BuckleySandler hosted a webinar, Individual Liability: Financial Crimes Professionals in the Spotlight, on January 22, 2015 as part of its ongoing FinCrimes Webinar Series. Panelists included Polly Greenberg, Chief, Major Economic Crimes Bureau at the New York County District Attorney’s Office, Richard Small, Senior Vice President for Enterprise-Wide AML, Anti-Corruption and International Regulatory Compliance at American Express, and Michael Zeldin, Special Counsel at BuckleySandler. The following is a summary of the guided conversation moderated by Jamie Parkinson, Partner at BuckleySandler, and key take-aways you can implement in your company.
Best Practice Tips and Take-Aways:
- Be completely transparent with senior management and your board of directors when escalating issues and concerns. Document your requests for program enhancements and management responses.
- Assure yourself that your team is up to the task at hand, adequately resourced and knows that they can escalate anything that concerns them to compliance and/or senior management/the Board.
- When considering the quality of your compliance program, be sure that your program is tested internally by your compliance function, tested again by your organization’s internal audit team, and in addition is examined every few years by external counsel/consultant.
- If confronted with management unwillingness to commit adequate headcount and resources necessary to the compliance program, serious consideration has to be given to resigning and/or reporting these deficiencies.
Significant Actions and Regulatory Statements
Mr. Zeldin began the discussion by giving an overview of trends in enforcement actions in the last few decades, commenting that this topic has been simmering for a long time. In the Bank context, in the late 1980s a series of prosecutions against the Bank of New England, Shearson Lehman, and Bank Boston involved efforts to hold the institution as well as individuals liable. Largely, the government had success against the institutions on theories of collective knowledge and willful blindness but was less successful when prosecuting individuals.
In the brokerage context, the SEC has brought recent actions as part of the Compliance Program Initiative, including charges against compliance personnel when they were clearly responsible for the failure to adopt or implement adequate compliance programs. The SEC has signaled that it will take action against compliance officers if:
- They actively participated in misconduct;
- They helped mislead regulators; or
- They have clear responsibility to implement compliance programs or policies and wholly failed to carry out that responsibility.
Mr. Zeldin then identified recent enforcement actions taken against board members, including Pacific National Bank involving a failure to remedy deficiencies in that institution’s BSA program. In the Pacific National Bank case, the OCC levied individual fines against the bank’s chairman and three board members who served on its BSA compliance committee for failing to act in their official capacities to correct the failures.
Finally, Mr. Zeldin identified remarks made by three key regulators at the November 2013 ABA/ABA and the March 2014 ACAMS conferences. These speeches reflect clear statements with respect to the government’s intention to hold individuals personally liable when the facts warrant. The remarks were made by:
- Jim Cole (Deputy Attorney General, retired Jan. 8, 2015)
- Thomas Curry (Comptroller of the Currency)
- Jennifer Shasky Calvery (Director, FINCEN)
Mr. Small then gave an overview of two significant enforcement actions that involved individual liability. The first case, Brown Brothers Harriman, was brought by FINRA in early 2014 and arose from penny stock transactions executed by the firm through an omnibus brokerage account structure. While the case resulted in an $8 million fine for Brown Brothers, the firm’s Global AML Compliance Officer, Harold Crawford, was also the subject of the enforcement action and was fined $25,000 and barred from working in a compliance function for one month. Crawford’s personal liability was premised on his alleged failure to effectively monitor suspicious activity and to report it as required. Mr. Small pointed out that there were references in the case to an internal Brown Brothers’ memorandum that was developed by their compliance group that cited the increase in potentially suspicious activity and recommended stopping the trades and discontinuing the omnibus brokerage structure that had been used to carry out the transactions. This memo was written in November 2011, and was not acted upon prior to FINRA’s action. Mr. Small observed that the Brown Brothers case was the first time that action was taken against an AML compliance officer for failures in the AML compliance program at their company. He further observed that the case raises the question of what a compliance officer should do if they are raising issues, but not receiving resources from management to address those issues.
