[Senate Hearing 113-10]
[From the U.S. Government Publishing Office]
S. Hrg. 113-10
PATTERNS OF ABUSE: ASSESSING BANK SECRECY ACT COMPLIANCE AND
ENFORCEMENT
=======================================================================
HEARING
before the
COMMITTEE ON
BANKING,HOUSING,AND URBAN AFFAIRS
UNITED STATES SENATE
ONE HUNDRED THIRTEENTH CONGRESS
FIRST SESSION
ON
EXAMINING BANK SECRECY ACT COMPLIANCE AND ENFORCEMENT
__________
MARCH 7, 2013
__________
Printed for the use of the Committee on Banking, Housing, and Urban
Affairs
Available at: http: //www.fdsys.gov /
U.S. GOVERNMENT PRINTING OFFICE
80-662 WASHINGTON : 2013
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office,
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202�09512�091800, or 866�09512�091800 (toll-free). E-mail, [email protected].
COMMITTEE ON BANKING, HOUSING, AND URBAN AFFAIRS
TIM JOHNSON, South Dakota, Chairman
JACK REED, Rhode Island MIKE CRAPO, Idaho
CHARLES E. SCHUMER, New York RICHARD C. SHELBY, Alabama
ROBERT MENENDEZ, New Jersey BOB CORKER, Tennessee
SHERROD BROWN, Ohio DAVID VITTER, Louisiana
JON TESTER, Montana MIKE JOHANNS, Nebraska
MARK R. WARNER, Virginia PATRICK J. TOOMEY, Pennsylvania
JEFF MERKLEY, Oregon MARK KIRK, Illinois
KAY HAGAN, North Carolina JERRY MORAN, Kansas
JOE MANCHIN III, West Virginia TOM COBURN, Oklahoma
ELIZABETH WARREN, Massachusetts DEAN HELLER, Nevada
HEIDI HEITKAMP, North Dakota
Charles Yi, Staff Director
Gregg Richard, Republican Staff Director
Laura Swanson, Deputy Staff Director
Colin McGinnis, Policy Director
Steve Kroll, Special Counsel
Pat Grant, Counsel
Dawn Ratliff, Chief Clerk
Riker Vermilye, Hearing Clerk
Shelvin Simmons, IT Director
Jim Crowell, Editor
(ii)
?
C O N T E N T S
----------
THURSDAY, MARCH 7, 2013
Page
Opening statement of Chairman Johnson............................ 1
Opening statements, comments, or prepared statements of:
Senator Warner............................................... 2
WITNESSES
David S. Cohen, Under Secretary for Terrorism and Financial
Intelligence, Department of the Treasury....................... 3
Prepared statement........................................... 31
Responses to written questions of:
Chairman Johnson......................................... 61
Senator Crapo............................................ 65
Senator Reed............................................. 69
Senator Warren........................................... 69
Senator Heitkamp......................................... 72
Thomas J. Curry, Comptroller, Office of the Comptroller of the
Currency....................................................... 5
Prepared statement........................................... 44
Responses to written questions of:
Chairman Johnson......................................... 73
Senator Crapo............................................ 77
Senator Reed............................................. 80
Senator Warren........................................... 81
Senator Heitkamp......................................... 160
Jerome H. Powell, Member, Board of Governors of the Federal
Reserve
System......................................................... 6
Prepared statement........................................... 55
Responses to written questions of:
Chairman Johnson......................................... 161
Senator Crapo............................................ 166
Senator Warren........................................... 171
Senator Heitkamp......................................... 176
(iii)
PATTERNS OF ABUSE: ASSESSING BANK SECRECY ACT COMPLIANCE AND
ENFORCEMENT
----------
THURSDAY, MARCH 7, 2013
U.S. Senate,
Committee on Banking, Housing, and Urban Affairs,
Washington, DC.
The Committee met at 10:03 a.m., in room SD-538, Dirksen
Senate Office Building, Hon. Tim Johnson, Chairman of the
Committee, presiding.
OPENING STATEMENT OF CHAIRMAN TIM JOHNSON
Chairman Johnson. The Committee is called to order.
Today we will assess large money center banks' compliance
with U.S. anti-money laundering rules. Our financial system is
a major target for those who want to conceal and move illicit
funds since the dollar is the world's reserve currency. That is
why strong AML compliance coupled with tough enforcement is
critical.
In recent years we have seen major enforcement actions
against a large number of global banks that allowed billions of
dollars to flow through the U.S. financial system in a
concealed way. They include ABN AMRO, Lloyd's, Credit Suisse,
Wachovia, Barclays, ING, Standard Chartered, and HSBC. These
banks violated the Bank Secrecy Act and our sanctions rules
against Iran, Cuba, and other countries in various ways, which
cost the banks over $5 billion in fines and forfeitures. In
addition, Citibank and JPMorgan Chase have been required to
overhaul their BSA compliance systems in the face of major
violations.
This pattern of violations is disturbing. Holes in banks'
anti-money laundering systems can protect funds stolen by
corrupt leaders and drug cartels, help sanction violators, and
enable terrorist financing. To address this threat, we must
understand how banks' safeguards malfunction and assess the way
the Government enforces our AML rules. As we do that, we should
consider several important issues:
The Government depends on bank compliance programs to
detect and prevent money laundering. Should senior management
be required to confirm the strength of their programs regularly
so that they do not break down, as appears to have happened at
a number of banks?
In the recent major penalty cases, U.S. banks failed to
deal effectively with funds from non-U.S. branches or
affiliates; some of the latter intentionally undermined rules
and procedures that they knew were required in the U.S. How can
we ensure more uniform compliance and enforcement of U.S. and
international rules?
The time between citations by bank examiners and
enforcement actions cannot be allowed to drag out, as was done
in some of these cases. While I am pleased that the OCC and
other regulators are intensifying their efforts in this area,
they must let law enforcement know early on about potential
problems to prevent illicit funds from being moved while
problems are being fixed.
Last, questions have been raised about remedies, including
the need for prosecution. We should consider today the full
range of remedies in cases like these, including: BSA
injunctions, banning from the industry those individuals who
violate the rules, suspending a particular kind of activity or
line of business at a bank in response to violations, and other
measures.
We must do more to ensure that global banks, including
their affiliates and branches who seek access to the U.S.
system, have effective anti-money laundering systems in place.
If the recent record of AML-related violations by U.S. banks is
any indication, we clearly have a long way to go before that is
accomplished. I hope today's hearing can advance the discussion
of how to reach this goal.
I will need to excuse myself momentarily to attend an
Energy Committee hearing, but I appreciate the witnesses'
testimony and will follow up if I have additional questions. I
understand Ranking Member Crapo is sick and regrets not being
here today. His statement will be submitted for the record.
I will now turn it over to Senator Warner.
STATEMENT OF SENATOR MARK R. WARNER
Senator Warner [presiding]. Thank you, Mr. Chairman, and I
thank my colleagues, particularly Senator Reed. I think you
have got to head off, too, so to make sure to the folks here, I
am not jumping line. And I am going to assume we are going to
honor the old Corker rule here in that nobody else wants to
make a statement at this point, so I can go ahead and introduce
the witnesses.
I want to remind all my colleagues that the record will be
open for the next 7 days for opening statements and any other
materials you would like to submit. Now I would like to
introduce our witnesses.
The Honorable David Cohen is the Treasury Department's
Under Secretary for Terrorism and Financial Intelligence. Mr.
Cohen formerly served as Assistant Secretary for Terrorist
Financing, and prior to that he was in private practice at
Wilmer, Cutler, Pickering, Hale & Dorr. He also served in
various roles in the Treasury Department's Office of General
Counsel.
The Honorable Thomas J. Curry is the Comptroller of the
Currency. Prior to becoming Comptroller, Mr. Curry served as
the Director at FDIC as well as the chairman of the
NeighborWorks America Board of Directors. He previously served
five Governors as the Commissioner of Banks for the
Commonwealth of Massachusetts.
Then, finally, the Honorable Jerome H. Powell is the
Governor on the Board of the Federal Reserve System. Before
joining the Board, Mr. Powell was a visiting scholar at the
Bipartisan Policy Center, and prior to that he served as a
partner at the Carlyle Group, as Assistant Secretary and Under
Secretary of the Treasury in the first Bush administration, and
as a lawyer and investment banker in New York City. And I am
friends with Mr. Powell and his Mr. Powell and his family.
I am going to go ahead, since this is a rare opportunity
for me to actually move up to the Chairman's seat. I am going
to take advantage of this--it may be years before I get to sit
there again--before I call on Mr. Cohen to give his opening
statement.
If Senator Reed or Senator Johnson were still here, they
would say, ``Do not get too comfortable.''
With that, Mr. Cohen, please proceed.
STATEMENT OF DAVID S. COHEN, UNDER SECRETARY FOR TERRORISM AND
FINANCIAL INTELLIGENCE, DEPARTMENT OF THE TREASURY
Mr. Cohen. Thank you, Chairman Johnson, Ranking Member
Crapo, distinguished Members of the Committee. Thank you for
inviting me to testify today on a core focus of our efforts at
the Department of the Treasury: promoting a safe and secure
financial system, and effectively combating money laundering,
terrorist financing, and related forms of illicit finance. I
would like to commend you, Mr. Chairman, and this entire
Committee for your strong leadership on this topic.
The spate of recent high-profile enforcement actions
against some of our largest and most sophisticated financial
institutions raises troubling questions about the effectiveness
of our domestic anti-money laundering and counterterrorist
financing efforts. It is critically important to understand why
these failures occurred and what we can do--whether through
better legislation, regulation, examination, or enforcement--to
prevent the recurrence of such failures.
The Bank Secrecy Act and the regulations promulgated by
Treasury's Financial Crimes Enforcement Network, known as
FinCEN, and the Federal functional regulators established the
framework for guarding the financial system from money
laundering and terrorist financing. These laws and regulations
work in tandem with the sanctions programs implemented by
Treasury's Office of Foreign Assets Control, known as OFAC.
These laws and rules aid financial institutions in
identifying and managing risk, provide valuable information to
law enforcement, and create the foundation of financial
transparency required to deter, detect, and punish those who
would abuse our financial system.
But the laws and rules can only do so much. A truly robust
AML/CFT framework requires effective AML program implementation
by financial institutions, buttressed by strong enforcement
efforts.
In light of what we have seen in recent years, it is clear
that significant design, oversight, compliance, and enforcement
challenges remain. I would like to highlight the Treasury
Department's efforts to strengthen the effectiveness of our
AML/CFT regime.
First, Treasury's AML/CFT regulators, FinCEN and OFAC, are
committed to continuing their vigorous investigation and
enforcement of violations. In my written testimony, I describe
a number of recent FinCEN and OFAC enforcement actions,
including the HSBC matter last December, in which FinCEN
imposed a $500 million civil penalty for willful violations of
the BSA, and OFAC imposed a $375 million fine for sanctions
evasion.
Moreover, FinCEN, as part of a thorough review being
conducted by its new Director, is redoubling its AML
enforcement focus, including by ensuring that it is employing
all of the tools at its disposal to hold accountable those
institutions and individuals who allow our financial
institutions to be vulnerable to illicit financial activity.
Second, because aggressive enforcement is a necessary but
not sufficient response to the problems exposed by recent
investigations, we have set up two groups to examine and
improve the legal, regulatory, compliance, and enforcement
framework.
FinCEN recently organized a group of representatives from
the financial service industry, financial regulators, and law
enforcement whose mission is to identify gaps between illicit
finance risks and compliance efforts, and to develop
recommendations to close those gaps. This group's work will
feed into the efforts of an interagency group that I convened
last fall known as the AML Task Force. Other task force members
include senior representatives from all regulators with
responsibility to combat money laundering: FinCEN, the Fed, the
OCC, the FDIC, the NCUA, the CFTC, the SEC, and the IRS, as
well as the Justice Department's Criminal Division.
The task force is taking a step-back look at our AML/CFT
framework to assess how the entire enterprise is operating. It
is looking at illicit finance risks and compliance requirements
and will evaluate information-sharing, supervision, and
enforcement practices to determine if there are ways to better
inform, assess, encourage, and, as necessary, compel financial
institution compliance.
Third, we are moving ahead with an initiative to enhance
financial transparency, a new rule that would explicitly
require financial institutions to conduct in-depth customer due
diligence to identify the true beneficial owner of accounts.
Current law explicitly requires enhance customer due diligence
in only certain limited circumstances. This may permit illicit
actors to access the financial system undetected and to engage
in transactions that financial institutions may fail to
identify as suspicious. We have gathered a wealth of useful
information on this proposal from written submissions and in a
series of public hearings. We anticipate publishing a proposed
rule for further notice and comment soon.
Finally, I want to note our international efforts to
strengthen the global AML/CFT framework. Given the global
nature of money laundering and terrorist financing and the
increasing interrelatedness of the global financial system, a
secure global framework is essential to the integrity of the
U.S. financial system. Working with several intergovernmental
and international organizations, most notably the Financial
Action Task Force, we are helping lead international efforts to
revise and strengthen global AML/CFT standards.
The United States is home to one of the strongest anti-
money laundering and counterterrorist financing regimes in the
world, but clearly there is work to be done to make our AML/CFT
regime more efficient, effective, and to elicit better
compliance from financial institutions.
I look forward to working with this Committee on these
critical issues and would be pleased to answer your questions.
Senator Warner. Thank you, Mr. Cohen.
Mr. Curry.
STATEMENT OF THOMAS J. CURRY, COMPTROLLER, OFFICE OF THE
COMPTROLLER OF THE CURRENCY
Mr. Curry. Chairman Johnson, Ranking Member Crapo, and
Members of the Committee, I appreciate the opportunity to
appear before you today to discuss what the OCC is doing to
ensure that Federal banks and thrifts have programs in place to
deny money launderers and other criminal elements access to the
banking system.
I cannot overstate the importance of the Bank Secrecy Act
and other anti-money laundering statutes. When it was first
signed into law in 1970, the Bank Secrecy Act was intended to
be another tool in the battle against illicit drugs. Today it
is also an important weapon in combating a host of financial
crimes as well as in the war against terrorism, and that is why
the OCC continues to search for ways to improve our supervision
in this area.
Lately, we have observed a number of instances in which our
largest institutions have failed to meet the requirements of
the Bank Secrecy Act, and the OCC has taken some very
significant enforcement actions against those banks.
In the wake of the financial crisis, too many banks
inappropriately cut staffing and spending for BSA and anti-
money laundering compliance as austerity measures, and our
examiners are now working to ensure that these institutions add
resources they need to maintain solid BSA/AML programs.
Although many of our recent enforcement actions have
involved large banks, BSA is an issue for institutions of all
sizes. In fact, as large banks improve their BSA/AML programs
and jettison higher-risk lines of business, we are concerned
that money launderers will migrate to smaller institutions.
While we are committed to ensuring that all the
institutions we supervise have effective BSA/AML programs in
place, we recognize the increased burden this places on
community banks and thrifts. We will work with these
institutions to help them calibrate their controls to reflect
the risks they face, thereby reducing unnecessary burden.
BSA compliance is inherently difficult. It involves the
challenge of sifting through large volumes of transactions to
identify those with suspicious features, a task made especially
difficult by the ingenuity criminal elements have shown. As a
result, financial institutions and supervisors are devoting
more resources to maintain effective programs.
Most of the problems we find in BSA/AML programs are
attributable to the following root causes: the strength of an
institution's compliance culture, its willingness to commit
sufficient resources, the strength of its information
technology and monitoring processes, and its risk management.
The health of a bank's culture starts at the top, and so it
is important that senior management demonstrate a commitment to
BSA/AML compliance. Employees need to know BSA compliance is a
management priority and that the compliance function will
receive the resources it needs to succeed, including training
and first-rate information technology.
We are currently in the process of drafting detailed
guidance to banks on sound corporate governance processes that
will incorporate many of these concepts, including business
line accountability for BSA/AML compliance and the independence
of the compliance function.
We are also reviewing certain statutory provisions and
exploring whether a regulation or agency issuance interpreting
these provisions would be helpful in enhancing our enforcement
authority against insider wrongdoing in this area. Several
agencies have a role in addressing BSA issues, and we
participate in a number of interagency groups to address them.
Additionally, we regularly provide information, documents,
and expertise to law enforcement for use in criminal
investigations on a case-specific basis. We also work closely
with the Federal Reserve and the other banking agencies, and we
are active participants on the interagency task force that
Under Secretary Cohen formed to examine how this 40-year-old
statutory framework can remain relevant in today's world.
Despite problems we have identified, many financial
institutions have developed strong BSA compliance programs
responsible for detecting and reporting potential criminal
violations to law enforcement. To this point, more than 5.6
million SARs have been collected in the centralized data base
that is maintained by FinCEN, and these reports provide
critical information to law enforcement agencies. The majority
of these SARs have been filed by national banks and Federal
thrifts. These reports play a vital role in combating drug
traffickers and other criminal elements, and we at the OCC
believe Congress should act to clarify and strengthen the safe
harbor for institutions that file SARs.
Banks need to know that they can share information with law
enforcement agencies without incurring liability and that they
can file SARs without running the risk that their bank will be
exposed to litigation for simply complying with Federal law. We
would be happy to work with the Committee in exploring these
ideas.
While there are many challenges ahead of us, we will
continue to work with Congress, law enforcement, other
regulatory agencies, and the industry to develop and implement
a coordinated and comprehensive response to the threat posed to
our Nation's financial system by terrorist and criminal
organizations.
Thank you, and I look forward to your questions.
Senator Warner. Thank you, Mr. Curry.
Mr. Powell.
STATEMENT OF JEROME H. POWELL, MEMBER, BOARD OF GOVERNORS OF
THE FEDERAL RESERVE SYSTEM
Mr. Powell. Thank you, Mr. Chairman. Chairman Johnson,
Ranking Member Crapo, and other Members of the Committee, thank
you for inviting me to discuss the role the Federal Reserve
plays in the U.S. Government's efforts to combat money
laundering and terrorist financing.
The Federal Reserve requires the institutions we supervise
to have an effective BSA compliance program. In coordination
with other Federal agencies, we have adopted regulations and
guidance that explain our expectations for the features of an
effective BSA compliance program.
Banking organizations must also maintain a program for
ensuring compliance with U.S. economic sanctions that is
effective in identifying higher-risk areas within a bank's
operations and screening and reporting prohibited transactions.
As part of these programs, institutions we supervise must
provide law enforcement with the reports prosecutors need to
investigate suspicious activity. The Federal Reserve reviews
these BSA and OFAC compliance programs as part of our regular
safety and soundness examination program for the approximately
1,060 State member banks, State chartered branches and agencies
of foreign banking organizations, and Edge Act and other
corporations we supervise.
We also conduct targeted examinations of financial
institutions that show signs of being vulnerable to illicit
financing. To ensure consistency, we use procedures developed
jointly in a joint manual with FinCEN, OFAC, and the other
members of FFIEC. Importantly, the Federal Reserve takes the
findings of our BSA and OFAC exams into account in determining
the institution's examination ratings.
The Federal Reserve devotes substantial resources to BSA
and OFAC compliance. In addition to its examination force, each
Federal Reserve Bank, each of the 12, has a BSA/OFAC specialist
and coordinator, and the Board's Division of Banking
Supervision and Regulation has long had an anti-money
laundering section, overseen by a senior official, who is here
with me today, to help coordinate the system efforts.
We also coordinate with other agencies. For example, the
Federal Reserve brings every instance of a serious anti-money
laundering deficiency or violation to the attention of FinCEN,
OFAC, the Department of Justice, State law enforcement, the
Federal banking agencies, and State regulators, as appropriate,
as part of our enforcement program.
We also participate in a number of interagency and
international groups that develop standards for and coordinate
interagency compliance, monitoring, and enforcement efforts.
While the majority of institutions we supervise have well-
administered and effective BSA and OFAC compliance programs,
some cases require the use of our enforcement authority. In the
last 5 years, we have issued 113 enforcement actions relating
to BSA and OFAC compliance, including 25 public cease-and-
desist orders and written agreements, and imposed hundreds of
millions of dollars in civil penalties. These actions involve
institutions that are large and small, domestic and foreign. In
each case, the Federal Reserve has required the institution to
take corrective measures to ensure that its programs are
brought into compliance.
Many of the recent U.S. sanctions cases the Federal Reserve
has pursued involve foreign banks with operations that extend
across many different countries. Foreign banks that operate in
countries without sanctions similar to those imposed by the
United States have not always had in place mechanisms to ensure
transactions routed through the U.S. comply with U.S. law. The
Fed's enforcement action against ABN AMRO in 2005 triggered
important changes in cross-border payment practices.
The Federal Reserve has played a key role in developing the
standards that have since been adopted to improve transparency
in cross-border payment messages, including the standards
operated by Basel and SWIFT. These standards require the
expanded disclosure of the originator and beneficiary on
payment instructions sent as part of a cover payment.
The Federal Reserve places great importance on ensuring
that the institutions we supervise comply with the BSA and U.S.
economic sanctions. When we find problems at a supervised
institution, we demand specific corrective measures, by
specific dates, and we take strong enforcement measures when
necessary. We will continue these efforts and work
cooperatively with law enforcement and other financial
regulators to ensure a coordinated response to the threat posed
by illicit financing to the U.S. financial system.
Let me conclude by saying that we recognize that money
laundering and illicit financing threats have become more
complex and, in addition, the financial markets have evolved so
that the BSA/AML framework, which was established decades ago
and based primarily on a bank-centric model, may no longer be
fully effective. We, therefore, join with the Treasury
Department, the OCC, law enforcement, and other banking
agencies to conduct a zero-based review of the U.S. supervisory
and enforcement regimes for BSA/AML compliance. This review
will provide the basis for identifying potential improvements
to the AML framework and developing recommendations to
implement those improvements.
Thank you.
Senator Warner. Thank you, gentlemen. I appreciate your
testimony.
We will put 5 minutes on the clock for us, but since it may
just be a few members, we will get a good chance to get into
some depth and detail.
You know, I saw I believe it was the Attorney General
recently made a statement that I would like to get some
clarification from all of you, that there were concerns that
some banks were potentially too large to prosecute in terms of
their potential effect upon the economy. I do not personally
believe that it can be the position of the U.S. Government that
any institution should be too large to prosecute. As someone
who was quite involved in Title II of Dodd-Frank, putting in
place resolution authority and the ability to get both at the
management and shareholders of firms, mostly here focusing on
prudential standards, safety and soundness, but there is some
question as well, as we look at BSA/AML enforcement, while the
Committee has put forward 10 cases, these are all cases that
have been--where there has only been monetary fines. There has
not been actually prosecution of an institution. There has not
been prosecution of individuals.
And I guess what I would want to start with is, as the
Chairman mentioned earlier in his opening remarks, how do we
ensure that we have strong BSA/AML compliance standards within
these institutions? How do we ensure that we make sure that
during times of financial stress compliance is not being cut
back on? And do you each feel we have the appropriate tools
where, as necessary, to move beyond just the fine capacity but
to actually--each of you have got tools to be able to bar
individuals from continuing to pursue--or bar individuals from
being involved in the banking system? And how do we make sure
those tools are effectively used? And I would like to hear from
each of you. Briefly, if possible, because I have got a couple
more rounds.
Mr. Cohen. Certainly. Thank you, Senator Warner. I will
address this in two ways.
I think we do have a number of tools that we have used in
the past and that we are intending to use in appropriate cases
in the future to ensure that when there are enforcement actions
to be taken against institutions and individuals, that we do so
and are vigorous in our enforcement efforts. I set out, as I
said, in my testimony some of the prior enforcement actions,
but I have also said and want to reiterate that one of the
objectives of the review that is underway now at FinCEN is to
consider ways for FinCEN's enforcement authority to be even
more effectively discharged, including looking at ways to take
action against individuals--officers, directors, shareholders,
partners, whoever it may be--if they are themselves involved in
the misconduct that----
Senator Warner. And is part of that looking at actually
having these officers and directors sign off on compliance work
in a stronger way than they do right now?
Mr. Cohen. Well, it is that as well as, I think, more
aggressive action with respect to those individuals, including
the possibility of barring them from the industry and other
injunctive action.
So we are looking at the full range of ways to continue to
enforce aggressively as well as to enhance our enforcement
efforts, and I think we have the legal authority to do that.
Frankly, it is our intention to ensure that we exercise that
authority in----
Senator Warner. I want to hear from the other gentlemen.
Please.
Mr. Curry. Thank you, Senator. At the OCC our job is to
make sure as a civil enforcement agency that the banks have
effective and adequate BSA/AML programs on an ongoing basis
within the institutions. We conduct annual assessments of those
systems, and if we find deficiencies, it is our policy to
demand remedial action. If remedial action is not taken or it
is a serious issue, we will proceed to use the arsenal of both
informal and formal enforcement powers we have
administratively.
One of the areas that I focused on since becoming
Comptroller is really to emphasize the corporate governance
aspects of BSA compliance. That is part of the reason why we
are developing and will be issuing soon specific guidance on
what the expectations are for board and management
accountability. And those have also served as important parts
of our enforcement orders that we have issued in the last
several months. They focus in a detailed fashion on the roles
and responsibilities of operating management, and the board of
directors as well.
Senator Warner. Mr. Powell.
Mr. Powell. Thank you, Senator. I will start by addressing
your first question, which was the comments of the Attorney
General yesterday, and I just want to say it is fundamental in
this country that everyone is equal before the law, and I think
his comments only underscore the need to end too big to fail
and the need for the agencies to forcefully implement Title I
and Title II as it relates to too big to fail. Just to address
that part of your comment.
In terms of enforcement, I do not have that much to add. I
would just say that we examine for BSA compliance as part of
our regular examinations on a 12- to 18-month schedule for all
of the institutions that we examine. We have a well-worked-out,
commonly agreed manual, and we have an accelerating series of
sanctions. We are all very focused on assuring that those are
adequate to the task, and we are particularly focused on
enterprise-wide global risk--risk assessment and risk
management mechanisms, compliance mechanisms that address this
cross-border issue.
Senator Warner. Let me just say, before I turn to Senator
Reed, just that--and I will come back to this in the second
round--I also have an enormous concern that the length of time
to prosecution and the amount of potentially illegal and also
potentially threatening in terms of terrorist financing, Iran a
case in point, I want to come back to see how we can intervene
even before perhaps an enforcement action needs to be taken so
that we do not have this long drag period.
Senator Reed.
Senator Reed. Well, thank you very much, Mr. Chairman, and
this is an incredibly important hearing. I just came from the
Armed Services hearing, and we are talking with General Ham
down in Africa Command, and the reality is these terrorist,
criminal narco-syndicates need money. Without it, they are a
nuisance. With it, they are potentially devastating opponents
of the United States. And what you do is absolutely critical to
shut off their ability to operate. And if we do not, then the
alternative is not only very difficult for us, leading up to
military action, but extraordinarily expensive. So I just want
to emphasize how critical your roles are and how important this
issue is. We cannot say it enough, because if you do your work
right, then we do not have to contemplate or implement much
more dangerous and expensive options.
But let me echo a point that the Chairman made, I think
very well, to Secretary Cohen, which is that under Sarbanes-
Oxley, for example, we require a chief executive to sign off on
the financial statements, and that seems to have put a lot of
vigor into the review of these issues that is lacking under the
Bank Secrecy Act. I know you mentioned you are considering it,
but I guess I would urge you to serious consider it. Can you
comment again?
Mr. Cohen. So, Senator Reed, I first want to say I
wholeheartedly agree with your first comment and can tell you
that the work that we do on the domestic anti-money laundering
regime and the work that we do internationally in our various
sanctions regimes is designed to accomplish exactly what you
highlighted.
With respect to elevating within the institution the
obligation to sign off on the AML program, I think under
current law it needs to be adopted by the board and reflected
in the minutes of the board, the AML program. I think one of
the things that the AML task force that I convened and that
both of my colleagues here participate in, as well as others,
is looking at how to adjust the regulatory requirements to be
more effective. And I think this is an area that we will take
up, and I think it is a worthy suggestion.
Senator Reed. Thank you, and I think you have got to move
expeditiously, too, because the threats out there are not--they
are getting worse each moment.
Mr. Curry.
Mr. Curry. Senator, I share your concern. We are focusing
on the corporate governance aspects. We believe that top
management and the board needs to be held responsible for
effective BSA/AML compliance, and that is part of the reason
why we are going to be issuing our corporate governance
guidance. And in our orders, I want to point out the board of
directors has to sign our orders, the orders that are
outstanding, which specify that they are responsible for the
program, and if they fail to comply with that order, they face
personal liability in the form of civil money penalties.
Senator Reed. Yes, but just going to the long--this goes
back to the Annunzio-Wiley anti-money laundering before. You
have injunctive authority. I do not think the Comptroller has
ever used it, et cetera. I do not think, to my knowledge, you
can cite any specific incidence where someone has been
seriously sanctioned, a director or--is that accurate, or am
I--I want to be clear.
Mr. Curry. That is an issue that we are pursuing. That is
part of the reason we are looking at interpreting provisions of
Section 8(e) of the FDIC Act. There are terms used there--I am
paraphrasing--excusing inadvertent or unintentional violations.
We want to tighten up that language so that we can have greater
ease in bringing removal or prohibition actions under the FDIC
Act.
Senator Reed. Governor Powell, you are specifically
responsible for the branches of foreign banks in the United
States. In that role, any comments you might have, particularly
a general question whether any fines against these institutions
are effective or they are simply passed on to the consumers?
Mr. Powell. We examine them under the same manual and in
the same way as the OCC examines national banks, and we treat
them from an enforcement standpoint in exactly the same way. We
believe it is fundamentally reasonably effective.
I think you raise good questions that are going to receive
very serious consideration at the task force, but I believe we
do treat them essentially as we treat American banks.
Senator Reed. Thank you very much, gentlemen, and if I can
get back, I would love to do a second round. Thank you.
Senator Warner. Senator Warren.
Senator Warren. Thank you, Mr. Chairman, and thank you to
all three for being here today.
As Senator Reed just pointed out, the U.S. Government takes
money laundering very seriously for a very good reason, and it
puts very strong penalties in place. In addition to monetary
penalties, it is possible to shut down a bank that has been
involved in money laundering. Individuals can be banned from
ever participating in financial services again, and people can
be sent to prison.
Now, in December, HSBC admitted to money laundering, to
laundering $881 million that we know of, for Mexican and
Colombian drug cartels and also admitted to violating our
sanctions for Iran, Libya, Cuba, Burma, the Sudan. And they did
not do it just one time. It was not like a mistake. They did it
over and over and over again across a period of years. And they
were caught doing it, warned not to do it, and kept right on
doing it, and evidently making profits doing it.
Now, HSBC paid a fine, but no one individual went to trial,
no individual was banned from banking, and there was no hearing
to consider shutting down HSBC's activities here in the United
States.
So what I would like is--you are the experts on money
laundering. I would like your opinion. What does it take? How
many billions of dollars do you have to launder for drug lords
and how many economic sanctions do you have to violate before
someone will consider shutting down a financial institution
like this? Mr. Cohen, can we start with you?
Mr. Cohen. Certainly, Senator. No question the activity
that was the subject of the enforcement action against HSBC was
egregious, both in the money laundering that was going on at
HSBC and the sanctions violations.
For our part, we imposed on HSBC the largest penalties that
we had ever imposed on any financial institution. We looked at
the facts and determined that the appropriate response there
was a very, very significant penalty against the institution.
Senator Warren. Let me just move you along here, though, on
the point, Mr. Cohen. My question is: Given that this is what
you did, what does it take to get you to move toward even a
hearing, even considering shutting down banking operations for
money laundering?
Mr. Cohen. So, Senator, we at the Treasury Department under
OFAC and FinCEN authority do not have the authority to shut
down a financial institution.
Senator Warren. I understand that. I am asking, in your
opinion--you are the ones who are supposed to be the experts on
money laundering. You work with everyone else, including the
Department of Justice. In your opinion, how many billions of
dollars do you have to launder for drug lords before somebody
says, ``We are shutting you down''?
Mr. Cohen. Well, I think the authority to pull a license,
pull the charter, is the authority that is committed to the
supervisors, to the OCC, the Fed, whoever the supervisor may
be. We take these issues extraordinarily seriously. We
aggressively prosecute and impose penalties against the
institutions to the full extent of our authority. And as I said
earlier, one of the issues that we are looking at----
Senator Warren. I am not hearing your--I am sorry. I do not
mean to interrupt, and I just need to move this along. But I am
not hearing your opinion on this. You are supposed to be,
Treasury is supposed to be one of the--you are the leaders in
how we understand and work together to stop money laundering.
And I am asking: What does it take even to say, ``Here is where
the line is. We are going to draw a line here, and if you cross
that line, you are at risk for having your bank closed''?
