Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On April 12, the U.S. Department of the Treasury announced that the Financial Action Task Force (FATF), an international standard setting body, agreed to a permanent mandate for the FATF to continue its work against combating money laundering, terrorist financing, and the financing of the proliferation of weapons of mass destruction. FATF ministers agreed to meet every two years, starting in 2022, to support the commitment to implementing the mandate. Among other things, the mandate states the FATF will (i) develop and refine international standards for combating money laundering; (ii) respond to significant new and emerging threats to the global financial system; (iii) maintain engagement with other international organizations and bodies; and (iv) consult the private sector on matters relating to FATF’s work. The mandate also provides a detailed layout of the organization’s membership composition and internal organization.
On April 15, U.S. regulators announced settlements totaling $1.3 billion with several banking units of a German-headquartered financial institution to resolve allegations by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), the DOJ, the Federal Reserve Board, the New York Department of Financial Services (NYDFS), and the New York County District Attorney’s Office of apparent violations of multiple sanctions programs, including those related to Burma, Cuba, Iran, Libya, Sudan, and Syria. According to OFAC’s announcement, between January 2007 and December 2011, the institution’s banking units in Germany, Austria, and Italy processed thousands of payments through U.S. financial institutions on behalf of sanctioned entities “in a manner that did not disclose underlying sanctioned persons or countries to U.S. financial institutions which were acting as financial intermediaries.”
According to the settlement agreements (see here, here, and here), OFAC considered various aggravating factors, and noted, among other things, that the institution’s banking units failed to sufficiently enforce policies addressing OFAC sanctions concerns or restrict the processing of transactions in U.S. dollars involving persons or countries subject to sanctions programs administered by OFAC. Additionally, OFAC asserted that the Austrian banking unit claimed on several occasions that OFAC’s sanctions programs “were not legally binding or relevant to [the bank].” OFAC further stated that while the banking units failed to voluntarily self-disclose the alleged violations, they have each agreed to implement and maintain compliance commitments to minimize the risk of the recurrence of the alleged conduct.
U.K. subsea services company and subsidiaries to pay $440,000 for Cuban and Iranian sanctions violations
On April 11, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced two settlements totaling more than $440,000 with a U.K. subsea services company and certain subsidiaries that operate in the oil and gas industry. The first settlement, for $227,500, resolves potential civil liability for seven alleged violations of the Cuban Assets Control Regulations (CACR). According to OFAC, two of the company's Malaysian affiliates produced analytical reports and conducted workshops for oil well drilling projects in Cuban territorial waters related to projects managed by companies including Venezuela’s state-owned oil company, which was previously designated by OFAC in January (see InfoBytes coverage here). OFAC considered various aggravating factors—including that the alleged violations constitute an egregious case—and noted that the company/subsidiaries “willfully violated U.S. sanctions laws and regulations when they knowingly dealt with Cuban interests despite prior notification of their unlawfulness.” OFAC also noted that senior managers “deliberately concealed their dealings with Cuba on multiple occasions.” OFAC considered numerous mitigating factors, including the company/subsidiaries’ voluntarily self-disclosure of the apparent violations and remedial efforts taken to avoid similar violations from occurring in the future.
The same day OFAC announced a second settlement, this time for $213,866, which resolves potential civil liability for 13 alleged CACR violations. The settlement also resolves three alleged violations of the Iranian Transactions and Sanctions Regulations (ITSR) by the company’s U.S.-based parent company. According to OFAC, the company issued sanctions compliance guidance to all of its subsidiaries with instructions that transactions with Cuba and Iran (including indirect third parties) were prohibited. However, certain subsidiaries disregarded the guidance and allegedly engaged in transactions within Cuban and Iranian territorial waters. In reaching the settlement amount, OFAC determined, among other things, that (i) the company voluntarily self-disclosed the apparent violations; (ii) the alleged violations constitute a non-egregious case; (iii) the subsidiaries have confirmed the conduct has been terminated; and (iv) remedial efforts have been undertaken to minimize the risk of similar violations from occurring in the future.
On April 5, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against two non-U.S. companies for their alleged involvement in the transportation of oil from Venezuela to Cuba. According to OFAC, the companies have engaged in a “barter system,” in which Venezuelan oil supplies are exchanged for Cuban assistance in the form of “political advisors, intelligence and military officials, and medical professionals. . . all of whom” prop up “the illegitimate Maduro regime through oil-for-repression schemes as [an] attempt to keep Maduro in power.”
