BSA/AML Penalties List
Below we have collected information on recent monetary penalties assessed and C&D Orders imposed by FinCEN or federal and state financial institution regulators for deficiencies in BSA/AML programs. The cases are arranged in reverse chronological order, and include the name and asset size (when known) of the organization penalized, stated penalty amount, agencies involved, and key shortcomings noted in the organization's AML or BSA compliance program.
Penalties against selected individuals and non-bank organizations are included to help illustrate the breadth of the term "financial institution" in federal anti-money laundry law and Treasury regulations, and the fact that individuals may be accountable, as well. These entries may also prove helpful as bankers try to "drive home" the need for compliance with MSB customers and others.
Some penalty amounts include the abbreviations K (thousand) and M (million).
Information about Suspicious Activity Reports is contained in a separate section of our site, BOL's SAR Research Guide
04/22/2008 - United Bank for Africa, PLC - CMP NEW addition!
04/14/2008 - El Noa Noa - CMP
03/14/2008 - Independence Bank - C&D NEW addition!
03/10/2008 - First Regional Bank - C&D NEW addition!
02/29/2008 - United Bank for Africa, PLC - C&D
02/26/2008 - Wallis State Bank - C&D
02/19/2008 - Doral Bank - C&D
01/24/2008 - Sigue Corporation and Sigue, LLC - CMP
12/19/2007 - The State Bank of Lebo C&D
12/03/2007 - The Citizens Bank of Weir, Kansas - C&D
10/30/2007 - Pan American Bank - C&D
10/18/2007 - Pan Pacific Bank - C&D
10/03/2007 - American Bank and Trust Company - C&D
09/14/2007 - Union Bank of California, N.A. - CMP/C&D; Forf.
08/23/2007 - Twin City Bank C&D
08/20/2007 - Mission Bank C&D
08/10/2007 - 1st Security Bank of Washington - C&D
08/08/2007 - American Metro Bank - C&D
08/06/2007 - First BankAmericano - C&D
08/03/2007 - First American International Bank - C&D
08/03/2007 - American Express Bank Int'l &
American Express Travel Related Svcs. Co. - C&D; CMP; Forf.
07/26/2007 - First State Bank of Kensington - C&D
07/19/2007 - Green Belt Bank & Trust - C&D
07/12/2007 - Central Progressive Bank - C&D
07/09/2007 - First Community Bank - C&D
07/03/2007 - Bank of Commerce - C&D
07/03/2007 - Garden Savings FCU - C&D
06/25/2007 - Orange Community Bank - C&D
05/29/2007 - Covington County Bank - C&D
05/03/2007 - Bank of Guam - C&D
05/02/2007 - United Bank for Africa, PLC - CMP
04/26/2007 - Innovative Bank, Oakland, CA - C&D
04/16/2007 - Bank of Camden, Camden, TN - C&D
03/16/2007 - Ocean Bank, Miami, FL - C&D
03/07/2007 - United Roosevelt Savings Bank - C&D
02/21/2007 - Dover N.J. Spanish American FCU - C&D
02/12/2007 - Peoples Federal S&L Assn., Sidney, OH - C&D
02/12/2007 - The International Bank of Miami, N.A. - CMP
01/29/2007 - Banc of America Investment Services, Inc. - CMP
01/18/2007 - United Bank for Africa, PLC - C&D
12/27/2006 - Beach Bank - CMP
12/14/2006 - The Foster Bank - CMP
10/31/2006 - Israel Discount Bank of New York - CMP
10/31/2006 - Douglas C. Roesch - CMP; Prohibition
07/20/2006 - Deprez's Quality Jewelry & Loans, Inc. - CMP
05/19/2006 - Liberty Bank of New York - CMP
05/09/2006 - Frosty Food Mart (Tampa, FL) - CMP
04/26/2006 - BankAtlantic - CMP
04/18/2006 - The Home Building & Loan Co., Greenfield, OH - CMP
03/24/2006 - Metropolitan Bank & Trust Co., NY Branch - CMP
03/24/2006 - Tonkawa Tribe of OK & Edward Street CMPs
12/29/2005 - Oppenheimer & Company, Inc. - CMP
12/19/2005 - ABN AMRO Bank, N.V. - CMP
10/11/2005 - Banco de Chile, New York Branch - CMP
08/17/2005 - Federal Branch of Arab Bank PLC - CMP
06/20/2005 - Newton Federal Bank - CMP
02/23/2005 - City National Bank - CMP
10/12/2004 - AmSouth Bank of Birmingham - CMP
05/13/2004 - Riggs Bank, N.A. - CMP
| CMP $15 M |
Agencies: FinCEN & OCC |
Assets (12/31/07): $441 M (est.) |
| On April 22, 2008, the OCC and FinCEN issued orders for concurrent $15 million Civil Money Penalties (to be satisfied by a single $15 million payment) in connection with the OCC's February 29, 2008, C&D order (see below). In the joint press release announcing the orders, FinCEN Director James J. Freis, Jr., said, "A financial institution that recklessly disregards its obligations under the Bank Secrecy Act and continues to operate without an effective anti-money laundering program, despite repeated warnings and a business focus on areas of recognized high risk, should expect to be penalized. The severity of this joint enforcement action is reflective of just such conduct. This is not a case of interpretation of technical issues or about minor lapses in compliance." OCC CMP Order; FinCEN CMP Order
|
|
$12,000 CMP |
Agencies: FinCEN |
Assets: Unknown |
El Noa Noa Corporation is a money services business that has operated in Tampa, Florida (central Florida has been designated as a High Intensity Drug Trafficking Area - HIDTA) since 1998. EI Noa Noa provides check cashing, wire transfer and money order services to its customers.
The Internal Revenue Service, Small Business/Self-EmployedDivision examines EI Noa Noa for
compliance with the Bank Secrecy Act and its implementing regulations. On April 14, 2008, FinCEN announced that El Noa Noa had consented to the assessment of a $12,000 Civil Money Penalty, without admitting or denying the following FinCEN determinations:
- Failure to establish and implement an anti-money laundering program with
internal controls and other measures reasonably designed to prevent the money services business
from being used to facilitate money laundering
- Multiple failures to timely file currency transaction reports, as required by the Bank
Secrecy Act and its implementing regulations
- Despite actual knowledge of the requirements of the Bank Secrecy Act, EI Noa Noa
continued to operate for an extended period of time without an effective anti-money laundering
program. As of February 2005, EI Noa Noa still had not established and implemented a written
anti-money laundering program.
- EI Noa Noa failed to file a total of 66 currency transaction reports, in the aggregate
amount of $1,025,948, from January 1,2004 through May 31,2005. EI Noa Noa failed to file 61
currency transaction reports on single check cashing transactions in excess of $10,000, in the
amount of $963,438, and five currency transaction reports on multiple check cashing transactions
in the amount of $62,510.
|
|
C&D |
Agencies: FDIC, CA Dep't of Fin'l Inst. (CDFI) |
Assets (12/31/07): $383 M |
Independence Bank, Newport Beach, CA, is an FDIC-insured state-chartered non-member bank established in 2004 with 3 offices in the state of California. On March 14, 2008, the FDIC and the CDFI issued a C&D order directing that the bank stop (among other things):
- operating in violation of section 326.8 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) compliance program; and
- operating in violation of section 353.3 of the FDIC Rules and Regulations, 12 C.F.R. § 353.3, regarding Suspicious Activity Report (“SAR”) procedures to identify, monitor, and report suspicious activities.
|
|
C&D |
Agencies: FDIC |
Assets (12/31/07): $2.17 B |
First Regional Bank, Century City (Los Angeles), CA, is an FDIC-insured state-chartered non-member bank with 8 offices in the state of California. On March 10, 2008, the FDIC issued a C&D order directing that the bank stop (among other things):
- operating in violation of section 326.8 of the FDIC’s Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) compliance program with respect to Individual Retirement Accounts administered by third parties;
- operating in violation of section 353.3 of the FDIC’s Rules and Regulations, 12 C.F.R. § 353.3, regarding Suspicious Activity Report (“SAR”) procedures to identify, monitor, and report suspicious activities with respect to Individual Retirement Accounts administered by third parties;
- operating without adequate customer due diligence with respect to Individual Retirement Accounts administered by third parties.
