Financial Services Law

New OFAC Exposure? What Can Be Learned From Bank's Recent $1.7M OFAC Settlement for Investment-Related Transactions

Why it matters

Swiss-based UBS AG's agreement to pay more than $1.7 million to the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) underscores the scope of OFAC sanctions and the complications in coordinating compliance with sanctions imposed by multiple jurisdictions. OFAC administers laws, regulations and executive orders. In this case the bank continued to engage in investment-related activity on behalf of the client after the client had been added to the so-called OFAC list, and the bank had ceased providing other banking services to comply with Swiss sanctions. Although UBS had self-identified the offending securities-related transactions with the sanctioned individual, OFAC did not consider the disclosure to be a voluntary self-disclosure under the agency's enforcement guidelines, as the transactions were substantially similar to another apparent violation of which OFAC was already aware. However, because the violations were "nonegregious" and several other mitigating factors were present, the base penalty of almost $3.8 million was substantially reduced.

Detailed discussion

The $1.7 million deal between OFAC and Swiss-based UBS AG settled over allegations that the financial institution violated the Global Terrorism Sanctions Regulations by providing investment-related services to a bank client. According to OFAC, between January 2008 and January 2013, UBS processed 222 securities-related transactions for a client whose name appeared on OFAC's Specially Designated Nationals (SDN) and Blocked Persons Lists.

UBS had originally opened accounts in 1993 and 1994 for the client (who was unnamed due to Swiss privacy laws). The accounts, denominated in different currencies including U.S. dollars, were used to engage in a variety of investments in different markets. OFAC added the client to the SDN list in 2001 around the same time other jurisdictions and entities—including Switzerland, the United Kingdom, the European Union and the United Nations—imposed sanctions on him or her.

To comply with the Swiss restrictions imposed in 2001, UBS placed blocks and other restrictions on the client's accounts to prevent the client from withdrawing or transferring funds outside the financial institution. However, UBS continued to engage in investment-related activities on behalf of the client, including processing "purchases of U.S. securities, sales of U.S. securities, the receipt of dividends on U.S. securities, and capital calls, management fees, and cash distributions in connection with a U.S. private equity investment."

OFAC noted that UBS had a global OFAC policy in place during this time period requiring the bank to screen both incoming and outgoing transfers. But because the securities-related transactions did not involve external parties, the bank considered them to be internal transfers, and thus the transaction monitoring system did not generate any alerts. When the bank conducted a review of the client relationship in 2012 and decided to terminate the relationship, closing accounts and liquidating positions including the U.S.-based securities, the sanctions filter generated alerts based on the client's presence on OFAC's SDN.

OFAC determined that the violations were not egregious, but in the absence of voluntary disclosure, the total base penalty for such nonegregious violations was $3,778,000.

To determine the final civil money penalty, OFAC considered several aggravating factors, including UBS' "reckless disregard" for U.S. sanctions requirements as well as the fact that multiple business lines and personnel—including supervisory and management staff within the compliance department—had actual knowledge of the 222 transactions conducted for or on behalf of the client in the amount of $2,466,195.01.

However, OFAC also considered four mitigating factors: UBS had not received a penalty notice or finding of violation for five years preceding the client's securities transactions; the bank had a global sanctions policy in place requiring compliance with OFAC's sanctions programs; UBS took remedial action regarding the apparent violations; and the bank "substantially cooperated" with OFAC during its investigation.

To read OFAC's press release about the enforcement action, click here.

back to top

FinCEN Seeks to Add Investment Advisers to BSA/AML Regulation

Why it matters

More than 12 years after initially proposing to extend the Bank Secrecy Act's anti-money laundering compliance programs and recordkeeping and reporting requirements to investment advisers, the Financial Crimes Enforcement Network (FinCEN) reproposed requiring investment advisers registered or required to register with the Securities and Exchange Commission (SEC) to implement AML programs, report suspicious activity under the Bank Secrecy Act (BSA), file currency transaction reports and comply with certain recordkeeping requirements. Observers are not expecting the same level of opposition that led to the withdrawal of the past proposals, due to the fact that many of the investment advisers who would be subjected to the new rule are already subject to this regulatory regime as broker-dealers.

Detailed discussion

FinCEN recently issued a notice of proposed rulemaking (NPRM) seeking to include investment advisers on the list of those required to comply with BSA and anti-money laundering (AML) regulations.

