Spuerkeess fined €5 million for Caritas failings

Spuerkeess has been fined almost €5 million by the Commission de Surveillance du Secteur Financier (CSSF) for shortcomings in its anti-money laundering and counter-terrorist financing controls related to an unnamed “charitable foundation”, the regulator said on Wednesday.

While the CSSF in its press release did not name the foundation, it is believed to be Caritas, which has been embroiled in an embezzlement scandal over €61 million that went missing last year.

The €4.96m fine, which represents “less than 0.5%” of Spuerkeess’ 2024 turnover, followed an on-site inspection carried out by the CSSF between 8 August and 12 December 2024 – shortly after the embezzlement became public.

Although the inspection was triggered by “a fraud targeting a Luxembourg charitable foundation”, the regulator stressed that its review “focused more broadly on the bank’s AML/CFT obligations, particularly post-transaction monitoring.”

The Spuerkeess fine is one of the largest ever issued by the CSSF.

In 2017, the regulator ordered Edmond de Rothschild to pay a fine of almost €9 million for failings in the Malaysian 1MDB scandal.

In 2020, the CSSF imposed a €4.6 million penalty on Banque Internationale à Luxembourg (BIL) for similar breaches.

In an official statement, Spuerkeess said it had “acted quickly after the initial findings” to strengthen its controls, including upgrades to surveillance tools, improved procedures, risk-based client classification, staff training and enhanced governance.

“Compliance with a complex legal and regulatory framework is a continuous improvement process, which must constantly adapt to evolving rules and practical lessons learned,” the bank said.

Spuerkeess added that it would “continue to refine its monitoring systems to better identify suspicious transactional patterns”.

State-owened Spuerkeess was one of two Luxembourg-based banks, alongside BGL BNP Paribas, used by Caritas to process payments.

However, BGL BNP Paribas was not fined by the CSSF, according to a separate press release on Wednesday. It stated that “following the revelation of the fraud against a Luxembourg charitable foundation, the CSSF conducted on-site and off-site investigations into the bank’s anti-money laundering and counter-terrorist financing obligations.”

The review, which ran from September 2024 to January 2025, focused on the bank’s risk-based approach and its monitoring of transactions, particularly those linked to the foundation’s accounts. The CSSF said the results had been communicated to the bank and that it now considers its intervention closed, with no fine imposed.

BGL BNP has been contacted for comment.

Spuerkeess CEO Françoise Thoma in May told a special parliamentary committee examining the fraud that the bank had not made any mistakes and followed all procedures.

The CSSF during its investigation found that, despite previous remedial measures, Spuerkeess’ transaction monitoring system continued to show “structural and systemic weaknesses.” It highlighted “incomplete configuration of monitoring scenarios” for certain customers, which hindered the detection of suspicious patterns such as large inflows followed by rapid outflows, as well as “gaps in customer due diligence” for transactions involving high-risk countries, with alerts sometimes not generated because of threshold limits.

The regulator noted that while the bank’s monitoring systems “functioned adequately for anti-fraud purposes,” they were “not sufficiently calibrated for AML/CFT risk detection.”

(This article was corrected at 18:40 on 30 July 2025 to clarify that the fine imposed on Spuerkeess is one of the largest ever issued by the CSSF, not the largest as previously stated)