Morgan Stanley discovered last year that a yearslong brokerage customer had been convicted in 2005 in a U.S. court—for lying about terrorism investigations—and had links to al Qaeda bombings of U.S. embassies.
The bank informed law enforcement and shut down the accounts. By then, at least tens of thousands of dollars had been withdrawn from ATMs in Pakistan.
It wasn’t a rare oversight.
In another case, discussed in internal Morgan Stanley documents reviewed by The Wall Street Journal, a self-proclaimed princess claiming to have more than $5 billion in assets was allowed to engage Morgan Stanley for weeks without the bank carrying out a basic background check or completing the appropriate due-diligence review.
She gave multiple unusual stories for the source of her wealth—among other things she claimed to be related to the last king of Romania and to be the owner of a drug company worth billions. Finally the bank’s global financial crimes unit pushed it to cut ties.
One of the financial crimes employees described the messy nature of the case in an internal company chat log: “Fantastic—it’s like the end of a tarantino flick…everyone just murdering everyone.”
Morgan Stanley’s wealth-management division, which oversees about $6 trillion of assets, represents close to half the firm’s total revenue and has been a crucial source of profits.
The Journal has previously reported the Justice Department, Federal Reserve, Securities and Exchange Commission, the Treasury Department’s Financial Crimes Enforcement Network and others are probing the bank’s vetting procedures to determine whether it has sufficient anti-money-laundering controls.
The new cache of internal documents, including emails, internal chat logs and reports, as well as interviews with nearly 20 current and former employees and executives, illustrates the day-to-day operations of the bank that appeared to fall short of regulatory standards.
The bank wooed clients from countries known for financial corruption and drug trafficking, including Venezuela. Federal investigators are looking into whether the bank allowed accounts to be used for money laundering funds gained through corruption that were connected to a former government minister there.
Documents warned the bank’s risk had increased because of its exposure to Russia and a sanctioned Russian bank—Morgan Stanley received a caution for it from the Treasury Department. In one problem account, the SEC has been probing the bank’s work with a billionaire with ties to Russia who was sanctioned by the U.K. after Russia’s invasion of Ukraine.
Overall, bottlenecks in the bank’s anti-money-laundering procedures held up the vetting of thousands of accounts, which were allowed to proceed in the meantime.
Despite the focus on international customers, some employees who were supposed to assess client risk didn’t know the necessary languages, and used Google translate to make sense of foreign documents. Staff who vet customers were laid off even as Morgan Stanley gobbled up international wealth businesses from other banks. Simple checks, such as Google searches on customer names that would reveal suspicious activities or other red flags, often didn’t occur, or employees missed the results that turned up.
Thousands of accounts within wealth management, which has ramped up efforts to recruit rich Americans and foreigners as clients, displayed high-risk characteristics for money laundering, tax evasion or other potentially illegal behavior, according to a 2023 document.
The accounts are spread across Morgan Stanley’s empire of financial advisers who manage money for wealthy people and its E*Trade digital trading platform.
Breakdowns occurred at almost every level and have festered for years.
The 2023 document showed that 24%, or 46,572, of Morgan Stanley’s international wealth-management accounts were designated by the firm as “High/High+” risk for money laundering. The firm also labeled at least 25,000 international E*Trade accounts as being in high-risk areas.
The document said the bank considered its anti-money-laundering controls to be “weak,” a downgrade, because of “longstanding issues globally” with the enhanced due-diligence processes.
Morgan Stanley said it has made progress on improving its anti-money-laundering and other processes. “Over the past several years, one of our top priorities at Morgan Stanley has been to make significant investments in people, processes and technology [related to anti-money laundering, vetting and due diligence] to keep pace with the growth of our industry-leading business,” Morgan Stanley said in a statement. “We are now realizing material results from these efforts. Indeed, the prioritization and scale of our investments in our onboarding processes is rapidly transforming these functions into an organizational strength.”
Jed Finn, Morgan Stanley’s head of wealth management, told employees in meetings early this year that fixing issues in wealth, which would include improvements in vetting clients and back-office procedures, increased staffing and upgraded technology, is his top priority.
Wealth emerged as a key driver of Morgan Stanley’s recovery from the 2007-08 financial crisis. The firm transformed into one of the largest wealth-management providers in the U.S. under James Gorman, its former longtime CEO and current executive chairman.
