No bank wants to become the next poster child for regulatory misdeeds.
That said, many financial institutions have gotten some extremely unwanted publicity with a spate of recent regulatory penalties and consent orders assessed against them in recent months.
Whether this cluster of regulatory activity signals that regulators have run out of patience with laxness about Bank Secrecy Act (BSA) compliance and similar problems remains to be seen. What is apparent is that now is an excellent time to review challenges other banks and credit unions are experiencing — and shore up your own compliance activities before facing a rebuke from the regulators.
Four Regulatory Actions
It’s often easier to learn from examples of what has gone wrong than from stories of what’s done right. In this spirit, here are four recent cautionary tales:
On December 18, 2023, the Federal Deposit Insurance Corp. (FDIC) insisted upon concrete changes at the Choice Financial Group in Fargo, North Dakota, because of violations of Bank Secrecy Act (BSA) and other similar mandates. Among the changes that the FDIC is demanding is greater board oversight of the bank’s Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) program. In addition, the FDIC wants Choice Financial to establish a board-level AML/CFT compliance committee and revise its existing AML/CFT internal controls. The FDIC identified as additional areas of weakness the bank’s Customer Identification Program (CIP), its customer due diligence, and suspicious activity reporting and monitoring. As remedies, the FDIC is requiring Choice Financial to designate compliance professionals with qualifications suitable for the bank’s size and activities and to put in place a revised AML/CFT audit program.
On January 24, 2024, Blue Ridge Bank entered into a consent order with the Office of the Comptroller of the Currency (OCC). The order deems the bank to be in “troubled condition” and Blue Ridge lost its “eligible bank” status until written notice by the OCC. The OCC asked the bank and its board to take 15 specific actions, as outlined in an 8-K that the bank submitted to the Securities and Exchange Commission (SEC). Among the actions are submitting a written remedial plan to the OCC to address BSA/AML deficiencies, ensuring that new customers within third-party fintech partners are onboarded in a way that complies with BSA/AML requirements, and maintaining specific leverage and total capital ratios.
On January 31, the OCC assessed a $65 million civil penalty against City National Bank in Los Angeles for what it describes as “systemic deficiencies in the bank’s risk management and internal controls.” Among other things, the bank was dinged for BSA violations. A hefty penalty wasn’t all that City National faces. The OCC also issued a cease-and-desist order requiring comprehensive corrective actions to improve the bank’s strategic plan and various risk functions from internal controls to BSA/anti-money laundering, fair lending, and investment management practices.
Also on January 31 , FinCEN assessed a $100,000 civil money penalty against an individual, Gyanendra Kumar Asre, for BSA violations. Here, Asre was penalized for operating an unregistered money services business. In addition, he served as BSA compliance officer for a credit union, where he was found to have failed to detect and report suspicious transactions. During Asre’s tenure as BSA officer, the credit union’s risk profile “drastically” increased. As a result, notes FinCEN, hundreds of millions of dollars in suspicious funds moved through the credit union without proper reporting or monitoring. Regulators in this instance imposed more than just a monetary fine. FinCEN banned Asre from participating in business at any financial institution subject to BSA for five years. Asre has also entered a guilty plea with the Department of Justice’s Money Laundering and Asset Recovery Section (MLARS) for criminally violating the BSA.
More specifics on these actions are found here: Blue Ridge Bank, City National Bank, and FinCEN penalty.
Staying in Regulatory Favor
It’s only natural that financial institutions try to be creative in unlocking new revenue streams.
Problems tend to arise when they enter new businesses without putting in place the compliance professionals and the oversight structures to make sure they don’t run afoul of regulators, doing their organizations serious reputational harm.
Here are a few ways to proceed in an era when regulators are cracking down on BSA/AML infractions and other compliance misdeeds.
Hire the compliance professionals you need. Although there may be a labor shortage for banking compliance professionals, financial institutions are not off the hook for getting the oversight help they need to operate safely and stay within regulatory bounds.
Heed warnings and correct course. In its news release for City National Bank, the OCC noted that it had earlier entered into an agreement with the bank to take action for failure to comply with regulations. Ditto for Blue Ridge, which has a few dozen BaaS (banking-as-a-service) partnerships. This is not the first time Blue Ridge has found itself in the regulatory crosshairs.
Seek assistance from technology partners. Companies like RiskScout can be a partner for financial institutions that want to maintain a sterling reputation while still engaging in new and emerging revenue opportunities.
Need help getting your BSA/AML program in order? Our team of former regulators, bank examiners, BSA Officers, and industry experts are here to help. Learn more about our team and get in touch to get the assistance you need today.
