Bank

Subscribe to Bank

Estonian “Non-Resident Portfolio” Produces Colossal Money Laundering Scandal

This week Danske Bank released a report detailing the results of its much anticipated internal investigation into allegations of money laundering perpetrated in its Estonian branch. The results of the investigation dwarfed even the boldest predictions. The report found between 2007 and 2015 the Estonian branch processed a staggering 200 billion Euros, or $234 billion, in suspicious transactions by thousands of non-resident costumers. The report finds the AML procedures at the Estonian branch were “manifestly insufficient and inadequate,” resulting in numerous breaches of legal obligations by the Estonian branch. The report details a numerous red flags that allegedly should have alerted the parent Danske Bank Group (“Group”) to the issues.

However, the report also concludes that the Group’s Board of Directors, Chairman, Audit Committee, or Chief Executive Officer did not violate any legal obligations in failing to detect or stop the suspicious transactions. Despite this finding, the CEO, Thomas Borgan, resigned the same day the report was released. Borgan stated, “Even though I was personally cleared from a legal point of view, I hold the ultimate responsibility. There is no doubt that we as an organization have failed in this situation and did not live up to expectations.” The consequences of this colossal money laundering scandal are unlikely to stop with Brogan’s resignation.

This blog post will summarize the scope of the report, findings of suspicious activity, the causes and red flags of potential money laundering violations, and outline the known and anticipated consequences of this scandal for Danske Bank. Continue Reading Danske Bank CEO Resigns on Heels of Report Detailing an Astounding $234 Billion in Suspicious Transactions in Money Laundering Scandal

In the wake of this week’s revelations of years-long and significant alleged money laundering failures involving ING Bank and Danske Bank, European regulators have circulated a confidential “reflection paper” warning national governments and the European Parliament about shortcomings in the European Union’s (“EU”) anti-money laundering (“AML”) efforts and providing recommendations to strengthen these efforts.  The reflection paper recommends centralizing the enforcement of AML rules through a powerful new EU authority to ensure that banks implement background checks and other AML measures, and setting a deadline for the European Central Bank to reach agreement with national authorities to allow for the sharing of sensitive data.

Continue Reading Recent Nordic Scandals Involving ING Bank and Danske Bank Underscore the European Union’s Vulnerabilities to Money Laundering

Congress enacted the safe harbor provision of the Bank Secrecy Act (BSA), codified at 31 U.S.C. §5318(g)(3)(A), to shield financial institutions, their officers and employees from civil liability for reporting known or suspected criminal offenses or suspicious activity by filing a Suspicious Activity Report, or SAR. More particularly, the safe harbor provides immunity to any “financial institution that makes a voluntary disclosure of any possible violation of law or regulation to a government agency.” This comprehensive protection precludes liability under any federal, state or local law or regulation or under any contract. Nonetheless, despite the broad wording of this provision, courts have disagreed about the scope of the protection it affords.

Specifically, federal courts have disagreed about whether a bank and its officers and employees must have a “good faith” belief that a possible violation of law occurred before filing a SAR. Some courts, particularly those in the 11th Circuit (which covers Alabama, Florida and Georgia), have provided immunity only when the financial institution has a “good faith suspicion that a law or regulation may have been violated.” However, the majority of courts have found that the safe harbor provision provides unqualified protection to financial institutions and their employees from civil liability for filing a SAR.

A recent case from the District of Massachusetts, AER Advisors Inc. v. Fidelity Brokerage Services, LLC , demonstrates just how unqualified that protection is. AER Advisors Inc. (AER) filed a complaint alleging that Fidelity Brokerage Services, LLC (Fidelity) falsely implicated them in a SAR, a SAR that was filed in bad faith. As a result, AER claimed it was subject to multiple investigations by state and federal agencies. Fidelity sought to dismiss the complaint, arguing that it had complete immunity from any liability for any SARs it filed. The court agreed.