Pursuant to the NPRM, all investment advisers that are registered or required to register with the SEC would be covered by the proposal. FinCEN acknowledged that different types of advisers may face different levels of AML risks and did not include exempt reporting advisers or foreign private advisers in the NPRM. The regulator did request comment on whether additional types of advisers—particularly those that pose a low risk of money laundering—should be exempt from the rules.

To satisfy the proposed standard, investment advisers would be required to design and implement an AML program "reasonably designed to prevent the investment adviser from being used for money laundering or the financing of terrorist activities," FinCEN said. In addition, compliance with AML reporting and recordkeeping requirements would be necessary. The NPRM noted that the AML program would need to be in writing and approved by the adviser's board of directors or similar corporate entity.

An adviser's AML program would need to be individually tailored to the specific risks presented by the services it offers and the clients it works with, FinCEN explained, with four necessary elements: internal controls, independent testing, the designation of an AML officer responsible for implementing and monitoring the program, and ongoing training.

Suspicious activity reports (SARs) would also be required under FinCEN's proposed rules. Investment advisers would need to file a SAR where a transaction is conducted or attempted by, at or through the investment adviser that involves or aggregates funds or other assets of at least $5,000 when the investment adviser knows, suspects or has reason to suspect that the transaction involves money laundering, is designed to evade FinCEN's regulations, has no business or apparent lawful purpose (or is not the type the customer would normally be expected to engage in) or involves the use of the investment adviser to facilitate criminal activity.

Additional requirements related to SAR recordkeeping (including maintaining the confidentiality of a SAR and keeping documentation supporting the SAR on hand for not less than five years) were included in the NPRM. Other reporting requirements imposed by the BSA—responding to information requests from U.S. law enforcement, for example, as well as rules applying to cross-border transfers—would also require compliance under FinCEN's proposed rule.

Policies, procedures and internal controls to ensure that suspicious transactions are promptly identified and reported would be part of the AML program, FinCEN said, and the failure to have a monitoring process in place or file the required SARs could trigger civil liability as well as criminal prosecution for investment advisers.

Comments will be accepted on the NPRM until Nov. 2.

back to top

FinCEN Action Against Casino for Weak AML Compliance Efforts Should Not Be Ignored by Others—Especially Digital Currency Companies

Why it matters

FinCEN's $8 million civil money penalty imposed on Caesars Palace for "willful and repeated" violations of the BSA sends a signal that failure to collect and use appropriately identifying information from customers, and other AML compliance program shortcomings, will not be tolerated. Caesars Palace, which is in bankruptcy, suffered from "systemic and severe AML compliance deficiencies," allowing a "blind spot" to exist in its compliance, the regulator said, adding that the casino turned a blind eye to its private gaming salons, where patrons were openly allowed to gamble anonymously.

"Despite the elevated money laundering risks present in these salons, Caesars failed to impose appropriate AML scrutiny, which allowed some of the most lucrative and riskiest financial transactions to go unreported," FinCEN said. The failure to adequately monitor transactions—including large wire transfers—compromised the casino and exposed the U.S. financial system to illicit activity, the regulator alleged.

In addition to the $8 million civil money penalty, Caesars agreed to conduct periodic external audits and independent testing of its AML compliance program. The casino will report to FinCEN on the improvements required by the deal, adopt a "rigorous" training program and engage in a retroactive review of suspicious transactions.

To read the NPRM, click here.

To read the assessment in In re Desert Palace Inc., click here.

back to top

Fourth Circuit: Business Judgment Rule May Not Protect Bank Officers in FDIC Action

Why it matters

Bank officers may be liable in a lawsuit brought by the Federal Deposit Insurance Corp. (FDIC) while the directors escaped liability, in a new ruling from the Fourth Circuit Court of Appeals interpreting the North Carolina business judgment rule. The FDIC filed suit against former directors and officers of the Cooperative Bank of Wilmington, N.C., after it failed in 2009, asserting negligence, gross negligence and breach of fiduciary duty. Relying on the business judgment rule, a federal court judge granted summary judgment in favor of all of the defendants. On appeal, a three-judge panel of the Fourth Circuit reversed with respect to the negligence and breach of fiduciary duty claims against the officers. The district court improperly applied the business judgment rule to the officer defendants, the court said, because the FDIC presented adequate evidence to rebut the presumption that their decisions were made in good faith and in the bank's best interests. The panel relied heavily on an expert witness affidavit provided by the FDIC that stated the officers did not act in accordance with generally accepted banking practices and that the bank's CAMELS ratings indicated the lending process needed substantial improvement.

