A recent court opinion emphasizes the sensitive issues involved in terminating potentially difficult employees — or, from the employee’s or perhaps the government’s perspective, in terminating whistleblowers who were retaliated against for being willing to point out compliance failures. Although this competing dynamic applies across all industries, a recent opinion from the U.S. Federal District Court for the Eastern District of Louisiana, Kell v. Iberville Bank, addressed such a situation in the Anti-Money Laundering (“AML”)/Bank Secrecy Act (“BSA”) context, in which a bank’s former compliance officer sued her former employer for allegedly terminating her in retaliation for raising uncomfortable issues about claimed insider abuse and the alleged failure to file a Suspicious Activity Report (“SAR”). Continue Reading Case Highlights Potential Protections for BSA Whistleblowers
Second Post in a Two-Part Series
NYDFS Action Highlights the Need for Good Monitoring – and Good Consultants
In part one of this two-part post, we provided some practical tips for financial institutions to increase the chances that their Anti-Money Laundering (“AML”) programs will withstand regulators’ scrutiny, including: (1) promoting a culture of AML/Bank Secrecy Act (“BSA”) compliance; (2) focusing on transaction monitoring; (3) improving information sharing; (4) identifying and handling high-risk accounts appropriately; and (5) knowing your risks and continually improving your AML program to control those risks.
In this post we’ll discuss the consequences of potentially failing to heed these practical tips in a specific case: the New York Department of Financial Services’ (DFS) recent enforcement action against Mashreqbank. Further, we look forward to discussing all of these issues in an upcoming podcast in Ballard Spahr’s Consumer Financial Monitor Podcast series. So please continue to stay tuned.
Mashreqbank is the oldest and largest private bank in the United Arab Emirates. Its New York branch is Mashreqbank’s only location in the United States. It offers correspondent banking and trade finance services and provides U.S. dollar clearing services to clients located in Southeast Asia, the Middle East and Northern Africa. In 2016, the branch cleared more than 1.2 million USD transactions with an aggregate value of over $367 billion. In 2017, the branch cleared more than one million USD transactions with an aggregate value of over $350 billion.
The DFS enforcement action asserted that Mashreqbank’s AML/BSA program was deficient in a number of respects and that the New York branch had failed to remediate identified compliance issues. The enforcement action began with a DFS safety and soundness examine in 2016. In 2017, DFS and the Federal Reserve Bank of New York (FRBNY) conducted a joint safety and soundness examination. DFS provided a report of its findings to which Mashreqbank submitted a response.
In a consent order signed on October 10, 2018, Mashreqbank admitted violations of New York laws and accepted a significant monetary penalty and increased oversight for deficiencies in its AML/BSA and Office of Foreign Assets Control (OFAC) programs. Regulators pursued the enforcement action despite the New York branch’s strong cooperation and demonstrated commitment to building an effective and sustainable compliance program. Among other things, Mashreqbank agreed to pay a $40 million fine; to hire a third-party compliance consultant to oversee and address deficiencies in the branch’s compliance function including compliance with AML/BSA requirements; and to develop written revised AML/BSA and OFAC compliance programs acceptable to DFS.
The DFS and FRBNY examination findings demonstrate Mashreqbank’s failure to follow the practical tips identified in part one of this post. Specifically, the regulators found that Mashreqbank failed to: (1) have appropriate transition monitoring; (2) identify and handle high-risk accounts appropriately; and (3) know its risk and improve its AML program to control those risks.
