InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
$368 million penalty assessed against California branch for BSA/AML deficiencies
On February 7, the OCC and DOJ announced settlements with a Netherlands-based lender’s California branch, in which the branch pled guilty to one count of conspiracy to defraud the U.S. Government for impeding and obstructing a 2012 OCC examination when it concealed deficiencies in its Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs. According to the DOJ’s press release, the branch will pay over $368 million as a result of allowing “hundreds of millions of dollars in untraceable cash, sourced from Mexico and elsewhere, to be deposited into its rural bank branches” without conducting adequate BSA/AML review, and for conspiring with several former executives to hide information from OCC officials during the 2012 examination. Among other things, the plea agreement states that the branch “created and implemented a number of policies and procedures that prevented adequate investigations into suspicious customer activity,” which included (i) creating a “Verified List” of customers whose transactions needed no further review even if there was a change in the customer’s activity from when it was verified; and (ii) instructing BSA/AML staff to “aggressively increase the number of bank accounts on the Verified List.” Further, the branch admitted it failed to both monitor and conduct adequate investigations into these transactions and submit suspicious activity reports to the Financial Crimes Enforcement Network, as required by the BSA. Additionally, in an effort to conceal deficiencies in its BSA/AML program, the branch demoted or terminated two employees who risked “contradicting” the branch’s findings. Two months before the branch's guilty plea, a former executive entered into a deferred prosecution agreement for his role in the misconduct, and agreed to cooperate with the DOJ's continuing investigation.
As part of the plea agreement, the OCC announced it had terminated a December 2013 consent order entered into with the branch over its BSA/AML failures and stated, “the OCC has determined that the bank has implemented all of the corrective actions required by the 2013 consent order and has achieved compliance with the requirements set forth in that order.” On February 6, the branch agreed to pay $50 million civil money penalty to the OCC, which will be credited towards the overall amount assessed by the DOJ.
SEC exams to focus on ICOs, cybersecurity, and AML programs
On February 7, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its 2018 Examination Priorities, which includes cryptocurrency and Initial Coin Offerings (ICOs) for the first time. According to the document, the OCIE’s 2018 priorities reflect “certain practices, products, and services that OCIE believes may present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.” The document highlights five themes:
- Retail Investors. Among other retail investor priorities, OCIE states it will focus on high-risk products, including cryptocurrency and ICO markets due to their rapid growth. Exams in this area will review whether there are adequate controls and safeguards to protect against theft and whether appropriate disclosures about the risks associated with the investments are given to investors.
- Compliance and Risks in Critical Market Infrastructure. OCIE will look at important participants in the market structure, including clearing agencies, national securities exchanges, transfer agents, and entities under Regulation SCI.
- Review of Other Regulatory Bodies. OCIE intends to review the operations and controls of the Financial Industry Regulatory Authority (FINRA) and the Municipal Securities Rulemaking Board (MSRB).
- Cybersecurity. OCIE notes that the scope and severity of cybersecurity risks have increased dramatically. According to the document, examinations will continue to focus on, among other things, data loss prevention, governance and risk assessment, and vendor management.
- AML Programs. Anti-money laundering (AML) program examinations will focus on whether the regulated entities are “appropriately adapting their AML programs to address their obligations.” More specifically, OCIE will look at whether entities are filing accurate Suspicious Activity Reports (SARs) and performing appropriate customer due diligence reviews.
SFO confirms opening of criminal investigation into aerospace and defense group
On January 18, the Serious Fraud Office (“SFO”) confirmed the opening of an investigation of an aerospace and defense group and its subsidiary into alleged bribery, corruption, and money laundering. The UK-based company that designs and makes products in the aerospace and defense industries, stated that the investigation followed a voluntary report from the subsidiary relating to “two specific historic contracts.” According to the company, the first of these contracts was awarded before the company took over the business group being investigated, while the second contract occurred after the acquisition. The company stated that they will fully cooperate with the SFO’s investigation and provide further updates.
OCC announces recent enforcement actions and terminations, BSA/AML deficiencies targeted
On January 19, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such parties. The new enforcement actions include civil money penalty orders, cease and desist orders, prompt corrective action directives, and removal/prohibition orders. The list also includes recently terminated enforcement actions.
