high-risk activities.”
“If offshore companies are involved, it is already a red flag,” Muravjovas said.
James O’Brien (OCCRP)
SCT Lubricants said that as a manufacturer making products for export, “large financial operations with foreign companies are common in the company’s commercial activity.” “All financial operations are conducted … based on contracts and documents,” it said in a statement.
The company said that it was never informed about “any probable or alleged risks” related to money laundering in its operations, saying the information reporters found in the audit was “not true and reliable.”
The internal audit report stated that a board decision was needed in order to assess the risks identified with SCT Lubricants. Ignatov, SCT’s CEO, confirmed that the company had stopped banking with Luminor, but said it was a mutual decision.
“We didn’t argue that. We simply parted ways,” he said.
Luminor said it “has extensive anti-money laundering controls in place, and is fully committed to ensuring that its compliance policies and processes reflect the latest learnings in the ongoing global fight against money laundering.”
DNB told Aftenposten: “As an owner, our experience is that Luminor has worked actively over time to strengthen efforts against financial crime and money laundering. This is a development DNB has supported.”
🔗Under The Hood At SCT Lubricants
The data shows that dealing with anonymous shell companies was routine for SCT Lubricants, including businesses that appeared in well-known money laundering operations.
Auditors found 11 U.K.-based LLPs registered under similar addresses, sending wires to multiple clients. Eighty-two of the 87 wires were related to SCT Lubricants, and included millions of dollars worth of transactions with companies exposed in known money-washing scams.
Reporters also found other connections between these companies and huge money laundering schemes, known as laundromats, that OCCRP discovered were operating out of Azerbaijan and Russia.
Leaked banking data show SCT received a $100,000 payment from Seabon Ltd, a major money vehicle exposed in OCCRP’s Azerbaijani Laundromat investigation. The auditors also found at least two more companies that appeared in the Azerbaijani Laundromat data.
Meanwhile, Sudheimer’s Lithuanian venture received multiple payments from two suspect companies, Diron Trade LLP and Wontep Invest LLP. Diron surfaced in media reports as one of the companies used in the vast Russian money laundering scheme uncovered by the late Sergei Magnitsky. Wontep, the reports said, was owned by two Belize-registered companies that the auditors noted controlled other U.K. companies from the Azerbaijani Laundromat.
SCT Lubricants said the company “had no relationship or transactions with the mentioned companies”. “We have checked the banking statements, none of the companies you mentioned has made payments to the account of SCT Lubricants,” the statement said.
Other companies doing business with SCT Lubricants included multiple firms affiliated with Erik Vanagels and Inta Bilder,
two well-known Latvian proxies who were used to set up hundreds of shell companies, many of which have had money laundering ties.
SCT’s CEO Dimitri Ignatov said he could not comment on these dealings. “I can tell you we’re working with the entire world. We are receiving money from across the globe,” he said.
Sanctions and SARs
Client profiles in the audit report showed Nordea’s Latvian branch also banked Russian oligarchs who were sanctioned by Ukraine following the 2014 invasion of Crimea.
These included Alexey Mordashov — the billionaire chairman of and main shareholder in steel and mining giant Severstal — and Russian-Belarussian tycoon Dmitry Mazepin, who until recently controlled chemicals company Uralchem. Both were also sanctioned this year by the U.S. and EU following Russia’s invasion of Ukraine.
Alexey Mordashov, the chairman of one of Russia's largest steel and mining companies, banked with Nordea.
ZUMA Press, Inc./Alamy Stock Photo
One relationship manager from Nordea Estonia worked regularly with a representative of a group of companies belonging to Yuri Butok, a former lieutenant colonel in the Soviet army and one-time head of the Russian Central Bank’s Estonia branch. The representative requested to work with a particular relationship manager at the bank, who then made “unusual cash deposits significantly higher than current salary,” the audit said.
In total, it found that Butok’s companies were able to move more than 947 million euros through Nordea Estonia, even though they had no employees, paid no taxes, and had no physical headquarters.
After the auditors discovered this, Luminor Estonia filed a suspicious activity report, known as a SAR, with the country’s financial regulator about the relationship manager, but he or she had already left the bank at that point.
Estonia’s Financial Supervisory Authority referred media to a vague press release about an on-site inspection at Luminor that concluded in August 2021, which required the bank to improve its anti-money laundering systems.
Another SAR, this one filed by Deutsche Bank, flagged one of Butok’s companies, Cosmoflop OÜ, to U.S. regulators. The report comes from documents from the Financial Crimes Enforcement Network leaked to BuzzFeed News, investigated by media in a project coordinated by the International Consortium of Investigative Journalists, known as the FinCEN Files.
Deutsche Bank, which conducted transactions on Nordea’s behalf as a
raised concerns about $21.3 million that Cosmoflop had transferred in 161 payments to multiple companies. Deutsche Bank said it asked for more information, but Nordea’s headquarters never responded.