Further, and as our discussion will reflect, the Mashreqbank enforcement action is also notable in two other respects. First, the alleged AML failures pertain entirely to process and the general adequacy of the bank’s AML program – whereas the vast majority of other AML/BSA enforcement actions likewise discuss system failures, they usually also point to specific substantive violations, such as the failure to file Suspicious Activity Reports (“SARs”) regarding a particular customer or set of transactions. Second, although the use of external consultants usually represents a mitigating factor or even a potential reliance defense to financial institution defendants, the DFS turned what is typically a defense shield into a government sword and instead criticized Mashreqbank for using outside consultants who, according to DFS, were just not very rigorous. This alleged use of consultants performing superficial analysis became part of the allegations of affirmative violations against the bank, thereby underscoring how financial institutions must ensure that their AML/BSA auditors or other consultants are experienced, competent, and performing meaningful testing, particularly when addressing issues previously identified by regulators. Continue Reading Practical Tips in Action: The Mashreqbank AML Enforcement Action
First Post in a Two-Part Series
How do financial institutions get in trouble with their regulators? Recent AML enforcement actions suggest that the following two failures are at the heart of most of these actions: (1) inadequately identifying, monitoring and/or reporting suspicious activity; and (2) failing to implement adequate internal controls. And these same issues crop up year after year.
In this post, we’ll discuss these failures and their root causes and provide practical tips for ensuring that your AML program will withstand the scrutiny of regulators. In our next post, we will discuss how these practical tips apply in a specific AML enforcement action: the recent consent order between the New York Department of Financial Services and Mashreqbank. Further, we look forward to discussing all of these issues in an upcoming podcast in Ballard Spahr’s Consumer Financial Monitor Podcast series. So please stay tuned.
The U.S. financial institutions that recently found themselves in the government’s crosshairs allegedly engaged in the following behavior:
- Failing to investigate alerts on high-risk accounts where those accounts had been investigated previously, even when the new suspicious activity to which the bank had been alerted differed from the activity that it previously had investigated.
- Having a policy of not investigating or filing SARs on cash withdrawals from branches near the Mexican border if the customer said they were withdrawing cash in the U.S., rather than carrying cash into the U.S. from Mexico, in order to avoid having to file a Report of International Transportation of Currency or Monetary Instruments (CMIR).
- Capping the number of alerts from its transaction monitoring systems based on the number of staff available to review the alerts rather than on the risks posed by the transactions (and lying to regulators about it).
- Failing to report the suspicious activities of a longtime customer despite having been warned that the customer was laundering the proceeds of an illegal and fraudulent scheme through accounts at the bank.
- Failing to conduct necessary due diligence on foreign correspondent accounts.
- A brokerage company failing to file SARs on transactions that showed signs of market manipulation.
- A MSB’s failing to implement proper controls and discipline crooked agents because those agents were so profitable for the MSB, thereby enabling illegal schemes such as money laundering.
Although the behavior of these financial institutions may differ, the root causes of their failures do not. They include the following:
- An inadequate, ineffective or non-existent risk assessment.
- Elevating the business line over the compliance function.
- Offering products or using new technologies without adequate controls in place.
- Compliance programs that are not commensurate with the risks, often due to under investment in AML technology or other resources and/or lack of awareness of AML risks or controls.
- Corporate silos, both human and technological, that prevent or hinder information sharing.
- Insufficient screening of parties and relationships and lack of effective processes and controls around EDD.
So how can you ensure that your AML program is adequate? Here are some practical tips. Continue Reading Practical Tips for Ensuring Your AML Program Withstands the Scrutiny of Regulators
The Treasury Inspector General for Tax Administration, or TIGTA, issued last month a Report, entitled The Internal Revenue Service’s Bank Secrecy Act Program Has Minimal Impact on Compliance, which sets forth a decidedly dim view of the utility and effectiveness of the current Bank Secrecy Act (“BSA”) compliance efforts by the Internal Revenue Service (“IRS”). The primary conclusions of the detailed Report are that (i) referrals by the IRS to the Financial Crimes Enforcement Network (“FinCEN”) for potential Title 31 penalty cases suffer lengthy delays and have little impact on BSA compliance; (ii) the IRS BSA Program spent approximately $97 million to assess approximately $39 million in penalties for Fiscal Years (FYs) 2014 to 2016; and (iii) although referrals regarding BSA violations were made to IRS Criminal Investigation (“IRS CI”), most investigations were declined and very few ultimately were accepted by the Department of Justice for prosecution.
