Federal Reserve, FDIC Enforcement Efforts

Financial Services Law

In recent enforcement actions, the Board of Governors of the Federal Reserve System announced an order with a Japanese bank over weaknesses with respect to its New York branch’s Bank Secrecy Act / anti-money laundering (BSA/AML) and U.S. sanctions compliance programs and internal controls.

The Federal Deposit Insurance Corporation also released enforcement news, with a $200,000 civil penalty assessed against an Oklahoma bank for alleged violations of the Federal Trade Commission (FTC) Act and the Telephone Consumer Protection Act (TCPA), and a consent order reached with an Illinois bank over problems with its BSA policies and procedures.

What happened

In the Federal Reserve action, the Board said that the most recent examination of the Japanese bank’s New York branch identified deficiencies relating to its BSA/AML risk management and compliance as well as the regulations issued by the Office of Foreign Assets Control (OFAC).

The consent order requires the bank’s board of directors and branch management to jointly submit a written plan to enhance oversight of the branch’s compliance with BSA/AML requirements and OFAC regulations, including actions the board of directors will take to maintain effective control over compliance, measures to ensure that compliance issues are appropriately tracked, escalated and reviewed by the branch’s senior management and policies and procedures to ensure that the branch management “instills a proactive approach” in identifying, communicating and managing BSA/AML compliance risks.

In addition, the bank and branch must submit written enhanced plans for BSA/AML compliance (with a system of internal controls and a comprehensive risk assessment), a customer due diligence program (with a revised methodology for assigning risk ratings to account holders and a plan to remediate deficient due diligence for existing foreign correspondent accounts), “timely, accurate and complete” reporting of all known or suspected suspicious transactions and OFAC compliance.

The bank and branch must also provide the Federal Reserve with a written plan for independent testing of the branch’s BSA/AML compliance, including procedures to evaluate the adequacy and effectiveness of the compliance as well as procedures to ensure that senior branch management institute and complete appropriate actions in response to the independent testing results.

No civil money penalty was assessed against the bank or the New York branch. The bank’s agreement comes two months after the Office of the Comptroller of Currency (OCC) issued a cease-and-desist order against another Japanese bank following examinations of its New York, Chicago, and Los Angeles branch offices. The OCC examinations revealed ongoing deficiencies with the branches’ BSA/AML program dating back to 2016, including deficiencies with their internal controls, suspicious activity monitoring, foreign correspondent due diligence program, trade finance monitoring, independent audit, and BSA officer staffing functions. While no civil money penalty was assessed, the OCC required the bank’s U.S. branches to take comprehensive corrective actions to improve their BSA/AML compliance program. The bank’s branches were already operating under an earlier OCC consent order issued in November 2017 requiring remedial action to improve their U.S. sanctions compliance program.

As for the FDIC, it assessed a $200,000 civil money penalty against an Oklahoma-based bank that allegedly violated both the FTC Act and the TCPA. The bank entered into a stipulation and consent to the order without admitting or denying the violations.

According to the FDIC, the bank violated Section 5 of the FTC Act by allegedly using telemarketers that misrepresented themselves to consumers as employees or affiliates of the federal government. The bank also ran afoul of the TCPA by continuously calling consumers who were already on the National Do Not Call Registry or who had requested to be placed on the bank’s internal Do Not Call List, the FDIC said.

Taking into account the appropriateness of the penalty with respect to the size of financial resources and good faith of the bank, the gravity of the violations and the history of previous violations by the bank, the FDIC ordered a civil money penalty of $200,000.

In a separate action, an Illinois bank entered into a consent order with the FDIC and the state’s Department of Financial and Professional Regulation, Division of Banking, over alleged BSA compliance program problems. The bank neither admitted nor denied the charges of unsafe or unsound banking practices and violations of law relating to weaknesses in capital, asset quality, management, earnings, liquidity and sensitivity to market risk.

While the bank was not fined, it must make several changes to its policies. Specifically, the bank must develop, adopt, implement and adhere to a written profit plan as well as a “realistic,” comprehensive budget for all categories of income and expense for the next two years. A strategic plan is also required that contains an assessment of the bank’s current financial condition and market area, with an analysis of the strengths, weaknesses, opportunities and threats to the bank.

The order prevents the bank from entering into any new lines of business or service to any new high-risk customers without conducting appropriate due diligence.

With regard to BSA compliance, the bank must retain qualified management and tap a senior employee to be responsible for overall BSA compliance. A revised written BSA compliance program must be submitted to the regulators, designed to assure full compliance with all provisions of the BSA and its regulations. Improved, comprehensive BSA training must be provided for all appropriate personnel.

Pursuant to the consent order, a written customer due diligence program and account transaction monitoring program must be implemented at the bank, with independent testing of compliance completed within 150 days. The bank is also required to conduct a look back review of deposit and transaction activity for money services businesses dating back to June 30, 2017.

To read the Federal Reserve Board order, click here.

To read the FDIC civil money penalty, click here.

To read the FDIC consent order, click here.

Why it matters

The consent orders and civil money penalty from the Federal Reserve and the FDIC provide important reminders for financial institutions about federal regulatory oversight on issues ranging from BSA/AML and U.S. sanctions compliance to avoiding FTC Act and TCPA violations.