ING's new AML settlement and the same message
ING Belgium has agreed to pay a €1.6 million criminal settlement in a money-laundering investigation linked to transactions involving Didier Reynders, the former Belgian minister and former EU Commissioner for Justice. According to reporting on the Brussels prosecutor’s announcement, the case concerned ING Belgium’s failure to report suspicious transactions before December 2023, including hundreds of cash deposits and e-Lotto-related credits totalling more than €1 million. The settlement does not constitute an admission of guilt by ING Belgium.
ING responded with a familiar message: “Today’s ING is not the ING of the past”.
The Commissioner, the Bank and the Irony
Didier Reynders was not just any bank customer. He was, from 2019 to 2024, the European Commissioner for Justice, with a portfolio connected to the rule of law, justice cooperation and parts of Europe’s anti-financial-crime framework.
How could a former EU Commissioner for Justice — a senior EU official who could reasonably be expected to understand the significance of Europe’s AML failures, including the 2018 ING Houston settlement — become the subject of a money-laundering investigation involving the same banking group?
And how could that banking group, after paying €775 million in the 2018 Dutch Houston settlement for serious and structural AML failures, again resolve AML-related concerns through another criminal settlement? The Houston report had already found that ING failed in its gatekeeper function and that criminal clients were able to use ING accounts “virtually undisturbed, for years.”
So the irony is difficult to overstate: a banking group that already paid one of Europe’s largest AML settlements in 2018 is again in the spotlight — this time through its Belgian entity and in connection with transactions involving one of the EU’s former top justice officials in charge of AML.
This is the part that would almost be funny — if it were not so serious.
A former EU Justice Commissioner.
A banking group previously sanctioned for systemic AML failures.
A new AML-related settlement.
And again the same institutional reassurance: today’s ING is not yesterday’s ING.
The 2018 Houston Settlement: Europe Had Already Been Warned
In 2018, ING Bank N.V. entered into the Dutch Houston settlement after the Netherlands Public Prosecution Service found serious and structural AML failures at ING NL in the period 2010 to 2016. ING paid €675 million as a fine and €100 million in confiscation of unlawfully obtained gains.
The Houston report was not about isolated mistakes. It described missing or incomplete CDD files, incorrect risk classifications, inadequate review processes, late exits of undesirable clients, insufficient transaction monitoring, wrong client segmentation and lack of qualified personnel.
The Dutch prosecutors were blunt: ING had failed in its gatekeeper function, and clients involved in criminal activities were able to use ING accounts “virtually undisturbed, for years.”
They also identified the core cultural problem: business over compliance.
“Today’s ING Is Not Yesterday’s ING” — Which Yesterday?
After the Belgian settlement, ING again assured the public that it has changed.
But that raises the obvious question: which version of “new ING” are we talking about?
The post-Houston ING?
The post-remediation ING?
The ING that promised stronger controls after 2018?
Or the ING whose Belgian entity has now paid another AML-related criminal settlement?
The recurring pattern is impossible to ignore: serious AML concerns, a settlement, no admission of guilt, public assurances, and no visible structural accountability proportionate to the harm caused by failed gatekeepers.
ING acquired Payvision B.V. in early 2018
The issue becomes even more serious when viewed against ING’s acquisition of Payvision B.V. in early 2018.
Payvision later became associated with high-risk online investment schemes connected to major European cybercrime investigations. Victims of those schemes lost substantial sums (in total around € 400 Mio.) through platforms that depended on payment infrastructure, merchant accounts, acquiring services, settlement flows and financial access provided by Payvision and ING.
EFRI has repeatedly argued that the key question is not only who committed the fraud. The deeper question is:
How was the fraud infrastructure able to operate for so long?
Payment institutions and banks are not passive pipes. They are gatekeepers. When they onboard high-risk merchants, process payments, maintain settlement infrastructure and continue services despite red flags, their role must be examined with the seriousness it deserves.
If ING had not been the parent company and principal banking partner of Payvision, ING’s latest “we have changed” message might sound merely ironic.
But knowing the harm enabled through Payvision-linked infrastructure, it is no longer funny. It is a warning sign.
Europe's AML issue
Europe has built an increasingly complex AML framework involving hundreds of people. It has immense reporting duties, KYC obligations, politically exposed person rules, transaction monitoring requirements and new institutional layers.
Yet large-scale financial crime continues to exploit the same weakness: access to trusted financial infrastructure.
That is the real issue.
ING is not the exception. ING is the warning sign.
The European AML system will not be judged by the number of rules it produces. It will be judged by whether financial gatekeepers actually stop abuse before consumers lose their savings.
And on that test, considering the staggering size of online fraud, Europe has a serious problem.
