Danish regulators recently completed a comprehensive evaluation of Merex International AS, which resulted in multiple mandatory enforcement orders aimed at correcting systemic gaps in their anti-money laundering framework. The inspection conducted by the Danish Financial Supervisory Authority identified significant concerns regarding the firm’s specific business model involving currency exchange and money transfers to high-risk jurisdictions. Because the entity facilitates transactions with respondent connections in Iran, the inherent risk for money laundering and terrorist financing is classified as high by the state authorities. The company now faces strict requirements to overhaul its risk assessment processes and improve its documentation of fund origins for large cash transactions to ensure full compliance with the Danish Money Laundering Act.

Merex International AS Anti Money Laundering Audit

The recent findings from the Danish Financial Supervisory Authority highlight a critical intersection between specialized financial services and international sanctions regimes. Merex International AS operates primarily as a currency exchange provider and a payment service business with a specific focus on the Iranian market. This geographical concentration inherently places the firm under intense scrutiny because Iran is subject to comprehensive EU sanctions and remains on the Financial Action Task Force blacklist. During the inspection, the Danish FSA determined that the company did not sufficiently account for these specific geopolitical risks within its internal risk assessment documentation. The oversight is particularly concerning given that the majority of the company’s business activities involve moving funds to a region where traditional banking oversight may be restricted or entirely absent due to local conditions such as internet blockades.

Effective risk management requires a financial institution to identify every possible avenue through which illicit actors might exploit its services. For a company like Merex International AS, which also engages in the buying and selling of gold bars, the complexity of the risk profile increases significantly. Gold is a highly liquid asset that is frequently used by criminal organizations to move value across borders without leaving a digital footprint. When combined with cash-intensive currency exchange services, the potential for integration and layering of criminal proceeds becomes a primary concern for national regulators. The Danish FSA noted that the company’s tailor-made IT system, while functional for operational purposes, must be backed by robust policies that specifically address the nuances of sanctioned jurisdictions and the high risks associated with precious metals trading.

One of the most significant failures identified during the regulatory review was the lack of enhanced customer due diligence for high-risk transactions. In many instances involving large volumes of physical cash, the firm relied solely on the self-reported statements of customers regarding the origin of their wealth and funds. Regulators have made it clear that a customer’s own explanation is insufficient when the transaction size or frequency suggests an elevated risk profile. Independent documentation, such as bank statements, tax returns, or sales contracts, must be obtained to verify that the money being exchanged or transferred was earned through legitimate means. Without these verification steps, the firm effectively operates with a blind spot that could be exploited for the placement of proceeds from narcotics trafficking, fraud, or other predicate offenses.

Furthermore, the relationship between Merex International AS and its respondent connections in Iran was found to be inadequately monitored. Respondent banking involves one financial institution providing services to another, often to facilitate cross-border payments in regions where the first institution does not have a physical presence. Because these Iranian partners are located outside the European Union, they are not subject to the same stringent regulatory standards as Danish firms. The Danish FSA emphasized that Merex must perform thorough due diligence on these partners to ensure they have their own effective controls against financial crime. Failure to do so creates a high risk of the firm inadvertently facilitating the movement of funds for individuals or entities listed on international sanctions trackers.

The corrective orders issued by the Danish authorities require a total revision of how the company records and retains information. The investigation revealed that the firm was not properly storing the results of its internal inquiries into unusual or suspicious activities. Accurate record keeping is the backbone of any anti-money laundering program because it allows for the reconstruction of transaction chains and provides law enforcement with the necessary evidence to pursue criminal prosecutions. If a firm identifies a suspicious pattern but fails to document the steps taken to investigate it, the entire reporting mechanism to the Money Laundering Secretariat is compromised. Merex must now ensure that every investigative finding is preserved in a manner that supports future audits and potential police inquiries.

Regulatory Enforcement and Sanctions Compliance

The enforcement actions taken against Merex International AS serve as a stark reminder of the obligations placed on small to medium-sized payment institutions. While these firms provide essential services to diaspora communities and businesses engaged in international trade, they are held to the same high standards as large commercial banks when it comes to preventing financial crime. The Danish FSA has ordered the company to immediately implement enhanced due diligence procedures for all customers who pose an increased risk. This includes a mandatory requirement to obtain and verify documentation for the source of funds before any further transactions are processed for these individuals. This proactive approach is designed to prevent the firm from being used as a conduit for illicit value transfer.

