Regulators Issued Fewer AML Fines in 2014, But Packed a Bigger Punch
Sometimes a decline in bank enforcement actions isn’t a good thing, even for bankers. Such is the takeaway of a review of enforcement action data spanning back five years, during which the number of formal Bank Secrecy Act penalties fell nearly 20 percent while fines and regulatory demands grew.
In 2014, the U.S. Treasury Department, Federal Deposit Insurance Corp. (FDIC), Federal Reserve Board issued 45 enforcement actions for anti-money laundering (AML) infractions, an 11 percent drop from the 2013 total, according to data reviewed by ACAMS moneylaundering.com.
The ongoing annual decline in the number of AML-related regulatory orders was paired again with a rise in outlays demanded in monetary penalties. Banks paid $351 million in 2014, or roughly seven times the fines levied in the previous year, excluding concurrent fines.
The growth in fine sizes reflects the fact that the Bank Secrecy Act (BSA) is still very much on the regulatory radar, according to Robert Rowe, a vice president at the Washington, D.C.-based American Bankers Association.
“When the examiners come in, they’re looking at everything in the BSA program,” said Rowe, citing discussions with the association’s members. “It’s being much more carefully analyzed.”
In 2014, regulators also took a tougher tack with small financial institutions including money services businesses, according to Daniel Tannebaum, a former Treasury official and current global financial crimes sanctions leader at PricewatershouseCoopers LLP.
One Number: $13 billion
Total monetary settlements levied for money laundering, sanctions and tax evasion by the regulators and law enforcement agencies surpassed $13.4 billion for the year, data shows.
The sum includes fines and settlements imposed by the Office of the Comptroller of the Currency (OCC), FDIC, the Federal Reserve, the Financial Crimes Enforcement Network (FinCEN), the Office of Foreign Assets Control (OFAC), the U.S. Justice Department, and New York state and municipal agencies, minus redundant penalties that were concurrently imposed. Four international banks paid U.S. authorities more than $300 million each, with some shelling out significantly more.
As in previous years, the Justice Department packed the biggest punch in 2014, largely through its role in the nearly $9 billion settlement in June with BNP Paribas for willfully violating U.S. sanctions against four nations. In January 2014, the department shepherded a $1.7 billion settlement to conclusion with JPMorgan Chase for its failure to identify Bernard
Madoff’s Ponzi scheme with AML controls. The settlement, including linked agreements requiring the bank to pay penalties to the OCC and the trustee acting on behalf of Madoff’s investors, totaled $2.05 billion.
The New York State Department of Financial Services (NYSDFS) also took on a more assertive role over the year by seeking a total $3.7 billion from five banks that violated federal laws against tax evasion, money laundering and sanctions busting, and in doing so, broke state statutes.
Two banks—Standard Chartered and Bank of Tokyo Mitsubishi—found themselves paying the state regulator for the second time in the last two years. NYSDFS dinged the banks to the tune of $300 million or more for failing to address or disclose compliance issues related to their initial settlements.
Emphasis on culture
With greater emphasis than in previous years, regulators made it clear in speeches, guidance and enforcement actions that senior managers and boards of directors must take responsibility for banks’ AML efforts. More than ever, federal and state regulators sought to penalize individuals through fines and public disclosures.
“The board and senior management’s governance and culture directly affects the implementation of overall risk management controls, including AML controls,” said John Wagner, a former director of AML compliance with the OCC who retired from the agency last year.
The penalties also extended to compliance officers in unprecedented ways.
In December, FinCEN sued Thomas Haider, a former chief compliance officer with MoneyGram, for $1 million for purportedly ignoring signs of a telemarketing scheme that tricked Americans into wiring millions of dollars to locations in Canada. Haider failed to address concerns raised by other employees about the possible complicity of MoneyGram agents, the bureau said.
The fine is “probably the most significant enforcement action against an individual in recent history,” said Wagner. “Holding the chief compliance officer accountable for the deficiencies of the BSA compliance program is a significant development within BSA enforcement.”
As part of its largest-ever AML settlement, the Financial Industry Regulatory Authority (Finra) in February fined Harold Crawford $25,000 for failing to properly scrutinize the trading of six billion shares of penny stocks during his time as the global AML chief for Brown Brothers Harriman. The bank paid Finra a record $8 million for knowingly giving investors anonymous access to the U.S. financial market.
Under terms of a NYSDFS settlement disclosed in November, the manager of Bank of Tokyo Mitsubishi’s AML compliance officer resigned. The agency also barred two of the bank’s employees from conducting business with any New York financial institution it regulates.
Counting actions by the U.S. Securities and Exchange Commission (SEC), Finra and other agencies, regulators penalized 21 individuals for AML lapses, either with fines or restrictions on their employment. The individuals included directors and compliance officers at banks money services businesses and casinos.
