On March 10, the DOJ announced a $4.9 million civil and criminal settlement with a California-based bank. The bank admitted to the DOJ’s allegations that, from December 2011 through July 2013, it ignored warning signs indicating that its third party processor was defrauding hundreds of thousands of consumers by allowing fraudulent merchants to withdraw money from customers’ accounts without consent. The bank chose to ignore the complaints and inquiries it received regarding the third party processor’s activity, failing to terminate its affiliation with the entity or file a Suspicious Activity Report. The DOJ’s complaint alleges that the bank violated FIRREA; the $4.9 million settlement will cover both the criminal and civil charges, however under an agreed deferred prosecution agreement, criminal charges will be deferred for two years contingent upon the bank admitting to wrongdoing and giving up claims to approximately $2.9 million from accounts seized by the government.
FinCEN Assesses $75,000 Penalty Against Check Casher Business for Violating Anti-Money Laundering Laws
On March 18, the Financial Crimes Enforcement Network (FinCEN) assessed a $75,000 civil money penalty against a Colorado check casher and its general manager and ordered it to cease all business activities for “willfully violating” registration, reporting, and anti-money laundering provisions of the Bank Secrecy Act (BSA). The Colorado-based check casher had been the subject of three BSA compliance examinations by the Internal Revenue Service, “all of which found significant and repeated violations.” Under the BSA, money services business are required to implement anti-money laundering controls, conduct internal compliance reviews, and provide compliance training for all staff in an effort to prevent the facilitation of money laundering and the financing of terrorist activities. The Colorado check casher failed to employ such programs, which resulted in a significant amount of untimely and inaccurate currency transaction reports.
On March 12, the New York DFS issued a consent order against a Germany-based global bank for alleged Bank Secrecy Act and other anti-money laundering (BSA/AML) compliance violations that occurred between 2002 and 2008. According to the DFS’s press release, certain bank employees were selected “to manually process Iranian transactions — specifically, to strip from SWIFT payment messages any identifying information that could trigger OFAC-related controls and possibly lead to delay or outright rejection of the transaction in the United States.” The DFS also alleges that the bank’s New York branch failed to implement proper BSA/AML compliance thresholds, allowing certain alerts regarding suspicious transactions to be excluded. Under the terms of the consent order, the bank must pay a $1.45 billion penalty, to be distributed as follows: $610 million to the DFS; $300 million to the U.S. Attorney’s Office for the Southern District of New York; $200 million to the Federal Reserve; $172 million to the Manhattan District Attorney’s Office; and $172 million to the U.S. DOJ. Additionally, the order requires that the bank “terminate individual employees who engaged in misconduct, and install an independent monitor for Banking Law violations in connection with transactions on behalf of Iran, Sudan, and a Japanese corporation that engaged in accounting fraud.”
On March 2, OCC Comptroller Curry delivered remarks before the Institute of International Bankers regarding BSA/AML compliance obligations for financial institutions. During his remarks, Comptroller Curry emphasized that a top priority for the OCC has been to strengthen BSA/AML compliance at its supervised institutions. In this regard, the OCC has (i) modified its bank examination process so that BSA deficiencies receive proper emphasis in the evaluation of safety and soundness; (ii) focused on the BSA/AML risks posed by third-party relationships; (iii) required that institutions adequately resource their BSA/AML compliance programs; (iv) required institutions to assign accountability for BSA/AML compliance across all business lines presenting BSA/AML risk; and (v) taken enforcement action to enforce BSA/AML compliance when appropriate. Through his remarks, Comptroller Curry also addressed the need to improve the BSA/AML regulatory framework itself. Specifically, Comptroller Curry indicated that the OCC wanted (i) to streamline the SAR reporting process, (ii) to find better ways to use technology to advance BSA/AML goals, and (iii) to increase information sharing by creating safe harbors from civil liability both for financial institutions that file SARs and for financial institutions that share information about financial crimes with each other.