Arguably, the most striking claim by the Report is that “Title 31 compliance reviews [by the IRS] have minimal impact on Bank Secrecy Act compliance because negligent violation penalties are not assessed.”
A primary take-away from the Report is that an examination program lacking actual enforcement power is, unsurprisingly, not very effective. The Report also highlights some potential problems which beset the IRS BSA Program, which include lack of staffing, lack of planning and coordination, and delay. Although the Report’s findings clearly suggest that what the IRS BSA Program really needs are resources and enhanced enforcement power, the repeated allusions in the Report to a certain purposelessness of the current BSA examination regime nonetheless might help fuel the current debate regarding possible AML/BSA reform, with an eye towards curbing regulatory burden.
The Report made five specific recommendations to the IRS for remedial steps. We will focus on four of those recommendations, and the findings upon which they rest:
- Coordinate with FINCEN on the authority to assert Title 31 penalties, or reprioritize BSA Program resources to more productive work;
- Leverage the BSA Program’s Title 31 authority and annual examination planning in the development of the IRS’s virtual currency strategy;
- Evaluate the effectiveness of the newly implemented review procedures for FinCEN referrals; and
- Improve the process for referrals to IRS CI.
Charges Represent First Criminal Case Based Solely on Alleged Unauthorized SAR Disclosure
On October 17, the U.S. Attorney for the Southern District of New York (“SDNY”) announced the arrest of a senior employee at the Financial Crimes Enforcement Network (“FinCEN”). That employee, Natalie Mayflower Sours Edwards, has been charged with unlawfully disclosing Suspicious Activity Reports (“SARs”) to a member of the media, in violation of 31 U.S.C. § 5322 and 18 U.S.C. § 371, both of which carry a maximum sentence of five years in prison.
The Bank Secrecy Act (“BSA”) requires certain financial institutions, including banks, to file a SAR with FinCEN when they detect a known or suspected violation of federal law or regulation, or suspicious activity relating to money laundering, terrorist financing or other illicit activity. The BSA imposes strict confidentiality requirements as to the disclosure of information relating to a SAR, including the very existence of one. For instance, the statute prohibits any current or former officer or employee of, or contractor for, federal or state governments, as well as local, tribal or territorial governments from disclosing to any person involved in a suspicious transaction that the transaction has been reported, “other than as necessary to fulfill the official duties of such officer or employee.” The BSA also contains a similar prohibition applicable to the reporting financial institution and its agents, and the regulations more broadly prohibit the disclosure of “a SAR or any information that would reveal the existence of a SAR” by government officers or employees, or by the reporting institution. The relevant regulation also states that any covered financial institution, or its agent, which receives a subpoena or is otherwise requested to disclose a “SAR or any information that would reveal the existence of a SAR, shall decline to produce the SAR or such information[.]”
The government’s decision to charge Ms. Edwards is significant in numerous respects. For one, this appears to be the first criminal case based solely upon an unauthorized disclosure of a SAR. To be sure, there are at least two prior prosecutions involving the unauthorized disclosure of a SAR, but those cases also involved other, related charges. Specifically, in 2011, former bank employee Frank Mendoza was convicted of an illegal SAR disclosure. The government charged that Mr. Mendoza approached the subject of a SAR filed by Mr. Mendoza’s bank and solicited a bribe in exchange for Mr. Mendoza’s assistance with the bank. In this conversation, he disclosed the filing of the SAR by the bank and advised the subject that a federal criminal investigation was imminent. The subject of the SAR immediately reported the bribery solicitation to the FBI and Mr. Mendoza was arrested. Following a one-week trial, a federal jury in the Central District of California found Mr. Mendoza guilty of disclosing the existence of a SAR and accepting a bribe. He was sentenced to six months imprisonment, and was further assessed a civil monetary penalty of $25,000 by FinCEN. Likewise, the SDNY charged Robert Lustyik, a former Special Agent with the FBI, in 2013 with an unauthorized disclosure of a SAR in violation of 31 U.S.C. § 5322(a). Mr. Lustyik’s case also centered on a purported bribery scheme, during which he allegedly sold SARs and other confidential law enforcement information in exchange for personal payments.
