Securities and Exchange Commission (SEC)

Part Three of a Three-Part Series

In the third and final part of this series on marijuana-related businesses (“MRBs”), we explore how the Securities and Exchange Commission (“SEC”) and the Department of Justice (“DOJ”) have commenced actions against MRBs and operators for allegedly fraudulent and deceptive securities practices.  The sample of such actions which we discuss here serve to demonstrate not only the risks the investing public may face in investing in MRBs, but also as a reminder to MRBs seeking to capitalize on the industry’s explosive growth of the exacting standards of the securities laws and the government’s commitment to enforcing them in this industry.

Although the cases we discuss here are not tied specifically to AML/BSA enforcement cases, but rather to traditional allegations of securities violations, the practical point is that anyone who is considering wading into this industry should remember that there are multiple federal agencies which may pursue their own enforcement agendas relating to MRBs. Although we previously have noted during this series that the Financial Criminal Enforcement Network issued guidelines giving banks the go-ahead to work with MRBs, and although the 2013 DOJ Cole Memo seems to suggest that financial institutions can serve MRBs under certain circumstances, our discussion here reflects that there still are other government agencies which may have their own notions regarding what is acceptable conduct by a MRB.  As to the SEC specifically, these actions also are consistent with the recent trend of the SEC inserting itself into AML-related enforcement. Continue Reading The Marijuana Industry and the Securities Laws

Financial institutions face an increasing risk that alleged violations of the Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) requirements will lead to follow-on allegations of securities law violations. We have blogged about investor class action suits against financial institutions based on alleged violations of BSA/AML rules.  We also have blogged about recent enforcement actions by the SEC alleging violations of the securities laws due to underlying violations of the BSA by broker dealers.  This post briefly notes the latest chapter in what seems to be a growing book regarding the convergence of AML/BSA and securities law.

In a complaint, later amended, filed in the Middle District of Tennessee against BancorpSouth Inc., investor plaintiffs alleged that the bank and its CEO, CFO and COO made misleading statements and omissions in SEC filings regarding (1) the bank’s compliance with BSA/AML regulations and the bank’s fair lending practices, and (2) the closing of two pending mergers/acquisitions. Plaintiffs allege that defendants knew at the relevant time that the bank was not in compliance with the AML/BSA regulations, due to a pending “target review” by the FDIC – which later resulted in a consent order between the FDIC and the bank regarding its AML obligations – but nonetheless stated that (1) the bank was in compliance with all banking laws and regulations; (2) they expected the two planned mergers to close in the second quarter of 2014; and (3) they expected to receive regulatory approval for those mergers. The plaintiffs allege that defendants thereby violated Sections 10(b) and 20(a) of the Securities Exchange Act and Rule 10b-5 by making statements which misrepresented or omitted material facts.  According to the plaintiffs, when the AML/BSA problems eventually came to light, these problems allegedly delayed the anticipated mergers, and the bank’s stock value fell significantly, which thereby harmed investors.

As noted, the plaintiffs sued not only the bank itself, but also members of senior management. This approach is consistent with the recent focus on individual liability in AML/BSA matters.  Specifically, the plaintiffs alleged that the individual executive defendants:

. . . . were ultimately responsible for ensuring that the Bank maintained an effective BSA/AML compliance program and that the Company’s program complied with the “4 Pillars” of BSA/AML compliance. In fact, federal regulations specifically require that the Company’s BSA/AML compliance program must be in writing, approved by the Board of Directors . . . , and noted in the board minutes.  Defendants were also responsible for creating a “culture of compliance” to ensure Company-wide adherence to the Bank’s BSA/AML policies, procedures and processes, but failed to do so, instead prioritizing . . . cost-cutting measures.

On Monday, the district court granted, for the second time (after having been initially reversed by the Court of Appeals for the Sixth Circuit), class certification to the plaintiffs against the bank.  The class certification decision involved a review the requirements imposed by Rule 23(a) and Rule 23(b) of the Federal Rules of Civil Procedure and  will not be analyzed here. The point for the purposes of this blog is that it has become clear that, in regards to AML/BSA compliance, publically-traded financial institutions are compelled to wage a multi-front war.  Regardless of the actual merits of the complaint against BanccorpSouth, its mere existence reflects that financial institutions must concern themselves not only with FinCEN, the Department of Justice, and the relevant examiner, but also with putative investor plaintiffs and the SEC – thereby increasing the stakes regarding decisions over the disclosure in SEC filings of possible violations of AML/BSA requirements.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.

On June 5, the SEC filed suit against Salt Lake City-based Alpine Securities, Corp. (“Alpine”). The complaint, filed in the Southern District of New York, alleges that the broker-dealer ran afoul of AML rules by “routinely and systematically” (i) failing to file Suspicious Activity Reports (“SARs”) for stock transactions it had flagged as suspicious or, (ii) on thousands of occasions between 2011 and 2015 when Alpine did file SARs, omitting key information, such as the criminal or regulatory history of customers and disclosures as to whether those customers represented a foreign institution.

Under the Bank Secrecy Act (“BSA”), Alpine and other broker-dealers must report suspicious transactions in the form of SARs filed with FinCEN. These filings pertain to reports of transactions or patterns of transactions involving at least $5,000 wherein a covered entity “knows, suspects, or has reason to suspect” that the transaction involves funds representing ill-gotten gains; is intended to hide funds obtained from illegal activities; is designed to evade the BSA; or has no business or apparent lawful purpose and the filing institution knows of no reasonable explanation for the transaction. SARs have a narrative section for the filer to describe the facts of the suspicious incident, which is regarded by law enforcement as a critical section.

