Wise breached Russia sanctions with £250 withdrawal and accused of having ‘inappropriate’ controls
London fintech firm Wise has been accused of “inappropriate” controls by the government regulator today after allowing a sanctioned Russian customer to withdraw cash from a business account.
Wise, which allows businesses and individuals to open current accounts and transfer money overseas, allowed the company of a so-called “Designated Person” to successfully withdraw £250 in cash using its debit card, according to the Treasury’s Office of Financial Sanctions Implementation (OFSI).
The OFSI said today that Wise self-reported the breach and had since “taken steps to improve the aspects of its sanctions compliance process which led to the breach occurring.”
Despite the “low value” of the breach, the watchdog deemed it “moderately severe” due to the lacklustre controls of the firm.
“Wise’s policy at the time of the breach (of not restricting debit cards where a possible name match to a designated person was identified) was inappropriate in managing sanctions risks,” the OFSI said.
“A lack of staff availability to review sanctions alerts at weekends also led to a material delay in the proper restrictions being placed on the Designated Person’s account and debit card.”
Wise has since agreed to alter its policy to prevent another breach, according to the watchdog
The reprimand comes after Wise was hit with a fine in Abu Dhabi last year over poor money laundering controls in its local subsidiary
The slap on the wrist comes just as Wise’s chief Kristo Kaarmann prepares to temporarily step back from his role on paternity leave.
Kaarmann has himself been under fire from regulators in the UK after failing to pay a 2017 tax bill.
A Wise spokesperson said: “We voluntarily reported this ATM withdrawal to OFSI, undertook an immediate review of our processes and implemented the necessary internal system changes to prevent this type of transaction going forward.
“We take this matter very seriously. We remain committed to ensuring that our day-to-day operations are in compliance with all relevant regulatory requirements, and to working openly and collaboratively with our regulators.”