On December 18, 2014, the Financial Crimes Enforcement Network (FinCEN) – responsible for enforcing U.S. anti-money laundering (AML) laws – fired a warning shot across the bow of every financial institution compliance officer by (1) assessing a $1 million civil money penalty against the former chief compliance officer of one of the largest money transfer businesses in the world, and (2) filing a civil complaint against the officer to reduce the fine to a judgment and prohibit him from working for a financial institution for "a term of years sufficient to prevent future harm to the public."
This FinCEN action has been a long time coming. For years, FinCEN and other federal and state financial regulators have imposed ever-increasing fines on financial institutions (FIs) such as banks, money transfer/service businesses, broker/dealers, etc. Recently, these regulators imposed billions of dollars in fines on several large banks and other FIs for alleged compliance failures. The undercurrent from the regulators has been that FIs will take compliance more seriously, perhaps, when an FI officer is held individually accountable.
That day has finally come, and along with it, the likelihood that federal regulators will increasingly target compliance officers and other corporate officials and board members as a way to encourage compliance. The FinCEN action follows public statements by several government regulators, such as the FinCEN director and the Consumer Financial Protection Bureau (CFPB), on the importance of compliance, placing responsibility directly on boards of directors and senior management.
The emphasis on compliance and the pressure on compliance officers is widespread. For example, the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) brought several enforcement actions in 2014 against individuals for alleged compliance lapses. In just the first two months of 2014, FINRA:
- Fined a New York-based broker $8 million for "substantial anti-money laundering compliance failures" and levied a $25,000 fine against the company's global AML compliance officer and suspended him for a month; and
- Fined a New York-based securities firm that services Mexican clients investing in U.S. and global securities $475,000 for not having adequate AML systems and for failing to register several hundred foreign finders who interacted with the firm's Mexican clients. FINRA also suspended the firm's former AML and chief compliance officer for 30 days in a principal capacity as he was responsible for the firm's AML procedures and for monitoring suspicious activities.
Taken together, FINRA and other agency enforcement and regulatory pressures:
- Place compliance officers on notice that government regulators – federal and state – expect them to exercise both their authority and their responsibility to enforce AML laws and regulations through appropriate policies and procedures;
- Confirm to senior management and boards of directors their obligations to foster and support a "culture of compliance" within their organizations, including supporting their compliance officers;
- State clearly that the enforcement community is escalating the pressure on FIs by focusing on the individuals responsible for compliance; and
- Strongly suggest that the emphasis on compliance goes far beyond AML and includes not just the related area of economic sanctions (overseen by the Office of Foreign Assets Control), but also the many consumer-facing regulations administered by the state and federal banking agencies, the state attorneys general, the Federal Trade Commission, and the CFPB.
As further background to the current civil lawsuit, FinCEN alleges in the complaint that willful inaction in responding to consumer complaints and investigating sales agents resulted in consumers losing millions of dollars. According to the complaint, the firm did not maintain an appropriate discipline policy, terminate known high-risk agents, or conduct sufficient due diligence (including audits) of its agents. Finally, the complaint alleges that the chief compliance officer failed to ensure the filing of Suspicious Activity Reports that allow the government to identify fraud and enforce the law against criminal networks.
* * * * * * * * * *
FinCEN, FINRA, the federal banking regulators, and the CFPB have expressed their expectation of boards of directors with respect to compliance. In that regard, the CFPB has stated that boards of directors:
should ensure that the compliance function is appropriately staffed with a qualified chief compliance officer, and other additional compliance managers who have the authority and accountability necessary to implement the compliance management program, with clear and visible support from senior management, as well.
The CFPB Examination Manual, like those of other federal regulators (the SEC, FINRA, et al.), focuses on the need for a company's compliance function to screen effectively for areas of concern and take action to address issues that are identified. At the top of the list is the need for a compliance department to monitor, respond to, and resolve consumer complaints – one of the issues at the heart of FinCEN's recent lawsuit.
Scrutiny of what companies and compliance staff know of risk to consumers (and when they should know it) and the corrective actions that they should take will continue. Moreover, coordination among government enforcers is on the rise as evidenced by such initiatives as the Financial Fraud Task Force and Operation Chokepoint. In today's regulatory environment, it seems that regulators are competing for enforcement headlines. The best way for a company to avoid getting caught in such competitive cross-hairs is to ensure that its compliance officer has the right staff, appropriate resources, and the full backing of management