Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCrimes Webinar Series Recap: The Role of Corruption Risk in a Financial Crimes Compliance Program
BuckleySandler hosted a webinar, The Role of Corruption Risk in a Financial Crimes Compliance Program: What are Banks Doing to Detect Corruption in the Wake of the FIFA Scandal?, on September 24, 2015 as part of their ongoing FinCrimes Webinar Series. Panelists included Thomas Coupe, EMEA Global Financial Crimes at Bank of America Merrill Lynch; and Compliance; Gaon Hart, Global Anti-Bribery & Corruption Policy and Education Lead at HSBC; and Denisse Rudich, Financial Crimes Compliance Specialist at Firedrake Consulting. The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways you can implement in your company.
Best Practice Tips and Take-Aways:
- Corruption risk for a financial services firm is presented both directly and indirectly. Corruption risk is presented directly when an employee or third parties acting on behalf of an institution act in a way that implicated anti-corruption laws, such as the Foreign Corrupt Practices Act, U.K. Bribery Act or another anti-corruption law. Corruption risk is presented indirectly when a customer seeks to use a financial institution for a corrupt deal or to hold or transmit funds associated with a corrupt scheme.
- It is important to have one person your organization can look to when an anti-corruption concern arises. This person should serve as the point of contact for your regulators and have the ability to quickly escalate concerns to senior management and the board of directors.
- New customers with past corruption issues present special challenges. Be sure that your onboarding and due diligence processes are able to identify and evaluate these concerns.
- Bear in mind that corruption risk management also requires looking at your organization internally. This means examining your own employees for conflicts issues, evaluating your organization’s sponsorships and donations, and performing due diligence on your third-party suppliers.
- Effective anti-corruption risk management requires cultivating a culture within your organization that supports your efforts. This is an area that regulators are increasingly interested in.
Structuring an Effective Corruption Risk Management Function
The panelists began the session by discussing where best to locate corruption risk management within a bank. The panelists observed that corruption risk management differs from other financial crimes areas, such as anti-money-laundering, because it is more inwardly focused. Panelists commented that, for some institutions, corruption risk management might be a better fit with areas that deal more with the culture of the organization, such as reputational risk and conduct risk. One panelist observed that the regulators have been increasing their focus on the culture of organizations, heightening the importance of this aspect of corruption risk management.
The panelists discussed the most efficient way to structure an organization’s anti-corruption standards. Generally, the panelists agreed that it makes the most sense to develop centralized standards based on the most stringent anti-corruption statutes, such as the FCPA and UK Bribery act. This approach will help account for the extraterritorial application of the FCPA and UK Bribery act. The panelists recommended developing add-on standards that apply in countries where there is a local statute with additional requirements. In particular, the panelists observed that local statutes may provide different rules for entertainment expenses and facilitating payments.
The panelists observed that corruption-risk screening should be integrated into the onboarding process for new customers. In this area, it is important to consider the differences between Public Officials (“PO’s”) and Politically-Exposed Persons (“PEP’s”). One key issue to be aware of is that screening tools and databases designed to identify PEP’s may miss lower-level PO’s. PEP screening tools may also miss State-Owned Enterprises; for example if the government owns only a small share of the company. Therefore, it is important to look closely at new customers and suppliers to identify if there are indirect links to government officials, or if the company has a history of working closely with the government, or if the company’s beneficial ownership raises any concerns.
One of the panelists observed that a new customer with past corruption issues presents special concerns in the due diligence process. Here, robust due diligence is needed to assess what changes the customer has implemented since the corruption issue came to light, and whether they have cooperated with the authorities and/or compliance monitors. Heightened monitoring should also be put in place for these customers.
Responding to a Corruption Concern
The panelists discussed how to respond when the bank receives news that a counterparty or a customer may pose a corruption risk. Here, the panelists agreed that it is important to have a well-thought out and comprehensive incident response plan in place. This plan should:
- Identify who in the organization is the designated point person for coordinating the response. This person should serve as the contact point for regulators, and be able to quickly escalate issues to senior management and board of directors. Along these lines,
- Specify who is to be notified of the issue and when. The panelists stressed the need for the incident plan to also address reputational risk to the bank.