In contrast, Ms. Edwards purportedly disclosed SARs (and other materials) via encrypted email to a reporter, the substance of which related to matters under investigation by the U.S. Office of the Special Counsel, including the investigation of Paul Manafort, Jr., the President’s former campaign manager. The complaint alleges that this information subsequently was published, over the course of numerous news articles, by the same organization that employed the reporter. In that regard, the complaint against Ms. Edwards contains an interesting allegation, albeit one limited to a footnote: Ms. Edwards told investigators she considered herself a “whistleblower,” and the government acknowledges that Ms. Edwards had in fact filed a whistleblower complaint within the Treasury Department. The complaint also alleges that Ms. Edwards initially concealed from investigators her contacts with the reporter at issue. Also of note is that, unlike the cases against Mr. Mendoza and Mr. Lustyik, the government has charged Ms. Edwards with a conspiracy to defraud the United States.
Although the potential political circumstances surrounding the complaint filed against Ms. Edwards may be difficult to ignore, this action nonetheless serves to underscore the basic need to comply with the BSA’s confidentiality rules, and the potentially severe consequences of failing to do so. Although Ms. Edwards is a government employee, the rules which she allegedly violated apply with equal force to financial institutions and their employees.
Denmark Suffers Greatest Increase in Annual Risk Rating
The Basel Institute on Governance (“Basel Institute”) recently announced that the associated Basel Centre for Asset Recovery has released its seventh annual Basel Anti-Money Laundering Index (“AML Index”) for 2018, described by the Basel Institute as “an independent, research-based ranking that assesses countries’ risk exposure to money laundering and terrorist financing.” The risk scores for each country in the AML Index “are based on 14 publicly available indicators of anti-money laundering and countering the financing of terrorism (AML/CFT) frameworks, corruption risk, financial transparency and standards, and public transparency and accountability.” The Basel Institute, which is associated with the University of Basel, describes itself as “an independent not-for-profit competence centre working around the world with the public and private sectors to counter corruption and other financial crimes and to improve the quality of governance.”
The public AML Index, which pertains to 129 countries, is here; an “expert edition” containing a full list of scores and sub-indicators for all 203 countries — available for cost to private persons or industry, or for free to academic, public, supervisory and non-profit organizations — is here. A summary of the public AML Index is here.
As we will discuss, the AML Index bemoans a lack of progress in the global fight against corruption, and in particular cites lack of enforcement of existing laws and declining press freedom across the globe. The AML Index also underscores how countries with seeming low risk in fact have lurking problems. Continue Reading 2018 Basel AML Index Measures Risk and Cites Lack of Effective Enforcement and Declining Global Press Freedom
Five U.S. regulatory agencies—the Board of Governors of the Federal Reserve System (“FRB”), the Federal Deposit Insurance Corporation (“FDIC”), the National Credit Union Administration (“NCUA”), the Office of the Comptroller of the Currency (“OCC”), and the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”)—released on October 3, 2018 an Interagency Statement on Sharing Bank Secrecy Act Resources (the “Statement”). This guidance addresses instances in which certain banks and credit unions can enter into “collaborative arrangements” to share resources to manage their Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) obligations more efficiently and more effectively.