Visit here for continuing InfoBytes coverage of actions related to Venezuela.
On April 9, U.S. and U.K regulators announced that a London-based global financial institution would pay $1.1 billion to settle allegations by the DOJ, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), the Federal Reserve Board, the New York Department of Financial Services (NYDFS), the Manhattan District Attorney, and the U.K.’s Financial Conduct Authority (FCA) for allegedly violating multiple sanctions programs, including those related to Burma, Cuba, Iran, Sudan, and Syria. According to the OFAC announcement, from June 2009 until May 2014, the institution processed thousands of transactions involving persons or countries subject to sanctions programs administered by OFAC, but the majority of the actions at issue concern Iran-related accounts maintained by the institution’s Dubai branches. OFAC alleged the Dubai branches processed transactions through the institution’s New York branches on behalf of customers that were physically located or ordinarily resident in Iran.
According to the $639 million settlement agreement, OFAC noted, among other things, that the institution “acted with reckless disregard and failed to exercise a minimal degree of caution or care” with respect to the actions at issue. Moreover, OFAC alleged that the institution had actual knowledge or reason to know its compliance program was “inadequate to manage the [the institution]’s risk.” OFAC considered numerous mitigating factors, including that the institution’s substantial cooperation throughout the investigation and its undertaking of remedial efforts to avoid similar violations from occurring in the future.
The $639 million penalty will be deemed satisfied by the institution’s payments to other U.S. regulators, which includes, $240 million forfeiture and $480 million fine to the DOJ, $164 million fine to the Federal Reserve, and $180 million fine to the NYDFS. The institution also settled with the FCA for $133 million. The settlement illustrates the risks to foreign financial institutions associated with compliance lapses when processing transactions through the U.S. financial system.
On April 3, the DOJ announced that a Micronesian government official pleaded guilty in the District of Hawaii to a money laundering conspiracy “involving bribes made to corruptly secure engineering and project management contracts from the government of the Federated States of Micronesia (FSM), in violation of the” FCPA. The official was arrested in February after a Hawaiian executive pleaded guilty to a related FCPA conspiracy charge the prior month (see previous FCPA Scorecard coverage here).
According to the DOJ, the official "was a government official in the FSM Department of Transportation, Communications and Infrastructure who administered FSM’s aviation programs, including the management of its airports.” The official admitted that, between 2006 and 2016, a Hawaii-based engineering and consulting company “paid bribes to FSM officials, including [the official], to obtain and retain contracts with the FSM government valued at nearly $8 million.” The official’s sentencing is scheduled for July 29.
On April 8, the Federal Reserve Board announced a notice of proposed rulemaking and request for comment (NPRM) seeking to modify its regulation of the regulatory capital requirements for U.S. subsidiaries of foreign banking organizations. Chairman Jerome Powell referred to a proposal issued last fall for refining regulations for domestic banking firms based on risk profiles (previously covered by InfoBytes here), and noted that “because the U.S. operations of most foreign banks tend to have a larger cross-border profile, greater capital markets activities, and higher levels of short-term funding, they often present greater risk than a simpler, more traditional domestic bank.”
The NPRM builds upon the Federal Reserve’s framework for U.S. firms announced last fall, and states that foreign banking organizations with $100 billion or more in U.S. assets would be assigned to one of three categories based on the size of their U.S. operations as well as the following risk-based indicators: “cross-jurisdictional activity, nonbank assets, off-balance sheet exposure, and weighted short-term wholesale funding.” Under the proposal, foreign banking organizations would be classified into the following three categories: (i) Category II: foreign banking organizations with U.S. assets exceeding $700 billion or $75 billion in cross-border activity; (ii) Category III: foreign banking organizations with more than $250 billion in U.S. assets that also exceed certain risk thresholds; and (iii) Category IV: foreign banking organizations with U.S. assets between $100 billion and $250 billion and minimal risk factors. Category I would be reserved for U.S.-based global systemically important banks.
A second proposal issued the same day by the Federal Reserve Board, the FDIC, and the OCC (collectively, the “Agencies”) requests comment on, among other things, whether the Agencies should extend standardized liquidity requirements to foreign banking organizations’ U.S.-based branches and agency networks as well as approaches for doing so.