Civil Monetary Penalty. On December 27, the OCC issued a consent order (2017 Order) against a national bank’s South Dakota branch for violating a 2012 OCC issued consent order (2012 Order) related to deficiencies identified in the agency’s Bank Secrecy Act and anti-money laundering (BSA/AML) rules and regulations. According to the 2017 Order, the branch failed to timely comply with the 2012 Order, which required the branch to, among other things, (i) establish a Compliance Committee to oversee the branch’s adherence to the outlined provisions; (ii) submit, implement, and maintain an effective BSA/AML action plan; (iii) ensure the effective implementation of policies and procedures, which would fulfill BSA/AML and Office of Foreign Assets Control obligations; (iv) conduct a BSA/AML compliance program evaluation, risk assessment, and audit program; (v) develop appropriate customer due diligence policies and procedures, along with programs to ensure the timely identification and reporting of suspicious activity; (vi) develop practices governing the use of cash letter services and remote deposit capture; and (vii) conduct independent reviews of account and transaction activity. As a result, the 2017 Order requires the branch to pay a $70 million civil money penalty for failing to comply with the 2012 Order. The bank, while agreeing to the terms of the consent order, has not admitted or denied any wrongdoing.
Judge denies bail to former Hong Kong official, who pleads not guilty to alleged African bribery
A former Hong Kong official, reportedly entered a not guilty plea and was denied bail in federal district court in New York related to a number of FCPA, conspiracy, and money laundering counts. He was charged in late 2017, along with his co-defendant, the former Foreign Minister of Senegal, with offering $2 million in bribes to the President of Chad. The former official is also alleged to have paid a half-million dollar bribe to the foreign affairs minister of Uganda. The DOJ alleges that he sought to direct bribe money through an NGO that he ran, which is funded by a Chinese-based oil and gas company.
The prosecution of the former official is noteworthy because the DOJ is seeking to prosecute a non-U.S. citizen for alleged bribery between Chinese and African interests.
Federal Reserve fines Taiwanese bank $29 million for anti-money laundering compliance deficiencies
On January 17, the Federal Reserve Board (Fed) ordered a Taiwanese bank to pay a $29 million penalty in connection with alleged Bank Secrecy Act and anti-money laundering (BSA/AML) violations. According to the Fed’s Order, examinations conducted in 2016 identified “significant deficiencies” in three of the bank’s U.S. branches’ BSA/AML compliance and risk management controls. In addition to assessing a penalty, the Order required the bank and its New York, Chicago, and San Jose branches to, among other things, (i) submit a written plan from the board of directors for improving senior management oversight, including building a sustainable governance framework for BSA/AML compliance; (ii) submit compliance plans for enhanced internal controls, independent testing, risk assessment, and employee training; (iii) submit a revised program designed to conduct customer due diligence; (iv) ensure timely, accurate, and complete suspicious activity monitoring and reporting; (v) engage an independent third-party to review the identification and reporting of suspicious activity “involving high risk customers or transactions”; (vi) comply with Office of Foreign Assets Control regulations; and (vii) submit periodic progress reports to the branches’ applicable Federal Reserve Banks detailing actions taken to comply with the provisions of the order.
Senate Banking Committee: The impact of cryptocurrency in AML/BSA enforcement
On January 17, the Senate Committee on Banking, Housing, and Urban Affairs held a second hearing with witnesses from the Treasury and Justice departments to further address the need to modernize and reform the Bank Secrecy Act and anti-money laundering (BSA/AML) regime. The hearing, entitled “Combating Money Laundering and Other Forms of Illicit Finance: Administration Perspectives on Reforming and Strengthening BSA Enforcement,” follows a January 9 hearing before the same Committee on related issues (see previous InfoBytes coverage here). Committee Chairman Mike Crapo, R-Idaho, opened the hearing by stating the need to understand the government’s position on “strengthening enforcement and protecting the integrity of the U.S. financial system in a new technological era,” while also recognizing the challenges technology creates for law enforcement. A primary topic of interest to the Committee was “the rise of cryptocurrencies and their potential to facilitate sanctions evasion and perhaps, other crimes.”
The first witness, Treasury’s undersecretary for terrorism and financial crimes, Sigal Mandelker (testimony), noted that money laundering related to cryptocurrencies is “an area of high focus” for Treasury, and highlighted actions taken by Treasury’s Financial Crimes Enforcement Network (FinCEN), such as the release of guidance announcing that “virtual currency exchangers and administrators” are subject to regulations under the BSA. Regulated entities, Mandelker stated, are required to file suspicious activity reports (SARs) and are subject to FinCEN and IRS examinations and enforcement actions. Mandelker further commented that Treasury is “aggressively tackling” illicit financing entering the U.S. system and elsewhere, and stressed that other countries face consequences if they fail to have an AML/Combating the Financing of Terrorism regime that meets Treasury standards.