The Statement contemplates banks sharing resources such as internal controls, independent testing, and AML/BSA training (it does not apply to collaborative arrangements formed for information sharing among financial institutions under Section 314(b) of the U.S. Patriot Act). Such resource sharing contemplates reducing costs and increasing efficiencies in the ways banks manage their BSA and AML obligations. The Statement clearly is addressed primarily to community banks, for which the costs of AML/BSA compliance can be significant, and which presumably engage in “less complex operations [and have] lower risk profiles for money laundering or terrorist financing.” The Statement potentially represents another step in an ongoing AML reform process, which increasingly acknowledges the costs of AML compliance to industry. Continue Reading Federal Banking Agencies Encourage BSA Resource Sharing
Guest Post by Darpana Sheth of the Institute of Justice
We are pleased to present this guest blog by Darpana Sheth, who is a senior attorney with the Institute for Justice (“IJ”). As Ms. Sheth explains, the U.S. Supreme Court will hear argument later this Fall in Timbs v. State of Indiana, one of the most anticipated cases this term, and which will test severely civil forfeiture laws. As Ms. Sheth notes, Mr. Timbs lost a “$42,000 vehicle for selling less than $400 worth of drugs.” Civil forfeiture is a unique issue on which traditional rivals across the political spectrum can agree, because it can unite individual and property right interests.
Ms. Sheth serves as Director of IJ’s Nationwide Initiative to End Forfeiture Abuse. Currently, she is lead counsel in an unprecedented federal class action against the City of Philadelphia, the Philadelphia District Attorney’s Office, and state court judges for their egregious civil-forfeiture practices. Although the following is subject to approval by the Court, this class action has secured an extremely favorable settlement agreement.
Previously, Ms. Sheth represented the State of New York as an Assistant Attorney General, worked as a litigator at Chadbourne & Parke, LLP, and clerked for the Honorable Jerome A. Holmes of the U.S. Court of Appeals for the Tenth Circuit. We hope that you enjoy this discussion by Ms. Sheth of these important issues. -Peter Hardy
This fall, the U.S. Supreme Court will hear argument in Timbs v. State of Indiana, one of the most anticipated cases this term. At issue is whether the Eighth Amendment’s prohibition against excessive fines applies to state and local governments just as it has applied to the federal government since 1791. (Or, using the technical term, whether the Eighth Amendment’s Excessive Fines Clause is incorporated against the States.)
The case involves the civil forfeiture of a $42,000 vehicle for selling less than $400 worth of drugs. As recounted in a video news release, Tyson Timbs was prescribed opioids for foot pain. In an all-too-familiar tale of opioid addiction, Timbs turned to heroin when his prescription ran out. When police arrested him and seized his vehicle during a drug sting, Timbs pleaded guilty and was sentenced to six years—one year on home detention (with his aunt) and five years on probation, including a court-supervised addiction-treatment program. The court also assessed Timbs more than $1,200 in criminal court costs and fees. Continue Reading Must All 50 States Comply with the U.S. Constitution’s Prohibition Against Excessive Fines?
Convictions to “Promote” Crime and “Conceal” Illegal Proceeds Vacated Due to Insufficient Evidence of Intent
A recent decision out of the United States District Court for the Eastern District of Virginia adjudicating a seemingly straight-forward alleged fraud and money laundering scheme reminds us that money laundering charges still require the government to establish elements which can be difficult to prove, including, importantly, specific intent.
United States v. Millender involved an investment fraud scheme charged against a husband and wife and their associate. Terry and Brenda Millender were, respectively, the founder and pastor, and the “First Lady” of the Victorious Life Church (“VLC”) in Alexandria, Virginia. The evidence at trial established that Mr. Millender conceived of and founded Micro-Enterprise Management Group (“MEMG”), purportedly for the purpose of helping the poor in developing countries by making small, short-term loans to entrepreneurs who wished to start or expand existing businesses. Mrs. Millender was the co-founder, registered agent, and signatory of MEMG. To fund the enterprise, MEMG solicited “loans” from VLC congregants and other private lenders. MEMG promised its investors high rates of return through profits on the entrepreneur loans and assured them that the loans were securely backed by MEMG assets. Moreover, written materials soliciting investment represented that MEMG had a successful history of making micro-loans in Africa and had established relationships with on-going projects. Later, Mr. Milliner founded a second entity, Kingdom Commodities Unlimited (“KCU”), purportedly for the purpose of brokering Nigerian oil deals, and promising investors substantial returns on what they claimed were short term loans. The defendants solicited over $600,000 from investors from 2008 until 2015.