The specific focus on Iranian sanctions is a key component of this case. The EU has maintained a complex web of restrictive measures against certain Iranian activities, and any firm facilitating transfers to the region must navigate these rules with extreme precision. The Danish FSA pointed out that Merex failed to explicitly address these sanctions within its formal risk assessment. By treating transfers to a blacklisted jurisdiction similarly to lower-risk domestic payments, the firm neglected its duty to act as a gatekeeper for the international financial system. The requirement to revise internal business procedures to include respondent connections is a direct response to this deficiency, ensuring that every link in the payment chain is vetted for compliance with global standards.

Beyond the immediate administrative orders, the company must also grapple with the logistical challenges of operating in a high-risk environment. The reported internet blockades in Iran have already hampered the firm’s ability to conduct business, but the regulatory pressure adds a layer of legal and operational complexity. The Danish FSA’s findings suggest that even when technical infrastructure is restored, the firm cannot return to business as usual without first demonstrating a significant improvement in its compliance culture. This involves not just updating a few documents, but ensuring that the compliance staff and management fully understand the risks of terrorist financing and the methods used by bad actors to circumvent international controls.

The buying and selling of gold bars remains another area of intense focus. Precious metals are often used in trade-based money laundering schemes where the value of goods is manipulated to move money across borders. For Merex, the integration of gold trading into a business that already handles large volumes of cash and international transfers creates a perfect storm of risk factors. Regulators expect firms in this position to have specialized monitoring tools that can detect anomalies in gold transactions, such as unusual pricing, strange shipping routes, or customers who suddenly begin dealing in large quantities of bullion without a clear economic rationale.

Ultimately, the goal of the Danish FSA is to ensure that the Danish financial sector remains resilient against the threats posed by global criminal networks. By issuing these public orders, the regulator provides a roadmap for Merex to achieve compliance while also signaling to the wider industry that shortcuts in due diligence will not be tolerated. The firm’s path forward requires a dedicated investment in compliance resources and a shift toward a more skeptical, evidence-based approach to customer relationships. Every transaction must be viewed through the lens of potential risk, particularly when it involves jurisdictions that are known to be non-cooperative or under heavy international restrictions.

Iranian Remittance Channels and Asset Verification

The complexities of the Iranian remittance market require a sophisticated understanding of both local and international legal frameworks. Because traditional banking ties between the West and Iran are largely severed, informal or specialized networks like the one managed by Merex International AS become vital. However, these networks are highly susceptible to being co-opted by individuals seeking to bypass anti-money laundering controls. The Danish FSA’s critique of the firm’s tailor-made IT system suggests that while technology can facilitate speed, it must not sacrifice security. The system must be capable of flagging transactions that exceed certain thresholds or involve parties that match names on global watchlists.

Verification of the source of funds is often the most difficult part of the due diligence process, yet it is the most crucial for mitigating money laundering. When a customer walks into a currency exchange with a large bag of cash, the burden of proof lies with the firm to ensure that the money did not come from an illegal source. The Danish regulator’s insistence on independent documentation marks an end to the era of taking a customer at their word. This change will likely require Merex to train its staff on how to analyze complex financial documents and how to have difficult conversations with long-term clients who may be resistant to providing more personal information.

The oversight of respondent connections is another pillar of a strong anti-money laundering strategy. In the context of Merex, the respondent connections in Iran act as the final mile of the payment process. If these partners are not vetted, Merex has no way of knowing if the funds are being paid out to sanctioned individuals or used to fund activities that violate international law. The Danish FSA has made it clear that “out of sight” cannot mean “out of mind.” The firm must establish a rigorous onboarding and periodic review process for every international partner it uses, regardless of the historical length of the relationship.

Moreover, the recording and storage of investigative results is not just a bureaucratic requirement; it is a vital defensive tool for the firm itself. If the authorities ever question a specific transaction, the firm must be able to produce a clear audit trail showing that it performed its due diligence, identified any red flags, and made an informed decision on whether to proceed or report the activity. The failure to maintain these records puts the firm at risk of being seen as complicit in any illicit activity that passes through its accounts. The new orders require Merex to treat every investigation as a formal legal record that must be preserved for at least five years under Danish law.