- Lay out steps that allow the bank to determine if the corruption risk affects the bank, and if so, to what degree. This will involve using databases to search for names of both corporate and individual customers. This will also require setting up suspense accounts if needed and reporting these accounts as appropriate. After addressing the funds on hand within the bank, it will be necessary to perform a historical look-back for suspicious transactions.
The panelists also discussed how to respond to corruption concerns that arise from within the organization. The panelists observed that AML monitoring tools will often detect transactions that may present a corruption risk. Therefore, it makes sense to have close communication between the AML function and corruption risk management. The panelists concluded the discussion by observing that corruption risk should become as central to a bank’s business function as credit-risk has been traditionally.
On September 9, the Department of Justice (DOJ), issued a policy memorandum concerning DOJ’s goal of holding individuals accountable for corporate fraud or other misconduct. While some of the guidelines set forth in the memorandum are statements of practices already being followed by DOJ, or by specific U.S. Attorney’s Offices, some of the measures are new and reflect an enhanced focus on DOJ’s goal of holding individuals criminally or civilly liable for corporate wrongdoing. The memo sets forth “six key steps” to accomplish this goal and further DOJ’s underlying policies of deterring future illegal activity, incentivizing change in corporate behavior, holding proper parties responsible for their actions, and promoting public confidence in the justice system.
First, the memo provides that, to be eligible to receive any credit for cooperating with the government in a civil or criminal investigation, a company must completely disclose to DOJ all relevant facts about individual misconduct, regardless of the individual’s position, status or seniority at the company. If a company provides incomplete information about individual employees’ misconduct, then the company’s cooperation will not be considered a mitigating factor in a criminal investigation and will not support, in the case of a prosecution, a cooperation-related reduction at sentencing. Likewise, where the company is not completely forthcoming about individual wrongdoing in a civil investigation, DOJ will not consider the company’s cooperation in negotiating a settlement agreement.
Second, the memo provides that both criminal and civil investigations should focus on individuals from the outset of the investigation, in order to discern the full extent of alleged misconduct, increase the likelihood of cooperation by individuals with knowledge of the misconduct, and maximize the chances that resolution of the investigation will include civil or criminal charges against both the company and culpable individuals.
Third, the memo emphasizes that DOJ criminal and civil attorneys should be in routine communication with one another, so that the DOJ can consider the full range of potential remedies to address alleged misconduct by individuals.
Fourth, the memo provides that, absent “extraordinary circumstances,” no corporate resolution will provide protection for criminal or civil liability for any individuals. Fifth, the memo states that DOJ attorneys should not resolve civil or criminal investigations of a corporation without a “clear plan” to resolve related individual cases. In addition, if a decision is made not to prosecute or proceed civilly against individuals who committed the misconduct, DOJ attorneys must memorialize and submit for approval the reasons for that decision.
Finally, the memo provides that civil prosecutors should consistently focus on individuals as well as the company, and evaluate the decision whether to sue an individual based on considerations beyond the individual’s ability to pay. The memo notes that, while DOJ attorneys may validly consider an individual corporate wrongdoer’s ability to satisfy a judgment in determining whether to pursue an action against that person, DOJ attorneys also should consider other goals and concerns in making this determination, including such things as the seriousness of a person’s misconduct, the person’ s past history, the ability to obtain and sustain a judgment, and the long-term deterrent effects of holding an individual accountable.
Former Ohio Deputy Treasurer Extradited to Serve 15 Years in Prison for Role in Bribery and Money Laundering Scheme
On August 26, a former deputy treasurer of Ohio was extradited from Pakistan to serve a 15-year prison term in the U.S. for his involvement in a bribery and money laundering scheme spanning from January 2009 through January 2011. According to his 2013 guilty plea, the former deputy treasurer misused his position as a state official to direct official state of Ohio business to a securities broker in return for bribes. With the assistance of a Chicago businessman, the deputy treasurer concealed the broker’s payments by funneling them through (i) accounts connected to a landscaping business; and (ii) an attorney and lobbyist who was both a friend and business partner. The broker, who paid more than $500,000 in bribes, collected roughly $3.2 million in commissions as a result of 360 securities trades on behalf of the Office of the Ohio Treasurer.
Sentenced in abstentia on December 1, 2014 by a Ohio federal judge, the former state official was also ordered to forfeit $3.2 million in illegal profits. The securities broker, lobbyist, and the Chicago businessman were each sentenced in late 2014 to serve 45 months, 48 months, and 18 months in prison, respectively, for their roles in the scheme.
