Why it matters: The government has been cracking down on financial institutions for falling short of the rigorous anti-money laundering (AML) requirements under the Bank Secrecy Act. This month, we discuss two recent enforcement actions that caught our eye involving AML failings in connection with a long-running international consumer wire fraud scheme and a "pump and dump" scheme. One take-away? AML compliance can be challenging, especially for those individuals at the financial institutions tasked with the job.

Detailed discussion: Following, we discuss a couple of recent notable AML enforcement actions conducted by the DOJ and the SEC.

Western Union: On January 19, 2017, the DOJ announced that Colorado-based The Western Union Company (Western Union), described as a "global money services business," agreed to forfeit $586 million and enter into agreements with the DOJ, the Federal Trade Commission (FTC) and various U.S. Attorney's Offices located in Pennsylvania, California and Florida. The DOJ said that, in its deferred prosecution agreement (DPA) with Western Union, the company admitted to "criminal violations including willfully failing to maintain an effective [AML] program and aiding and abetting wire fraud." In addition to forfeiting $586 million under the DPA, Western Union agreed to numerous "enhanced compliance obligations to prevent a repeat of the charged conduct."

According to Western Union's admissions and the statement of facts contained in the DPA with the DOJ, "between 2004 and 2012, Western Union violated U.S. laws—the Bank Secrecy Act (BSA) and anti-fraud statutes—by processing hundreds of thousands of transactions for Western Union agents and others involved in an international consumer fraud scheme." The DOJ said that, as part of the scheme, "fraudsters contacted victims in the U.S. and falsely posed as family members in need or promised prizes or job opportunities. The fraudsters directed the victims to send money through Western Union to help their relative or claim their prize. Various Western Union agents were complicit in these fraud schemes, often processing the fraud payments for the fraudsters in return for a cut of the fraud proceeds." According to the DOJ, the facts show that Western Union started receiving customer complaints (known as consumer fraud reports or CFRs) about this conduct as early as 2004 but "failed to take corrective action."

Moreover, the facts show that in 2004 Western Union's Corporate Security Department proposed "global guidelines for discipline and suspension of Western Union agents that processed a materially elevated number of fraud transactions," including "automatically suspending any agent that paid 15 CFRs within 120 days." The DOJ said that Western Union failed to implement these proposed guidelines, but had it done so "it could have prevented significant fraud losses to victims and would have resulted in corrective action against more than 2,000 agents worldwide between 2004 and 2012."

The DOJ pointed to numerous other BSA violations by Western Union over the eight year period, including (1) the acquisition of a significant "high fraud" agent "that Western Union knew prior to the acquisition had an ineffective AML program and had contracted with other agents that were facilitating significant levels of consumer fraud;" (2) failing to terminate or discipline agents who repeatedly violated the BSA and Western Union policy through structuring activity used to evade reporting requirements of transactions in excess of $10,000; and (3) failing to take effective measures to terminate the use by individuals of its money transfer system to send illegal gambling transactions from Florida to offshore sportsbooks.

The DOJ said that in a parallel investigation Western Union had agreed to settle with the FTC for the same conduct, which the FTC alleged violated the FTC Act. Under the FTC's order, Western Union agreed to a monetary judgment of $586 million and "to implement and maintain a comprehensive anti-fraud program with training for its agents and their front line associates, monitoring to detect and prevent fraud-induced money transfers, due diligence on all new and renewing company agents, and suspension or termination of noncompliant agents." The FTC's order will be overseen by an independent compliance auditor for a period of three years.

Concurrently with the DOJ's announcement, FinCEN announced that, in conjunction with the DOJ/FTC investigations, it had assessed a civil penalty of $184 million (deemed satisfied by Western Union's forfeit to the DOJ of the $586 million) against Western Union Financial Services, Inc. (WUFSI) for "willfully violat[ing] the Bank Secrecy Act's [AML] requirements by failing to implement and maintain an effective, risk-based AML program and by failing to file timely suspicious activity reports (SARs)." In addition to the civil penalty, WUFSI entered into a consent agreement with FinCEN requiring it to take remedial measures including "increased scrutiny and periodic reporting regarding agent SAR reporting and disclosure of corrective actions taken against agents."

Again, to succinctly sum up the issue, FinCEN Acting Director El-Hindi said that its consent agreement with WUFSI "reflects [Western Union's] recognition of past shortcomings and the damage that can be done when there is a failure of a culture of compliance."

Windsor Street Capital (formerly Meyers Associates L.P.) and its former AML compliance officer: On January 25, 2017, the SEC announced that it had instituted administrative proceedings against New York-based brokerage firm Windsor Street Capital (formerly Meyers Associates L.P. (Meyers Associates)), as well as its former AML compliance officer John D. Telfer, for failing to file Suspicious Activity Reports (SARs) for $24.8 million in suspicious transactions. The suspicious transactions included "those occurring in accounts controlled by microcap stock financiers Raymond H. Barton and William G. Goode who were separately concurrently charged by the SEC with conducting a 'pump-and-dump' scheme" (without admitting wrongdoing, Barton and Goode agreed to settle with the SEC and pay over $8.7 million in disgorgement, interest and penalties).

Among other things, the SEC alleged that AML compliance officer Telfer and Meyers Associates "should have known about the suspicious circumstances behind many transactions occurring in customer accounts." With specific reference to the "pump and dump" scheme, the SEC said that "[c]ustomers like Barton and Goode allegedly deposited large blocks of penny stocks, liquidated them typically amid substantial promotional activity, and then transferred the proceeds away from the firm. … [T]he shares deposited by Barton and Goode could not be sold legally because no registration statement was in effect and no registration exemption was available." The SEC alleged that, "[r]ather than conduct a reasonable inquiry into the deposits," Telfer and Meyers Associates accepted registration exemption claims by Barton and Goode "at face value."