On February 27, FinCEN announced a $1.5 million civil money penalty against a Pennsylvania-based community bank for violating the BSA. Of that amount, $500,000 will go to the OCC, the bank’s primary regulator, for BSA violations. According to FinCEN, the bank admitted failing to file suspicious activity reports on transactions involving a former state judge who received over $2.6 million in personal payments in connection with a judicial scheme involving the construction, operation, and expansion of juvenile detention centers.
BuckleySandler hosted a webinar, Individual Liability: Financial Crimes Professionals in the Spotlight, on January 22, 2015 as part of its ongoing FinCrimes Webinar Series. Panelists included Polly Greenberg, Chief, Major Economic Crimes Bureau at the New York County District Attorney’s Office, Richard Small, Senior Vice President for Enterprise-Wide AML, Anti-Corruption and International Regulatory Compliance at American Express, and Michael Zeldin, Special Counsel at BuckleySandler. The following is a summary of the guided conversation moderated by Jamie Parkinson, Partner at BuckleySandler, and key take-aways you can implement in your company.
Best Practice Tips and Take-Aways:
- Be completely transparent with senior management and your board of directors when escalating issues and concerns. Document your requests for program enhancements and management responses.
- Assure yourself that your team is up to the task at hand, adequately resourced and knows that they can escalate anything that concerns them to compliance and/or senior management/the Board.
- When considering the quality of your compliance program, be sure that your program is tested internally by your compliance function, tested again by your organization’s internal audit team, and in addition is examined every few years by external counsel/consultant.
- If confronted with management unwillingness to commit adequate headcount and resources necessary to the compliance program, serious consideration has to be given to resigning and/or reporting these deficiencies.
On January 27, FinCEN fined a New York securities broker-dealer firm $20 million for violating the BSA. According to the press release, the firm failed to (i) establish an adequate anti-money laundering program; (ii) conduct proper due diligence on a foreign correspondent account; and (iii) comply with Section 311 of the USA Patriot Act. These failures resulted in customers engaging in suspicious trading, including prohibited third-party activity and illegal penny stock trading, without it being detected or reported. The firm must pay $10 million of the $20 million penalty to the US Department of the Treasury. The remaining $10 million will be paid to the SEC to settle a parallel enforcement action.
Recently, FinCEN announced a $1 million civil money penalty against the former Chief Compliance Officer (CCO) of a large financial services company for allegedly violating the Bank Secrecy Act (BSA) and its implementing regulations. In its complaint, FinCEN alleges that the CCO, from 2003 through 2008, failed to implement and maintain an effective AML program and file timely Suspicious Activity Reports as required by the BSA. As a result, the company’s money transfer system was used to carry out fraudulent activities causing customers to incur substantial losses. In addition to the penalty, FinCEN is seeking to prohibit the former CCO from participating, directly or indirectly, in the affairs of any financial institution.
On December 24, a Maryland-based bank entered into an FDIC consent order involving alleged deficiencies in its BSA/AML compliance program. The consent order requires that the bank’s board of directors increase its oversight of the bank’s BSA compliance program. In addition, under the consent order, the bank must (i) appoint a qualified BSA officer and (ii) conduct a retrospective review of currency transaction reports beginning in May 2013 until the effective date of the consent order to determine whether transactions were properly identified and reported.
On December 2, the FFIEC announced the release of its revised BSA/AML examination manual. The updated revisions address supervisory expectations and include regulatory changes since the manual’s last publication in 2010. Significantly modified sections of the examination include (i) Suspicious Activity Reporting, (ii) Currency Transaction Reporting, (iii) Foreign Bank and Financial Accounts Reporting, and (iv) Third-Party Payment Processors. The manual is available on the FFIEC BSA/AML InfoBase.
On November 25, FinCEN fined a small Florida-based credit union $300,000 in civil monetary penalties for violating the Bank Secrecy Act (BSA). From 2009 through 2014, FinCEN charged that, among other deficiencies within its anti-money laundering program, the credit union lacked proper internal controls and failed to designate a BSA compliance officer to monitor suspicious transactions. The credit union admitted that it violated Section 314(a) of the USA PATRIOT ACT, which requires financial institutions to search their records of accounts and transactions of individuals who may be involved in money laundering or terrorist financing activities. The credit union, with assets of $4 million and five employees, contracted with a third party vendor to provide services and subaccounts to 56 money services businesses located in Central America, Middle East, and Mexico. FinCEN stated that 90% of the credit union’s annual revenue was generated from these accounts.