The second witness, DOJ acting deputy assistant attorney general M. Kendall Day (testimony), informed the Committee of the recent hiring of a digital currency counsel who is responsible for ensuring prosecutors are up-to-date on the latest money-laundering threats in the digital currency field. Day also commented on recent DOJ prosecutions in this space, and emphasized the need for enhanced information sharing for law enforcement, including the benefit of deriving information from SARs.
OCC highlights supervisory priorities in fall 2017 semiannual risk report
On January 18, the OCC announced the release of its Semiannual Risk Perspective for Fall 2017, identifying key risk areas for national banks and federal savings associations. Top supervisory priorities will focus on credit, operational, and compliance risk. As previously discussed in the spring 2017 semiannual report, compliance risk continues to be an ongoing concern, particularly as banks continue to adopt new technologies to help them comply with anti-money laundering rules and the Bank Secrecy Act (BSA), in addition to addressing increased cybersecurity challenges and new consumer protection laws. (See previous InfoBytes coverage here.) The OCC commented that these types of risks can be mitigated by banks with “appropriate due diligence and ongoing oversight.”
Specific areas of particular concern include the following:
- easing of commercial credit underwriting practices;
- increasing complexity and severity of cybersecurity threats, including phishing scams that are the primary method of breaching bank data systems;
- using limited third-party service providers for critical operations, which can create “concentrated points of failure resulting in systemic risk to the financial services sector”;
- compliance challenges under the BSA; and
- challenges in risk management involving consumer compliance regulations.
The report also raises concerns about new requirements under the Military Lending Act along with pending changes to data collection under the Home Mortgage Disclosure Act, which could pose compliance challenges. It further discusses a new standard taking effect in 2020 for measuring expected credit losses, which “may pose operational and strategic risk to some banks when measuring and assessing the collectability of financial assets.”
The data relied on in the report was effective as of June 30, 2017.
Senate Banking Committee: Sharpen the focus of AML/BSA enforcement and oversight
On January 9, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled, “Combating Money Laundering and Other Forms of Illicit Finance: Opportunities to Reform and Strengthen BSA Enforcement” to discuss anti-money laundering and Bank Secrecy Act (AML/BSA) enforcement and compliance. Committee Chairman Mike Crapo (R-Idaho) opened the hearing by stating that Congress and financial regulators must examine and address “decades-old” Bank Secrecy Act and anti-money laundering requirements in order “to sharpen the focus, sustainability and enforcement of a modernized, more efficient U.S. counter-threat-finance architecture.” During the hearing, the Committee stressed the need to move towards a more targeted, strengthened AML framework so that banks, law enforcement, and regulators can focus on specific threats such as the financing of terrorism and sanctions evasions.
The three witnesses offered numerous insights related to reforming AML/BSA enforcement and regulatory structures, including: (i) establishing an approach that would utilize and track intelligence and analysis rather than focusing primarily on quantifiable metrics; (ii) increasing inter-agency coordination and improving information sharing between financial institutions and regulators, and among financial institutions themselves; (iii) recognizing the importance of law enforcement participation, specifically related to the sharing of suspicious activity reports; (iv) encouraging the participation of entities outside of the banking sector, such as persons involved in real estate or those acting as proxies for financial system access; (v) supporting beneficial ownership legislation for companies formed in the United States; and (v) understanding the ways in which financial institutions are addressing the anonymity of cryptocurrencies and blockchain technology. The witnesses were:
FINRA releases 2018 regulatory and examinations priorities letter
On January 8, the Financial Industry Regulatory Authority (FINRA) published its Annual Regulatory and Examination Priorities Letter (2018 Letter), which focused on several broad issues within the securities industry, including improving the examination program to “implement a risk-based framework designed to better align examination resources to the risk profile of [] member firms.” As previously covered in InfoBytes, last July FINRA360 (a comprehensive self-evaluation and organizational improvement initiative) prompted the organization to announce plans currently underway to enhance operations by consolidating its existing enforcement teams into a single unit. In the 2018 Letter, FINRA announced ongoing efforts to work with member firms to understand the risks and benefits of fintech innovation such as blockchain technology, as well as the impact initial coin offerings (ICOs) and digital currencies have on broker-dealers.
Additional areas of regulatory and examination focus for FINRA in 2018 will include: (i) fraudulent activities and suspicious activity report filing requirements; (ii) business continuity planning; (iii) protection and verification of customer assets, including whether firms have implemented adequate controls and supervision methods along with measuring the effectiveness of cybersecurity programs; (iv) anti-money laundering monitoring and surveillance resources and policies and procedures; and (v) the role firms and other registered representatives play when effecting transactions in cryptocurrencies and ICOs—specifically with regard to the supervisory, compliance and operational infrastructure firms implement to “ensure compliance with relevant federal securities laws and regulations and FINRA rules.”