The SEC has alleged that Alpine violated Section 17(a) of the Securities Exchange Act of 1934, and Rule 17a-8 promulgated thereunder, which require broker-dealers to comply with the recordkeeping, retention and report obligations of the BSA. Although Alpine had an AML/BSA compliance program (as is required for broker-dealers by both the BSA and FINRA Rule 3310), the complaint alleges that the program was not implemented properly in practice and mischaracterized what Alpine actually did. In part, the SEC alleges that Alpine used two standard templates for SAR filings which did not allow the filer to describe any of the red flags or other material information which caused Alpine to file the SAR. Importantly, the complaint also alleges that FINRA had examined Alpine and brought these deficiencies to its attention, but Alpine thereafter failed to take meaningful steps to address them and “continued its pattern of omitting material red flag and other information from its SARs.”

Much of Alpine’s business involves clearing microcap transactions. Although the broker-dealer has a history of disciplinary action by FINRA, the instant action also reflects a trend by the SEC to use AML rules as a means to combat alleged fraud related to the sale of microcap securities. Earlier this year, New York-based Windsor Street Capital also was charged with failing to file SARs; that matter, currently before an SEC administrative law judge, remains pending. All told, the action against Alpine exemplifies the SEC’s heightened interest in ensuring broker-dealers’ adherence to AML rules and standards. It also reiterates the need for any financial institution to implement effectively in practice its AML compliance plan: the best written compliance plan can turn into the centerpiece of regulators’ allegations if it merely becomes a catalogue of what the financial institution failed to do.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.

Settlement of FinCEN Action Against Former AML Chief Compliance Officer Serves as Possible Bellwether of Future Cases

This post discusses individual liability in AML/BSA enforcement, which is an area of increasing attention. Indeed, according to public statements by the government, individual liability is the focus of enhanced scrutiny across the enforcement table.

Man looking over shoulder with suspicionAlthough the raw number of enforcement actions against individuals in the AML/BSA realm (or even in the broader realm of general financial crime) has not climbed dramatically, even a few enforcement actions can have a profound effect on an industry – and that appears to be occurring in the AML realm. We begin our discussion here with a recent settlement of a high-profile enforcement action against a former AML compliance officer, and how it highlights potential individual liability.  Ironically, special scrutiny can apply to the very people specifically tasked with maximizing compliance at a corporation, and such scrutiny can end up pitting them against a company’s management and board. Continue Reading Individual Accountability in AML Cases

 

Neon sign depicting money transfer.

On January 19, 2017, the Western Union Company (“Western Union” or the “Company”) entered into a deferred prosecution agreement (“DPA”) with the Department of Justice (“DOJ”), in which Western Union admitted to willful failures to maintain an effective AML program as well as aiding and abetting of wire fraud schemes.  Western Union agreed to a $586 million monetary penalty which will resolve criminal and civil allegations brought by the DOJ and the Federal Trade Commission against the Company, as well as a related Assessment of Civil Money Penalty by FinCEN against a subsidiary of Western Union.  However, Western Union now faces additional costs and litigation for its admittedly insufficient AML program in the form of shareholder suits brought in federal court following the announcement of this sizeable settlement.  Shareholder derivative suits based on alleged AML failures are becoming increasingly common, and this recent action fits squarely into the apparent trend. Continue Reading Investor Suits Follow in the Wake of Western Union Settlement of Money Laundering and Fraud Claims

Employers increasingly face the difficult scenario of employees who misappropriate company data in the pursuit of whistleblower claims alleging misconduct by the employer. Such cases can present a complex mix of regulatory, cybersecurity, and employment issues. These issues were front and center in a recent whistleblower case pitting a bank against its former internal auditor, who engaged in computer-facilitated misappropriation of the bank’s confidential information allegedly to support whistleblower conduct.Whistle

The U.S. District Court for the Southern District of California recently declined to summarily adjudicate whether the employee’s confidentiality agreement precluded any whistleblower affirmative defense based on the employee’s alleged violation of computer fraud, contract, and tort laws. The whistleblower laws in question included the Bank Secrecy Act, Sarbanes-Oxley, Dodd-Frank, and the California Labor Code.

In Erhart v. Bofi Holding, plaintiff Charles Matthew Erhart filed a whistleblower complaint against his employer, Bank of the Internet (BofI), alleging BofI retaliated against him for reporting unlawful conduct to the government. BofI, in turn, filed a complaint, alleging that Erhart breached his employee confidentiality agreement by misappropriating confidential data relating to his employer and its clients and disseminating that data to the government, family members, and the national press.

Erhart illustrates the complex and practical problems faced by employers dealing with employees who engage in conduct that would otherwise constitute computer fraud, intellectual property theft, breaches of employment-related agreements and policies, and related tort claims under the mantle of “whistleblower.” A key issue in the case was whether Erhart would be entitled to pursue his retaliation claims before a jury or would be precluded from doing so as a matter of law given his computer-facilitated theft of confidential information. Continue Reading Bank Whistleblower Suits Highlight Limits of Employee Confidentiality Agreements