The bank was ordered to:
- develop, adopt, and maintain a written customer due diligence program that includes
- a risk focused assessment of the customer base of the bank to determine appropriate levels of enhanced due diligence for higher risk customers
- for high-risk customers, procedures to determine appropriate documentation to confirm identity and business activities, understand the normal and expected transactions of the customer, and reasonably ensure identification and timely, accurate and complete reporting of known or suspected criminal activity against or involving the bank.
- advise the bank's directors of significant SARs, with detailed reports of any SARS involving employees, contractors, officers and directors.
|
|
C&D |
Agencies: OCC |
Assets: Unknown |
United Bank for Africa, PLC, is headquartered in Lagos, Nigeria. Its federal branch, United Bank for Africa (UBA), is located in New York, NY. On February 29, 2008, the bank consented to the OCC's issuance of a Cease and Desist order that replaced and terminated order #2007-003 (see below), issued January 18, 2007. In the earlier order, UBA was accused of failing to identify and report suspicious activity in customer accounts, in violation of 12 C.F.R. § 21.11; failing to establish and maintain a compliance program to ensure and monitor compliance with BSA requirements; and failing to establish and maintain controls and audit functions sufficient to ensure compliance with the BSA.
In November 2007, the OCC examined the federal branch of UBA and determined it was not in compliance with most of the 16 articles in the 2007 order.
Accordingly, in the new C&D Order, UBA federal branch was ordered to, among other requirements --
- stop processing wire transfer (including ACH, Fedwire and other electronic means), dollar draft and pouch transactions for non-customers immediately , and within 45 days for customers.
- "dollar draft" means a draft or check in U.S. dollars, available at foreign financial institutions and drawn on a U.S. correspondent account by a foreign financial institution.
- "pouch transaction" includes the transportation of currency, monetary instruments and other negotiable instruments from outside the U.S. to the federal branch, and the processing such instruments, including money orders, traveler's checks and bank checks.
- engage a qualified and approved consultant to review all wire transfer and dollar draft activity at the federal branch of UBA from 1/1/2007 to 2/29/2008 (or such extended period as the OCC may require), to ascertain any unusual or suspicious transactions. The UBA must file any CTRs or SARs required for any previously unreported activity revealed in that review.
- update within 30 days and at least annually thereafter, a written comprehensive BSA risk assessment.
- revise and implement a written program for internal controls and processes to ensure compliance with SAR filing requirements.
- outsource the internal audit of all operations and compliance functions of the federal branch to a qualified independent third party.
|
|
C&D |
Agencies: FDIC, Texas Dep't of Banking |
Assets: $274 Million |
Wallis State Bank is a state-chartered non-member bank, and has been FDIC-insured since it was established in October 1972. Its main office is in Wallis, TX, and it has 6 other offices in the Texas. In February 2008, the bank consented to the FDIC's issuance of a Cease and Desist order.
In the C&D Order, Doral Bank was ordered to cease and desist from--
- Operating the Bank in violation of the Currency and Foreign Transactions Reporting Act (31 U.S.C. § 5311 et seq.) (the Bank Secrecy Act) (“BSA”), the rules and regulations implementing the BSA issued by the U. S. Department of the Treasury (31 C.F.R. Part 103) (“Financial Recordkeeping”), and the FDIC’s BSA Rules and Procedures Regulations, 12 C.F.R. Part 326; and the FDIC’s Suspicious Activity Reports (“SARs”) regulations, 12 C.F.R. Part 353 (all the rules referred to in this paragraph are referred to hereinafter, collectively, as “BSA Rules”);
- Operating the Bank without adequate supervision and direction by the Bank’s board of directors and senior management of the Bank to prevent unsafe and unsound banking practices and violations of Federal and State laws or regulations and to ensure compliance with the BSA Rules;
- Operating the Bank with an ineffective BSA/Anti-Money Laundering (“AML”) Compliance Policy;
- Operating the Bank with an ineffective system of internal controls to ensure compliance with the BSA Rules;
- Operating the Bank with an ineffective BSA/AML training program to ensure compliance with the BSA Rules;
- Operating the Bank with an ineffective Customer Identification Program (“CIP”) for accounts for persons other than individuals;
- Operating the Bank with an ineffective Customer Due Diligence Program (“CDD”) to ensure compliance with the BSA Rules;
- Operating the Bank without an effective system of independent testing to ensure compliance with the BSA Rules; and
- Operating the Bank with an ineffective audit policy to ensure compliance with the BSA Rules.
|
|
C&D |
Agencies: FDIC |
Assets: $7.7 Billion |
Doral Bank is a Federal Reserve non-member, and has been FDIC-insured since it was established (under another charter) October 1981. Its main office is in Catano, PR, and it has 40 other branch offices in the Commonwealth of Puerto Rico. In February 2008, the bank consented to the FDIC's issuance of a Cease and Desist order.
In the C&D Order, Doral Bank was ordered to cease and desist from--
- operating in violation of the Bank Secrecy Act, 31 U.S.C. § 5311 et seq., 12 U.S.C. § 1829b and 12 U.S.C. §§ 1951-1959, and its implementing regulation, 31 C.F.R. Part 103, and 12 U.S.C. § 1818(s) and its implementing regulation, 12 C.F.R. § 326.8 (collectively referred to as “BSA”);
- operating with an inadequate BSA/Anti-Money Laundering Compliance Program (“BSA/AML Compliance Program”) to monitor and assure compliance with the BSA; and
- operating with ineffective policies, procedures and processes to adequately screen, monitor and verify account transactions to ensure compliance with the regulations promulgated by the United States Department of Treasury’s Office of Foreign Assets Control (“OFAC”), 31 C.F.R. Part 500, as well as all statutes, regulations, rules and/or guidelines issued or administered by OFAC (“OFAC Provisions”).
|
$12M CMP
$15M forfeiture |
Agencies: FinCEN and U.S. Dep't of Justice |
Assets: Unknown |
Sigue Corporation and Sigue, LLC ("Sigue") operate a money services business headquartered in San Fernando, CA, with over 7,000 agent businesses throughout the country. Sigue agreed to the issuance of a $12 million CMP by FinCEN for violations of BSA. In addition, Sigue entered a deferred-prosecution agreement with the Justice Department on charges of failing to maintain an effective anti-money laundering program, and agreed to forfeit $15 million (payment of which will satisfy the FinCEN penalty).
According to the CMP Order, Sigue "failed to implement effective internal controls, designate compliance personnel and conduct effective independent testing and training to ensure compliance with the Bank Secrecy Act."
Details of FinCEN's allegations are listed in the order (linked above). Certain of Sigue's agents knowingly counseled and assisted customers in structuring transactions to avoid CTR filing requirements, and Sigue failed to file required SARs on those actions.
|
|
C&D |
Agencies: FDIC |
Assets: $28.4 million |
The State Bank of Lebo, Lebo, Kansas, is an insured state nonmember bank. It has one office. On December 19, 2007, the FDIC issued a Cease and Desist order to the bank. The bank was ordered to cease several actions. Among them were violations of laws and regulations, including "[t]he requirements of Part 103 of the Treasury Department’s Financial Recordkeeping and Reporting of Currency and Foreign Transactions Regulation, 31 C.F.R. Part 103 §§ 18-38."
No further details of those violations is provided in the Order.
|
|
C&D |
Agencies: FDIC |
Assets: $8.2 million |
The Citizens Bank of Weir, Kansas, is an insured state nonmember bank. It has one office. On December 3, 2007, the FDIC issued a Cease and Desist order to the bank. "Operating with inadequate Bank Secrecy Act/Anti-Money Laundering ('BSA') and Office of Foreign Assets Control ('OFAC') Compliance Programs" was one of fourteen items on the list of actions the bank was ordered to cease.