The court noted that the extent of immunity varied from circuit to circuit, but in the 1st Circuit where it sits (which covers Maine, Massachusetts, New Hampshire, Puerto Rico and Rhode Island), financial institutions are afforded immunity under Stoutt v. Banco Popular de Puerto Rico, even when disclosures are fabricated, unfounded, incomplete or malicious. The sweeping coverage is based on the court’s reasoning that “Congress did not intend to include a good faith qualification to immunity because (1) it easily could have written the requirement into the statute; (2) it removed a good faith requirement from an earlier draft of the provision; and (3) any limitation on immunity would discourage disclosure.”

AER also argued that Fidelity should not be granted immunity, because by knowingly reporting false information, it had not actually reported a “possible violation of law.” The court rejected this argument as well, saying that, regardless of what Fidelity actually believed, the SAR, on its face, reported a possible violation of law.

Finally, AER argued that fraudulent SARs should not insulate financial institutions from civil liability. The court rejected this argument as well, finding that financial institutions could be prosecuted criminally for knowingly filing false reports.

So just how safe is the safe harbor provision? It depends on where you sit. For most of the country, the safe harbor affords a financial institution total immunity, even if it maliciously files a false SAR. And, as we have blogged, Congress is contemplating codifying this authority by amending 31 U.S.C. § 5318(g)(3)(B) to provide that the safe harbor provision does not create “any duty or requirement of a financial institution or any director, officer, employee, or agent of such institution to demonstrate to any person . . . that a disclosure . . . is made in good faith.”

So keep filing those SARs. And no matter where you sit, it is obviously best to ensure that the SARs you file are factually supported.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.

Public Risks Posed by Unbanked and Cash-Heavy Industry Deemed Insufficient to Outweigh Federal Law Concerns

As we just blogged, the New York State Department of Financial Services (“NYDFS”) has published guidance to “clarify the regulatory landscape and encourage” New York, state-chartered banks and credit unions to “offer banking services” to “marijuana related businesses licensed by New York state[,]” thereby identifying New York as a state friendly to financial services for marijuana-related businesses. In stark contrast, Ed Leary, Commissioner of the Utah Department of Financial Institutions (“UDFI”), recently articulated the polar opposite position, thereby exemplifying the increasingly bewildering patchwork quilt of approaches to banking and anti-money laundering (“AML”) policy in regards to state-licensed marijuana businesses.

In a presentation on August 17, 2018 to members of the National Association of Industrial Banks and the Utah Association of Financial Services, Commissioner Leary advised that UDFI will not ask any financial institutions regulated by his department to provide banking or payment processing services to cannabis-related businesses. To the contrary, if any examination conducted by UDFI identifies evidence of cannabis-related banking activities, UDFI will cite the conduct as an apparent violation of federal law. Continue Reading Banking and Marijuana, Redux: Utah Department of Financial Institutions Commissioner Declares Opposite Position to New York’s Encouragement of Banking Services for Marijuana Businesses Licensed Under State Law

In February 2017, we blogged about a whistleblower complaint filed against Bank of the Internet (“BofI”) by its former internal auditor. The blog post addressed what the whistleblower believed was BofI’s wrongdoing in relation to responding to a subpoena from the Securities and Exchange Commission (“SEC”), and when dealing with a certain loan customer in potential violation of the Anti-Money Laundering (“AML”) rules of the Bank Secrecy Act (“BSA”).

Less than two months after our blog post, three BofI stockholders brought a putative class action complaint against BofI seeking to represent a class of individuals who purchased BofI stock, in a case captioned Mandalevey v. BofI Holding, Inc. These plaintiffs alleged BofI violated the Securities Exchange Act through, among other alleged misrepresentations, falsely denying the company was under investigation for money laundering violations.  A federal court recently dismissed all claims against BofI.

This post focuses on that decision, the allegations relating to the federal investigation of BofI, and the Court’s interesting reasoning in dismissing these plaintiffs’ claims. Although the bank won this latest round, the saga involving BofI underscores how financial institutions face an increasing risk that alleged AML and Counter-Terrorism Financing (“CTF”) violations will lead to follow-on allegations of securities law violations – allegations brought not only by the government (see here), but also by investor class action suits (see here, here and here). Continue Reading When A Purported Money Laundering Investigation Turns Into a Class Action Complaint: The Latest Round in BofI’s Fight to Put Money Laundering Allegations in the Rearview Mirror

 

The U.S. Government Accountability Office (“GAO”) issued a statement earlier this week regarding testimony before the U.S. House of Representatives Subcommittee on Financial Institutions and Consumer Credit Committee on Financial Services regarding the potential perils of “derisking.”

