Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 30, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in October. Included among the actions is an order to pay a civil money penalty of $9,600 issued against a Louisiana-based bank for alleged violations of the Flood Disaster Protection Act in connection with alleged failures to obtain flood insurance coverage on loans at or before origination or renewal.
Consent orders were also issued against three separate banks related to alleged weaknesses in their Bank Secrecy Act (BSA) and/or BSA/anti-money laundering (BSA/AML) compliance programs. (See orders here, here, and here.) Among other things, the banks are ordered to: (i) implement comprehensive written BSA/AML compliance programs, which include revising BSA risk assessment policies, developing a system of BSA internal controls, and enhancing suspicious activity monitoring and reporting and customer due diligence procedures; (ii) conduct independent testing; and (iii) implement effective BSA training programs. The FDIC further requires the Florida and New Jersey-based banks to conduct suspicious activity reporting look-back reviews.
In addition, a Kentucky-based bank was ordered to pay a civil money of $300,000 for allegedly violating TILA by “failing to clearly and conspicuously disclose required information related to the [b]ank’s Elastic line of credit product” and Section 5 of the FTC ACT by “using a processing order for certain deposit account transactions contrary to the processing orders disclosed in the [b]ank’s deposit account disclosures.”
There are no administrative hearings scheduled for December 2018. The FDIC database containing all 17 enforcement decisions and orders may be accessed here.
OCC announces enforcement action against bank for previously identified BSA/AML compliance deficiencies
On October 23, the OCC issued a consent order assessing a civil money penalty (CMP) against a national bank for deficiencies in the bank’s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program. The deficiencies allegedly resulted in violations of the BSA compliance program and suspicious activity reporting (SAR) rules that led to the issuance of a 2015 consent order, violations of the 2015 order, and additional violations of the SAR rule and wire transfer “travel rule.” According to the 2018 order, the bank allegedly, among other things, (i) failed to “timely achieve compliance” with the 2015 order; (ii) failed to file the required additional SARs; and (iii) initiated wire transfer transactions containing inadequate or incomplete information.
Under the terms of the 2018 order, the bank agreed to pay a $100 million CMP. The order notes that the bank has undertaken corrective actions to remedy the identified BSA/AML-related deficiencies and enhance its BSA/AML compliance program.
FATF updates standards to prevent misuse of virtual assets; reviews progress on jurisdictions with AML/CFT deficiencies
On October 19, the Financial Action Task Force (FATF) issued a statement urging all countries to take measures to prevent virtual assets and cryptocurrencies from being used to finance crime and terrorism. FATF updated The FATF Recommendations to add new definitions for “virtual assets” and “virtual asset service providers” and to clarify how the recommendations apply to financial activities involving virtual assets and cryptocurrencies. FATF also stated that virtual asset service providers are subject to Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulations, which require conducting customer due diligence, such as ongoing monitoring, record-keeping, and suspicious transaction reporting, and commented that virtual asset service providers should be licensed or registered and will be subject to compliance monitoring. However, FATF noted that its recommendations “require monitoring or supervision only for purposes of AML/CFT, and do not imply that virtual asset service providers are (or should be) subject to stability or consumer/investor protection safeguards.”
The same day, FATF announced that several countries made “high-level political commitment[s]” to address AML/CFT strategic deficiencies through action plans developed to strengthen compliance with FATF standards. These jurisdictions are the Bahamas, Botswana, Ethiopia, Ghana, Pakistan, Serbia, Sri Lanka, Syria, Trinidad and Tobago, Tunisia, and Yemen. FATF also issued a public statement calling for continued counter-measures against the Democratic People's Republic of Korea due to significant AML/CFT deficiencies and the threats posed to the integrity of the international financial system, and enhanced due diligence measures with respect to Iran. However, FATF will continue its suspension of counter-measures due to Iran’s political commitment to address its strategic AML/CFT deficiencies.