DOJ and SEC Announce Parallel Action Against Former Investment Banking Analyst and Two Individuals for Alleged Involvement in Insider Trading Scheme
On August 25, the DOJ unsealed an indictment charging three defendants each with (i) one count of conspiracy to commit securities and tender offer fraud; (ii) 13 counts of securities fraud; (iii) 13 counts of tender offer fraud; and (iv) three counts of wire fraud. In a parallel action, the SEC filed a complaint in the Central District of California against the same three individuals, asserting that the three individuals violated certain provisions of the Securities Exchange Act by participating in a scheme that involved “coordinated, illegal trading in stock and stock options of two separate companies that participated in merger activity” in which the same investment bank played an advisory role. According to the SEC, having learned of impending acquisitions involving two of the investment bank’s clients and other companies, one of the investment bank’s former analysts allegedly provided information regarding the transaction to a friend before any public announcements were made. The friend then communicated the information to a third individual, and the two made a series of trades in the two companies’ securities. When the acquisitions were publicly announced, both companies’ stock prices increased, resulting in profits of more than $670,000 for the two individuals on the receiving end of the former analyst’s inside information. The SEC’s complaint seeks a final judgment ordering the three defendants “to pay disgorgement of their ill-gotten gains plus prejudgment interest and penalties, and permanent injunctions from future violations of [certain] provisions of the federal securities laws.”
SEC Sues 32 Defendants Involved in Insider Trading Operation; DOJ Files Criminal Charges Against Leaders
On August 10, the SEC filed a complaint against 32 defendants in the District of New Jersey for their alleged involvement in an international scheme to profit from stolen, confidential information regarding corporate earnings announcements. According to the SEC, the defendants hacked at least two newswire services’ computer servers to retrieve unpublished corporate press releases, subsequently using it to make trades generating over $100 million in profits. The SEC further asserted that the two leaders of the scheme designed a “secret web-based location to transmit the stolen data to traders in Russia, the Ukraine, Malta, Cyprus, France, and three U.S. states, Georgia, New York, and Pennsylvania.” The SEC contends that, for five years, the two leaders of the scheme (i) disguised their identity by posing as newswire service employees, using proxy servers, and/or using backdoor access-modules; and (ii) recruited traders by making a video that displayed their ability to steal earnings information prior to public release. In return for information, the traders paid the hackers either a percentage of the profits obtained from trading the stolen information, or a flat fee. The SEC Director called the scheme “one of the most intricate and sophisticated trading rings [the agency has] ever seen.” The U.S. Attorneys’ offices for New Jersey and the Eastern District of New York also announced criminal charges against nine of the same defendants, including the two leaders of the scheme.
Former Derivatives Trader Convicted and Sentenced in U.K. on Libor Manipulation Charges, Also Facing Criminal Charges in U.S.
On August 3, a jury in the United Kingdom convicted former derivatives trader Tom Hayes on eight counts of fraud for his role in the manipulation of the London Interbank Offered Rate (Libor) for Japanese Yen. Hayes was subsequently sentenced to 14 years in prison. Prosecutors had argued that Hayes, a former trader at two international banks, had asked traders at his bank who were responsible for submitting the bank’s daily Libor submissions for publication – as well as submitters at other banks and brokers involved in the Libor process – to raise or lower their submissions for the Yen Libor from 2006 to 2010 to help Hayes increase the profit on his trades. Hayes was the first individual to be tried in U.K. courts for Libor manipulation, with some of Hayes’ alleged co-conspirators set to go to trial in late September. Hayes is also facing criminal charges for the same conduct in the U.S.
On July 28, Mead Johnson Nutrition Co. (“Mead”), an infant formula maker, agreed to pay $12.03 million to settle civil FCPA charges with the SEC. The SEC alleged that a majority-owned subsidiary in China used discounts given to third-party distributors to make over $2 million in bribes from 2008 to 2013 to healthcare professionals at state-owned hospitals, to get them to push the use of Mead’s products to new mothers, reaping profits of over $7 million. The SEC also alleged that the subsidiary’s books and records were false as a result of the improper payments, and were then consolidated into the parent company’s books and records; Mead’s internal controls were also alleged to be deficient. Mead did not admit or deny liability.
