Securities and Exchange Commission (SEC)

On June 5, the SEC filed suit against Salt Lake City-based Alpine Securities, Corp. (“Alpine”). The complaint, filed in the Southern District of New York, alleges that the broker-dealer ran afoul of AML rules by “routinely and systematically” (i) failing to file Suspicious Activity Reports (“SARs”) for stock transactions it had flagged as suspicious or, (ii) on thousands of occasions between 2011 and 2015 when Alpine did file SARs, omitting key information, such as the criminal or regulatory history of customers and disclosures as to whether those customers represented a foreign institution.

Under the Bank Secrecy Act (“BSA”), Alpine and other broker-dealers must report suspicious transactions in the form of SARs filed with FinCEN. These filings pertain to reports of transactions or patterns of transactions involving at least $5,000 wherein a covered entity “knows, suspects, or has reason to suspect” that the transaction involves funds representing ill-gotten gains; is intended to hide funds obtained from illegal activities; is designed to evade the BSA; or has no business or apparent lawful purpose and the filing institution knows of no reasonable explanation for the transaction. SARs have a narrative section for the filer to describe the facts of the suspicious incident, which is regarded by law enforcement as a critical section.

The SEC has alleged that Alpine violated Section 17(a) of the Securities Exchange Act of 1934, and Rule 17a-8 promulgated thereunder, which require broker-dealers to comply with the recordkeeping, retention and report obligations of the BSA. Although Alpine had an AML/BSA compliance program (as is required for broker-dealers by both the BSA and FINRA Rule 3310), the complaint alleges that the program was not implemented properly in practice and mischaracterized what Alpine actually did. In part, the SEC alleges that Alpine used two standard templates for SAR filings which did not allow the filer to describe any of the red flags or other material information which caused Alpine to file the SAR. Importantly, the complaint also alleges that FINRA had examined Alpine and brought these deficiencies to its attention, but Alpine thereafter failed to take meaningful steps to address them and “continued its pattern of omitting material red flag and other information from its SARs.”

Much of Alpine’s business involves clearing microcap transactions. Although the broker-dealer has a history of disciplinary action by FINRA, the instant action also reflects a trend by the SEC to use AML rules as a means to combat alleged fraud related to the sale of microcap securities. Earlier this year, New York-based Windsor Street Capital also was charged with failing to file SARs; that matter, currently before an SEC administrative law judge, remains pending. All told, the action against Alpine exemplifies the SEC’s heightened interest in ensuring broker-dealers’ adherence to AML rules and standards. It also reiterates the need for any financial institution to implement effectively in practice its AML compliance plan: the best written compliance plan can turn into the centerpiece of regulators’ allegations if it merely becomes a catalogue of what the financial institution failed to do.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.

Settlement of FinCEN Action Against Former AML Chief Compliance Officer Serves as Possible Bellwether of Future Cases

This post discusses individual liability in AML/BSA enforcement, which is an area of increasing attention. Indeed, according to public statements by the government, individual liability is the focus of enhanced scrutiny across the enforcement table.

Man looking over shoulder with suspicionAlthough the raw number of enforcement actions against individuals in the AML/BSA realm (or even in the broader realm of general financial crime) has not climbed dramatically, even a few enforcement actions can have a profound effect on an industry – and that appears to be occurring in the AML realm. We begin our discussion here with a recent settlement of a high-profile enforcement action against a former AML compliance officer, and how it highlights potential individual liability.  Ironically, special scrutiny can apply to the very people specifically tasked with maximizing compliance at a corporation, and such scrutiny can end up pitting them against a company’s management and board. Continue Reading Individual Accountability in AML Cases

 

Neon sign depicting money transfer.

On January 19, 2017, the Western Union Company (“Western Union” or the “Company”) entered into a deferred prosecution agreement (“DPA”) with the Department of Justice (“DOJ”), in which Western Union admitted to willful failures to maintain an effective AML program as well as aiding and abetting of wire fraud schemes.  Western Union agreed to a $586 million monetary penalty which will resolve criminal and civil allegations brought by the DOJ and the Federal Trade Commission against the Company, as well as a related Assessment of Civil Money Penalty by FinCEN against a subsidiary of Western Union.  However, Western Union now faces additional costs and litigation for its admittedly insufficient AML program in the form of shareholder suits brought in federal court following the announcement of this sizeable settlement.  Shareholder derivative suits based on alleged AML failures are becoming increasingly common, and this recent action fits squarely into the apparent trend. Continue Reading Investor Suits Follow in the Wake of Western Union Settlement of Money Laundering and Fraud Claims

Employers increasingly face the difficult scenario of employees who misappropriate company data in the pursuit of whistleblower claims alleging misconduct by the employer. Such cases can present a complex mix of regulatory, cybersecurity, and employment issues. These issues were front and center in a recent whistleblower case pitting a bank against its former internal auditor, who engaged in computer-facilitated misappropriation of the bank’s confidential information allegedly to support whistleblower conduct.Whistle

The U.S. District Court for the Southern District of California recently declined to summarily adjudicate whether the employee’s confidentiality agreement precluded any whistleblower affirmative defense based on the employee’s alleged violation of computer fraud, contract, and tort laws. The whistleblower laws in question included the Bank Secrecy Act, Sarbanes-Oxley, Dodd-Frank, and the California Labor Code.

In Erhart v. Bofi Holding, plaintiff Charles Matthew Erhart filed a whistleblower complaint against his employer, Bank of the Internet (BofI), alleging BofI retaliated against him for reporting unlawful conduct to the government. BofI, in turn, filed a complaint, alleging that Erhart breached his employee confidentiality agreement by misappropriating confidential data relating to his employer and its clients and disseminating that data to the government, family members, and the national press.

Erhart illustrates the complex and practical problems faced by employers dealing with employees who engage in conduct that would otherwise constitute computer fraud, intellectual property theft, breaches of employment-related agreements and policies, and related tort claims under the mantle of “whistleblower.” A key issue in the case was whether Erhart would be entitled to pursue his retaliation claims before a jury or would be precluded from doing so as a matter of law given his computer-facilitated theft of confidential information. Continue Reading Bank Whistleblower Suits Highlight Limits of Employee Confidentiality Agreements