InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC announces March 2018 enforcement actions and terminations
On March 16, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such parties. The new enforcement actions include a cease and desist order, a civil money penalty order, notices filed, and recently terminated enforcement actions. Two notable actions are as follows:
Cease and Desist Consent Order. On February 12, the OCC issued a consent order against a New Jersey-based bank for deficiencies related to its Bank Secrecy Act/Anti-Money Laundering (BSA/AML) rules and regulations. Among other things, the consent order requires the bank to (i) appoint an independent third-party consultant to conduct a review of the bank’s BSA/AML compliance program; (ii) review and update a comprehensive BSA/AML compliance action plan and monitoring system; (iii) create a comprehensive training program for “appropriate operational and supervisory personnel, and the Board of Directors, to ensure their awareness of their responsibility for compliance with” the BSA; (iv) develop policies and procedures related to the collection of customer due diligence and enhanced due diligence when opening accounts; (v) appoint a BSA officer; (vi) develop and conduct ongoing BSA/AML risk assessments to monitor accounts for “high-risk customers”; and (vii) conduct a “Look-Back” plan to determine whether suspicious activity was timely identified and reported by the bank and whether additional SARs should be filed for previously unreported suspicious activity. Furthermore, the bank is prohibited from opening new accounts for commercial customers designated as “medium risk or higher” in areas such as “money services businesses, foreign or domestic correspondent banks, payment processors, or cash-intensive businesses” without prior authorization. The bank, while agreeing to the terms of the consent order, has neither admitted nor denied any wrongdoing.
Termination of enforcement action. On February 14, the OCC terminated a 2002 consent order issued against a Texas-based payday lender after determining that “the safe and sound operation of the banking system does not require the continued existence of” previously issued restrictions. In 2002, the OCC claimed the payday lender engaged in “unsafe and unsound” practices, including violations of ECOA and TILA for failing to safeguard customers’ loan files. Among other things, the consent order fined the payday lender a $250,000 civil money penalty, imposed record-keeping requirements, and prohibited it from “entering into any kind of written or oral agreement to provide any services, including payday lending, to any national bank or its subsidiaries without the prior approval of the OCC.”
Federal Reserve orders Chinese bank to correct BSA/AML controls
On March 12, the Federal Reserve Board (Fed) entered into a consent order with a Chinese bank (bank) and its New York branch (branch) in connection with alleged Bank Secrecy Act and anti-money laundering (BSA/AML) violations. According to the Fed’s order, a recent examination identified “significant deficiencies” in the branch’s BSA/AML compliance and risk management controls. The consent order requires, among other things, the bank and branch submit within 60 days: (i) a written governance plan to achieve compliance with BSA/AML requirements; (ii) a system to identify and assess risks associated with all products and customers, including “politically exposed persons”; (iii) an enhanced customer due diligence program plan; and (iv) a compliance program to ensure accurate suspicious activity monitoring and reporting. The bank and branch are further required to engage an independent third party acceptable to the Fed to review their dollar-clearing transaction activity in the second half of 2016 “to determine whether suspicious activity involving high-risk customers or transactions” was properly flagged. The order imposes no financial penalty.
9th Circuit denies bank’s challenge to FDIC bank secrecy order
On March 12, the U.S. Court of Appeals for the 9th Circuit upheld a 2016 FDIC cease and desist order against a California bank arising out of alleged deficiencies in compliance management relating to the Bank Secrecy Act (BSA) and anti-money laundering laws. According to the opinion, FDIC examinations dating back to 2010 identified areas for BSA compliance improvement. While the bank made adjustments in response to the original findings, a 2012 FDIC examination found the bank’s BSA compliance program still was deficient, including because it did not “establish and maintain procedures designed to ensure adequate internal controls, independent testing, administration, and training”—known as the “four pillars”—and because the bank had not filed a necessary suspicious activity report. The bank argued that the BSA compliance standards were too vague, accused FDIC examiners of bias during the examination in a manner that violated its due process rights, and alleged that the decision was not supported by substantial evidence.
The three-judge panel ruled that (i) there was no bias in the FDIC’s decision to assess a penalty against the bank because there was substantial evidence to support an administrative law judge’s findings that the bank’s failure to maintain adequate controls violated BSA regulations; and (ii) because the BSA and FDIC’s implementing regulations are “economic in nature and threaten no constitutionally protected rights,” vagueness is not an overriding concern. While the “four pillars” of BSA compliance are open to interpretation, the panel noted, the FDIC provides banks with a manual written by the Federal Financial Institutions Examination Council that sets forth a uniform compliance standard. Furthermore, FDIC Financial Institution Letter 17-2010 clarifies that the manual contains the FDIC’s BSA compliance supervisory expectations. “A BSA Officer at the Bank bearing the requisite ‘specialized knowledge’ would understand that compliance with the FFIEC Manual ensures compliance with the BSA. . . . The BSA and its implementing regulations are not unconstitutionally vague,” the panel stated. Therefore, the 9th Circuit held that the manual was entitled to Chevron deference and denied the bank’s petition for review.
