The Danish Financial Supervisory Authority recently concluded an extensive investigation into Electronic Money Institution (EMI) Safenetpay ApS, uncovering persistent and severe deficiencies in the firm’s ability to prevent financial crime. Following a December 2024 inspection, the regulator determined that the e-money institution maintains an organizational structure that facilitates high inherent risks for illicit activity. This regulatory action follows a turbulent period where the firm’s license was nearly revoked, only to be reinstated for reconsideration by the Danish Business Appeals Board. The findings highlight a critical lack of governance and a failure to implement necessary risk management protocols to safeguard the Danish financial system from exploitation.

Compliance failures in anti-money laundering protocols

The Danish Financial Supervisory Authority has expressed significant concern regarding the systemic weaknesses found within the internal controls of Safenetpay ApS. During the examination of the company’s operations, investigators found that the firm failed to sufficiently collect and evaluate information regarding the intended purpose of business relationships. This fundamental requirement of the Money Laundering Act is essential for establishing a baseline of normal activity for any given client. Without a clear understanding of why a customer is seeking specific digital payment solutions, the institution cannot effectively identify transactions that deviate from expected patterns. The regulator noted that even when information was gathered, it was rarely integrated into a comprehensive risk profile, leaving the firm blind to potential red flags.

Furthermore, the inspection revealed that the company’s industry-specific risk assessments were inadequate and did not reflect the actual dangers associated with high-risk sectors. The regulator pointed out that Safenetpay ApS must align its internal scoring systems with the National Money Laundering Risk Assessment of 2022 and Annex 3 of the Money Laundering Act. By failing to accurately categorize the risks associated with different business types, the company likely misclassified numerous clients, potentially applying standard due diligence to entities that required enhanced scrutiny. This disconnect between perceived and actual risk creates a gateway for illicit funds to move through the Danish financial infrastructure under the guise of legitimate commercial activity.

Organizational transparency and group outsourcing risks

A primary driver of the high-risk environment at Safenetpay ApS is its opaque relationship with its British parent and sister companies. The Danish regulator found that a significant portion of the firm’s daily governance and operational tasks are outsourced to UK-based entities, leading to a loss of local control and oversight. This cross-border complexity makes it difficult for Danish authorities to monitor the flow of information and ensure that the Danish unit is operating as an independent, compliant entity. The inspection highlighted that the mixing of employees, financial systems, and management structures between the Danish and English branches creates a fog of responsibility that undermines regulatory transparency.

This lack of separation extended to the boardroom, where the Danish Financial Supervisory Authority observed that individuals with no official role in the Danish company were exercising significant influence over decision-making processes. Meeting minutes failed to clearly document the roles of participants, making it nearly impossible to determine who was driving the company’s strategy and compliance policies. The regulator has issued strict orders for the company to formalize its board proceedings and establish clear conflict-of-interest policies. Without a distinct boundary between the Danish subsidiary and its foreign affiliates, the institution remains vulnerable to external pressures that may not prioritize Danish anti-money laundering standards.

Financial reporting and the security of user funds

The financial health and reporting accuracy of Safenetpay ApS were also called into question during the December inspection. The regulator discovered that the company’s primary revenue stream did not come from its licensed payment services but rather from IT and consultancy fees paid by its English parent company. This suggests that the Danish entity lacks a sustainable, independent business model and relies on subsidies to appear solvent. Consequently, the Danish Financial Supervisory Authority has ordered the company to revise its accounting practices to provide a fair and accurate representation of its financial standing. The current arrangement masks the true operational risks and makes it difficult to assess whether the company meets essential capital requirements.

Perhaps most concerning was the revelation that Safenetpay ApS did not maintain a dedicated security account for user funds that met Danish legal requirements. Under current regulations, e-money institutions must ensure that customer money is protected in the event of corporate bankruptcy. By failing to use an authorized credit institution within the EU to secure these funds, the company placed its clients at significant financial risk. The regulator emphasized that the lack of clear procedures for managing operational risks associated with internal outsourcing further compounds these dangers. The company has been mandated to develop a robust plan for independent operations and to appoint specific personnel responsible for overseeing outsourcing arrangements to ensure accountability.

Persistent deficiencies in risk management and governance

Despite being given an opportunity to correct previous failures, Safenetpay ApS has demonstrated a continued inability to implement an effective risk reporting framework. The Danish Financial Supervisory Authority found that the company did not identify or report on internal risks adequately, failing to implement compensatory measures to prevent losses or regulatory breaches. This failure is particularly dangerous in the payment services sector, where international money transfers and cross-border transactions provide a high-velocity environment for laundering activities. The regulator noted that the fragmented nature of modern payment landscapes makes it increasingly difficult to track the movement of money, requiring institutions to be more vigilant, not less.

The concluding analysis from the Danish authorities indicates that the company’s governance remains fundamentally broken. The interference of employees from other group companies in the Danish entity’s control functions suggests a total breakdown in the separation of duties. To maintain its license, Safenetpay ApS must now undergo a total restructuring of its risk classification systems and provide documented proof that it can operate responsibly without the constant intervention of its UK affiliates. The burden of proof lies entirely with the institution to show that its organizational structure is no longer a liability to the integrity of the Danish financial sector. If these systemic issues are not resolved, the threat of license withdrawal remains a tangible reality for the firm.

---

Key Points

• Safenetpay ApS has been identified by the Danish Financial Supervisory Authority as having a high inherent risk for being utilized in money laundering and terrorist financing schemes.
• The institution failed to implement proper customer due diligence by neglecting to consistently collect and assess the purpose and intended nature of business relationships.
• Oversight was compromised by an opaque organizational structure where governance and control functions were heavily outsourced to British affiliates without sufficient Danish management control.
• Regulatory orders were issued regarding the protection of user funds as the company failed to maintain a compliant security account at an authorized credit institution.

---

Related Links

• Danish Financial Supervisory Authority Official Website
• Financial Action Task Force Guidance on the Risk-Based Approach for the Payments Sector
• European Banking Authority Guidelines on Internal Governance
• Danish National Strategy for Combating Money Laundering and Terrorist Financing

Other FinCrime Central Articles About Sanctions On EMIs and PSPs

• AML fines Europe: a costly wake-up call for PSPs and EMis
• €214k AML Fine Reveals Serious Gaps In Alipay Europe Controls
• $4.2 Million AML Penalty for Wise US Highlights Growing Regulatory Scrutiny

Source: Finanstilsynet

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.