The unit, beefed up with a series of acquisitions, including Smith Barney and E*Trade, has helped offset volatility in the bank’s dealmaking and trading businesses. Top executives have publicly said they intend to grow assets in the unit.
International clients are seen as an engine for growth. In early 2022, however, a Morgan Stanley risk team found that 60% of international accounts that financial advisers were trying to open had errors, including missing documents and overstated income.
“For Morgan Stanley, the international business is a blessing and a curse,” a former longtime executive said. “It’s a growth business but the risk is enormous, and they have grown too fast.”
The U.S. government relies on banks and broker dealers to help detect and prevent offenses such as money laundering. They are required to verify customers’ identities, complete checks into their backgrounds and the source of their wealth, ensure they aren’t sanctioned by the U.S. and monitor their transactions.
For international accounts, the firm usually runs a background check and completes a due-diligence process before accepting the person as a client and receiving their funds.
At other banks, a financial adviser also meets a prospective client in person to help determine whether their funds come from a valid source; that wasn’t always the case at Morgan Stanley, the documents and interviews show. Financial advisers there said the emphasis was on speed and getting assets in the door, especially if a prospective client was very wealthy. That often upended the traditional process.
In April 2021, a Canadian woman claiming to have a net worth of over $5 billion and to have been born a Romanian princess began speaking with the bank.
Within a few days, she was approved for four accounts, although no bank employee had ever met her in person. She said she was in Monaco, and while video meetings had become common since the pandemic, no video meeting took place.
Soon after the accounts were approved, an executive overseeing financial advisers approved a low-interest-rate loan of $100 million for the woman, which she intended to use for derivatives trading.
At the end of May, an individual identified as the client’s employee wanted to transfer more than 50 million euros into the woman’s accounts using what the bank viewed as an outdated wire-transfer protocol.
The client’s reluctance to use the Swift system that the bank wanted rang alarm bells, according to the internal bank emails and chat logs.
Morgan Stanley, it turned out, hadn’t run a background check, verified the woman’s source of funds or completed an enhanced due-diligence review.
“There’s reg risk to…opening the account and accepting the funds before we complete the KYC,” shorthand for “know your customer,” a staffer wrote in the chat log. Another said: “Our risk here is 1) these are stolen funds 2) funds will come in used as leverage to harm the Firm.”
A staffer, warning of the potential for fraud, wrote in an email that it was “very important” that someone meet the client face-to-face.
The client shared more information about herself, but this only raised more red flags. A Morgan Stanley financial adviser wrote an email saying the woman said she was the beneficiary of a family trust held in Switzerland; was related to the last king of Romania; that her family’s wealth came from an oil-and-gas empire, insurance companies, art and real estate in Europe and the U.S.; and was selling a drug company that she owned 93% of and that had been valued at around $3 billion.
Midlevel executives argued the bank should jettison the client. One wrote about the case in the chat log, “Oh boy…I went down the rabbit hole…and it’s getting dark.” He later wrote in an email, “We need to kill this.”
The head of private wealth management wrote in an email that she would accept dropping the client, but also wrote in another email that more time was needed to verify the client’s source of wealth. She said that if the client needed the accounts to be active immediately the bank couldn’t help, but “if they can give us more time and/or wait until they have sold their company, we would like to continue to work with them,” she wrote.
It wasn’t until June 2021 that Morgan Stanley made plans to cut ties to the woman, amid requests to do so by the bank’s global financial crimes unit. It had found the individual trying to transfer the client’s money to Morgan Stanley had “significant” tax liens, which is a red flag for the bank. The client’s accounts were never funded and the loan wasn’t paid out.
Morgan Stanley also realized it had erroneously approved the woman as a U.S. customer, when she held a Canadian passport and should have undergone the more-extensive vetting used for international clients.
In Latin America, even though other banks were exiting the market partly because of the difficulties in vetting clients, Morgan Stanley expanded.
The bank used its financial advisers in New York and Miami to recruit Latin American clients. Morgan Stanley since 2015 took over much of Credit Suisse’s Latin American wealth business, recruited a large number of Latin American financial advisers from Wells Fargo and brought on UBS financial advisers with large Venezuelan accounts.