As the global landscape for financial crime evolves, regulators are increasingly looking at how different risk factors interact. In this case, the combination of a high-risk jurisdiction, a cash-intensive business, and the trade of precious metals created a risk profile that was simply too high for the firm’s existing controls. The remedial actions mandated by the Danish FSA are designed to bring those controls in line with the actual risks present in the firm’s day-to-day operations. Success for Merex will be measured by its ability to transform these regulatory requirements into a living part of its corporate governance.

Systematic Improvements in Financial Oversight

The final analysis of the Merex International AS case points toward a broader trend of increased accountability for specialized financial institutions. Regulators are no longer satisfied with general policies; they demand specific, actionable procedures that address the unique threats of each firm’s business model. For Merex, this means creating a direct link between its Iranian focus and its daily monitoring activities. The firm must be able to demonstrate that it understands the specific money laundering typologies prevalent in the Middle East and that it has adjusted its filters and thresholds accordingly.

The requirement to update the risk assessment is the first step in this journey. A risk assessment should be a dynamic document that evolves as the firm enters new markets or as the global security situation changes. The inclusion of EU sanctions as a core component of this assessment is non-negotiable. By failing to do this initially, Merex left itself vulnerable to legal and reputational damage. The new assessment must provide a granular view of how the firm manages the risk of being used for terrorist financing, particularly given the high-risk status of its primary destination for funds.

In addition to policy changes, there is a clear need for a cultural shift within the organization. Compliance must be seen as a core business function rather than a hurdle to be cleared. This involves regular training for all employees, from the frontline tellers exchanging currency to the senior management overseeing international partnerships. Everyone in the firm must understand the red flags associated with money laundering and feel empowered to raise concerns without fear of internal repercussions. The Danish FSA’s intervention is a catalyst for this change, providing the external pressure necessary to prioritize security over transaction volume.

The ongoing monitoring of customer behavior will also need to be significantly enhanced. It is not enough to perform due diligence at the start of a relationship; the firm must constantly look for changes in how a customer uses its services. If a customer who previously sent small amounts of money suddenly begins transferring large sums or dealing in gold, this should trigger an immediate review. The lack of documented investigations noted by the FSA suggests that these triggers were either not in place or were being ignored. Rectifying this is essential for building a robust defense against financial crime.

In conclusion, the case of Merex International AS serves as a comprehensive case study in the challenges of high-risk financial intermediation. The Danish FSA has provided a clear set of instructions that, if followed, will significantly reduce the firm’s vulnerability to exploitation by criminals. However, the responsibility for maintaining these standards rests solely with the firm’s leadership. By addressing the gaps in risk assessment, customer due diligence, respondent monitoring, and record keeping, Merex can work toward a future where it contributes to the integrity of the Danish financial system rather than posing a threat to it. The lessons learned here are applicable to any firm operating at the edge of the regulated financial world, where the risks are highest, and the oversight must be sharpest.

---

Key Points

• Merex International AS is classified as a high-risk entity due to its extensive currency exchange and money transfer operations involving Iran.
• The Danish Financial Supervisory Authority issued mandatory orders for the firm to overhaul its risk assessment processes to include EU sanctions and precious metals trading risks.
• Enhanced customer due diligence is now required for all high-risk transactions with a strict mandate to verify the source of funds through independent documentation.
• The company must implement rigorous vetting and monitoring of respondent connections in Iran to ensure compliance with international anti-money laundering standards.
• The firm is under a legal obligation to improve its record-keeping practices by documenting and storing all internal investigations into suspicious financial activities.

---

Related Links

• Danish FSA Statement on Merex International AS Inspection
• FATF List of High Risk Jurisdictions Subject to a Call for Action
• European Council Restrictive Measures Against Iran
• Danish Money Laundering Act Official Regulatory Text

Other FinCrime Central Articles About the Danish FSA’s Actions

• Danmarks Skibskredit Faces Regulatory Orders for Maritime Anti-Money Laundering
• Danish Regulator Updates 4 Key Areas To Boost Local Banks
• Danish FSA Identifies Major Risk Failures at Safenetpay ApS

Source: Finanstilsynet

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.