The bank was ordered to, among other remedial actions:
- designate a qualified officer responsible for managing, coordinating and monitoring the bank's BSA and OFAC compliance programs.
- perform a comprehensive assessment of the vulnerability of its banking operations to attempts to launder money, finance terrorism, or conduct other criminal activities (“BSA/Anti-Money Laundering (“AML”) risk assessment”).
- perform a comprehensive assessment of its OFAC risk profile (“OFAC risk assessment”).
- develop, adopt, and implement a revised, written BSA/AML compliance program designed to ensure compliance with the BSA, tailored to address the risk profile of the Bank identified in the BSA/AML risk assessment required above.
- develop, adopt and implement a revised, written program and procedures to ensure compliance with outstanding OFAC sanctions (“OFAC compliance program”), tailored to address the OFAC risk profile of the Bank identified in the OFAC risk assessment required above.
- independently test its revised BSA/AML and OFAC compliance programs to ensure proper controls are in place and are effective.
- enhance and update its training program to provide for periodic BSA/AML/OFAC training for Bank personnel and appropriate recordkeeping to document such training.
- develop, adopt, and implement a revised, written Customer Identification Program.
- search required records pursuant to "314(a)" requirements, including FinCEN 314(a) requests for the preceding 12 months of the effective date of the order and going forward.
|
|
C & D Order |
Agencies: FDIC, CA Dep't of Financial Institutions |
Assets: $40.5 Million (9/30/07) |
Pan American Bank, Los Angeles, CA, is a state chartered insured non-member bank. The bank agreed to the issuance of an Order to Cease and Desist. The FDIC and the California Department of Financial Institutions ordered the bank to stop:
(a) operating in violation of section 326.8 of the FDIC’s Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) compliance program; and
(b) operating in violation of section 353.3 of the FDIC’s Rules and Regulations, 12 C.F.R. § 353.3,regarding procedures to identify, monitor and report suspicious activities.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements.
|
|
C & D Order |
Agencies: FDIC and CA Department of Financial Institutions |
Assets: $70 Million (9/30/07) |
Pan Pacific Bank is a state chartered insured non-member bank. The bank agreed to the issuance of an Order to Cease and Desist. The FDIC and Department ordered the bank to stop, among other practices:
(a) operating with a board of directors which has failed to provide adequate supervision over and direction to the active management of the Bank;
(b) operating in violation of section 326.8 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) compliance program;
(c) operating in violation of section 353.3 of the FDIC Rules and Regulations, 12 C.F.R. § 353.3, regarding procedures to identify, monitor, and report suspicious activities; and
(d) operating in violation of section 103.100(b)(2)(i) of the Rules and Regulations of the Department of the Treasury, 31 C.F.R. § 103.100(b)(2)(i), regarding the failure to conduct section 314(a) Information Sharing and Search requests within the prescribed time frames.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements. There was also a "look-back" requirement that the bank research all high-risk account transactions since March 2007 for unfiled SARs and CTRs.
|
|
C & D Order |
Agencies: FDIC |
Assets: $163.5 Million (9/30/07) |
American Bank and Trust Company, Tulsa, OK, is a state chartered insured non-member bank. The bank agreed to the issuance of an Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) Operating the Bank in violation of the Currency and Foreign Transactions Reporting Act, the Bank Secrecy Act (“BSA”), 31 U.S.C. § 5311 et seq.; the rules and regulations implementing the BSA issued by the U.S. Department of the Treasury, 31 C.F.R. Part 103; the FDIC’s BSA Programs and Procedures Regulations, 12 C.F.R. Part 326; and the FDIC’s Suspicious Activity Reports regulations, 12 C.F.R. Part 353, (collectively “BSA Rules”);
(b) Operating the Bank with a board of directors that has failed to provide adequate supervision over and direction to the management of the Bank to prevent unsafe and unsound banking practices and violation of laws or regulations and to ensure compliance with the BSA Rules;
(c) Operating the Bank with an ineffective system of internal controls to ensure compliance with the BSA Rules;
(d) Operating the Bank with an ineffective Customer Identification Program (“CIP”) for accounts for persons other than individuals;
(e) Operating the Bank with an ineffective Customer Due Diligence Program (“CDD”) to ensure compliance with the BSA Rules; and
(f) Operating the Bank with an ineffective system of independent testing to ensure compliance with the BSA Rules.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements. It also included a "look back review" requirement -- to engage a qualified independent firm to review account and transaction activity for the period 3/27/06 through 3/22/07, to determine if additional SAR filings are required, and to file them.
|
OCC CMP/C&D order
FinCEN CMP
CMP $10 million
Forf. $21.6 million |
Agencies: FinCEN, OCC and Justice Dep't |
Assets: $52.6 Billion (6/30/07) |
Union Bank of California, N.A., is a national bank headquartered in San Francisco. It is a subsidiary of UnionBanCal Corporation, based in San Francisco, which in turn is a majority-owned subsidiary of Mitsubishi UFJ Financial Group, Inc., of Tokyo, Japan. According to the OCC's findings, Union Bank failed to adequately monitor its casa de cambio (Mexican currency exchange) accounts for suspicious activity. Beginning in 2003 and through 2005, the bank failed to timely file hundreds of SARs, which permitted the undetected laundering of millions of dollars of suspected drug trafficking proceeds. On March 23, 2005, Union Bank entered into a Memorandum of Understanding (MOU) with the OCC, requiring implementation of a bank-wide BSA compliance program, improved internal controls for monitoring high risk accounts and transactions, enhanced training and audit, and enhanced due diligence procedures, particularly regarding private banking customer accounts.
In the bank's 2006 BSA compliance exam, the OCC determined that Union Bank had not achieved compliance with the terms of the MOU. The bank's Financial Intelligence Unit (FIU) proved ineffective in detecting and reporting suspicious activity because of inadequately trained staff and ineffective oversight. Due diligence controls were insufficient for an effective SAR process.
FinCEN reported that a review of SARs filed by Union Bank in the 12 months ending January 2006 revealed over 1,000 cases of reporting fields in SAR forms left blank or incorrectly completed.
The OCC levied a $10 million Civil Money Penalty (CMP) on Union Bank, and issued a C&D replacing its 2005 MOU. FinCEN assessed a separate $10 million CMP, but waived collection if the OCC penalty is paid. In a related criminal investigation, the Department of Justice (DOJ) issued a Deferred Prosecution Agreement and a $21.6 million forfeiture order against the bank. DOJ agreed to recommend that its case against the bank be dismissed with prejudice in 12 months, if the bank "fully implements significant anti-money laundering measures required by the agreement."
|
|
C & D Order |
Agencies: FDIC |
Assets: $45 Million (9/30/07) |
Twin City Bank, Longview, WA, is a state chartered insured non-member bank. The bank agreed to the issuance of an Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) operating in violation of section 326.8 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) compliance program;
(b) operating in violation of section 353.3 of the FDIC Rules and Regulations, 12 C.F.R. § 353.3, regarding procedures to identify, monitor and report suspicious activities; and
(c) operating in violation of section 103.22 of the Rules and Regulations of the Department of the Treasury, 31 C.F.R. § 103.22, regarding compliance with financial recordkeeping regulations.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements.
|
|
C & D Order |
Agencies: FDIC |
Assets: $72.5 Million (9/30/07) |
Mission Bank, Kingman, AZ, is a state chartered insured non-member bank. The bank agreed to the issuance of an FDIC Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) operating in violation of section 326.8 of the FDIC’s Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) compliance program;
(b) operating in violation of section 353.3 of the FDIC Rules and Regulations, 12 C.F.R. § 353.3, regarding procedures to identify, monitor and report suspicious activities; and
(c) operating in violation of section 103.121 of the Rules and Regulations of the Department of the Treasury, 31 C.F.R. § 103.121, regarding procedures to establish minimum customer identification and verification requirements.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements.