Current and former Morgan Stanley executives said financial advisers specializing in Latin America often had personal connections to clients through family, friends or acquaintances and avoided pushing too much for documentation of their wealth.
For those they didn’t know, the executives said the advisers didn’t always meet them in person before they became clients.
Some executives became concerned and flew to Latin America to meet the clients. Among other issues, one client disclosed over dinner that he was hiding money from his country’s government in a European bank. Back in New York, bank staff were instructed to cut ties with some clients.
The lack of fluent Spanish speakers among vetting staff was a problem. Since at least 2019, Morgan Stanley enlisted temp agencies to hire Spanish speakers to review documents for accounts that had already been approved. One agency recruited Spanish-speaking lawyers from Latin America who were in the U.S. studying to become U.S.-credentialed lawyers.
Many of the temps worked in Morgan Stanley’s Baltimore office, and some were paid around $20 to $35 an hour.
They found cases in which clients who brought in millions of dollars to the wealth-management division hadn’t provided documents that fully explained the source of the wealth, according to people familiar with the matter.
Some clients, for example, cited property sales as a source of their funds. But the paperwork submitted to Morgan Stanley included deeds and titles showing the clients owned the properties at some point in the past, and documents showing the value and sale of the properties weren’t on file.
Delays in vetting accounts continued. There were delays of more than two months in completing enhanced due-diligence reviews on more than 4,000 accounts in the Americas, according to a January 2024 document. The accounts had restrictions placed on them, or were new and hadn’t been funded.
Morgan Stanley had pushed to attract business in Venezuela, despite that country’s reputation for corruption. Some former financial advisers at the bank told the Journal they worried government officials in Venezuela involved in the drug trade or other illegal activities were teaming up with people who had no government or criminal ties to open accounts.
Since at least 2021, the Justice Department, the SEC and other federal agencies have been probing whether Morgan Stanley allowed Luis Mariano Rodriguez Cabello, a Venezuelan businessman, to help a former Venezuelan oil minister launder money through the bank, the Journal previously reported.
Morgan Stanley filed a suspicious activity report about the client with the Treasury Department’s FinCEN in November 2016 after accepting wire transfers totaling roughly $100 million into his corporate account in 2014 and 2015. The FinCEN report on Morgan Stanley’s filing states that “the clients potentially used their business account to receive numerous wire transfers derived from proceeds tied to a bribery scheme involving government officials.”
The agencies are looking into why Morgan Stanley managed investments for Rodriguez Cabello when his account displayed red flags for potential money laundering. The probe is ongoing.
Morgan Stanley’s quality-assurance team found errors or other problems in 27% of the reports it reviewed from employees in global financial crimes tasked with reviewing cases of possible money laundering, according to a January 2024 document. The quality-assurance team reviewed the work of the financial crimes team in some cases when accounts displayed suspicious behavior. The errors included incomplete suspicious activity report filings that were sent to regulators. The rate of errors or other problems was above “the already elevated yearly average,” the document said.
While Morgan Stanley was pushing for growth overseas, it also was snapping up new businesses, such as E*Trade, which allows people to buy and sell stocks and other investments and attracts mostly everyday mom-and-pop investors.
The deal closed in October 2020, and just over a year later, nearly all of E*Trade’s executive management team responsible for anti-money-laundering procedures had left. Some said they were aghast at Morgan Stanley’s paper-heavy method of vetting clients.
To develop client-risk profiles, Morgan Stanley employees did research on clients by hand, kept paper in manila files and passed them from one person to another, and the bank didn’t have much technology to analyze customer risk.
E*Trade, in contrast, had used a centralized data system that compiled information about a customer. The data included alerts on suspicious activities, negative developments about clients that would be in the public record, and a log of a customer’s transactions so that atypical moves could be flagged and assessed for risk.
Morgan Stanley dropped much of E*Trade’s automated vetting procedures.
By the spring of 2021, it had turned off E*Trade’s risk-based score that would alert the firm to higher risks associated with an account or when suspicious activities occurred. The capability wasn’t turned back on until early this year.
The E*Trade accounts with ties to al Qaeda almost weren’t caught last year.