Detailed discussion

Cooperative Bank first opened in Wilmington, N.C., in 1898 as a community bank and operated as a thrift until 1992 when it converted to a state-chartered savings bank regulated by the FDIC. In 2002, the bank became a state commercial banking institution with a growth strategy focused on commercial real estate lending.

In the summer of 2006, the FDIC conducted an annual exam of Cooperative. The bank received a 2 for each of its CAMELS ratings, but the report identified deficiencies in credit administration and underwriting that the FDIC attributed to oversight weakness. The North Carolina Commission of Banks (NCCB) performed a review in 2007 and again awarded the bank CAMELS ratings of 2 for each category. The regulator noted, however, that the bank had been slow to correct the weaknesses identified in earlier exams.

An external loan review in 2008 gave failing grades to many loans, and a joint exam conducted by the FDIC and NCCB the same year awarded the bank a rating of 5 in all CAMELS categories except one, which received a 4. The report was extremely critical, noting that the bank's management had ignored or inadequately addressed previously raised concerns about credit administration, underwriting practices and liquidity, problems traced to the decision to pursue commercial real estate to increase assets.

The NCCB closed the bank in June 2009, and the FDIC was appointed as receiver. The agency then filed suit against the officers and directors of Cooperative, alleging that they were negligent, were grossly negligent and breached their fiduciary duties in approving 78 residential lot loans and eight commercial loans over a 15-month period.

In their motion for summary judgment, the officers and directors relied on the business judgment rule to argue that they were shielded from claims of negligence and breach of fiduciary duty. The directors also alleged that exculpatory clauses in the bank's articles of incorporation shielded the directors (not the officers) from liability. As for the gross negligence allegations, the defendants said the FDIC failed to state sufficient facts to support the claims.

A federal district court agreed, granting summary judgment in favor of the officers and directors on all claims.

The FDIC appealed. The Fourth Circuit Court of Appeals affirmed the ruling as it applied to the directors but reversed in part when considering the application of the business judgment rule to the officers on the claims of negligence and breach of fiduciary duty.

North Carolina law permits an officer or director to be held liable for ordinary negligence but also allows corporations to protect directors from liability by including exculpatory clauses in their articles of incorporation. Cooperative included such a clause, which shielded the directors from the FDIC's negligence and breach of duty claims, the court said.

The FDIC made "no allegation or evidence in the record that the directors engaged in self-dealing or fraud or otherwise acted in bad faith," the court wrote. "Rather, the FDIC-R argues only that the evidence suggests that the Director Appellees took actions harmful to the Bank, in part by making decisions without adequate information. This is insufficient. The exculpatory clause protects directors from monetary liability unless the directors 'knew or believed [that their acts or omissions] were clearly in conflict' with the Bank's best interests."

However, Cooperative's exculpatory clause did not cover the bank's officers, leaving the federal appellate panel to analyze their liability through the lens of North Carolina's business judgment rule.

The rule begins with an initial evidentiary presumption that the officers acted with due care and in good faith, in the honest belief that their action was in the best interest of the corporation. That presumption can be rebutted with evidence showing that the officers "did not avail themselves of all material and reasonably available information (i.e., they did not act on an informed basis); acted in bad faith, with a conflict of interest, or disloyalty; or did not honestly believe that they were acting in the best interest of Cooperative," the court explained.

"The FDIC-R has presented adequate rebuttal evidence," the panel concluded. "Specifically, its evidence is sufficient to rebut the presumption that the Officer Appellees acted on an informed basis." An expert affidavit and reports from an independent banking consultant stated that, in his opinion, the officers did not act in accordance with generally accepted banking practices.

For example, the officers often approved loans over the telephone, without first examining relevant documents; sometimes they did not receive the loan documents until after the loans had been funded, and the review process was inconsistent with practices at other banking institutions, the expert testified. The defendants also failed to address warnings and deficiencies in the bank's examination reports, he said.

"To be sure, the Bank's regulators awarded it '2' ratings on its CAMELS," the court acknowledged. "But, as [the FDIC's expert] observed, the Bank's reports of examination also contained several indications that Cooperative's credit administration and audit processes, among others, needed substantial improvement. He also thought it clear from his review that certain loans should never have been approved."

The three-judge panel affirmed summary judgment in favor of the defendants on the gross negligence claims, rejecting the FDIC's argument that North Carolina law does not require a showing of intentional wanton or reckless conduct to sustain such a claim.