|
|
C & D Order |
Agencies: FDIC |
Assets: $260.4 Million (9/30/07) |
First Security Bank of Washington, Mountlake Terrace, WA, is a state chartered insured non-member savings bank. The bank agreed to the issuance of an FDIC Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) operating in violation of section 326.8 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8, regarding a satisfactory BSA/AMA compliance program; and
(b) operating in violation of section 353.3 of the FDIC Rules and Regulations, 12 C.F.R. § 353.3, regarding procedures to identify, monitor and report suspicious activities.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements. In addition, the Bank's BSA Officer is required to complete a "look back" review of "all high-risk accounts and high-risk transactions, including but not limited to the Bank’s large currency transaction reports, cash purchases of monetary instruments, wire transfer activity, and foreign exchange services for the period July 1, 2006 through January 1, 2007 (Transaction Review Period), and shall prepare and file any additional CTRs and SARs necessary based upon the review."
|
|
C & D Order |
Agencies: FDIC and Illinois Division of Banking |
Assets: $86.6 Million (9/30/07) |
American Metro Bank, Chicago, IL, is a state chartered insured non-member bank. The bank agreed to the issuance of a joint Order to Cease and Desist. The FDIC and Division of Banking ordered the bank to stop:
A. Operating the Bank with a Bank board of directors (“Board”) which has failed to provide adequate supervision over and direction to the executive management of the Bank to prevent unsafe or unsound practices and violations of law and regulations related to the Bank Secrecy Act.
B. Operating the Bank with an ineffective system of internal controls to ensure ongoing compliance with the Bank Secrecy Act;
C. Failing to implement effective customer identification procedures;
D. Operating the Bank with an ineffective training program for appropriate Bank personnel to ensure compliance with the Bank Secrecy Act;
E. Operating in violation of section 326.8, of the FDIC’s Rules and Regulations, 12. C.F.R. § 326.8, and the Treasury Department’s Financial Recordkeeping Regulations, 31 C.F.R Part 103, more fully described on pages 12 through 24 of the FDIC Report of Examination dated February 5, 2007;
F. Operating the Bank with management whose practices have resulted in violations of law and regulation related to the Bank Secrecy Act.
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements. There is also a mandate for a "look back review" covering the 3 1/2 years prior to the Order for unreported suspicious activity, covering at least "the Bank’s nonresident alien customers, foreign customers, cash intensive customers whether businesses or individuals, customers with high or frequent international wire transactions, customers with common addresses, customers that send wire transfers to a common beneficiary, customers that have received structured money orders, customers for whom a tax identification number was not obtained at the time of account opening, accounts that have had cash transactions from common transactors, all customers identified by the Bank as high risk, customers on whom the bank has ever filed a suspicious activity report, and all customers that are related to any of these types of customers."
|
|
C & D Order |
Agencies: FDIC |
Assets: $191.9 Million (9/30/07) |
First BankAmericano, Elizabeth, NJ, is a state chartered insured non-member bank. The bank agreed to the issuance of an FDIC Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) operating with inadequate management supervision and oversight by the Board to prevent unsafe or unsound practices and violations of law and/or regulation;
(b) operating without a current, comprehensive written business/strategic plan;
(c) operating with inadequate management and staffing;
* - * - *
(e) violations of the Bank Secrecy Act, 31 U.S.C. § 5311 et seq., 12 U.S.C. § 1829b and 12 U.S.C. §§ 1951-1959, and its implementing regulations, 31 C.F.R. Part 103 and 12 C.F.R. Part 353, and 12 U.S.C. § 1818(s) and its implementing regulation, 12 C.F.R. § 326.8 (collectively referred to as “BSA”);
(f) operating with an inadequate BSA/Anti-Money Laundering Compliance Program (“BSA/AML Compliance Program”) to monitor and assure compliance with the BSA; and
(g) operating with ineffective policies, procedures and processes to adequately screen, monitor and verify account transactions to ensure compliance with the regulations promulgated by the United States Department of Treasury’s Office of Foreign Assets Control (“OFAC”), 31 C.F.R. Part 500, as well as all statutes, regulations, rules and/or guidelines issued or administered by OFAC (“OFAC Provisions”).
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements, and to establish a system of OFAC internal controls. There is also a requirement for an independent third-party look back review covering 6 months, to determine if there is SAR-worthy activity that has not been reported. The scope of the look back review includes (at least) "cash intensive business accounts; customers assigned a “high-risk” rating based upon their profiles and the results of the Risk Assessment, including, but not limited to, any auto dealers, professional service providers, jewelers, and freight companies; customers with high, frequent or international wire transactions; customers with financial transactions in locations linked to terrorist, drug trafficking or money laundering; and any transactions or accounts identified in the [December 18, 2006, Report of Examination] as requiring additional investigation by the [bank]."
|
|
C & D Order |
Agencies: FDIC |
Assets: $464.2 Million (9/30/07) |
First American International Bank, Brooklyn, NY, is a state chartered insured non-member bank. The bank agreed to the issuance of an FDIC Order to Cease and Desist. The FDIC ordered the bank to stop:
(a) Operating in violation of the Bank Secrecy Act, as amended, 12 U.S.C. § 1829b, 12 U.S.C. §§ 1951-1959, and 31 U.S.C. §§ 5311-5332, and implemented by rules and regulations issued by the United States Department of Treasury, 31 C.F.R. Part 103 and 12 C.F.R. Part 353, and 12 U.S.C. §§ 1818(s) and its implementing regulation, 12 C.F.R. § 326.8 (hereafter collectively “BSA”);
(b) operating with ineffective policies, procedures and processes to adequately screen, monitor and verify account transactions to ensure compliance with the regulations promulgated by the United States Department of Treasury’s Office of Foreign Assets Control (“OFAC”), 31 C.F.R. Part 500, as well as all statutes, regulations, rules and/or guidelines issued or administered by OFAC (“OFAC Provisions”);
(c) operating with inadequate management supervision and oversight by the Insured Institution’s board of directors (“Board”) to prevent unsafe or unsound practices and violations of the BSA and OFAC Provisions;
(d) operating with an inadequate BSA/Anti-Money Laundering Compliance Program (“BSA/AML Compliance Program”) to monitor and assure compliance with the BSA;
(e) operating with an inadequate system of internal controls for compliance with the BSA and OFAC Provisions;
(f) operating with an inadequate system of independent testing for compliance with the BSA and OFAC Provisions;
(g) failure to provide adequate training in BSA and OFAC Provisions;
(h) operating with ineffective policies, procedures and processes to adequately comply with the United States Department of Treasury’s Financial Recordkeeping and Reporting Regulations at 31 C.F.R. Part 103;
(i) operating in violation of FDIC Rules and Regulations, sections 353.3(a)(4)(i) and (iii) and United States Department of Treasury Rules and Regulations, section 103.18, 31 U.S.C. § 5318(g)for failure to file Suspicious Activity Reports (“SARs”).
The order included the standard instruction to the bank to complete identified steps to bring the bank into compliance with the BSA/AML requirements, and to establish a system of OFAC internal controls. There is also a requirement for an independent third-party look back review covering the period starting 1/1/2006 and through the date of the order, to determine if there is SAR-worthy activity that has not been reported. The scope of the look back review includes (at least) "the Insured Institution’s foreign branch accounts, cash intensive business accounts, customers with high, frequent or international wire transactions and customers with financial transactions in locations linked to terrorist, drug trafficking or money laundering, including, but not limited to, the transactions or accounts identified in the [December 4, 2006 Report of Examination] as requiring additional investigation by the Insured Institution."
|
C&D order
CMP $20 million (bank)
CMP $5 million (company)
Forf. $55 million (bank) |
Agencies: FinCEN, FRB and Justice Dep't |
Assets: Unknown |
American Express Bank International (AEBI) is an Edge Act corporation under the Federal Reserve Act, owned by American Express Bank Ltd. (AEB), a New York corporation. AEBI offers private banking services, primarily to high net worth customers in Latin America. American Express Travel Related Services Company (AETRSC) is an MSB. On August 3, 2007, the Federal Reserve Board issued a Cease and Desist Order and a CMP of $20 million against AEBI, and FinCEN issued a CMP against AEBI of $20 million and against AETRSC of $5 million. There is a related Deferred Prosecution Agreement and $55 million forfeiture order by the Department of Justice (DOJ) against AEBI. Cross-order payment agreements make the total effective charges, including the forfeiture, $65 million.
