Wirecard’s scandalous collapse exposes the weakness of a single EU financial market that leaves regulatory supervision to the member states.
Wirecard was one of the great success stories of Europe’s fintech sector and a German national champion, holding a coveted place in the DAX 30, the country’s main stock index. But since it was suddenly declared insolvent on June 25 following the disclosure of a €1.9 billion hole in its accounts ($2.1 billion at that date), the e-payments company—like Enron two decades earlier—has become a glaring symbol of mismanagement, prompting demands that the EU take control of financial supervision away from local authorities.
Wirecard represented a spectacular fraud. Its CEO, Markus Braun, was arrested; and its chief operating officer, Jan Marsalek, fled the country. But critics are wondering how the company could have escaped detection by its auditors and regulators for so long.
One explanation is that Germany classified Wirecard as a technology company, not a financial institution. The Federal Financial Supervisory Authority (BaFin) said it therefore had no authority to supervise the company, even though it processed billions of dollars in transactions for credit card companies in the UK, the US and as far afield as Indonesia and Malaysia.
“I think part of the problem was the authorities were proud they had a Silicon Valley-type startup here in Germany,” says Wolfgang Schirp, a Berlin lawyer who has filed a class action lawsuit on behalf of investors against Wirecard’s auditors, Ernst & Young (EY). “Nobody really understood the business they were in.”
BaFin’s president, Felix Hufeld, who came under withering criticism in Germany following Wirecard’s collapse, called the scandal a “complete disaster.” He acknowledged at a public conference in June that there is “a whole range of private and public entities, including my own, who have not been effective enough to prevent something like that happening.”
Another complicating factor is that oversight of company audits in Germany is in the hands of a self-regulating industry agency, the Financial Reporting Enforcement Panel (FREP). After the Wirecard scandal broke, FREP said its role was only to ensure that accounting standards are adhered to, not to uncover fraud. But the German government found that defense wanting and announced June 29 that it was canceling FREP’s contract, to terminate at the end of 2021.
German regulators weren’t the only ones who failed to detect fraud at Wirecard. Singaporean authorities in August arrested a director of a local accounting firm that had provided letters falsely attesting it held millions of dollars of Wirecard’s funds in escrow. Similar charges are being investigated against two banks in the Philippines.
“There are clear indications that this is a large-scale fraud in which several parties around the world and in various institutions were involved, with deliberate intent to deceive,” the Stuttgart branch of EY auditors said in a statement.
Fractured Enforcement
But the supervision problem is especially acute in Europe, says Nicolas Véron, senior fellow at the Peterson Institute for International Economics; because, while the EU makes the rules, they are then implemented and enforced by national authorities that are often understaffed and underfinanced—especially in smaller countries—and often want to protect their local champions.
“It’s a systemic problem in Europe, where you have a single market across borders,” says Véron. “You have a very strange mix of incentives for national supervisors that you don’t have in normal countries that have their own borders for financial purposes.” The Wirecard case illustrates the failure of supervisory enforcement of corporate reporting requirements and payment services, he says, suggesting that an EU-wide supervisor would be a better approach than the current system of delegating supervision.
After the 2001 Enron scandal in the US, Véron notes, Congress passed the Sarbanes-Oxley Act and established the Public Company Accounting Oversight Board to supervise auditors and punish firms that conduct improper audits. Europe lacks such a central authority.
A bigger problem may be the rules themselves and how they are applied by supervisors, says Hans-Helmut Kotz, economist at the Minda de Gunzburg Center for European Studies at Harvard University. Accounting rules currently have “so much leeway that it is fiendishly difficult” to track the activities of the same company across borders. The US and Europe haven’t even been able to resolve the differences between the Generally Accepted Accounting Principles of the US and the International Financial Reporting Standards used in the EU and many other jurisdictions.
“How can we guarantee rules are implemented in a completely disinterested way and the authorities are shielded from industry influence?” Kotz says. “I would be in favor of supervision being Europeanized.”
There’s precedent for such a shift. In 2014, the European Central Bank (ECB) took over direct supervision of the EU’s 120 largest banks following the collapse of a number of institutions as a result of the 2008 financial crisis, which had required huge taxpayer bailouts. European states adopted the Single Supervisory Mechanism in 2013, giving the ECB prudential oversight of about 80% of eurozone banking assets; by all accounts, ECB oversight has been a success.
Perverse Incentives
Money laundering is another controversial area where EU supervision looks to become more centralized. While the EU issued anti-money laundering directive rules to prevent money laundering through European banks, the disclosure last year that Russian oligarchs had laundered about €200 billion through a tiny Estonian branch of Denmark’s Danske Bank created an outcry that forced the resignations of senior bank executives in Denmark and Sweden.
In a similar case, one of the biggest financial institutions in the Baltic states, Latvia’s ABLV Bank, was closed down in 2018 after it was accused of laundering at least €50 million for Russian, Ukrainian, and other foreign clients. The fact that the case was not discovered in Europe but by the US Justice Department added to the EU’s embarrassment. Last November, the finance ministers of six eurozone countries demanded the creation of an EU anti-money laundering (AML) supervisor; the European Commission (EC) made a proposal in May.
“They have created a coordination problem by creating a single financial market without a single authority for money laundering, which could lead to perverse incentives,” says Joshua Kirschenbaum, formerly acting director of the Office of Special Measures at the US Treasury’s Financial Crimes Enforcement Network, overseeing international money laundering investigations, now at the German Marshall Fund. “Certain countries have developed large sectors catering to nonresident deposits with a lot of very high-risk institutions and haven’t had the wherewithal to bring it to heel.”
Just how imperfect local implementation of EU financial rules can be was demonstrated again in July, when the European Court of Justice fined Ireland €2 million and Romania €3 million for failing to adopt the EU’s full AML rules in their own legislation. The EC also referred Austria, Belgium and the Netherlands to the court for failing to implement various AML rules on gambling activity, in Austria’s case; exchanges of documents and information in the case of Belgium; and making public the beneficial ownership of companies in the Netherlands.
“We have robust EU rules in place, but they must be applied consistently and efficiently,” said EC Executive Vice President Valdis Dombrovskis in a July 2 statement commenting on the commission’s action on the three countries. Nonetheless, while the EC said it was now ready to recommend an EU supervisor for money laundering, it still prefers “harmonizing” money laundering rules across the bloc to writing a regulation that would have the force of law EU-wide.