OCC announces enforcement action against Washington-based bank citing BSA/AML compliance deficiencies
On February 28, the OCC issued a consent order against a Washington-based bank for deficiencies related to its Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program. The consent order requires the bank to, among other things, (i) maintain a Compliance Committee responsible for ensuring the bank adheres to the consent order’s provisions; (ii) appoint a BSA officer who will ensure compliance with the requirements of the BSA and the Office of Foreign Assets Control’s rules and regulations; (iii) implement an enhanced BSA/AML Risk Assessment Program, including the adoption of written policies to ensure the timely review of BSA/AML suspicious activity alerts and the implementation of an automated suspicious activity monitoring system; (iv) conduct a risk-based “Look-Back” to determine whether suspicious activity was timely identified and reported by the bank; (v) develop policies and procedures for enhanced customer due diligence to monitor information for risk; (vi) implement an independent BSA/AML audit program; and (vii) create a comprehensive training program for appropriate bank personnel. The bank did not admit to any wrongdoing in the consent order.
GAO recommends the CFPB review the effectiveness of TRID guidance for small institutions
On February 27, the U.S. Government Accountability Office (GAO) released a report of recommendations to financial regulators on actions to take related to the compliance burdens faced by certain small financial institutions. The report is the result of a study the GAO initiated with over 60 community banks and credit unions (collectively, “institutions”) regarding which financial regulations were viewed as the most burdensome. Among others, the report includes a recommendation to the CFPB that it should assess the effectiveness of its TILA/RESPA Integrated Disclosure Rule (TRID) guidance and take affirmative steps to address any issues that are necessary. In a response to the GAO that is included in the report, the CFPB Associate Director David Silberman said, “the Bureau agrees with this recommendation and commits to evaluating the effectiveness of its guidance and updating it as appropriate.” Among other recommendations, the GAO highlights the need for the CFPB to coordinate with the other financial regulators on their periodic Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA) reviews.
In addition to the compliance concerns with TRID disclosures, the GAO reports that the institutions also consider the data reporting requirements under HMDA, and the transaction reporting and customer due diligence requirements of the Bank Secrecy Act and related anti-money laundering laws the most burdensome. The GAO includes specific recommendations to the other financial regulators to strengthen and streamline regulations through the EGRPRA process.
GAO studies effect of Southwest border banks "derisking" due to BSA/AML concerns
On February 26, the Government Accountability Office (GAO) released a report, which describes Bank Secrecy Act/anti-money laundering (BSA/AML) compliance challenges facing Southwest border banks, examines the impact “derisking” has had on banking services in this region, and evaluates responses by regulators to “derisking” concerns. “Derisking” is defined by GAO as “the practice of banks limiting certain services or ending their relationships with customers to, among other things, avoid perceived regulatory concerns about facilitating money laundering.” According to GAO, because the region has a high volume of cash and cross-border transactions, as well as a large number of foreign accountholders, banks are required to engage in more intensive and frequent monitoring and investigating to comply with BSA/AML requirements. Due to some Southwest border residents and businesses reporting challenges when trying to access banking services in the region, GAO was asked to undertake a review to determine if the access problems were due to “derisking” and branch closures.
Among other things, the report found that (i) the average number of suspicious activity reports filed in the region was two and a half times the number for high-risk counties outside the region; (ii) 80 percent of banks in the region terminated accounts due to risks related to BSA/AML; (iii) 80 percent limited or did not offer accounts to certain businesses considered high risk for money laundering and terrorist financing because those customers drew heightened BSA/AML regulatory oversight; and (iv) money-laundering risks were a more important driver of branch closures in the region than elsewhere. GAO discovered that BSA/AML regulatory concerns may be a factor in banks’ decisions to engage in “derisking” in the region, and that “the actions taken to address derisking by the federal bank regulators and the Financial Crimes Enforcement Network (FinCEN) and the retrospective reviews conducted on BSA/AML regulations have not fully considered or addressed these effects.” The account terminations and limitations, along with branch closures in the region, have raised concerns that the closures have “affected key businesses and local economies and . . . economic growth.”
GAO recommended that FinCEN, FDIC, Federal Reserve Board, and the OCC (the agencies) conduct a comprehensive review of their BSA/AML regulatory framework to assess how banks’ regulatory concerns may be affecting their decisions to provide banking services. It also recommended that the agencies jointly conduct a retrospective review of BSA/AML regulations and their implementation and revise BSA regulations as necessary to “ensure that BSA/AML regulatory objectives are being met in the most efficient and least burdensome way.”