Of note, the settlement came through the SEC’s administrative process, continuing the trend at the SEC of sending cases to its internal decision-makers instead of to a federal court. The alleged facts also highlight the danger of directing the activities of third-party distributors (here, related to the use of discounts provided to them).
On July 13, the SEC announced a settlement with Frank Tamayo, who acted as a middleman in a $5.6 million insider trading scheme. According to the SEC, a law firm clerk used the firm’s internal databases to access confidential information concerning clients’ pending corporate transactions, and tipped Tamayo at coffee shops to the pending transactions. Tamayo wrote ticker symbols of target companies on a Post-It note or napkin, met a stockbroker in Grand Central Terminal’s main concourse, flashed the Post-It or napkin to the stockbroker, and then immediately chewed up and swallowed it. Tamayo also conveyed additional information about the pending deals, in total passing information on over a dozen companies. The stockbroker then traded in the shares of the subject companies on behalf of the co-conspirators and other customers. The settlement involved no monetary penalties based on Tamayo’s extensive cooperation with the SEC. A $1 million disgorgement as part of the settlement can be satisfied by forfeiture or restitution in a parallel criminal proceeding pending in the District of New Jersey, where Tamayo has already pleaded guilty.
FinCrimes Webinar Series Recap: Conducting an Effective Financial Crimes-Related Internal Investigation
BuckleySandler hosted a webinar, Conducting an Effective Financial Crimes-Related Internal Investigation, on April 23, 2015 as part of their ongoing FinCrimes Webinar Series. Panelists included John Mackessy, Anti-Money Laundering & Trade Sanctions Officer at MasterCard and Saverio Mirarchi, Senior Director at Treliant Risk Advisors and former Chief Compliance and Ethics Officer at Northern Trust. The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways you can implement in your company. To request a recording of this webinar, please email Nicole Steckman at email@example.com.
Key Tips and Take-Aways:
- Make sure that the organization has appropriate policies and procedures in place to quickly and efficiently react when an investigation begins.
- Have systems in place to quickly identify the veracity of any allegations and be prepared to begin the internal investigation as soon as possible.
- Be prepared for, and understand the impact of having, a compliance monitor as part of any settlement agreement.
The session began with a discussion of what an organization can do to prepare for an internal investigation. The panel focused on the benefits of preparation and having established policies and procedures in place before an investigation begins. Specifically, the panelists noted the importance of having individual roles and responsibilities outlined and understood at the outset, in order to make the response more efficient. The panelists further noted that with the significant time constraints associated with such an investigation, it is critical that the team be prepared to act immediately. Finally, the panelists highlighted the significance of having effective routes of communication established in the policies and procedures, to ensure that all parties involved know how to proceed when an investigation is initiated. All of this can be in place in the absence of a concern triggering an internal investigation, so the panelists emphasized the steps to take before any concerns arise.
Internal Investigation Leadership and Logistics
The panelists then discussed the variety of approaches an organization can take when it comes to who leads the internal investigation. Specifically, the panelists noted that while there is no one-size fits all approach, the leadership of an internal investigation needs to be transparent from the outset, even if that role is transitioned during the investigation. The panelists suggested numerous approaches to who should run the investigation, including having either a business unit, outside counsel, or the organization’s general counsel be in charge of the investigation.
Conducting the Internal Investigation
Panelists next shifted to discussing the steps involved in conducting an internal investigation. The panel noted that the first critical component of running an internal investigation is obtaining the key information related to the problem, and identifying whether there is any information that the organization does not have. Specifically, the panel highlighted the importance of validating the initial allegations quickly, in order to fully engage with the investigation. The panel also noted the importance of quickly initiating a document hold, especially if the allegation is coming from a reputable source. The panelists highlighted the fact that putting out a document hold too soon is generally a minor problem, whereas any inadvertent destruction of relevant information could pose significant problems down the line. Financial crimes investigations are extremely data-analytics-intensive and may involve vast amounts of data covering many years, so the panelists focused on the role of a data analytics team.
The panelists then discussed the importance of being prepared to deal with a monitor. The panelists noted that with the recent increase in situations where a monitor will be required, it is key for an organization to know how to implement any agreements regarding the monitorship. Specifically, the panelists noted that the organization needs to make sure that they understand the scope of the monitor’s role and how the organization will be able to interact with the monitor. The panel suggested that before signing any monitoring agreement, the document needs to be discussed with compliance, operations, information technology, and any other departments that may be impacted by the monitorship, so that all parties are aware of the operational implications of a monitorship. Finally, the panel added that organizations should make sure to have a contact person or team that handles interactions with the monitor and is able to manage the monitor’s access to documents, in order to establish an effective relationship with the monitor.