On October 4, the Financial Crimes Enforcement Network (FinCEN) issued advisory FIN-2018-A005 to U.S. financial institutions to increase awareness of the growing risk that certain Nicaraguan senior foreign political figures may potentially move assets using the U.S. financial system in reaction to a “perceived threat of further unrest, potential sanctions, or other factors.” FinCEN warns that the assets could be the proceeds of corruption and may be directed into U.S. accounts, or laundered through the U.S. financial system. The advisory—which is underscored by actions taken against Nicaraguan officials involved in corruption and human rights abuse pursuant to the Global Magnitsky sanctions program, as previously covered by InfoBytes—provides due diligence guidance for U.S. financial institutions consistent with existing Bank Secrecy Act obligations. It also reminds financial institutions of their suspicious activity report filing obligations and of the potential need to refer to advisory FIN-2018-A003 released last June on the use of financial facilitators to gain access to global financial systems for the purpose of moving or hiding illicit proceeds and evading U.S. and global sanctions. (See previous InfoBytes coverage here.)
FinCEN issues Spanish language version of its advisory on politically exposed persons and their financial facilitators
On September 11, the Financial Crimes Enforcement Network (FinCEN) released a Spanish version of its advisory for U.S. financial institutions to increase awareness of the connection between high-level political corruption and human rights abuses. As previously covered in InfoBytes, FinCEN issued regulatory guidance in June to remind financial institutions of their risk-based, due diligence obligations, which include (i) identifying legal entities owned or controlled by “politically exposed persons” (as required by FinCEN’s Customer Due Diligence Rule); (ii) complying with anti-money laundering program obligations; and (iii) filing Suspicious Activity Reports related to illegal activity undertaken by senior foreign political figures.
On August 9, Financial Crimes Enforcement Network (FinCEN) Director Kenneth A. Blanco delivered remarks at the 2018 Chicago-Kent Block (Legal) Tech Conference to discuss, among other things, the agency’s approach to virtual currency and its efforts to protect financial institutions from being exploited for illicit financing purposes as new financial technologies evolve and are adopted. Blanco commented that while innovation provides customers with greater access to financial services, it can also create opportunities for criminals or serve as a vehicle for fraud. Blanco discussed several areas of focus, such as (i) the regulation of virtual currency and initial coin offerings (ICOs), along with coordinated policy development and regulatory approaches done in conjunction with the SEC and CFTC; (ii) examination and supervision efforts designed to “proactively mitigate potential illicit finance risks associated with virtual currency”; (iii) anti-money laundering/countering the financing of terrorism (AML/CFT) regulatory compliance expectations for companies involved in ICOs or virtual currency transmissions; (iv) enforcement actions taken against companies that fail to implement effective programs; (v) the rise and importance of virtual currency suspicious activity report filings which help the agency identify and investigate illicit activity; and (vi) the development of an information sharing virtual currency-focused FinCEN Exchange program. Blanco emphasized that “individuals and entities engaged in the business of accepting and transmitting physical currency or convertible virtual currency from one person to another or to another location are money transmitters subject to the requirements” of the Bank Secrecy Act.
On July 20, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include cease and desist orders, civil money penalty orders, removal/prohibition orders, and terminations of existing enforcement actions. Two of the more notable actions by the OCC covered in this report are discussed below.
On May 31, the OCC issued a consent order against an international investment bank’s federal branches located in Stamford, Miami, and New York, which identified alleged deficiencies in the branches’ Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance programs. The alleged deficiencies include failure to adopt and implement adequate BSA/AML compliance programs and failure to file timely Suspicious Activity Reports. Among other things, the consent order requires the branches to (i) develop and implement an ongoing BSA/AML risk assessment program; (ii) adopt an independent audit program to conduct a review of the bank’s BSA/AML compliance program; (iii) submit a written progress report within 30 days after the end of each calendar quarter that details actions undertaken to ensure compliance with the consent order’s provisions; and (iii) ensure each branch has permanent, experienced BSA officers responsible for compliance functions. The bank has neither admitted nor denied the OCC’s findings, and a civil money penalty was not assessed against the branches.