The second action Mr. Small discussed, MoneyGram, also involved individual liability for a compliance officer. There, FINCEN and DOJ took joint action against MoneyGram related to a significant number of transactions initiated by MoneyGram that were connected to various fraud schemes. FINCEN and DOJ alleged that MoneyGram received a significant number of complaints from consumers but took no action to address them. FINCEN issued a $1 million civil money penalty against Thomas Haider, who served as ManeyGram’s Chief Compliance Officer from 2003-2008. DOJ filed a complaint to enforce the penalty and also seeking to bar Haider from employment in the financial services industry.
When asked how this case might bear on the design of a Financial Crimes compliance program, Mr. Small commented that it was his personal opinion that this case could be read as counseling against integrating an institution’s BSA compliance function with other functions, such as fraud monitoring if the compliance officer lacks the expertise or full authority over the integrated areas. For example, Mr. Haider had responsibility for performing due diligence on agents, terminating agents, and identifying fraud, in addition to suspicious activity monitoring and SAR filing. The first two of these tasks were ones over which he may not have had full authority and as to the fraud area one in which he lacked the expertise to properly oversee. The panelists agreed that while an institution’s compliance function must have unfettered access to the institution’s data, it is important that the compliance function does not take on responsibilities outside of its area of expertise.
Theories of Individual Liability
Ms. Greenberg then discussed the different theories that can be used to find individual liability. She emphasized that the underlying basis of criminal liability is criminal knowledge and intent to do a particular act. Ms. Greenberg explained that it can be easier to find liability for a corporation due to the theory of collective knowledge. Under this theory, the knowledge of the corporation’s employees is imputed to the corporation, and the corporation is bound by this collective knowledge. So, while no single employee might possess sufficient knowledge to support individual liability, numerous individuals’ knowledge may be combined and imputed to the corporation and this collective knowledge may be sufficient to hold the corporation liable.
Ms. Greenberg also discussed the theory of willful blindness, which is primarily used under federal law. Under this theory, an individual has a subjective belief that there is a high probability that a fact exists but avoids learning whether the fact actually exists. Ms. Greenberg also pointed out that there is a similar concept under New York law called conscious avoidance.
Finally, Ms. Greenberg discussed the considerations taken into account in assessing whether it is appropriate to charge an individual in the corporate crimes context. Initially, authorities must consider whether there was criminal intent and whether that intent can be proven. They must also consider whether they can prove the level of knowledge required by the relevant statute, such as, knowingly, intentionally, or willfully. After deciding that there is probable cause to believe an individual had the required intent, Ms. Greenberg explained that the authority will then consider various factors in exercising prosecutorial discretion. In deciding whether to charge an individual in the corporate crime context, fairness is given much consideration. Ms. Greenberg observed that charging higher-level employees in this context may be more common than charging lower-level employees because higher-level employees bear more responsibility for the corporation and play a much larger role in influencing the corporate culture.
Considerations for Compliance Professionals
The panelists noted that it is very important for compliance professionals to have their areas of responsibility clearly defined, and to ensure that they have the control and expertise to manage these areas appropriately, as well as sufficient resources to carry out the compliance program effectively. Mr. Zeldin pointed out that the areas most often associated with institutional and individual liability include:
- Failures in the culture of compliance within the organizations;
- Inadequate resources committed to BSA compliance;
- Weaknesses in the organization’s technology and transaction monitoring processes; and
- Inadequacies in the quality of risk management.
Mr. Small stressed the importance of being transparent with senior management and the board of directors when faced with a lack of resources, commenting that it is important to discuss the issue, listen to any proposed alternatives, and take a stance on what the best solution is. The panelists stressed the importance of documenting your requests and the responses and agreed that such documentation can be important to enforcement authorities in deciding whether to charge individuals. The panelists agreed that the trend towards increased individual liability could result in increased SAR filings. Mr. Zeldin suggested that it may be safer to file a SAR when in doubt but defensive SAR filing should be avoided if possible. He noted too that it is very important to thoroughly document decisions not to file.TAGS: Anti-Money Laundering, Bank Secrecy Act, Financial Crimes, SEC