These actions followed a 1993 FRB C&D and CMP order against AEBI for safety and soundness deficiencies, including those in the area of BSA/AML compliance. That order was terminated on 1/7/1997, based on improvements and enhancements. DOJ investigated accounts and transactions at AEBI for the period 12/99 through 4/04. That investigation led to the Deferred Prosecution Agreement involving failure to maintain an effective AML program. DOJ alleged there were serious systemic deficiencies; that transaction monitoring and internal controls were inadequate to detect, identify and report money laundering activity. DOJ identified suspicious or illicit activity involving drug-related money laundering, via "Black Market Peso Exchange" wire transfers as part of an undercover law enforcement operation.
FRB exams identified weaknesses in the bank's BSA/AML compliance program. The bank represented in 2004 and 2005 that is was upgrading account monitoring processes, and improving controls on offshore bearer share personal investment companies (PICs) with accounts at AEBI. Yet a 9/2006 exam uncovered significant failures in BSA compliance activities, such that the bank failed to have procedures adequately designed to assure and monitor the bank's compliance with BSA and BSA regulations. Specific findings included:
- Failure to adopt and implement comprehensive customer due diligence and enhanced due diligence processes, particularly regarding high risk customers.
- Failure to maintain effective control measures for bearer share and other PICs.
- Failure to adhere to bank's own written policies requiring periodic reviews of high risk accounts.
- The bank's transaction monitoring system continued to be inadequate to the task, due to data integrity and other problems. System-identified potentially suspicious activity was not properly resolved, so the bank could not identify, monitor and report suspicious activity.
- AEBI did not perform satisfactory independent testing of its BSA/AML program. In particular, the bank's internal audit function didn't review implementation of the bank's automated transaction monitoring system.
- Failure to provide for adequate oversight of and accountability for the BSA/AML compliance program by management of AEBI and by its parent company, AEB, which had agreed to provide oversight.
The FRB order includes the expected litany of actions required of AEBI, including completion of the bank's transaction monitoring system. The bank also agreed to an independent review of account and transaction activity for the first half of 2007 to determine whether suspicious activity was properly identified and reported. Additional review of 2006 activity may also be required, if the FRB deems it necessary. The order specifically requires that the review be completed notwithstanding any agreement to sell AEB or AEBI to an unaffiliated third party.
FinCEN's findings parallel those of the FRB. The Order states that AEBI's "high-risk customer base, product lines, and international jurisdiction of operations required elevated measures to manage the risk of money laundering and other financial crimes. Nevertheless, the Bank conducted business without adequate systems and controls reasonably designed to manage the risk of money laundering, including the potential for Black Market Peso Exchange trnasactions that may be used by Colombian drug cartels to launder the proceeds of narcotics sales." FinCEN called AEBI's failures "serious, repeated and systemic."
FinCEN determined that AETRSC failed to timely make over 1,000 SAR-MSB filings from 5/7/06 through 5/7/07, involving suspicious transactions totaling over $500 million. FinCEN also reported over 2,000 errors in the 1,639 SAR-MSBs that AETRSC did file in that one-year period, and that those errors substantially diminished the value of the SARs to law enforcement.
|
| C&D order |
Agencies: FDIC |
Assets: $57 million (6/30/07) |
First State Bank of Kensington is a state-chartered, non-member bank headquartered in Kensington, MN, with one office. On July 26, 2007, the FDIC issued a Cease and Desist Order, requiring the bank end the following unsafe or unsound banking practices and violations of law or regulations:
- Operating with management whose policies and practices are insufficient to prevent violations of the Bank Secrecy Act, 31 U.S.C. §§ 5311 et seq., and implementing regulations including 12 C.F.R. Part 326 and Part 353, and 31 C.F.R. Part 103 (hereafter collectively “Bank Secrecy Act” or “BSA”);
- Operating with inadequate policies and procedures reasonably designed to identify and report suspicious activities to Bank directors and others;
- Operating without an effective system of independent testing for compliance with BSA requirements;
- Operating without an adequate BSA training program for appropriate Bank personnel; and
- Violating BSA law(s) and regulation(s), including:
- Part 103 of the Treasury Department’s Financial Record-keeping and Reporting of Currency and Foreign Transactions Regulation, 31 C.F.R. Part 103; and
- Sections 326.8 and 353 of the FDIC Rules and Regulations, 12 C.F.R. §§ 326.8 and 353, respectively.
|
| C&D order |
Agencies: FDIC |
Assets: $171 million (6/30/07) |
Green Belt Bank & Trust is a state-chartered, non-member bank headquartered in Iowa Falls, IA, with four offices. On July 19, 2007, the FDIC issued a Cease and Desist Order, requiring the bank end the following unsafe or unsound banking practices and violations of law or regulations:
- operating without adequate oversight by the Bank’s board of directors and supervision by executive management to prevent violations of the Bank Secrecy Act, 31 U.S.C. § 5311-5330, 12 U.S.C. § 1829b, and 12 U.S.C. § 1951 – 1959, and regulations implementing the Bank Secrecy Act, including 12 C.F.R. Part 326, Subpart B, 12 C.F.R. Part 353, and 31 C.F.R. Part 103 (collectively referred to as “BSA”);
- failing to develop and continually administer a BSA compliance program;
- operating without an effective system of internal controls to ensure ongoing compliance with the BSA,
including but not limited to adequate information and communications systems to monitor and ensure compliance with recordkeeping requirements for BSA reporting;
- operating without an effective system of independent testing for compliance with the BSA;
- operating without an adequate BSA training program for the Bank’s directors and appropriate personnel;
- operating without an effective customer identification and verification system that complies with section 103.121 of the Rules and Regulations of the Department of the Treasury, 31 C.F.R. § 103.121;
- failing to develop and implement an adequate system for detecting and reporting suspicious activity; and
- violating laws and regulations, including:
- failing to develop and continually administer a BSA compliance program as required by section 326.8(b) of the FDIC’s Rules and Regulations, 12 C.F.R. § 326.8, including but not limited to an adequate Customer Identification Program, a system of internal controls sufficient to ensure ongoing compliance with the BSA, a system of independent testing, and adequate training of appropriate personnel;
- failing to comply with the Treasury Department’s Financial Recordkeeping and Reporting of Currency and Foreign Transactions regulation, 31 C.F.R. Part 103, including but not limited to failing to file Currency Transaction Reports (“CTRs”), failing to file CTRs in a timely manner, failing to furnish required information in CTRs, failing to aggregate multiple transactions totaling over $10,000 for reporting purposes, failing to perform annual reviews of exempt persons and document monitoring of exempt person transactions, failing to properly conduct records searches upon the request of the Financial Crimes Enforcement Network (“FinCEN”), failing to follow required identification procedures for reported transactions, failing to obtain required customer identification information, and failing to verify customer identification information; and
- failing to file Suspicious Activity Reports (“SARs”) as required by 12 C.F.R. § 353.3(a)(4) for transactions structured to evade BSA reporting requirements.
|
| C&D order |
Agencies: FDIC |
Assets: $606 million (6/30/07) |
Central Progressive Bank is a state-chartered, non-member bank headquartered in Lacombe, LA, with 21 offices. On July 12, 2007, the FDIC issued a Cease and Desist Order, requiring the bank to, among other changes, improve its BSA/AML compliance program as follows:
- Within 60 days, designate a qualified officer responsible for managing, coordinating, and monitoring the Insured Institution's Bank Secrecy Act (“BSA”) and Office of Foreign Assets Control (“OFAC”) compliance programs ("BSA Officer"). The BSA Officer shall have the responsibility and necessary authority to ensure the Insured Institution's compliance with the BSA and OFAC rules and regulations and related matters, including, without limitation, the identification of timely, accurate, and complete reporting to law enforcement and supervisory authorities of unusual or suspicious activity or known or suspected criminal activity perpetrated against or involving the Insured Institution.