In addition, on June 18 the OCC issued an order terminating a 2016 consent order against a national bank following the OCC’s determination that the bank had successfully completed the consent order’s requirements for complying with provisions of the Servicemembers Civil Relief Act.
On July 9, the SEC announced it had reached a settlement with a broker-dealer for allegedly failing to file suspicious activity reports (SARs), as required by the Bank Secrecy Act. According to the SEC’s complaint, the broker-dealer allegedly “knew, suspected, or had reason to suspect” that at least 47 advisors previously terminated by the broker-dealer had engaged in suspicious transactions. However, the broker-dealer filed SARs related to only 10 of the advisors—3 of which were filed after the SEC brought an enforcement action against the advisors. Suspicious transactions by the advisors involved (i) engaging in suspicious transfers of funds; (ii) engaging in “cherry-picking” patterns; (iii) charging excessive advisory fees; (iv) improperly accessing customer accounts to make trades; and (v) using the broker-dealer’s custodial platform despite registration lapses. The SEC asserted that the broker-dealer’s failure to file SARs for suspicious transactions violated the Securities Exchange Act. While neither admitting nor denying the allegations, the broker-dealer has agreed to the entry of a permanent injunction and will pay a $2.8 million civil penalty.
OCC releases recent enforcement actions, issues $12.5 million penalty for BSA/AML compliance deficiencies
On June 15, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include cease and desist orders, civil money penalty orders, and removal/prohibition orders. The consent order described below was among those in the OCC’s list:
On April 14, the OCC issued a consent order and $12.5 million civil money penalty order against a New York-branch of an international bank for alleged deficiencies in the branch’s BSA/AML compliance program. The alleged deficiencies included the failure to file timely Suspicious Activity Reports (SARs) as well as deficiencies in the branch’s compliance with Office of Foreign Asset Control (OFAC) requirements. Among other things, the consent order requires the branch to (i) develop and implement an ongoing BSA/AML and OFAC risk assessment program; (ii) adopt an independent audit program to conduct a review of the bank’s BSA/AML compliance program; and (iii) ensure the branch has a permanent and experienced BSA officer. The bank has neither admitted nor denied the OCC’s findings.
On June 12, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to U.S. financial institutions to increase awareness of the connection between high-level political corruption and human rights abuses. The advisory highlights the use of financial facilitators as a means to gain access to global financial systems for the purpose of moving or hiding illicit proceeds and evading U.S. and global sanctions. Among other things, the advisory, which is designed to assist financial institutions in identifying and reporting suspicious activity, provides typologies used by “politically exposed persons” (PEPs) to access the U.S. financial system and obscure illicit activity. FinCEN also provides several red flags outlining various types of suspected schemes that may be indicators of suspicious activity. The advisory’s regulatory guidance further reminds financial institutions of their risk-based, due diligence obligations, which include (i) identifying legal entities owned or controlled by PEPs (as required by FinCEN’s Customer Due Diligence Rule); (ii) complying with anti-money laundering program obligations; and (iii) filing Suspicious Activity Reports related to illegal activity undertaken by senior foreign political figures.
- Jeffrey P. Naimon to discuss "Post-pandemic CFPB exam preparation" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Making fair lending work for you" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Reading the tea leaves of President Biden’s initial financial appointees" at LendIt Fintech
- APPROVED Webcast: Staying in the know with Buckley regtech solutions
- Moorari K. Shah to discuss “CA, NY, federal licensing and disclosure” at the Equipment Leasing & Finance Association Legal Forum
- Jonice Gray Tucker to discuss "Compliance under Biden" at the WSJ Risk & Compliance Forum
- Sherry-Maria Safchuk to discuss UDAAP at an American Bar Association webinar
- Jeffrey P. Naimon to discuss "What to expect: The new administration and regulatory changes" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Jonice Gray Tucker to discuss “The future of fair lending” at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Steven R. vonBerg to discuss "LO comp challenges" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Michelle L. Rogers to discuss "Major litigation" at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference
- Michelle L. Rogers to discuss “The False Claims Act today” at the Federal Bar Association Qui Tam Section Roundtable