Role of Senior Management and the Board
The panel also discussed the role of senior management and the Board of Directors in the internal investigation process. The panelists noted that in all internal investigations, it is important to make sure senior management and the Board are involved. Specifically, the panelists noted that senior management and the Board need to know the severity of the allegations, any related risks, the costs associated with the investigation, and that the investigation is being run properly. Finally, the panelists noted that if the investigation is being run by the general counsel, any communications to senior management and the Board need to be drafted so as to protect privilege.
BuckleySandler hosted a webinar, Individual Liability: Financial Crimes Professionals in the Spotlight, on January 22, 2015 as part of its ongoing FinCrimes Webinar Series. Panelists included Polly Greenberg, Chief, Major Economic Crimes Bureau at the New York County District Attorney’s Office, and Richard Small, Senior Vice President for Enterprise-Wide AML, Anti-Corruption and International Regulatory Compliance at American Express. The following is a summary of the guided conversation moderated by Jamie Parkinson, Partner at BuckleySandler, and key take-aways you can implement in your company.
Best Practice Tips and Take-Aways:
- Be completely transparent with senior management and your board of directors when escalating issues and concerns. Document your requests for program enhancements and management responses.
- Assure yourself that your team is up to the task at hand, adequately resourced and knows that they can escalate anything that concerns them to compliance and/or senior management/the Board.
- When considering the quality of your compliance program, be sure that your program is tested internally by your compliance function, tested again by your organization’s internal audit team, and in addition is examined every few years by external counsel/consultant.
- If confronted with management unwillingness to commit adequate headcount and resources necessary to the compliance program, serious consideration has to be given to resigning and/or reporting these deficiencies.
Significant Actions and Regulatory Statements
The discussion began by giving an overview of trends in enforcement actions in the last few decades, commenting that this topic has been simmering for a long time. In the Bank context, in the late 1980s a series of prosecutions against the Bank of New England, Shearson Lehman, and Bank Boston involved efforts to hold the institution as well as individuals liable. Largely, the government had success against the institutions on theories of collective knowledge and willful blindness but was less successful when prosecuting individuals.
In the brokerage context, the SEC has brought recent actions as part of the Compliance Program Initiative, including charges against compliance personnel when they were clearly responsible for the failure to adopt or implement adequate compliance programs. The SEC has signaled that it will take action against compliance officers if:
- They actively participated in misconduct;
- They helped mislead regulators; or
- They have clear responsibility to implement compliance programs or policies and wholly failed to carry out that responsibility.
Then identified recent enforcement actions taken against board members, including Pacific National Bank involving a failure to remedy deficiencies in that institution’s BSA program. In the Pacific National Bank case, the OCC levied individual fines against the bank’s chairman and three board members who served on its BSA compliance committee for failing to act in their official capacities to correct the failures.
Finally, identified remarks made by three key regulators at the November 2013 ABA/ABA and the March 2014 ACAMS conferences. These speeches reflect clear statements with respect to the government’s intention to hold individuals personally liable when the facts warrant. The remarks were made by:
- Jim Cole (Deputy Attorney General, retired Jan. 8, 2015)
- Thomas Curry (Comptroller of the Currency)
- Jennifer Shasky Calvery (Director, FINCEN)
Mr. Small then gave an overview of two significant enforcement actions that involved individual liability. The first case, Brown Brothers Harriman, was brought by FINRA in early 2014 and arose from penny stock transactions executed by the firm through an omnibus brokerage account structure. While the case resulted in an $8 million fine for Brown Brothers, the firm’s Global AML Compliance Officer, Harold Crawford, was also the subject of the enforcement action and was fined $25,000 and barred from working in a compliance function for one month. Crawford’s personal liability was premised on his alleged failure to effectively monitor suspicious activity and to report it as required. Mr. Small pointed out that there were references in the case to an internal Brown Brothers’ memorandum that was developed by their compliance group that cited the increase in potentially suspicious activity and recommended stopping the trades and discontinuing the omnibus brokerage structure that had been used to carry out the transactions. This memo was written in November 2011, and was not acted upon prior to FINRA’s action. Mr. Small observed that the Brown Brothers case was the first time that action was taken against an AML compliance officer for failures in the AML compliance program at their company. He further observed that the case raises the question of what a compliance officer should do if they are raising issues, but not receiving resources from management to address those issues.