DOJ unseals charges against former Venezuelan government officials for money laundering and FCPA violations in state-owned energy company scheme
On February 12, the DOJ unsealed charges against five former Venezuelan government officials for their involvement in a money laundering scheme at Venezuela’s state-owned energy company. The five defendants are each charged with conspiracy to commit money laundering. Two defendants are also charged with conspiracy to violate the FCPA.
Four of the defendants were arrested in Spain in October 2017 on arrest warrants based on an indictment filed in the Southern District of Texas last August. One has been extradited from Spain, while the others are pending extradition.
The indictment alleges that the five defendants possessed significant influence within the company, which permitted them to solicit vendors for “bribes and kickbacks in exchange for providing assistance to those vendors in connection with their [company] business.” The company vendors included residents of the U.S. and vendors who owned U.S.-based businesses. According to the indictment, two company vendors transferred more than $27 million to accounts in Switzerland that were connected to two of the defendants. The two company vendors previously pleaded guilty in the Southern District of Texas to FCPA charges related to the bribery of company officials.
The charges are part of an ongoing investigation by the DOJ and ICE-HSI into bribery at the company, which has resulted in charges against fifteen individuals, ten of whom have pleaded guilty.
Agencies assess $613 million in total penalties against national bank and its parent for BSA/AML deficiencies
On February 15, a national bank and its parent corporation were assessed $613 million in total penalties by the OCC, DOJ, Federal Reserve, and Financial Crimes Enforcement Network (FinCEN) as part of a deferred prosecution agreement over Bank Secrecy Act (BSA) and anti-money laundering (AML) compliance program deficiencies. According to the announcement by the DOJ, the agency’s settlements cover a range of alleged AML deficiencies back to 2009, including an alleged effort not to disclose known Suspicious Activity Report (SAR) deficiencies to the OCC. Additionally, the DOJ cited the bank for failing to timely file SARs related to the banking activity of a customer who used the bank to launder proceeds from a fraudulent payday lending scheme, when the bank was allegedly on notice of the activity (previously covered by InfoBytes here).
The $613 million in penalties include: a $453 million forfeiture as part of the deferred prosecution agreement with the DOJ; a $75 civil money penalty from the OCC; a $15 million civil money penalty from the Federal Reserve; and a $70 million civil money penalty from FinCEN.
FinCEN proposes measure against Latvian bank for alleged money laundering schemes, blocks U.S. accounts
On February 13, the Financial Crimes Enforcement Network (FinCEN) issued a finding and notice of proposed rulemaking (NPRM), pursuant to Section 311 of the USA PATRIOT Act, seeking to prohibit the opening or maintaining of correspondent accounts in the United States for, or on behalf of, a Latvian-based bank. The NPRM is being issued based on findings that the bank has “institutionalized money laundering as a pillar of [its] business practices.” According to the NPRM, the bank’s management (i) “permits the bank and its employees to orchestrate and engage in money laundering schemes”; (ii) “solicits the high-risk shell company activity that enables the bank and its customers to launder funds”; (iii) “maintains inadequate controls over high-risk shell company accounts”; and (iv) “seeks to obstruct enforcement of Latvian anti-money laundering and combating the financing of terrorism (AML/CFT) rules in order to protect these business practices.” Specifically, Secretary of the Treasury Steven T. Mnuchin asserted that the bank’s failure to implement effective AML/CFT and sanctions policies and procedures has become a conduit for widespread illicit activity, “including activity linked to North Korea’s weapons program and corruption connected to Russia and Ukraine.” The measures set forth under the NPRM are designed to protect the U.S. financial system from money laundering and terrorist financing threats. Comments are due 60 days after publication in the Federal Register.
FinCEN issues advisory updating FATF-identified jurisdictions with AML/CFT deficiencies
On February 9, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions based on November 3, 2017 updates to the Financial Action Task Force’s (FATF) list of jurisdictions identified as having “strategic deficiencies” in their anti-money laundering/combating the financing of terrorism (AML/CFT) regimes. FinCEN urges financial institutions to consider this list when reviewing due diligence obligations and risk-based policies, procedures, and practices.
The current jurisdictions (as further described in the Improving Global AML/CFT Compliance: On-going Process) that have AML/CFT deficiencies for which the jurisdictions have developed action plans are: Bosnia and Herzegovina, Ethiopia, Iraq, Sri Lanka, Syria, Trinidad and Tobago, Tunisia, Vanuatu, and Yemen. Notably, Uganda has been removed from this list for making “significant technical progress in improving its AML/CFT regime and . . . establish[ing] the legal and regulatory framework to meet the commitments in its action plan.” However, Sri Lanka, Trinidad and Tobago, and Tunisia were added to the list due to the ineffective implementation of their AML/CFT frameworks. The Democratic People’s Republic of Korea and Iran remain the two jurisdictions subject to countermeasures and enhanced due diligence due to AML/CFT deficiencies.