Key components
Many of last year’s enforcement actions were predicated on shortcomings found in each of the financial institution’s three lines of defense: business, compliance and audit, according to Fred Curry, a principal at Deloitte Financial Advisory Services LLP.
“So what you’re seeing is more and more findings citing totally inadequate compliance programs, which leads to more severe enforcement actions, much larger penalties, and much more expensive program remediation requirements,” said Curry
Examiners often asked about compliance management systems and audit departments, including the audit component of compliance management systems, according to Rowe.
“They’re looking at exactly how it’s structured, what kind of systems they have in place, the staffing that they have, how often they’re reviewing policies and procedures, how often they’re checking their systems to make sure the monitoring programs are doing what they’re supposed to be doing,” said Rowe. “It’s the entire compliance program.”
Regulators also made clear that the enhanced due diligence (EDD) measures banks implement for high-risk clients “have to be demonstrably different than the standard due diligence procedures for lower-and medium-risk accounts, as well as in [know-your-customer] records,” said Vasilios Chrisos, a principal with Ernst & Young LLP.
“There’s a lot of regulatory pressure for organizations to define the exact EDD measures the bank will take, including more background checks on legal entity customers to find beneficial owners,” said Chrisos. This is “especially becoming true” for casino operators who accept billions of dollars in wire transfers each year from non-U.S. patrons, he said.
In trouble, behind the scenes
Not all of the trouble banks found themselves in made it into press releases and headlines in 2014. Compliance consultants and bankers contacted for this story said that, anecdotally, regulators handed banks more matters requiring attention, or MRAs, and matters requiring immediate attention, or MRIAs.
The uptick in the use of the nonpublic regulatory orders, including memoranda of understanding, is part of a regulatory strategy to get the attention of banks’ senior management, said Tannebaum, citing conversations with clients.
In October, the OCC revamped the terms under which it would follow up on the nonpublic orders in response to congressional criticism over its failure to more aggressively enforce the requests, under the revised policy, the office said it would more quickly issue public enforcement actions when banks fail to respond to MRAs.
Consistently higher fines
The number of AML fines by Finra also fell last year compared to 2013.
The self-regulatory organization, which acts of behalf of the SEC, issued 9 such penalties in 2014, down from 34 the previous year. The SEC last year handed down four AML enforcement actions, including a $5 million fine against Wells Fargo Advisors and a separate order targeting a former employee.
Led by the $8 million penalty assessed against Brown Brothers Harriman in February 2015, the fines levied last year by Finra “blew expectations for what’s coming next completely out of the water,” said Bao Nguyen, a former Finra examiner.
“For the first time, you’re seeing Finra penalties consistently plow past the range of thousands of dollars into the range of millions of dollars,” said Nguyen. “They’re still looking at the smaller and regional brokerages, but more and more Finra is going after the big wirehouses, and there is more of that in the works.”
Over the year, Finra focused on two particular issues: penny stocks and correspondent accounts for foreign financial institutions, said an official with the organization who asked not to be named.
Finra had a very keen interest in foreign customers –foreign banks, mostly—holding correspondent relationships with the broker-dealer,” said Nguyen. “Five years ago, that wasn’t prevalent. Now Finra’s asking for the broker-dealer,” said Nguyen. “Five years ago, that wasn’t prevalent. Now Finra’s asking for the broker-dealer to demonstrate that they have complied with 31 CFR 1010.610, which is a foreign financial institution due diligence requirement.”
Across the pond
By contrast, financial regulators in the United Kingdom had a quiet year, with only one AML-related enforcement action: the Financial Conduct Authority’s 7-million pound settlement with Standard Bank Plc in January 2014.
But that’s not to say that British regulators have gone soft on financial crime. Rather, the FCA is focusing more on the issue in general and increasingly looking at compliance controls intended to stop money laundering, bribery and sanctions violations, according to Michael Ruck, a London-based senior associate with Pinset Masons.
With regulators asking more questions about politically-tied clients, some banks are having to “weigh up money laundering regulatory and prosecution risks against commercial interests, and some banks are finding it easier and cleaner to close accounts,” he said.
The trend has made “de-risking” a topic in the country, according to Ruck.
FCA officials have also signaled that they are shifting from a remedial approach to fines against banks, according to Richard Burger, a partner with Reynolds Porter Chamberlain LLP and a former enforcement attorney with the U.K.’s now-defunct Financial Services Authority.
“So we are likely to see more anti-financial crime fines in 2015,” he said.
Bao Nguyen, CAMS, CFE, CRCP, is a Risk Advisory Services Principal – Investment Leader at Kaufman Rossin, one of the Top 100 CPA and advisory firms in the U.S.