Since the Patriot Act was enacted at the end of 2001, US regulators have imposed more than $5bn in monetary penalties against financial institutions in connection with alleged violations of Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) regulations. In recent years there have been notable increases in the size of penalties, in both absolute terms and as a share of firm capital. According to our own analysis, two-thirds of all formal enforcement actions since 2012 have included monetary penalties, compared to less than half from 2002 through 2011. Moreover, 80 percent of the approximately $5.2bn in monetary penalties imposed since 2002 have been levied since 2012. Increases in the scope of regulatory investigations and the penalties assessed in enforcement actions come despite increased BSA and AML compliance efforts by financial institutions, including a nearly five-fold increase in filings of Suspicious Activity Reports (SARs) since 2002.
In recent years, regulators have prioritised the importance of strict AML law enforcement. FinCEN, the federal regulator directly responsible for enforcing BSA and AML compliance, added a standalone Enforcement Division in June 2013. On 19 November 2013, Director Jennifer Shasky Calvery emphasised FinCEN’s focus on strong and consistent enforcement practices in a speech before the ABA Money Laundering Enforcement Conference where she stated “Strong enforcement efforts may be needed” to ensure that financial institutions diligent about AML compliance “do not lose business to competitors seeking to cut corners with respect to AML”.
Regulators’ enforcement practices have shifted accordingly. From Q1 2007 through Q3 2009, a period in which many financial institutions struggled to maintain liquidity and capital ratios, regulators primarily issued zero dollar penalty cease and desist orders with no BSA or AML monetary penalty exceeding 1 percent of a financial institution’s total equity capital. This stance may have been, in part, an effort to avoid placing further strains on institutions weathering the financial crisis. From Q4 2009 onward, however, regulators shifted to a more aggressive enforcement paradigm and pursued enforcement actions against financial institutions for both larger dollar amounts and larger proportions of total equity capital.
Regulators have also started placing emphasis on corporate and individual responsibility with respect to BSA and AML compliance. While, historically, financial institutions that were the subject of enforcement actions were typically able to consent to monetary penalties without admitting or denying the alleged wrongdoing, FinCEN Director Shasky Calvery has made clear that this practice is changing. In her November 2013 speech before the ABA Money Laundering Enforcement Conference she stated “Those who violate the BSA must take responsibility… In our most recent actions, the financial institutions have not been permitted to neither admit nor deny the facts. Acceptance of responsibility and acknowledgment of the facts is a critical component of corporate responsibility.”
Comptroller of the Currency Thomas Curry echoed FinCEN’s focus on responsibility in a 17 March 2014 speech before ACAMS International AML and Financial Crime Conference. Moreover, he targeted his remarks at individual-level accountability. “Shouldn’t we, as bank supervisors, demand that institutions designate and hold senior managers responsible for BSA risk management?” he asked, ultimately concluding “Where there has been a serious breakdown in BSA compliance… someone has to be accountable.”
The move toward admissions of guilt in BSA and AML settlements is best illustrated by the divergence between Wachovia’s and ABN AMRO’s settlements in 2010. In March 2010, Wachovia consented to pay $160m in monetary penalties without admitting or denying allegations that it violated the BSA by failing to properly report $8bn in suspicious transactions via SARs and failing to file over 11,000 Currency Transaction Reports (CTRs) in a timely manner. Just two months later, however, the former ABN AMRO was compelled to accept and acknowledge responsibility for violating the BSA by knowingly and willingly engaging in transactions with entities associated with state sponsors of terrorism in a settlement that resulted in a $500m asset forfeiture.
Following ABN AMRO’s May 2010 settlement, every major formal enforcement action has included an admission: Moneygram’s $100m asset forfeiture in November 2012, HSBC’s $1.9bn in asset forfeitures and civil money penalties in December 2012, and JPMorgan Chase’s (JPMC) $2.05bn in asset forfeitures and civil money penalties in January 2014, were all assessed in connection with deferred prosecution agreements in which the financial institutions were made to admit to statements of facts allegedly constituting BSA and AML violations.
Many financial institutions have responded to stronger BSA and AML enforcement with enhanced compliance programs, a substantial increase in SAR filings, and so-called de-risking of customer portfolios. De-risking involves the purposeful closing of financial relationships with groups of customers or lines of business considered high risk under BSA and AML standards. The number of SARs filed with FinCEN has grown nearly 30-fold since 1996, when the SAR was introduced, and nearly five-fold since 2002, the first year the Patriot Act’s Title III expansion of BSA/AML requirements was in effect, according to FinCEN’s SAR Activity Review – By the Numbers.
Partial compliance with relevant regulations is not enough to avoid regulatory action. The JPMC settlement in particular reveals the broad scope and long look-back of recent enforcement actions. JPMC admitted and accepted responsibility for violations of the BSA during the period between 1996 and 2008, including failure to file SARs in connection with its relationship with Bernard Madoff and his Ponzi scheme and failure to maintain an effective AML program. However, in the deferred prosecution agreement, supervisory agencies acknowledged that JPMC filed a timely British SAR on Madoff, but seemingly sought to emphasise that meeting foreign reporting obligations did not satisfy US BSA and AML regulatory requirements.
The admission of responsibility in recent enforcement actions opens a wider avenue for private litigation against financial institutions, despite the lack of a direct private right of action through BSA and AML regulations. In the wake of the discovery of several major financial fraud schemes, a number of private lawsuits have been initiated against financial institutions for their alleged roles as facilitators. Central to many of the lawsuits has been the quality of BSA and AML compliance programs, as fraud victims have alleged that up-to-standard compliance programs would have reduced their ultimate losses via the timely discovery, reporting and cessation of illicit activities.
The increasing magnitude of regulatory and private challenges to BSA and AML compliance has come with increased costs to financial institutions. According to the 2014 Global Anti-Money Laundering Survey, average AML compliance costs for financial institutions have grown at a rate of at least 40 percent every three years since 2002, and by 53 percent over the most recent three-year period. It is expected that the costs of compliance, regulatory enforcement actions and private lawsuits will continue their increasing trend.
Christopher Laursen is Senior Vice President and Chair of the Financial Institutions and Banking Practice at NERA Economic Consulting. He can be contacted on +1 (202) 466 9203 or by email: firstname.lastname@example.org.
© Financier Worldwide
NERA Economic Consulting