As described by the GAO, “derisking is the practice of depository institutions limiting certain services or ending their relationships with customers to, among other things, avoid perceived regulatory concerns about facilitating money laundering or other criminal activity such as financing to terrorist groups.” Derisking is a significant ongoing issue in AML-related enforcement.  As we have blogged, the U.S. Treasury Department previously attempted to allay the fears driving the phenomenon of derisking by (i) suggesting that U.S. banks have overreacted to concerns over AML/BSA enforcement by unnecessarily terminating correspondent banking relationships with foreign banks; (ii) noting that these relationships are crucial to the global economy; and (iii) stating that reflexive derisking could destabilize or disrupt access to U.S. financing, hinder international trade, cross-border business, and charitable activities, and make claim remittances harder to effectuate.

It is difficult to distill clear and specific practical points from the recent GAO statement, entitled “Bank Secrecy Act – Further Actions Needed to Address Domestic and International Derisking Concerns” (“Derisking Statement”). This is partly because, during the course of listing various perceived concerns regarding the practice of derisking, the Derisking Statement merely comments somewhat vaguely that, “[w]ithout accessing the full range of BSA/AML factors that may be influencing banks to derisk or close branches, Treasury, the federal banking regulators, and Congress do not have the information needed to determine if BSA/AML regulations and their implementation can be made more effective or less burdensome.”

Bearing in mind the above limitations of the statement, the Derisking Statement summarizes itself as follows:

Why GAO Did This Study

In recent years, some Southwest border residents and businesses reported difficulty accessing banking services, including experiencing bank account terminations and bank branch closings in the region. In addition, the World Bank and others have reported that some money transmitters have been losing access to banking services with depository institutions.

This statement is based on findings from GAO’s February 2018 report on access to banking services along the Southwest border (GAO-18-263) and March 2018 report on the effects of derisking on remittance flows to fragile countries (GAO-18-313). GAO discusses (1) the extent to which banks are terminating accounts and closing branches in the Southwest border region, (2) the extent to which money transmitters serving selected fragile countries are facing banking access challenges, and (3) actions relevant U.S. agencies have taken to respond to these challenges. For those reports, GAO surveyed more than 400 banks, developed an econometric model on the drivers of branch closures, and conducted case studies on four countries to assess the effects of derisking on remittances flows.

What GAO Recommends

GAO made five recommendations in the two reports: to Treasury and the federal banking regulators to conduct a retrospective review of BSA/AML regulations and their implementation, and to Treasury to assess shifts in remittance flows to nonbanking channels. Banking regulators agreed with the recommendations. GAO requested comments from Treasury, but none were provided.

Ultimately, what is clear from the Derisking Statement is that the spectrum of financial services available to certain markets is shrinking due to concerns over AML/BSA enforcement, which the U.S. government somewhat perversely suggests are overblown.  What is not clear from the statement is whether U.S. regulators will tackle this issue, or how they should tackle this issue.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.

Bank’s Alleged “Tick Box” Approach Failed to Attain Substantive AML Compliance

Late last week, the Financial Conduct Authority (“FCA”), the United Kingdom’s financial services regulator, imposed a $1.2 million (896,100 pound) fine on the UK division of India’s Canara Bank, an Indian state-owned bank, and ordered a moratorium on new deposits for nearly five months.  The cause—according to Reuters—was Canara’s systemic anti-money laundering (“AML”) failures.

A 44-page final notice published by the FCA explains the multi-year regulatory process that led to a finding of systemic failures and the imposition of penalties.  The FCA’s investigation began in late 2012 and early 2013 with assessments of Canara’s AML systems.  Upon inspection, the FCA “notified Canara of a number of serious weaknesses in its AML systems and controls.”  After promises of remedial action by Canara, an April 2015 visit revealed that the AML systems had not been fixed.  The investigation ended with a final report from a “skilled person,” an expert brought in by the FCA to assess Canara’s AML policies and procedures, completed in January 2016.  Settlement followed, resulting in sanctions and the FCA’s published final notice.

