InfoBytes
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FDIC Announces New Regulatory Actions Against Florida-based Bank
On December 30, the FDIC announced new regulatory actions against a Florida-based bank. Along with the Florida Office of Financial Regulation, the FDIC issued a new Consent Order against the $121.5 million-asset bank, based on allegations that the bank had engaged in “unsafe or unsound” banking practices, or practices which constituted a violation of law or regulation in the following areas: (i) weakness in asset quality, (ii) capital adequacy, earnings, (iii) management effectiveness, (iv) liquidity, (v) sensitivity to market risk, and (vi) compliance with the Bank Secrecy Act (BSA).
Among other things, the Order notes that the bank currently falls short of FDIC requirements for qualifying as “well capitalized,” qualifying merely as “adequately capitalized,” and therefore must boost its capital levels or face continued restrictions on its operations. The Order also states that the bank—which consented to the Order without admitting or denying the charges—now has 120 days to meet its capital requirements and 60 days to submit a capital plan to both: (i) achieve and maintain the capital requirements; and (ii) provide for a contingency plan to sell or merge the bank.
FINRA Fines Brokerage Firm $5.75M for Lax Anti-Money Laundering Program
On December 28, FINRA entered into an acceptance, waiver, and consent (AWC) agreement with a Puerto-Rican-based brokerage firm based upon allegations that the firm’s anti-money laundering (AML) program “was not reasonably designed to achieve and monitor compliance with the requirements of the Bank Secrecy Act.” In deciding to levy a $5.75 million fine, FINRA noted, among other things, that the firm improperly “relied on manual supervisory review of securities transactions” that was “not sufficiently focused on AML risks.” The firm neither admitted nor denied the findings set forth in the AWC agreement, but agreed to address deficiencies in their AML program within 180 days. According to a firm spokeswoman, the firm is “pleased to have this matter from 2013 resolved and we continue to improve, manage and monitor our AML efforts.”
FinCEN Issues Guidance on Sharing Suspicious Activity Reports with U.S. Parents and Affiliates of Casinos
On January 4, the Financial Crimes Enforcement Network (FinCEN) issued guidance to “confirm that, under the Bank Secrecy Act (BSA) and its implementing regulations, a casino that has filed a Suspicious Activity Report (SAR) may share the SAR, or any information that would reveal the existence of the SAR, with each office or other place of business located within the United States of either the casino itself or a parent or affiliate of the casino.” As explained in the guidance, FinCEN expects that the anti-money laundering efforts of the casino’s affiliates could be enhanced by virtue of their access to a clearer and more comprehensive picture of the activities the casino has identified as suspicious. The guidance also specified that casinos may not share SARs or information that would reveal the existence of a SAR with non-U.S. offices or affiliates, individuals or entities within the casino’s corporate famile that perform functions unrelated to gaming, a financial institution without an independent SAR obligation, or unaffialited money services businesses located within the casino. Finally, the guidance specified that a domestic affiliate that receives a SAR or revealing information from a casino may not further share that SAR with an affiliate of its own.
Two Additional Businessmen Plead Guilty in Venezuelan Oil Company Scheme
On January 10, it was announced that two additional defendants, owners of Florida and Texas-based energy companies, had pleaded guilty to foreign bribery charges related to a scheme to corruptly secure energy contracts from Venezuela’s state-owned oil company.
According to admissions contained here and here, they conspired with other previously charged defendants from 2008 through 2012 to pay bribes and other things of value, including recreational travel, meals, and entertainment to the company’s officials to obtain energy contracts or receive payment for previously awarded contracts. Some of the bribes were paid to the company’s official’s relative to conceal the nature, source, and ownership of the bribe.
In total, eight individuals have now pleaded guilty in cases related to the government’s investigation into bribery at the company. The government’s investigation is ongoing. Previous FCPA Scorecard coverage on the company’s investigations can be found here.
Four Individuals Face FCPA Charges Related to Vietnam Project
On January 10, the DOJ announced the unsealing of an indictment charging four individuals, including the nephew and brother of former UN Secretary-General with violations of the FCPA and other offenses in connection with the attempted $800 million sale of a commercial building known as Landmark 72 in Hanoi, Vietnam. According to the government, the brother and nephew conspired to bribe a governmental official of an unnamed Middle Eastern country to get his country to purchase the building from a Korea-based company, where the brother was then a senior executive. To facilitate the sale of Landmark 72, the Korea-based company hired the nephew to secure an investor for the deal.
According to the allegations, the brother and nephew agreed to pay the foreign official $500,000 initially, and $2 million upon completion of the sale, through the co-defendant, who had falsely held himself out as an agent of the foreign official; the fourth individual allegedly assisted in obtaining the initial $500,000. In a twist, according to the DOJ, the co-defendant then stole the money and used it for personal expenses instead of paying any bribes. After the Landmark 72 deal failed to go through, the nephew allegedly lied and provided forged emails from the foreign official and other documents to the Korea-based company regarding the status of the deal and stole approximately $225,000 that was advanced by the Korea-based company to cover brokerage expenses.
