There can be a precarious path bankers walk assuming that a community bank has a low risk for money laundering. The reality is that nefarious actors know this, and while these banks are often doing their best with the staff and budget they have to work with, bank leaders and board members need to be as invested in their anti-money laundering (AML) program as much as their compliance staff. Here we’ll discuss three cases of community banks that have faced enforcement actions for AML failures and discuss what commonalities exist.
Case #1 – Merchants Bank of California
In June of 2010, the Office of the Comptroller of the Currency (OCC) identified deficiencies in the bank’s, compliance with the Bank Secrecy Act (BSA) that resulted in violations of consent orders and a violation of 12 C.F.R. § 21.21 — procedures for monitoring BSA compliance. This was compounded in again in June of 2014. In the second consent order, the first was largely met, however, the BSA failures were described in much more detail the second time around. With that, in February 2017, the bank was issued a $1 million civil money penalty (CMP) from the OCC and a $7 million CMP from FinCEN.
The original consent order required the bank to correct deficiencies in all four pillars of its BSA program, among other things.
The CMP reflects several factors, including the scope and duration of the bank’s failure to comply with the previous consent orders and violations (OCC, 2017).
The violations seen at Merchants Bank of California are “egregious” according to FinCEN. In this particular case, the bank employees lacked the autonomous authority to do their job properly. It’s a classic example where the Board and bank leaders prioritize revenues over compliance, which not only puts their institution at risk but the larger financial system as a whole.
Case #2 – County Bank Greenwood in South Carolina
In September 2018, the Federal Deposit Insurance Corporation (FDIC) executed a stipulation to County Bank Greenwood in South Carolina. The FDIC ordered the bank to revise and adopt a written BSA Compliance
Program that includes internal controls, policies and procedures, and fully meets all requirements of 12 C.F.R. § 326.8—which addresses the deficiencies and recommendations from the FDIC’s original examination report from March 2018 (FDIC in the Matter of County Bank, 2018).
The original examination report was designed to ensure and maintain full compliance with BSA. Their updated BSA Compliance Program is required to address the risk profile in the Bank’s BSA risk assessment and maintain full compliance with all AML laws, regulations, and rules; as well as those relating to OFAC. The FDIC also ordered the bank to review and revise as appropriate its written policies, procedures, and processed relating to their risk assessment. The Risk Assessment is required to address all factors that directly affect their overall BSA and AML profile.
In the matter of County Bank, the bank had been short in all aspects of their BSA Compliance program. This is a classic example of how serious regulators, in this case the FDIC, are taking BSA Compliance. The consent order requires the board of directors to assume full responsibility and to maintain a board committee to oversee the bank’s compliance with this order (FDIC, 2). Additionally, the bank is required to conduct a risk assessment to ensure full compliance with BSA.
Case #3 – FirstCity Bank of Commerce in Florida
In October 2018, the FDIC issued a stipulation to FirstCity Bank of Commerce in Palm Beach Gardens, FL. The FDIC identified issues relating to weaknesses in the Bank’s compliance program with BSA (FDIC Enforcement). Among a number of BSA compliance program required changes, they were also mandated to complete a look-back review, totaling just less than a year of transactions for review.
The FDIC identified issues where the bank was violating certain BSA laws and regulations, and ordered that the bank improve their BSA risk assessment, appropriately address their staffing requirements, improve and conduct their BSA training program, improve and conduct the bank’s BSA independent testing and internal audit program, and their overall BSA internal controls.
While the bank may have been trying to keep up with the requirements, in this case, it appears the Board could have invested themselves a bit more in understanding, respecting, and maintaining a level of familiarity with BSA compliance required of their bank. The order directed that “the Board shall assume full responsibility for the approval of sound policies and objectives and for the supervision of all Bank activities, consistent with the role and expertise commonly expected for directors of banks of comparable size” (Federal, 2018). Further, the Board lacked the bank leadership it needed to steer a financial institution of any size.
Bottom Line
Every bank shares the requirement of BSA. Every bank has to invest in the right tools and people to properly mitigate the risk that comes with banking. Whether the Board is too involved with making the day-to-day decisions, like what SARs to file; to not knowing enough, by choice or not, the Board’s involvement is key to avoiding hefty penalties, bad press, and costly remediation plans. It is the responsibility of the BSA Officer to push this point – the Board and bank leadership must understand their role in this and the requirements. If not, both the BSA Officer and the bank are at risk.
Sources
FDIC Enforcement Decisions and Orders. (2018, October 10). Retrieved from https://orders.fdic.gov/s/press-release-orders?prYear=2018&prDate=30&prMonth=11
FDIC in the Matter of County Bank Greenwood, South Carolina. (September 2018). Retrieved from https://orders.fdic.gov/s/press-release-orders?prYear=2018&prDate=26&prMonth=10
FDIC. (2018, September 24). [Consent Order to County Bank]. Greenwood, South Carolina.
Federal Deposit Insurance Corporation. (2018, October 10). [Consent Order to FirstCity Bank of Commerce]. Palm Beach Gardens, Florida.
FinCEN Penalizes California Bank for Egregious Violations of Anti-Money Laundering Laws. (n.d.). Retrieved from https://www.fincen.gov/news/news-releases/fincen-penalizes-california-bank-egregious-violations-anti-money-laundering-laws
OCC Assesses Penalty Against Merchants Bank of California, N.A. (2017, February 27). Retrieved from https://www.occ.treas.gov/news-issuances/news-releases/2017/nr-occ-2017-23.html
Office of the Comptroller of the Currency. (2010, June 22). [Consent Order to Merchants Bank of California, N.A.]. Carson, California
Office of the Comptroller of the Currency. (2014, June 26). [Consent Order to Merchants Bank of California, N.A.]. Carson, California.
Office of the Comptroller of the Currency (OCC). (2018, November 13). Policies and Procedures Manual. Retrieved from https://www.occ.gov/news-issuances/bulletins/2017/ppm-5310-3.pdf
Office of the Comptroller of the Currency. (2019, February 14). [Termination of the Agreement Between Connecticut Community Bank, N.A. and the OCC]. Westport, Connecticut.