The second action Mr. Small discussed, MoneyGram, also involved individual liability for a compliance officer. There, FINCEN and DOJ took joint action against MoneyGram related to a significant number of transactions initiated by MoneyGram that were connected to various fraud schemes. FINCEN and DOJ alleged that MoneyGram received a significant number of complaints from consumers but took no action to address them. FINCEN issued a $1 million civil money penalty against Thomas Haider, who served as ManeyGram’s Chief Compliance Officer from 2003-2008. DOJ filed a complaint to enforce the penalty and also seeking to bar Haider from employment in the financial services industry.
When asked how this case might bear on the design of a Financial Crimes compliance program, Mr. Small commented that it was his personal opinion that this case could be read as counseling against integrating an institution’s BSA compliance function with other functions, such as fraud monitoring if the compliance officer lacks the expertise or full authority over the integrated areas. For example, Mr. Haider had responsibility for performing due diligence on agents, terminating agents, and identifying fraud, in addition to suspicious activity monitoring and SAR filing. The first two of these tasks were ones over which he may not have had full authority and as to the fraud area one in which he lacked the expertise to properly oversee. The panelists agreed that while an institution’s compliance function must have unfettered access to the institution’s data, it is important that the compliance function does not take on responsibilities outside of its area of expertise.
Theories of Individual Liability
Ms. Greenberg then discussed the different theories that can be used to find individual liability. She emphasized that the underlying basis of criminal liability is criminal knowledge and intent to do a particular act. Ms. Greenberg explained that it can be easier to find liability for a corporation due to the theory of collective knowledge. Under this theory, the knowledge of the corporation’s employees is imputed to the corporation, and the corporation is bound by this collective knowledge. So, while no single employee might possess sufficient knowledge to support individual liability, numerous individuals’ knowledge may be combined and imputed to the corporation and this collective knowledge may be sufficient to hold the corporation liable.
Ms. Greenberg also discussed the theory of willful blindness, which is primarily used under federal law. Under this theory, an individual has a subjective belief that there is a high probability that a fact exists but avoids learning whether the fact actually exists. Ms. Greenberg also pointed out that there is a similar concept under New York law called conscious avoidance.
Finally, Ms. Greenberg discussed the considerations taken into account in assessing whether it is appropriate to charge an individual in the corporate crimes context. Initially, authorities must consider whether there was criminal intent and whether that intent can be proven. They must also consider whether they can prove the level of knowledge required by the relevant statute, such as, knowingly, intentionally, or willfully. After deciding that there is probable cause to believe an individual had the required intent, Ms. Greenberg explained that the authority will then consider various factors in exercising prosecutorial discretion. In deciding whether to charge an individual in the corporate crime context, fairness is given much consideration. Ms. Greenberg observed that charging higher-level employees in this context may be more common than charging lower-level employees because higher-level employees bear more responsibility for the corporation and play a much larger role in influencing the corporate culture.
Considerations for Compliance Professionals
The panelists noted that it is very important for compliance professionals to have their areas of responsibility clearly defined, and to ensure that they have the control and expertise to manage these areas appropriately, as well as sufficient resources to carry out the compliance program effectively. It was pointed out that the areas most often associated with institutional and individual liability include:
- Failures in the culture of compliance within the organizations;
- Inadequate resources committed to BSA compliance;
- Weaknesses in the organization’s technology and transaction monitoring processes; and
- Inadequacies in the quality of risk management.
Mr. Small stressed the importance of being transparent with senior management and the board of directors when faced with a lack of resources, commenting that it is important to discuss the issue, listen to any proposed alternatives, and take a stance on what the best solution is. The panelists stressed the importance of documenting your requests and the responses and agreed that such documentation can be important to enforcement authorities in deciding whether to charge individuals. The panelists agreed that the trend towards increased individual liability could result in increased SAR filings. IT was suggested that it may be safer to file a SAR when in doubt but defensive SAR filing should be avoided if possible. He noted too that it is very important to thoroughly document decisions not to file.