These three visits from the FCA generated a laundry list of Canara’s AML shortcomings.  This enforcement action reflects three main take-aways: (i) the potential risks faced by banks operating in foreign countries in which they have limited AML experience; (ii) the need for swift remedial action after the first examination finding AML deficiencies; and (iii) the need for a substantive AML policy implemented in a substantive way, rather than through a rote reliance on AML-related checklists. Continue Reading Canara Bank of India Fined $1.2 Million by UK Regulators for Systemic AML Failures

Commonwealth Bank of Australia (“CBA”), the largest bank in Australia, has agreed to a proposed civil settlement — subject to court approval — of historic proportions, involving a fine of approximately $700 million Australian dollars (roughly equivalent to $530 million U.S. dollars) regarding numerous alleged Anti-Money Laundering (“AML”) and Counter Terrorism Financing (“CTF”) violations.  The settlement is with the Australian Transaction Reports and Analysis Center (“AUSTRAC”) – a government financial intelligence agency whose counterpart in the U.S. would be the Financial Crimes Enforcement Network (“FinCEN”) — and represents the largest such enforcement action in the history of Australia.  Under the settlement, AUSTRAC also will recoup its legal costs of $2.5 million Australian dollars.

As we have blogged, AUSTRAC filed on August 3, 2017 a claim seeking civil monetary penalties against CBA for over 53,000 alleged violations of Australia’s AML/CTF law.  Although the case involves several types of alleged AML violations, it fundamentally rests on the bank’s use of so-called intelligent deposit machines (“IDMs”), a type of ATM which allowed customers to anonymously deposit and transfer cash.  Unfortunately, and perhaps not surprisingly, the IDMs also became an alleged favored conduit for money laundering by criminals involved in drug trafficking and illegal firearms. Continue Reading Australia’s Largest Bank Agrees to Historic AML Penalty

And a Tale of Four Countries: Singapore Fines a U.K. Bank, and the U.S. Imposes a Consent Order on a Chinese Bank

Less than a week apart, two major financial institutions (“FIs”) have been hit with penalties for failing to implement adequate anti-money laundering (“AML”) protections. But the penalties imposed by the involved regulators are different.  In this post, we report on the enforcement actions recently lodged against Standard Chartered PLC and the Industrial & Commercial Bank of China Ltd. by the Monetary Authority of Singapore and the United States Federal Reserve, respectively.  We also consider the approaches of these two regulators to the banks and the differing outcomes of the enforcement actions.

Continue Reading A Tale of Two Enforcement Actions

Second Part in a Two-Part Series

The Tale of an AML BSA Exam Gone Wrong

As we have blogged, the Ninth Circuit Court of Appeals recently upheld the decision of the Board of Directors of the Federal Deposit Insurance Corporation (“FDIC”) to issue a cease and desist order against California Pacific Bank (the “Bank”) for the Bank’s alleged failure to comply with Bank Secrecy Act (“BSA”) regulations or have a sufficient plan and program in place to do so.

In our first post, we described how the Ninth Circuit rejected the Bank’s constitutional challenge to the relevant regulation, and accorded broad deference to the FDIC in its interpretations of its own regulations, expressed in the form of the Federal Financial Institutions Examination Council Manual (“FFIEC Manual”).  This post discusses the Court’s review of the Bank’s challenge under the Administrative Procedures Act to the FDIC’s factual findings of AML program failings.

The California Pacific opinion provides a significant piece of guidance for banks questioning the adequacy of its BSA compliance program: consult and abide the FFIEC Manual.  Furthermore, it demonstrates that no shortcuts are permitted when it comes to establishing and maintaining a BSA compliance program.  The BSA and the FDIC’s regulations contain firm guidelines and the FFIEC Manual puts banks of all sizes on notice of what compliance is expected of them.  The independence of both the AML compliance officer and of testing; adequate risk assessments of customer accounts; and the correction of prior regulator findings of AML deficiencies are key. Continue Reading Ninth Circuit Court of Appeals Outlines BSA Compliance Obligations and How One Small Bank Failed to Meet Them