A bank employee initially queried a deposit of around $20,000 into an account that was used to pay a credit-card bill—an unusual activity for this type of account. The account owner responded that the deposit and payment were to fund a U.S.-based charity that buys computers for underprivileged girls. The bank employee didn’t deem the transaction suspicious, according to current and former employees.
A bank employee in quality control disagreed when a quick online search of the charity turned up a Facebook page saying it taught computer literacy in Pakistan.
Further inquiries found the account holder had a joint account with her husband, who also had a separate account. Funds flowed between the accounts, and money was withdrawn from ATMs in Pakistan. The bank also found that the husband’s individual brokerage account was being accessed from Pakistan and the wife had logged into accounts from Pakistan and Louisiana.
After googling the account holders’ names, employees found the husband had been convicted by a U.S. federal court for lying about terrorism investigations and had links to the 1998 embassy bombings.
Morgan Stanley then contacted law enforcement and filed a suspicious activity report.
Bank employees also found that the husband’s ATM withdrawals had triggered an alert in 2022, but it was assessed and didn’t result in any action.
Some employees told the Journal they thought this was bound to happen given a massive backlog of alerts—by summer 2022, there were roughly 30,000 transaction-monitoring alerts waiting to be cleared—caused by being understaffed and by using a paper-heavy vetting process.
The alerts, which can be triggered by a range of activity and can often be false alarms, were finally cleared by April 2023 with help from outside consultants.
As of February 2024, Morgan Stanley determined that around 9,300 E*Trade accounts needed enhanced due-diligence reviews.
A different E*Trade issue arose following Russia’s invasion of Ukraine in February 2022. The next month, billionaire Eugene Shvidler was sanctioned by the U.K. due to his association with Russian magnate Roman Abramovich. In response, Morgan Stanley conducted an internal inquiry into Shvidler, who had accounts with E*Trade and the firm’s financial-adviser unit.
E*Trade decided to cut ties, but the financial-adviser unit, which mostly focuses on large client accounts, maintained the relationship. Last year, the SEC raised questions about the conflicting decisions and asked for information about how Shvidler, along with others, was vetted by the firm.
A 2023 document showed that a unit of E*Trade had 6,240 accounts for clients domiciled in Russia and had wired approximately $13 million to the country. The document also said E*Trade “did not block attempted wires to a sanctioned Russian bank.”
In 2022, Andy Saperstein, the firm’s co-president, presented a fix-it plan to the Fed, which had repeatedly asked for improvements to risk-management controls for vetting foreign wealth-management clients. Since at least 2020, Morgan Stanley staff had been raising the alarm with higher-up executives of the need for investment in technology. The firm is still working through the plan presented to the Fed, according to current employees.
So far, Morgan Stanley has placed various types of restrictions on at least 10 categories of clients, according to the internal documents, including those with ties to Venezuela; those from high-risk areas that only use ATM, debit or other cash-management services; foreign investment funds; and those whose wealth is linked to virtual currency and other digital assets.
The firm shut down thousands of accounts between the second and fourth quarters of 2023, many of which were accounts that had come along with the bank’s acquisitions of financial advisers from other firms, or that were too small to be deemed worth the effort to vet.
Around September 2023, the bank pulled back from more Latin American countries. It increased the minimum amount required to be a client from Ecuador and Peru and stopped accepting new clients from Bolivia, Nicaragua, Panama and Paraguay.
In April this year, it expanded the list of clients that fall outside its risk appetite to include those who derive their wealth from marijuana-related businesses.
In July, Morgan Stanley announced it had recruited a new head of global financial crimes, Mike Meehan, from Goldman Sachs. The bank touted his experience in regulatory oversight and consumer business risk, and his nearly two decades in the unit that investigates financial crimes and ensures enhanced due-diligence and sanctions compliance.
Meanwhile, Morgan Stanley is using consultants to monitor suspicious transactions and is now using AI to help translate documents.
The bank is in the process of expanding its international wealth business in the Middle East, including in Kuwait, Bahrain and the United Arab Emirates, and is recruiting new international financial advisers.
It is also developing a new technology system to replace its paper-heavy system for vetting clients, among other tech upgrades that it has already made. The new system, originally planned for the second half of 2024, has been pushed to next year.
Write to AnnaMaria Andriotis at annamaria.andriotis@wsj.com