"Here, the FDIC-R has failed to present evidence that the Appellees' actions were grossly negligent," the court said. "To be sure, the Appellees failed to address deficiencies outlined in examination reports issued by the FDIC and the NCCB. But those same reports repeatedly awarded Cooperative ratings of '2' in the CAMELS categories. In the face of this contradiction, we find that there is insufficient evidence that the Appellees acted wantonly or with reckless indifference."

The court also addressed the defendants' contention that alternative grounds existed to enter summary judgment in their favor, and particularly that the Great Recession, and not the actions of the officers and directors, caused the loan defaults pled by the FDIC.

"Certainly, it is convenient to blame the Great Recession for the failure of Cooperative, and in turn for the losses sustained by the FDIC-R when it took over the Bank," the panel wrote. "However, there is evidence in the record … that suggests that 'in the exercise of reasonable care,' the Bank officers could have 'foreseen that some injury would result from [their] act[s] or omission[s], or that consequences of a generally injurious nature might have been expected.' Even before the Recession, exam reports from both of Cooperative's regulators indicated that the Bank was utilizing unsafe practices. And while the Recession undoubtedly contributed to the failure of the Bank, it may have been only one of many contributing factors. This is a genuine issue of material fact, and thus this is a question for a jury."

To read the opinion in FDIC v. Rippy, click here.

back to top

Industry Groups Express Concern About FDIC Guidance on Brokered Deposits

Why it matters

What is the proper scope of the definition of a "brokered deposit"? Certain industry groups wrote a letter to the Federal Deposit Insurance Corp. (FDIC) expressing concern about the broadened definition adopted by the regulator earlier this year in its FAQ guidance. The American Bankers Association (ABA), the Clearing House Association and the Institute of International Bankers explained that the new definition appears to encompass activities and deposits not previously recognized, reflecting "an overbroad and outdated approach to deposit classification that captures a much broader universe of deposits as brokered than Congress intended." For example, the FAQs appear to include all deposits obtained by contract employees (such as those obtained by customer service call centers) and bank-affiliate relationships. This would classify "a large amount" of activities as brokered deposits and would require alterations to various relationships in a way that "will cause customers significant harm," the groups cautioned. The letter requested that the FDIC provide clarification about the scope of the term or suspend application of the FAQ guidance until further study is completed on the impact of the changes.

Detailed discussion

The FDIC started 2015 by releasing new FAQs for brokered deposits. With the new FAQs, the FDIC expressed concern about the overuse and improper management of brokered deposits.

In a letter from the ABA, the Clearing House Association and the Institute of International Bankers, the industry groups warned that the expanded definition of "brokered deposits" apparently created by the FAQs could have a negative impact on consumers as well as "material implications for banks' organizational customer service arrangements, as well as potential supervisory, examination and reputational implications."

In general terms, a "brokered deposit" is any deposit that is obtained from or through the mediation or assistance of a deposit broker. Thus, the meaning of the term "brokered deposit" depends on the meaning of the term "deposit broker." A "deposit broker" is "[a]ny person engaged in the business of placing deposits, or facilitating the placement of deposits, of third parties with insured depository institutions, or the business of placing deposits with insured depository institutions for the purpose of selling interests in those deposits to third parties." The groups contend that the new FAQs attempt to untether the term "facilitating" from the words "engaged in the business," which they argue "will likely result in core deposits being classified as brokered deposits in an overly broad manner."

The potential overbreadth of the guidance's characterization of certain deposits as brokered—particularly deposits from client-servicing activities performed by dual, contract and affiliate employees—requires additional study and consideration by the FDIC, the groups advised.

Including the activities of dual, contract and affiliate employees within the scope of brokered deposits encompasses a large number of stable deposits that do not trigger the same concerns about brokered, volatile, "hot money" deposits the FAQs were intended to address, the letter explained. Modern banking organizations have adopted the widespread use of dual and contract employees, as well as affiliations with nonbanking entities, in an attempt to meet the needs of customers by offering one-stop shopping.

Categorizing all of these transactions as brokered deposits "will ultimately lead [insured depository institutions] to alter their employee and affiliate relationships in a manner that will cause customers significant harm," the groups warned. Disincentivized to continue using dual, contract and affiliate relationships by the FAQs (by having to pay additional deposit insurance assessments for brokered deposits, among other operational challenges), financial institutions will likely stop offering one-stop shopping for financial services. Particularly in lower-traffic or rural areas where customers may need such services, such a "result would inhibit customers' ability to access a full complement of banking and other financial services," according to the letter.