- Within 120 days, the BSA Officer shall review the Insured Institution’s BSA and OFAC compliance program deficiencies and violations set forth in the Report of Examination.
- The Insured Institution's BSA and OFAC compliance programs shall ensure the Insured Institution's future compliance with the BSA and OFAC rules and regulations, section 326.8 and Part 353 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8 and 12 C.F.R. Part 353, and with any related rules and regulations. At a minimum, the compliance programs shall include the following:
- Procedures for the Insured Institution's customer identification program and account opening procedures;
- Policies and procedures with respect to high-risk accounts and customers, including the adequacy of methods for identifying and conducting due diligence on high-risk accounts and customers at account opening and thereafter,
and for monitoring high-risk client relationships on a transaction basis as well as by account and customer;
- Policies, procedures, and systems for identifying, evaluating, monitoring, investigating, and reporting suspicious activity, including transactions involving high-risk customers or accounts and/or high-risk jurisdictions, and the appropriateness of the Insured Institution’s criteria for designating an account as high risk and assessing the Insured Institution's procedures and systems for identifying and monitoring customer transactions in accordance with rules and regulations of the BSA and OFAC;
- Policies and procedures regarding the identification and reporting of cash transactions;
- Policies and procedures with respect to wire transfer recordkeeping requirements;
- Policies and procedures for transactions involving non-customers, including, but not limited to, wire transfer services, traveler's check services, and foreign exchange services;
- Independent annual testing for compliance with the BSA in accordance with the procedures described in section 326.8 of the FDIC Rules and Regulations, 12 C.F.R. § 326.8; and
- Establishment and documentation of
training on a regular and on-going basis for management and Insured Institution personnel on all relevant aspects of laws, regulations, and Insured Institution policies and procedures relating to the BSA and OFAC compliance programs, with a specific concentration on the currency and monetary instruments reporting requirements and the reporting requirements associated with Suspicious Activity Reports, Currency Transaction Reports, and processing requirements of OFAC.
|
| C&D order |
Agencies: FDIC, Kentucky Office of Financial Institutions |
Assets: $27 million (6/30/07) |
First Community Bank is a state-chartered, non-member bank headquartered in Venceburg, KY, with two offices. On July 9, 2007, the FDIC and the Office of Financial Institutions for the Commonwealth of Kentucky (KOFI) issued a Cease and Desist Order, requiring the bank end the following unsafe or unsound banking practices and violations of law or regulations:
- Operating the Bank without effective supervision by the board of directors and executive management to prevent unsafe or unsound practices and violations of law and regulations related to the Bank Secrecy Act, 31 U.S.C. §§ 5311-5330, and regulations implementing the Bank Secrecy Act, including 12 C.F.R. Part 326, Subpart B, and 31 C.F.R. Part 103 (hereinafter collectively, “Bank Secrecy Act”);
- Operating the Bank with an ineffective system of internal controls to assure ongoing compliance with the Bank Secrecy Act;
- Operating the Bank with an ineffective training program for appropriate Bank personnel to assure compliance with the Bank Secrecy Act;
- Operating in violation of section 326.8, of the FDIC’s Rules and Regulations, 12. C.F.R. 326.8, and the Treasury Department’s Financial Recordkeeping Regulations, 31 C.F.R Part 103, more fully described [in a joint FDIC/KOFI report of exam dated] February 27, 2007;
- Operating with management whose actions and practices have resulted in violation of law and regulation relating to Bank Secrecy Act compliance; and
- Operating with a board of directors which has failed to provide adequate supervision over and direction to the management of the Bank to prevent violations of law and regulation relating to Bank Secrecy Act compliance.
|
| C&D order |
Agencies: FDIC, Mississippi Dep't of Banking and Consumer Finance |
Assets: $167 million (6/30/07) |
Bank of Commerce is a state-chartered, non-member insured bank headquartered in Greenwood, MS, with five offices. On July 3, 2007, the FDIC and the Mississippi Dep't of Banking and Consumer Finance issued a Cease and Desist Order, requiring the bank end the following unsafe or unsound banking practices and violations of law or regulations:
- Operating in violation of the Currency and Foreign Transactions Reporting Act (31 U.S.C. § 5311 et seq.) (the Bank Secrecy Act) (“BSA”), the rules and regulations implementing the BSA issued by the U.S. Department of the Treasury (31 C.F.R. Part 103) (“Financial Recordkeeping”), the FDIC’s BSA Programs and Procedures Regulations, 12 C.F.R. Part 326 (“BSA Programs and Procedures”), and 12 C.F.R. Part 353 (“Suspicious Activity Reports”); and
- Operating with a board of directors that has failed to provide adequate supervision over and direction to the management of the Bank to prevent unsafe or unsound banking practices and violations of laws or regulations.
|
| C&D order |
Agencies: NCUA |
Assets: $166 million (3/31/07) |
Garden Savings is a federal credit union. On July 3, 2007, the NCUA issued a C&D order requiring that Garden Savings take certain steps to address needed improvements to its BSA/AML compliance program, including:
- Engage a qualified third party consultant to assist in correcting program deficiencies.
- Complete a comprehensive BSA/AML risk assessment.
- Develop and maintain a list of high and moderate risk members.
- Back-file CTRs and SARs, including CTRs on improperly exempted businesses.
- Implement policies to require documentating decisions not to file SARs.
- Ensure SAR filings are kept confidential.
- Establish written high-risk member policies and procedures within 90 days.
- Hire a competent full-time BSA Compliance Officer with requisite authority and resources to ensure compliance.
- Create a BSA compliance team, and dedicate sufficient staffing and resources to BSA/AML compliance, based on a written risk assessment.
- Cross-train staff to ensure BSA compliance program continuity.
- Obtain and research all 314(a) information sharing requests from FinCEN within 14 days of their receipt. Include 314(a) compliance in BSA Compliance Policy.
- Develop and maintain a comprehensive BSA/AML training program within 90 days.
- Develop and maintain risk-based internal controls and transaction monitoring tools for identification of reportable transactions.
- Evaluate and strengthen current CIP verification processes. Expand CIP procedures to identify higher risk members, for due diligence and account monitoring.
- Develop written procedures to direct responses to law enforcement subpoenas, notifications, requests or inquiries.
- Require organized maintenance of all notifications from law enforcement and government agencies in a secure and readily-retrievable manner.
- Engage a qualified independent third party to conduct BSA/AML compliance program independent testing within 120 days.
- Review current exempt person designations for appropriateness, and document reasons for all continuing exemptions.
- Make a monthly check of all credit union members against the OFAC SDN list.
- OFAC training for all credit union officials, including staff, management and board members.
|
| C&D order |
Agencies: FDIC, CA Dep't of Financial Institutions |
Assets: $199 million (6/30/07) |
Orange Community Bank is an FDIC-insured non-member bank with a main office in Orange, CA, and two branch offices. On 6/25/2007, the FDIC issued the bank a Cease and Desist Order in which the bank is ordered to stop, among other practices, operating in violation of section 326.8 of the FDIC Rules and Regulations regarding a satisfactory BSA/AML compliance program.
The bank was ordered to --
- revise, renew, adopt and implement a written BSA compliance program that
- establishes a system in internal controls to ensure compliance, particularly policies and procedures to detect and monitor suspicious transactions
- provides for independent testing of BSA compliance, at least annually
- ensures that the bank's BSA compliance program is managed by a qualified officer with requisite authority, responsibility, training, resources, and a management reporting structure to ensure compliance
- Provides and documents BSA/AML training of all board members and appropriate personnel
- develop, adopt and implement an effective EDD program that will
- conduct a risk-focused assessment of the bank's customer based to determine appropriate levels of EDD needed for higher-risk categories of customers
- develop procedures to determine appropriate documentation confirming the identity and business activities of high-risk customers, and to effectively monitor those customers' activities to identify and report suspicious activity
- be reviewed regularly to ensure that the bank obtains and used information sufficient for the proper operation of an automated suspicious activity monitoring system (described below).