Banks outside the U.S. process dollar transactions through correspondent banks, global institutions that have Federal Reserve accounts. They provide services such as currency exchanges and transfers, but the system is easily exploited by illicit operators.
In fact, according to Luminor’s internal audit, Nordea had received “at least 35 requests” from authorities about Butok’s operations. Indeed, the bank itself investigated 840 alerts related to the transactions and submitted 18 SARs to the Estonian Financial Intelligence Unit (FIU).
Still, Nordea banked Butok for five years, only beginning to offload him in late 2017 — after the time the Luminor merger was announced. Butok’s final bank account was closed in March 2018.
Butok confirmed to reporters that Luminor had closed his accounts, saying that he had tried but failed to appeal the decision. When reporters pressed for more information, he hung up the phone.
Nordea declined to comment on individual customers but said the bank “does not accept being used as a platform for money laundering”. “Nordea prides itself with aiming to be a positive force in society when it comes to combating financial crime and we do all we can to prevent money laundering,” a spokesperson said in a written comment.
The internal Luminor audit also revealed an overly close relationship between one of Nordea Estonia’s relationship managers and a man named Erik Lidmets.
Lidmets had previously headed the infamous International Banking division at Danske Bank’s Estonia business, which is part of an
ongoing criminal investigation into $241 billion in suspicious transactions. Investigators believe Lidmets helped set up the system that laundered a fortune through the bank. He was fired in 2010.
Auditors found the Nordea relationship manager had previously worked with Lidmets at “another credit institution,” most likely referring to Danske Bank. Once at Nordea, the banker then dealt with Lidmets in his role as a board member of the bank’s real-estate client, Paavli Estate OÜ. Paavli Estate was owned by two Russian businessmen whose bank in Russia was shuttered in 2015 because of money laundering suspicions.
The audit found the Nordea employee never reported their conflict of interest working with Lidmets. In fact, the banker in question left Luminor prior to the investigation because of a separate conflict of interest with another customer and the leaking of confidential information.
Collusion between clients and relationship managers is a classic example of how Baltic banks helped to facilitate money laundering, and such bankers are at the center of money laundering probes at Danske Bank and Sweden’s Swedbank. Yet Estonian police were apparently never contacted about similar activities at Nordea or Luminor.
Luminor submitted a SAR about the Nordea relationship managers who worked with Butok and Lidmets to Estonia’s FIU, whose job it is to decide if police intervention is warranted. The FIU declined to comment, but the head of the economic crime bureau at the National Criminal Police said they never received a request for an investigation.
Lidmets didn’t respond to reporters’ queries.
Luminor’s headquarters in Tallinn, Estonia.
Jaanus Lensment/Ekspress Meedia
Outing the Oligarchs
Nowhere were anti-money-laundering procedures more problematic than in Latvia. In the 30 high-risk case studies detailed in the audits, a total of 22 SARs were sent to financial intelligence units in the Baltic states. Of those, 15 were in Latvia.
And, of more than 100 high-risk customers covering 7.7 billion euros that Luminor’s auditors flagged for further investigation, Latvian DNB and Nordea banks banked 52. At least 17 of these clients were later dropped by Luminor.
Among those quietly offboarded in May 2019, after the auditors had concluded their work, were the Russian oligarchs sanctioned by Ukraine, Mordashov and Mazepin.
Luminor also suspended cooperation with two other problematic clients that had banked in Latvia. One, a railway company from Turkmenistan, KELK, was offboarded due to concerns its CEO was wanted by international law enforcement. Russian freight company Alpa Centrum was also dropped over suspicions it was helping to evade sanctions.
The internal audit said that in 2018, Alpa Centrum acted as a go-between for more than 35 million euros of transactions between a Ukrainian company and a Russian gas producer named Novatek, which had been sanctioned by the U.S. four years earlier.
KELK did not respond to requests for comment and Alpa Centrum declined to comment.
Before today, the auditors’ findings have never before been made public. Despite the array of problems they found, the banks involved remain adamant they are fully compliant with anti-money laundering regulations.
Nordea maintains that its CEO, von Koskull, was right when he asserted in 2018 that there were no breaches in his bank. “To the best of our knowledge, Luminor was not subject to regulatory inspections of suspected money laundering,” the bank’s spokesperson said.
Von Koskull no longer works at Nordea, but told OCCRP through the spokesperson: “What I said at the time was true then and still is true.”
Aftenposten contributed reporting. OCCRP ID, Konrad Szczygieł (Frontstory.pl), and Anastasiia Morozova (Frontstory.pl) contributed research.
Research on this story was provided by OCCRP ID.
Fact-checking was provided by the OCCRP Fact-Checking Desk.