Mr. Cohen. So, Senator, we are mindful of what our
authorities are, mindful of what the supervisors' authorities
are. We will and have and will continue to exercise our
authorities to the full extent of the law. The question of
pulling a bank's license is a question for the regulators----
Senator Warren. So you have no opinion on that? You sit in
Treasury, and you try to enforce these laws. And I have read
all of your testimony. You tell me how vigorously you want to
enforce these laws. But you have no opinion on when it is that
a bank should be shut down for money laundering? Not even an
opinion?
Mr. Cohen. Of course, we have views on----
Senator Warren. That is what I asked you for, your views.
Mr. Cohen. But I am not going to get into some hypothetical
line-drawing exercise, but I will----
Senator Warren. Well, it is somewhere beyond $881 million
of drug money.
Mr. Cohen. Well, Senator, the actions--and I am sure the
regulators can address this issue. The actions that we took in
the HSBC case we thought were appropriate in that instance.
Senator Warren. Governor Powell, perhaps you could help me
out here.
Mr. Powell. The authority to shut down an institution or
hold a hearing about it I believe is triggered by a criminal
conviction, and we do not do criminal investigations, we do not
do trials or anything like that. We do civil enforcement, and
in the case of HSBC, we gave essentially the statutory maximum
civil money penalties, and we gave very stringent cease-and-
desist orders, and we did what we have the legal authority to
do.
Senator Warren. I appreciate that, Mr. Powell. So you are
saying you had no advice to the Justice Department on whether
or not this was an appropriate case for a criminal action?
Mr. Powell. The way it works is the Justice Department has
total authority. This is the heart of what they do.
Senator Warren. I understand that.
Mr. Powell. It is the heart of their jurisdiction to decide
who gets prosecuted and for what. It is not our jurisdiction.
They do not do monetary policy. They do not give us advice on
that. We collaborate with them, and we discuss with them--we
have collaborated with them, and we did on HSBC. They asked us
specific questions: How does this statute apply? What would
happen if we did this? We answered those questions. That is
what we do.
Senator Warren. So what you are saying to me is you are
responsible for these banks, and, again, I read your testimony,
and you talk about the importance of vigorous enforcement here.
But you are telling me you have no view when it is appropriate
to consider even a hearing to raise the question of whether or
not these banks should have to close their operations when they
engage in money laundering for drug cartels?
Mr. Powell. I will tell you exactly when it is appropriate.
It is appropriate where there is a criminal conviction.
Senator Warren. And so you have no view on it until after
the Justice Department has done that?
Mr. Powell. Again, the Justice Department makes that
decision. We play our role in that. We have a constant dialog
with them, around--a broad range of violations that take place.
We always have the Justice Department involved. But when they
make these decisions, they make them themselves.
Senator Warren. I understand that I am over my time, and I
will just say here, you know, if you are caught with an ounce
of cocaine, the chances are good you are going to go to jail.
If it happens repeatedly, you may go to jail for the rest of
your life. But evidently if you launder nearly $1 billion for
drug cartels and violate our international sanctions, your
company pays a fine and you go home and sleep in your own bed
at night, every single individual associated with this. I think
that is fundamentally wrong.
Senator Warner. Senator Kirk.
Senator Kirk. I appreciate the Senator's driving this
issue. You would think--I agree with most of the direction you
are going in. You would think there would have been one hell of
a penalty for money laundering for terrorists who are building
nuclear weapons. You would actually think and hope that you
would get a clear answer. I thank the Senator.
Mr. Chairman, over to you.
Senator Warner. Senator Merkley.
Senator Merkley. Well, thank you very much, Mr. Chair.
The first political act in my life, at least as far as I
can recall, was when I was a junior in high school, and I was
reading the evening newspaper in Portland, and it reported that
Vice President Spiro Agnew had been convicted of accepting
bribes. This memory is decades old, so I may not have the
numbers quite right. It was something like he accepted $100,000
in bribes, and his penalty for his criminal conviction was a
$10,000 fine. And I sat down and wrote a letter to the
newspaper, the Oregon Journal, and said, ``How can anyone
believe that there is justice, that if you take $100,000 you
only get charged 10 percent of it? How is that possibly
justice?''
And I find myself asking exactly the same question in this
situation. On, I believe it was, the day after the announcement
that HSBC had essentially been caught laundering billions of
dollars in funds, there was a story about a woman who her
boyfriend had stored I believe a suitcase or a coffee can with
his drug money in her upstairs or her attic or something like
that, and she was doing something like 10 years in prison for
having that tangential connection to the flow of this illegal
money.
So if an individual gets 10 years in prison, can you
explain, each of you, how you would explain to an ordinary
citizen in America that a company which launders billions of
dollars tied to criminal syndicates that in northern Mexico
40,000 people have died--I do not know about the terrorist side
of this, but the drug side is pretty well documented. How do we
explain that that is a system of justice in the United States
of America? Mr. Cohen.
Mr. Cohen. Senator Merkley, as I am sure you know, it is
the Justice Department that determines----
Senator Merkley. I understand. I am asking you your
opinion. How would you explain to your neighbor asking you,
saying, ``You are a high official in the U.S. Government. This
is the decision our Government made.'' What would be your
personal sense of it?
Mr. Cohen. What I would tell my neighbor is, first of all,
the agencies within my area of responsibility took action in
this circumstance in an extraordinarily aggressive way and in a
powerful way and beyond anything we had ever done previously.
With respect to the Justice Department, we of course, were
working on this investigation with the Justice Department, but
at the end of the day, it is the Justice Department's sole
prerogative to determine who to prosecute, when to prosecute,
and what to charge.
Senator Merkley. Let me interrupt for a minute. While you
are working with them on this, if a member of the Justice
Department said, ``David, what is your opinion? Should we
prosecute?'' Your response would be?
Mr. Cohen. Well, Senator, I think it depends whether you
are asking me, personally asking me as the Under Secretary. And
it also depends on what the ``it'' is, whether we are talking
about prosecuting an individual, prosecuting an institution,
what the charges may be. These are all issues that----
Senator Merkley. So you say to the Justice Department, you
say, ``Well, I am working very closely with you. I want to know
what if, should we do individuals or should we do the
corporation?'' And he says, ``I would like your opinion on
both.'' And so then you say, ``My opinion on the individuals is
X, and my opinion on the corporation is Y.'' And your opinion
is?
Mr. Cohen. Let me say my role in the Treasury Department
and I think the Treasury Department more broadly, our role is
to----
Senator Merkley. I understand that. That was not my
question. But you are welcome to simply say, ``I do not feel it
is appropriate for me to answer your question.'' That would be
better than just pretending not to answer it.
[Laughter.]
Mr. Cohen. No, I--I was trying to answer your question. But
it is not our role to advise the Justice Department on how to
exercise their prosecutorial discretion.
Senator Merkley. Thank you.
Mr. Curry.
Mr. Curry. Perhaps it might be helpful, Senator, to explain
how we arrived at the penalty that we imposed at the OCC, the
$500 million penalty.
Senator Merkley. I am pretty familiar with that. That is
not the heart of my question.
Mr. Curry. I think it reflects what we are trying to do
from a civil enforcement standpoint to make sure that----
Senator Merkley. I do not want you to recite history I am
already familiar with. Let me ask the question differently. Do
we have a situation where banks have become so large that, in
the words of Attorney General Holder, if you prosecute them,
``it will have a negative impact on the economy and the
financial system at large''? And does that mean essentially we
have a prosecution-free zone for large banks in America?
Mr. Curry. It is my view that no bank is above the law. As
Governor Powell stated earlier, if in a particular case the
Justice Department met the requirements of the statute, that
there was a criminal conviction for any money-laundering
violations, I would start the process under the National Bank
Act to consider----
Senator Merkley. Yes, and I appreciate that, and I realize
that is where you responsibility comes in, and it comes in
after the prosecution and the conviction.
Mr. Curry. I would not hesitate to start that process.
Senator Merkley. Thank you.
Governor Powell, does this create a fundamental concern
about a fair system of justice across America?
Mr. Powell. Yes, it does. It is absolutely fundamental that
we are all equal before the law, and that is why we are all
committed to ending too big to fail. And in the first instance,
Congress has passed Dodd-Frank. The agencies are vigorously
implementing Title I and Title II and carrying out the plan
that you have given us, led by the FDIC, but we are all
involved--to eliminate too big to fail. And I think that has
been well done.
The question in the end is: Is it enough? And I think we
will know the answer to that in the relatively near future. It
is not a game plan that can be implemented overnight. But until
we finish that, I could not look this guy in the eye. You asked
me to explain to him how it is fair? I cannot do it.
Senator Merkley. Thank you for that very direct answer.
Thank you, Mr. Chair.
Senator Warner. I think before I move to Senator Heitkamp,
I just want to--the point that we have all been raising, and I
think that Senator Warren and Senator Merkley raised, while
each of you kind of say, all right, let us pass the potato over
to the Justice Department and we are only going to act there,
let us remind you what Senator Reed has already made mention
of. You have other remedies other than fines in terms of
injunctive action and removal authority that has not been used,
and I think we are all--and, again, I want to make sure I
observe the rules I am trying to hold everybody else to.
Senator Heitkamp? But I just want to make that point, that it
is not an either/or the way you have responded to each of these
Senators.
Senator Heitkamp. Changing the subject just a little bit,
do you think there is an effective deterrent based on how you
have handled these cases in the past? If you were a bank
executive today faced with the opportunity to make millions and
millions of dollars laundering drug money, or facing you guys,
looking at, you know, what you are going to suffer in terms of
the consequences, do you think there is an effective deterrent
today to prevent this from happening again? I would ask Mr.
Cohen first.
Mr. Cohen. I will answer that in two parts.
With respect to sanctions evasion, the stripping cases in
particular, I think there is effective deterrence. I think we
have gotten the attention of the international financial
institutions as well as the U.S. financial institutions. They
understand that these practices of stripping international
payment messages will be found and will be addressed in a very
serious manner.
The money-laundering side of things, I think that is a fair
question. I think that is part of the reason that we are
engaged in the processes that we are engaged in, is to
understand whether we need to have more effective deterrence.
Senator Heitkamp. And, Mr. Cohen, just for my edification,
you know, I was an Attorney General. I was somebody who did
both civil and criminal prosecution. And I can assure you
criminal prosecution in white-collar crime is much more
effective than fines and penalties and shame that you might
experience when you are walking into a courtroom. Unless you
are willing to work collaboratively--and I think everybody here
understands that you are looking at your jurisdiction, trying
to explain what your agency has done. But my question back to
you is: How could you collaborate in a more effective way with
the Justice Department to ensure that we will see prosecutions
that Senator Warren here has so eloquently begged for? How can
we make that happen?
Mr. Cohen. Well, I would just say this, Senator: The
Justice Department is part of the exercise that we are
undertaking. They are part of this AML task force. Part of what
we are looking at is more effective enforcement, both the civil
and the criminal side. And so that is an issue that we are
addressing in that work.
Senator Heitkamp. Yes, but, Mr. Cohen, one of the
disturbing parts of this dialog that we are having is that at
every sense there seems to be, ``It is not my job, it is not my
problem,'' that this is someplace else. And one of the great
tragedies, I think, for the American people looking at
Government is too much ``It is not my job.'' And so what we are
really asking is that this be everybody's job. I would move on
to Mr. Curry.
Mr. Curry. Senator, I agree with you. In our testimony, we
highlight the concerns we have over corporate governance. We
believe at the OCC that you need to hold CEOs and the boards of
directors accountable for BSA/AML policies and procedures and
their compliance program. You need to establish that basic
premise first before you can start assessing criminal or civil
liability, and that is where we are going. That is why we are
looking at our authority under Section 8 of the FDIC Act to
actually remove from office or prohibit from banking those
individuals that violate BSA programs. So we are looking to try
to tighten up the legal duties and authorities of individuals
at banks and then to enable us to take an appropriate level at
the civil, administrative level, and potentially to assist the
criminal authorities.
Senator Heitkamp. I understand that, and the problem is
that the expertise is with your agencies, and you are asking
the Justice Department or the Justice Department sees a lot of
complexities in what you do, and there does not seem to be a
real opportunity for a comfort level of a prosecution that
needs to happen, at least needs to be tried, needs to be
attempted.
Mr. Curry. We have a consistent and longstanding practice
of cooperating fully with the Justice Department in criminal
investigations and will continue to do that.
Senator Heitkamp. But I would say that in these cases that
cooperation has failed to achieve a result that is acceptable
to the American public.
Governor.
Mr. Powell. There are strong incentives that we have
provided to the banks to put in very strong compliance
programs. We can always do better. I think what you hear from
us is that the area where we are focusing is on collaborating
better and coming up with ways to strengthen the supervision,
and my colleagues have talked about some of those.
But the incentives to deal seriously with compliance are
large in the wake of these latest events. The other side of it,
though, is that the bad guys have huge incentives to find new
ways to penetrate, and the issue is--we have to stay ahead of
that. It is not a static game. They are very well funded. They
have great resources, and you have got this global financial
system with prepayment cards and mobile payments and that kind
of thing.
So we are in a race with them to stay ahead and I think
that is really the risk. It is not that the banks do not take
it seriously, although we can certainly help with that, too.
Senator Heitkamp. I agree, Governor. Ever more reason to
use the very limited resources we have in enforcement in a very
efficient and very collaborative way.
Senator Warner. I would just again, before--Senator Kirk
did not get his full round. I want to go back to Senator Kirk.
But we have got this continuum that goes from fines to
injunctive to removal to Justice Department prosecutorial. We
have only used one of the series of tools, and because it takes
so long to prosecute, in the interim you have actions going on,
whether it is--Senator Merkley mentioned drug laundering, or
Senator Reed mentioned, you know, potentially financing of
terrorists.
Senator Kirk.
Senator Kirk. I just wanted to take the opportunity, based
on what we have learned today from Treasury, to ask Senator
Warren to join me in a big bank money-laundering practice where
we just handled drugs and terrorism. I think we can make a
killing that way, and no danger of prosecution.
[Laughter.]
Senator Kirk. Nothing to fear from the Government.
Senator Warner. I am not sure you are--you are not citing
that for the record, are you?
[Laughter.]
Senator Warner. Senator Manchin.
Senator Manchin. Thank you, Mr. Chairman. I am sorry I was
late. I had two other Committee meetings. But I understand it
has been a little bit spirited, and I am sorry I missed that,
too.
We all have a hard time understanding why you have not
cracked down on banks that are using illicit funds, something
that is just wreaking havoc, is of epidemic proportion, and
drugs in American culture, and you have a chance to do it. And
I do not know what else--what tools do we need to give you all
as regulators to shut these people down? Is there something you
are lacking in your tool box right now? Can anybody speak to
that?
Mr. Curry. Senator, in our testimony, we have actually
asked for the Committee to consider tightening up the safe
harbor provisions for banks to actually file suspicious
activity reports without facing potential civil liability for
doing that.
We have also asked for authority to expand the safe harbor
to allow them to share the information from suspicious activity
reports so that if there is a particular criminal activity or
use of the system, that institutions could share that among
themselves so that they could not allow the migration of
illegal activity to occur, or to help the law enforcement
officials----
Senator Manchin. I think what you are hearing is those of
us who are frustrated that what tools you do have you are not
using. I come from the little State of West Virginia where
there is a lot of common sense, which you do not find very
common up here in Washington. And basically we never had bank
failures, we never had closures, because we still had just
common-sense procedures. You had to have a little skin in the
game. You could not be buying something you could not afford.
So on a different scale, we were basically living within our
means, and we were enforcing that. And our banks did not
collapse and fail, and we did not have a mortgage bubble burst
on us.
And what we are saying is if we give you more tools and you
will not use the ones you have today, that is our concern. That
is the frustration from the--this is one thing you see us
probably united from the Democrat and Republican side, and
there are very few things that you will find that we have had
chances to agree on, but this one we do, and I think we are so
frustrated. And if the banks are going to do business in this
country, they should do them by our values. And if you do not
enforce those values, you know, we have got to find people that
will enforce those values, I think is what we are saying.
We just want our country to be what we believe would help
us in growth and get back to the values we believe in, and the
drug cartels and all the illicit trade that goes on and the
banks are being a harbor and putting their money because it is
a safe haven is not something we condone as Congress, I do not
believe. And that is what we are asking.
Sir, if you would speak to that?
Mr. Cohen. I could not agree with you more, Senator, and
what I have committed to this Committee and what we are doing
at the Treasury Department is reviewing what we have done and
ensuring that the authorities that we have we exercise to the
full extent of their capacity.
As I noted earlier, one of the areas where we think we have
not been sufficiently aggressive is in going after individuals
and institutions who are responsible for the conduct that has
resulted in fines and penalties against the institution itself.
That is something that we are committed to pursuing and will
pursue in the appropriate cases in the future. So I----
Senator Manchin. But the HSBC, I mean, they paid the
largest fine in history, and nobody was prosecuted. Not a thing
was done. But you found them guilty.
Mr. Cohen. I cannot speak to the Justice Department's
decision not to prosecute in the HSBC case. It is the Justice
Department's decision to make. I can tell you from our
standpoint, we applied very significant penalties against the
institution there on the judgment that the conduct that we saw
was institution-wide, it involved a pattern of behavior over a
number of years that the institution was the appropriate entity
to apply the penalties against in that instance.
Senator Manchin. Mr. Chairman, I am running out of time. I
would just ask for the consideration of the Chair, if you would
ask the DOJ to come and give testimony on why they have not
prosecuted, why they will not enforce the laws of our land, if
you would ask and request them to appear before this Committee?
Senator Warner. I will consult with the actual Chair to
make that request, but----
[Laughter.]
Senator Manchin. You are the actual Chair today, sir.
Senator Warner. At least today. I think what you are
hearing from all of us is an enormous concern, coupled with
some of the comments the Attorney General made, and I
appreciate Mr. Powell's directness that, you know, we have got
to make sure there is no institution that is too large to
prosecute.
There is also a concern, starting on the second round now,
that even short of punting all this to the Justice Department,
there are other tools that you all have not used in terms of
injunctive relief, removal activities, suggestions in terms of
further compliance activities of senior management in terms of
owning compliance, as well as, you know, how do we make sure on
a going-forward basis that in moments of fiscal risk, the
compliance department is not the first place the bank cuts? I
would like an answer to that, but let me pose a second part to
this question.
I also have an enormous concern, when you look at not
just--we have talked about HSBC, but there are 10 other cases
that the Committee has cited. Each of these are cases that have
taken literally years to get to the fine stage, let alone the
fact that there has not been actual prosecution.
The concern I have is that in that interim period, how open
are you and what other tools--Mr. Curry, you mentioned safe
harbor--so that we can notify or put on notice at least so that
these activities do not continue until you get around to
actually issuing a fine or taking action? Number one. And,
number two, echoing what Mr. Powell has said, you know, this is
an issue that is going to just get tougher and tougher as we
move into these mobile banking technologies, as we think about
the intersection between drug trafficking, money laundering,
terrorist financing, and cyber activities, and are there points
that, as we consider cybersecurity legislation, we ought to
have a component that overlaps with existing BSA and AML
legislation? But if you could take each of those, but
particularly the piece about how do we make sure that in this
interim period between discovery of potential money laundering,
drug activity, or terrorist financing and the time when you
feel like you can actually bring some kind of case--and we all
say the cases have not been stringent enough. It appears to be
years in that activity in many cases seems to have been ongoing
during that period. Let us start with you, Mr. Cohen.
Mr. Cohen. So, Senator Warner, I think the answer to that
is both to ensure that we are investigating these cases as
rapidly as possible and coordinating, and part of what you have
heard today is that one of the things that we are looking at is
how to ensure that we are sharing the information among the
agencies that investigate these cases as efficiently as
possible.
But, second, the other point----
Senator Warner. Let me just interrupt you there. One of the
things that is clear from each of your conversations is that we
have a lot of stovepipes here.
Mr. Cohen. Right.
Senator Warner. Everybody seems to be passing the hot
potato. You are responsible for putting this interagency task
force together. Would you commit today to make sure that you
will brief Committee staff on the progress of those interagency
sessions.
Mr. Cohen. Certainly. I am happy to do that. And one of the
things that this interagency task force is designed to do is to
break down stovepipes to the extent that they impede the
exercise of our authorities.
But then the other point I would just make is, talking
about injunctive authority, I think we will go back and look at
whether there is the possibility of taking injunctive action
during the course of an investigation as sort of a preliminary
measure to ensure that the conduct stops before we get to the
finish line.
Senator Warner. So you feel like using the injunctive
authority, that would allow you to notify the institution, to
at least put them on warning, short of maybe a Justice
Department proceeding or a fine, that you are not just going to
allow this action to continue?
Mr. Cohen. I want to make sure that our current authority
allows us to do that, but if so, then that is something that--
--
Senator Warner. I want to make sure I get a word from Mr.
Curry and Mr. Powell on how we--again, the question--I have got
a series, but the question with the remaining time I have got
is--we all want you to be more aggressive here, but in that
interim period between--and this is the case, obviously, across
the board on many criminal investigations, between launching an
investigation and bringing a prosecution, how do we make sure
that the activities----
Mr. Curry. I would like to clarify something about the
process.
Senator Warner. Please.
Mr. Curry. If we are on-site examining an institution and
we detect unacceptable activity or behavior, we require it to
stop then and there and the remediation to occur regardless of
whether or not we get to the point in the future of issuing a
CMP order or a C&D. So immediately upon detection, we require
corrective action.
You asked about injunctive authority. We have and use civil
injunctive authority through our consent orders. They have
affirmative covenants in them that require certain activity to
be taken or to refrain from taking other activity.
And with our recent orders with national banks, we have
actually prohibited them from re-entering areas that have been
of concern or starting into other high-risk activities.
So we are doing things in terms of the prompt, immediate
effect that will be followed up by CMP at a later date.
Senator Warner. Well, I guess I would simply ask--and I
want to hear Mr. Powell and then move to Senator Warren. There
are 10 separate cases--we are focusing on HSBC, but there are
10 separate cases that the Committee has laid out. It would
seem to me, in at least my reading of the materials, that there
was a considerable lag time between discovery in each of these
times and ultimate action, and that there was not action taken
by the prudential regulator in a timely fashion in many of
those cases.
Mr. Powell.
Mr. Powell. Senator, I believe that we also require
immediate remediation when the violations are discovered. What
takes a long time is that we require these institutions to go
back and go through millions and millions of transactions to
find all the things that they have done wrong. It takes a long
time, and it is very labor intensive--a very simple but labor-
intensive process. And then the actual enforcement action comes
sometime later. But that does not mean that the violations have
continued. At the point when many of these have been
identified--they have turned themselves in on almost all of the
sanctions cases. In many of them they have put a stop to this
kind of thing, and then they are just working on putting
together the compliance order.
Senator Warner. Thank you.
Senator Warren.
Senator Warren. Thank you, Mr. Chairman.
I just want to follow up to make sure that I am just
following what is going on here. So do you consult with the
Department of Justice on each of these major drug-laundering
cases and terrorism cases? Is that right, Mr. Cohen?
Mr. Cohen. Certainly in the course of the investigation,
there is, you know, a constant dialog among the investigators
about what is being found, what the facts are, sharing
information.
Senator Warren. And so when the Justice Department is
making the decision about whether or not to make a criminal
prosecution, do they ask you about the impact on the economy
for one of these large banks?
Mr. Cohen. So I cannot speak to every instance whether that
occurs. That did occur in the HSBC matter. We told the Justice
Department that we were not in a position to offer any
meaningful assessment of what the impact might be of whatever
criminal disposition they may take. But I would distinguish
between the ongoing communication among investigators to the
ultimate----
Senator Warren. Wait. I want to make sure I understand what
you just said. The Justice Department, in making its decision
whether or not to pursue a criminal prosecution, checked with
the Department of Treasury to determine your views on whether
or not there would be a significant economic impact if a large
bank were prosecuted? Is that what you just said?
Mr. Cohen. What I said was the Justice Department contacted
us, asked whether we could provide guidance on what the impact
to the financial system may be of a criminal disposition in the
HSBC case. We informed the Justice Department that, given the
complexity of the potential dispositions, given the fact that
we are not the prudential regulator, given the fact that we are
not privy to the different charges that the Justice Department
may bring, and we are not privy to the responses that the
regulators may have to the variety of different ways that the
Justice Department may resolved the case, that we were not in a
position to offer any meaningful guidance to the Justice
Department in that matter.
Senator Warren. So you just said to the Justice Department,
``You are on your own in figuring this out''?
Mr. Cohen. We said that--we said exactly what I just said.
Senator Warren. I know you said it in a nice long way,
but----
Mr. Cohen. That is what we--what we said to the Justice
Department was exactly what I just told you, Senator.
Senator Warren. Mr. Powell, did the Justice Department get
in touch with the Fed on this question before making a decision
whether to prosecute HSBC?
Mr. Powell. Senator, there were conversations between
Justice and the Fed, but I do not believe that question was
asked or answered. I will make sure of that and follow up. But
I believe that the questions we were asked were specific
questions about the application of this or that statute. For
example, are certain kinds of investors prohibited from
investing in a company that has been indicted--or, sorry, not
indicted but convicted or pled guilty to a felony? So that is,
I believe, the role we have had, and I do not think it went any
farther than that.
Senator Warren. Mr. Curry.
Mr. Curry. The only question that we discussed----
Senator Warren. I am sorry, Mr. Curry. Could you push your
button? There you go.
Mr. Curry. The only question that the Justice Department
asked us was with the application of the charter revocation
provision of our National Bank Act.
Senator Warren. And who is responsible for making a
determination about whether to revoke the charter?
Mr. Curry. There is a statutory process. It requires notice
and hearing, and we went through how that process would work.
Senator Warren. And who would initiate that?
Mr. Curry. That process would be initiated by the
Comptroller's office, but only upon a conviction for any money-
laundering violations.
Senator Warren. So whether or not you could revoke the
charter depended on what the Justice Department did. Did you
have that discussion with the Justice Department to encourage
them to bring a criminal prosecution so that you could have a
hearing about whether to revoke the charter?
Mr. Curry. Our position was that it is a criminal justice
determination that is left to the discretion of the Justice
Department. We are and were prepared to follow our statutory
procedure if and when there was a criminal conviction.
Senator Warren. So you did not make it clear to the Justice
Department that if the Justice Department did not bring a
criminal prosecution, that you would not be able to use one of
the significant tools of enforcement given to you by Congress?
Mr. Curry. We explained to them how the----
Senator Warren. You did explain it?
Mr. Curry. ----statute works, and that would be the
consequence of not having a conviction. The statute would not
be triggered.
Senator Warren. All right. If I can, could I just ask a
little more of a review question about this? I am hearing four
major actors, the three of you here and the Justice Department.
Why are there four departments trying to figure out money
laundering? I read through your reports. They seem to overlap
significantly. We seem to have a lot of people with the same
expertise and yet not quite the same expertise. Why is this not
consolidated into a single function? Mr. Powell?
Mr. Powell. That is a great question. This is our system.
We have all these bank regulatory agencies, and they regulate
different kinds of institutions. Twenty years ago, when I was
in the first Bush administration, we proposed to merge some of
them, and they are still not merged. But so----
Senator Warner. We proposed some of that, too.
Mr. Powell. Yes.
Senator Warner. And they still were not merged.
Mr. Powell. I think there have been a lot of attempts over
the years. But more to the point, this is our system, and I
think the obligation is on us to play as a team and to
collaborate. And I think we try very hard at that, and I would
say particularly in recent years you see a lot of interagency
collaboration such as the task force and the BSAAG, Delta
Force, and all the things that are going on now. There is very
regular communication among all of us and with Justice--and
with the industry, by the way--to try to get better and stay
ahead of these threats. But that is the system we have, and we
have to work with it.
Senator Warren. Thank you.
Thank you, Mr. Chairman.
Senator Warner. Senator Merkley. And then just for order,
Senator Kirk and Senator Heitkamp.
Senator Merkley. Thank you very much, Mr. Chair.
I want to ask a specific question about the way that wire
transfers are utilized in money laundering, and the Bank
Secrecy Act has regulations that allow a U.S. bank to accept
and process a wire transfer from overseas, even if the
transmitter is blank--that is, you have no idea where it is
coming from. And that might have been understandable 15 years
ago when the regulation was written, but in the intervening
period, we have learned an awful lot about international money
laundering. And so in the light of the extensive history of
abuse--and when I am talking about extensive history of abuse,
I think anyone who has followed the details of this case
realizes that this goes back a decade or more of interaction
over money-laundering issues. Why are we still allowing--and I
want specifically to ask you--Mr. Curry, I realize you were not
there at the time that this was wrestled with, but also Mr.
Cohen, because the Treasury Department has broad regulatory
authority. Why are we still allowing this type of open-ended
instrument with basically no information attached to it in
light of the money-laundering issues?
Mr. Curry. That is a legitimate area that----
Senator Merkley. Can you turn on your microphone, please?
Mr. Curry. That is an area of legitimate concern, and we
are looking at it, particularly in the context of foreign
affiliates. That was a major issue with respect to HSBC, the
stripping of necessary information to monitor here in the
United States affiliate that we supervise, and that is one of
the reasons that our cease-and-desist order does have
limitations or requirements that affiliates--they have an
obligation to be assured that affiliates are complying with our
BSA and AML requirements.
Senator Merkley. OK. Now, as I understand it, the
requirements are currently that that field does not have to be
filled in. Are you looking at changing that requirement?
Mr. Curry. We will be taking a look at that, Senator.
Senator Merkley. I know a lot of times when I talk about
bank regulations, I am looking at it as a multiyear process. Is
this something where there will be a formal process launched?
In 6 months will we have an answer as to whether we should
change this tool that is used in money laundering?
Mr. Curry. We will endeavor to get back to you as quickly
as possible and come up with an answer.
Senator Merkley. Thank you.
Mr. Cohen, from Treasury's point of view, is the evidence
about the use of this tool problematic enough that you are all
going to weigh in and try to see this rule changed?
Mr. Cohen. Absolutely, and I would just add one point on
this, which is that the stripping cases where we have taken
enforcement actions over the last several years involve either
removing or obscuring or including false information in payment
messages, we have put in place new requirements in the SWIFT
message process, something that was the MT 202 cover payment,
to ensure that the message that comes through from foreign
affiliates contains accurate originator and beneficiary
information. And when institutions obscure that information, we
have taken very serious enforcement actions, and the industry
knows that that information needs to be included in the payment
messages.
Senator Merkley. Thank you. I want to go on to the next
piece of this, which is we basically had a fine that was a
small amount of the annual profits, I believe about 10 percent
of the annual profits. I know it has been described as a very
severe fine. But we are talking about action that continued
over a 10-year period. In 2003, the bank said it was going to
reform its anti-money laundering conduct. There was continuous
concerns about it. So I do not know what the profits were over
10 years, but over 1 year they were $20 billion. So let me just
extrapolate that. Maybe it is not accurate, but let us say the
profits over 10 years were $200 billion. So now we are talking
about a fine that was 1 percent of the profits over the time
that this conduct was occurring.
Does that really send a message that this type of conduct
is unacceptable? Mr. Curry.
Mr. Curry. The $500 million fine we assessed, the CMP we
assessed against HSBC was the largest fine ever assessed
against a national bank. Our thinking behind coming up with the
$500 million--and this goes, again, to our testimony where one
of the weaknesses we found in BSA/AML compliance is the lack of
allocation of resources to compliance efforts. That $500
million represents the savings through the austerity programs--
--
Senator Merkley. Your answer is yes.
Mr. Curry. Yes.
Senator Merkley. OK. Thank you.
Mr. Cohen.
Mr. Cohen. The only thing I would add is that we looked at
the violative conduct and designed the penalty in relation to
the violative conduct that we identified, both on the sanctions
side and on the money-laundering side in that case.
Senator Merkley. Your answer is yes also, that the fine was
of a size, given the context of the profits over the 10-year
period where this conduct was occurring, the fine sent a strong
message?
Mr. Cohen. I think so, Senator.
Senator Merkley. OK. Thank you.
My time is up, so I will close with a comment, which is
simply this was not a new form of activity by the bank. They
had been warned time and time again that the money laundering
was inadequate. We had vital national security interests in
stopping the money laundering of terrorist organizations. We
have a neighbor to the south that is racked with violence from
drug activities where money laundering is a huge issue. We
worked with this bank 10 years, admonished it apparently a
number of times. They apparently promised reforms that were
never done, and I do not find that 1 percent of their profits
over the time period of this conduct really sends a chilling
message that this is unacceptable. It sounds more like the
price of doing a very profitable business.
Thank you.
Senator Warner. Thank you, Senator Merkley.
Senator Kirk.
Senator Kirk. Mr. Chairman, thank you. I just wanted to
turn my attention to David. We worked so long and hard on the
Iran issue. I will note, according to United Against a Nuclear
Iran, since the unanimous Senate adoption of the Menendez-Kirk
sanctions on Iran, the Iranian currency has fallen 63 percent
in its value measured against the U.S. dollar, meaning that
Iran may actually have to miss a payment to Hezbollah, which
would be welcome indeed.