On November 10, FinCEN released a statement to reiterate that banking organizations can serve Money Services Businesses (MSB) while meeting obligations under the Bank Secrecy Act. FinCEN noted that there is concern that banks may be terminating the accounts of MSBs on a wholesale basis because of potential regulatory scrutiny and that as a result MSBs are losing access to banking services. FinCEN stated that they do “not support the wholesale termination of MSB accounts without regard to the risks presented or the bank’s ability to manage the risk.” Rather, the risks presented by a given MSB can vary and, therefore, financial institutions should assess the risks on a case-by-case basis. FinCEN expects that banking organizations will manage the risks associated with MSB accounts and are committed to addressing the “wholesale de-banking of an important part of the financial system.”
On October 27, FinCEN issued two administrative rulings to companies seeking guidance on whether they must register as MSBs and be subject to the required reporting, recordkeeping, and monitoring obligations. In its first letter, a company queried whether its plans to set up a virtual currency trading and booking platform, similar to a traditional securities or commodities exchange, would make it subject to FinCEN regulations. FinCEN responded that the proposed virtual trading platform would be classified as an MSB. As a result, the company would have to register as an MSB as defined under the BSA. In its second ruling, a company asked whether a bitcoin payment system would be subject to the agency’s regulations. The payment system would accept customers’ credit card payments and transfer the payments to merchants in the form of bitcoin. FinCEN ruled that if the company sets up the payment system, the company would be classified as a money transmitter, and subject to BSA regulations, because “it engages as a business in accepting and converting the customers’ real currency into virtual currency for transmission to the merchant.”
BuckleySandler hosted a webinar entitled “FinCEN’s Proposed Rule Amending Customer Due Diligence Obligations,” on September 18, 2014, as part of the ongoing FinCrimes Webinar Series. Panelists included James Cummans, Vice President of BSA/AML Operations at TCF Bank; Jacqueline Seeman, Managing Director and Global Head of KYC at Citigroup, Inc.; Sarah K. Runge, Director, Office of Strategic Policy at the U.S. Department of Treasury; and, Amy Davine Kim, Counsel at BuckleySandler LLP. The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways to prepare for comments to the proposed rule and implementation of the new rule, once final, at your financial institution.
Key Tips and Take-Aways:
- Assess and prepare your organization’s financial and personnel resources to make sure that the appropriate resources are in place to comply with the proposed rule once it is finalized. Certain technical aspects of implementation may be complicated depending on the financial institutions’ existing processes.
- Boards of Directors should participate in and be informed of the process.
- Institutions that are exempt from the rule, including money services businesses (“MSBs”), should also consider how this rule would affect their operations. FinCEN has announced that this is an incremental rule making, meaning the rule could extend to additional entities in the future.
- Covered financial institutions should consider the implications and compliance issues associated with the proposed rule and actively engage in the comment period. It is clear that FinCEN took certain industry concerns into account from the earlier Advance Notice of Proposed Rulemaking (“ANPRM”), so any potential issues should again be raised.
On August 4, 2014, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) published a Notice of Proposed Rulemaking (“NPRM”) that would amend existing Bank Secrecy Act (“BSA”) regulations intended to clarify and strengthen customer due diligence (“CDD”) obligations for banks, securities broker-dealers, mutual funds, and futures commission merchants and introducing brokers in commodities (collectively, “covered financial institutions”).
In drafting the modifications, FinCEN clearly took into consideration comments responding to its February 2012 Advance Notice of Proposed Rulemaking (“ANPRM”), as the current proposal appears narrower and somewhat less burdensome on financial institutions. Comments on the proposed rulemaking are due October 3, 2014.
Overview: Under the NPRM, covered financial institutions would be obligated to collect information on the natural persons behind legal entity customers (beneficial owners) and the proposed rule would make CDD an explicit requirement. If adopted the NPRM would amend FinCEN’s AML program rule (the four pillars) by making CDD a fifth pillar.