American Multinational Food Company and British Multinational Confectionery Company Settle FCPA Charges with SEC for $13 Million Related to India Chocolate Factory
On January 6, the British company and the American multinational food company, agreed to pay $13 million to settle the SEC’s allegations related to an agent’s interactions with Indian officials regarding a chocolate factory in India. The charges relate to payments made by the British company’s India unit in 2010 to a local agent who provided consultation services and dealt with Indian governmental officials to obtain clearances and licenses to increase production at the British company’s Baddi plant. The SEC alleged, and both companies neither admitted nor denied, that the British company violated the books and records and internal controls provisions of the FCPA.
According to the SEC, the British company failed to perform appropriate due diligence on the agent and to monitor the agent’s actions, creating a risk that payments could be used for improper purposes. While the agent submitted invoices claiming that he prepared various license applications, the SEC claimed that these license applications were actually prepared by the British company’s other employees. The SEC noted in its decision that the American company had completed its own internal investigation that led to the British company ending its relationship with the agent and that the American company both cooperated with the SEC’s investigation and undertook “extensive remedial actions with respect to [the British company].”
FTC Hosts Its Second Annual PrivacyCon Event
On January 12, the FTC hosted its second annual “PrivacyCon”—a public forum promoted by the regulator in order to “expand collaboration among leaders from academia, research, consumer advocacy, and industry on the privacy and security implications of emerging technologies.” Throughout the day, speaker panels presented research and opened the floor to discussions addressing five major topic areas: (i) the Internet of Things (IoT) and big data; (ii) mobile privacy; (iii) consumer privacy expectations; (iv) online behavioral advertising; and (v) information security. Among other things, panelists discussed the possibility of using machine learning to automatically block or permit user tracking and information collection by applications and websites based on the user’s past practices. Many panelists also examined data “leakage” from devices and the possible privacy and security issues that are raised by such leakage.
A full version of the agenda, including links to abstracts of the research being presented, as well as a video recording of the event, is available online. Additional research not present but submitted without a request for confidential treatment is also available here.
FTC Files Complaint Against Device Maker Concerning Alleged Failures to Reasonably Secure Routers and Internet Protocol (IP) Cameras
On January 5, the FTC announced that it was initiating and enforcement action against a Taiwanese computer networking equipment manufacturer and its U.S. subsidiary. In a complaint filed with the Northern District of California, the FTC charged that the device-manufacturer failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras. Specifically, the FTC alleged that hackers could exploit these vulnerabilities using any of several “simple methods.”
According to its press release, the complaint filed today is part of broader FTC’s efforts to protect consumers’ privacy and security in the “Internet of Things” (IoT), which includes cases the agency has brought against a computer hardware manufacturer, and a marketer of video cameras. In a statement, Jessica Rich, director of the FTC’s Bureau of Consumer Protection, explained “[h]ackers are increasingly targeting consumer routers and IP cameras -- and the consequences for consumers can include device compromise and exposure of their sensitive personal information.” Accordingly, Ms. Rich explained further, “[w]hen manufacturers tell consumers that their equipment is secure, it’s critical that they take the necessary steps to make sure that’s true.” The FTC has provided guidance to IoT companies on how to preserve privacy and security in their products while still innovating and growing IoT technology.
House Democrats Defend CFPB Director in Response to GOP Letter Demanding His Dismissal
On January 10, Rep. Maxine Waters, the top Democrat on the House Financial Services Committee, and 20 Democratic panel members sent a letter to President-elect Donald Trump urging him to reject calls by Republicans to fire CFPB Director Richard Cordray. Among other things, the letter argues against “entering into a protracted – and likely unsuccessful – legal battle to oust” Director Cordray before his term expires in July 2018. Specifically, the letter “caution[s]” the President-Elect “not to engage in partisan litigation, particularly since it is likely to be unsuccessful and will needlessly divert government resources away from other important priorities.” The lawmakers contend further that removing the CFPB Director "for cause” would be an "extraordinary remedy” that is “without historical precedent,” and which “must be subjected to enhanced congressional, judicial, and public scrutiny.”
As previously covered by InfoBytes, a majority of a panel of U.S. Circuit Court for District of Columbia concluded in October 2016 that the CFPB’s governance structure was unconstitutional, and, as a corrective measure, authorized the President to fire the Bureau’s sole Director at will—a ruling for which the Bureau now seeks rehearing en banc.
Two GOP Senators Urge Incoming Administration to Remove Director Cordray
On January 9, two GOP lawmakers sent a letter to Vice President-elect Mike Pence urging the incoming administration to remove CFPB Director Richard Cordray “promptly after [President Trump’s] inauguration.” Stating that “[i]t’s time to fire King Richard,” Sen. Ben Sasse, a member of the Senate Banking Committee, and Sen. Mike Lee cited the D.C. Circuit’s October 2016 decision in CFPB v. PHH to argue that, once in office, President Trump has the constitutional authority to remove Director Cordray immediately. In pushing for Director Cordray’s ouster, the Senators noted, among other things, the CFPB’s decision to move ahead in the lame-duck session with regulations of arbitration clauses and payday loans, which they consider costly and “radically opposed to the Trump administration’s pro-growth agenda.”
As previously covered by InfoBytes, a majority of a panel of U.S. Circuit Court for District of Columbia concluded in October 2016 that the CFPB’s governance structure was unconstitutional, and, as a corrective measure, authorized the President to fire the Bureau’s sole Director at will—a ruling for which the Bureau now seeks rehearing en banc. In addressing this pending appeal, the Senators’ January 9 letter suggests in a footnote that, if the rehearing moves forward, the Justice Department should refrain from defending the CFPB.