- enhance its system to allow for periodic review of customer transactions to identify suspicious activity, so that the system can
- consider cash transactions, wire transfers, and monetary instrument purchases or negotiations
- utilize relevant customer data to link related businesses, accounts, and relationships, to facilitate the sorting and review of multiple transaction types and transactions over extended periods of time
- reasonably detect structured transactions and transactions having no business or apparent lawful purpose, and those not customary for a customer.
- develop a plan to complete a six-month look-back on all high and medium-risk accounts for suspicious activity, to file any additional SARs deemed necessary based on the review, and to report on the results of the review and SAR filings to the bank's board, the FDIC and the state Commissioner.
- implement, customize and test any BSA/AML related modules in its existing or new software system so that the bank can have a fully functioning automated system for detecting and monitoring suspicious activity. This automated system should analyze cash transactions over a threshold amount, wire transfers, EFTs and monetary instrument purchases and deposits, with central review and full documentation of decisions for all flagged items.
|
| C&D order |
Agencies: FDIC; MS Dep't of Banking & Consumer Finance |
Assets (3/31/07): $58 million |
Covington County Bank is an insured state nonmember bank. On May 29, 2007, the FDIC issued the bank an order to cease and desist from certain actions, including:
- Operating in violation of the BSA, Treasury regulations at 31 CFR Part 103, the FDIC's BSA Programs and Procedures regulations at 12 CFR Part 326, and the FDIC's Suspicious Activity Reports regulations at 12 CFR Part 353.
- Operating with a board of directors that had failed to provide adequate supervision over and direction to bank management to prevent unsafe or unsound banking practices and violations of law and regulations.
Among other requirements, the bank was ordered to
- Have and retain a qualified BSA officer, with appropriate authority, and notify the FDIC and state banking commissioner of any changes in the bank's BSA officer
- Complete an independent review of senior bank staff to assist the bank in achieving and maintaining a management and reporting structure for BSA compliance appropriate to the bank's size and risk profile
- Establish procedures to review the bank's customer base to identify MSBs, to ensure that appropriate information is gathered on MSB customers, and to identify potential MSBs in daily monitoring procedures
- Employ a qualified independent consultant to complete a customer risk assessment, to include
- an analysis of the bank's risk assessment for customers classified as MSBs, taking into consideration the 4/26/05 interagency guidance on providing banking service to MSBs
- the money laundering and terrorist financing risks associated with the bank's customers, business lines, departments, products, safekeeping services, location, and markets served
- Adopt a comprehensive, written BSA Program based on the independent risk assessment including
- an effective system of internal controls to ensure compliance, to include ten specific elements
- a training program for all operational personnel with a need for BSA knowledge
- delivery of an overview of BSA requirements to all new employees within 30 days of hire, and to all bank executives and directors
- independent testing by an outside consultant to ensure proper controls are in place to comply
- Take all reasonable steps, within 30 days of the order, to eliminate all apparent violations identified in the bank's 10/30/06 Report of Examination
- Establish a board committee charged with ensuring the bank complies with the order.
- Furnish its shareholders a description of the order
|
| C&D order |
Agencies: FDIC |
Assets (3/31/07): $799 million |
Bank of Guam is an insured state nonmember bank. On May 3, 2007, the FDIC issued the bank an order to cease and desist from certain actions, including operating in violation of the FDIC's BSA Programs and Procedures regulations at 12 CFR Part 326, and the FDIC's Suspicious Activity Reports regulations at 12 CFR Part 353.
Among other requirements, the bank was ordered to
- Bring itself into compliance with "the BSA and its rules regulations" within 90 days of the Order.
- Within 60 days of the Order, correct all alleged violations of Parts 326 and 353 listed in an October 18, 2006, Report of Examination
- Update its written compliance program to ensure and maintain compliance with the BSA and related rules and regulations. The update must continue to improve the banks' system of internal controls for BSA compliance.
- Revise, adopt, and implement an effective wirtten customer due diligence program.
- Review all high-risk accounts and transactions, including CTRs, cash purchases of monetary instruments, wire transfer activity and foreign exchange services for the six months starting 6/1/06 (this is the six months prior to full implementation of a purchased automated program to aid in similar reviews)
- File any additional CTRs and SARs needed, based on that review
- Improve and implement an effective CIP
|
| CMP $500K |
Agencies: OCC |
Assets (3/31/07): unknown |
| The OCC assessed a Civil Money Penalty of $500,000 against the New York branch of the United Bank for Africa PLC, in connection with its 1/18/2007 issuance of a C&D order (see below).
|
| C&D order |
Agencies: FDIC |
Assets: $255 million |
Innovative Bank is an insured state nonmember bank. This order follows a BSA report of visitation dated August 21, 2006, and a report of examination dated October 10, 2006. On April 26, 2007, the FDIC issued the bank an order to cease and desist from certain actions, including:
- Operating in violation of section 326.8 of the FDIC's rules and regulations (BSA compliance).
- Operating in violation of section 353.3 of the FDIC's rules and regulations (SAR filing requirements).
Among other requirements, the bank was ordered to
- Develop, adopt and implement a written BSA compliance program.
- Develop, adopt and implement a written customer due diligence program, to include enhanced due diligence for appropriate customers.
- Develop and execute a plan to review high risk accounts and transactions in the bank's Los Angeles branch to identify any CTRs and SARs that should have been filed and were not. The review is to cover the period from the opening of the branch to the implementation of the bank's automated suspicious activity monitoring system.
- Establish and implement policies and procedures to advise directors of significant SARs and advise the audit committee of all SARs.
- Provide for audit committee oversight of BSA compliance, and for reports at least monthly to the audit committee, and report by the audit committee on BSA matters at each board meeting.
- Provide for internal data processing reports to facilitate BSA monitoring and CTR reporting.
- Develop a risk profile for each business are and for the bank as a whole, with input for all branches, management and departments.
- Consolidate and standardize all existing BSA policies and procedures.
- Provide for comprehensive independent tests of compliance with the BSA and related regulations.
- Inform its shareholders of the order in its next shareholder communication and with its next proxy statement or notice of a shareholder meeting (this appears to be a standard requirement for C&D orders).
|
| C&D order |
Agencies: FDIC |
Assets: $149 million |
Bank of Camden is an insured state nonmember bank. On April 16, 2007, the FDIC issued the bank an order to cease and desist from certain actions:
- Operating in violation of the Currency and Foreign Transactions Reporting Act, the Bank Secrecy Act, Treasury rules at 31 CFR Part 103, FDIC's BSA Programs and Procedures regulations (12 CFR 326) and SAR regulations (12 CFR 353) -- collectively, the "BSA Rules."
- Operating without effective board of directors oversight and management supervision to prevent violations of law relating to the BSA rules.
- Operating with an ineffective system of internal controls to ensure ongoing compliance with BSA rules.
- Operating with an ineffective Customer Due Diligence Program, to ensure compliance with the BSA rules.
- Operating with an ineffective system of independent testing to ensure compliance with the BSA rules.
- Operating with an ineffective BSA rules training program for appropriate bank personnel.
Among other requirements, the bank was ordered to complete an independent review of senior staff with responsibilities related to enduring the bank's compliance with the BSA Rules. Specifically listed were the president, senior loan officer, compliance officers, BSA officers, assistant BSA officers and all teller supervisors. The purpose of the review is to assist in setting up and maintaining a management and reporting structure for BSA compliance.
The Order also included the expected laundry list of requirements for establishing and maintaining an effective BSA compliance program (found in other listings below), and steps to address each of the shortcomings listed above. Specific persons to receive BSA Rules training (not less frequently than annually) include current and new tellers; new accounts, lending, bookkeeping, wire transfer and proof personnel; senior management and the bank's directors.
|
| C&D order |
Agencies: FDIC |
Assets: $5.9 billion |
Ocean Bank is an insured state nonmember bank. On March 16, 2007, the FDIC issued the bank an order to cease and desist from certain actions:
- Operating without effective board of directors oversight and management supervision to prevent violations of law relating to the BSA and OFAC regulations.