I will say that we recently have had a senatorial letter
from 36 Senators, 19 Democrats, including 14 Members of this
Committee, asking the EU to lock Iran out of the Target2
system, and they have been largely locked out of the FEDwire
system--Target2 and FEDwire being the electronic settlement
system for the United States.
Over time, we are making good progress in making the
Iranian currency fairly unusable, which is an extremely good
thing, and the mullahs have been complaining about their
economic woes, being unable to finance what they want to
finance, like subjugating the people of Lebanon through
Hezbollah.
The letter to the EU is particularly well aimed because of
an attack by Hezbollah against Bulgaria on July 18th in which
17 people were killed on a bus, and I would hope that the EU
would give the political direction to the ECB on this and that
you could follow up on that. We have a number of segregated
accounts where the Iranians have money around the world, in
several places in Europe, where a strong political signal by
the EU to the ECB would significantly impact the Iranians. I
would ask that you could follow up on the spirit of a letter,
which I gave to your new boss, when he came by my office. I
heavily praised you and your work on this segregation around
the world, which has really given us a target to attack, and
significantly impacts the Iranians.
Mr. Cohen. Well, Senator, it is good to see you, and also
good to see the impact that we have had on the Iranian currency
and other economic impacts on Iran, which I know you are
familiar with. Let me just quickly address the two issues you
raised.
One, the designation of Hezbollah, following the
determination by the Bulgarians that Hezbollah was responsible
for that attack in Burgas, we are pressing the EU, pressing
member States of the EU to get that done. I am not going to
predict what the EU will do, but you can be sure that we are
pressing them very hard to get that accomplished.
On the clearing and settlement through Target2 of EU
transactions, we have been working hard on this issue since the
regulations that the EU adopted last December, as we read them,
already address this issue. It requires the ECB to essentially
issue guidance that confirms that. There is a meeting today at
the ECB of a number of member States addressing this issue. We
have fed into that process, and we will continue to press the
ECB to take what we think is the right step here, which is to
cutoff euro clearing for the--or apply to euro clearing the
same set of restrictive measures that the EU has on any Iranian
business.
Senator Kirk. I would say knocking Iran out of Target2 is
particularly appropriate after this attack, which, you know,
since Hezbollah is a wholly owned subsidiary of the MOIS, the
Iranian intelligence service, and we would lock up a lot of
money from the Iranians by doing that. And let us hope they
make the right decision at this meeting.
Mr. Cohen. And if they do not, we are going to continue
pressing on this issue.
Senator Kirk. Thank you.
Senator Warner. Senator Heitkamp.
Senator Heitkamp. I came prepared to ask a whole series of
questions, which I will submit in writing, because I want to
follow up with one last point.
Mr. Cohen, and please feel free to correct me if I have
paraphrased you or misquoted you, but in your earlier
discussion with Senator Warren, you said it is not your role to
encourage or recommend prosecution. Is that what you said?
Mr. Cohen. I do not recall precisely what I said. What we
view in the Treasury Department's role is not to seek to
influence or direct the Justice Department in any particular
prosecutorial decision.
That being said, we are fully supportive of aggressive
exercise of all authorities, criminal and civil.
Senator Heitkamp. And I completely understand what you are
saying. But if we leave here without a commitment from all of
you that you will vigorously encourage and suggest and
recommend that the Justice Department prosecute cases that must
be prosecuted in order to ensure equal justice under the law in
this country, then we have failed today. And so I would like a
commitment from all of you individually that you will, in fact,
encourage, recommend, and strongly suggest, when you see cases
like this, that they be prosecuted, and if there is a
declination, if there is an agreement not to prosecute, that
somewhere along the line there is some kind of process to
appeal, because any of us who have ever done any kind of civil
regulation which could, in fact, go criminal, know that it is
frequently the civil regulators who have the ability and the
knowledge and can encourage and can be the pain in the room
when that decision gets made. And if you are not willing to
play that role, then we have failed today.
Mr. Cohen. Senator, we play that role. We share and
communicate with the Justice Department in these cases on an
ongoing basis. The one--and I think this is important because I
think it is essential in our system of justice. We want the
Justice Department to exercise its authority, exercise it
aggressively. The decision to prosecute in any particular case
is a decision for the Justice Department to make. We will feed
into that process and have fed into that process and will
continue to feed into that process information, our assessment
of the information, our assessment of the violations, and you
have our commitment that we will continue to do that.
Senator Heitkamp. I hope I have your commitment that you
will not let them off the hook, that you--you know, I
understand, and I understand that you cannot dictate to the
Department of Justice that they prosecute cases. But you can be
a very strong voice. You can either play the role of saying,
``Here is the case, good luck,'' or ``Here is the case, we will
help, we strongly urge you and encourage you. And if you
decline it, we are going to ask serious questions of you as to
why you declined to prosecute this case,'' because the
inequities that it creates and the appearance of inequity in
the justice system that it creates cannot be tolerated by the
Congress, and it cannot be tolerated by the Department of
Justice.
Thank you, Mr. Chairman.
Senator Warner. Thank you.
Let me just follow up on Senator Heitkamp, and I will just
ask one question. We will not go through a full other round if
you have just got one more question for these folks. One of the
things--and you did clarify the fact that as you discover
possible actions prior to taking any of the steps along this
continuum from injunctive action, removal, fine, or the
ultimately sanction in terms of Justice Department prosecution.
I guess the question I have is: What is or should be the
threshold where you find something that--the prudential
regulator finds something that appears to be amiss, at what
point do you turn that over to the Justice Department? What is
the threshold for turning over information to the Justice
Department? That is probably more for Mr. Curry and Mr. Powell,
but I will take any of you.
Mr. Curry. I think our posture is to be as--to share as
much information as possible and as soon as possible. If we
uncover significant program weaknesses, which is what we are
assessing, we will make our counterparts through the many
different channels we have--the working groups--aware of what
we are seeing.
The point I would want to make, though, is the real key to
the BSA/AML process is the SARs filings and the currency
transaction reporting, which we monitor, and that is really
where law enforcement gets its primary information to pursue
illegal activity. And as a result, that really is the focus of
our on-site examination activity as well.
Senator Warner. Mr. Powell, do you have anything to add to
that?
Mr. Powell. I would just agree that the idea is not that we
are waiting to see something, such as a pot to boil, and then
we get in touch with Justice. It is not like that at all.
Suspicious activity reports go into the data base that FinCEN
keeps. Law enforcement officials have ongoing access to that.
So we are overinclusive, if anything, in providing information,
because they may see patterns and it may be that we are seeing
one little thing, so we want all the information that might
lead someone in law enforcement to see a broader patterns. We
want them to have access. And they generally have it, I think
early.
Mr. Cohen. And I would just add one point on that. As my
colleagues notes, FinCEN is the repository for all of these
suspicious activity reports and other filings the banks make.
We on an ongoing basis review that information, look for, as
Governor Powell said, patterns, look for instances of potential
violations. The threshold is very low for making a criminal
referral, and it happens on a daily basis from FinCEN, and from
OFAC as well. We are, as I say, in constant communication with
the regulators and with the criminal authorities and referring
matters for their investigation.
Senator Warner. Senator Warren.
Senator Warren. I am good.
Senator Warner. Just before we close, I want to thank all
of my colleagues, Senator Warren for hanging in until the
bitter end on this one, and I think, you know, you have heard a
really very common theme, obviously, that not only are we
concerned that you are not fully using your BSA/AML powers
along this continuum, since most of the actions so far have
only resulted in fines and not resulted--and, Mr. Curry, you
did point out there have been some injunctive activities, but
there are things, short of simply punting this to the Justice
Department, actions that you could take, number one.
Number two, we clearly believe there should be no
institution not only too big to fail or not any institution too
big to prosecute.
And, number three, that because there are all these
stovepipes--and, Under Secretary Cohen, you are kind of the hub
of that wheel, and, you know, you have got to make sure that we
have got strong collaboration, information sharing.
And I would simply close with a comment that Mr. Powell
made as well. This is only going to get harder. This is only
going to get harder as we see some of the larger institutions
perhaps migrate these activities into smaller financial
institutions that, again, may even have less compliance
components. It is going to get harder as the overlap between
money laundering and cyber activities, and that area is an area
that, again, if you have got suggestions as we try to put
together bipartisan cyber legislation.
And then as somebody who grew up in the wireless business,
as we think about the ability to do mobile transactions, a
brand-new space, trying to put some framework on that--we have
had hearings in this Committee before on this issue, but trying
to put some parameters around that space before it is way down
the path and fully developed is an enormous, enormous
challenge, because the activities of money laundering in that
area have enormous, enormous potential for bad action.
So I thank all the witnesses for their testimony and for
their responses to questions. There are a couple of things,
including continuing giving the Banking Committee updates on
the activities of your interagency proceedings. Thank you all
for a very spirited hearing.
Senator Warren. The record will remain open?
Senator Warner. The record will remain open for 7 days. The
hearing is adjourned.
[Whereupon, at 11:41 a.m., the hearing was adjourned.]
[Prepared statements and responses to written questions
supplied for the record follow:]
PREPARED STATEMENT OF DAVID S. COHEN
Under Secretary for Terrorism and Financial Intelligence, Department of
the Treasury
March 7, 2013
Introduction
Chairman Johnson, Ranking Member Crapo, distinguished Members of
the Committee, thank you for inviting me to testify today on a core
focus of our efforts at the Department of the Treasury: promoting a
safe and secure financial system, and effectively combating money
laundering, terrorist financing, and related forms of illicit finance.
I would like to commend you, Mr. Chairman, and this entire Committee
for your strong leadership on this topic, including by focusing today's
discussion on these critically important issues. The spate of recent
high-profile enforcement actions against some of our largest, most
sophisticated, and best resourced financial institutions raises
troubling questions about the effectiveness of our domestic anti-money
laundering and counterterrorist financing (AML/CFT) regulatory,
compliance, and enforcement efforts. It is critically important to
understand why these failures occurred and, even more importantly, what
we can do--whether through better legislation, regulation, examination
or enforcement, or through some combination of steps--to prevent the
recurrence of such failures in the future.
Background
My remarks today will focus on Treasury's long-standing efforts to
promote and enforce compliance with the Bank Secrecy Act (BSA) and our
counterterrorist financing sanctions programs, including new efforts
under way to improve our AML/CFT regime. We share the view that there
is a pressing need to improve compliance, and we are working hard at
it.
To begin, I believe it is worth noting that our AML/CFT legal and
regulatory regime is one of the strongest and most effective in the
world. Conceived more than 40 years ago with the enactment of the Bank
Secrecy Act and updated repeatedly over the past four decades through
new legislation, regulations, and guidance, our AML/CFT framework has
evolved to better address new and different illicit finance threats.
Our AML/CFT framework has evolved, moreover, while our financial
sector has maintained its place as the largest, most sophisticated,
complex, and efficient financial system in the world. The enormous
size, scope, and sophistication of our financial markets facilitate
economic growth, both in the U.S. and around the world.
But that size, scope and sophistication also attracts criminals who
wish to access our financial system to launder the proceeds of crime
and move funds for illicit purposes. This includes money launderers,
terrorists, proliferators, drug lords, and organized crime figures, all
of whom rely to some extent on the financial system to conduct their
operations.
The BSA, and the regulations promulgated by Treasury's Financial
Crimes Enforcement Network (FinCEN) and the Federal functional
regulators implementing the BSA and related statutes, establishes the
framework for guarding the financial system from money laundering and
terrorist financing. These laws and regulations work in tandem with the
sanctions programs implemented by Treasury's Office of Foreign Assets
Control (OFAC), particularly those that are focused on preventing
financial facilitation for terrorist organizations and rogue regimes,
such as Iran.
These rules aid financial institutions in identifying and managing
risk, provide valuable information to law enforcement, and create the
foundation of financial transparency required to deter, detect, and
punish those who would abuse our financial system. It is, of course,
critical that we design our laws and rules, as well as our oversight
and examination efforts, to address the spectrum of risks that we face.
But the laws, rules, and compliance manuals can only do so much. A
truly robust AML/CFT framework--one that hardens our financial system
against the unrelenting efforts of money launderers, financial
criminals, sanctions evaders, and other illicit actors--requires
effective AML/CFT program implementation by financial institutions,
buttressed by strong enforcement efforts when those efforts fall short
of the mark. When AML/CFT safeguards are not effectively implemented
and compliance lags, money launderers, terrorist financiers, and other
illicit actors freely abuse our financial system. We have seen this
happen too often, at too many financial institutions, including some of
our largest banks, over the past several years.
So it is clear to us that despite the strength of our AML/CFT
framework, significant design, oversight, compliance, and enforcement
challenges remain. I would like to turn now to the efforts the Treasury
Department is taking, in collaboration with our regulatory and law
enforcement partners, the financial industry, and our foreign
counterparts, to strengthen the effectiveness of our AML/CFT regime.
Treasury's Ongoing Efforts To Promote an Effective AML/CFT Framework
As this Committee is well aware, a number of Federal departments
and agencies, as well as State and local agencies, play important roles
in combating money laundering, terrorist financing, and other illicit
financial activity in U.S. financial institutions. The Treasury
Department, through FinCEN, administers the BSA, and through OFAC,
administers our sanctions programs. This includes issuing rules and
guidance implementing the BSA and the executive orders that establish
sanctions programs; conducting investigations into potential
violations; and enforcing the relevant rules through civil proceedings.
In all of these efforts, FinCEN and OFAC work closely with counterparts
across the Federal Government and at the State and local level,
including the other Federal financial regulators, as well as law
enforcement agencies.
I would like to update the Committee on Treasury's ongoing efforts
to implement and enforce the BSA and our sanctions programs, as well as
new work under way to improve our AML/CFT regime, including renewed
focus at FinCEN on BSA enforcement; the creation of an interagency AML
Task Force; our strategy to enhance financial institutions' customer
due diligence efforts; and the continued development of strong
international standards on combating money laundering and the financing
of terrorism and the proliferation of weapons of mass destruction
(WMD). Each of these efforts is aimed at improving financial
transparency through better regulations, better oversight, better
compliance, and better enforcement.
FinCEN and OFAC Enforcement Efforts
Turning first to FinCEN's and OFAC's ongoing enforcement efforts:
As I noted, in administering the BSA, FinCEN investigates and
pursues enforcement actions against financial institutions for
violations of the BSA and its implementing regulations. Most recently,
in December 2012, FinCEN assessed a $500 million civil monetary penalty
against HSBC Bank USA N.A. for willful violations of the BSA. Among
other things, FinCEN determined that HSBC lacked an effective AML
program and systematically failed to detect and report suspicious
activity. FinCEN joined OFAC, the Office of the Comptroller of the
Currency, the Federal Reserve and the Department of Justice in what
amounted to the largest combined bank settlement in U.S. history,
totaling more than $1.9 billion in penalties and forfeitures for HSBC's
conduct that exposed the U.S. financial system to severe abuse. Also,
in November 2012, FinCEN joined the FDIC and the Department of Justice
to assess concurrent civil money penalties of $15 million against First
Bank of Delaware for violations of the BSA and its AML requirements.
These and other recent FinCEN enforcement actions highlight many of
the key vulnerabilities in our financial system that the BSA was
designed to address, including misuse of correspondent banking
relationships, private banking accounts, financial activity undertaken
by nonbank financial institutions, and the use of nontransparent legal
entities to move funds. While these enforcement actions reaffirm the
importance of imposing additional due diligence requirements on higher-
risk activities, they also underscore that existing requirements and
controls may not be sufficiently robust.
For its part, OFAC administers and enforces financial, economic and
trade sanctions to advance key foreign policy and national security
goals, including sanctions against targeted foreign countries and
regimes, terrorists, international narcotics traffickers, and those
engaged in activities related to WMD proliferation. OFAC aggressively
pursues investigations and enforcement actions against both U.S. and
foreign financial institutions that violate U.S. economic sanctions
laws and regulations.
Between June and December 2012 alone, OFAC reached settlements with
four separate foreign financial institutions for a combined total of
more than $1.1 billion related to almost 24,000 apparent violations of
our sanctions programs involving Burma, Cuba, Iran, Sudan, and Libya.
Total related sanctions and AML enforcement actions involved those
institutions, including OFAC's settlements, amounted to $2.76 billion.
They followed several other record-breaking enforcement actions related
to the ``stripping'' of sanctions-related information from
international payment messages that resulted in almost one billion
dollars in OFAC settlements as part of almost $1.7 billion in fines and
forfeitures involving financial institutions. (Appendix I to this
testimony contains a compendium of recent OFAC and FinCEN enforcement
actions.)
It is important to note that the conduct at issue in these
``stripping'' investigations primarily occurred prior to 2009--that is,
before most of OFAC's ``stripping'' settlements were concluded and
published--and that these rigorous enforcement actions appear to have
had a significant compliance and deterrent effect on global financial
institutions. Of course, Treasury will continue to penalize banks for
conduct that violates our sanctions programs, whenever it occurs, and
will be particularly aggressive with regard to any institutions found
to be engaging in the type of conduct that has been the subject of
these well-publicized enforcement cases.
In their civil enforcement investigations, both OFAC and FinCEN
often work closely with criminal agencies, including the Department of
Justice and State and local criminal prosecutors. Neither OFAC nor
FinCEN, however, possesses the authority to bring criminal charges, nor
does Treasury see it as our role to influence or seek to direct the
decision whether to prosecute in any given case. The decision whether
to bring criminal charges is the exclusive prerogative of criminal
prosecutors. Nonetheless, Treasury strongly supports vigorous law
enforcement across the board--by our counterpart Federal regulators, by
Federal criminal law enforcement, and by the relevant State and local
authorities.
FinCEN's Renewed Focus on Enforcement
FinCEN, as the administrator of the BSA, plays a critical role in
our fight against money laundering and terrorist financing in the
United States and around the world, and over its 20-plus year history,
it has been at the heart of our Nation's efforts to combat illicit
finance. I would like to highlight two FinCEN initiatives that will
position the agency to be even more effective in enforcing the BSA in
the years to come.
First, FinCEN has recently completed a multiyear IT Modernization
Program, which is on-time and on-budget. This project will enhance
FinCEN's ability to analyze illicit financial activity and conduct
enforcement investigations. It will also better serve the various
agencies that work with FinCEN and rely--sometimes heavily--upon BSA
data in conducting their own money laundering and terrorism cases. For
example, last year the Federal Bureau of Investigation reported that 37
percent of its pending counterterrorism cases had associated BSA
records. A key component of FinCEN's modernization project is a
powerful new search tool to access BSA data, called FinCEN Query. Since
it was activated last September it has been used 920,000 times by 6,400
users. This is a strong start and we expect the utility of this tool to
grow as more of our law enforcement and intelligence partners who rely
on BSA data adopt and gain facility with the new search tool.
Second, FinCEN's new Director, Jennifer Shasky Calvery, is in the
midst of a thorough review of FinCEN's operations as she and her new
management team at FinCEN consider how FinCEN can better organize
itself to execute its mission even more effectively, including
enhancing its compliance and enforcement functions. Since taking up her
post, Director Calvery has met with virtually every employee of FinCEN,
as well as with FinCEN's law enforcement and regulatory partners,
industry stakeholders and Congressional staff, as she explores the
appropriate steps to take.
Director Calvery is particularly focused on ensuring that FinCEN
fulfills its key role in the enforcement of our AML/CFT regime,
including by employing all the tools at the agency's disposal to hold
accountable those institutions and individuals who allow our financial
institutions to be vulnerable to terrorist financing, money laundering,
proliferation finance, and other illicit financial activity. Some of
these tools have been used in the past--such as imposing special
measures under Section 311 of the USA PATRIOT Act against entities
determined to be primary money laundering concerns--and we intend to
continue the aggressive use of these tools in the future.
We also intend to make use of additional tools at FinCEN's disposal
to ensure that those who violate the BSA are held accountable. For
example, the BSA provides FinCEN with the broad authority to obtain
injunctions against persons it believes have violated, are violating,
or will violate, the BSA. Likewise, the BSA allows FinCEN to impose
civil penalties not only against domestic financial institutions and
nonfinancial trades or businesses that willfully violate the BSA, but
also against partners, directors, officers and employees of such
entities who themselves actively participate in misconduct. Although
FinCEN has employed these tools only occasionally in the past, in the
future FinCEN will look for more opportunities to impose these types of
remedies in appropriate cases.
New Initiatives To Improve the AML/CFT Framework
Let me now turn to the several initiatives we are pursuing to look
at our AML/CFT framework and consider where improvements can be made.
At the heart of this task is a goal of ensuring that our AML/CFT
obligations and actions are directing financial institutions to address
the real, prevailing illicit financing risks that they face.
FinCEN's ``Delta Team''
FinCEN recently organized a group dubbed the ``Delta Team'' under
the auspices of the Bank Secrecy Act Advisory Group (BSAAG). The Delta
Team includes representatives from the financial services industry,
financial regulators, and law enforcement with the common mission of
examining any gaps between illicit finance risks and compliance
efforts. Their objective is to develop recommendations to close any
gaps in order to enhance the effectiveness of our AML/CFT regulatory
regime. The Delta Team had its first meeting last month, and I
understand the discussions produced a number of interesting ideas that
will be explored further in the ongoing dialogue.
The AML Task Force
Treasury also has recently convened a broad interagency group,
known as the AML Task Force, to look in depth at the entire AML/CFT
framework. Along with Treasury, the AML Task Force is comprised of
senior representatives from each of the regulators with responsibility
to combat money laundering--that is, FinCEN, the Board of Governors of
the Federal Reserve System, the Office of the Comptroller of the
Currency, the Federal Deposit Insurance Corporation, the National
Credit Union Administration, the Commodity Futures Trading Commission,
the Securities and Exchange Commission and the Internal Revenue
Service--as well from the Justice Department's Criminal Division.
The Task Force's objective is to take a step-back look at our AML/
CFT framework--from the legal and regulatory foundation, to the
compliance and examination function, to the enforcement efforts--to
take stock of which components of our regime are working well, which
are not, how the different parts are working together, and to assess
how the entire enterprise is operating. The Task Force will look at the
mechanisms by which illicit finance risks are identified, and how
statutory and regulatory requirements are adapted to address these
risks. It will evaluate information sharing, supervision, and
enforcement practices and processes to determine if there are ways to
better inform, assess, encourage and, as necessary, compel financial
institution compliance.
In all of its work, the Task Force will be informed by the specific
deficiencies identified in the recent bank enforcement cases. The goal
is to develop recommendations, and find solutions, to address any gaps,
redundancies or inefficiencies in our AML/CFT framework, and to ensure
that truly effective AML/CFT compliance is made a priority within
financial institutions.
Enhancing Customer Due Diligence
Financial transparency depends, at the most basic level, on
effective customer due diligence--that is, the steps taken by financial
institutions to know their customers. Poor or weak customer due
diligence may permit illicit actors to access the financial system
undetected, and to engage in transactions that financial institutions
may fail to identify as suspicious.
Current law, however, explicitly requires financial institutions to
conduct in-depth customer due diligence--in which the true beneficial
owner of an account is identified--in only certain limited
circumstances. Because we believe that a broader obligation for
financial institutions to conduct in-depth customer due diligence may
be warranted, Treasury has embarked on a rule-making process to
consider whether to impose an explicit, enhanced customer due diligence
requirement.
We believe that a rule that clarifies and strengthens customer due
diligence requirements for U.S. financial institutions, including an
obligation to identify beneficial owners, would advance the purposes of
the BSA by assisting law enforcement in their financial investigations.
Moreover, such a requirement would assist financial institutions in
their assessment and mitigation of risk, as well as facilitate their
compliance with existing BSA requirements and U.S. sanctions programs.
And it would assist in reporting and investigations in support of tax
compliance.
Due to the importance of this issue, as well as its implication for
all corners of our financial system, we took the unusual step of
issuing an Advance Notice of Proposed Rulemaking (ANPRM), and then
embarked on an unprecedented industry outreach program to discuss the
proposed rule in series of public forums with a broad range of
stakeholders, including Congress; law enforcement; community, regional,
national, and international banks; money service businesses; broker-
dealers; futures commission merchants; and other interested parties.
These engagements highlighted the challenges associated with achieving
clear and harmonized customer due diligence expectations while also
leveraging best practices to minimize burden.
All the information gathered, through written comments as well as
public engagements, has informed the development of a proposed customer
due diligence rule, which we anticipate publishing for further notice
and comment in the near future.
International Efforts To Strengthen the Global AML/CFT Framework
Our domestic work to strengthen the integrity and transparency of
our financial system, and refine and improve our AML/CFT framework, is
bolstered and extended by our efforts to work with international
partners to strengthen AML/CFT regimes abroad. Given the global nature
of money laundering and terrorist financing, and the increasing
interrelatedness of the global financial system, a secure global
framework is essential to the integrity of the U.S. financial system.
Treasury, along with others in the Federal Government, works
closely with international counterparts to strengthen the global AML/
CFT framework and promote implementation and enforcement of effective
AML/CFT measures worldwide. To this end, we engage several
intergovernmental and international organizations, such as the
Financial Action Task Force (FATF), the IMF, the World Bank, the United
Nations, and various FATF-style regional bodies, to develop, assess,
and facilitate implementation of effective AML/CFT laws around the
world.
In recent years, within the FATF, we have helped lead efforts to
revise and strengthen the global AML/CFT standards, including by
incorporating measures to combat proliferation financing, tax evasion,
and sanctions evasion. We have also led efforts to focus the next round
of jurisdictional assessments on effectiveness and implementation, in
addition to technical compliance with the global standards. Most
recently, we have secured the FATF's commitment to examine challenges
of global compliance as a priority matter for all jurisdictions, within
a broader agenda focusing on enhancing the effectiveness of AML/CFT
regimes in combating the threats we face.
Through these efforts, we have established both a necessary
foundation and a common set of expectations that will enable us to
focus ongoing and future global AML/CFT efforts on the primary
challenges we face in combating illicit finance and enhancing financial
integrity. These challenges include the substantive areas of concern
highlighted in recent bank enforcement actions, such as sanctions
compliance (including by intermediary financial institutions), customer
due diligence, AML programs, and correspondent controls. They also
include cross-cutting AML/CFT issues such as enhancing information
sharing to facilitate enterprise-wide risk management within global
financial institutions, and aligning investigative, supervisory and
compliance resources to focus on priority illicit financing risks and
vulnerabilities. Thus, as we examine these issues with a view towards
improving the effectiveness of our own AML/CFT regime, we are also
working internationally to inform and strengthen similar efforts in
other financial centers.
Conclusion
The United States is home to one of the strongest anti-money
laundering and counterterrorist financing regimes in the world. But
clearly, there is work to be done to make our AML/CFT regime more
effective and to elicit better compliance from financial institutions.
We all have an interest in enhancing the effectiveness of our framework
and better protecting our financial system from abuse. I look forward
to working with this Committee on these critical issues, and would be
pleased to answer any questions you may have.
PREPARED STATEMENT OF THOMAS J. CURRY
Comptroller, Office of the Comptroller of the Currency
March 7, 2013
I. Introduction
Chairman Johnson, Ranking Member Crapo, and Members of the
Committee, I appreciate the opportunity to appear before you today to
discuss the importance of effective Bank Secrecy Act and Anti-Money
Laundering (BSA/AML) compliance programs at U.S. financial institutions
and the role the OCC plays in examining financial institutions for
compliance in this area.*
---------------------------------------------------------------------------
* Statement required by 12 U.S.C. 250: The views expressed herein
are those of the Office of the Comptroller of the Currency and do not
necessarily represent the views of the President.
---------------------------------------------------------------------------
The OCC is committed to ensuring that the institutions under its
supervision have effective controls in place to safeguard them from
being used as vehicles to launder money for drug traffickers and
transnational and other criminal organizations, or to facilitate the
financing of terrorist acts. Together with the other Federal banking
agencies and the law enforcement community, the OCC's goal is to deter
money laundering, terrorist financing, and other criminal acts and
prevent the misuse of our Nation's financial institutions.
National banks and Federal savings associations (hereafter referred
to as ``banks'' or ``bank'') have been required to have a BSA
compliance program since 1987, and to monitor, detect, and report
suspicious activity since the 1970s. However, regulatory requirements
and supervisory expectations under the BSA have increased significantly
since that time, and most institutions have had to make substantial
improvements in their compliance programs. In response, many of the
largest institutions have implemented highly sophisticated programs and
systems that screen transactions to identify and report suspicious
activity to law enforcement, and to ensure that such transactions do
not involve entities subject to Office of Foreign Assets Control (OFAC)
sanctions. The suspicious activity reports (SARs) that are filed have
provided law enforcement with access to critical information needed to
initiate and conduct successful investigations and prosecutions. There
are now more than 5.6 million SARs in the centralized database that is
maintained by the Financial Crimes Enforcement Network (FinCEN). The
majority of these SARs have been filed by national banks and Federal
thrifts.
BSA compliance is inherently difficult, combining the challenges of
sifting through large volumes of transactions to identify features that
are suspicious, with the presence of criminal and possibly terrorist
elements dedicated to, and expert in, concealing the true nature of the
transactions they undertake. As financial institutions' BSA compliance
programs have evolved and changed over time, so have the sophistication
and determination of money launderers, terrorist financiers, and other
criminals in finding other ways to gain access to our institutions. The
technology, products, and services offered by institutions to give
customers better and quicker access to financial services can also be
used by criminals to instantaneously and anonymously move money
throughout the world, sometimes through the simple click of a keypad or
the use of a cell phone app. Risks are constantly mutating, as criminal
elements alter their tactics to avoid detection. They move quickly from
one base of operations to another, finding sanctuary in places where
law enforcement, or sympathy for U.S. policy objectives, is weakest.
Furthermore, money-laundering schemes are becoming more complex,
involving entities and individuals located in numerous jurisdictions
worldwide. Consequently, banks, thrifts, and other financial
institutions have had to devote increasingly larger amounts of
resources to maintain effective programs, and the OCC has likewise
significantly increased its attention in this area.
My testimony today will cover our assessment of industry trends and
concerns; the OCC's supervisory approach to BSA/AML; our process for
taking supervisory and enforcement actions and a description of some of
our recent actions; improvements the OCC has made or is in the process
of making to our supervisory and enforcement practices; and our
recommendations for regulatory and legislative improvements.
Specifically, in response to the Committee's questions in its
letter of invitation, the OCC believes that corporate governance
weaknesses, combined with the effects of austerity programs banks
instituted during the financial crisis, are among the biggest reasons
for recent BSA/AML compliance breakdowns. In response, the OCC has
implemented a number of changes to our policies and internal review
processes to strengthen our supervision in this critical area, and we
are considering additional changes to our policy guidance, regulations,
and enforcement documents to clarify regulatory expectations and
improve bank compliance in this area. For example, while we believe
that our cease and desist (C&D) authority is as effective and more
efficient than the use of civil injunctions, we are exploring the
possibility of regulatory changes that would enhance our ability to
take removal and prohibition actions against bank officers, directors,
and employees that engage in violations of the BSA. Finally, we have
inserted language in some of our recent enforcement documents that is
designed to improve enterprise-wide compliance with AML requirements
when banks engage in transactions with their overseas affiliates. All
of these points are further addressed in the testimony.
II. Industry Trends and Concerns
Many of the practical problems we have seen in recent years with
respect to BSA compliance can be attributed to four root causes: (i)
culture of compliance within the organization, (ii) commitment of
sufficient and expert resources, (iii) strength of information
technology and monitoring processes, and (iv) sound risk management.
These root causes have led to breakdowns in the fundamentals and
mechanics of sound management of operational risks. For example, our
examination and enforcement activities have identified a number of
trends and concerns in the BSA/AML area that warrant continued
attention by supervisors and banks:
Corporate Governance--Some recent cases have involved the
lack of strong corporate governance principles necessary to
create a ``culture of compliance'' within the organization.
These cases reflected an imbalance in both the independence of
the compliance function and organizational incentives that
emphasized revenues and growth over balanced risk management.
Proper incentives across both BSA/AML compliance and the line
of business ensure that there is accountability throughout the
organization and employees are motivated to do the right thing
through compensation structures, performance standards,
promotions, and a strong compliance culture.
Compliance Resources--Recent cases have identified a lack
of sufficient staffing, high turnover rates, and cutbacks in
the compliance area as common factors that have impeded the
effectiveness of banks' BSA/AML programs. In some cases, banks
have inappropriately reduced staffing and resources in the BSA
area due to austerity programs initiated during the financial
crisis. In other cases, banks' compliance department staff and
expertise have failed to keep pace with the growth of the
institution.
International Focus or Component--Foreign correspondent
banking, cross border funds transfers, bulk cash repatriation,
remote deposit capture, and embassy banking have all been high-
risk areas that some banks have not managed effectively.
Bulk Cash and Structured Deposits--Bulk cash transactions
continue to present significant BSA/AML challenges for banks in
determining legitimate from illegitimate sources. In addition,
as a result of the changes to the Mexican currency laws, we
have seen an increase in suspicious activity along the
southwest border flowing from funnel accounts associated with
drug cartels, increased use of nonbank financial institutions,
and increased structuring of cash deposits.
Migration to Smaller Banks--As some large or midsize banks
have attempted to lower their risk profiles, higher risk
products and customers have migrated to community banks. These
institutions must be mindful of the resources and personnel
necessary to successfully manage higher risk activities.
New Technologies and Evolving Payments Activities--When
banks introduce new technologies and products, they must
appreciate or understand the compliance risks. Prepaid access,
mobile phone banking, smart ATM machines and kiosks, mobile
wallets, and Internet cloud-based payment processes are all
technologies that are developing rapidly, and senior bank
compliance personnel need to be engaged in the product
development processes. OFAC monitoring is especially important
and challenging in this area. In addition, products that have
evolved through technology need to be periodically re-evaluated
(e.g., prepaid access money transfers, and payroll cards).
Third-Party Relationships and Payment Processors--The OCC
and the other banking agencies have been reviewing closely
third-party and payment processor relationships and a number of
enforcement actions have been taken in recent years. Banks need
to be especially aware of the risks presented by payment
processors and the extent of their franchising relationships
(routing transit numbers (RTNs), bank identification numbers
(BINs), and ATM machines).
The OCC will continue to identify significant trends, communicate
them to the industry, and ensure that BSA/AML supervision stays
current.
III. OCC BSA/AML Supervisory Policies and Practice
Legal Framework and the OCC's Risk-based Supervisory Approach
The Money Laundering Control Act of 1986 provides the framework for
BSA/AML supervision and enforcement. It requires the Federal banking
agencies to: (i) prescribe regulations to require banks to establish
and maintain procedures that are reasonably designed to assure and
monitor compliance with the BSA; (ii) review those procedures at every
examination; (iii) report problems with the procedures to the bank; and
(iv) issue a C&D order if the financial institution fails to establish
and maintain the procedures or fails to correct a problem that was
previously reported to it. \1\ On January 27, 1987, the OCC and the
other Federal banking agencies issued virtually identical regulations
to implement this requirement. The OCC's regulation, codified at 12 CFR
�21.21 for national banks and at 12 CFR �163.177 for Federal savings
associations, requires every bank to have a written program, approved
by the board of directors, and reflected in the minutes of the bank.
The program must, at a minimum: (1) provide for a system of internal
controls to assure ongoing compliance; (2) provide for independent
testing for compliance; (3) designate an individual responsible for
coordinating and monitoring day-to-day compliance; and (4) provide
training for appropriate personnel. In addition, the implementing
regulation for section 326 of the USA PATRIOT Act \2\ requires that
every bank adopt a customer identification program as part of its BSA
compliance program.
---------------------------------------------------------------------------
\1\ 12 U.S.C. �1818(s).
\2\ Uniting and Strengthening America by Providing Appropriate
Tools Required To Intercept and Obstruct Terrorism, P.L. 107-56, 115
Stat. 272 (2001) (USA PATRIOT Act).
---------------------------------------------------------------------------
The OCC has worked with the other Federal Financial Institutions
Examination Council (FFIEC) agencies, \3\ FinCEN, and OFAC to review
and develop BSA examination and enforcement policies and procedures for
use at every examination. The publication of the Interagency BSA/AML
Examination Manual (Manual) in 2005 effectively standardized
examination procedures for the Federal banking agencies. The Manual
reinforces the agencies' position that sound BSA/AML risk management
enables a banking organization to identify BSA/AML risks and better
direct its resources, with the ultimate goal of helping safeguard its
operations from money laundering, terrorist financing, and other
illicit activities. The Manual has been revised three times since its
initial publication so that it remains current with the latest
technological and payment system innovations and emerging threats and
vulnerabilities.
---------------------------------------------------------------------------
\3\ The FFIEC is a formal interagency body empowered to prescribe
uniform principles and standards for the Federal examination of
financial institutions by the OCC, the Board of Governors of the
Federal Reserve (Federal Reserve), the Federal Deposit Insurance
Corporation (FDIC), the National Credit Union Administration, and the
Consumer Financial Protection Bureau. The FFIEC's primary goal is to
promote uniformity in the supervision of financial institutions.
---------------------------------------------------------------------------
The OCC monitors compliance with the BSA and its implementing
regulations by applying the examination procedures set forth in the
Manual during a bank's examination. Community banks are examined either
on a 12- or 18-month cycle, and large banks and midsize banks are
examined on an annual cycle. These procedures are risk-based and direct
examiners to focus examination resources on high-risk areas within
banks. Examiners use the procedures to assess the implementation and
effectiveness of the bank's policies, procedures, systems, and
controls. Every BSA/AML examination includes, at a minimum, a review of
the bank's risk assessment and its BSA/AML compliance program (focusing
on internal controls, training programs, independent testing, and BSA
officer independence and qualifications). We also assess the
effectiveness of the bank's OFAC compliance program.
OCC examiners perform ongoing supervision and conduct targeted
testing in areas that may present higher money laundering and terrorist
financing risks. The Manual includes supplemental procedures that cover
specific BSA requirements (e.g., currency transaction reporting,
suspicious activity reporting, foreign correspondent bank, private
banking, and funds transfer record keeping) and specific examination
procedures covering risks from products and services and persons and
entities (e.g., correspondent banking, private banking, trade finance,
electronic banking, third-party payment processors, bulk shipments of
currency, pouch activities, politically exposed persons, and business
entities).
The OCC routinely analyzes BSA data, currency transaction reports
and SARs to identify unique risks and augment our examinations. This
information permits examiners to scope and plan examinations to ensure
that the bank's higher risk activities are evaluated. Such activities
may be reflected in accounts associated with repetitive SAR filings,
significant cash activity, or activity that is inconsistent with the
type of business of the customer, and are examples of the types of
accounts that would be selected for transaction testing and further
examiner review. In cases where examiners identify areas of concern,
deficiencies, or violations, they typically expand the examination
scope and perform transaction testing in targeted areas to ensure they
identify and evaluate all pertinent issues.
In community banks, the OCC uses a risk identification and
analytical tool called the Money Laundering Risk (MLR) System, which
enables the OCC to identify potentially high-risk banks and activities
that warrant increased scrutiny and supervisory resources. This
combination of our ongoing supervision and targeted examinations allows
us to determine the adequacy of a bank's BSA/AML compliance program at
every exam.
Training and Internal Communications
The OCC provides comprehensive BSA training to our examiners and
organizes a BSA compliance conference every 3 years to inform our
examiners of emerging money laundering and terrorist financing threats
and vulnerabilities. A critical component of examiner training is also
provided on an interagency basis by the FFIEC and the OCC works with
the FFIEC and other Federal Government agencies to develop advanced AML
courses for examiners, as well as periodic internal and external
seminars, conferences, and teleconferences. Representatives of the law
enforcement community are regular participants in these conferences and
training sessions, establishing an ongoing dialogue with our examiners
concerning criminal typologies, schemes and arrangements. Such forums
allow our examiners to be continually aware of the risks facing the
banks, to scope examinations accordingly, and to provide timely
guidance to the industry in addressing those risks. OCC examiners also
attend other FFIEC training courses, external courses and industry
conferences to remain abreast of the latest trends in the areas of
money laundering, payments systems, fraud, and cybercrime.
The OCC Compliance Policy Department leads our National Anti-Money
Laundering Group (NAMLG), which is an internal forum that serves as the
focal point for BSA/AML issues within the agency. The NAMLG facilitates
intra-agency communication; promotes cooperation and information
sharing with national and district office AML groups; identifies
emerging risks, best practices, and possible changes in anti-money
laundering policies and procedures; discusses legislative proposals;
and serves as a clearinghouse for ideas developed throughout the OCC.
The NAMLG's resource sharing program initiative provides BSA policy
expert resources to complex banks, higher risk banks, or examinations
in need of specialized expertise. The resource-sharing program promotes
BSA/AML knowledge transfer and examiner development, and improves the
allocation of BSA resources.
Interagency Cooperation
The OCC cooperates and coordinates on an interagency basis to
address BSA/AML issues. For example, we are participating in the
interagency Task Force on the U.S. AML Framework, led by Under
Secretary of the Treasury David Cohen, which will take a close look at
the BSA and its requirements to ensure that this 40-year old statutory
framework remains relevant in today's world. The OCC also participates
in several interagency groups, including the Bank Secrecy Act Advisory
Group (BSAAG); \4\ the newly formed BSAAG Delta Team; \5\ the FFIEC BSA
Working Group; \6\ and the National Interagency Bank Fraud Working
Group. \7\
---------------------------------------------------------------------------
\4\ The BSAAG is chaired by FinCEN and is composed of policy,
legal, and operations representatives from the major Federal and State
law enforcement and regulatory agencies involved in the fight against
money laundering, as well as industry representatives.
\5\ The BSAAG Delta Team is cochaired by FinCEN and an industry
representative. The purpose of the BSAAG Delta Team is for industry,
regulators, and law enforcement to come together and examine the
variance between compliance risks and illicit financing risks. The goal
is to reduce the variance between the two and build a smarter, more
effective, and more cost efficient regulatory framework.
\6\ The FFIEC BSA Working Group, similar to the FFIEC itself, has
a rotating chair and is composed of representatives of Federal and
State regulatory agencies.
\7\ The National Interagency Bank Fraud Working Group is chaired
by the Department of Justice, and composed of representatives of the
Federal law enforcement and regulatory agencies (the OCC has been an
active member of this group since its founding in 1984).
---------------------------------------------------------------------------
The OCC works closely with the U.S. Treasury's Office of Terrorism
and Financial Intelligence (TFI), FinCEN, and OFAC to promote the
implementation of sound international anti-money laundering and
counterterrorist financing (AML/CFT) standards. In addition, the OCC
annually hosts two AML schools to train our foreign counterparts, and
we are active participants in the U.S. delegation to the Financial
Action Task Force (FATF) that is led by TFI. We have participated in
various State and Treasury Department missions to assist foreign
Governments in their anti-money laundering efforts.
The OCC has a long history of cooperation with law enforcement and
we work closely with law enforcement agencies when there are ongoing
parallel investigations involving a national bank or thrift by
providing documents, information, and expertise that is relevant to a
potential criminal violation. As described in the Appendices to this
testimony, OCC examination findings have been instrumental in
developing some of the most significant BSA/AML cases, and have
resulted in criminal charges and convictions of bank officials.
IV. OCC's BSA/AML Supervisory and Enforcement Process
Effective bank supervision requires clear communications between
the OCC and the bank's senior management and board of directors. In
most cases, problems in the BSA/AML area, as well as in other areas,
are corrected by bringing the problem to the attention of bank
management and obtaining management's commitment to take corrective
action. A Report of Examination, or Supervisory Letter (used for large
or midsize banks), documents the OCC's findings and conclusions with
respect to our supervisory review. Once problems or weaknesses are
identified and communicated to the bank, the bank's senior management
and board of directors are expected to promptly correct them. The
actions that a bank takes, or agrees to take, to correct deficiencies
are important factors in determining whether more forceful action is
needed.
Enforcement Remedies and Process
OCC enforcement actions fall into two broad categories: informal
and formal. In general, informal actions are used when the identified
problems are of limited scope and magnitude and bank management is
regarded as committed to and capable of correcting them. Informal
actions include safety and soundness plans, commitment letters,
memoranda of understanding and matters requiring board attention in
examination reports. These generally are not public actions.
The OCC also uses a variety of formal enforcement actions to
support its supervisory objectives. Unlike most informal actions,
formal enforcement actions are authorized by statute, are generally
more severe, and are disclosed to the public. Formal actions against a
bank include C&D orders, formal written agreements, safety and
soundness orders, and civil money penalties (CMPs). C&D orders and
formal agreements may be entered into consensually by the OCC and the
bank and require the bank to take certain actions to correct identified
deficiencies. The OCC also may take formal action against officers,
directors, and other individuals associated with an institution
(institution-affiliated parties or IAPs). Possible actions against
institution-affiliated parties include removal and prohibition from the
banking industry, CMPs, and personal C&D orders.
As previously mentioned, when deficiencies in the BSA/AML area rise
to the level of a BSA compliance program violation (12 CFR ��21.21 or
163.177), or when a bank fails to correct problems with the program
that had been previously reported to the bank, we are required under 12
U.S.C. �1818(s) to use our C&D authority to correct the problem. The
OCC worked with the other Federal banking agencies to develop and issue
an interagency policy on citing BSA compliance program violations and
taking enforcement actions, and our enforcement decisions are framed by
that policy. The Interagency Statement on Enforcement of BSA/AML
Requirements (Interagency Statement) was issued in 2007 and it sets
forth the agencies' policy on the circumstances in which an agency will
issue a C&D order to address noncompliance with certain BSA/AML
requirements, particularly in light of the statutory mandate in Section
1818(s). The Interagency Statement provides that a compliance program
violation occurs where either of the following conditions exists:
The bank fails to adopt or implement a written BSA compliance
program that adequately covers the required program elements:
(1) internal controls (including customer due diligence,
procedures for monitoring suspicious activity or appropriate
risk assessment); (2) independent testing; (3) designated
compliance personnel; and (4) training; or
The bank has defects in its BSA compliance program in one or
more program elements indicating that either the written
program or its implementation is not effective. For example,
program deficiencies indicate ineffectiveness where the
deficiencies are coupled with other aggravating factors such as
evidence of: (i) highly suspicious activity creating a
significant potential for unreported money laundering or
terrorist financing; (ii) patterns of structuring to evade
reporting requirements; (iii) significant insider complicity;
or (iv) systemic failures to file currency transaction reports,
suspicious activity reports, or other required BSA reports.
A program violation may occur where customer due diligence,
monitoring of suspicious activity, risk assessment, or other internal
controls fail with respect to a ``high risk area,'' or to ``multiple
lines of business that significantly impact the bank's overall BSA
compliance.'' The agency will also consider the application of the
bank's program across its business lines and activities. In the case of
banks with multiple lines of business, deficiencies affecting only some
lines of business or activities would need to be evaluated to determine
if the deficiencies are so severe or significant in scope as to result
in a conclusion that the bank has not implemented an effective overall
program.
The Interagency Statement also specifically addresses repeat
problems for purposes of the statutory mandate for a C&D order in 12
U.S.C. �1818(s). It provides that in order to be considered a
``problem'' within the meaning of section 1818(s), the deficiency
reported to the institution would ordinarily involve a serious defect
in one or more of the required components of the institution's BSA
compliance program or implementation thereof. In addition, it sometimes
takes a considerable period of time to correct BSA/AML deficiencies
especially when large institutions merge system platforms and
information technology changes are required. As a result, with regard
to repeat problems, the Interagency Statement provides that a C&D is
not required if the agency determines that the institution has made
``acceptable substantial progress'' toward correcting the problem at
the time of the examination immediately following the examination where
the problem was first identified and reported to the institution.
To ensure that the OCC's process for taking administrative
enforcement actions based on BSA violations is measured, fair, and
fully informed, in 2005, the OCC adopted a process for taking
administrative enforcement actions against banks based on BSA
violations, including situations where a bank fails to correct a
problem that was previously brought to its attention. This process
includes the following stages:
1. Preliminary assessment of the facts and discussion with bank
management.
2. Additional reviews by cross-functional review groups, including
the OCC's Large Bank Review Team.
3. Written findings provided to the bank and an opportunity for the
bank to respond.
4. Major Matters Supervision Review Committee or Washington
Supervision Review Committee review. \8\
---------------------------------------------------------------------------
\8\ The MMSRC was established by the Comptroller late last year to
further strengthen and enhance the review process for significant
enforcement cases, including large bank BSA/AML cases, to include the
most senior staff within the OCC. The MMSRC is chaired by the OCC's
Senior Deputy Comptroller for Bank Supervision Policy and Chief
National Bank Examiner, and includes the Chief of Staff, the Senior
Deputy Comptrollers for Midsize and Community Bank and Large Bank
Supervision, as well as the Chief Counsel. The MMSRC reviews all large
bank enforcement actions that include articles addressing BSA, all BSA
CMPs involving large banks and all prohibitions/removals against
individuals for violations of the BSA. The Washington Supervision
Review Committee (WSRC) continues to review BSA enforcement actions
proposed by the OCC to be taken against midsize and community banks.
5. Final decision by the MMSRC or an appropriate Senior Deputy
---------------------------------------------------------------------------
Comptroller.
Recent Enforcement Actions
Since September 11, 2001, the OCC has issued over 195 public formal
enforcement actions based in whole, or in part, on BSA/AML violations
(including formal agreements, C&D orders, and CMP actions). Some of the
more significant recent cases were actions against Wachovia Bank, N.A.,
HSBC Bank USA, N.A., Citibank, N.A., and JPMorgan Chase, N.A. A brief
description of these actions is set forth in Appendix A to this
testimony. Each of these cases have been discussed extensively at
public forums and they underscore the OCC's commitment to ensuring that
all national banks and Federal savings associations have a strong BSA/
AML function that keeps pace with changing technologies and threats.
The OCC has also brought enforcement actions against responsible
individuals for BSA/AML violations, and OCC examination findings have
been instrumental in bringing successful criminal actions against bank
insiders, including a Vice-President of Riggs Bank and the Chairman of
the Board of Directors of Broadway National Bank. Some of the more
significant BSA/AML cases involving bank insiders are discussed in
Appendix B to this testimony. In addition, the OCC's Enforcement and
Compliance Division has also brought countless actions against bank
insiders for insider fraud and abuse over the years. While establishing
the culpability of individuals in cases of institutional failures such
as BSA compliance program breakdowns can be challenging, the OCC is
committed to taking such actions where they can be supported. To this
end, the OCC conducts a review of individual misconduct as part of all
significant investigations into BSA noncompliance. As further described
below, the OCC is exploring possible regulatory changes that would
enhance its ability to take removal and prohibition actions in
appropriate cases.
V. Actions Undertaken To Improve BSA/AML Supervision and Enforcement
The OCC is committed to rigorous supervision, strong enforcement,
and continuous improvement to our supervisory approach to BSA/AML
compliance. While the OCC has made substantial progress in improving
its supervision in the BSA/AML area, we recognize that there remains
work to be done, and that BSA/AML supervision can never be static. We
are committed to ongoing evaluation of our approaches to BSA/AML
compliance and to appropriate revisions to our approach in light of
technological developments, and the increasing sophistication of money
launderers and terrorist financiers, as well as to address aspects of
the process where shortcomings were evidenced. To this point, we have
recently made, or are in the process of making a number of enhancements
to our supervisory processes which are described below:
We have established a MMSRC comprised of the most senior
level staff within the OCC to review high profile and complex
BSA/AML enforcement matters;
We no longer reflect BSA/AML findings in the FFIEC consumer
compliance rating, rather, we fully consider BSA/AML findings
in a safety and soundness context as part of the management or
``M'' component of a bank's CAMELS rating;
We are clarifying the operation of our BSA Large Bank
Review Team to ensure we bring different perspectives to bear
and react more quickly when a bank has multiple matters
requiring attention (MRAs), or apparent violations of its BSA/
AML program;
We have provided more flexibility for citing BSA/AML
violations for individual ``pillar'' violations (i.e., internal
controls, BSA officer, testing, and training) and will be
issuing additional guidance to the examination staff shortly;
We are in the process of identifying steps we can take in
our examinations to obtain a holistic view of a bank's BSA/AML
compliance more promptly;
We have implemented an internal bank supervision appeals
program that supports the open discussion of concerns,
reinforces our expectations that examiners and other
supervisory staff should identify potential problems they see
at the banks and thrifts we regulate, and provides the
opportunity to escalate those issues when necessary;
We are reviewing the manner in which MRAs are reported to
ensure that banks with high numbers of MRAs in one particular
CAMELS/ITCC area are receiving additional supervisory attention
and, in the case of BSA/AML, consideration of formal
enforcement action; and
We are annually updating the OCC's community bank MLR
System and considering whether similar tools should be
implemented in our large bank and midsize bank portfolios. \9\
---------------------------------------------------------------------------
\9\ The OCC recently requested Office of Management and Budget
(OMB) approval and invited public comment for this additional MLR data
collection. See Office of the Comptroller of the Currency; Agency
Information Collection Activities; Submission for OMB Review; Comment
Request; Bank Secrecy Act/Money Laundering Risk Assessment, 77 FR 70544
(Nov. 26, 2012). An additional 30-day request for OMB approval and
comment letter will be published in the Federal Register that will
provide a summary of the comments received.
The OCC has also made, or is considering making, the following
changes in the areas of corporate governance, enterprise-wide
compliance, and removal and prohibition authority. In addition, there
is one possible regulatory change that we believe should be considered,
and the OCC supports two legislative changes in the BSA/AML area. Each
is discussed below:
Corporate Governance
A number of recent BSA/AML enforcement actions involving large
complex banking organizations have highlighted the need for strong
internal controls and corporate governance. \10\ To address this,
recent OCC enforcement actions have included the following
requirements:
---------------------------------------------------------------------------
\10\ See, e.g., In the Matter of JPMorgan Chase Bank, N.A.,
Columbus, Ohio, OCC 2013-002 AA-EC-13-04, Art. IV, p. 8 (Jan. 14,
2013); In the Matter of Citibank, N.A., Sioux Falls, South Dakota, OCC
2012-52 AA-EC-12-18, Art. IV, p. 7. (April 4, 2012)); In the Matter of
HSBC Bank USA, N.A., Mclean, VA, OCC 2010-199 AA-EC-10-98, Art. VI, p.
10 (Sept. 24, 2010); In the Matter of Wachovia Bank, National
Association, Charlotte, NC, OCC 2010-37 AA-EC-10-17, Art. II, p. 5.
(Mar. 12, 2010).
1. A designated BSA Officer with sufficient knowledge, funding,
authority, independence, compensation, and supporting staff to
perform his or her assigned responsibilities and maintain
effective compliance with the BSA and its implementing
---------------------------------------------------------------------------
regulations;
2. An effective governance structure to allow the BSA Officer and
the compliance function to administer the program independently
by reporting directly to the board of directors, or a committee
thereof, with clear lines of responsibility beginning with
senior management and including each line of business that is
required to comply with the BSA;
3. Clearly defined channels for informing the board of directors, or
a committee thereof, and senior management, of compliance
initiatives, compliance risks, new product development,
identified compliance deficiencies, and corrective actions
undertaken;
4. Compliance staff with the appropriate level of authority and
independence to implement the BSA/AML compliance program and,
as needed, question account relationships, new products and
services and business plans;
5. Policies and procedures that clearly outline the BSA/AML
responsibilities of senior management and relevant business
line employees, and that hold senior management and line of
business management accountable for effectively implementing
bank policies and procedures, and fulfilling BSA/AML
obligations;
6. A well-defined succession plan for ensuring the program's
continuity despite changes in management, staffing, or
structure, and policies and procedures to ensure that problems
with excessive turnover of compliance staff or the BSA Officer
function are identified, investigated, and appropriately
addressed by the board;
7. Policies and procedures to ensure that the bank's risk profile is
periodically updated to reflect higher risk banking operations
(products, services, customers, entities, and geographic
locations) and new products and services;
8. An enterprise-wide management information system that provides
reports and feedback that enables management to more
effectively identify, monitor, and manage the organization's
BSA risk on a timely basis; and
9. A strong BSA/AML audit function that ensures that identified
deficiencies are promptly addressed and corrected.
The OCC is in the process of drafting detailed guidance to banks on
sound corporate governance processes that will incorporate many of
these concepts, including business line accountability for BSA/AML
compliance and the independence of the compliance function.
Enterprise-wide Compliance and Limitations on Activities
Recent OCC enforcement actions have contained articles that address
enterprise-wide compliance to ensure that the banking company's global
AML program is commensurate with the risks and that all relevant
affiliated institutions are included in the global risk assessment.
Although current BSA/AML automated monitoring systems do not have the
capability to ensure enterprise-wide monitoring on a real time global
basis, the OCC expects banks to have strong customer due diligence
processes and understand the extent that a particular customer may have
accounts or transactions flowing through other segments of the
organization. The OCC also expects that the extent and scope of this
activity should be periodically reviewed on a risk basis by the bank's
compliance staff and included within the audit.
Recent enforcement actions have also contained provisions that
limited or restricted a bank's products and services due to inadequate
BSA/AML controls with respect to those products and services. \11\ In
some cases, banks ceased engaging in a particular line of business as a
result of the OCC examination (e.g., correspondent banking or bulk cash
repatriation) and the OCC article required OCC approval should the bank
decide to restart that particular line of business or service. In other
cases, the OCC affirmatively took action to restrict certain high-risk
lines of business or reduce the risk profile of the institution. \12\
This authority is similar to civil injunctive relief to limit bank
activities for a period. The OCC will continue to use this C&D
authority when warranted.
---------------------------------------------------------------------------
\11\ See, e.g., In the Matter of JPMorgan Chase Bank, N.A.,
Columbus, Ohio, OCC 2013-002 AA-EC-13-04, Art. XI, p. 22 (Jan. 14,
2013); In the Matter of Citibank, N.A., Sioux Falls, South Dakota, OCC
2012-52 AA-EC-12-18, Art. VIII and XI, pp. 15, 21 (April 4, 2012); In
the Matter of HSBC Bank USA, N.A., Mclean, VA, OCC 2010-199 AA-EC-10-
98, Art. XII, p. 17 (Sept. 24, 2010); In the Matter of Wachovia Bank,
National Association, Charlotte, NC, OCC 2010-37 AA-EC-10-17, Art. IX,
p. 13. (Mar. 12, 2010); In the Matter of Arab Bank, PLC, New York, NY,
OCC 2005-14 AA-EC-05-12, Art. III and IV, pp. 4, 9 (Feb. 24, 2005).
\12\ In the Matter of Arab Bank, PLC, New York, NY, OCC 2005-14
AA-EC-05-12, Art. VII, p. 15 (Feb. 24, 2005)(Federal branch conversion
to an agency).
---------------------------------------------------------------------------
Removal and Prohibition Authority
As previously noted, the OCC has the statutory authority to issue
an order of removal and prohibition from office against an IAP of a
bank whenever the OCC determines that the IAP has committed a violation
of the BSA and such violation was not inadvertent or unintentional, or
the insider has knowledge that an IAP has violated any provision of the
BSA. 12 U.S.C. �1818(e)(2)(A)(ii). In addition, the OCC may remove an
officer or director of a bank who has knowledge that an IAP of the bank
has violated any provision of the BSA, taking into account whether the
officer or director took appropriate action to stop, or to prevent the
recurrence of the violation. 12 U.S.C. �1818(e)(2)(A)(ii) and (B). The
OCC is currently reviewing these provisions and exploring whether a
regulation or other agency issuance interpreting these sections of the
statute would be helpful in bringing such actions and providing notice
to the industry regarding the type of conduct or wrongdoing that is
subject to a removal or prohibition action.
Enhanced Information Sharing
Financial intelligence, criminal typologies, and information
sharing between Government agencies, regulators, and financial
institutions is essential to the prevention and deterrence of money
laundering and other financial crimes. In particular, financial
institutions can benefit from improved and consistent access to
information concerning money laundering and terrorist financing schemes
and typologies, vulnerabilities, and red flags to ensure that they can
appropriately manage their risks. Such information is also valuable to
examiners in preparing for and performing examinations. In addition,
active knowledge sharing processes will discourage situations described
as a possible ``commodification'' of BSA reporting by banks that
focuses on the quantity, rather than the quality or actual risk
associated with a transaction, including with respect to SAR filings.
To this end, the OCC supports efforts to enhance information
sharing, including the provision of information from the Government to
financial institutions. The OCC is interested in exploring all possible
methods and means of accomplishing this, including changes in the way
that communication channels established to implement section 314(a) of
the USA PATRIOT Act are presently used.
Possible Legislative Changes--Expansion and Clarification of Safe
Harbors
The OCC recognizes the importance of ensuring that the agencies'
enforcement authorities remain current and relevant in this area. We
think there are opportunities to modify existing BSA safe harbors to
encourage institutions to share information without incurring
liability, and to file SARs without running the risk that the bank will
be exposed to litigation for simply complying with Federal law. The OCC
would support legislation to expand the information sharing safe
harbors in Section 314(b) of the USA PATRIOT Act beyond money
laundering and terrorist financing, and to eliminate or modify the
notice requirement to FinCEN, which may be limiting the ability of
financial institutions to share information. The OCC would also
strongly support legislation that clarifies that the safe harbor from
liability for filing SARs is absolute and there is no good faith
requirement.
VI. Conclusion
The OCC is committed to rigorous BSA/AML and OFAC supervision,
strong enforcement, and continuing improvement in our supervision in
this important area. While there are many challenges in this area, we
will continue to work with Congress, the other financial institutions
regulatory agencies, law enforcement agencies, and the banking industry
to develop and implement a coordinated and comprehensive response to
the threat posed to the Nation's financial system by money launderers,
terrorist financiers, and criminal organizations.
Appendix A
Notable OCC BSA/AML Enforcement Actions Against Banks
Wachovia Bank, N.A., Charlotte, North Carolina (Wachovia)--In March
2010, the OCC assessed a $50 million penalty and issued a C&D order
against this bank for violations of the BSA as part of a coordinated
action with the Department of Justice (DOJ), FinCEN, and other Federal
agencies. Wachovia also entered into a deferred prosecution agreement
with the U.S. Attorney's Office in the Southern District of Florida and
the DOJ Asset Forfeiture and Money Laundering Section (AFMLS) and
agreed to a $110 million forfeiture to the U.S. Government.
Additionally, FinCEN assessed a $110 million civil money penalty that
was deemed satisfied by the forfeiture. The OCC's enforcement action
focused attention on the bulk cash repatriation money-laundering
scheme. The OCC played a lead role in this case and linked remote cash
letter instrument processing to the bulk cash scheme. Because of the
Wachovia investigation and findings, the OCC took the lead in
integrating bulk cash processing and the RDC implications into the
Manual and commenced horizontal reviews of bulk cash activity and RDC
at all national banks in the OCC's Large Bank supervision program,
including HSBC's banknote activity. There were also significant
corporate governance issues identified at Wachovia that prompted the
OCC to include several corporate governance provisions in the C&D
order.
Shortly after the Wachovia case, the Government of Mexico
implemented significant restrictions on U.S. dollar transactions at
Mexican financial institutions and made significant changes to its AML
laws and regulatory processes. In response, the drug cartels have
adjusted their money-laundering schemes and techniques to adapt to this
change, and the OCC continues to work with law enforcement to identify
new areas of vulnerability.
HSBC Bank USA, N.A., Mclean, VA (HSBC)--In October 2010, the OCC
issued a C&D order against HSBC for compliance program and BSA
violations. This was followed in December 2012 with a $500 million
penalty against the bank--the largest penalty the OCC, or any other
Federal banking agency, has ever assessed. In addition, the DOJ entered
into a deferred prosecution agreement with the bank, which admitted to
criminal violations of the BSA. The DOJ imposed a $1.256 billion
forfeiture action against the bank and HSBC Holdings plc (London) (HSBC
Group); and the Federal Reserve assessed a $160 million penalty against
the bank's parent company, HSBC North American Holdings Inc. (HNAH),
and HSBC Group. The assessed penalties and forfeiture amounts totaled
$1.92 billion. FinCEN, the New York County District Attorney's Office,
and OFAC also assessed penalties that were satisfied by the monetary
sanctions levied by the OCC and DOJ. Additionally, the Financial
Services Authority in the United Kingdom entered into an agreement with
HSBC Group to enhance its BSA/AML compliance and will assist the DOJ
and the Federal Reserve in monitoring HSBC Group's compliance with the
deferred prosecution agreement and the Federal Reserve's order.
In mid-2009, because of the bulk cash findings in the Wachovia
investigation, the OCC launched horizontal examinations of banknote
operations in other large national banks supervised by the OCC that
included HSBC and its transactions with HSBC Mexico. After meeting with
law enforcement and obtaining additional information on this activity,
the OCC developed a detailed action plan to expand the scope of the
ongoing examination of banknote customers. As a part of the
examination, the OCC notified the bank in March 2010 that it had
violated OCC regulations due to a significant backlog of unprocessed
alerts. The bank's compliance program and its implementation were found
to be ineffective and the OCC issued a C&D order against the bank in
October 2010. \13\ Concurrent with the OCC's enforcement action, the
Federal Reserve issued a C&D order upon consent with HNAH to ensure the
adequacy of the parent company's firm-wide compliance risk management
program. The OCC and the Federal Reserve coordinated closely in
drafting the respective orders. The OCC's C&D order required the bank
to submit a comprehensive BSA/AML action plan to achieve full
compliance, ensure that the bank has sufficient processes, personnel,
and control systems to implement and adhere to the order. The order
also contains restrictions on growth, new products, and high-risk lines
of business, and it requires OCC approval to reenter the bulk cash
repatriation business.
---------------------------------------------------------------------------
\13\ Some of the critical deficiencies in the Bank's BSA/AML
compliance program cited in the OCC's order included the following: (i)
lack of effective monitoring of wire activity; (ii) failure to perform
any BSA/AML monitoring for banknote (or ``bulk cash'') transactions
with Group Entities (affiliates) or maintain customer due diligence
information on Group Entities; and (iii) serious weaknesses in Bank's
systems and controls constituting violations of 12 CFR 21.21 (program),
21.11 (SAR), and 31 CFR 103.176 (correspondent banking).
---------------------------------------------------------------------------
Citibank, N.A., Sioux Falls, South Dakota (Citibank)--In April
2012, the OCC entered into a C&D order with Citibank, N.A., to address
BSA deficiencies involving internal controls, customer due diligence,
audit, monitoring of its RDC and international cash letter instrument
processing in connection with foreign correspondent banking, and
suspicious activity reporting relating to that monitoring. These
findings resulted in violations by the bank of statutory and regulatory
requirements to maintain an adequate BSA compliance program, file SARs,
and conduct appropriate due diligence on foreign correspondent
accounts. Among its requirements, the order directs the bank to: (i)
ensure the independence of the bank's compliance staff; (ii) require
new products and services be subject to high level compliance review;
(iii) ensure that all customer due diligence processes are automated
and accessible; and (iv) conduct a look back review of the RDC cash
letter activity.
JPMC Bank, N.A., Columbus, Ohio (JPMC)--In January 2013, the OCC
entered into a C&D order with JPMC Bank, N.A., and two of its
affiliates, to address deficiencies involving internal controls,
independent testing, customer due diligence, risk assessment, and SAR
processes (monitoring, investigating and decision making). The bank
also did not have enterprise-wide policies and procedures to ensure
that foreign branch suspicious activity involving customers of other
bank branches is effectively communicated to other affected branch
locations and applicable anti-money laundering operations staff.
Additionally, the bank did not have enterprise-wide policies and
procedures to ensure that, on a risk basis, customer transactions at
foreign branch locations can be assessed, aggregated, and monitored.
OFAC deficiencies were also identified. These findings resulted in
violations by the bank of statutory and regulatory requirements to
maintain an adequate BSA compliance program, file SARs, and conduct
appropriate due diligence on foreign correspondent accounts. Among its
requirements, the consent order directs the bank to: (i) ensure the
independence of the bank's compliance staff; (ii) ensure that there are
clear lines of authority and responsibility for BSA/AML and OFAC
compliance with respect to lines of business and corporate functions;
(iii) require new products and services be subject to high level
compliance review; (iii) ensure that all customer due diligence
processes are automated and accessible; and (iv) conduct a look back
review of certain account/transaction activity and SAR filings.
Appendix B
Notable OCC BSA/AML Enforcement Actions Against IAPs
Jefferson National Bank, Watertown, New York (Jefferson)--During
the examination of this bank, the OCC learned from the Federal Reserve
Bank of New York that the bank was engaging in cash transactions that
were not commensurate with its size. OCC examiners subsequently
discovered that several bank customers were depositing large amounts of
cash that did not appear to be supported by the purported underlying
business, with the funds being wired offshore. The OCC filed reports
with law enforcement pertaining to this cash activity and insider abuse
and fraud at the bank. The OCC also briefed several domestic and
Canadian law enforcement agencies alerting them to the significant sums
of money flowing through these accounts at the bank. Additionally, the
OCC brought a removal action against a director and issued a personal
C&D order against the President. Based upon this information, law
enforcement commenced an investigation of these large deposits. The
investigation resulted in one of the most successful money-laundering
prosecutions in U.S. Government history. The significant sums of money
flowing through the bank were derived from cigarette and liquor
smuggling through the Akwesasne Indian Reservation in northern New
York. The ring smuggled $687 million worth of tobacco and alcohol into
Canada between 1991 and 1997. The case resulted in 21 indictments that
also sought the recovery of assets totaling $557 million. It also
resulted in the December 1999 guilty plea by a subsidiary of R.J.
Reynolds Tobacco Company and the payment of a $15 million criminal
fine. Seven bank officers and directors were ultimately convicted of
crimes.
Broadway National Bank, New York, New York (Broadway)--The OCC
received a tip from law enforcement that this bank may be involved in
money laundering. The OCC immediately opened an examination that
identified a number of accounts at the bank that were either being used
to structure transactions, or were receiving large amounts of cash with
wire transfers to countries known as money laundering and drug havens.
Shortly thereafter, the OCC issued a C&D order that shut down the money
laundering and required the bank to adopt stringent controls. The OCC
also initiated prohibition and CMP cases against bank insiders. In
referring the matter to law enforcement, we provided relevant
information including the timing of deposits that enabled law
enforcement to seize approximately $4 million and arrest a dozen
individuals involved in this scheme, and the former Chairman of the
Board of the bank pled guilty to structuring transactions through the
bank using an import/export company that he owned. The subsequent OCC
investigation resulted in the filing of additional SARs, the seizure of
approximately $2.6 million in additional funds, more arrests by law
enforcement, and a referral by the OCC to FinCEN. In November 2002, the
bank pled guilty to a three-count felony information that charged it
with failing to maintain an AML program, failing to report
approximately $123 million in suspicious bulk cash and structured cash
deposits, and aiding and assisting customers to structure approximately
$76 million in transactions to avoid the CTR requirements. The bank was
required to pay a $4 million criminal fine. In 2003, the OCC assessed
civil money penalties against the former President and the former Chief
Executive Officer.
Riggs Bank, N.A., Washington, DC (Riggs)--In April 2002, the OCC
conducted a review of Riggs' International Private Banking Department
and discovered that the bank had established personal and private
investment company accounts for deposed Chilean dictator Augusto
Pinochet. The OCC review and subsequent investigation revealed that,
among other things, the Pinochets and their private investment
companies received approximately $1.9 million in funds. Shortly after
these issues were discovered, the OCC brought the Pinochet accounts to
the attention of the DOJ and the Department of the Treasury, conducted
additional examination work and issued a C&D order against the Bank in
July 2003. The OCC also discovered that the bank's vice president and
relationship manager for these accounts had signature authority over
two accounts within the relationship, failed to follow bank SAR
processes concerning suspicious transactions on a timely basis, and did
not properly monitor the accounts as high-risk accounts. The OCC
reported these findings to law enforcement and the relationship manager
and his wife were ultimately convicted of bank fraud and money
laundering. As a result of the conviction, the OCC issued a notice to
the relationship manager advising him that he was prohibited from
banking under 12 U.S.C. �1829. The OCC also assessed a $25 million CMP
against the bank, as did FinCEN (FinCEN's penalty was satisfied by a
single $25 million payment to the Department of the Treasury). The bank
also pled guilty to one felony count of failure to file suspicious
activity reports and agreed to pay a $16 million criminal penalty.
Pacific Bank, N.A., Miami, Florida (Pacific)--In March 2011, the
OCC and FinCEN assessed $7 million civil money penalties against
Pacific National Bank, Miami, Florida, for violations of the BSA as
part of a coordinated action. The OCC conducted two examinations of the
Bank in 2009 and 2010 and determined that the Bank: (i) continued to be
in noncompliance with an OCC C&D Order that was issued in December 2005
and which contained specific articles requiring enhancement to the
bank's BSA compliance program, and (ii) continued to violate the
requirements of the BSA and OCC regulations. The OCC shared its
examination findings with FinCEN and issued a revised C&D Order against
the Bank on December 15, 2010. In March 2011, the OCC issued civil
money penalties against four Pacific National Bank board members and
the bank's former CEO. The penalties were assessed for the failure of
these responsible directors and officers to take the necessary actions
to ensure the bank's compliance with the C&D order issued by the OCC in
2005.
Security Bank, N.A., North Lauderdale, Florida (Security)--In
August 2010 the OCC initiated an investigation into the affairs of this
bank after issuing a C&D order against the bank in May 2010. The Order
related to safety and soundness concerns as well as BSA deficiencies,
including a violation of the compliance program regulation and the SAR
regulation. The investigation revealed that, among other things, former
officers and directors of the bank failed to ensure that the bank
complied with BSA/AML requirements and failed to comply with the C&D
order issued by the OCC. In addition, the former Chief Executive
Officer played a significant role in bringing high-risk business to the
bank starting in 2007 even though he knew or should have known that the
bank was ill equipped to monitor and control such accounts. In January
2013, the OCC assessed civil money penalties and personal C&D orders
against five former directors and officers of the bank, including the
former CEO. The personal C&D orders addressed, among other things, the
Bank's BSA deficiencies, and required each respondent to: (i) fully
comply with all laws, regulations and policies applicable to any
insured depository institution which employs him; (ii) exercise safe
and sound banking practices; (iii) observe fiduciary duties of loyalty
and care; (iv) adhere to written policies and procedures of any insured
depository institution to which he may become affiliated; (v) obtain
appropriate BSA/AML training; and (vi) provide appropriate BSA/AML
training for bank officers and directors within his supervision and
control.
______
PREPARED STATEMENT OF JEROME H. POWELL
Member, Board of Governors of the Federal Reserve System
March 7, 2013
Chairman Johnson, Ranking Member Crapo, and other Members of the
Committee, thank you for inviting me to discuss the important role the
Federal Reserve plays in the U.S. Government's effort to combat money
laundering and terrorist financing. I will begin by describing our
efforts to ensure banking industry compliance with the requirements of
the Bank Secrecy Act (BSA) and the economic sanctions authorized by the
President and Congress. I will also highlight some of the important
actions we have taken to enforce the law and to promote safe and sound
practices in this area.
Background
Congress enacted the BSA in 1970 to help safeguard the U.S.
financial system and our financial institutions from the abuses of
financial crime, and has revised and strengthened the act many times
since. The Federal Reserve has issued regulations to implement the BSA,
including regulations that require the institutions we supervise to
establish a BSA compliance program, and has integrated BSA examinations
into our supervisory program. The Federal Reserve also works closely
with Treasury's Financial Crimes Enforcement Network (FinCEN) to ensure
that the institutions we supervise provide law enforcement with the
reports prosecutors need to investigate suspicious activity.
The particular steps a banking organization must take to develop a
BSA compliance program have been documented extensively. The foundation
for such a program begins with a well-developed and documented risk
assessment that identifies and limits the risk exposures of the banking
organization's products, services, customers, and geographic locations.
Monitoring systems should be in place to identify and report suspicious
activity, in particular any account or transaction activity that is not
consistent with the bank's expectations. These systems should be
accompanied by a strong training program to ensure that personnel,
including those in offshore offices, are familiar with U.S. regulatory
requirements and bank policies. The BSA compliance program should be
reviewed by management, subjected to periodic independent tests that
measure whether the program is functioning properly, and improved as
needed. Finally, a qualified bank officer should be given sufficient
authority to ensure that regulatory requirements and bank policies are
being followed on a day-to-day basis.
Banking organizations are also expected to maintain a program for
ensuring compliance with U.S. economic sanctions administered by the
Treasury's Office of Foreign Assets Control (OFAC). The OFAC program
should identify higher-risk areas within a bank's operations, and
implement appropriate internal controls for screening and reporting
prohibited transactions. Banks are expected to perform independent
testing for compliance, designate a bank employee or employees that are
specifically responsible for OFAC compliance, and create training
programs for appropriate personnel in all relevant areas of the bank. A
bank's OFAC compliance program should be commensurate with its
activities and its risk profile.
The Supervisory Process
The Federal Reserve conducts a BSA and OFAC compliance program
review as part of its regular safety-and-soundness examination program
for the approximately 1,060 State-member banks; State chartered
branches and agencies of foreign banking organizations; and Edge Act
and agreement corporations we supervise. The frequency of the on-site
examination is normally every 12 to 18 months, depending upon the
banking organization's condition, asset size, and rating. On average,
we conduct approximately 960 BSA and OFAC reviews each year.
The Federal Reserve's BSA and OFAC reviews are risk-focused. In
other words, supervisors have the flexibility to apply the appropriate
level of scrutiny to higher-risk business lines. To ensure consistency
in the design and execution of our BSA and OFAC examinations, we use
procedures developed jointly with the member agencies of the Federal
Financial Institutions Examination Council (FFIEC), \1\ FinCEN, and
OFAC. The findings of our BSA and OFAC reviews are taken into account
in determining the institution's examination ratings, either as part of
the management component rating for domestic institutions, or as part
of the risk management and compliance component ratings used to
evaluate the U.S. operations of foreign bank branches and agencies we
supervise.
---------------------------------------------------------------------------
\1\ The FFIEC member agencies include the Federal Deposit
Insurance Corporation (FDIC), National Credit Union Administration
(NCUA), Office of the Comptroller of the Currency (OCC), and the
Consumer Financial Protection Bureau (CFPB), as well as the Board of
Governors of the Federal Reserve System.
---------------------------------------------------------------------------
The Federal Reserve reinforces its supervisory program by
conducting targeted examinations of financial institutions that show
signs of being vulnerable to illicit financing. Banks are selected for
such examinations based on, among other things, our analysis of the
institution's payments activity, suspicious activity reports, currency
transaction reports, and law enforcement leads.
The Federal Reserve devotes substantial resources to BSA
compliance. Each Federal Reserve Bank has a BSA specialist and
coordinator on staff, and, since the late 1980s, the Board's Division
of Banking Supervision and Regulation has included an anti-money
laundering section, overseen by a senior official, to help coordinate
these efforts.
Coordination Efforts
Effective implementation and enforcement of the BSA and U.S.
economic sanctions requires the participation of, and coordination
among, several agencies and international groups. Let me be specific
about the steps we are taking to coordinate.
First, to ensure that the banking industry has clear understanding
of regulatory expectations, the Federal Reserve has actively
participated in supervisory forums, such as the FFIEC, which has an
expansive BSA working group that promotes high standards for bank
examinations and compliance. In addition, we participate in the Bank
Secrecy Act Advisory Group, a public-private partnership established
for the purpose of soliciting advice on the administration of the BSA.
The Federal Reserve also joined the U.S. Treasury's Interagency Task
Force on Strengthening and Clarifying the BSA/AML Framework (Task
Force), which includes representatives from the Department of Justice,
OFAC, FinCEN, the Federal banking agencies, the Securities and Exchange
Commission, and the Commodity Futures Trading Commission. The primary
focus of the Task Force is to review the BSA, its implementation, and
its enforcement with respect to U.S. financial institutions that are
subject to these requirements, and to develop recommendations for
ensuring the continued effectiveness of the BSA and efficiency in
agency efforts to monitor compliance.
Second, to make the supervision of internationally active banking
organizations more effective, we are engaged as a member of the U.S.
delegation to the Financial Action Task Force, an international
policymaking and standard-setting body dedicated to combating money
laundering and terrorist financing globally. Further, as a member of
the Basel Committee on Banking Supervision (BCBS), we have been
involved in various efforts to prevent criminal use of the
international banking system. For example, in 2009, as a complement to
BCBS efforts to promote transparency in cross-border payments, the
Federal Reserve issued guidance with other Federal banking agencies
that clarifies U.S. regulatory expectations for U.S. banks engaged in
correspondent banking activities.
Finally, we are working cooperatively with other Federal banking
agencies, State regulators, the Department of Justice, the Department
of Treasury, and foreign regulators to ensure comprehensive enforcement
of the law. We have participated in many of the largest, most complex
enforcement cases in the BSA and U.S. sanctions area. Collectively,
these cases have focused attention on potential misuse of the financial
system for financial crimes, strengthened compliance programs at
banking organizations (both in the U.S. and abroad), and generated
billions of dollars in fines paid to the U.S. Treasury.
Our coordination efforts begin at an early stage in the supervisory
process. For example, the Federal Reserve brings every instance of an
anti-money laundering deficiency or violation to the attention of
FinCEN so that FinCEN may consider assessing a penalty for violations
of the BSA. We also notify OFAC of any apparent, unreported sanctions
violations discovered in the course of an examination, and direct the
banking organization we supervise to provide information directly to
OFAC as required by regulation. In addition, we share information and
coordinate with the Department of Justice, State law enforcement, the
Federal banking agencies, and State regulators, as appropriate, as part
of our enforcement program.
The Enforcement Process
It has been our experience that the majority of institutions
supervised by the Federal Reserve have well-administered and effective
BSA and OFAC compliance programs. Nevertheless, there have been
instances where concerns have been raised by our examiners.
Importantly, the Federal Reserve does not have authority from Congress
to conduct criminal investigations or to prosecute criminal cases. The
decision to prosecute a financial institution for money-laundering
offenses and criminal violations of the BSA and U.S. sanctions laws is
made by the Department of Justice.
Most of these problems are resolved promptly after they are brought
to the attention of a bank's management and directors. In some
instances, problems are of more serious concern and use of the Federal
Reserve's enforcement authority is deemed appropriate. In these cases,
an informal supervisory action may be taken, such as requiring an
institution's board of directors to adopt an appropriate resolution or
executing a memorandum of understanding between an institution and a
Reserve Bank.
In the most serious cases, the Federal Reserve may take a formal
enforcement action against an institution. These actions may include a
written agreement, a cease and desist order, or a civil money penalty.
Congress has also given the Federal Reserve the authority to terminate
the operations of certain entities operating in the U.S. upon the
conviction of a money-laundering offense by the Department of Justice,
and to prohibit insiders who intentionally commit such offenses from
participating in the banking industry. The type of enforcement action
pursued by the Federal Reserve against an institution is directly
related to the severity of the offense, the type of failure that led to
the offense, and management's willingness and ability to implement
corrective action.
In the last 5 years, the Federal Reserve has issued 113 enforcement
actions relating to BSA and OFAC compliance, including 25 public cease
and desist orders and written agreements. Together with these recent
actions, the Federal Reserve has assessed hundreds of millions of
dollars in penalties. The institutions that have been subject to these
actions are large and small, domestic and foreign. In each case, the
Federal Reserve has required the institution to take corrective
measures to ensure their programs are brought into compliance.
Enforcement of U.S. Economic Sanctions
Many of the recent U.S. sanctions cases the Federal Reserve has
pursued involve foreign banks with operations that extend across many
different countries around the world. These cases have attracted
significant attention and involve a particular type of activity worthy
of special attention.
The misconduct in these cases relates primarily to the manner in
which these firms handle cross-border payments. Cross-border payments
can be broadly defined as transactions between banking entities that
are located in different countries, but there are many different
permutations of cross-border payments. For example, cross-border
payments can be carried out as a wire transfer where the originator and
beneficiary are located in different countries; a wire transfer where
the originator and beneficiary are in the same country, but where one
or more correspondents in a second country are used; or as a chain of
wire transfers that has at least one international element. Cross-
border payments typically occur when the originator and beneficiary, or
their banks, are located in different countries or where the currency
used for the payments is not the currency of the country where the
transaction originates. For example, U.S. dollars may be used to make a
payment between parties each located in a different foreign country.
Structurally, there are usually two components to these cross-
border payments: (1) the instructions, which contain information about
the originator and beneficiary of the funds, and (2) the actual funds
transfer. The payment instructions for cross-border payments typically
are sent to an intermediary bank using industry financial
telecommunications systems, such as the Society for Worldwide Interbank
Financial Telecommunication (SWIFT). The actual funds transfer occurs
separately, typically through the domestic funds transfer system of the
originator, via a book transfer of an intermediary with a presence on
both sides of the border, and through the domestic funds transfer
system of the beneficiary.
Foreign banks often operate in jurisdictions that do not impose the
same economic sanctions on foreign customers as the United States.
Transactions involving these sanctioned customers are nonetheless
subject to U.S. law if the transaction is routed through the U.S., as
is typical for transactions conducted in U.S. dollars. Foreign banks
that operate in countries without sanctions similar to those imposed by
the United States have not always had in place the mechanisms to ensure
transactions routed through the U.S. comply with U.S. law. Many of the
Federal Reserve's enforcement activities are directed at remedying
these situations.
One of the Federal Reserve's most important sanctions enforcement
cases involved ABN AMRO. In response to corrective measures the Federal
Reserve imposed on the firm's New York branch in 2004, \2\ which
required the bank to review certain historical transactions, ABN AMRO
discovered numerous payment messages that were sent through its U.S.
branch or a U.S. correspondent in a manner designed to circumvent the
filters used by the U.S. institution to detect transactions involving
sanctioned parties. In particular, the information that identified a
U.S. sanctioned party was omitted from the SWIFT payment sent through
the U.S., while a complementary payment instruction with sanctioned
party information was deliberately routed outside the United States.
The Federal Reserve responded by escalating our enforcement action to a
cease and desist order and imposing a substantial penalty on ABN AMRO.
\3\ The Federal Reserve's order required ABN AMRO to implement a global
compliance program and take specific steps to prevent circumvention of
the required U.S. sanctions filters. We coordinated this action with
other U.S. and foreign regulators, including the home country
supervisor for ABN AMRO.
---------------------------------------------------------------------------
\2\ Board of Governors of the Federal Reserve System (2004),
``Written Agreement With ABN AMRO Bank'', press release, July 26,
www.federalreserve.gov/boarddocs/press/enforcement/2004/20040726/
default.htm.
\3\ Board of Governors of the Federal Reserve System (2005),
``Agencies Release Bank Supervisory and Penalty Actions Against ABN
AMRO Bank, N.V.'', press release, December 19, www.federalreserve.gov/
boarddocs/press/enforcement/2005/20051219/default.htm.
---------------------------------------------------------------------------
The Federal Reserve's enforcement action against ABN AMRO triggered
important changes in cross-border payment practices. The Federal
Reserve played a key role in this debate and in developing the
standards that have since been adopted to improve transparency in
cross-border payment messages--including the standards adopted by the
Basel Committee on Banking Supervision and SWIFT. These standards
require the expanded disclosure of the originator and beneficiary on
payment instructions sent as part of cover payments.
In the years since the ABN AMRO case, the Federal Reserve and other
U.S. authorities have taken action against international banks that had
been engaged in similar evasive misconduct. Most recently, the Federal
Reserve has imposed cease and desist orders on Credit Suisse, Barclays,
Standard Chartered, and HSBC. \4\ In each case, the bank's home country
supervisor has agreed to help monitor compliance with the Federal
Reserve's order. These enforcement cases reflect our continued view
that international banks have an obligation to ensure that they do not
interfere with the ability of U.S. financial institutions to comply
with the sanctions laws.
---------------------------------------------------------------------------
\4\ Board of Governors of the Federal Reserve System (2009),
``Consent Order To Cease and Desist Against Credit Suisse'', press
release, December 16, www.federalreserve.gov/newsevents/press/
enforcement/20091216a.htm; Board of Governors of the Federal Reserve
System (2010), ``Cease and Desist Order Against Barclays Bank and
Barclays Bank New York Branch'', press release, August 18,
www.federalreserve.gov/newsevents/press/enforcement/20100818b.htm;
Board of Governors of the Federal Reserve System (2012), ``Federal
Reserve Board Issues Consent Cease and Desist Order, and Assesses Civil
Money Penalty Against Standard Chartered'', press release, December 10,
www.federalreserve.gov/newsevents/press/enforcement/20121210a.htm; and
Board of Governors of the Federal Reserve System (2012), ``Federal
Reserve Board Issues Consent Cease and Desist Order, and Assesses Civil
Money Penalty Against HSBC Holdings PLC and HSBC North America
Holdings, Inc.'', press release, December 11, www.federalreserve.gov/
newsevents/press/enforcement/20121211b.htm.
---------------------------------------------------------------------------
Enforcement of the Bank Secrecy Act
The Federal Reserve has also taken a number of recent enforcement
actions to require depository institutions to improve their BSA
programs and comply with other anti-money laundering obligations,
including the reporting requirements that exist under the BSA. While
bank holding companies are not statutorily mandated to have the same
program requirements as depository institutions, we have also taken
action against bank holding companies to require them to improve their
oversight of the subsidiary bank's BSA programs and compliance. For
example, in 2010, we issued a cease and desist order against HSBC
requiring the U.S. holding company to improve its oversight of the
compliance program at HSBC's national bank subsidiary. \5\ HSBC's
failure to address our concerns in a timely manner was part of the
reason for imposing a substantial penalty on HSBC and its U.S. holding
company last year. \6\
---------------------------------------------------------------------------
\5\ Board of Governors of the Federal Reserve System (2010),
``Cease and Desist Order Against HSBC North America Holdings'', press
release, October 7, www.federalreserve.gov/newsevents/press/
enforcement/20101007a.htm.
\6\ Board of Governors of the Federal Reserve System (2012),
``Federal Reserve Board Issues Consent Cease and Desist Order, and
Assesses Civil Money Penalty Against HSBC Holdings PLC and HSBC North
America Holdings, Inc.'', press release, December 11,
www.federalreserve.gov/newsevents/press/enforcement/20121211b.htm.
---------------------------------------------------------------------------
The Federal Reserve takes seriously its responsibility to pursue
formal, public action in cases of BSA noncompliance. For example, in
January, the Federal Reserve issued a cease and desist order requiring
JPMorgan Chase to take corrective action to enhance its program for
compliance with the BSA and other anti-money laundering requirements at
the firm's various subsidiaries. \7\ In June 2012, we issued a public
enforcement action against Commerzbank AG and its U.S. branch for its
failure to comply with certain BSA reporting obligations. \8\
---------------------------------------------------------------------------
\7\ Board of Governors of the Federal Reserve System (2013),
``Federal Reserve Board Issues Two Consent Cease and Desist Orders
Against JPMorgan Chase & Co.'', press release, January 14,
www.federalreserve.gov/newsevents/press/enforcement/20130114a.htm.
\8\ Board of Governors of the Federal Reserve System (2012),
``Federal Reserve Board Issues Enforcement Actions With Calvert
Financial Corporation and Mainstreet Bank, Commerzbank AG, First
Security Bank of Malta, Grant Park Bancshares, Inc., and Robertson
Holding Company, L.P.'', press release, June 14,
www.federalreserve.gov/newsevents/press/enforcement/20120614a.htm.
---------------------------------------------------------------------------
Conclusion
The Federal Reserve places great importance on ensuring that the
institutions we supervise comply with the BSA and U.S. economic
sanctions. When we find problems at a supervised institution, we demand
specific corrective measures, by specific dates, and we take strong
enforcement actions when necessary. We will continue these efforts and
work cooperatively with law enforcement and other financial regulators
to ensure a coordinated response to the threat posed by illicit
financing to the U.S. financial system.
Thank you very much for your attention. I would be pleased to
answer any questions you may have.
RESPONSES TO WRITTEN QUESTIONS OF
CHAIRMAN JOHNSON FROM DAVID S. COHEN
Q.1. The major AML-BSA cases discussed at the hearing all
illustrate various forms of breakdown in the bank compliance
systems on which the BSA/AML and economic sanctions rules
depend. Would you favor a requirement that the CEOs of large
banks certify the effectiveness of their BSA/AML/sanctions
compliance systems annually? If not, why not?
A.1. Recent enforcement actions taken against some of the
largest and most sophisticated financial institutions in the
world demonstrate the need for us to take additional steps to
ensure that financial institutions are able to effectively
implement anti-money laundering and countering the financing of
terrorism requirements. Understanding the circumstances of the
failures and preventing their recurrence is a top priority for
me and for Treasury. As such, I recently convened an
interagency group, the AML Task Force, which is comprised of
senior representatives from all the Federal regulatory agencies
with responsibility for combating money laundering, as well as
the Department of Justice. The Task Force is conducting a
comprehensive review of our anti-money laundering (AML)/
countering the financing of terrorism (CFT) framework to assess
its effectiveness with the goal of finding solutions to address
any gaps, redundancies, or inefficiencies, and to ensure that
effective AML/CFT is made a priority within financial
institutions. The Task Force is committed to reviewing all
practical options to improve the effectiveness of our regime,
including a potential annual BSA/AML attestation requirement
for the CEOs of financial institutions, which would be in
addition to the existing Title 12 requirements for boards of
directors to approve AML programs under banking agency rules.
Q.2. I understand that you are not prosecutors, but you are
responsible for oversight of the Nation's largest financial
institutions. Are there reasons that it is especially difficult
to adequately discipline individuals with civil fines, industry
removals, use of injunctions, limits on certain categories of
bank activities, or other sanctions, in connection with
seemingly significant BSA/AML violations?
A.2. Treasury is committed to protecting our financial system
from money laundering, promoting effective compliance with the
law, and minimizing unnecessary burdens on industry. For every
case, we scrupulously review the facts and circumstances of the
violation and determine the appropriate response. I personally
am fully committed to enhancing our enforcement posture to the
full extent of our authorities, including more aggressive
injunctive action with respect to individuals that may involve
barring them from the industry for BSA/AML violations. Although
recent sanctions enforcement cases involving financial
institutions have typically concluded with civil penalties at
the corporate level, individuals can and do face liability
under the International Emergency Economic Powers Act when they
are personally responsible for sanctions violations.
Q.3. How does the seriousness with which foreign Governments
take compliance in this area affect U.S. regulatory efforts and
bank compliance? Why didn't foreign regulators, especially in
the EU, pick up on the correspondent banking and cross-border
problems, and the wire stripping activity, sooner? Are there
other particular areas of concern that you think must be
addressed in your current discussions with foreign regulators?
A.3. Treasury, along with others in the Federal Government,
works closely with international counterparts through a
combination of direct bilateral engagements and international
organizations, such as the Financial Action Task Force, to
strengthen the global AML/CFT framework and promote
implementation and enforcement of effective AML/CFT measures in
all jurisdictions around the world. In every engagement, we
stress with our partners the importance of regulatory
enforcement to our shared security. While it is true that
Europe's diffuse legal and regulatory systems present a
challenge for us and our European partners in building a
unified system for combating global threats, we have made
important progress in highlighting specific weaknesses. In one
example of our specific engagement, we contribute to the Basel
Committee on Banking Supervision's AML/CFT Experts Group that
discusses supervisory issues with respect to AML/CFT, and
communicates publicly about the role of supervisors with
respect to these issues. We remain concerned that international
regulators and legal systems have difficulty addressing
challenges posed by cross border cash movements, clearing
transactions and nonbank financial institutions such as
exchange houses and hawaladars.
Q.4. In the last decade, major new innovative technologies and
products have come onto the market, including prepaid access
cards, mobile phone banking, smart ATM machines and kiosks,
mobile wallets, Internet cloud-based payment processes, and
others--and they are evolving rapidly. While they provide huge
benefits to consumers, they can also pose major AML risks,
including by making it easier to move large amounts of money on
stored value cards. What are you doing to mitigate those risks
now, and what should banks be doing to mitigate those risks on
their own, even as they develop these products?
A.4.We have been closely following the rapidly evolving
technological landscape over the past several years to ensure
that our AML/CFT regulatory system keeps pace with new risks
brought about by new technologies. For example, when we
developed rules for prepaid access products, the objective was
to allow the regulation to evolve in concert with, and
anticipate, technological advancements so that we do not have
to return to Congress to request additional authorities every
time a new technology-driven product enters the prepaid access
marketplace. We also work collectively with our regulatory
counterparts on the Federal Financial Institutions Examination
Council (FFIEC) to ensure evolving technologies are constantly
reviewed and addressed as needed through updates to the FFIEC
Bank Secrecy Act (BSA) exam manual, which is used by bank
examiners and made available as a reference guide to industry.
Moreover, we provide guidance to banks to ensure that they are
appropriately informed of these developments in order to be
vigilant in their compliance obligations. The most recent
example of this is March 2013 guidance issued by the Financial
Crimes Enforcement Network (FinCEN) on the application of
regulations on Virtual Currencies. My office is also helping to
lead work in the Financial Action Task Force on developing and
implementing an international standard that requires both
countries and financial institutions to identify and address
money laundering and terrorist financing risks associated with
new payment methods before the products are launched.
Q.5. A few months ago, you announced that the Government would
be carrying out a multi-agency review of AML policies,
procedures and enforcement, and you described it in detail in
your testimony. Can you outline for the Committee who is
leading this review, your objectives, and the expected work
product? What is the timetable for this work? What's been
accomplished so far? How do you think another review, which to
some might sound much like prior similar Government-industry
reviews, will assist you in tightening enforcement and
improving industry compliance?
A.5. Treasury convened the AML Task Force last fall to take an
in-depth look at the entire anti-money laundering (AML)/
counterterrorist financing (CFT) framework. Along with
Treasury, the AML Task Force is comprised of senior
representatives from each of the regulators with responsibility
for combating money laundering--that is, FinCEN, the Board of
Governors of the Federal Reserve System, the Office of the
Comptroller of the Currency, the Federal Deposit Insurance
Corporation, the National Credit Union Administration, the
Commodity Futures Trading Commission, the Securities and
Exchange Commission, and the Internal Revenue Service, along
with the Justice Department's Criminal Division. Collectively,
we are taking stock of those components of the framework that
are working well and those that require improvement. The goal
is to find solutions to address any gaps, redundancies, or
inefficiencies, and to ensure that effective AML/CFT compliance
is made a priority within financial institutions. The AML Task
Force is an ongoing priority for my office, and we would be
happy to brief your staff as appropriate as our work
progresses.
Q.6. Over the last several years there has been increasing
cooperation in enforcing and tightening sanctions against Iran
within the financial community here and in Europe. However, as
we have seen, some banks have resisted that effort. What are
you doing to ensure that we continue to have the support of the
European financial sector in enforcing financial sanctions
against Iran and that the sorts of sanctions evasion these
cases involve doesn't recur?
A.6. Treasury has been highly successful in enlisting the
support of the financial sector worldwide, including in Europe,
to promote compliance with and enforce our sanctions against
Iran. We regularly work with banks to strengthen controls and
investigate persons who are attempting to evade our sanctions.
We also publish special alerts and advisories for the financial
community, reach out to industries both domestically and abroad
that could be impacted by Iran's manipulation and subterfuges,
and elicit cooperation in our investigations. The degree of
international collaboration on these issues, both with our
overseas partners and the private sector, has been very strong.
These efforts are vital to our ability to enforce our
sanctions, and they play a central role in realizing our total
commitment to identifying and taking effective action against
sanctions evasion.
Q.7. And, what are you doing to ensure that banks in other
areas of the world--including in Asia--do not become safe
havens for illicit Iranian transactions? And that clearing and
settlement processes are fully covered by our multilateral
sanctions regime on Iran?
A.7. Treasury regularly engages with authorities and banks
worldwide to inform them of the exposure to U.S. sanctions they
face if they conduct certain transactions with Iran. And when
necessary, we have taken action against them. For instance, in
July 2012, we sanctioned two banks, including the Bank of
Kunlun in China, for facilitating significant transactions for
Iranian banks designated in connection with Iran's support for
international terrorism and proliferation of weapons of mass
destruction. As a result, the great majority of the world's
banks, in Asia and elsewhere, refrain from business activities
with Iran. Under the U.S. sanctions regime, foreign financial
institutions that engage in certain clearing and settlement
activities for U.S.-designated Iranian persons could be cut off
from the U.S. financial system. We have undertaken extensive
engagement to see that other jurisdictions also extend their
financial restrictions on Iran to clearing and settlement
activities.
Q.8. The BSA regulations about wire transfers (at 31 CFR
1010(f)(2)) allow a U.S. bank to accept and process a wire
transfer from overseas even if the ``transmitter'' field is
blank. That may have been understandable 15 years ago when the
regulations were written. But why has the rule not been
changed, in light of the sanctions abuses illustrated by these
cases and the possibility of other attempts to avoid our
sanctions rules in the future? The changes in the SWIFT
regulations to require completion of all fields, which you
mentioned in your testimony, do not appear to have the force of
law. In a world in which banking institutions operate globally,
effective money laundering control is extremely difficult
without uniform and uniformly enforced cross-border standards
within banks and under applicable law.
A.8. Treasury's aggressive pursuit of some of the world's
largest financial institutions for the systematic removal of
references or names of U.S.-sanctioned entities, banks, or
other parties in violation of U.S. sanctions has led to changes
in SWIFT messaging formats and advancements in financial
institutions' filters to ensure compliance with the sanctions
programs administered by the Office of Foreign Assets Control
(OFAC). U.S. banks, particularly the clearinghouse banks that
handle the majority of dollar clearing, do not want to risk
processing international wires without originator information
due to concerns about violating U.S. sanctions laws. For
purposes of the Bank Secrecy Act (BSA), 31 CFR 1010.410(f)(2)
requires a receiving financial institution that acts as an
intermediary financial institution to include the name and
account number of the transmitter (as well as other
information) in a corresponding transmittal order if that
information is received from the sender. As such, it may not be
a technical violation of the BSA to process international wires
with missing originator information in many circumstances.
Nevertheless, an institution should take the lack of
transparency, and potential motivation for not including the
information, into account as part of its risk-based approach to
compliance. We are currently exploring whether and how
evolution of communications in payment systems may support more
stringent information and record keeping requirements in this
context to best prevent U.S. financial institutions from
serving as conduits for laundered funds transfers, assist law
enforcement, and conform with international standards.
Q.9. Various international activities of these major banks,
especially foreign correspondent banking and other means for
cross-border funds transfer, have been recognized by Congress
as special risk areas since at least 2001. What further steps
should be taken to prevent the movement of illicit funds into
and out of the U.S. through banks' non-U.S. branches in
violation of U.S. law? What are your agencies doing
specifically to address the myriad problems that have arisen in
these areas, including by strengthening cooperation with
foreign regulators who may be in a position to flag problem
banks earlier for U.S. regulators?
A.9. To address the illicit finance risks associated with
correspondent banking and transactions with non-U.S. financial
institutions, the Bank Secrecy Act appropriately requires
specific AML safeguards for financial institutions that engage
in these activities. Moreover, FinCEN in September 2010 issued
a Notice of Proposed Rulemaking proposing that certain U.S.
banks and money transmitters would be required to report cross
border electronic fund transfers to FinCEN. Implementation of
the proposed rule would facilitate the reporting of cross-
border electronic funds transfer information, which could
greatly assist law enforcement. In addition, we are working to
strengthen international information sharing arrangements,
including directly with foreign regulators and through ongoing
discussions at the Financial Action Task Force. With respect to
specific cross-border risk associated with drug trafficking and
money movements across the Mexican border, we have partnered
with the Government of Mexico to form the Bilateral Illicit
Finance Working Group, which has created a mechanism for
information exchange, joint training, and cooperation against
money laundering organizations.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
FROM DAVID S. COHEN
Q.1. Coordination: At what point in time is the Director of the
Financial Crimes Enforcement Network (FinCEN), as the
Administrator of the Bank Secrecy Act, informed of BSA
violations and what does FinCEN do with that information?
A.1. FinCEN has Memoranda of Understanding (MOUs) with the
Federal banking agencies, the Securities and Exchange
Commission, the Commodity Futures Trading Commission, the
Internal Revenue Service, as well as 63 State regulatory
agencies (as of April 5, 2013), that provide for exchange of
information regarding BSA compliance. These MOUs require
regulatory agencies to notify FinCEN in writing as soon as
practicable, but no later than 30 days after the agency cites a
financial institution, for a significant BSA violation or
deficiency. FinCEN reviews the provided information regarding
significant BSA violations or deficiencies by assessing
noncompliance, and considers use of enforcement authorities as
appropriate. As warranted, FinCEN will conduct further
investigation of potential violations as part of its
enforcement review.
Q.2. In large bank examinations, is any office there collecting
and collating program and other deficiency information?
A.2. Yes, as part of the MOUs, FinCEN receives aggregate
quarterly data on BSA examinations, violations, and enforcement
actions by regulatory agencies. This information is not
restricted to large banks, but is in aggregate form and does
not identify specific institutions. FinCEN shares consolidated
quarterly data with the Federal banking agencies.
Q.3. Is that office also in position to connect all the dots to
determine that an institution is actually in the midst of an
enterprise-wide failure, as opposed to just a series of
seemingly disconnected matters requiring attention?
A.3. While Federal financial regulatory agencies are in a
better position to determine that an institution is in the
midst of an enterprise-wide failure, FinCEN works very closely
with these agencies to ensure BSA compliance. FinCEN
administers the BSA data and receives information on BSA
violations or deficiencies from Federal banking agencies.
Q.4. What can your offices contribute, possibly through FinCEN
as the Administrator of the Bank Secrecy Act, and compiler of
anti-money laundering trend data, to assist each of the Federal
banking regulators with the exam process, to promptly recognize
the high risk nature of a bank's enterprise-wide business
activities?
A.4. On a quarterly basis FinCEN compiles and shares with the
Federal banking regulators a consolidated trend report of the
aggregate compliance data that FinCEN receives from each
agency. In addition, FinCEN provides regulatory agencies with
information concerning potential BSA violations, either as
identified by proactive FinCEN internal analysis (such as
identifying deficiencies in an institution's reporting to
FinCEN) or where such potential violations are brought to
FinCEN's attention by law enforcement agencies. Moreover,
FinCEN also issues, in partnership with law enforcement,
numerous advisories to financial institutions on current
threats and red flag indicators to the financial system.
Q.5. Bulk Cash Smuggling: As a result of recent enforcement
actions, and maybe for other reasons, several banks have exited
the lucrative bulk cash business.
What types of firms are stepping into the market to handle
this business, now and do they have better compliance systems
and records than the banks?
A.5. While some banks have exited the bulk cash business
following recent enforcement actions, repatriation of U.S.
dollars from abroad continues to occur through U.S. banks and
nonbank financial institutions. Effective guidance to, and
supervision of, these financial institutions is essential to
ensuring that they comply with their obligations under the Bank
Secrecy Act when receiving cash. Treasury has also been working
with law enforcement, regulatory, and international partners to
facilitate greater implementation of relevant controls to guard
against the risks associated with the bulk cash business.
Q.6. Are you seeing bulk cash connections to Hezbollah and drug
trafficking in any particular Nations or regions?
A.6. Treasury has exposed linkages between Hizballah and those
connected with drug trafficking and has taken strong action to
target this activity using all available authorities. Treasury
designated a key Colombia-based Hizballah facilitator (Ali
Mohamad Saleh) under our counterterrorism authority (Executive
Order 13224) in June 2012 for acting for or on behalf of and
providing financial, material, or technological support to
Hizballah, including raising funds in Maicao, Colombia. Saleh
was previously designated under the Foreign Narcotics Kingpin
Designation Act (Kingpin Act) on December 29, 2011, for his
role as a Maicao, Colombia-based money launderer for the
Cheaitelly/El Khansa criminal organization. This organization
is linked to the Ayman Joumaa network, which Treasury also
designated under the Kingpin Act in January of 2011. Ayman
Joumaa has coordinated the transportation, distribution, and
sale of multiton shipments of cocaine from South America and
has laundered the proceeds from the sale of cocaine in Europe
and the Middle East, according to investigations led by the
Drug Enforcement Administration. Operating in Lebanon, West
Africa, Panama, and Colombia, Joumaa and his organization
launder proceeds from their illicit activities--as much as $200
million per month--through various channels, including bulk
cash smuggling operations and Lebanese exchange houses.
Treasury has also taken action under Section 311 of the USA
PATRIOT Act identifying Lebanese Canadian Bank (2011), and
Rmeiti Exchange and Halawi Exchange (April 2013) as foreign
financial institutions of primary money laundering concern for
their role in facilitating the money laundering operations of
the Joumaa network from which Hizballah derived financial
benefit. Regulatory action can be taken under Section 311 to
protect the U.S. financial system from the risks posed by
global narcotics money laundering networks and terrorist
financiers. Treasury will continue to take action when we have
information of this type of activity.
Q.7. International Coordination: The dangers of illicit global
money must receive adequate and effective attention at the G20,
IMF, World Bank, and foreign national levels.
Do each of you, together with the Comptroller, at your
particular levels of office, ever meet together to discuss and
review BSA programs and policies, both domestically and abroad?
A.7. In addition to the close coordination taking place within
the recently established AML Task Force discussed in my written
and oral statements, FinCEN, along with its Federal financial
regulatory counterparts, meet regularly through the Federal
Financial Institutions Examination Council to discuss current
and future BSA policies, prescribe principles for promoting
uniformity in the BSA oversight of financial institutions, and
ensure that our examination procedures are carefully adapting
to the changes in marketplace threats and vulnerabilities both
domestically and internationally.
Q.8. How effective is the international compliance structure
and how exposed are our financial system and individual
institutions to cross border enforcement challenges?
A.8. The U.S. financial system and individual institutions are
exposed to cross-border enforcement challenges because of the
preeminence of the U.S. financial system and because of the
dominant role of the U.S. dollar in cross-border trade and
investment. To address this exposure, Treasury and our
interagency partners have developed a global AML/CFT framework
through the Financial Action Task Force (FATF). The FATF (i)
maintains a universally accepted list of AML and CFT criteria,
or Recommendations, for the public and private sectors, (ii)
coordinates a global peer review process to assess compliance
with those Recommendations, and (iii) achieves success in
encouraging remedial action by drawing public attention to
country-specific AML/CFT deficiencies. Treasury is working
within this framework to address cross-border enforcement
challenges, while also pursuing unilateral action under
domestic authorities when appropriate.
Q.9. It appears that BSA regulations permit wire transfers to
enter the U.S. with an incomplete originator field. Since that
situation can potentially harm a U.S. bank--what should be done
to address this issue?
A.9. Treasury's aggressive pursuit of some of the world's
largest financial institutions for the systematic removal of
references or names of U.S.-sanctioned entities, banks, or
other parties in violation of U.S. sanctions has led to changes
in SWIFT messaging formats and advancements in financial
institutions' filters to ensure compliance with the sanctions
programs administered by the Treasury's Office of Foreign
Assets Control (OFAC). U.S. banks, particularly the
clearinghouse banks that handle the majority of dollar
clearing, do not want to risk processing international wires
without originator information due to concerns about violating
U.S. sanctions laws. For purposes of the Bank Secrecy Act
(BSA), 31 CFR 1010.410(f)(2) requires a receiving financial
institution that acts as an intermediary financial institution
to include the name and account number of the transmitter (as
well as other information) in a corresponding transmittal order
if that information is received from the sender. As such, it
may not be a technical violation of the BSA to process
international wires with missing originator information in many
circumstances. Nevertheless, an institution should take the
lack of transparency, and potential motivation for not
including the information, into account as part of its risk-
based approach to compliance. We are currently exploring
whether and how evolution of communications in payment systems
may support more stringent information and record keeping
requirements in this context to best prevent U.S. financial
institutions from serving as conduits for laundered funds
transfers, assist law enforcement, and conform with
international standards.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR REED
FROM DAVID S. COHEN
Q.1. Studies have demonstrated an increase in money laundering
and terrorist financing being done through securities
transactions. What are the steps you have recently taken to
support efforts at preventing money laundering and terrorist
financing through the conduit of securities transactions? How
are you working with regulators domestically and abroad to
ensure that financial market intermediaries are appropriately
applying existing rules and being made aware of new trends in
the industry that are indicative of money laundering via
securities transactions? Are there specific recommendations of
the Financial Action Task Force that you are hoping to
implement domestically in this area? Please explain.
A.1. My office organized a working group with interagency
colleagues, including staff at the Securities and Exchange
Commission and the Commodity Futures Trading Commission, to
focus specifically on understanding and mitigating the money
laundering and terrorist financing risks in the securities and
futures markets. The work of the group includes a systemic
analysis by FinCEN staff of suspicious activity reports related
to these industries to determine trends and typologies that can
be useful in identifying and addressing risks. FinCEN is also
working on a proposal to impose AML program and suspicious
activity reporting requirements on investment advisors, which
will further protect our securities markets from abuse and
address a regulatory deficiency that was identified by the
Financial Action Task Force.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
FROM DAVID S. COHEN
Q.1. The United States Government takes money laundering very
seriously. A bank that launders drug money or terrorists' money
can be shut down, \1\ and individuals in the bank can be banned
from banking. \2\ In December, HSBC admitted to laundering at
least $881 million for Colombian and Mexican drug cartels, and
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and
Burma. \3\ These were not one-time actions. The bank was warned
over and over and told to fix the problem, and it didn't. It
just kept making money by laundering money for drug dealers.
\4\
---------------------------------------------------------------------------
\1\ See, e.g., Annunzio-Wylie Anti-Money Laundering Act of 1992,
��1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
\2\ 12 U.S.C. 1818(e) and (g).
\3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at:
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
\4\ Senate Permanent Subcommittee on Investigations, ``U.S.
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing:
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
In the hearing, you noted that the threshold determination
for revoking a bank's charter is dependent on prosecution and
conviction, and you testified that the Justice Department makes
determinations about when it is appropriate to prosecute.
However, there are other tools available to hold accountable
banks and bankers who engage in illegal activity, such as
banning individuals from the banking industry. Could you please
describe:
Whether your agency has any regulation, guidance, policies,
formal or informal, that guide when individuals should be
banned from banking under 12 U.S.C. ��1818(e) and (g). If so,
please provide those documents.
A.1. The procedures established in 12 U.S.C. ��1818(e) and (g)
for removing an ``institution-affiliated party'' from office at
a depository institution, or prohibiting such person from
further participation in the conduct of such institution's
affairs, are powers that may be exercised by the Office of the
Comptroller of the Currency (OCC), the Board of Governors of
the Federal Reserve System, or the Federal Deposit Insurance
Corporation, depending on the type of depository institution
involved. The Treasury Department has no authority to exercise
removal or prohibition powers under these provisions. The
Financial Crimes Enforcement Network (FinCEN), however, has
authority under 31 U.S.C. �5320 to bring an action in district
court against a person it believes has violated, is violating,
or will violate the Bank Secrecy Act (BSA) or its regulations,
to enjoin the violation or to enforce compliance with the
requirement. (The OCC is a bureau of Treasury, but it operates
independently of Treasury in its role as a financial
regulator.)
Q.2. Under what circumstances your agency has used 12 U.S.C.
��1818(e) and (g) in the past, including any actions taken
against bankers in the largest financial institutions.
A.2. As described in response to [Question 1] above, Treasury
has no authority to utilize these provisions.
Q.3. The process your agency does or would follow to use its
authority under 12 U.S.C. ��1818(e) and (g).
A.3. As described in response to [Question 1] above, Treasury
has no authority to utilize these provisions.
Q.4. Attorney General Holder testified before the Judiciary
Committee that he is ``concerned that the size of some of these
institutions becomes so large that it does become difficult for
us to prosecute them when, . . . if you do bring a criminal
charge, it will have a negative impact on the national economy,
perhaps even the world economy.''
Can you explain how your efforts to ensure compliance with
money laundering laws are affected when so many people--even
the Attorney General of the United States--think it is
``difficult to prosecute'' the biggest banks?
A.4. The Treasury Department supports vigorous enforcement of
the law and believes that no individual or institution is above
the law regardless of size or any other characteristic.
Attorney General Holder has testified recently that the Justice
Department shares this view. Although Treasury does not have
statutory authority to impose criminal penalties--that
authority rests exclusively with the Department of Justice--
Treasury does have authority to investigate potential
violations of U.S. economic sanctions, as well as certain anti-
money laundering laws and regulations, and to impose civil
penalties. Treasury has a clear record of aggressively pursuing
investigations and enforcement actions against both U.S. and
foreign financial institutions that violate those laws and
regulations.
Q.5. Are you worried that the size and interconnectedness of
our Nation's largest financial institutions negatively affects
your ability to enforce the law and reduces your leverage?
A.5. No. Treasury has a clear record of aggressively pursuing
investigations and enforcement actions against both U.S. and
foreign financial institutions that violate the laws and
regulations administered by Treasury, regardless of the size of
the financial institutions involved.
Q.6. At the hearing, Under Secretary Cohen and Governor Powell
both testified that the Justice Department was in contact with
their institutions regarding the HSBC case. Without reference
to any particular case, can you describe the general or usual
process for cooperation between your institution and the
Justice Department regarding money laundering and Bank Secrecy
Act issues? In particular:
Which office or offices in the Justice Department contact
your institution?
A.6. The Treasury Department bureau responsible for enforcing
the money laundering regulations promulgated under the Bank
Secrecy Act--the Financial Crimes Enforcement Network
(FinCEN)--typically cooperates with the Justice Department on
anti-money laundering investigations. Although the offices in
the Department of Justice vary from case to case, these matters
are typically coordinated with the Criminal Division
(particularly the Asset Forfeiture and Money Laundering
Section) and the National Security Division (particularly the
Counterespionage Section) and relevant U.S. Attorneys offices.
Q.7. Which office or offices in your institution are contacted?
A.7. On matters involving anti-money laundering and U.S.
economic sanctions laws and regulations, the Financial Crimes
Enforcement Network (FinCEN) and the Office of Foreign Assets
Control (OFAC), respectively, serve as the primary points of
contact within Treasury.
Q.8. At what points in the enforcement process is your
institution contacted?
A.8. Although the facts vary from matter to matter, initial
contact is typically made early in the investigative stages
after one agency has assessed that there is a potential
violation of law and that another agency is likely to have an
interest in the conduct underlying the case.
Q.9. What information is usually requested?
A.9. Treasury and the Department of Justice share information
that would facilitate the development of a common understanding
of the facts underlying the potential violations.
Q.10. Are there are any formal or informal guidelines that are
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?
A.10. Treasury has established a number of formal and informal
mechanisms to facilitate such interagency cooperation.
Consistent with its responsibilities under the Bank Secrecy Act
(BSA), FinCEN maintains a Government-wide BSA data service, and
provides access to this data and related analytic products to
Federal, State, and local law enforcement and regulatory
agencies, in accordance with applicable legal requirements.
Frequently, this data-sharing takes place pursuant to memoranda
of understanding that provide for the exchange of information
(including advance notification by FinCEN that enforcement
action may be warranted by another regulator). OFAC has
executed memoranda of understanding regarding the sharing of
information with every functional Federal financial regulator.
OFAC's Economic Sanctions Enforcement Guidelines, which are
published in Treasury's regulations at 31 CFR part 501, App. A,
provide additional information about the circumstances under
which potential sanctions violations are referred for criminal
investigation.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
FROM DAVID S. COHEN
Q.1. As all of you mentioned, the sophistication and
determination of money launderers, terrorist financiers, and
other criminals has evolved and changed as they find ways to
gain access to our institutions. How can we support smaller
institutions that cannot afford to put the same programs in
place as the large banks? In your examinations, have you
noticed vulnerabilities on a large scale?
A.1.Given the wide array of institutions that comprise the
financial system, many anti-money laundering (AML) obligations
imposed under the Bank Secrecy Act are predicated on the risk-
based approach. In general, financial institutions with lower
risk customer bases or product lines may not require the same
AML procedures as institutions that engage in higher risk
activity. Moreover, as highlighted in my testimony, a primary
focus of recent initiatives to improve the AML/counterterrorist
financing (CFT) framework, is to ensure that compliance efforts
at financial institutions are commensurate with actual illicit
finance risk. FinCEN recently organized a group dubbed the
``Delta Team'' under the auspices of the Bank Secrecy Act
Advisory Group (BSAAG). This group includes representatives
from the financial services industry, financial regulators, and
law enforcement, with the mission of examining any gaps between
illicit finance risks and compliance efforts. Treasury also
recently convened a broad interagency group known as the AML
Task Force, to look in depth at the existing anti-money
laundering and counterterrorist-financing framework--from the
legal and regulatory foundation, to the compliance and
examination function, to the enforcement efforts. These
initiatives provide greater clarity on implementing the risk-
based approach will benefit all financial institutions,
including smaller ones that engage in lower risk activities.
Q.2. Some smaller financial institutions are concerned about
the cost of adopting a customer due diligence program (to
verify the identity of members when opening accounts,
understand the purpose and intended nature of the account,
etc.). Are the objectives of this program already being reached
through compliance with existing FinCEN guidelines, including
the agency's BSA/AML exam manual?
A.2. Treasury has embarked on a rule-making process to consider
whether to impose an explicit customer due diligence rule that
includes a broad requirement to identify beneficial owners.
Such a rule would put financial institutions in a better
position to assess risks and protect themselves from illicit
finance. Moreover, a broad beneficial ownership requirement
would support law enforcement, intelligence, and tax
authorities in their efforts to combat financial crime and
advance national security interests. Explicitly imposing clear
customer due diligence requirements would also address
Treasury's concern that there is a lack of uniformity and
consistency in the way financial institutions currently conduct
diligence under existing requirements. In furthering the rule-
making process to advance these objectives, we will continue to
work towards achieving clear and harmonized customer due
diligence expectations, leveraging best practices to minimize
burden and maintaining a risk-based approach.
------
RESPONSES TO WRITTEN QUESTIONS OF
CHAIRMAN JOHNSON FROM THOMAS J. CURRY
Q.1. The major AML-BSA cases discussed at the hearing all
illustrate various forms of breakdown in the bank compliance
systems on which the BSA/AML and economic sanctions rules
depend. Would you favor a requirement that the CEOs of large
banks certify the effectiveness of their BSA/AML/sanctions
compliance systems annually? If not, why not?
A.1. The OCC is currently considering issuing a regulation or
guidance on corporate governance accountability with respect to
banks' BSA/AML programs and activities. As part of that effort,
we will consider whether it would be appropriate to include a
certification requirement by some or all banks as to the
effectiveness of the bank's BSA/AML controls.
Q.2. I understand that you are not prosecutors, but you are
responsible for oversight of the Nation's largest financial
institutions. Are there reasons that it is especially difficult
to adequately discipline individuals with civil fines, industry
removals, use of injunctions, limits on certain categories of
bank activities, or other sanctions, in connection with
seemingly significant BSA/AML violations?
A.2. Establishing the culpability of specific individuals in
cases of institutional failures such as BSA/AML compliance
program breakdowns can be challenging, especially in larger
institutions, because responsibility for the program is widely
shared within the organization, and often results from a poor
compliance culture. Contributing causes of BSA/AML compliance
program breakdowns include deficiencies in corporate
governance, business strategy, use of technology, payment
system monitoring, staffing resources, communication
breakdowns, gaps in technology, and delays in the evolution of
standard industry practices. These are all institutional
problems that can be addressed through the use of a remedial
document such as a cease-and-desist order. But these types of
cases do not lend themselves readily to actions against
specific individuals because of the stringent legal standards
we must meet to bring such actions, and because of the
multitude of factors that typically cause the compliance
program breakdowns.
Notwithstanding that, the OCC has successfully brought
enforcement actions against individuals responsible for BSA/AML
violations, and OCC examination findings have been instrumental
in successful criminal prosecutions against bank insiders.
These include Simon Kareri, a Vice President of Riggs Bank, and
Wen Chu Huang, a Director and former Chairman of the Board of
Directors of Broadway National Bank. These cases were brought
because the OCC or the prosecuting agency was able to establish
that the individuals were directly involved in money laundering
or fraud being conducted through a bank, as opposed to
compliance breakdowns.
The OCC is committed to taking actions whenever they are
legally supportable. To this end, the OCC conducts a review of
individual misconduct as part of all significant investigations
into BSA/AML noncompliance. We are also exploring ways to
enhance our ability to take removal and prohibition actions in
appropriate cases. For example, we are including articles in
our enforcement actions against institutions that require the
institution to establish responsibility and accountability for
BSA compliance at senior management levels of the institution,
including in the institution's business lines. We are also
developing industry-wide standards in this area that can be
issued in the form of a regulation or guidance. And we are
reviewing the statutory standards for removal and prohibition
actions in order to determine whether issuing a regulation or
agency guidance would facilitate bringing removal and
prohibition actions under the statute.
Q.3. How does the seriousness with which foreign Governments
take compliance in this area affect U.S. regulatory efforts and
bank compliance?
A.3. During OCC regulatory reviews in foreign countries, we
make it a practice to meet with local regulators to discuss
findings and concerns allowed by country law. We also hold
supervisory colleges where we share information. Finally, OCC
gives consideration to Financial Action Task Force findings
when scoping and conducting AML examinations.
Q.4. Why didn't foreign regulators, especially in the EU, pick
up on the correspondent banking and cross-border problems, and
the wire stripping activity, sooner?
A.4. We are unable to address the question. This is a matter
that should be asked of those foreign regulatory bodies in
question.
Q.5. Are there other particular areas of concern that you think
must be addressed in your current discussions with foreign
regulators?
A.5. We will continue to meet with foreign regulators to
further discuss our regulatory posture and we welcome the
sharing of information when allowed by country privacy laws.
Such a meeting was held recently on April 19 with the new U.K.
Financial Conduct Authority.
Q.6. In the last decade, major new innovative technologies and
products have come onto the market, including prepaid access
cards, mobile phone banking, smart ATM machines and kiosks,
mobile wallets, Internet cloud-based payment processes, and
others--and they are evolving rapidly. While they provide huge
benefits to consumers, they can also pose major AML risks,
including by making it easier to move large amounts of money on
stored value cards. What are you doing to mitigate those risks
now, and what should banks be doing to mitigate those risks on
their own, even as they develop these products?
A.6. The OCC, along with the other Federal banking agencies, is
involved in the Task Force on the U.S. AML Framework. This task
force was assembled to review the administration,
implementation, and enforcement of the U.S. AML framework. In
addition, the OCC regularly works with the other Federal
banking agencies and FinCEN on industry guidance related to
emerging AML risks, including risks arising from new products
and services. For example, in 2011, the OCC issued guidance to
national banks on assessing and managing the risks associated
with prepaid access programs, including BSA/AML and OFAC-
related risks. More recently, in January, the OCC in
collaboration with other members of the Federal Financial
Institutions Examination Council issued for comment proposed
risk management guidance on the use of social media that
highlights BSA/AML issues that can arise with the use of such
media.
Before offering new products or services, the OCC expects
banks to conduct thorough due diligence to assess the potential
risks and to determine how those risks can be mitigated. Banks
should have in-place commensurate controls and should perform
ongoing evaluations of the adequacy of processes devised to
manage or mitigate risks arising from higher-risk products,
services; customers and geographies. Banks should ensure they
have in place appropriate risk assessment, customer due
diligence, and suspicious activity monitoring processes. As
part of the examination process, the OCC verifies that these
processes are in place.
Q.7. Comptroller Curry, you mentioned in a recent speech that
you are concerned about the possibility that problematic
transactions with third parties may begin to migrate from large
financial institutions to smaller institutions as large banks
exit high-risk business areas. To what extent can smaller banks
become substitutes for larger more compliant banks, since most
of them cannot directly clear dollar transactions
internationally? What can smaller institutions do to protect
themselves and how can regulators aid them in their efforts?
A.7. To be clear, problematic transactions encompass more than
just those with international implications. For example, we
have seen higher-risk customers such as money services
businesses (MSBs), ATM owners, third-party payment processors,
etc., migrate to smaller institutions. Also, smaller banks can
assume risk by providing banking services for high-risk
businesses outside of just clearing dollar transactions. The
banks can offer a variety of products and services that involve
international exposure, such as international ACH,
international wire transfers, and remote deposit capture, or
the banks may have international customers. The OCC has
consistently discussed with community banks, during
examinations and through outreach efforts, the risks involved
with these products and services and has cautioned the bankers
about the need to carefully monitor customer transactions. The
OCC has made it clear that it is vital that community banks
understand the nature of their customers' businesses and
transactions, including how they do what they do, why they do
it, and for whom they do it, and that the banks appropriately
and carefully monitor customer transaction activity. An
important way a small bank can protect itself is to resist
accepting customer relationships that are in business sectors
with which the bank is unfamiliar or that are so large and
complex the bank cannot properly administer the relationship
(i.e., properly monitor transaction activity). OCC portfolio
managers assigned to community banks perform quarterly reviews
that include questions about what new products the bank is
offering to help identify activities that could signal a change
in a bank's BSA/AML risk profile. Additionally, the OCC
conducts a Money Laundering Risk survey annually for all
community banks, which is targeted at identifying products that
pose higher levels of BSA/AML risk.
Q.8. Your testimony reasonably cites cutback of compliance
staffs during the financial crisis as one element of the recent
spate of cases. Why didn't regulators act more decisively as
they saw compliance staffs being cut back, since those staffs
are critical for an adequate AML system under the BSA?
A.8. Compliance management metrics failed to point out the risk
of declining staff, and banks often cut staff while making the
case that system enhancements permit efficiencies. That can be
true and it sometimes takes time to see a negative effect of
reduction in personnel. It is something we now pay closer
attention to and expect the banks to have better MIS to provide
early warning internally when staff cannot keep pace with
workload or quality. Our heightened expectations around risk
management and audit are directed at these functions doing
better to identify such issues.
Q.9. You have noted that there is now a growing belief that--
for the first time in recent memory, operational risks--
including those related to AML issues--rather than credit risk
pose the greatest potential for loss for many banks and
thrifts. How do banks and thrifts ensure that operational risk,
including that in regards to BSA issues, does not undermine
safety and soundness? What are bank regulators doing to ensure
these steps are being taken?
A.9. As I mentioned in my March 4, 2013, speech before the
Institute of International Bankers, operational risk is at the
top of our safety and soundness concerns for the large banks we
supervise. In order to properly manage this risk, senior bank
compliance personnel need to be involved in product
development. This is especially true when banks are
contemplating whether to offer higher-risk products and
services that may require robust controls. The critical
ingredients for a sound BSA/AML program include the strength of
an institution's compliance culture, its willingness to commit
sufficient resources, the strength of its information
technology and monitoring processes and the adequacy of risk
management protocols. The OCC regularly examines banks to
determine the adequacy of policies, procedures, and processes
devised to manage or mitigate risks. We expect banks to have
risk management processes commensurate with the quantity of
risk arising from products and services offered and customers
and geographies served.
Q.10. Under current law, what statutory provisions would apply
to limit the business activities of a bank if that bank was
convicted of a violation of the BSA, but its charter was not
terminated?
A.10. There is no statutory provision that specifically limits
the business activities of a bank that has been convicted of a
criminal BSA or money laundering violation, but whose charter
has not been revoked under 12 U.S.C. �93(d). However, the OCC
has the authority to limit the business activities of a bank
under its general cease-and-desist authority set forth in 12
U.S.C. �1818(b). The OCC has exercised this authority in its
BSA/AML enforcement orders. In merger transactions, the USA
PATRIOT Act further requires the OCC to consider the
effectiveness of a bank or savings association, including its
overseas branches, in combating money laundering activities. 12
U.S.C. �1828(c).
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
FROM THOMAS J. CURRY
Q.1. Deferred Prosecution Agreements: The use of a Deferred
Prosecution Agreement, or DPA, represents the continuation of a
trend in enforcement matters in economic sanctions, export
controls, and other matters. In opting for a DPA, companies may
avoid criminal prosecution; in exchange, they assume ongoing
responsibilities and risks. The DPA is open, on average, for
about 18 months.
If it sometimes takes years to uncover BSA violations and
other bad behavior, how useful is the DPA as an enforcement
tool?
What is an example of the lowest trigger for a violation of
a DPA?
How long have DPAs been in place on financial institutions
and has any resulted in a violated? What was the end result?
A.1. A DPA is an agreement between the Department of Justice
(DOJ) and a bank or savings association. Consequently, the DOJ
is in a better position to assess the usefulness of DPAs as an
enforcement tool than the OCC is. The triggers for determining
a DPA violation are solely within the DOJ's jurisdiction,
although the DOJ will normally consult with the OCC prior to
terminating a DPA against a national bank or Federal savings
association. If the OCC identifies a breach of a DPA by a
financial institution, or if the OCC identifies continuing
problems with an institution's BSA compliance program after it
has entered into a DPA, the OCC would notify the DOJ of the
breach or problems. No such instances have occurred.
Q.2. Referrals and Examinations: Has either OCC or the Federal
Reserve made any criminal referrals to Federal or other law
enforcement officials as a result of examinations and, if so,
what were the results?
A.2. Yes. Suspicious transactions and potential criminal
violations are usually reported to law enforcement through the
filing of a Suspicious Activity Report (SAR) with the Financial
Crimes Enforcement Network (FinCEN). Federal and State law
enforcement agencies have direct, online access to the SAR
database. Depending on the significance of the SAR filing, the
OCC may contact the DOJ to direct its attention to particular
suspicious activity at financial institutions. In some cases,
the OCC may file a SAR itself, direct an institution to file a
SAR, or refer the matter through other means.
While the OCC does not have information concerning the
disposition of most of these SARs, one example of a SAR that
resulted in successful prosecutions was at Jefferson National
Bank. Here, the OCC identified money laundering transactions,
filed reports with law enforcement, and took the lead in
scheduling several meetings with Federal, State, and Canadian
law enforcement personnel alerting them to the significance of
the OCC's findings and the large sums of illicit funds flowing
through accounts at this bank. Additionally, the OCC brought a
removal action against a director and issued a personal cease-
and-desist order against the president. Based upon this
information, law enforcement began an investigation that
resulted in one of the most successful money laundering
prosecutions in U.S. Government history. The case resulted in
21 indictments, and law enforcement's seeking the recovery of
$557 million. It also resulted in a December 1999 guilty plea
by a subsidiary of R.J. Reynolds Tobacco Company and the
payment of a $15 million criminal fine. Seven bank officers and
directors were ultimately convicted of crimes.
In addition to filing SARs, the OCC provides extensive
support to law enforcement in criminal cases. For example, we
regularly provide documents and information, make our staff
available for interviews or to assist an investigation, and
provide expert witnesses to testify at trial. Over the years,
the OCC has been involved in several high profile BSA/AML
investigations and penalty actions involving large national
banks that also involved a parallel criminal investigation,
including Union Bank of California, Wachovia Bank, N.A., and
HSBC Bank USA, N.A. The OCC's findings and contributions in
these cases were instrumental in bringing those cases to
closure.
Q.3. Have the results of any BSA examinations had any negative
impact on a bank's CAMEL rating?
A.3. OCC issued internal guidance, ``Consideration of Bank
Secrecy Act/Anti-Money Laundering Examination Findings in the
Uniform Interagency Rating Systems and OCC's Risk Assessment
System'' in 2012. The guidance was effective beginning July 18,
2012. As part of that guidance, staff were reminded that in
keeping with current policy, examiners must consider BSA/AML
examination findings in a safety and soundness context as a
part of the management component of a bank's FFIEC Uniform
Financial Institutions Rating System (CAMELS ratings). Since
then, the results of BSA examinations have had a negative
impact on certain banks' management components. For Federal
branches and agencies, BSA/AML examination findings must be
considered as part of the risk management component of the ROCA
rating system. Examination procedures used to evaluate the
adequacy of a bank's BSA/AML compliance remain unchanged.
Q.4. Exam Consistency: The Committee understands that, in the
interests of exam consistency, all of the Federal regulators
now use the Federal Financial Institutions Examination Council
or FFIEC manual for Bank Secrecy Act examinations.
Are there differences in the manner of which each agency
conducts its examinations? Particularly, is there a substantial
difference in the manner so-called pillar violations or program
violations are treated before there is movement to a formal
enforcement action. If so, why?
A.4. In 2005, the members of the FFIEC developed a
comprehensive ``FFIEC Bank Secrecy Act/Anti-Money Laundering
Examination Manual''. The FFIEC BSA/AML Examination Manual has
been revised a number of times and was most recently published
in 2010. While the manual provides a consistent examination
framework across the agencies for evaluating BSA/AML
compliance, each agency may supplement the framework with
additional tools or guidance. For example, the OCC has
developed and deployed a Money Laundering Risk System that
collects risk information from the banks the OCC supervises and
factors the information into each bank's examination strategy
development. OCC examiners use this information to help
determine appropriate areas to select for transaction testing
during an examination.
In August of 2007, the FFIEC issued the Interagency
Statement on Enforcement of Bank Secrecy Act/Anti-Money
Laundering Requirements, which is the guiding enforcement
policy for all of the Federal banking agencies. As noted in our
written testimony, we have amended our approach for citing
pillar violations to provide more flexibility for citing BSN/
AML violations for individual ``pillar'' violations (i.e.,
internal controls, BSA officer, testing, and training) and to
make our approach consistent with the other Federal banking
agencies. The OCC has communicated this change to our
examination staff and now expects examiners to cite pillar
violations when warranted. The OCC has drafted and will soon
issue formal internal guidance for examiners to follow when
considering such violations.
Q.5. OCC and Federal Reserve Practice: What is the practice of
the OCC and Federal Reserve on prevention and resolution of
deficiencies within its supervisory framework?
A.5. The OCC has a range of supervisory responses depending on
the severity of individual examination findings. The OCC makes
use of informal actions, including: matters requiring attention
(MRAs), commitment letters, and memorandums of understanding
(MOUs). The OCC can also take formal actions, including: formal
agreements, cease-and-desist orders, and civil money penalties,
as well as actions to remove individuals from banking.
Q.6. In the course of resolving deficiencies, has a member
bank, or other entity, ever opted to leave either the national
banking system or the Federal Reserve System rather than accept
an enforcement document?
A.6. While the OCC does not keep records of banks that have
converted from the national banking system because of an OCC
enforcement action, anecdotal information and informal
interactions with bankers suggest that there have been banks
that have switched charters because of an OCC enforcement
action or because of a desire to be subject to less rigorous
supervision. One such bank is Colonial Bank, N.A., which
converted to a State charter and subsequently failed. Section
612 of the Dodd-Frank Act specifically addresses this issue by
restricting the ability of a national bank, state-chartered
bank, or Federal or State savings association to convert
charters if they are subject to a cease-and-desist order or
other formal enforcement action.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR REED
FROM THOMAS J. CURRY
Q.1. Earlier this year, the Office of the Comptroller of the
Currency (OCC), along with the Federal Reserve and 13 mortgage
servicers, reached a $9.3 billion settlement to dispense with
the Independent Foreclosure Review process. As part of the
settlement, banks were ordered to identify military members and
other borrowers who were evicted in violation of Federal law.
It was reported by the New York Times in early March that over
700 military families were identified through this process as
victims of wrongful foreclosure. This article notes that ``the
people with direct knowledge cautioned that the numbers were
not precise and could underestimate the extent of the problems
. . . .''
Given the reports that roughly 700 foreclosures could be an
underestimation, are there efforts underway to ensure that all
impacted military families are identified and provided relief?
Can you assure me that these military families will get the
relief that they deserve?
A.1. At the outset of the Independent Foreclosure Review,
independent consultants were required to identify 100 percent
of SCRA eligible borrowers. These borrowers were identified
through a process by which the entire in-scope population for
each of the servicers (all 4.2 million borrowers) was checked
against the DoD database. As part of the settlement, the
servicers were required to either: (1) assume an SCRA violation
for all identified SCRA eligible borrowers and pay the maximum
financial injury, or (2) to have the independent consultant
complete a review to determine if there was an SCRA violation
with respect to the identified SCRA eligible borrowers. For
this reason, we are confident that there was not an
underestimation of the number of SCRA violations. If anything,
the SCRA numbers would be over-reported due to the number of
SCRA borrowers whose errors were assumed.
Q.2. This same New York Times article reports: ``Under the
settlement, banks receive credit for the size of the
outstanding loan balance, rather than the amount of actual
assistance provided. For example, if a bank cut a borrower's
$100,000 mortgage debt by $10,000, the lender could then reduce
its commitment under the settlement by $100,000. In a previous
foreclosure settlement, the banks received credit only for the
$10,000.''
Please confirm whether this characterization is accurate.
If true, please explain why banks are now being given extra
credit.
A.2. The Amendments to the Consent Orders, which implemented
the Independent Foreclosure Review settlement, are specific
about the standards the regulators will use to measure the
servicers' performance on loss mitigation and foreclosure
prevention. They emphasize sustainable and meaningful home
preservation actions for qualified borrowers and that
preference should be given to activities designed to keep
borrowers in their homes.
The unpaid principal balance (UPB) is straightforward,
transparent, and an easily measurable barometer of the value of
the foreclosure that was prevented. It does not measure the
expense of the action taken or the economic benefit for the
consumer, but simply measures the foreclosure that was
prevented based on what the borrower owes, which therefore
reflects the amount of assistance received. Complicated
crediting formulas are not transparent, and people tend to find
ways to manipulate complicated formulas, which can often have
unintended consequences. Further, sustainable modifications
come in numerous forms, not only through principal reductions,
but also through, for example, reduced interest rates.
Finally, the OCC will focus on the overall efforts and
results of the loss mitigation and foreclosure prevention
programs of each servicer as we evaluate compliance with the
remainder of our original Consent Orders. In doing so, we will
evaluate the effectiveness of all the loss mitigation and
foreclosure prevention activities, not just those they request
credit for under the Amendments to the Consent Orders. We
intend to ensure that loss mitigation efforts will be done in a
manner consistent with the principles we described in the
Amendments to the Consent Orders.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
FROM THOMAS J. CURRY
Q.1. The United States Government takes money laundering very
seriously. A bank that launders drug money or terrorists' money
can be shut down, \1\ and individuals in the bank can be banned
from banking. \2\ In December, HSBC admitted to laundering at
least $881 million for Colombian and Mexican drug cartels, and
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and
Burma. \3\ These were not one-time actions. The bank was warned
over and over and told to fix the problem, and it didn't. It
just kept making money by laundering money for drug dealers.
\4\
---------------------------------------------------------------------------
\1\ See, e.g., Annunzio-Wylie Anti Money Laundering Act of 1992,
��1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
\2\ 12 U.S.C. 1818(e) and (g).
\3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at:
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
\4\ Senate Permanent Subcommittee on Investigations, ``U.S.
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing:
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
In the hearing, you noted that the threshold determination
for revoking a bank's charter is dependent on prosecution and
conviction, and you testified that the Justice Department makes
determinations about when it is appropriate to prosecute.
However, there are other tools available to hold accountable
banks and bankers who engage in illegal activity, such as
banning individuals from the banking industry. Could you please
describe:
Whether your agency has any regulation, guidance, policies,
formal or informal, that guide when individuals should be
banned from banking under 12 U.S.C. ��1818(e) and (g). If so,
please provide those documents.
A.1. The standards for removal and prohibition actions are set
forth in the applicable statutes, 12 U.S.C. ��1818(e) and (g).
In addition, individuals who are convicted of certain criminal
violations are prohibited from banking by operation of law
under 12 U.S.C. �1829. The following OCC guidance and policies
address when individuals should be banned from banking under
those sections:
A. OCC Policies and Procedures Manual (PPM) 5310-8;
B. Fast Track Enforcement Program Procedures Manual;
C. Charters for Washington Supervision Review Committee and
Major Matters Supervision Review Committee; and
D. Delegations of Authority for Major Matters, Large Bank
Supervision, and Midsize and Community Bank
Supervision.
The OCC will provide copies of these documents. [See below]
Q.2. Under what circumstances your agency has used 12 U.S.C.
��1818(e) and (g) in the past, including any actions taken
against bankers in the largest financial institutions.
A.2. As a matter of course, the OCC pursues all legally
supportable removal and prohibition actions. The OCC has
removed and prohibited bankers under sections 1818(e), (g), and
1829 in a variety of circumstances where the applicable legal
standard is met. Most removal and prohibition cases involve
instances of insider abuse and self-dealing.
Since 2000, the OCC has issued 422 removal and prohibition
orders under section 1818 and 3,963 prohibition notices under
section 1829. Forty-one percent of the 1818 removals and 67
percent of the 1829 removal notices involved individuals
affiliated with large banks. All OCC formal enforcement
actions, including final orders of removal and prohibition, are
listed on the OCC's Web site at http://apps.occ.gov/
EnforcementActions/.
Q.3. The process your agency does or would follow to use its
authority under 12 U.S.C. ��1818(e) and (g).
A.3. The documents we identified in response to your first
question govern the process the OCC follows to use its
authority under sections 1818(e), (g), and 1829.
Most OCC enforcement actions, including removal and
prohibition cases, originate from examination findings and
referrals from the examiners in the bank to the appropriate
supervisory office. The supervisory office then works closely
with the OCC's Enforcement and Compliance (E&C) Division to
develop the case. In many cases, the E&C Division will conduct
an investigation to gather additional facts to support the
action, aided by the OCC's examiners. Once sufficient evidence
has been obtained to support the case, the E&C Division
presents its recommendation to the appropriate Supervision
Review Committee. The OCC proceeds with an enforcement action
if the OCC's Major Matters Supervision Review Committee
authorizes the action, or if the Senior Deputy Comptroller for
Midsize and Community Banks authorizes the action after
reviewing the recommendation of the Washington Supervision
Review Committee.
Upon receiving authorization, the E&C Division seeks to
obtain the issuance of the order with the respondent's consent.
While the majority of removal and prohibition cases are
resolved this way, the respondent has the right to contest the
action and, in cases where the respondent does not consent, the
E&C Division will initiate litigation by filing a notice of
charges with the administrative law judge who adjudicates
enforcement actions brought by the Federal banking agencies.
The matter then proceeds to an administrative hearing, with the
presentation of evidence and full briefing on the matter by
both parties. Both parties may file exceptions to the
administrative law judge's recommended decision, and the
Comptroller then issues a final agency decision. If the
Comptroller issues a final order of removal and prohibition,
that order is subject to review by an appropriate United States
court of appeals.
Q.4. Attorney General Holder testified before the Judiciary
Committee that he is ``concerned that the size of some of these
institutions becomes so large that it does become difficult for
us to prosecute them when, . . . if you do bring a criminal
charge, it will have a negative impact on the national economy,
perhaps even the world economy.''
Can you explain how your efforts to ensure compliance with
money laundering laws are affected when so many people--even
the Attorney General of the United States--think it is
``difficult to prosecute'' the biggest banks?
A.4. The OCC's efforts to ensure compliance with the BSA and
AML laws are not affected by concerns that some banks are
``difficult to prosecute.'' Indeed, the OCC has brought many
actions against large institutions for BSA violations in recent
years, including actions against Key Bank, N.A. (2005), Union
Bank of California, N.A. (2001), Wachovia Bank, N.A. (2010),
Zions First National Bank (2010), Citibank, N.A. (2012), HSBC
Bank USA, N.A. (2010, 2012) and JPMC Bank, N.A. (2012).
The OCC's willingness to take action is also not affected
by a decision by DOJ to decline to prosecute a bank. The only
significant impact of a decision by DOJ not to prosecute an
institution is on the OCC's charter revocation authority set
forth at 12 U.S.C. � 93(d). If the Attorney General declines to
prosecute a bank or fails to obtain a criminal conviction for
money laundering, the OCC does not have the legal authority to
conduct a revocation hearing under that section. Revocation
hearings can only be conducted upon the conviction of a bank of
any criminal money laundering offense (18 U.S.C. �1956 or 1957)
and the OCC does not have the authority to conduct such a
hearing on its own accord.
Q.5. Are you worried that the size and interconnectedness of
our Nation's largest financial institutions negatively affects
your ability to enforce the law and reduces your leverage?
A.5. The OCC believes that no institution is above the law,
regardless of its size and interconnectedness. Consequently, we
take seriously our responsibilities as a regulator and we
expect full compliance with BSA/AML requirements at all times.
The OCC examines large banks for compliance using the FFIEC
examination procedures. As noted immediately above, we have not
been reluctant to enforce the U.S. banking laws against the
largest banks. That said, there will always be challenges for
our BSA/AML examinations of large financial institutions due to
their global footprint, transaction volumes, diverse product
lines, and the rapid changes in technology and payment systems.
In addition, keeping pace with the innovation, flexibility, and
speed with which criminals are able to alter their tactics to
avoid detection is a constant challenge for both examiners and
banks. In response to these challenges, the OCC continues to
expand its ongoing dialogue with law enforcement to understand
current money laundering and terrorist financing typologies.
Through participation in international forums such as the
Financial Action Task Force (FATF), the OCC works with
international law enforcement, prosecutors, and regulatory
counterparts to identify and understand risks to national banks
and Federal savings associations from international money
laundering and terrorist financing schemes that impact the
largest international banks. The OCC disseminates this
information internally to examiners through training and
guidance. The examiners also participate in external seminars,
workshops, and conferences.
The OCC will continue to refine its examination and
enforcement processes to keep up with these challenges in this
ever-changing environment, and to ensure that both large and
community banks maintain effective BSA/AML compliance programs.
The OCC will not hesitate to use its enforcement authority to
ensure that the U.S. banking laws are complied with, suspicious
activity is properly identified and reported to law
enforcement, and wrongdoers are held accountable.
Q.6. At the hearing, Under Secretary Cohen and Governor Powell
both testified that the Justice Department was in contact with
their institutions regarding the HSBC case. Without reference
to any particular case, can you describe the general or usual
process for cooperation between your institution and the
Justice Department regarding money laundering and Bank Secrecy
Act issues?
In particular: Which office or offices in the Justice
Department contact your institution?
A.6. The OCC cooperates extensively with the DOJ in BSA/AML
cases. This cooperation includes discussion of cases through
meetings and calls, providing documents and information, and
making OCC examiners available to discuss transactions or serve
as witnesses in grand jury proceedings and trials. Depending on
the case, the initial contact in such cases may be initiated by
the OCC, or it may be initiated by the DOJ. The DOJ components
that typically contact us in BSA/AML cases are the Asset
Forfeiture and Money Laundering Section of the DOJ's Criminal
Division, and any U.S. Attorney's Office that is conducting or
participating in an investigation. The OCC is also often
contacted by the FBI and other investigative agencies.
In addition, we also interact with the DOJ through our
active participation in several interagency groups focusing on
BSA/AML compliance, including: (a) Treasury's Interagency Task
Force on the U.S. AML Framework; (b) the Bank Secrecy Act
Advisory Group (BSAAG); and (c) the National Interagency Bank
Fraud Working Group.
Q.7. Which office or offices in your institution are contacted?
A.7. Contact with the DOJ is typically conducted through the
OCC's Chief Counsel's Office, although sometimes law
enforcement agents will initiate contact with field examiners
(field examiners who are contacted by law enforcement will
typically direct the call to the Chief Counsel's Office).
Q.8. At what points in the enforcement process is your
institution contacted?
A.8. The timing of contact with the DOJ or other law
enforcement agency varies depending on the case. In some cases,
the OCC develops a case and refers it to law enforcement. In
other cases, the OCC works closely with law enforcement on
ongoing investigations.
Q.9. What information is usually requested?
A.9. Typically the DOJ will request OCC examination reports and
underlying supervisory correspondence, examination work papers,
look-back reports, investigation reports, and access to OCC
examiners, due to their expertise and knowledge of the
institution under investigation. In some cases, the OCC may
obtain access to grand jury materials and OCC attorneys will
participate and assist in the investigation process, interview
or depose witnesses, and provide responses to DOJ information
requests.
Q.10. Are there are any formal or informal guidelines that are
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?
A.10. The OCC has a Memorandum of Understanding in place with
both FinCEN and the Office of Foreign Assets Control (OFAC).
These agreements provide guidance on information sharing and
interagency coordination with those agencies. In addition, as
described above, the OCC actively participates in various
interagency groups that focus on BSA/AML compliance. Those
groups generally have charter documents that describe their
purpose and provide guidelines for participation.
Q.11. As I understand it, when the OCC identifies a bank's
failure to comply with its internal policies regarding money
laundering, the bank then develops a new policy to address
these shortfalls and the OCC examines the bank's practices
during its next examination period.
When the OCC evaluates a bank's internal policies for BSA
compliance, does it consider the extent to which, based on past
supervision data, the policy is likely to be implemented
effectively? If yes, can you explain the OCC's method of
evaluation? If the OCC does not consider past supervision data,
then how is the OCC able to evaluate whether the bank's
policies are likely to lead to sufficient compliance with the
BSA?
A.11. OCC's regulatory preplanning process for examinations
includes an analysis of ongoing quarterly reviews of corrective
actions taken to address matters requiring attention and
violations of law and regulations. In addition, OCC examination
planning includes a review of prior regulatory findings and
those noted in bank internal audit, quality assurance and
quality control reports. Finally, while on-site, staff review
policy and system changes that were made to correct prior
concerns. When applicable, this includes testing sustainability
through transactional testing.
Q.12. When the OCC does find potential weaknesses in money
laundering detection or controls, does the OCC provide that
information to the Department of Justice or other regulators?
A.12. The OCC ensures that suspicious and potentially criminal
activity is referred to the DOJ. In addition, in criminal
cases, the DOJ will routinely contact the OCC and request
examination reports and other supervisory information that
documents any problems that the OCC identified in the bank's
BSA/AML compliance program.
When the OCC finds potential weaknesses in money laundering
detection or controls, the OCC provides the information to
FinCEN and OFAC consistent with the terms of our MOUs with
those agencies. If the weaknesses result in the failure to
properly file reports with FinCEN or OFAC, including SARs, the
OCC will typically coordinate with FinCEN and OFAC on any look-
back or back-filing requirements to ensure that activity is
reported appropriately. If the weaknesses will result in a
penalty action, the OCC will coordinate with FinCEN, which also
has BSA penalty authority, and other applicable agencies
(Federal Reserve, DOJ, State Attorney Generals, etc.).
Pursuant to the MOU with OFAC, the OCC reports (as
permitted by law) to OFAC any sanctions violations discovered
in the course of an examination. The OCC also requires banking
organizations under our supervision, which are suspected of
sanctions violations, to communicate this information directly
to OFAC.
Q.13. Has the OCC adopted or will adopt a policy of imposing
stiffer penalties for second, third, or repeated failures to
achieve compliance?
A.13. Yes. In the case of civil money penalty actions, the OCC
will follow the statutory framework set forth in 12 U.S.C.
1818(i) which provides for increased penalty amounts depending
on the severity of the wrongdoing. The statute also requires
that in determining the amount of any penalty, the OCC shall
take into account the appropriateness of the penalty with
respect to the history of previous violations. 12 U.S.C.
1818(i)(2)(G).
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
FROM THOMAS J. CURRY
Q.1. As all of you mentioned, the sophistication and
determination of money launderers, terrorist financiers, and
other criminals has evolved and changed as they find ways to
gain access to our institutions. How can we support smaller
institutions that cannot afford to put the same programs in
place as the large banks? In your examinations, have you
noticed vulnerabilities on a large scale?
A.1. We scale our expectations of smaller institutions to the
risk and complexity of the products they offer. As long as the
smaller institutions perform sufficient due diligence on their
customers, and truly understand their customers' use of their
accounts and the risks associated with their customers'
transactions, small banks should meet regulatory expectations.
We provide guidance to smaller banks through the examination
process, as well as in various meetings and outreach sessions.
We have, for instance, been very active for many years in
offering workshops for bank directors to help them understand
the risks associated with BSA. Additionally, as part of our
examination process, we offer recommendations to bankers based
on our unique knowledge of industry best practices. While the
risks in smaller institutions vary from bank to bank, we have
not noted significant vulnerabilities on a large scale. Rather,
banks are adjusting to an increasing distance from their
customers through technological innovation such as remote
deposit capture and prepaid cards, some of which is facilitated
through third parties with their own independent BSA programs.
In many cases, reasonably sophisticated software is available
to smaller banks to help them manage the increasing customer
risks.
------
RESPONSES TO WRITTEN QUESTIONS OF
CHAIRMAN JOHNSON FROM JEROME H. POWELL
Q.1. The major AML-BSA cases discussed at the hearing all
illustrate various forms of breakdown in the bank compliance
systems on which the BSA/AML and economic sanctions rules
depend. Would you favor a requirement that the CEOs of large
banks certify the effectiveness of their BSA/AML/sanctions
compliance systems annually? If not, why not?
A.1. Imposing a Bank Secrecy Act/anti-money laundering (BSA/
AML) and U.S. sanctions certification requirement may result in
changes to an institution's strategic focus and the need to
alter or curtail certain high-risk activities in order to
reduce exposure. While such a change could reduce the risk
profile of an institution and result perhaps in a more
effective compliance program, it may also result in a reduced
availability of certain financial services, such as private
banking or correspondent bank services, or a curtailment of
certain products and services in certain markets.
Even without any specific certification requirements, the
Federal Reserve reviews the quality of an institution's BSA/AML
and U.S. sanctions compliance programs through the ongoing
exercise of supervision, and the results of these reviews are
reflected in the ``management'' or ``M'' rating component of
the CAMELS rating system we use to evaluate these institutions.
For large, complex banking organizations, safety and soundness
examination is a continuous process, and BSA/AML compliance is
incorporated into examinations conducted throughout the year.
Additionally, the Federal Reserve has available at its
disposal a broad range of supervisory tools to ensure
appropriate compliance processes and programs. For example, the
Federal Reserve may require an institution to address a BSA/AML
or sanctions program deficiency through informal supervisory
action, such as requiring an institution's board of directors
to adopt an appropriate resolution or executing a memorandum of
understanding between an institution and a Reserve Bank. In the
most serious cases, the Federal Reserve may take a formal
enforcement action against an institution.
Q.2. I understand that you are not prosecutors, but you are
responsible for oversight of the Nation's largest financial
institutions. Are there reasons that it is especially difficult
to adequately discipline individuals with civil fines, industry
removals, use of injunctions, limits on certain categories of
bank activities, or other sanctions, in connection with
seemingly significant BSA/AML violations?
A.2. The Federal Reserve and other Federal banking agencies
have and use statutory authority to remove and prohibit
insiders from participating in the banking industry. This
authority is an effective tool in dealing with serious cases of
insider abuse and self-dealing because it results in a lifetime
ban on the individual working in the banking industry. In these
cases, we may also determine that the assessment of civil money
penalties is appropriate against the individual. In the past 5
years, the Federal Reserve has issued 44 prohibition orders,
including several orders that included an assessment of a civil
money penalty.
We believe that this existing authority to sanction
misconduct by individuals is an effective tool to address
significant BSA/AML violations involving specific insiders. For
example, the Federal Reserve may prohibit an institution-
affiliated party for violations of the BSA that are ``not
inadvertent or unintentional.'' 12 U.S.C. �1818(e)(2).
Significant violations of the BSA and related anti-money
laundering laws typically involve parallel criminal
investigations. An individual convicted of a felony offense
also is subject to the prohibitions set forth in section 19 of
the Federal Deposit Insurance Act (FDI Act). 12 U.S.C. �1829.
In these instances, the Federal Reserve will typically defer
the decision to commence an investigation of an insider, at the
request of prosecutors, to avoid interference with any ongoing
criminal investigation. The Federal Reserve's enforcement
program will instead focus on requiring an institution to
remediate problem areas as quickly as possible in order to
mitigate any negative effects on the bank and the U.S.
financial system. We believe that the Federal Reserve's
approach to enforcement matters accomplishes the statutory
objective set by the Congress of ensuring the safe and sound
operation of the banking system.
Q.3. How does the seriousness with which foreign Governments
take compliance in this area affect U.S. regulatory efforts and
bank compliance? Why didn't foreign regulators, especially in
the EU, pick up on the correspondent banking and cross-border
problems, and the wire stripping activity, sooner? Are there
other particular areas of concern that you think must be
addressed in your current discussions with foreign regulators?
A.3. Not all countries impose the same economic sanctions as
the United States. Countries without these standards or with
different sanctions than those in the U.S. do not approach
sanctions enforcement in the same manner as the United States.
The Federal Reserve believes that a sound global compliance
program, and proper oversight, is critical to deterring and
preventing illicit activities at, or through, U.S. banks and
other financial institutions, and we continuously reinforce
this view with our foreign supervisory counterparts. Many of
the enforcement actions we have taken in this area have
required institutions to implement global compliance measures
that will help them evaluate risk comprehensively, taking into
account the full range of products, services, customers, and
geographic locations of the firm. In a number of BSA/AML and
U.S. sanctions enforcement cases, the Federal Reserve has
enlisted the aid of our foreign counterparts, including what
was formerly the U.K. Financial Services Authority, to ensure
that a supervised institution is meeting its responsibilities
in its home country and other jurisdictions where our examining
authority is limited.
The Federal Reserve promotes high supervisory standards for
international BSA/AML and U.S. sanctions compliance and payment
transparency through our participation in the U.S. delegation
to the Financial Action Task Force (FATF) and the Basel
Committee on Banking Supervision's (BCBS) anti-money laundering
experts group. For example, the U.S. delegation to the FATF
continues to press for the strengthening of the international
compliance framework and has contributed to the revised set of
international standards for AML compliance adopted by the FATF
adopted its revised set of standards earlier this year. The
BCBS's anti-money laundering experts group provides a forum for
regular cooperation on anti-money laundering matters, and has
issued guidance in several key areas, such as cover payment
transparency. In addition, the Federal Reserve has strong and
ongoing coordination and communication channels with our
counterparts at foreign regulatory agencies, including but not
limited to the U.K.'s Financial Services Authority and its
successor organizations, the Prudential Supervisory Authority
and the Financial Conduct Authority. On an institution-specific
basis, Federal Reserve also participates in supervisory
colleges with its foreign supervisory colleagues. These groups
are intended to promote information sharing and discussion on a
range of supervisory issues and emerging risks at the
institution, including anti-money laundering concerns.
Q.4. In the last decade, major new innovative technologies and
products have come onto the market, including prepaid access
cards, mobile phone banking, smart ATM machines and kiosks,
mobile wallets, Internet cloud-based payment processes, and
others--and they are evolving rapidly. While they provide huge
benefits to consumers, they can also pose major AML risks,
including by making it easier to move large amounts of money on
stored value cards. What are you doing to mitigate those risks
now, and what should banks be doing to mitigate those risks on
their own, even as they develop these products?
A.4. The Federal Reserve has long recognized the anti-money
laundering risks associated with prepaid cards and other
payment systems and has taken steps to address these threats as
they emerge. The Federal Reserve maintains an open dialogue
with other regulatory agencies and the prepaid card industry
and participates in many discussions focused on identifying
risks associated with prepaid cards and other technologies. For
example, in 2006 and 2010, the Federal Reserve, working with
the member agencies of the Federal Financial Institutions
Examination Council (FFIEC) working group on BSA/AML matters,
incorporated guidance in the FFIEC examination manual on ways
banks can mitigate the risks associated with prepaid card
programs, and developed specific examination procedures for
reviewing the adequacy of a bank's BSA/AML program as it
relates to its prepaid card program. The guidance is publicly
available through the Federal Reserve's Web site. \1\
---------------------------------------------------------------------------
\1\ ``Federal Financial Institutions Examination Council Bank
Secrecy Act/Anti-Money Laundering Examination Manual''. Available at:
www.federalreserve.gov/boarddocs/supmanual.default.htm.
---------------------------------------------------------------------------
The Federal Reserve also serves as cochair to the BSA
Advisory Group Subcommittee on Prepaid Access alongside the
National Branded Prepaid Card Association (NBPCA). The
subcommittee has been in existence now for several years, and
includes representatives from the banking regulatory agencies
(both Federal and State), the Financial Crimes Enforcement
Network (FinCEN), law enforcement, and industry. In addition,
Federal Reserve staff speaks regularly at conferences and
meetings focused on prepaid cards and emerging payment systems,
including NBPCA events and the annual Federal Reserve Bank of
Chicago's Payments Conference.
Q.5. The BSA regulations about wire transfers (at 31 CFR
1010(f)(2)) allow a U.S. bank to accept and process a wire
transfer from overseas even if the ``transmitter'' field is
blank. That may have been understandable 15 years ago when the
regulations were written. But why has the rule not been
changed, in light of the sanctions abuses illustrated by these
cases and the possibility of other attempts to avoid our
sanctions rules in the future? The changes in the SWIFT
regulations to require completion of all fields, which you
mentioned in your testimony, do not appear to have the force of
law. In a world in which banking institutions operate globally,
effective money laundering control is extremely difficult
without uniform and uniformly enforced cross-border standards
within banks and under applicable law.
A.5. Foreign banks that operate in countries without sanctions
similar to those imposed by the United States have not always
had in place the mechanisms to ensure transactions routed
through the U.S. comply with U.S. law. In 2009, based on
transparency concerns raised by the Board and others, the
Society for Worldwide Interbank Financial Transaction (SWIFT)
adopted a new message format for cover payments (the MT 202
COV) that provides intermediary banks with additional
originator and beneficiary information, enabling them to
perform sanctions screening and suspicious activity monitoring.
In furtherance of these efforts, the Board issued guidance on
the necessity for transparency and proper monitoring with
respect to cross-border funds transfers. \2\ The guidance
clarifies that financial institutions should not omit, delete,
or alter information in payment messages or orders for the
purpose of avoiding detection of that information by any other
financial institution in the payment process. Also effective
since 2009, the domestic wire transfer systems, Fedwire and
Clearing House Interbank Payments System (CHIPS), have created
similar message formats to improve transparency of cross-border
payment messages.
---------------------------------------------------------------------------
\2\ ``Transparency and Compliance for U.S. Banking Organizations
Conducting Cross-Border Funds Transfers'' (November 19, 2009).
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
While the SWIFT message format for cover payments does not
have a direct statutory basis, it is enforced by SWIFT against
its members, and any institution that fails to provide the
appropriate information or that processes a transaction without
the appropriate information is subject to penalties imposed by
U.S. regulators if the transaction does not conform with U.S.
law.
The Board participates in several organizations that are
actively involved in enhancing the uniformity of cross-border
anti-money laundering standards. In particular, Board is a
member of the U.S. delegation to the FATF, which was
established with the objective of creating and promoting a
common set of anti-money laundering standards for incorporation
into the legislative frameworks of its member countries. FATF
Standard 16 is primarily concerned with ensuring financial
institutions include relevant information with cross-border
wire transfers, which includes accurate originator and required
beneficiary information, as described in the standard. \3\
---------------------------------------------------------------------------
\3\ For additional information, see http://www.fatf-gafi.org/
media/fatf/documents/recommendations/pdfs/FATF_Recommendations.pdf.
Q.6. Various international activities of these major banks,
especially foreign correspondent banking and other means for
cross-border funds transfer, have been recognized by Congress
as special risk areas since at least 2001. What further steps
should be taken to prevent the movement of illicit funds into
and out of the U.S. through banks' non-U.S. branches in
violation of U.S. law? What are your agencies doing
specifically to address the myriad problems that have arisen in
these areas, including by strengthening cooperation with
foreign regulators who may be in a position to flag problem
---------------------------------------------------------------------------
banks earlier for U.S. regulators?
A.6. The management of complex international banking businesses
creates inherent risks, which must be mitigated through
sophisticated enterprise-wide risk management and internal
controls. These systems and controls should be reasonably
designed by financial institutions to ensure that the
institution has effective anti-money laundering procedures in
place, including procedures to cover transactions involving its
overseas affiliates. The Federal Reserve has issued guidance
that highlights the importance of enterprise-wide risk
management, and has taken supervisory action to ensure that the
internationally active firms we supervise have appropriate
controls in place. In many cases, we have enlisted the
assistance of foreign regulators, including what was formerly
the U.K. Financial Services Authority, to ensure that the
supervised institution is meeting its responsibilities in its
home country and other jurisdictions where our examining
authority is limited.
The Federal Reserve has placed particular emphasis on the
importance of risk management in the context of correspondent
banking activities. Examiners regularly evaluate whether a
bank's compliance program can detect and report suspicious
activity with respect to its foreign correspondent account
relationships. In addition, we have prescribed advanced
procedures for our examiners regarding specific money
laundering risks for foreign correspondent banking activities,
such as bulk shipments of currency, pouch activity, U.S. dollar
drafts, and payable through accounts.
Earlier this year, the FATF issued recommendations
concerning the obligations of financial institutions with
respect to customer due diligence (CDD). These new
recommendations, which are based on input provided by the
Federal Reserve and other members of the U.S. delegation to the
FATF, emphasize that financial institutions must use CDD
information to better understand customer behavior and query
whether the customer relationship is being used for improper
means. Through its participation at FATF, the Federal Reserve
has encouraged our foreign regulatory counterparts to ensure
that the financial institutions they supervise have the
programs necessary to conduct CDD appropriately.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
FROM JEROME H. POWELL
Q.1. International Coordination: The dangers of illicit global
money must receive adequate and effective attention at the G20,
IMF, World Bank, and foreign national levels.
Do each of you, together with the Comptroller, at your
particular levels of office, ever meet together to discuss and
review BSA programs and policies, both domestically and abroad?
A.1. The Federal Reserve maintains an active dialogue with its
regulatory counterparts regarding efforts to combat illicit
financing in the U.S. banking system, both domestically and
abroad. In addition to strengthening the compliance programs of
U.S. financial institutions, we remain committed to making the
supervision of internationally active banking organizations
more effective and we have engaged in several efforts to
achieve this important goal. The Federal Reserve also
coordinates with foreign regulators as part of our enforcement
program. For example, the Federal Reserve's recent enforcement
action against HSBC involved participation from what was
formerly the U.K. Financial Services Authority. Likewise, the
ABN AMRO case involved De Nederlandsche Bank N.V. (the
regulator of Dutch banks).
On the domestic side, the Federal Reserve participates in
the Federal Financial Institutions Examinations Counsel
(FFIEC), which has an expansive Bank Secrecy Act and anti-money
laundering (BSA/AML) working group that promotes high standards
for bank examinations and compliance. The Federal Reserve,
other FFIEC member agencies, and the Financial Crimes
Enforcement Network (FinCEN) meet monthly to review and discuss
supervisory issues and to share information regarding emerging
risks and other matters regarding banking industry compliance
with BSA/AML requirements. To further enhance the goals of the
BSA working group, a broader set of Government agencies with
supervisory and regulatory responsibilities under the BSA are
routinely invited to participate in these discussions.
The Federal Reserve also participates in the U.S.
Department of the Treasury's Interagency Task Force on
Strengthening and Clarifying the BSA/AML Framework (Task
Force), which includes representatives from the Federal banking
agencies, the Department of Justice (DOJ), Office of Foreign
Asset Control (OFAC), FinCEN, the Commodity Futures Trading
Commission (CFTC), and the Securities and Exchange Commission
(SEC). The primary focus of the Task Force is to review the
BSA, its implementation, and its enforcement with respect to
U.S. financial institutions that are subject to these
requirements, and to develop recommendations for ensuring the
continued effectiveness of the BSA and efficiency in agency
efforts to monitor compliance.
Q.2. How effective is the international compliance structure
and how exposed are our financial system and individual
institutions to cross-border enforcement challenges?
A.2. With respect to international coordination efforts, the
Federal Reserve is a member of the U.S. delegation to the
Financial Action Task Force (FATF). The FATF's primary
objective is to set standards to promote the effective
implementation of the AML framework in its member countries. As
a member of the U.S. delegation to the FATF, the Federal
Reserve continues to press for the strengthening of the
international compliance framework and has contributed to the
revised set of international standards for anti-money
laundering compliance adopted by the FATF earlier this year.
These standards are intended to create a global AML framework
that is consistent across countries.
The FATF also conducts regular peer reviews, or mutual
evaluations, of its member countries' AML frameworks against
the standards to facilitate compliance and a level playing
field. The mutual evaluations are publicly available and
identify specific deficiencies and opportunities for
enhancement for each country. Once the FATF evaluates its
member countries against the standards, it revises the
standards to incorporate lessons learned and implement improved
AML measures. Finally, the FATF has a structured process to
enhance the AML frameworks of noncompliant countries, such as
action plans, publishing lists of noncompliant countries, and
engaging the countries' senior Government officials. These
measures will help U.S. financial institutions to conduct
appropriate due diligence of foreign correspondent accounts
involving noncompliant countries.
The Federal Reserve also coordinates internationally
through the Basel Committee on Banking Supervision (BCBS). The
BCBS provides a forum for regular cooperation on anti-money
laundering matters, and has issued guidance in several key
areas, such as transparency with respect to cross-border
payments. On an institution-specific basis, Federal Reserve
also participates in supervisory colleges with its foreign
supervisory colleagues. These groups are intended to promote
information sharing and discussion on a range of supervisory
issues and emerging risks at the institution, including anti-
money laundering concerns.
Q.3. It appears that BSA regulations permit wire transfers to
enter the U.S. with an incomplete originator field. Since that
situation can potentially harm a U.S. bank--what should be done
to address this issue?
A.3. Foreign banks that operate in countries without sanctions
similar to those imposed by the United States have not always
had in place the mechanisms to ensure transactions routed
through the U.S. comply with U.S. law. In 1995, the Board and
FinCEN issued a rule that requires U.S. financial institutions,
at the initiation of a funds transfer, to collect and retain
the name of the originator (and, if received with an incoming
funds transfer order, the name of the recipient) on funds
transfers in excess of $3,000. In 2009, based on transparency
concerns raised by the Board and others, the Society for
Worldwide Interbank Financial Telecommunication (SWIFT) adopted
a new message format for cover payments (the MT 202 COV) that
requires banks located outside the United States that send
payments through or to the U.S. banking system to provide
intermediary banks with originator and beneficiary information
that enables them to perform sanctions screening and suspicious
activity monitoring. In furtherance of these efforts, the Board
issued guidance on the necessity for transparency and proper
monitoring with respect to cross-border funds transfers. \1\
The guidance clarifies that financial institutions should not
omit, delete or alter information in payment messages or orders
for the purpose of avoiding detection of that information by
any other financial institution in the payment process. Also
effective since 2009, the domestic wire transfer systems,
Fedwire and the Clearing House Interbank Payments System
(CHIPS), have created similar message formats to improve
transparency of cross-border payment messages.
---------------------------------------------------------------------------
\1\ ``Transparency and Compliance for U.S. Banking Organizations
Conducting Cross-Border Funds Transfers'' (November 19, 2009).
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
Through supervisory and enforcement efforts, the Board has,
for many years, focused attention on the payment messages that
accompany funds transfers. From a compliance standpoint, U.S.
financial institutions routinely screen the information
contained in cross-border payment messages to identify
transactions that violate U.S. economic sanctions.
The Board participates in several organizations that are
actively involved in enhancing the uniformity of cross-border
anti-money laundering standards. In particular, Board is a
member of the U.S. delegation to the FATF, which was
established with the objective of creating and promoting a
common set of anti-money laundering standards for incorporation
into the legislative frameworks of its member countries. FATF
Standard 16 is primarily concerned with ensuring financial
institutions include relevant information with cross-border
wire transfers. This information includes accurate originator
and required beneficiary information, as described in the
standard. \2\
---------------------------------------------------------------------------
\2\ For additional information, see http://www.fatf-gafi.org/
media/fatf/documents/recommendations/pdfs/FATF_Recommendations.pdf.
Q.4. Deferred Prosecution Agreements: The use of a Deferred
Prosecution Agreement, or DPA, represents the continuation of a
trend in enforcement matters in economic sanctions, export
controls, and other matters. In opting for a DPA, companies may
avoid criminal prosecution; in exchange, they assume ongoing
responsibilities and risks. The DPA is open, on average, for
about 18 months.
If it sometimes takes years to uncover BSA violations and
other bad behavior, how useful is the DPA as an enforcement
tool?
A.4. Please see response for Question 6.
Q.5. What is an example of the lowest trigger for a violation
of a DPA?
A.5. Please see response for Question 6.
Q.6. How long have DPAs been in place on financial institutions
and has any resulted in a violated? What was the end result?
A.6. A Deferred Prosecution Agreement (DPA) is a tool of the
law enforcement community. The Federal Reserve does not have
the legal authority to impose criminal penalties against
financial institutions for violations of the BSA/AML
requirements or U.S. economic sanctions, and also does not use
DPAs. The decision to use a DPA or any other criminal law
enforcement tool rests solely with the DOJ. In cases where the
DOJ has imposed a DPA on a financial institution supervised by
the Federal Reserve, the institution is also typically required
to abide by any orders we impose requiring the firm to take
corrective measures, which provides an additional mechanism for
enforcing our enforcement actions. Together, these actions
result in an overall improvement to the firm's compliance
program. The DOJ has imposed DPAs on institutions supervised by
the Federal Reserve that are in place for as long as 5 years.
Any institution found by the DOJ to be in breach of a DPA may
be subject to criminal charges, or any civil or administrative
charge that was not filed as a result of the agreement.
Q.7. Referrals and Examinations: Has either OCC or the Federal
Reserve made any criminal referrals to Federal or other law
enforcement officials as a result of examinations and, if so,
what were the results?
A.7. The Federal Reserve routinely coordinates with the DOJ and
State law enforcement, as appropriate, as part of our
enforcement program. When requested by the DOJ or other Federal
law enforcement authorities, the Federal Reserve provides
support to criminal investigative authorities in connection
with criminal investigations that are initiated as a result of
these interagency contacts, consistent with applicable legal
restrictions. For example, many of the enforcement cases the
Federal Reserve has pursued involving violations of the BSA,
the related AML rules, and U.S. economic sanctions, have
involved a coordinated resolution with the DOJ and State
criminal enforcement authorities. These include our case
against Riggs Bank, ABN Amro, American Express, Credit Suisse,
Barclays, Standard Chartered, and HSBC. These cases are among
the largest, most complex enforcement cases in the BSA and U.S.
sanctions area. Collectively, these cases have generated
billions of dollars in fines paid to the U.S. Treasury.
Q.8. Have the results of any BSA examinations had any negative
impact on a bank's CAMEL rating?
A.8. The Federal Reserve assesses the quality of an
institution's BSA/AML compliance program and the results are
reflected in the management or ``M'' rating component of the
CAMELS rating system. For bank holding companies, the Board
conducts an annual supervisory assessment of the firm on a
consolidated basis. BSA deficiencies at the holding company or
at a subsidiary bank are taken into account in determining the
Risk Management rating contained in the Board's annual
assessment. Specifically, BSA deficiencies are reflected in the
Board's evaluation of the risk management practices, policies,
and internal controls at the firm.
Q.9. Exam Consistency: The Committee understands that, in the
interests of exam consistency, all of the Federal regulators
now use the Federal Financial Institutions Examination Council
or FFIEC manual for Bank Secrecy Act examinations.
Are there differences in the manner of which each agency
conducts its examinations? Particularly, is there a substantial
difference in the manner so-called pillar violations or program
violations are treated before there is movement to a formal
enforcement action. If so, why?
A.9. Since 2005, the Federal banking agencies and State
regulatory authorities have relied on the FFIEC manual as a
tool for promoting consistency in the BSA/AML examination
process for the banking organizations we supervise. These
agencies meet regularly under the auspices of the FFIEC working
group on BSA/AML to share their examination experiences, and we
have revised the manual several times to further ensure
consistency in the examination process. Differences in the
examination approach taken by the Federal banking agencies are
typically the result of differing risk profiles of the
individual banking organizations we supervise.
In 2007, the Federal Reserve and the other Federal banking
agencies issued a policy, again on an interagency basis, on the
application of our enforcement authority in the BSA/AML area.
This policy explains when the banking agencies must issue a
cease and desist order against a depository institution that
fails to establish and maintain a BSA/AML program as required
by the agencies' regulations. Under the agencies' regulations,
an effective BSA/AML program must have four minimum elements or
``pillars,'' including a system of internal controls to ensure
ongoing compliance; independent testing of BSA/AML compliance;
a designated individual responsible for managing BSA compliance
(BSA compliance officer); and training for appropriate
personnel. The enforcement policy was issued in 2007 to promote
a consistent approach to agency enforcement of BSA/AML
requirements and to make those standards more transparent to
the industry.
When an agency identifies a supervisory concern relating to
a financial institution's BSA compliance program in the course
of an examination or otherwise, the agency may communicate
those concerns to the financial institution by various means.
In the most serious cases, the Federal Reserve may take a
formal enforcement action against an institution. The Federal
Reserve has a longstanding practice of citing institutions for
failing to establish or maintain one of the individual BSA
pillars in formal enforcement actions (referred to as a ``sub-
part'' violation). Since the 1980s, the Board has had a
specialized group in the Division of Bank Supervision that
reviews BSA/AML examination findings and consults with
examiners on enforcement actions to ensure that the Federal
Reserve's enforcement responses are consistent with the policy
statement, and through this review we ensure an appropriate
supervisory response to deficiencies in a bank's BSA/AML
compliance program, whether through a formal enforcement action
or otherwise.
Q.10. OCC and Federal Reserve Practice: What is the practice of
the OCC and Federal Reserve on prevention and resolution of
deficiencies within its supervisory framework?
A.10. Please see response for Question 11.
Q.11. In the course of resolving deficiencies, has a member
bank, or other entity, ever opted to leave either the national
banking system or the Federal Reserve System rather than accept
an enforcement document?
A.11. The Federal Reserve examines, on a regular basis,
institutions for which we have been granted supervisory
authority by Congress and, through that authority, reviews the
programs financial institutions use to maintain compliance with
BSA/AML requirements and U.S. economic sanctions. Enforcement
measures may escalate depending on the nature, duration, and
severity of the problem. Problems that cannot be corrected
immediately will be formally reported to the institution in the
examination report or in a supervisory letter as matters
requiring management's attention and corrective action. These
matters are presented to the institution's board of directors,
which is charged with ensuring that management addresses and
corrects them. Federal Reserve supervision staff will
subsequently follow management's actions to ensure that the
problem is corrected. If a problem requires a more detailed
resolution or is more pervasive at an institution, the Federal
Reserve may enter into a memorandum of understanding with the
financial institution in which the board of directors commits
to specific actions to correct the potentially unsafe and
unsound banking practice or possible violations of laws or
regulations. More serious deficiencies may result in a public
enforcement against the institution such as a written
agreement, a cease and desist order, and civil money penalties.
Congress has placed significant restrictions on a bank's
ability to change charters when subject to an enforcement
action regarding a significant supervisory matter. Section 612
of the Dodd-Frank Wall Street Reform and Consumer Protection
Act generally prohibits charter conversions by an insured
depository institution while the institution is subject to
formal enforcement order issued by, or a memorandum of
understanding entered into with, its current Federal banking
agency, or a State bank supervisor with respect to a
significant supervisory matter. The Federal Reserve and the
Federal banking agencies have issued guidance to the
institutions we supervise advising them of these restrictions.
\3\
---------------------------------------------------------------------------
\3\ Interagency Statement on Section 612 of the Dodd-Frank Act
Restrictions on Conversions of Troubled Banks (November 26, 2012).
Available at: http://www.federalreserve.gov/bankinforeg/srletters/
sr1216al.pdf.
---------------------------------------------------------------------------
Where a depository institution attempts to evade a formal
enforcement action by converting charters in advance of the
action, under section 612, the current Federal banking agency
will notify the prospective Federal banking agency supervisor
of any ongoing supervisory or investigative proceedings that
the current Federal banking agency believes are likely to
result in a formal action in the near term with respect to a
significant supervisory matter. Under these circumstances, the
current Federal banking agency will provide the prospective
Federal banking agency supervisor with access to all
investigative and supervisory information relating to the
proceedings.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
FROM JEROME H. POWELL
Q.1. The United States Government takes money laundering very
seriously. A bank that launders drug money or terrorists' money
can be shut down, \1\ and individuals in the bank can be banned
from banking. \2\ In December, HSBC admitted to laundering at
least $881 million for Colombian and Mexican drug cartels, and
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and
Burma. \3\ These were not one-time actions. The bank was warned
over and over and told to fix the problem, and it didn't. It
just kept making money by laundering money for drug dealers.
\4\
---------------------------------------------------------------------------
\1\ See, e.g., ``Annunzio-Wylie Anti Money Laundering Act of
1992'', ��1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
\2\ 12 U.S.C. 1818(e) and (g).
\3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at:
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
\4\ Senate Permanent Subcommittee on Investigations, ``U.S.
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing:
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
In the hearing, you noted that the threshold determination
for revoking a bank's charter is dependent on prosecution and
conviction, and you testified that the Justice Department makes
determinations about when it is appropriate to prosecute.
However, there are other tools available to hold accountable
banks and bankers who engage in illegal activity, such as
banning individuals from the banking industry. Could you please
describe:
Whether your agency has any regulation, guidance, policies,
formal or informal, that guide when individuals should be
banned from banking under 12 U.S.C. ��1818(e) and (g). If so,
please provide those documents.
A.1. Please see response for Question 3.
Q.2. Under what circumstances your agency has used 12 U.S.C.
��1818(e) and (g) in the past, including any actions taken
against bankers in the largest financial institutions.
A.2. Please see response for Question 3.
Q.3. The process your agency does or would follow to use its
authority under 12 U.S.C. ��1818(e) and (g).
A.3. The Federal Reserve and other Federal banking agencies
make decisions on whether to initiate actions to ban
individuals from banking based on application of the statutory
criteria to the facts of the particular case. To prohibit an
individual from participating in the banking industry under 12
U.S.C. �1818(e), the Federal Reserve must show that the
individual engaged in an unsafe or unsound practice, breach of
fiduciary duty or violation of law that resulted in losses or
other harm to the institution or gains to the individual, and
that involved personal dishonesty, or willful or continuing
disregard for safety and soundness. 12 U.S.C. �1818(e)(1).
Congress has also provided the Federal banking agencies with
authority to prohibit insiders in cases involving violations of
the Bank Secrecy Act (BSA) if such violation ``was not
inadvertent or unintentional,'' or is aware that an
institution-affiliated party has engaged in a criminal
violation of the BSA or the anti-money laundering laws. 12
U.S.C. �1818(e)(2). The Federal banking agencies may also
suspend an institution-affiliated party who is charged with a
felony involving dishonesty or a breach of trust or with a
criminal violation of anti-money laundering laws, pending final
resolution of the criminal charges. 12 U.S.C. �1818(g)(1). In
these cases, we may also determine that the assessment of civil
money penalties is appropriate against the individual.
Because application of the statutory factors for a
prohibition order is highly dependent on the individual factual
record relating to a particular banker's conduct, we have not
issued any general guidance or policies related to the exercise
of this authority.
An individual convicted of a criminal offense involving
dishonesty or a breach of trust also is subject to the
prohibitions set forth in section 19 of the Federal Deposit
Insurance Act (FDI Act). 12 U.S.C. �1829. Section 19 prohibits
a convicted person from directly or indirectly owning,
controlling, or participating in the affairs of any insured
depository institution, or a bank or savings and loan holding
company in the United States without the consent of the Federal
Depository Insurance Corporation (FDIC), in the case of an
insured depository institution, or the Board in the case of a
holding company. 12 U.S.C. �1829(a)(1). The regulators may not
consent to such service or control by a person who has been
convicted of certain types of crimes, such as a conviction for
money-laundering, for 10 years from the date of the conviction.
12 U.S.C. �1829(a)(2).
In the past 5 years, the Federal Reserve has issued 44
prohibition orders, including several orders that included an
assessment of a civil money penalty, and notified more than 200
individuals of their ban from banking under section 19. These
actions involve individuals employed by several large financial
institutions, including UBS, Bank of New York Mellon, American
Express, CitiFinancial, Wells Fargo, SunTrust, and Regions.
These prohibitions involved, among other things, instances of
unauthorized trading activity, falsification of records, and
other unsafe bank practices and violations of law.
The Federal Reserve and the Federal banking agencies have
issued rules of practice and procedures that govern prohibition
and removal actions. 12 CFR �263 et seq. A copy of these
regulations is attached. The Federal Reserve makes public all
of its prohibition orders and posts them on its Web site at:
www.federalreserve.gov/apps/enforcementactions/search.aspx.
Q.4. Attorney General Holder testified before the Judiciary
Committee that he is ``concerned that the size of some of these
institutions becomes so large that it does become difficult for
us to prosecute them when, . . . if you do bring a criminal
charge, it will have a negative impact on the national economy,
perhaps even the world economy.''
Can you explain how your efforts to ensure compliance with
money laundering laws are affected when so many people--even
the Attorney General of the United States--think it is
``difficult to prosecute'' the biggest banks?
A.4. Please see response for Question 5.
Q.5. Are you worried that the size and interconnectedness of
our Nation's largest financial institutions negatively affects
your ability to enforce the law and reduces your leverage?
A.5. The Federal Reserve firmly believes that no institution is
above the law or too large to be prosecuted for failure to
comply with the law. Indeed, the Federal Reserve, which has
authority to impose only civil penalties and orders, has on its
own and in coordination with other law enforcement agencies,
imposed a number of substantial fines and penalties against the
largest, most complex financial firms using the enforcement
authorities granted by Congress to the Federal banking
agencies. In addition to fines, the Federal Reserve's
enforcement actions required firms to implement the necessary
firm-wide compliance risk management programs.
Q.6. At the hearing, Under Secretary Cohen and Governor Powell
both testified that the Justice Department was in contact with
their institutions regarding the HSBC case. Without reference
to any particular case, can you describe the general or usual
process for cooperation between your institution and the
Justice Department regarding money laundering and Bank Secrecy
Act issues? In particular:
Which office or offices in the Justice Department contact
your institution?
A.6. Please see response for Question 10.
Q.7. Which office or offices in your institution are contacted?
A.7. Please see response for Question 10.
Q.8. At what points in the enforcement process is your
institution contacted?
A.8. Please see response for Question 10.
Q.9. What information is usually requested?
A.9. Please see response for Question 10.
Q.10. Are there are any formal or informal guidelines that are
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?
A.10. The Federal Reserve maintains close contact with multiple
offices of the Department of Justice (DOJ). In cases involving
potential money-laundering or BSA violations, the Board's Legal
Division is typically in contact with the Asset Forfeiture and
Money-Laundering Section (AFMLS) of the Criminal Division of
the DOJ. The Board and the Reserve Banks also maintain contact
with the local United States Attorney. For example, in the HSBC
case the Board and the Reserve Bank legal departments
maintained contact with the local United States Attorney's
office, the District Attorney for New York County, and AFMLS.
The Federal Reserve contacts the DOJ whenever we have reason to
believe a criminal violation of the BSA has occurred. The Board
also contacts Office of Foreign Assets Control (OFAC) and
Financial Crimes Enforcement Network (FinCEN) as appropriate,
as well as State prosecutors. The Federal Reserve provides
support to criminal authorities investigating potential
violations of the BSA, related anti-money laundering laws, and
U.S. economic sanctions consistent with applicable legal
restrictions. The kind of cooperation provided depends on the
circumstances of the particular case. Typically, such
assistance involves sharing supervisory information and
expertise with staff from the criminal division of the DOJ and
the local United States Attorney's office. The Federal Reserve
makes its own decision whether to bring a civil enforcement
case; the decision to file criminal charges in a particular
case is fully within the discretion of the DOJ or other Federal
agency with the authority to press criminal charges.
The rules or procedures that govern our interagency
cooperation efforts depend on the type of assistance requested
by law enforcement. For example, requests made by law
enforcement for supervisory information and other assistance
are subject to the rules and procedures regarding the
availability of supervisory information. 12 CFR �261.21.
Conversely, the circumstances may require Federal Reserve staff
to obtain access to Grand Jury information in order to lend our
expertise on matters under consideration by the Grand Jury.
Congress has prescribed a legal mechanism to facilitate the
sharing of such information in these instances. 12 U.S.C.
�3322(b).
Q.11. The Federal Reserve has conducted a great deal of
research around various topics in money laundering, including
around compliance issues. As you know, the Federal Reserve has
a unique ability to take a broader, deeper look at the industry
and its practices, rather than focusing on a particular case.
Has the Federal Reserve conducted any studies, similar to
its private banking study, recently? If so, can you provide
these studies?
A.11. Please see response for Question 13.
Q.12. Are there plans to conduct similar studies in the future?
A.12. Please see response for Question 13.
Q.13. Has the Federal Reserve conducted any studies of problems
revealed during examinations on BSA issues? If so, can you
provide these studies?
A.13. Since the Federal Reserve's efforts to highlight the
illicit financing risks associated with private banking
activities in 1996, we have continued to addresses perceived
anti-money laundering vulnerabilities in the banking industry
by developing supervisory guidance and making improvements to
our examination procedures. For example, in 2008, the Federal
Reserve issued supervisory guidance regarding firm-wide
compliance expectations for large, complex banking
organizations. \5\ A firm-wide compliance function that plays a
key role in managing and overseeing compliance risk while
promoting a strong culture of compliance across the
organization is particularly important for large, complex
organizations that have a number of separate business lines and
legal entities that must comply with a wide range of applicable
rules and standards. In 2009, based on transparency concerns
raised by the Board and others, the Society for Worldwide
Interbank Financial Telecommunication (SWIFT) adopted a new
message format for cover payments (the MT 202 COV) that
provides intermediary banks with additional originator and
beneficiary information, enabling them to perform sanctions
screening and suspicious activity monitoring. In furtherance of
these efforts, the Board issued guidance on the necessity for
transparency and proper monitoring with respect to cross-border
funds transfers. \6\
---------------------------------------------------------------------------
\5\ S.R. 08-8, ``Compliance Risk Management Programs and Oversight
at Large Banking Organizations With Complex Compliance Profiles''
(October 18, 2008). Available at: www.federalreserve.gov/boarddocs/
srletters/2008/SR0808.htm.
\6\ ``Transparency and Compliance for U.S. Banking Organizations
Conducting Cross-Border Funds Transfers'' (November 19, 2009).
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
The Federal Reserve's expectations in the area of firm-wide
compliance have been incorporated into the procedures utilized
by the member agencies of the Federal Financial Institutions
Examination Council (FFIEC) for conducting compliance
examinations under the BSA and anti-money laundering (BSA/AML)
rules and regulations. The Federal Reserve has not conducted
any special studies; however, we have recently begun working
with the FFIEC member agencies to identify additional areas of
concern that require heightened attention by the banking
organizations we supervise, based on our examination
experience, and will incorporate the results of this effort as
part of our continuing effort to update our examination
procedures.
Currently, as a member of the U.S. Department of the
Treasury's Interagency Task Force on Strengthening and
Clarifying the BSA/AML Framework (Task Force), the Federal
Reserve is engaged in a review of the BSA, its implementation,
and its enforcement with respect to U.S. financial institutions
that are subject to these requirements. The Task Force will
develop recommendations for ensuring the continued
effectiveness of the BSA and efficiency in agency efforts to
monitor compliance.
------
RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
FROM JEROME H. POWELL
Q.1. As all of you mentioned, the sophistication and
determination of money launderers, terrorist financiers, and
other criminals has evolved and changed as they find ways to
gain access to our institutions. How can we support smaller
institutions that cannot afford to put the same programs in
place as the large banks? In your examinations, have you
noticed vulnerabilities on a large scale?
A.1. Financial institutions are expected to maintain a Bank
Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program
scaled to the specific risk profile of the institution. An
institution's risk profile involves factors such as the size of
the banking organization, the products and services it offers,
and the markets it serves. Consequently, the risk profile for a
smaller community banking organization will be different than
that of a large, complex banking organization with
international operations, and the examination process will be
tailored in accordance with that profile. The Federal Reserve
understands that some community banks may not share the same
level of risk and resources as their larger peers. When
determining the depth of a BSA/AML review, our examiners
consider the institution's risk profile, history of BSA/AML
compliance, and emerging risks in the markets it serves.
While the majority of the institutions supervised by the
Federal Reserve have well-administered programs for complying
with the BSA, there have been occasions when examiners have
raised concerns with the programs maintained at smaller
institutions. For example, in 2012, the Federal Reserve issued
a Cease and Desist Order against Asian Bank, Philadelphia,
Pennsylvania, for BSA compliance deficiencies and required the
bank's management maintain effective control over, and
supervision of the bank's BSA/AML compliance program. The
Federal Reserve and the member agencies of the Federal
Financial Institutions Examination Council (FFIEC) have
developed a uniform manual for examining the programs used by
banking organizations to maintain compliance with the BSA/AML
rules and regulations. Examinations are based on the broad
principle that an effective BSA/AML compliance program requires
sound risk management. This FFIEC BSA/AML examination manual
also provides guidance that smaller institutions can use to
identify and control these risks. The manual undergoes periodic
revisions to ensure it is relevant and responds appropriately
to risks identified by examiners or law enforcement, and that
those procedures apply to those specific institutions that
carry those risks.