The groups suggested the FDIC provide clarification and limit the scope of what constitutes a brokered deposit. According to the letter, only those "dual, contract or affiliate employees whose actions are driven by the prospect of direct pecuniary gain explicitly tied in a material respect to the volume of deposits placed at the [insured depository institution], or whose primary job function is to actively market deposit products on a programmatic basis rather than to provide customers with information about or access to a variety of financial products, are deposit brokers within the meaning of the statute."

The groups further argue that, at a minimum, the FDIC should suspend application of the FAQ guidance until a study has been conducted of the volume of deposits that would be redefined as brokered deposits under the new guidance, as well as the level of stability and the rates of interest that would apply to these deposits and whether banks could afford to accept such deposits if they were classified as brokered.

"With this information, the FDIC could make an informed, reasoned judgment as to the impact of the Guidance as it could presently be interpreted and revise or enhance the Guidance accordingly," the groups wrote.

To read the letter from industry groups, click here.

back to top

Deferred-Interest Loan Products Cost Issuer $700,000 in CFPB Deal

Why it matters

Allegedly deceptive enrollment tactics by third-party marketers cost the issuer of healthcare credit cards $700,000 in a settlement with the Consumer Financial Protection Bureau (CFPB). Springstone Financial LLC offered deferred-interest loan products at dental offices. But according to the CFPB, some dental office providers neglected to mention that interest—at a rate of 22.98 percent—accrued from the date of purchase and became due if the balance was not paid in full by the end of the promotional period, or characterized the product as a "no interest" loan. About 3,200 consumers signed up for Springstone's product and paid deferred interest before the company terminated it in December 2014. To settle the charges, Springstone agreed to refund $700,000 to the affected consumers and obtain permission from the CFPB before offering a product with similar terms and conditions in the future. The settlement highlights the CFPB's continuing concern with the marketing of deferred-interest products, and also the exposure a creditor can face based on the acts of third-party marketers.

Detailed discussion

Springstone Financial LLC offered a deferred-interest product to consumers at dental offices. But, as the CFPB alleged in a recent enforcement action, in some instances dental office staff deceived consumers by presenting the product as "interest free" when in fact interest began to accrue from the date of the consumer's purchase and was charged if the balance was not paid in full by the end of the promotional period.

Springstone operated a healthcare financing program between January 2009 and December 2014. Approximately 9,000 healthcare providers were authorized by Springstone to offer two products: an installment loan and a deferred-interest loan product that incurred no interest if the balance was paid in full within a given promotional period. Office staff at the healthcare providers' offices gave interested consumers the application materials, helped them fill out the application and submitted applications to Springstone.

But according to the CFPB, certain of the providers deceived consumers about the terms and conditions of the deferred-interest product. Some consumers were told the product was a "no interest" loan, the CFPB said, while others were not informed that they faced 22.98 percent interest from the date of purchase if the loan wasn't paid in full by the end of the promotional period.

The CFPB estimated that more than 3,200 consumers were affected by these misleading practices, which ran afoul of the Dodd-Frank Wall Street Reform and Consumer Protection Act's prohibition on unfair, deceptive or abusive practices, and it held Springstone responsible.

Springstone agreed to pay $700,000 to the affected consumers as part of a settlement agreement with the CFPB. The company will notify the consumers and either issue a credit or send a reimbursement check so that the consumers do not have to take any action to get their refund. In addition, should the company decide to market or sell any product with terms and conditions substantially similar to those of the deferred-interest loan product—which Springstone terminated in December 2014—a determination of nonobjection from the CFPB is required.

The CFPB has previously stated its concerns regarding the marketing of deferred-interest products, including in a bulletin issued in September 2014, and the Springstone settlement shows that the bureau continues to focus on these programs.

Although this is not the first time the CFPB has taken action against a creditor based on the action of third-party marketers, it is important to keep in mind that the CFPB will hold the creditor responsible if the CFPB believes, as alleged in the settlement, that a creditor fails "to adequately train and monitor" third-party marketers.

Also noteworthy is that Springstone is now a subsidiary of LendingClub Corp. Lending Club stated that the product in question was terminated shortly after LendingClub's acquisition of Springstone.

To read the consent order in In re Springstone Financial, click here.

back to top