- Operating with an ineffective system of internal controls to ensure ongoing compliance with BSA/OFAC rules.
- Operating without effective coordinating and monitoring procedures by a designated individual responsible for ensuring day-to-day compliance with the BSA/OFAC rules.
- Operating without an effective CIP.
The bank was ordered to --
- Within 60 days of the order, develop, adopt, and implement a written plan for compliance with BSA/OFAC rules and CIP, including
- a system of internal controls, policies and procedures to detect and monitor transactions to ensure compliance with BSA rules, specifically addressing the opening and monitoring of accounts with frequent wire and check activity.
- procedures for CIP and account opening
- policies and procedures for high-risk accounts and customers, and for monitoring high-risk client relationships on a transaction basis and by account and customer
- policies, procedures and systems for identifying, evaluating, monitoring, investigating, and reporting suspicious activity, particularly involving high risk customers or accounts and high risk jurisdictions
- policies and procedures regarding identification and reporting of cash transactions.
- policies and procedures on wire transfer recordkeeping requirements
- designation of a senior bank official as BSA Officer, responsible for coordinating and monitoring day-to-day compliance with BSA/OFAC rules. This individual will report directly to a board BSA committee (see below).
- adequate, qualified staffing for BSA compliance.
- independent annual testing for compliance with the BSA
- appropriate training for the bank relating to BSA/OFAC rules.
- Within 60 days of the order, review, enhance and implement a written customer CIP, to be approved by regulators.
- Within 30 days, establish a board committee of at least five members (with a majority being non-officers of the bank), to oversee compliance with BSA/OFAC rules.
- Within 120 days of the order, update the bank's overall BSA risk assessment.
- Within 90 days of the order, revise bank BSA policy to provide for
- risk rating of customers
- comprehensive monitoring of high-risk accounts, with full use of account monitoring software
- systems for account aggregation to ensure sufficient data to determine whether SARs and CTRs should be filed
- methods for maintaining and controlling documentation and monitoring accounts of the private banking department, including embassy and PEP accounts, entities with bearer shares, foreign nationals, private investment companies and other offshore entities
- procedures for handling pouch transactions under appropriate controls
- standards for opening accounts
- methods for enforcing the bank's policies regarding BSA/OFAC rules.
- Within 60 days, implement a written customer due diligence program.
|
| C&D order |
Agencies: FDIC |
Assets: $93.3 million |
United Roosevelt is an insured state nonmember bank. On March 7, 2007, the FDIC issued the bank an order to cease and desist from certain actions:
- operating in violation of the Bank Secrecy Act and implementing regulations.
- operating with inadequate management supervision and oversight by its board of directors to prevent unsafe or unsound practices and violations of the BSA.
- operating with an inadequate BSA/AML compliance program.
- failure to have an adequate written CIP.
- operating with inadequate internal controls for BSA compliance.
- operating with inadequate system for independent testing for BSA compliance.
- failure to provide adequate BSA training.
- operating with ineffective policies, procedures and processes ("3P") to comply with 31 CFR Part 103.
- operating with ineffective 3P for screening, monitoring and verifying account transactions for OFAC compliance.
The bank was ordered to --
- develop, adopt and implement a system of internal controls for compliance with the BSA, to include policies, procedures and processes on-
- BSA/AML risk assessments to be conducted immediately and every 12 to 18 months thereafter
- Customer due diligence, in conjunction with CIP
- High risk account identification and monitoring
- Enhanced due diligence for high-risk customers
- Large cash transaction/funds transfers/monetary instrument monitoring for suspicious activity
- Monitoring, detecting and reporting suspicious activity.
- Customer exemptions from CTR filing
- CIP
- BSA/AML staffing and resources
- wire transfer transactions
- develop, adopt and implement internal controls to ensure compliance with OFAC regulations taking into consideration its customers, their geographic locations, the types of accounts, products and services offered, and the geographic areas in which they are offered
- establish independent testing programs for compliance with BSA and OFAC regulations, at least annually, using audit procedures and auditors with experience commensurate with the bank's BSA/AML risk level.
- deliver responsibility-specific BSA/OFAC training to all personnel, including directors and management.
- designate a qualified BSA and OFAC officer or officers.
- develop, adopt and implement policies, procedures and processes to comply with section 314(a) of USAPA.
- include reviews of compliance with BSA and OFAC rules in routine internal and external audits (in addition to independent testing)
- periodically report to the bank's Audit Committee any law enforcement inquiry relating to BSA or OFAC, and criminal subpoena received, and any action taken or response provided to such inquiry or subpoena.
- engage a qualified independent firm to "look back" to review account and transaction activity from 1/1/2006 to the date of the order to determine if suspicious activity within or through the bank was properly identified and reported, and
- complete the filing of any omitted SARs.
|
| C&D order |
Agencies: NCUA |
Assets: $15 million |
The Dover N.J. Spanish American Credit Union agreed in February 2007 to the issuance by NCUA of a Cease and Desist Order. The order imposes significant demands upon the credit union, which appears not to have had an acceptable formal BSA/AML compliance program. Among the tasks the credit union must complete are (with deadlines counted from the date of the order):
- Engage, within 30 days, a consultant to assist in correcting BSA/AML program deficiencies.
- Complete, within 30 days, a comprehensive BSA/AML risk assessment, including the development of a list of high and moderate risk members.
- Ensure that high-risk member account activity is reviewed monthly, and moderate risk member activity is reviewed quarterly.
- Designate a full-time, competent BSA Compliance Officer within 10 days of the order, and train that individual.
- Within 30 days of the order, approve and submit to NCUA a detailed job description for the BSA Officer.
- Enhance monitoring of cash transactions and outgoing wires.
- Improve internal controls and monitoring tools to ensure that all reportable transactions are identified. Include sales and redemptions of monetary instruments, incoming wires, ATM transactions and others identified in the Risk Assessment.
- Ensure that CTRs and SARs are timely, accurately, and completely filed.
- Within 15 days, start using FinCEN's BSA Direct E-filing system.
- Maintain security and secrecy of SARs.
- Within 60 days, complete the back filing of CTRs and SARs to 2001. Consider hiring temporary help to assume routine credit union assignments so that knowledgeable staff may complete this review.
- Complete a monthly check of member names against the OFAC SDN list.
- Train personnel on use of the credit union's OFAC software.
- Train all staff and officials, including board members, on OFAC requirements within 30 days.
- Research FinCEN § 314(a) requests on a timely basis. Obtain missed requests and search records within 10 days and weekly thereafter.
- Establish written CIP processes, including the verification of tax ID numbers.
- Ensure timely and accurate follow up on IRS report errors or mismatch notifications.
- Verify SSNs, EINs and ITINs for all members joining since 1/1/2000, and file SARs for any that cannot be verified within 90 days.
- Identify all members who are MSBs, and establish an effective MSB monitoring program, within 30 days. Close all MSB accounts for which due diligence cannot be completed in that time frame.
- Ensure that all business accounts -- and personal accounts with business activity -- are identified within 90 days.
- Within 60 days, develop and implement due diligence and monitoring processes for business accounts.
- Within 45 days, develop and implement a comprehensive BSA/AML "top to bottom" training program<
- Within 120 days, engage a qualified independent third party for independent testing of the BSA/AML compliance program, to be completed within 180 days. Ensure annual independent testing thereafter.
|
| C&D order |
Agencies: OTS |
Assets: $138.8 million |
| Peoples Federal S&L received a Cease and Desist Order from the OTS on 2/12/07. The OTS "concluded that there were weaknesses in the
'independent review' component of the Association's BSA Compliance Program, and that the
Association had failed to id | |
Print Friendly!
Email This Article!
Discuss NOW!