The Millender opinion reflects the complexity of the different prongs of the money laundering statutes, and their somewhat overlapping and competing requirements. The opinion is particularly noteworthy because of its procedural posture: despite jury verdicts finding guilt, the district court nonetheless found at least as to some counts that there was insufficient evidence as a matter of law of knowledge and specific intent. Continue Reading Money Laundering and Specific Intent Can Be Difficult to Prove
The Federal Banking Agencies (“FBAs”) — collectively the Office of the Comptroller of the Currency (“OCC”); the Board of Governors of the Federal Reserve System (“Federal Reserve”); the Federal Deposit Insurance Corporation (“FDIC”); and the National Credit Union Administration (“NCUA”) — just issued with the concurrence of FinCEN an Order granting an exemption from the requirements of the customer identification program (“CIP”) rules imposed by the Bank Secrecy Act (“BSA”) under 31 U.S.C. § 5318(l) for certain premium finance loans. The Order applies to “banks” — as defined at 31 C.F.R. § 1010.100(d) — and their subsidiaries which are subject to the jurisdiction of the OCC, Federal Reserve, FDIC, or NCUA.
The Order generally describes the CIP rules of the BSA, which at a very high level require covered financial institutions to implement a CIP “that includes risk-based verification procedures that enable the [financial institution] to form a reasonable belief that it knows the true identify of its customers.” This process involves gathering identifying information and procedures for verifying the customer’s identity. Further observing that, under 31 C.F.R. § 1020.220(b), a FBA with the concurrence of the Secretary of the Treasury may exempt any bank or type of account from these CIP requirements, the Order proceeds to exempt loans extended by banks and their subsidiaries from the CIP requirements when issued to commercial customers (i.e., corporations, partnerships, sole proprietorships, and trusts) to facilitate the purchases of property and casualty insurance policies, otherwise known as premium finance loans or premium finance lending.
The key to the exemption — similar to other narrow exemptions previously issued by FinCEN in regards to the related beneficial ownership rule (as we have blogged, see here and here) — is that these transactions are perceived as presenting a “low risk of money laundering.” This finding is repeated throughout the Order, and is rooted in arguments made in letters submitted to FinCEN and the FBAs by a “consortium of banks.”
More specifically, the Order explains that premium finance loans present a low risk of money laundering, and therefore are exempt from the CIP rules, because of the following considerations and “structural characteristics,” raised either by the consortium of banks and/or the government itself:
- The process for executing a premium finance loan is highly automated, because “most . . . loan volume is quoted and recorded electronically.”
- These loans typically are submitted, approved and funded within the same business day and are conducted through insurance agents or brokers with no interaction between the bank and borrower — which means that this process renders it difficult for banks to gather CIP-related information efficiently. These practical problems are exacerbated by the frequent reluctance of insurance brokers and agents — driven by data privacy concerns — to collect personal information.
- Property and casualty insurance policies have no investment value.
- Borrowers cannot use these accounts to purchase merchandise, deposit or withdraw cash, write checks or transfer funds.
- FinCEN previously exempted financial institutions that finance insurance premiums from the general requirement to identify the beneficial owners of legal entity customers.
- FinCEN previously exempted financial institutions that finance insurance premiums that allow for cash refunds from the beneficial ownership requirements.
- FinCEN previously exempted commercial property and casualty insurance policies from the general BSA compliance program rule for insurance companies.
- The exemption “is consistent with safe and sound banking.”
Although this exemption is narrow and somewhat technical, it represents yet another step in an apparent trend by FinCEN and the FBAs to ease the regulatory demands, albeit in a very targeted fashion, imposed under the BSA. Clearly, the key argument to be made by other financial institutions seeking similar relief is that the particular kind of financial transaction at issue presents a “low risk of money laundering.”
If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please also check out Ballard Spahr’s Consumer Finance Monitor blog, which comprehensively covers financial regulation and litigation involving the CFPB, Federal Agencies, State Agencies, and Attorneys General. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.