Comments on both proposals are due June 21.
On March 29, DOJ publicly released a non-prosecution agreement it had entered into in late February with a Germany-based provider of medical equipment and services in which the company agreed to pay over $230 million to settle claims that it violated the anti-bribery, books and records, and internal accounting controls provisions of the FCPA. The alleged misconduct, which included various schemes to pay bribes to public and/or government officials in exchange for business opportunities, occurred over the course of at least a decade and spanned 17 or more countries in Africa, Europe, and the Middle East. On the same day, the company also entered into an administrative order with the SEC. The SEC stated that the company had failed to timely address “numerous red flags of corruption in its operations” that were known to the company as far back as the early 2000s, and that it “failed to properly assess and manage its worldwide risks, and devoted insufficient resources to compliance.”
While the company received credit for making a voluntary disclosure to DOJ in April 2012 and for remedial measures undertaken since that time, DOJ stated that the company failed to timely respond to certain of its requests and, at times, provided incomplete responses to those requests. Accordingly, the company did not receive full credit for cooperation and did not qualify for a declination under the FCPA Corporate Enforcement Policy. In its non-prosecution agreement, among other things, the company agreed to: (i) the appointment of an independent compliance monitor for a two-year term, followed by one year of self-reporting, (ii) continuation of its efforts to cooperate with the DOJ’s investigation, and (iii) disgorgement of approximately $147 million to the SEC and payment of approximately $85 million in fines to the U.S. Treasury. The fine amount was calculated with a 40% discount off of the bottom of the United States Sentencing Guidelines fine range based on $141 million in profits from the alleged misconduct.
Notably, the alleged misconduct involved no U.S.-based conduct, individuals, subsidiaries, or third parties. Instead, the individuals alleged to have engaged in misconduct apparently used internet-based email accounts hosted by service providers in the U.S. (and therefore utilized means and instrumentalities of U.S. interstate commerce), and the company’s American Depository Shares trade on the NYSE so the company files periodic reports with the SEC.
On April 2, the FDIC, Federal Reserve Board, and the OCC (together, the “Agencies”) released a joint statement announcing a notice of proposed rulemaking (NPR) to limit the “interconnectedness” of large banking organizations and reduce systemic risk resulting from the failure of global systemically important bank holding companies (GSIBs), certain intermediate holding companies, and GSIB foreign banking organizations. Among other measures, the NPR proposes that, to discourage GSIBs and advanced approaches banking organizations (generally firms with total consolidated assets of $250 billion or more or at least $10 billion in on-balance sheet foreign exposure) from purchasing large amounts of unsecured debt issued by GSIBs, the Agencies propose to subject these investments “to deduction from the . . . organization’s own regulatory capital.” This debt, the Agencies note in the statement, is used to recapitalize the GSIB during bankruptcy or resolution as a result of failure, and the proposal is intended to reduce both interconnectedness within the financial system and systemic risk. Comments on the NPR are due 60 days after publication in the Federal Register.
On April 1, the Federal Reserve Board published a revised policy statement on payment system risk (PSR policy) in connection with procedures used to determine the “net debit cap and maximum daylight overdraft capacity” of U.S. branches and agencies of foreign banking organizations (FBO). Among other things, the amended PSR policy (i) removes references to the Strength of Support Assessment ranking, citing the ranking is an “inefficient use” of supervisory resources; (ii) removes references to a FBO’s financial holding company status, since that status has limited ability to measure the health of a FBO; and (iii) adopts alternative methods for determining a FBO’s “eligibility for a positive net debit cap, the size of its net debit cap, and its eligibility to request a streamlined procedure to obtain maximum daylight overdraft capacity.” The Board adopted the changes substantially as proposed, following a notice and request for comment period at the end of 2017. The revisions are effective April 1, 2020.
- Daniel P. Stipano to discuss "Regulatory changes: Proposed AML regulatory changes, marijuana banking and hemp/CBD" at the ACAMS Carolinas Chapter AML and OFAC Symposium-Technology and Hot Topics
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Buckley Webcast: Flirting with alternatives — Opportunities and challenges created by alternative data, modeling, and technology
- Daniel P. Stipano and Moorari K. Shah to discuss "Vendor management: What is the NCUA looking for?" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Daniel P. Stipano to discuss "Reporting requirements for credit unions: CTRs and SARs" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference