[Senate Hearing 113-10]
[From the U.S. Government Publishing Office]



                                                         S. Hrg. 113-10

 
     PATTERNS OF ABUSE: ASSESSING BANK SECRECY ACT COMPLIANCE AND 
                              ENFORCEMENT

=======================================================================

                                HEARING

                               before the

                              COMMITTEE ON
                   BANKING,HOUSING,AND URBAN AFFAIRS
                          UNITED STATES SENATE

                    ONE HUNDRED THIRTEENTH CONGRESS

                             FIRST SESSION

                                   ON

         EXAMINING BANK SECRECY ACT COMPLIANCE AND ENFORCEMENT

                               __________

                             MARCH 7, 2013

                               __________

  Printed for the use of the Committee on Banking, Housing, and Urban 
                                Affairs


                 Available at: http: //www.fdsys.gov /



                  U.S. GOVERNMENT PRINTING OFFICE
80-662                    WASHINGTON : 2013
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202ï¿½09512ï¿½091800, or 866ï¿½09512ï¿½091800 (toll-free). E-mail, [email protected].  


            COMMITTEE ON BANKING, HOUSING, AND URBAN AFFAIRS

                  TIM JOHNSON, South Dakota, Chairman

JACK REED, Rhode Island              MIKE CRAPO, Idaho
CHARLES E. SCHUMER, New York         RICHARD C. SHELBY, Alabama
ROBERT MENENDEZ, New Jersey          BOB CORKER, Tennessee
SHERROD BROWN, Ohio                  DAVID VITTER, Louisiana
JON TESTER, Montana                  MIKE JOHANNS, Nebraska
MARK R. WARNER, Virginia             PATRICK J. TOOMEY, Pennsylvania
JEFF MERKLEY, Oregon                 MARK KIRK, Illinois
KAY HAGAN, North Carolina            JERRY MORAN, Kansas
JOE MANCHIN III, West Virginia       TOM COBURN, Oklahoma
ELIZABETH WARREN, Massachusetts      DEAN HELLER, Nevada
HEIDI HEITKAMP, North Dakota

                       Charles Yi, Staff Director

                Gregg Richard, Republican Staff Director

                  Laura Swanson, Deputy Staff Director

                    Colin McGinnis, Policy Director

                      Steve Kroll, Special Counsel

                           Pat Grant, Counsel

                       Dawn Ratliff, Chief Clerk

                     Riker Vermilye, Hearing Clerk

                      Shelvin Simmons, IT Director

                          Jim Crowell, Editor

                                  (ii)
?

                            C O N T E N T S

                              ----------                              

                        THURSDAY, MARCH 7, 2013

                                                                   Page

Opening statement of Chairman Johnson............................     1

Opening statements, comments, or prepared statements of:
    Senator Warner...............................................     2

                               WITNESSES

David S. Cohen, Under Secretary for Terrorism and Financial 
  Intelligence, Department of the Treasury.......................     3
    Prepared statement...........................................    31
    Responses to written questions of:
        Chairman Johnson.........................................    61
        Senator Crapo............................................    65
        Senator Reed.............................................    69
        Senator Warren...........................................    69
        Senator Heitkamp.........................................    72
Thomas J. Curry, Comptroller, Office of the Comptroller of the 
  Currency.......................................................     5
    Prepared statement...........................................    44
    Responses to written questions of:
        Chairman Johnson.........................................    73
        Senator Crapo............................................    77
        Senator Reed.............................................    80
        Senator Warren...........................................    81
        Senator Heitkamp.........................................   160
Jerome H. Powell, Member, Board of Governors of the Federal 
  Reserve
  System.........................................................     6
    Prepared statement...........................................    55
    Responses to written questions of:
        Chairman Johnson.........................................   161
        Senator Crapo............................................   166
        Senator Warren...........................................   171
        Senator Heitkamp.........................................   176

                                 (iii)


     PATTERNS OF ABUSE: ASSESSING BANK SECRECY ACT COMPLIANCE AND 
                              ENFORCEMENT

                              ----------                              


                        THURSDAY, MARCH 7, 2013

                                       U.S. Senate,
          Committee on Banking, Housing, and Urban Affairs,
                                                    Washington, DC.
    The Committee met at 10:03 a.m., in room SD-538, Dirksen 
Senate Office Building, Hon. Tim Johnson, Chairman of the 
Committee, presiding.

           OPENING STATEMENT OF CHAIRMAN TIM JOHNSON

    Chairman Johnson. The Committee is called to order.
    Today we will assess large money center banks' compliance 
with U.S. anti-money laundering rules. Our financial system is 
a major target for those who want to conceal and move illicit 
funds since the dollar is the world's reserve currency. That is 
why strong AML compliance coupled with tough enforcement is 
critical.
    In recent years we have seen major enforcement actions 
against a large number of global banks that allowed billions of 
dollars to flow through the U.S. financial system in a 
concealed way. They include ABN AMRO, Lloyd's, Credit Suisse, 
Wachovia, Barclays, ING, Standard Chartered, and HSBC. These 
banks violated the Bank Secrecy Act and our sanctions rules 
against Iran, Cuba, and other countries in various ways, which 
cost the banks over $5 billion in fines and forfeitures. In 
addition, Citibank and JPMorgan Chase have been required to 
overhaul their BSA compliance systems in the face of major 
violations.
    This pattern of violations is disturbing. Holes in banks' 
anti-money laundering systems can protect funds stolen by 
corrupt leaders and drug cartels, help sanction violators, and 
enable terrorist financing. To address this threat, we must 
understand how banks' safeguards malfunction and assess the way 
the Government enforces our AML rules. As we do that, we should 
consider several important issues:
    The Government depends on bank compliance programs to 
detect and prevent money laundering. Should senior management 
be required to confirm the strength of their programs regularly 
so that they do not break down, as appears to have happened at 
a number of banks?
    In the recent major penalty cases, U.S. banks failed to 
deal effectively with funds from non-U.S. branches or 
affiliates; some of the latter intentionally undermined rules 
and procedures that they knew were required in the U.S. How can 
we ensure more uniform compliance and enforcement of U.S. and 
international rules?
    The time between citations by bank examiners and 
enforcement actions cannot be allowed to drag out, as was done 
in some of these cases. While I am pleased that the OCC and 
other regulators are intensifying their efforts in this area, 
they must let law enforcement know early on about potential 
problems to prevent illicit funds from being moved while 
problems are being fixed.
    Last, questions have been raised about remedies, including 
the need for prosecution. We should consider today the full 
range of remedies in cases like these, including: BSA 
injunctions, banning from the industry those individuals who 
violate the rules, suspending a particular kind of activity or 
line of business at a bank in response to violations, and other 
measures.
    We must do more to ensure that global banks, including 
their affiliates and branches who seek access to the U.S. 
system, have effective anti-money laundering systems in place. 
If the recent record of AML-related violations by U.S. banks is 
any indication, we clearly have a long way to go before that is 
accomplished. I hope today's hearing can advance the discussion 
of how to reach this goal.
    I will need to excuse myself momentarily to attend an 
Energy Committee hearing, but I appreciate the witnesses' 
testimony and will follow up if I have additional questions. I 
understand Ranking Member Crapo is sick and regrets not being 
here today. His statement will be submitted for the record.
    I will now turn it over to Senator Warner.

              STATEMENT OF SENATOR MARK R. WARNER

    Senator Warner [presiding]. Thank you, Mr. Chairman, and I 
thank my colleagues, particularly Senator Reed. I think you 
have got to head off, too, so to make sure to the folks here, I 
am not jumping line. And I am going to assume we are going to 
honor the old Corker rule here in that nobody else wants to 
make a statement at this point, so I can go ahead and introduce 
the witnesses.
    I want to remind all my colleagues that the record will be 
open for the next 7 days for opening statements and any other 
materials you would like to submit. Now I would like to 
introduce our witnesses.
    The Honorable David Cohen is the Treasury Department's 
Under Secretary for Terrorism and Financial Intelligence. Mr. 
Cohen formerly served as Assistant Secretary for Terrorist 
Financing, and prior to that he was in private practice at 
Wilmer, Cutler, Pickering, Hale & Dorr. He also served in 
various roles in the Treasury Department's Office of General 
Counsel.
    The Honorable Thomas J. Curry is the Comptroller of the 
Currency. Prior to becoming Comptroller, Mr. Curry served as 
the Director at FDIC as well as the chairman of the 
NeighborWorks America Board of Directors. He previously served 
five Governors as the Commissioner of Banks for the 
Commonwealth of Massachusetts.
    Then, finally, the Honorable Jerome H. Powell is the 
Governor on the Board of the Federal Reserve System. Before 
joining the Board, Mr. Powell was a visiting scholar at the 
Bipartisan Policy Center, and prior to that he served as a 
partner at the Carlyle Group, as Assistant Secretary and Under 
Secretary of the Treasury in the first Bush administration, and 
as a lawyer and investment banker in New York City. And I am 
friends with Mr. Powell and his Mr. Powell and his family.
    I am going to go ahead, since this is a rare opportunity 
for me to actually move up to the Chairman's seat. I am going 
to take advantage of this--it may be years before I get to sit 
there again--before I call on Mr. Cohen to give his opening 
statement.
    If Senator Reed or Senator Johnson were still here, they 
would say, ``Do not get too comfortable.''
    With that, Mr. Cohen, please proceed.

STATEMENT OF DAVID S. COHEN, UNDER SECRETARY FOR TERRORISM AND 
       FINANCIAL INTELLIGENCE, DEPARTMENT OF THE TREASURY

    Mr. Cohen. Thank you, Chairman Johnson, Ranking Member 
Crapo, distinguished Members of the Committee. Thank you for 
inviting me to testify today on a core focus of our efforts at 
the Department of the Treasury: promoting a safe and secure 
financial system, and effectively combating money laundering, 
terrorist financing, and related forms of illicit finance. I 
would like to commend you, Mr. Chairman, and this entire 
Committee for your strong leadership on this topic.
    The spate of recent high-profile enforcement actions 
against some of our largest and most sophisticated financial 
institutions raises troubling questions about the effectiveness 
of our domestic anti-money laundering and counterterrorist 
financing efforts. It is critically important to understand why 
these failures occurred and what we can do--whether through 
better legislation, regulation, examination, or enforcement--to 
prevent the recurrence of such failures.
    The Bank Secrecy Act and the regulations promulgated by 
Treasury's Financial Crimes Enforcement Network, known as 
FinCEN, and the Federal functional regulators established the 
framework for guarding the financial system from money 
laundering and terrorist financing. These laws and regulations 
work in tandem with the sanctions programs implemented by 
Treasury's Office of Foreign Assets Control, known as OFAC.
    These laws and rules aid financial institutions in 
identifying and managing risk, provide valuable information to 
law enforcement, and create the foundation of financial 
transparency required to deter, detect, and punish those who 
would abuse our financial system.
    But the laws and rules can only do so much. A truly robust 
AML/CFT framework requires effective AML program implementation 
by financial institutions, buttressed by strong enforcement 
efforts.
    In light of what we have seen in recent years, it is clear 
that significant design, oversight, compliance, and enforcement 
challenges remain. I would like to highlight the Treasury 
Department's efforts to strengthen the effectiveness of our 
AML/CFT regime.
    First, Treasury's AML/CFT regulators, FinCEN and OFAC, are 
committed to continuing their vigorous investigation and 
enforcement of violations. In my written testimony, I describe 
a number of recent FinCEN and OFAC enforcement actions, 
including the HSBC matter last December, in which FinCEN 
imposed a $500 million civil penalty for willful violations of 
the BSA, and OFAC imposed a $375 million fine for sanctions 
evasion.
    Moreover, FinCEN, as part of a thorough review being 
conducted by its new Director, is redoubling its AML 
enforcement focus, including by ensuring that it is employing 
all of the tools at its disposal to hold accountable those 
institutions and individuals who allow our financial 
institutions to be vulnerable to illicit financial activity.
    Second, because aggressive enforcement is a necessary but 
not sufficient response to the problems exposed by recent 
investigations, we have set up two groups to examine and 
improve the legal, regulatory, compliance, and enforcement 
framework.
    FinCEN recently organized a group of representatives from 
the financial service industry, financial regulators, and law 
enforcement whose mission is to identify gaps between illicit 
finance risks and compliance efforts, and to develop 
recommendations to close those gaps. This group's work will 
feed into the efforts of an interagency group that I convened 
last fall known as the AML Task Force. Other task force members 
include senior representatives from all regulators with 
responsibility to combat money laundering: FinCEN, the Fed, the 
OCC, the FDIC, the NCUA, the CFTC, the SEC, and the IRS, as 
well as the Justice Department's Criminal Division.
    The task force is taking a step-back look at our AML/CFT 
framework to assess how the entire enterprise is operating. It 
is looking at illicit finance risks and compliance requirements 
and will evaluate information-sharing, supervision, and 
enforcement practices to determine if there are ways to better 
inform, assess, encourage, and, as necessary, compel financial 
institution compliance.
    Third, we are moving ahead with an initiative to enhance 
financial transparency, a new rule that would explicitly 
require financial institutions to conduct in-depth customer due 
diligence to identify the true beneficial owner of accounts. 
Current law explicitly requires enhance customer due diligence 
in only certain limited circumstances. This may permit illicit 
actors to access the financial system undetected and to engage 
in transactions that financial institutions may fail to 
identify as suspicious. We have gathered a wealth of useful 
information on this proposal from written submissions and in a 
series of public hearings. We anticipate publishing a proposed 
rule for further notice and comment soon.
    Finally, I want to note our international efforts to 
strengthen the global AML/CFT framework. Given the global 
nature of money laundering and terrorist financing and the 
increasing interrelatedness of the global financial system, a 
secure global framework is essential to the integrity of the 
U.S. financial system. Working with several intergovernmental 
and international organizations, most notably the Financial 
Action Task Force, we are helping lead international efforts to 
revise and strengthen global AML/CFT standards.
    The United States is home to one of the strongest anti-
money laundering and counterterrorist financing regimes in the 
world, but clearly there is work to be done to make our AML/CFT 
regime more efficient, effective, and to elicit better 
compliance from financial institutions.
    I look forward to working with this Committee on these 
critical issues and would be pleased to answer your questions.
    Senator Warner. Thank you, Mr. Cohen.
    Mr. Curry.

   STATEMENT OF THOMAS J. CURRY, COMPTROLLER, OFFICE OF THE 
                  COMPTROLLER OF THE CURRENCY

    Mr. Curry. Chairman Johnson, Ranking Member Crapo, and 
Members of the Committee, I appreciate the opportunity to 
appear before you today to discuss what the OCC is doing to 
ensure that Federal banks and thrifts have programs in place to 
deny money launderers and other criminal elements access to the 
banking system.
    I cannot overstate the importance of the Bank Secrecy Act 
and other anti-money laundering statutes. When it was first 
signed into law in 1970, the Bank Secrecy Act was intended to 
be another tool in the battle against illicit drugs. Today it 
is also an important weapon in combating a host of financial 
crimes as well as in the war against terrorism, and that is why 
the OCC continues to search for ways to improve our supervision 
in this area.
    Lately, we have observed a number of instances in which our 
largest institutions have failed to meet the requirements of 
the Bank Secrecy Act, and the OCC has taken some very 
significant enforcement actions against those banks.
    In the wake of the financial crisis, too many banks 
inappropriately cut staffing and spending for BSA and anti-
money laundering compliance as austerity measures, and our 
examiners are now working to ensure that these institutions add 
resources they need to maintain solid BSA/AML programs.
    Although many of our recent enforcement actions have 
involved large banks, BSA is an issue for institutions of all 
sizes. In fact, as large banks improve their BSA/AML programs 
and jettison higher-risk lines of business, we are concerned 
that money launderers will migrate to smaller institutions.
    While we are committed to ensuring that all the 
institutions we supervise have effective BSA/AML programs in 
place, we recognize the increased burden this places on 
community banks and thrifts. We will work with these 
institutions to help them calibrate their controls to reflect 
the risks they face, thereby reducing unnecessary burden.
    BSA compliance is inherently difficult. It involves the 
challenge of sifting through large volumes of transactions to 
identify those with suspicious features, a task made especially 
difficult by the ingenuity criminal elements have shown. As a 
result, financial institutions and supervisors are devoting 
more resources to maintain effective programs.
    Most of the problems we find in BSA/AML programs are 
attributable to the following root causes: the strength of an 
institution's compliance culture, its willingness to commit 
sufficient resources, the strength of its information 
technology and monitoring processes, and its risk management.
    The health of a bank's culture starts at the top, and so it 
is important that senior management demonstrate a commitment to 
BSA/AML compliance. Employees need to know BSA compliance is a 
management priority and that the compliance function will 
receive the resources it needs to succeed, including training 
and first-rate information technology.
    We are currently in the process of drafting detailed 
guidance to banks on sound corporate governance processes that 
will incorporate many of these concepts, including business 
line accountability for BSA/AML compliance and the independence 
of the compliance function.
    We are also reviewing certain statutory provisions and 
exploring whether a regulation or agency issuance interpreting 
these provisions would be helpful in enhancing our enforcement 
authority against insider wrongdoing in this area. Several 
agencies have a role in addressing BSA issues, and we 
participate in a number of interagency groups to address them.
    Additionally, we regularly provide information, documents, 
and expertise to law enforcement for use in criminal 
investigations on a case-specific basis. We also work closely 
with the Federal Reserve and the other banking agencies, and we 
are active participants on the interagency task force that 
Under Secretary Cohen formed to examine how this 40-year-old 
statutory framework can remain relevant in today's world.
    Despite problems we have identified, many financial 
institutions have developed strong BSA compliance programs 
responsible for detecting and reporting potential criminal 
violations to law enforcement. To this point, more than 5.6 
million SARs have been collected in the centralized data base 
that is maintained by FinCEN, and these reports provide 
critical information to law enforcement agencies. The majority 
of these SARs have been filed by national banks and Federal 
thrifts. These reports play a vital role in combating drug 
traffickers and other criminal elements, and we at the OCC 
believe Congress should act to clarify and strengthen the safe 
harbor for institutions that file SARs.
    Banks need to know that they can share information with law 
enforcement agencies without incurring liability and that they 
can file SARs without running the risk that their bank will be 
exposed to litigation for simply complying with Federal law. We 
would be happy to work with the Committee in exploring these 
ideas.
    While there are many challenges ahead of us, we will 
continue to work with Congress, law enforcement, other 
regulatory agencies, and the industry to develop and implement 
a coordinated and comprehensive response to the threat posed to 
our Nation's financial system by terrorist and criminal 
organizations.
    Thank you, and I look forward to your questions.
    Senator Warner. Thank you, Mr. Curry.
    Mr. Powell.

 STATEMENT OF JEROME H. POWELL, MEMBER, BOARD OF GOVERNORS OF 
                   THE FEDERAL RESERVE SYSTEM

    Mr. Powell. Thank you, Mr. Chairman. Chairman Johnson, 
Ranking Member Crapo, and other Members of the Committee, thank 
you for inviting me to discuss the role the Federal Reserve 
plays in the U.S. Government's efforts to combat money 
laundering and terrorist financing.
    The Federal Reserve requires the institutions we supervise 
to have an effective BSA compliance program. In coordination 
with other Federal agencies, we have adopted regulations and 
guidance that explain our expectations for the features of an 
effective BSA compliance program.
    Banking organizations must also maintain a program for 
ensuring compliance with U.S. economic sanctions that is 
effective in identifying higher-risk areas within a bank's 
operations and screening and reporting prohibited transactions.
    As part of these programs, institutions we supervise must 
provide law enforcement with the reports prosecutors need to 
investigate suspicious activity. The Federal Reserve reviews 
these BSA and OFAC compliance programs as part of our regular 
safety and soundness examination program for the approximately 
1,060 State member banks, State chartered branches and agencies 
of foreign banking organizations, and Edge Act and other 
corporations we supervise.
    We also conduct targeted examinations of financial 
institutions that show signs of being vulnerable to illicit 
financing. To ensure consistency, we use procedures developed 
jointly in a joint manual with FinCEN, OFAC, and the other 
members of FFIEC. Importantly, the Federal Reserve takes the 
findings of our BSA and OFAC exams into account in determining 
the institution's examination ratings.
    The Federal Reserve devotes substantial resources to BSA 
and OFAC compliance. In addition to its examination force, each 
Federal Reserve Bank, each of the 12, has a BSA/OFAC specialist 
and coordinator, and the Board's Division of Banking 
Supervision and Regulation has long had an anti-money 
laundering section, overseen by a senior official, who is here 
with me today, to help coordinate the system efforts.
    We also coordinate with other agencies. For example, the 
Federal Reserve brings every instance of a serious anti-money 
laundering deficiency or violation to the attention of FinCEN, 
OFAC, the Department of Justice, State law enforcement, the 
Federal banking agencies, and State regulators, as appropriate, 
as part of our enforcement program.
    We also participate in a number of interagency and 
international groups that develop standards for and coordinate 
interagency compliance, monitoring, and enforcement efforts.
    While the majority of institutions we supervise have well-
administered and effective BSA and OFAC compliance programs, 
some cases require the use of our enforcement authority. In the 
last 5 years, we have issued 113 enforcement actions relating 
to BSA and OFAC compliance, including 25 public cease-and-
desist orders and written agreements, and imposed hundreds of 
millions of dollars in civil penalties. These actions involve 
institutions that are large and small, domestic and foreign. In 
each case, the Federal Reserve has required the institution to 
take corrective measures to ensure that its programs are 
brought into compliance.
    Many of the recent U.S. sanctions cases the Federal Reserve 
has pursued involve foreign banks with operations that extend 
across many different countries. Foreign banks that operate in 
countries without sanctions similar to those imposed by the 
United States have not always had in place mechanisms to ensure 
transactions routed through the U.S. comply with U.S. law. The 
Fed's enforcement action against ABN AMRO in 2005 triggered 
important changes in cross-border payment practices.
    The Federal Reserve has played a key role in developing the 
standards that have since been adopted to improve transparency 
in cross-border payment messages, including the standards 
operated by Basel and SWIFT. These standards require the 
expanded disclosure of the originator and beneficiary on 
payment instructions sent as part of a cover payment.
    The Federal Reserve places great importance on ensuring 
that the institutions we supervise comply with the BSA and U.S. 
economic sanctions. When we find problems at a supervised 
institution, we demand specific corrective measures, by 
specific dates, and we take strong enforcement measures when 
necessary. We will continue these efforts and work 
cooperatively with law enforcement and other financial 
regulators to ensure a coordinated response to the threat posed 
by illicit financing to the U.S. financial system.
    Let me conclude by saying that we recognize that money 
laundering and illicit financing threats have become more 
complex and, in addition, the financial markets have evolved so 
that the BSA/AML framework, which was established decades ago 
and based primarily on a bank-centric model, may no longer be 
fully effective. We, therefore, join with the Treasury 
Department, the OCC, law enforcement, and other banking 
agencies to conduct a zero-based review of the U.S. supervisory 
and enforcement regimes for BSA/AML compliance. This review 
will provide the basis for identifying potential improvements 
to the AML framework and developing recommendations to 
implement those improvements.
    Thank you.
    Senator Warner. Thank you, gentlemen. I appreciate your 
testimony.
    We will put 5 minutes on the clock for us, but since it may 
just be a few members, we will get a good chance to get into 
some depth and detail.
    You know, I saw I believe it was the Attorney General 
recently made a statement that I would like to get some 
clarification from all of you, that there were concerns that 
some banks were potentially too large to prosecute in terms of 
their potential effect upon the economy. I do not personally 
believe that it can be the position of the U.S. Government that 
any institution should be too large to prosecute. As someone 
who was quite involved in Title II of Dodd-Frank, putting in 
place resolution authority and the ability to get both at the 
management and shareholders of firms, mostly here focusing on 
prudential standards, safety and soundness, but there is some 
question as well, as we look at BSA/AML enforcement, while the 
Committee has put forward 10 cases, these are all cases that 
have been--where there has only been monetary fines. There has 
not been actually prosecution of an institution. There has not 
been prosecution of individuals.
    And I guess what I would want to start with is, as the 
Chairman mentioned earlier in his opening remarks, how do we 
ensure that we have strong BSA/AML compliance standards within 
these institutions? How do we ensure that we make sure that 
during times of financial stress compliance is not being cut 
back on? And do you each feel we have the appropriate tools 
where, as necessary, to move beyond just the fine capacity but 
to actually--each of you have got tools to be able to bar 
individuals from continuing to pursue--or bar individuals from 
being involved in the banking system? And how do we make sure 
those tools are effectively used? And I would like to hear from 
each of you. Briefly, if possible, because I have got a couple 
more rounds.
    Mr. Cohen. Certainly. Thank you, Senator Warner. I will 
address this in two ways.
    I think we do have a number of tools that we have used in 
the past and that we are intending to use in appropriate cases 
in the future to ensure that when there are enforcement actions 
to be taken against institutions and individuals, that we do so 
and are vigorous in our enforcement efforts. I set out, as I 
said, in my testimony some of the prior enforcement actions, 
but I have also said and want to reiterate that one of the 
objectives of the review that is underway now at FinCEN is to 
consider ways for FinCEN's enforcement authority to be even 
more effectively discharged, including looking at ways to take 
action against individuals--officers, directors, shareholders, 
partners, whoever it may be--if they are themselves involved in 
the misconduct that----
    Senator Warner. And is part of that looking at actually 
having these officers and directors sign off on compliance work 
in a stronger way than they do right now?
    Mr. Cohen. Well, it is that as well as, I think, more 
aggressive action with respect to those individuals, including 
the possibility of barring them from the industry and other 
injunctive action.
    So we are looking at the full range of ways to continue to 
enforce aggressively as well as to enhance our enforcement 
efforts, and I think we have the legal authority to do that. 
Frankly, it is our intention to ensure that we exercise that 
authority in----
    Senator Warner. I want to hear from the other gentlemen. 
Please.
    Mr. Curry. Thank you, Senator. At the OCC our job is to 
make sure as a civil enforcement agency that the banks have 
effective and adequate BSA/AML programs on an ongoing basis 
within the institutions. We conduct annual assessments of those 
systems, and if we find deficiencies, it is our policy to 
demand remedial action. If remedial action is not taken or it 
is a serious issue, we will proceed to use the arsenal of both 
informal and formal enforcement powers we have 
administratively.
    One of the areas that I focused on since becoming 
Comptroller is really to emphasize the corporate governance 
aspects of BSA compliance. That is part of the reason why we 
are developing and will be issuing soon specific guidance on 
what the expectations are for board and management 
accountability. And those have also served as important parts 
of our enforcement orders that we have issued in the last 
several months. They focus in a detailed fashion on the roles 
and responsibilities of operating management, and the board of 
directors as well.
    Senator Warner. Mr. Powell.
    Mr. Powell. Thank you, Senator. I will start by addressing 
your first question, which was the comments of the Attorney 
General yesterday, and I just want to say it is fundamental in 
this country that everyone is equal before the law, and I think 
his comments only underscore the need to end too big to fail 
and the need for the agencies to forcefully implement Title I 
and Title II as it relates to too big to fail. Just to address 
that part of your comment.
    In terms of enforcement, I do not have that much to add. I 
would just say that we examine for BSA compliance as part of 
our regular examinations on a 12- to 18-month schedule for all 
of the institutions that we examine. We have a well-worked-out, 
commonly agreed manual, and we have an accelerating series of 
sanctions. We are all very focused on assuring that those are 
adequate to the task, and we are particularly focused on 
enterprise-wide global risk--risk assessment and risk 
management mechanisms, compliance mechanisms that address this 
cross-border issue.
    Senator Warner. Let me just say, before I turn to Senator 
Reed, just that--and I will come back to this in the second 
round--I also have an enormous concern that the length of time 
to prosecution and the amount of potentially illegal and also 
potentially threatening in terms of terrorist financing, Iran a 
case in point, I want to come back to see how we can intervene 
even before perhaps an enforcement action needs to be taken so 
that we do not have this long drag period.
    Senator Reed.
    Senator Reed. Well, thank you very much, Mr. Chairman, and 
this is an incredibly important hearing. I just came from the 
Armed Services hearing, and we are talking with General Ham 
down in Africa Command, and the reality is these terrorist, 
criminal narco-syndicates need money. Without it, they are a 
nuisance. With it, they are potentially devastating opponents 
of the United States. And what you do is absolutely critical to 
shut off their ability to operate. And if we do not, then the 
alternative is not only very difficult for us, leading up to 
military action, but extraordinarily expensive. So I just want 
to emphasize how critical your roles are and how important this 
issue is. We cannot say it enough, because if you do your work 
right, then we do not have to contemplate or implement much 
more dangerous and expensive options.
    But let me echo a point that the Chairman made, I think 
very well, to Secretary Cohen, which is that under Sarbanes-
Oxley, for example, we require a chief executive to sign off on 
the financial statements, and that seems to have put a lot of 
vigor into the review of these issues that is lacking under the 
Bank Secrecy Act. I know you mentioned you are considering it, 
but I guess I would urge you to serious consider it. Can you 
comment again?
    Mr. Cohen. So, Senator Reed, I first want to say I 
wholeheartedly agree with your first comment and can tell you 
that the work that we do on the domestic anti-money laundering 
regime and the work that we do internationally in our various 
sanctions regimes is designed to accomplish exactly what you 
highlighted.
    With respect to elevating within the institution the 
obligation to sign off on the AML program, I think under 
current law it needs to be adopted by the board and reflected 
in the minutes of the board, the AML program. I think one of 
the things that the AML task force that I convened and that 
both of my colleagues here participate in, as well as others, 
is looking at how to adjust the regulatory requirements to be 
more effective. And I think this is an area that we will take 
up, and I think it is a worthy suggestion.
    Senator Reed. Thank you, and I think you have got to move 
expeditiously, too, because the threats out there are not--they 
are getting worse each moment.
    Mr. Curry.
    Mr. Curry. Senator, I share your concern. We are focusing 
on the corporate governance aspects. We believe that top 
management and the board needs to be held responsible for 
effective BSA/AML compliance, and that is part of the reason 
why we are going to be issuing our corporate governance 
guidance. And in our orders, I want to point out the board of 
directors has to sign our orders, the orders that are 
outstanding, which specify that they are responsible for the 
program, and if they fail to comply with that order, they face 
personal liability in the form of civil money penalties.
    Senator Reed. Yes, but just going to the long--this goes 
back to the Annunzio-Wiley anti-money laundering before. You 
have injunctive authority. I do not think the Comptroller has 
ever used it, et cetera. I do not think, to my knowledge, you 
can cite any specific incidence where someone has been 
seriously sanctioned, a director or--is that accurate, or am 
I--I want to be clear.
    Mr. Curry. That is an issue that we are pursuing. That is 
part of the reason we are looking at interpreting provisions of 
Section 8(e) of the FDIC Act. There are terms used there--I am 
paraphrasing--excusing inadvertent or unintentional violations. 
We want to tighten up that language so that we can have greater 
ease in bringing removal or prohibition actions under the FDIC 
Act.
    Senator Reed. Governor Powell, you are specifically 
responsible for the branches of foreign banks in the United 
States. In that role, any comments you might have, particularly 
a general question whether any fines against these institutions 
are effective or they are simply passed on to the consumers?
    Mr. Powell. We examine them under the same manual and in 
the same way as the OCC examines national banks, and we treat 
them from an enforcement standpoint in exactly the same way. We 
believe it is fundamentally reasonably effective.
    I think you raise good questions that are going to receive 
very serious consideration at the task force, but I believe we 
do treat them essentially as we treat American banks.
    Senator Reed. Thank you very much, gentlemen, and if I can 
get back, I would love to do a second round. Thank you.
    Senator Warner. Senator Warren.
    Senator Warren. Thank you, Mr. Chairman, and thank you to 
all three for being here today.
    As Senator Reed just pointed out, the U.S. Government takes 
money laundering very seriously for a very good reason, and it 
puts very strong penalties in place. In addition to monetary 
penalties, it is possible to shut down a bank that has been 
involved in money laundering. Individuals can be banned from 
ever participating in financial services again, and people can 
be sent to prison.
    Now, in December, HSBC admitted to money laundering, to 
laundering $881 million that we know of, for Mexican and 
Colombian drug cartels and also admitted to violating our 
sanctions for Iran, Libya, Cuba, Burma, the Sudan. And they did 
not do it just one time. It was not like a mistake. They did it 
over and over and over again across a period of years. And they 
were caught doing it, warned not to do it, and kept right on 
doing it, and evidently making profits doing it.
    Now, HSBC paid a fine, but no one individual went to trial, 
no individual was banned from banking, and there was no hearing 
to consider shutting down HSBC's activities here in the United 
States.
    So what I would like is--you are the experts on money 
laundering. I would like your opinion. What does it take? How 
many billions of dollars do you have to launder for drug lords 
and how many economic sanctions do you have to violate before 
someone will consider shutting down a financial institution 
like this? Mr. Cohen, can we start with you?
    Mr. Cohen. Certainly, Senator. No question the activity 
that was the subject of the enforcement action against HSBC was 
egregious, both in the money laundering that was going on at 
HSBC and the sanctions violations.
    For our part, we imposed on HSBC the largest penalties that 
we had ever imposed on any financial institution. We looked at 
the facts and determined that the appropriate response there 
was a very, very significant penalty against the institution.
    Senator Warren. Let me just move you along here, though, on 
the point, Mr. Cohen. My question is: Given that this is what 
you did, what does it take to get you to move toward even a 
hearing, even considering shutting down banking operations for 
money laundering?
    Mr. Cohen. So, Senator, we at the Treasury Department under 
OFAC and FinCEN authority do not have the authority to shut 
down a financial institution.
    Senator Warren. I understand that. I am asking, in your 
opinion--you are the ones who are supposed to be the experts on 
money laundering. You work with everyone else, including the 
Department of Justice. In your opinion, how many billions of 
dollars do you have to launder for drug lords before somebody 
says, ``We are shutting you down''?
    Mr. Cohen. Well, I think the authority to pull a license, 
pull the charter, is the authority that is committed to the 
supervisors, to the OCC, the Fed, whoever the supervisor may 
be. We take these issues extraordinarily seriously. We 
aggressively prosecute and impose penalties against the 
institutions to the full extent of our authority. And as I said 
earlier, one of the issues that we are looking at----
    Senator Warren. I am not hearing your--I am sorry. I do not 
mean to interrupt, and I just need to move this along. But I am 
not hearing your opinion on this. You are supposed to be, 
Treasury is supposed to be one of the--you are the leaders in 
how we understand and work together to stop money laundering. 
And I am asking: What does it take even to say, ``Here is where 
the line is. We are going to draw a line here, and if you cross 
that line, you are at risk for having your bank closed''?
    Mr. Cohen. So, Senator, we are mindful of what our 
authorities are, mindful of what the supervisors' authorities 
are. We will and have and will continue to exercise our 
authorities to the full extent of the law. The question of 
pulling a bank's license is a question for the regulators----
    Senator Warren. So you have no opinion on that? You sit in 
Treasury, and you try to enforce these laws. And I have read 
all of your testimony. You tell me how vigorously you want to 
enforce these laws. But you have no opinion on when it is that 
a bank should be shut down for money laundering? Not even an 
opinion?
    Mr. Cohen. Of course, we have views on----
    Senator Warren. That is what I asked you for, your views.
    Mr. Cohen. But I am not going to get into some hypothetical 
line-drawing exercise, but I will----
    Senator Warren. Well, it is somewhere beyond $881 million 
of drug money.
    Mr. Cohen. Well, Senator, the actions--and I am sure the 
regulators can address this issue. The actions that we took in 
the HSBC case we thought were appropriate in that instance.
    Senator Warren. Governor Powell, perhaps you could help me 
out here.
    Mr. Powell. The authority to shut down an institution or 
hold a hearing about it I believe is triggered by a criminal 
conviction, and we do not do criminal investigations, we do not 
do trials or anything like that. We do civil enforcement, and 
in the case of HSBC, we gave essentially the statutory maximum 
civil money penalties, and we gave very stringent cease-and-
desist orders, and we did what we have the legal authority to 
do.
    Senator Warren. I appreciate that, Mr. Powell. So you are 
saying you had no advice to the Justice Department on whether 
or not this was an appropriate case for a criminal action?
    Mr. Powell. The way it works is the Justice Department has 
total authority. This is the heart of what they do.
    Senator Warren. I understand that.
    Mr. Powell. It is the heart of their jurisdiction to decide 
who gets prosecuted and for what. It is not our jurisdiction. 
They do not do monetary policy. They do not give us advice on 
that. We collaborate with them, and we discuss with them--we 
have collaborated with them, and we did on HSBC. They asked us 
specific questions: How does this statute apply? What would 
happen if we did this? We answered those questions. That is 
what we do.
    Senator Warren. So what you are saying to me is you are 
responsible for these banks, and, again, I read your testimony, 
and you talk about the importance of vigorous enforcement here. 
But you are telling me you have no view when it is appropriate 
to consider even a hearing to raise the question of whether or 
not these banks should have to close their operations when they 
engage in money laundering for drug cartels?
    Mr. Powell. I will tell you exactly when it is appropriate. 
It is appropriate where there is a criminal conviction.
    Senator Warren. And so you have no view on it until after 
the Justice Department has done that?
    Mr. Powell. Again, the Justice Department makes that 
decision. We play our role in that. We have a constant dialog 
with them, around--a broad range of violations that take place. 
We always have the Justice Department involved. But when they 
make these decisions, they make them themselves.
    Senator Warren. I understand that I am over my time, and I 
will just say here, you know, if you are caught with an ounce 
of cocaine, the chances are good you are going to go to jail. 
If it happens repeatedly, you may go to jail for the rest of 
your life. But evidently if you launder nearly $1 billion for 
drug cartels and violate our international sanctions, your 
company pays a fine and you go home and sleep in your own bed 
at night, every single individual associated with this. I think 
that is fundamentally wrong.
    Senator Warner. Senator Kirk.
    Senator Kirk. I appreciate the Senator's driving this 
issue. You would think--I agree with most of the direction you 
are going in. You would think there would have been one hell of 
a penalty for money laundering for terrorists who are building 
nuclear weapons. You would actually think and hope that you 
would get a clear answer. I thank the Senator.
    Mr. Chairman, over to you.
    Senator Warner. Senator Merkley.
    Senator Merkley. Well, thank you very much, Mr. Chair.
    The first political act in my life, at least as far as I 
can recall, was when I was a junior in high school, and I was 
reading the evening newspaper in Portland, and it reported that 
Vice President Spiro Agnew had been convicted of accepting 
bribes. This memory is decades old, so I may not have the 
numbers quite right. It was something like he accepted $100,000 
in bribes, and his penalty for his criminal conviction was a 
$10,000 fine. And I sat down and wrote a letter to the 
newspaper, the Oregon Journal, and said, ``How can anyone 
believe that there is justice, that if you take $100,000 you 
only get charged 10 percent of it? How is that possibly 
justice?''
    And I find myself asking exactly the same question in this 
situation. On, I believe it was, the day after the announcement 
that HSBC had essentially been caught laundering billions of 
dollars in funds, there was a story about a woman who her 
boyfriend had stored I believe a suitcase or a coffee can with 
his drug money in her upstairs or her attic or something like 
that, and she was doing something like 10 years in prison for 
having that tangential connection to the flow of this illegal 
money.
    So if an individual gets 10 years in prison, can you 
explain, each of you, how you would explain to an ordinary 
citizen in America that a company which launders billions of 
dollars tied to criminal syndicates that in northern Mexico 
40,000 people have died--I do not know about the terrorist side 
of this, but the drug side is pretty well documented. How do we 
explain that that is a system of justice in the United States 
of America? Mr. Cohen.
    Mr. Cohen. Senator Merkley, as I am sure you know, it is 
the Justice Department that determines----
    Senator Merkley. I understand. I am asking you your 
opinion. How would you explain to your neighbor asking you, 
saying, ``You are a high official in the U.S. Government. This 
is the decision our Government made.'' What would be your 
personal sense of it?
    Mr. Cohen. What I would tell my neighbor is, first of all, 
the agencies within my area of responsibility took action in 
this circumstance in an extraordinarily aggressive way and in a 
powerful way and beyond anything we had ever done previously.
    With respect to the Justice Department, we of course, were 
working on this investigation with the Justice Department, but 
at the end of the day, it is the Justice Department's sole 
prerogative to determine who to prosecute, when to prosecute, 
and what to charge.
    Senator Merkley. Let me interrupt for a minute. While you 
are working with them on this, if a member of the Justice 
Department said, ``David, what is your opinion? Should we 
prosecute?'' Your response would be?
    Mr. Cohen. Well, Senator, I think it depends whether you 
are asking me, personally asking me as the Under Secretary. And 
it also depends on what the ``it'' is, whether we are talking 
about prosecuting an individual, prosecuting an institution, 
what the charges may be. These are all issues that----
    Senator Merkley. So you say to the Justice Department, you 
say, ``Well, I am working very closely with you. I want to know 
what if, should we do individuals or should we do the 
corporation?'' And he says, ``I would like your opinion on 
both.'' And so then you say, ``My opinion on the individuals is 
X, and my opinion on the corporation is Y.'' And your opinion 
is?
    Mr. Cohen. Let me say my role in the Treasury Department 
and I think the Treasury Department more broadly, our role is 
to----
    Senator Merkley. I understand that. That was not my 
question. But you are welcome to simply say, ``I do not feel it 
is appropriate for me to answer your question.'' That would be 
better than just pretending not to answer it.
    [Laughter.]
    Mr. Cohen. No, I--I was trying to answer your question. But 
it is not our role to advise the Justice Department on how to 
exercise their prosecutorial discretion.
    Senator Merkley. Thank you.
    Mr. Curry.
    Mr. Curry. Perhaps it might be helpful, Senator, to explain 
how we arrived at the penalty that we imposed at the OCC, the 
$500 million penalty.
    Senator Merkley. I am pretty familiar with that. That is 
not the heart of my question.
    Mr. Curry. I think it reflects what we are trying to do 
from a civil enforcement standpoint to make sure that----
    Senator Merkley. I do not want you to recite history I am 
already familiar with. Let me ask the question differently. Do 
we have a situation where banks have become so large that, in 
the words of Attorney General Holder, if you prosecute them, 
``it will have a negative impact on the economy and the 
financial system at large''? And does that mean essentially we 
have a prosecution-free zone for large banks in America?
    Mr. Curry. It is my view that no bank is above the law. As 
Governor Powell stated earlier, if in a particular case the 
Justice Department met the requirements of the statute, that 
there was a criminal conviction for any money-laundering 
violations, I would start the process under the National Bank 
Act to consider----
    Senator Merkley. Yes, and I appreciate that, and I realize 
that is where you responsibility comes in, and it comes in 
after the prosecution and the conviction.
    Mr. Curry. I would not hesitate to start that process.
    Senator Merkley. Thank you.
    Governor Powell, does this create a fundamental concern 
about a fair system of justice across America?
    Mr. Powell. Yes, it does. It is absolutely fundamental that 
we are all equal before the law, and that is why we are all 
committed to ending too big to fail. And in the first instance, 
Congress has passed Dodd-Frank. The agencies are vigorously 
implementing Title I and Title II and carrying out the plan 
that you have given us, led by the FDIC, but we are all 
involved--to eliminate too big to fail. And I think that has 
been well done.
    The question in the end is: Is it enough? And I think we 
will know the answer to that in the relatively near future. It 
is not a game plan that can be implemented overnight. But until 
we finish that, I could not look this guy in the eye. You asked 
me to explain to him how it is fair? I cannot do it.
    Senator Merkley. Thank you for that very direct answer.
    Thank you, Mr. Chair.
    Senator Warner. I think before I move to Senator Heitkamp, 
I just want to--the point that we have all been raising, and I 
think that Senator Warren and Senator Merkley raised, while 
each of you kind of say, all right, let us pass the potato over 
to the Justice Department and we are only going to act there, 
let us remind you what Senator Reed has already made mention 
of. You have other remedies other than fines in terms of 
injunctive action and removal authority that has not been used, 
and I think we are all--and, again, I want to make sure I 
observe the rules I am trying to hold everybody else to. 
Senator Heitkamp? But I just want to make that point, that it 
is not an either/or the way you have responded to each of these 
Senators.
    Senator Heitkamp. Changing the subject just a little bit, 
do you think there is an effective deterrent based on how you 
have handled these cases in the past? If you were a bank 
executive today faced with the opportunity to make millions and 
millions of dollars laundering drug money, or facing you guys, 
looking at, you know, what you are going to suffer in terms of 
the consequences, do you think there is an effective deterrent 
today to prevent this from happening again? I would ask Mr. 
Cohen first.
    Mr. Cohen. I will answer that in two parts.
    With respect to sanctions evasion, the stripping cases in 
particular, I think there is effective deterrence. I think we 
have gotten the attention of the international financial 
institutions as well as the U.S. financial institutions. They 
understand that these practices of stripping international 
payment messages will be found and will be addressed in a very 
serious manner.
    The money-laundering side of things, I think that is a fair 
question. I think that is part of the reason that we are 
engaged in the processes that we are engaged in, is to 
understand whether we need to have more effective deterrence.
    Senator Heitkamp. And, Mr. Cohen, just for my edification, 
you know, I was an Attorney General. I was somebody who did 
both civil and criminal prosecution. And I can assure you 
criminal prosecution in white-collar crime is much more 
effective than fines and penalties and shame that you might 
experience when you are walking into a courtroom. Unless you 
are willing to work collaboratively--and I think everybody here 
understands that you are looking at your jurisdiction, trying 
to explain what your agency has done. But my question back to 
you is: How could you collaborate in a more effective way with 
the Justice Department to ensure that we will see prosecutions 
that Senator Warren here has so eloquently begged for? How can 
we make that happen?
    Mr. Cohen. Well, I would just say this, Senator: The 
Justice Department is part of the exercise that we are 
undertaking. They are part of this AML task force. Part of what 
we are looking at is more effective enforcement, both the civil 
and the criminal side. And so that is an issue that we are 
addressing in that work.
    Senator Heitkamp. Yes, but, Mr. Cohen, one of the 
disturbing parts of this dialog that we are having is that at 
every sense there seems to be, ``It is not my job, it is not my 
problem,'' that this is someplace else. And one of the great 
tragedies, I think, for the American people looking at 
Government is too much ``It is not my job.'' And so what we are 
really asking is that this be everybody's job. I would move on 
to Mr. Curry.
    Mr. Curry. Senator, I agree with you. In our testimony, we 
highlight the concerns we have over corporate governance. We 
believe at the OCC that you need to hold CEOs and the boards of 
directors accountable for BSA/AML policies and procedures and 
their compliance program. You need to establish that basic 
premise first before you can start assessing criminal or civil 
liability, and that is where we are going. That is why we are 
looking at our authority under Section 8 of the FDIC Act to 
actually remove from office or prohibit from banking those 
individuals that violate BSA programs. So we are looking to try 
to tighten up the legal duties and authorities of individuals 
at banks and then to enable us to take an appropriate level at 
the civil, administrative level, and potentially to assist the 
criminal authorities.
    Senator Heitkamp. I understand that, and the problem is 
that the expertise is with your agencies, and you are asking 
the Justice Department or the Justice Department sees a lot of 
complexities in what you do, and there does not seem to be a 
real opportunity for a comfort level of a prosecution that 
needs to happen, at least needs to be tried, needs to be 
attempted.
    Mr. Curry. We have a consistent and longstanding practice 
of cooperating fully with the Justice Department in criminal 
investigations and will continue to do that.
    Senator Heitkamp. But I would say that in these cases that 
cooperation has failed to achieve a result that is acceptable 
to the American public.
    Governor.
    Mr. Powell. There are strong incentives that we have 
provided to the banks to put in very strong compliance 
programs. We can always do better. I think what you hear from 
us is that the area where we are focusing is on collaborating 
better and coming up with ways to strengthen the supervision, 
and my colleagues have talked about some of those.
    But the incentives to deal seriously with compliance are 
large in the wake of these latest events. The other side of it, 
though, is that the bad guys have huge incentives to find new 
ways to penetrate, and the issue is--we have to stay ahead of 
that. It is not a static game. They are very well funded. They 
have great resources, and you have got this global financial 
system with prepayment cards and mobile payments and that kind 
of thing.
    So we are in a race with them to stay ahead and I think 
that is really the risk. It is not that the banks do not take 
it seriously, although we can certainly help with that, too.
    Senator Heitkamp. I agree, Governor. Ever more reason to 
use the very limited resources we have in enforcement in a very 
efficient and very collaborative way.
    Senator Warner. I would just again, before--Senator Kirk 
did not get his full round. I want to go back to Senator Kirk. 
But we have got this continuum that goes from fines to 
injunctive to removal to Justice Department prosecutorial. We 
have only used one of the series of tools, and because it takes 
so long to prosecute, in the interim you have actions going on, 
whether it is--Senator Merkley mentioned drug laundering, or 
Senator Reed mentioned, you know, potentially financing of 
terrorists.
    Senator Kirk.
    Senator Kirk. I just wanted to take the opportunity, based 
on what we have learned today from Treasury, to ask Senator 
Warren to join me in a big bank money-laundering practice where 
we just handled drugs and terrorism. I think we can make a 
killing that way, and no danger of prosecution.
    [Laughter.]
    Senator Kirk. Nothing to fear from the Government.
    Senator Warner. I am not sure you are--you are not citing 
that for the record, are you?
    [Laughter.]
    Senator Warner. Senator Manchin.
    Senator Manchin. Thank you, Mr. Chairman. I am sorry I was 
late. I had two other Committee meetings. But I understand it 
has been a little bit spirited, and I am sorry I missed that, 
too.
    We all have a hard time understanding why you have not 
cracked down on banks that are using illicit funds, something 
that is just wreaking havoc, is of epidemic proportion, and 
drugs in American culture, and you have a chance to do it. And 
I do not know what else--what tools do we need to give you all 
as regulators to shut these people down? Is there something you 
are lacking in your tool box right now? Can anybody speak to 
that?
    Mr. Curry. Senator, in our testimony, we have actually 
asked for the Committee to consider tightening up the safe 
harbor provisions for banks to actually file suspicious 
activity reports without facing potential civil liability for 
doing that.
    We have also asked for authority to expand the safe harbor 
to allow them to share the information from suspicious activity 
reports so that if there is a particular criminal activity or 
use of the system, that institutions could share that among 
themselves so that they could not allow the migration of 
illegal activity to occur, or to help the law enforcement 
officials----
    Senator Manchin. I think what you are hearing is those of 
us who are frustrated that what tools you do have you are not 
using. I come from the little State of West Virginia where 
there is a lot of common sense, which you do not find very 
common up here in Washington. And basically we never had bank 
failures, we never had closures, because we still had just 
common-sense procedures. You had to have a little skin in the 
game. You could not be buying something you could not afford. 
So on a different scale, we were basically living within our 
means, and we were enforcing that. And our banks did not 
collapse and fail, and we did not have a mortgage bubble burst 
on us.
    And what we are saying is if we give you more tools and you 
will not use the ones you have today, that is our concern. That 
is the frustration from the--this is one thing you see us 
probably united from the Democrat and Republican side, and 
there are very few things that you will find that we have had 
chances to agree on, but this one we do, and I think we are so 
frustrated. And if the banks are going to do business in this 
country, they should do them by our values. And if you do not 
enforce those values, you know, we have got to find people that 
will enforce those values, I think is what we are saying.
    We just want our country to be what we believe would help 
us in growth and get back to the values we believe in, and the 
drug cartels and all the illicit trade that goes on and the 
banks are being a harbor and putting their money because it is 
a safe haven is not something we condone as Congress, I do not 
believe. And that is what we are asking.
    Sir, if you would speak to that?
    Mr. Cohen. I could not agree with you more, Senator, and 
what I have committed to this Committee and what we are doing 
at the Treasury Department is reviewing what we have done and 
ensuring that the authorities that we have we exercise to the 
full extent of their capacity.
    As I noted earlier, one of the areas where we think we have 
not been sufficiently aggressive is in going after individuals 
and institutions who are responsible for the conduct that has 
resulted in fines and penalties against the institution itself. 
That is something that we are committed to pursuing and will 
pursue in the appropriate cases in the future. So I----
    Senator Manchin. But the HSBC, I mean, they paid the 
largest fine in history, and nobody was prosecuted. Not a thing 
was done. But you found them guilty.
    Mr. Cohen. I cannot speak to the Justice Department's 
decision not to prosecute in the HSBC case. It is the Justice 
Department's decision to make. I can tell you from our 
standpoint, we applied very significant penalties against the 
institution there on the judgment that the conduct that we saw 
was institution-wide, it involved a pattern of behavior over a 
number of years that the institution was the appropriate entity 
to apply the penalties against in that instance.
    Senator Manchin. Mr. Chairman, I am running out of time. I 
would just ask for the consideration of the Chair, if you would 
ask the DOJ to come and give testimony on why they have not 
prosecuted, why they will not enforce the laws of our land, if 
you would ask and request them to appear before this Committee?
    Senator Warner. I will consult with the actual Chair to 
make that request, but----
    [Laughter.]
    Senator Manchin. You are the actual Chair today, sir.
    Senator Warner. At least today. I think what you are 
hearing from all of us is an enormous concern, coupled with 
some of the comments the Attorney General made, and I 
appreciate Mr. Powell's directness that, you know, we have got 
to make sure there is no institution that is too large to 
prosecute.
    There is also a concern, starting on the second round now, 
that even short of punting all this to the Justice Department, 
there are other tools that you all have not used in terms of 
injunctive relief, removal activities, suggestions in terms of 
further compliance activities of senior management in terms of 
owning compliance, as well as, you know, how do we make sure on 
a going-forward basis that in moments of fiscal risk, the 
compliance department is not the first place the bank cuts? I 
would like an answer to that, but let me pose a second part to 
this question.
    I also have an enormous concern, when you look at not 
just--we have talked about HSBC, but there are 10 other cases 
that the Committee has cited. Each of these are cases that have 
taken literally years to get to the fine stage, let alone the 
fact that there has not been actual prosecution.
    The concern I have is that in that interim period, how open 
are you and what other tools--Mr. Curry, you mentioned safe 
harbor--so that we can notify or put on notice at least so that 
these activities do not continue until you get around to 
actually issuing a fine or taking action? Number one. And, 
number two, echoing what Mr. Powell has said, you know, this is 
an issue that is going to just get tougher and tougher as we 
move into these mobile banking technologies, as we think about 
the intersection between drug trafficking, money laundering, 
terrorist financing, and cyber activities, and are there points 
that, as we consider cybersecurity legislation, we ought to 
have a component that overlaps with existing BSA and AML 
legislation? But if you could take each of those, but 
particularly the piece about how do we make sure that in this 
interim period between discovery of potential money laundering, 
drug activity, or terrorist financing and the time when you 
feel like you can actually bring some kind of case--and we all 
say the cases have not been stringent enough. It appears to be 
years in that activity in many cases seems to have been ongoing 
during that period. Let us start with you, Mr. Cohen.
    Mr. Cohen. So, Senator Warner, I think the answer to that 
is both to ensure that we are investigating these cases as 
rapidly as possible and coordinating, and part of what you have 
heard today is that one of the things that we are looking at is 
how to ensure that we are sharing the information among the 
agencies that investigate these cases as efficiently as 
possible.
    But, second, the other point----
    Senator Warner. Let me just interrupt you there. One of the 
things that is clear from each of your conversations is that we 
have a lot of stovepipes here.
    Mr. Cohen. Right.
    Senator Warner. Everybody seems to be passing the hot 
potato. You are responsible for putting this interagency task 
force together. Would you commit today to make sure that you 
will brief Committee staff on the progress of those interagency 
sessions.
    Mr. Cohen. Certainly. I am happy to do that. And one of the 
things that this interagency task force is designed to do is to 
break down stovepipes to the extent that they impede the 
exercise of our authorities.
    But then the other point I would just make is, talking 
about injunctive authority, I think we will go back and look at 
whether there is the possibility of taking injunctive action 
during the course of an investigation as sort of a preliminary 
measure to ensure that the conduct stops before we get to the 
finish line.
    Senator Warner. So you feel like using the injunctive 
authority, that would allow you to notify the institution, to 
at least put them on warning, short of maybe a Justice 
Department proceeding or a fine, that you are not just going to 
allow this action to continue?
    Mr. Cohen. I want to make sure that our current authority 
allows us to do that, but if so, then that is something that--
--
    Senator Warner. I want to make sure I get a word from Mr. 
Curry and Mr. Powell on how we--again, the question--I have got 
a series, but the question with the remaining time I have got 
is--we all want you to be more aggressive here, but in that 
interim period between--and this is the case, obviously, across 
the board on many criminal investigations, between launching an 
investigation and bringing a prosecution, how do we make sure 
that the activities----
    Mr. Curry. I would like to clarify something about the 
process.
    Senator Warner. Please.
    Mr. Curry. If we are on-site examining an institution and 
we detect unacceptable activity or behavior, we require it to 
stop then and there and the remediation to occur regardless of 
whether or not we get to the point in the future of issuing a 
CMP order or a C&D. So immediately upon detection, we require 
corrective action.
    You asked about injunctive authority. We have and use civil 
injunctive authority through our consent orders. They have 
affirmative covenants in them that require certain activity to 
be taken or to refrain from taking other activity.
    And with our recent orders with national banks, we have 
actually prohibited them from re-entering areas that have been 
of concern or starting into other high-risk activities.
    So we are doing things in terms of the prompt, immediate 
effect that will be followed up by CMP at a later date.
    Senator Warner. Well, I guess I would simply ask--and I 
want to hear Mr. Powell and then move to Senator Warren. There 
are 10 separate cases--we are focusing on HSBC, but there are 
10 separate cases that the Committee has laid out. It would 
seem to me, in at least my reading of the materials, that there 
was a considerable lag time between discovery in each of these 
times and ultimate action, and that there was not action taken 
by the prudential regulator in a timely fashion in many of 
those cases.
    Mr. Powell.
    Mr. Powell. Senator, I believe that we also require 
immediate remediation when the violations are discovered. What 
takes a long time is that we require these institutions to go 
back and go through millions and millions of transactions to 
find all the things that they have done wrong. It takes a long 
time, and it is very labor intensive--a very simple but labor-
intensive process. And then the actual enforcement action comes 
sometime later. But that does not mean that the violations have 
continued. At the point when many of these have been 
identified--they have turned themselves in on almost all of the 
sanctions cases. In many of them they have put a stop to this 
kind of thing, and then they are just working on putting 
together the compliance order.
    Senator Warner. Thank you.
    Senator Warren.
    Senator Warren. Thank you, Mr. Chairman.
    I just want to follow up to make sure that I am just 
following what is going on here. So do you consult with the 
Department of Justice on each of these major drug-laundering 
cases and terrorism cases? Is that right, Mr. Cohen?
    Mr. Cohen. Certainly in the course of the investigation, 
there is, you know, a constant dialog among the investigators 
about what is being found, what the facts are, sharing 
information.
    Senator Warren. And so when the Justice Department is 
making the decision about whether or not to make a criminal 
prosecution, do they ask you about the impact on the economy 
for one of these large banks?
    Mr. Cohen. So I cannot speak to every instance whether that 
occurs. That did occur in the HSBC matter. We told the Justice 
Department that we were not in a position to offer any 
meaningful assessment of what the impact might be of whatever 
criminal disposition they may take. But I would distinguish 
between the ongoing communication among investigators to the 
ultimate----
    Senator Warren. Wait. I want to make sure I understand what 
you just said. The Justice Department, in making its decision 
whether or not to pursue a criminal prosecution, checked with 
the Department of Treasury to determine your views on whether 
or not there would be a significant economic impact if a large 
bank were prosecuted? Is that what you just said?
    Mr. Cohen. What I said was the Justice Department contacted 
us, asked whether we could provide guidance on what the impact 
to the financial system may be of a criminal disposition in the 
HSBC case. We informed the Justice Department that, given the 
complexity of the potential dispositions, given the fact that 
we are not the prudential regulator, given the fact that we are 
not privy to the different charges that the Justice Department 
may bring, and we are not privy to the responses that the 
regulators may have to the variety of different ways that the 
Justice Department may resolved the case, that we were not in a 
position to offer any meaningful guidance to the Justice 
Department in that matter.
    Senator Warren. So you just said to the Justice Department, 
``You are on your own in figuring this out''?
    Mr. Cohen. We said that--we said exactly what I just said.
    Senator Warren. I know you said it in a nice long way, 
but----
    Mr. Cohen. That is what we--what we said to the Justice 
Department was exactly what I just told you, Senator.
    Senator Warren. Mr. Powell, did the Justice Department get 
in touch with the Fed on this question before making a decision 
whether to prosecute HSBC?
    Mr. Powell. Senator, there were conversations between 
Justice and the Fed, but I do not believe that question was 
asked or answered. I will make sure of that and follow up. But 
I believe that the questions we were asked were specific 
questions about the application of this or that statute. For 
example, are certain kinds of investors prohibited from 
investing in a company that has been indicted--or, sorry, not 
indicted but convicted or pled guilty to a felony? So that is, 
I believe, the role we have had, and I do not think it went any 
farther than that.
    Senator Warren. Mr. Curry.
    Mr. Curry. The only question that we discussed----
    Senator Warren. I am sorry, Mr. Curry. Could you push your 
button? There you go.
    Mr. Curry. The only question that the Justice Department 
asked us was with the application of the charter revocation 
provision of our National Bank Act.
    Senator Warren. And who is responsible for making a 
determination about whether to revoke the charter?
    Mr. Curry. There is a statutory process. It requires notice 
and hearing, and we went through how that process would work.
    Senator Warren. And who would initiate that?
    Mr. Curry. That process would be initiated by the 
Comptroller's office, but only upon a conviction for any money-
laundering violations.
    Senator Warren. So whether or not you could revoke the 
charter depended on what the Justice Department did. Did you 
have that discussion with the Justice Department to encourage 
them to bring a criminal prosecution so that you could have a 
hearing about whether to revoke the charter?
    Mr. Curry. Our position was that it is a criminal justice 
determination that is left to the discretion of the Justice 
Department. We are and were prepared to follow our statutory 
procedure if and when there was a criminal conviction.
    Senator Warren. So you did not make it clear to the Justice 
Department that if the Justice Department did not bring a 
criminal prosecution, that you would not be able to use one of 
the significant tools of enforcement given to you by Congress?
    Mr. Curry. We explained to them how the----
    Senator Warren. You did explain it?
    Mr. Curry. ----statute works, and that would be the 
consequence of not having a conviction. The statute would not 
be triggered.
    Senator Warren. All right. If I can, could I just ask a 
little more of a review question about this? I am hearing four 
major actors, the three of you here and the Justice Department. 
Why are there four departments trying to figure out money 
laundering? I read through your reports. They seem to overlap 
significantly. We seem to have a lot of people with the same 
expertise and yet not quite the same expertise. Why is this not 
consolidated into a single function? Mr. Powell?
    Mr. Powell. That is a great question. This is our system. 
We have all these bank regulatory agencies, and they regulate 
different kinds of institutions. Twenty years ago, when I was 
in the first Bush administration, we proposed to merge some of 
them, and they are still not merged. But so----
    Senator Warner. We proposed some of that, too.
    Mr. Powell. Yes.
    Senator Warner. And they still were not merged.
    Mr. Powell. I think there have been a lot of attempts over 
the years. But more to the point, this is our system, and I 
think the obligation is on us to play as a team and to 
collaborate. And I think we try very hard at that, and I would 
say particularly in recent years you see a lot of interagency 
collaboration such as the task force and the BSAAG, Delta 
Force, and all the things that are going on now. There is very 
regular communication among all of us and with Justice--and 
with the industry, by the way--to try to get better and stay 
ahead of these threats. But that is the system we have, and we 
have to work with it.
    Senator Warren. Thank you.
    Thank you, Mr. Chairman.
    Senator Warner. Senator Merkley. And then just for order, 
Senator Kirk and Senator Heitkamp.
    Senator Merkley. Thank you very much, Mr. Chair.
    I want to ask a specific question about the way that wire 
transfers are utilized in money laundering, and the Bank 
Secrecy Act has regulations that allow a U.S. bank to accept 
and process a wire transfer from overseas, even if the 
transmitter is blank--that is, you have no idea where it is 
coming from. And that might have been understandable 15 years 
ago when the regulation was written, but in the intervening 
period, we have learned an awful lot about international money 
laundering. And so in the light of the extensive history of 
abuse--and when I am talking about extensive history of abuse, 
I think anyone who has followed the details of this case 
realizes that this goes back a decade or more of interaction 
over money-laundering issues. Why are we still allowing--and I 
want specifically to ask you--Mr. Curry, I realize you were not 
there at the time that this was wrestled with, but also Mr. 
Cohen, because the Treasury Department has broad regulatory 
authority. Why are we still allowing this type of open-ended 
instrument with basically no information attached to it in 
light of the money-laundering issues?
    Mr. Curry. That is a legitimate area that----
    Senator Merkley. Can you turn on your microphone, please?
    Mr. Curry. That is an area of legitimate concern, and we 
are looking at it, particularly in the context of foreign 
affiliates. That was a major issue with respect to HSBC, the 
stripping of necessary information to monitor here in the 
United States affiliate that we supervise, and that is one of 
the reasons that our cease-and-desist order does have 
limitations or requirements that affiliates--they have an 
obligation to be assured that affiliates are complying with our 
BSA and AML requirements.
    Senator Merkley. OK. Now, as I understand it, the 
requirements are currently that that field does not have to be 
filled in. Are you looking at changing that requirement?
    Mr. Curry. We will be taking a look at that, Senator.
    Senator Merkley. I know a lot of times when I talk about 
bank regulations, I am looking at it as a multiyear process. Is 
this something where there will be a formal process launched? 
In 6 months will we have an answer as to whether we should 
change this tool that is used in money laundering?
    Mr. Curry. We will endeavor to get back to you as quickly 
as possible and come up with an answer.
    Senator Merkley. Thank you.
    Mr. Cohen, from Treasury's point of view, is the evidence 
about the use of this tool problematic enough that you are all 
going to weigh in and try to see this rule changed?
    Mr. Cohen. Absolutely, and I would just add one point on 
this, which is that the stripping cases where we have taken 
enforcement actions over the last several years involve either 
removing or obscuring or including false information in payment 
messages, we have put in place new requirements in the SWIFT 
message process, something that was the MT 202 cover payment, 
to ensure that the message that comes through from foreign 
affiliates contains accurate originator and beneficiary 
information. And when institutions obscure that information, we 
have taken very serious enforcement actions, and the industry 
knows that that information needs to be included in the payment 
messages.
    Senator Merkley. Thank you. I want to go on to the next 
piece of this, which is we basically had a fine that was a 
small amount of the annual profits, I believe about 10 percent 
of the annual profits. I know it has been described as a very 
severe fine. But we are talking about action that continued 
over a 10-year period. In 2003, the bank said it was going to 
reform its anti-money laundering conduct. There was continuous 
concerns about it. So I do not know what the profits were over 
10 years, but over 1 year they were $20 billion. So let me just 
extrapolate that. Maybe it is not accurate, but let us say the 
profits over 10 years were $200 billion. So now we are talking 
about a fine that was 1 percent of the profits over the time 
that this conduct was occurring.
    Does that really send a message that this type of conduct 
is unacceptable? Mr. Curry.
    Mr. Curry. The $500 million fine we assessed, the CMP we 
assessed against HSBC was the largest fine ever assessed 
against a national bank. Our thinking behind coming up with the 
$500 million--and this goes, again, to our testimony where one 
of the weaknesses we found in BSA/AML compliance is the lack of 
allocation of resources to compliance efforts. That $500 
million represents the savings through the austerity programs--
--
    Senator Merkley. Your answer is yes.
    Mr. Curry. Yes.
    Senator Merkley. OK. Thank you.
    Mr. Cohen.
    Mr. Cohen. The only thing I would add is that we looked at 
the violative conduct and designed the penalty in relation to 
the violative conduct that we identified, both on the sanctions 
side and on the money-laundering side in that case.
    Senator Merkley. Your answer is yes also, that the fine was 
of a size, given the context of the profits over the 10-year 
period where this conduct was occurring, the fine sent a strong 
message?
    Mr. Cohen. I think so, Senator.
    Senator Merkley. OK. Thank you.
    My time is up, so I will close with a comment, which is 
simply this was not a new form of activity by the bank. They 
had been warned time and time again that the money laundering 
was inadequate. We had vital national security interests in 
stopping the money laundering of terrorist organizations. We 
have a neighbor to the south that is racked with violence from 
drug activities where money laundering is a huge issue. We 
worked with this bank 10 years, admonished it apparently a 
number of times. They apparently promised reforms that were 
never done, and I do not find that 1 percent of their profits 
over the time period of this conduct really sends a chilling 
message that this is unacceptable. It sounds more like the 
price of doing a very profitable business.
    Thank you.
    Senator Warner. Thank you, Senator Merkley.
    Senator Kirk.
    Senator Kirk. Mr. Chairman, thank you. I just wanted to 
turn my attention to David. We worked so long and hard on the 
Iran issue. I will note, according to United Against a Nuclear 
Iran, since the unanimous Senate adoption of the Menendez-Kirk 
sanctions on Iran, the Iranian currency has fallen 63 percent 
in its value measured against the U.S. dollar, meaning that 
Iran may actually have to miss a payment to Hezbollah, which 
would be welcome indeed.
    I will say that we recently have had a senatorial letter 
from 36 Senators, 19 Democrats, including 14 Members of this 
Committee, asking the EU to lock Iran out of the Target2 
system, and they have been largely locked out of the FEDwire 
system--Target2 and FEDwire being the electronic settlement 
system for the United States.
    Over time, we are making good progress in making the 
Iranian currency fairly unusable, which is an extremely good 
thing, and the mullahs have been complaining about their 
economic woes, being unable to finance what they want to 
finance, like subjugating the people of Lebanon through 
Hezbollah.
    The letter to the EU is particularly well aimed because of 
an attack by Hezbollah against Bulgaria on July 18th in which 
17 people were killed on a bus, and I would hope that the EU 
would give the political direction to the ECB on this and that 
you could follow up on that. We have a number of segregated 
accounts where the Iranians have money around the world, in 
several places in Europe, where a strong political signal by 
the EU to the ECB would significantly impact the Iranians. I 
would ask that you could follow up on the spirit of a letter, 
which I gave to your new boss, when he came by my office. I 
heavily praised you and your work on this segregation around 
the world, which has really given us a target to attack, and 
significantly impacts the Iranians.
    Mr. Cohen. Well, Senator, it is good to see you, and also 
good to see the impact that we have had on the Iranian currency 
and other economic impacts on Iran, which I know you are 
familiar with. Let me just quickly address the two issues you 
raised.
    One, the designation of Hezbollah, following the 
determination by the Bulgarians that Hezbollah was responsible 
for that attack in Burgas, we are pressing the EU, pressing 
member States of the EU to get that done. I am not going to 
predict what the EU will do, but you can be sure that we are 
pressing them very hard to get that accomplished.
    On the clearing and settlement through Target2 of EU 
transactions, we have been working hard on this issue since the 
regulations that the EU adopted last December, as we read them, 
already address this issue. It requires the ECB to essentially 
issue guidance that confirms that. There is a meeting today at 
the ECB of a number of member States addressing this issue. We 
have fed into that process, and we will continue to press the 
ECB to take what we think is the right step here, which is to 
cutoff euro clearing for the--or apply to euro clearing the 
same set of restrictive measures that the EU has on any Iranian 
business.
    Senator Kirk. I would say knocking Iran out of Target2 is 
particularly appropriate after this attack, which, you know, 
since Hezbollah is a wholly owned subsidiary of the MOIS, the 
Iranian intelligence service, and we would lock up a lot of 
money from the Iranians by doing that. And let us hope they 
make the right decision at this meeting.
    Mr. Cohen. And if they do not, we are going to continue 
pressing on this issue.
    Senator Kirk. Thank you.
    Senator Warner. Senator Heitkamp.
    Senator Heitkamp. I came prepared to ask a whole series of 
questions, which I will submit in writing, because I want to 
follow up with one last point.
    Mr. Cohen, and please feel free to correct me if I have 
paraphrased you or misquoted you, but in your earlier 
discussion with Senator Warren, you said it is not your role to 
encourage or recommend prosecution. Is that what you said?
    Mr. Cohen. I do not recall precisely what I said. What we 
view in the Treasury Department's role is not to seek to 
influence or direct the Justice Department in any particular 
prosecutorial decision.
    That being said, we are fully supportive of aggressive 
exercise of all authorities, criminal and civil.
    Senator Heitkamp. And I completely understand what you are 
saying. But if we leave here without a commitment from all of 
you that you will vigorously encourage and suggest and 
recommend that the Justice Department prosecute cases that must 
be prosecuted in order to ensure equal justice under the law in 
this country, then we have failed today. And so I would like a 
commitment from all of you individually that you will, in fact, 
encourage, recommend, and strongly suggest, when you see cases 
like this, that they be prosecuted, and if there is a 
declination, if there is an agreement not to prosecute, that 
somewhere along the line there is some kind of process to 
appeal, because any of us who have ever done any kind of civil 
regulation which could, in fact, go criminal, know that it is 
frequently the civil regulators who have the ability and the 
knowledge and can encourage and can be the pain in the room 
when that decision gets made. And if you are not willing to 
play that role, then we have failed today.
    Mr. Cohen. Senator, we play that role. We share and 
communicate with the Justice Department in these cases on an 
ongoing basis. The one--and I think this is important because I 
think it is essential in our system of justice. We want the 
Justice Department to exercise its authority, exercise it 
aggressively. The decision to prosecute in any particular case 
is a decision for the Justice Department to make. We will feed 
into that process and have fed into that process and will 
continue to feed into that process information, our assessment 
of the information, our assessment of the violations, and you 
have our commitment that we will continue to do that.
    Senator Heitkamp. I hope I have your commitment that you 
will not let them off the hook, that you--you know, I 
understand, and I understand that you cannot dictate to the 
Department of Justice that they prosecute cases. But you can be 
a very strong voice. You can either play the role of saying, 
``Here is the case, good luck,'' or ``Here is the case, we will 
help, we strongly urge you and encourage you. And if you 
decline it, we are going to ask serious questions of you as to 
why you declined to prosecute this case,'' because the 
inequities that it creates and the appearance of inequity in 
the justice system that it creates cannot be tolerated by the 
Congress, and it cannot be tolerated by the Department of 
Justice.
    Thank you, Mr. Chairman.
    Senator Warner. Thank you.
    Let me just follow up on Senator Heitkamp, and I will just 
ask one question. We will not go through a full other round if 
you have just got one more question for these folks. One of the 
things--and you did clarify the fact that as you discover 
possible actions prior to taking any of the steps along this 
continuum from injunctive action, removal, fine, or the 
ultimately sanction in terms of Justice Department prosecution. 
I guess the question I have is: What is or should be the 
threshold where you find something that--the prudential 
regulator finds something that appears to be amiss, at what 
point do you turn that over to the Justice Department? What is 
the threshold for turning over information to the Justice 
Department? That is probably more for Mr. Curry and Mr. Powell, 
but I will take any of you.
    Mr. Curry. I think our posture is to be as--to share as 
much information as possible and as soon as possible. If we 
uncover significant program weaknesses, which is what we are 
assessing, we will make our counterparts through the many 
different channels we have--the working groups--aware of what 
we are seeing.
    The point I would want to make, though, is the real key to 
the BSA/AML process is the SARs filings and the currency 
transaction reporting, which we monitor, and that is really 
where law enforcement gets its primary information to pursue 
illegal activity. And as a result, that really is the focus of 
our on-site examination activity as well.
    Senator Warner. Mr. Powell, do you have anything to add to 
that?
    Mr. Powell. I would just agree that the idea is not that we 
are waiting to see something, such as a pot to boil, and then 
we get in touch with Justice. It is not like that at all. 
Suspicious activity reports go into the data base that FinCEN 
keeps. Law enforcement officials have ongoing access to that. 
So we are overinclusive, if anything, in providing information, 
because they may see patterns and it may be that we are seeing 
one little thing, so we want all the information that might 
lead someone in law enforcement to see a broader patterns. We 
want them to have access. And they generally have it, I think 
early.
    Mr. Cohen. And I would just add one point on that. As my 
colleagues notes, FinCEN is the repository for all of these 
suspicious activity reports and other filings the banks make. 
We on an ongoing basis review that information, look for, as 
Governor Powell said, patterns, look for instances of potential 
violations. The threshold is very low for making a criminal 
referral, and it happens on a daily basis from FinCEN, and from 
OFAC as well. We are, as I say, in constant communication with 
the regulators and with the criminal authorities and referring 
matters for their investigation.
    Senator Warner. Senator Warren.
    Senator Warren. I am good.
    Senator Warner. Just before we close, I want to thank all 
of my colleagues, Senator Warren for hanging in until the 
bitter end on this one, and I think, you know, you have heard a 
really very common theme, obviously, that not only are we 
concerned that you are not fully using your BSA/AML powers 
along this continuum, since most of the actions so far have 
only resulted in fines and not resulted--and, Mr. Curry, you 
did point out there have been some injunctive activities, but 
there are things, short of simply punting this to the Justice 
Department, actions that you could take, number one.
    Number two, we clearly believe there should be no 
institution not only too big to fail or not any institution too 
big to prosecute.
    And, number three, that because there are all these 
stovepipes--and, Under Secretary Cohen, you are kind of the hub 
of that wheel, and, you know, you have got to make sure that we 
have got strong collaboration, information sharing.
    And I would simply close with a comment that Mr. Powell 
made as well. This is only going to get harder. This is only 
going to get harder as we see some of the larger institutions 
perhaps migrate these activities into smaller financial 
institutions that, again, may even have less compliance 
components. It is going to get harder as the overlap between 
money laundering and cyber activities, and that area is an area 
that, again, if you have got suggestions as we try to put 
together bipartisan cyber legislation.
    And then as somebody who grew up in the wireless business, 
as we think about the ability to do mobile transactions, a 
brand-new space, trying to put some framework on that--we have 
had hearings in this Committee before on this issue, but trying 
to put some parameters around that space before it is way down 
the path and fully developed is an enormous, enormous 
challenge, because the activities of money laundering in that 
area have enormous, enormous potential for bad action.
    So I thank all the witnesses for their testimony and for 
their responses to questions. There are a couple of things, 
including continuing giving the Banking Committee updates on 
the activities of your interagency proceedings. Thank you all 
for a very spirited hearing.
    Senator Warren. The record will remain open?
    Senator Warner. The record will remain open for 7 days. The 
hearing is adjourned.
    [Whereupon, at 11:41 a.m., the hearing was adjourned.]
    [Prepared statements and responses to written questions 
supplied for the record follow:]

                  PREPARED STATEMENT OF DAVID S. COHEN
Under Secretary for Terrorism and Financial Intelligence, Department of 
                              the Treasury
                             March 7, 2013

Introduction
    Chairman Johnson, Ranking Member Crapo, distinguished Members of 
the Committee, thank you for inviting me to testify today on a core 
focus of our efforts at the Department of the Treasury: promoting a 
safe and secure financial system, and effectively combating money 
laundering, terrorist financing, and related forms of illicit finance. 
I would like to commend you, Mr. Chairman, and this entire Committee 
for your strong leadership on this topic, including by focusing today's 
discussion on these critically important issues. The spate of recent 
high-profile enforcement actions against some of our largest, most 
sophisticated, and best resourced financial institutions raises 
troubling questions about the effectiveness of our domestic anti-money 
laundering and counterterrorist financing (AML/CFT) regulatory, 
compliance, and enforcement efforts. It is critically important to 
understand why these failures occurred and, even more importantly, what 
we can do--whether through better legislation, regulation, examination 
or enforcement, or through some combination of steps--to prevent the 
recurrence of such failures in the future.

Background
    My remarks today will focus on Treasury's long-standing efforts to 
promote and enforce compliance with the Bank Secrecy Act (BSA) and our 
counterterrorist financing sanctions programs, including new efforts 
under way to improve our AML/CFT regime. We share the view that there 
is a pressing need to improve compliance, and we are working hard at 
it.
    To begin, I believe it is worth noting that our AML/CFT legal and 
regulatory regime is one of the strongest and most effective in the 
world. Conceived more than 40 years ago with the enactment of the Bank 
Secrecy Act and updated repeatedly over the past four decades through 
new legislation, regulations, and guidance, our AML/CFT framework has 
evolved to better address new and different illicit finance threats.
    Our AML/CFT framework has evolved, moreover, while our financial 
sector has maintained its place as the largest, most sophisticated, 
complex, and efficient financial system in the world. The enormous 
size, scope, and sophistication of our financial markets facilitate 
economic growth, both in the U.S. and around the world.
    But that size, scope and sophistication also attracts criminals who 
wish to access our financial system to launder the proceeds of crime 
and move funds for illicit purposes. This includes money launderers, 
terrorists, proliferators, drug lords, and organized crime figures, all 
of whom rely to some extent on the financial system to conduct their 
operations.
    The BSA, and the regulations promulgated by Treasury's Financial 
Crimes Enforcement Network (FinCEN) and the Federal functional 
regulators implementing the BSA and related statutes, establishes the 
framework for guarding the financial system from money laundering and 
terrorist financing. These laws and regulations work in tandem with the 
sanctions programs implemented by Treasury's Office of Foreign Assets 
Control (OFAC), particularly those that are focused on preventing 
financial facilitation for terrorist organizations and rogue regimes, 
such as Iran.
    These rules aid financial institutions in identifying and managing 
risk, provide valuable information to law enforcement, and create the 
foundation of financial transparency required to deter, detect, and 
punish those who would abuse our financial system. It is, of course, 
critical that we design our laws and rules, as well as our oversight 
and examination efforts, to address the spectrum of risks that we face.
    But the laws, rules, and compliance manuals can only do so much. A 
truly robust AML/CFT framework--one that hardens our financial system 
against the unrelenting efforts of money launderers, financial 
criminals, sanctions evaders, and other illicit actors--requires 
effective AML/CFT program implementation by financial institutions, 
buttressed by strong enforcement efforts when those efforts fall short 
of the mark. When AML/CFT safeguards are not effectively implemented 
and compliance lags, money launderers, terrorist financiers, and other 
illicit actors freely abuse our financial system. We have seen this 
happen too often, at too many financial institutions, including some of 
our largest banks, over the past several years.
    So it is clear to us that despite the strength of our AML/CFT 
framework, significant design, oversight, compliance, and enforcement 
challenges remain. I would like to turn now to the efforts the Treasury 
Department is taking, in collaboration with our regulatory and law 
enforcement partners, the financial industry, and our foreign 
counterparts, to strengthen the effectiveness of our AML/CFT regime.

Treasury's Ongoing Efforts To Promote an Effective AML/CFT Framework
    As this Committee is well aware, a number of Federal departments 
and agencies, as well as State and local agencies, play important roles 
in combating money laundering, terrorist financing, and other illicit 
financial activity in U.S. financial institutions. The Treasury 
Department, through FinCEN, administers the BSA, and through OFAC, 
administers our sanctions programs. This includes issuing rules and 
guidance implementing the BSA and the executive orders that establish 
sanctions programs; conducting investigations into potential 
violations; and enforcing the relevant rules through civil proceedings. 
In all of these efforts, FinCEN and OFAC work closely with counterparts 
across the Federal Government and at the State and local level, 
including the other Federal financial regulators, as well as law 
enforcement agencies.
    I would like to update the Committee on Treasury's ongoing efforts 
to implement and enforce the BSA and our sanctions programs, as well as 
new work under way to improve our AML/CFT regime, including renewed 
focus at FinCEN on BSA enforcement; the creation of an interagency AML 
Task Force; our strategy to enhance financial institutions' customer 
due diligence efforts; and the continued development of strong 
international standards on combating money laundering and the financing 
of terrorism and the proliferation of weapons of mass destruction 
(WMD). Each of these efforts is aimed at improving financial 
transparency through better regulations, better oversight, better 
compliance, and better enforcement.

FinCEN and OFAC Enforcement Efforts
    Turning first to FinCEN's and OFAC's ongoing enforcement efforts:

    As I noted, in administering the BSA, FinCEN investigates and 
pursues enforcement actions against financial institutions for 
violations of the BSA and its implementing regulations. Most recently, 
in December 2012, FinCEN assessed a $500 million civil monetary penalty 
against HSBC Bank USA N.A. for willful violations of the BSA. Among 
other things, FinCEN determined that HSBC lacked an effective AML 
program and systematically failed to detect and report suspicious 
activity. FinCEN joined OFAC, the Office of the Comptroller of the 
Currency, the Federal Reserve and the Department of Justice in what 
amounted to the largest combined bank settlement in U.S. history, 
totaling more than $1.9 billion in penalties and forfeitures for HSBC's 
conduct that exposed the U.S. financial system to severe abuse. Also, 
in November 2012, FinCEN joined the FDIC and the Department of Justice 
to assess concurrent civil money penalties of $15 million against First 
Bank of Delaware for violations of the BSA and its AML requirements.
    These and other recent FinCEN enforcement actions highlight many of 
the key vulnerabilities in our financial system that the BSA was 
designed to address, including misuse of correspondent banking 
relationships, private banking accounts, financial activity undertaken 
by nonbank financial institutions, and the use of nontransparent legal 
entities to move funds. While these enforcement actions reaffirm the 
importance of imposing additional due diligence requirements on higher-
risk activities, they also underscore that existing requirements and 
controls may not be sufficiently robust.
    For its part, OFAC administers and enforces financial, economic and 
trade sanctions to advance key foreign policy and national security 
goals, including sanctions against targeted foreign countries and 
regimes, terrorists, international narcotics traffickers, and those 
engaged in activities related to WMD proliferation. OFAC aggressively 
pursues investigations and enforcement actions against both U.S. and 
foreign financial institutions that violate U.S. economic sanctions 
laws and regulations.
    Between June and December 2012 alone, OFAC reached settlements with 
four separate foreign financial institutions for a combined total of 
more than $1.1 billion related to almost 24,000 apparent violations of 
our sanctions programs involving Burma, Cuba, Iran, Sudan, and Libya. 
Total related sanctions and AML enforcement actions involved those 
institutions, including OFAC's settlements, amounted to $2.76 billion. 
They followed several other record-breaking enforcement actions related 
to the ``stripping'' of sanctions-related information from 
international payment messages that resulted in almost one billion 
dollars in OFAC settlements as part of almost $1.7 billion in fines and 
forfeitures involving financial institutions. (Appendix I to this 
testimony contains a compendium of recent OFAC and FinCEN enforcement 
actions.)
    It is important to note that the conduct at issue in these 
``stripping'' investigations primarily occurred prior to 2009--that is, 
before most of OFAC's ``stripping'' settlements were concluded and 
published--and that these rigorous enforcement actions appear to have 
had a significant compliance and deterrent effect on global financial 
institutions. Of course, Treasury will continue to penalize banks for 
conduct that violates our sanctions programs, whenever it occurs, and 
will be particularly aggressive with regard to any institutions found 
to be engaging in the type of conduct that has been the subject of 
these well-publicized enforcement cases.
    In their civil enforcement investigations, both OFAC and FinCEN 
often work closely with criminal agencies, including the Department of 
Justice and State and local criminal prosecutors. Neither OFAC nor 
FinCEN, however, possesses the authority to bring criminal charges, nor 
does Treasury see it as our role to influence or seek to direct the 
decision whether to prosecute in any given case. The decision whether 
to bring criminal charges is the exclusive prerogative of criminal 
prosecutors. Nonetheless, Treasury strongly supports vigorous law 
enforcement across the board--by our counterpart Federal regulators, by 
Federal criminal law enforcement, and by the relevant State and local 
authorities.

FinCEN's Renewed Focus on Enforcement
    FinCEN, as the administrator of the BSA, plays a critical role in 
our fight against money laundering and terrorist financing in the 
United States and around the world, and over its 20-plus year history, 
it has been at the heart of our Nation's efforts to combat illicit 
finance. I would like to highlight two FinCEN initiatives that will 
position the agency to be even more effective in enforcing the BSA in 
the years to come.
    First, FinCEN has recently completed a multiyear IT Modernization 
Program, which is on-time and on-budget. This project will enhance 
FinCEN's ability to analyze illicit financial activity and conduct 
enforcement investigations. It will also better serve the various 
agencies that work with FinCEN and rely--sometimes heavily--upon BSA 
data in conducting their own money laundering and terrorism cases. For 
example, last year the Federal Bureau of Investigation reported that 37 
percent of its pending counterterrorism cases had associated BSA 
records. A key component of FinCEN's modernization project is a 
powerful new search tool to access BSA data, called FinCEN Query. Since 
it was activated last September it has been used 920,000 times by 6,400 
users. This is a strong start and we expect the utility of this tool to 
grow as more of our law enforcement and intelligence partners who rely 
on BSA data adopt and gain facility with the new search tool.
    Second, FinCEN's new Director, Jennifer Shasky Calvery, is in the 
midst of a thorough review of FinCEN's operations as she and her new 
management team at FinCEN consider how FinCEN can better organize 
itself to execute its mission even more effectively, including 
enhancing its compliance and enforcement functions. Since taking up her 
post, Director Calvery has met with virtually every employee of FinCEN, 
as well as with FinCEN's law enforcement and regulatory partners, 
industry stakeholders and Congressional staff, as she explores the 
appropriate steps to take.
    Director Calvery is particularly focused on ensuring that FinCEN 
fulfills its key role in the enforcement of our AML/CFT regime, 
including by employing all the tools at the agency's disposal to hold 
accountable those institutions and individuals who allow our financial 
institutions to be vulnerable to terrorist financing, money laundering, 
proliferation finance, and other illicit financial activity. Some of 
these tools have been used in the past--such as imposing special 
measures under Section 311 of the USA PATRIOT Act against entities 
determined to be primary money laundering concerns--and we intend to 
continue the aggressive use of these tools in the future.
    We also intend to make use of additional tools at FinCEN's disposal 
to ensure that those who violate the BSA are held accountable. For 
example, the BSA provides FinCEN with the broad authority to obtain 
injunctions against persons it believes have violated, are violating, 
or will violate, the BSA. Likewise, the BSA allows FinCEN to impose 
civil penalties not only against domestic financial institutions and 
nonfinancial trades or businesses that willfully violate the BSA, but 
also against partners, directors, officers and employees of such 
entities who themselves actively participate in misconduct. Although 
FinCEN has employed these tools only occasionally in the past, in the 
future FinCEN will look for more opportunities to impose these types of 
remedies in appropriate cases.

New Initiatives To Improve the AML/CFT Framework
    Let me now turn to the several initiatives we are pursuing to look 
at our AML/CFT framework and consider where improvements can be made. 
At the heart of this task is a goal of ensuring that our AML/CFT 
obligations and actions are directing financial institutions to address 
the real, prevailing illicit financing risks that they face.

FinCEN's ``Delta Team''
    FinCEN recently organized a group dubbed the ``Delta Team'' under 
the auspices of the Bank Secrecy Act Advisory Group (BSAAG). The Delta 
Team includes representatives from the financial services industry, 
financial regulators, and law enforcement with the common mission of 
examining any gaps between illicit finance risks and compliance 
efforts. Their objective is to develop recommendations to close any 
gaps in order to enhance the effectiveness of our AML/CFT regulatory 
regime. The Delta Team had its first meeting last month, and I 
understand the discussions produced a number of interesting ideas that 
will be explored further in the ongoing dialogue.

The AML Task Force
    Treasury also has recently convened a broad interagency group, 
known as the AML Task Force, to look in depth at the entire AML/CFT 
framework. Along with Treasury, the AML Task Force is comprised of 
senior representatives from each of the regulators with responsibility 
to combat money laundering--that is, FinCEN, the Board of Governors of 
the Federal Reserve System, the Office of the Comptroller of the 
Currency, the Federal Deposit Insurance Corporation, the National 
Credit Union Administration, the Commodity Futures Trading Commission, 
the Securities and Exchange Commission and the Internal Revenue 
Service--as well from the Justice Department's Criminal Division.
    The Task Force's objective is to take a step-back look at our AML/
CFT framework--from the legal and regulatory foundation, to the 
compliance and examination function, to the enforcement efforts--to 
take stock of which components of our regime are working well, which 
are not, how the different parts are working together, and to assess 
how the entire enterprise is operating. The Task Force will look at the 
mechanisms by which illicit finance risks are identified, and how 
statutory and regulatory requirements are adapted to address these 
risks. It will evaluate information sharing, supervision, and 
enforcement practices and processes to determine if there are ways to 
better inform, assess, encourage and, as necessary, compel financial 
institution compliance.
    In all of its work, the Task Force will be informed by the specific 
deficiencies identified in the recent bank enforcement cases. The goal 
is to develop recommendations, and find solutions, to address any gaps, 
redundancies or inefficiencies in our AML/CFT framework, and to ensure 
that truly effective AML/CFT compliance is made a priority within 
financial institutions.

Enhancing Customer Due Diligence
    Financial transparency depends, at the most basic level, on 
effective customer due diligence--that is, the steps taken by financial 
institutions to know their customers. Poor or weak customer due 
diligence may permit illicit actors to access the financial system 
undetected, and to engage in transactions that financial institutions 
may fail to identify as suspicious.
    Current law, however, explicitly requires financial institutions to 
conduct in-depth customer due diligence--in which the true beneficial 
owner of an account is identified--in only certain limited 
circumstances. Because we believe that a broader obligation for 
financial institutions to conduct in-depth customer due diligence may 
be warranted, Treasury has embarked on a rule-making process to 
consider whether to impose an explicit, enhanced customer due diligence 
requirement.
    We believe that a rule that clarifies and strengthens customer due 
diligence requirements for U.S. financial institutions, including an 
obligation to identify beneficial owners, would advance the purposes of 
the BSA by assisting law enforcement in their financial investigations. 
Moreover, such a requirement would assist financial institutions in 
their assessment and mitigation of risk, as well as facilitate their 
compliance with existing BSA requirements and U.S. sanctions programs. 
And it would assist in reporting and investigations in support of tax 
compliance.
    Due to the importance of this issue, as well as its implication for 
all corners of our financial system, we took the unusual step of 
issuing an Advance Notice of Proposed Rulemaking (ANPRM), and then 
embarked on an unprecedented industry outreach program to discuss the 
proposed rule in series of public forums with a broad range of 
stakeholders, including Congress; law enforcement; community, regional, 
national, and international banks; money service businesses; broker-
dealers; futures commission merchants; and other interested parties. 
These engagements highlighted the challenges associated with achieving 
clear and harmonized customer due diligence expectations while also 
leveraging best practices to minimize burden.
    All the information gathered, through written comments as well as 
public engagements, has informed the development of a proposed customer 
due diligence rule, which we anticipate publishing for further notice 
and comment in the near future.

International Efforts To Strengthen the Global AML/CFT Framework
    Our domestic work to strengthen the integrity and transparency of 
our financial system, and refine and improve our AML/CFT framework, is 
bolstered and extended by our efforts to work with international 
partners to strengthen AML/CFT regimes abroad. Given the global nature 
of money laundering and terrorist financing, and the increasing 
interrelatedness of the global financial system, a secure global 
framework is essential to the integrity of the U.S. financial system.
    Treasury, along with others in the Federal Government, works 
closely with international counterparts to strengthen the global AML/
CFT framework and promote implementation and enforcement of effective 
AML/CFT measures worldwide. To this end, we engage several 
intergovernmental and international organizations, such as the 
Financial Action Task Force (FATF), the IMF, the World Bank, the United 
Nations, and various FATF-style regional bodies, to develop, assess, 
and facilitate implementation of effective AML/CFT laws around the 
world.
    In recent years, within the FATF, we have helped lead efforts to 
revise and strengthen the global AML/CFT standards, including by 
incorporating measures to combat proliferation financing, tax evasion, 
and sanctions evasion. We have also led efforts to focus the next round 
of jurisdictional assessments on effectiveness and implementation, in 
addition to technical compliance with the global standards. Most 
recently, we have secured the FATF's commitment to examine challenges 
of global compliance as a priority matter for all jurisdictions, within 
a broader agenda focusing on enhancing the effectiveness of AML/CFT 
regimes in combating the threats we face.
    Through these efforts, we have established both a necessary 
foundation and a common set of expectations that will enable us to 
focus ongoing and future global AML/CFT efforts on the primary 
challenges we face in combating illicit finance and enhancing financial 
integrity. These challenges include the substantive areas of concern 
highlighted in recent bank enforcement actions, such as sanctions 
compliance (including by intermediary financial institutions), customer 
due diligence, AML programs, and correspondent controls. They also 
include cross-cutting AML/CFT issues such as enhancing information 
sharing to facilitate enterprise-wide risk management within global 
financial institutions, and aligning investigative, supervisory and 
compliance resources to focus on priority illicit financing risks and 
vulnerabilities. Thus, as we examine these issues with a view towards 
improving the effectiveness of our own AML/CFT regime, we are also 
working internationally to inform and strengthen similar efforts in 
other financial centers.

Conclusion
    The United States is home to one of the strongest anti-money 
laundering and counterterrorist financing regimes in the world. But 
clearly, there is work to be done to make our AML/CFT regime more 
effective and to elicit better compliance from financial institutions. 
We all have an interest in enhancing the effectiveness of our framework 
and better protecting our financial system from abuse. I look forward 
to working with this Committee on these critical issues, and would be 
pleased to answer any questions you may have.

















                 PREPARED STATEMENT OF THOMAS J. CURRY
         Comptroller, Office of the Comptroller of the Currency
                             March 7, 2013

I. Introduction
    Chairman Johnson, Ranking Member Crapo, and Members of the 
Committee, I appreciate the opportunity to appear before you today to 
discuss the importance of effective Bank Secrecy Act and Anti-Money 
Laundering (BSA/AML) compliance programs at U.S. financial institutions 
and the role the OCC plays in examining financial institutions for 
compliance in this area.*
---------------------------------------------------------------------------
     * Statement required by 12 U.S.C. 250: The views expressed herein 
are those of the Office of the Comptroller of the Currency and do not 
necessarily represent the views of the President.
---------------------------------------------------------------------------
    The OCC is committed to ensuring that the institutions under its 
supervision have effective controls in place to safeguard them from 
being used as vehicles to launder money for drug traffickers and 
transnational and other criminal organizations, or to facilitate the 
financing of terrorist acts. Together with the other Federal banking 
agencies and the law enforcement community, the OCC's goal is to deter 
money laundering, terrorist financing, and other criminal acts and 
prevent the misuse of our Nation's financial institutions.
    National banks and Federal savings associations (hereafter referred 
to as ``banks'' or ``bank'') have been required to have a BSA 
compliance program since 1987, and to monitor, detect, and report 
suspicious activity since the 1970s. However, regulatory requirements 
and supervisory expectations under the BSA have increased significantly 
since that time, and most institutions have had to make substantial 
improvements in their compliance programs. In response, many of the 
largest institutions have implemented highly sophisticated programs and 
systems that screen transactions to identify and report suspicious 
activity to law enforcement, and to ensure that such transactions do 
not involve entities subject to Office of Foreign Assets Control (OFAC) 
sanctions. The suspicious activity reports (SARs) that are filed have 
provided law enforcement with access to critical information needed to 
initiate and conduct successful investigations and prosecutions. There 
are now more than 5.6 million SARs in the centralized database that is 
maintained by the Financial Crimes Enforcement Network (FinCEN). The 
majority of these SARs have been filed by national banks and Federal 
thrifts.
    BSA compliance is inherently difficult, combining the challenges of 
sifting through large volumes of transactions to identify features that 
are suspicious, with the presence of criminal and possibly terrorist 
elements dedicated to, and expert in, concealing the true nature of the 
transactions they undertake. As financial institutions' BSA compliance 
programs have evolved and changed over time, so have the sophistication 
and determination of money launderers, terrorist financiers, and other 
criminals in finding other ways to gain access to our institutions. The 
technology, products, and services offered by institutions to give 
customers better and quicker access to financial services can also be 
used by criminals to instantaneously and anonymously move money 
throughout the world, sometimes through the simple click of a keypad or 
the use of a cell phone app. Risks are constantly mutating, as criminal 
elements alter their tactics to avoid detection. They move quickly from 
one base of operations to another, finding sanctuary in places where 
law enforcement, or sympathy for U.S. policy objectives, is weakest. 
Furthermore, money-laundering schemes are becoming more complex, 
involving entities and individuals located in numerous jurisdictions 
worldwide. Consequently, banks, thrifts, and other financial 
institutions have had to devote increasingly larger amounts of 
resources to maintain effective programs, and the OCC has likewise 
significantly increased its attention in this area.
    My testimony today will cover our assessment of industry trends and 
concerns; the OCC's supervisory approach to BSA/AML; our process for 
taking supervisory and enforcement actions and a description of some of 
our recent actions; improvements the OCC has made or is in the process 
of making to our supervisory and enforcement practices; and our 
recommendations for regulatory and legislative improvements.
    Specifically, in response to the Committee's questions in its 
letter of invitation, the OCC believes that corporate governance 
weaknesses, combined with the effects of austerity programs banks 
instituted during the financial crisis, are among the biggest reasons 
for recent BSA/AML compliance breakdowns. In response, the OCC has 
implemented a number of changes to our policies and internal review 
processes to strengthen our supervision in this critical area, and we 
are considering additional changes to our policy guidance, regulations, 
and enforcement documents to clarify regulatory expectations and 
improve bank compliance in this area. For example, while we believe 
that our cease and desist (C&D) authority is as effective and more 
efficient than the use of civil injunctions, we are exploring the 
possibility of regulatory changes that would enhance our ability to 
take removal and prohibition actions against bank officers, directors, 
and employees that engage in violations of the BSA. Finally, we have 
inserted language in some of our recent enforcement documents that is 
designed to improve enterprise-wide compliance with AML requirements 
when banks engage in transactions with their overseas affiliates. All 
of these points are further addressed in the testimony.

II. Industry Trends and Concerns
    Many of the practical problems we have seen in recent years with 
respect to BSA compliance can be attributed to four root causes: (i) 
culture of compliance within the organization, (ii) commitment of 
sufficient and expert resources, (iii) strength of information 
technology and monitoring processes, and (iv) sound risk management. 
These root causes have led to breakdowns in the fundamentals and 
mechanics of sound management of operational risks. For example, our 
examination and enforcement activities have identified a number of 
trends and concerns in the BSA/AML area that warrant continued 
attention by supervisors and banks:

    Corporate Governance--Some recent cases have involved the 
        lack of strong corporate governance principles necessary to 
        create a ``culture of compliance'' within the organization. 
        These cases reflected an imbalance in both the independence of 
        the compliance function and organizational incentives that 
        emphasized revenues and growth over balanced risk management. 
        Proper incentives across both BSA/AML compliance and the line 
        of business ensure that there is accountability throughout the 
        organization and employees are motivated to do the right thing 
        through compensation structures, performance standards, 
        promotions, and a strong compliance culture.

    Compliance Resources--Recent cases have identified a lack 
        of sufficient staffing, high turnover rates, and cutbacks in 
        the compliance area as common factors that have impeded the 
        effectiveness of banks' BSA/AML programs. In some cases, banks 
        have inappropriately reduced staffing and resources in the BSA 
        area due to austerity programs initiated during the financial 
        crisis. In other cases, banks' compliance department staff and 
        expertise have failed to keep pace with the growth of the 
        institution.

    International Focus or Component--Foreign correspondent 
        banking, cross border funds transfers, bulk cash repatriation, 
        remote deposit capture, and embassy banking have all been high-
        risk areas that some banks have not managed effectively.

    Bulk Cash and Structured Deposits--Bulk cash transactions 
        continue to present significant BSA/AML challenges for banks in 
        determining legitimate from illegitimate sources. In addition, 
        as a result of the changes to the Mexican currency laws, we 
        have seen an increase in suspicious activity along the 
        southwest border flowing from funnel accounts associated with 
        drug cartels, increased use of nonbank financial institutions, 
        and increased structuring of cash deposits.

    Migration to Smaller Banks--As some large or midsize banks 
        have attempted to lower their risk profiles, higher risk 
        products and customers have migrated to community banks. These 
        institutions must be mindful of the resources and personnel 
        necessary to successfully manage higher risk activities.

    New Technologies and Evolving Payments Activities--When 
        banks introduce new technologies and products, they must 
        appreciate or understand the compliance risks. Prepaid access, 
        mobile phone banking, smart ATM machines and kiosks, mobile 
        wallets, and Internet cloud-based payment processes are all 
        technologies that are developing rapidly, and senior bank 
        compliance personnel need to be engaged in the product 
        development processes. OFAC monitoring is especially important 
        and challenging in this area. In addition, products that have 
        evolved through technology need to be periodically re-evaluated 
        (e.g., prepaid access money transfers, and payroll cards).

    Third-Party Relationships and Payment Processors--The OCC 
        and the other banking agencies have been reviewing closely 
        third-party and payment processor relationships and a number of 
        enforcement actions have been taken in recent years. Banks need 
        to be especially aware of the risks presented by payment 
        processors and the extent of their franchising relationships 
        (routing transit numbers (RTNs), bank identification numbers 
        (BINs), and ATM machines).

    The OCC will continue to identify significant trends, communicate 
them to the industry, and ensure that BSA/AML supervision stays 
current.

III. OCC BSA/AML Supervisory Policies and Practice
Legal Framework and the OCC's Risk-based Supervisory Approach
    The Money Laundering Control Act of 1986 provides the framework for 
BSA/AML supervision and enforcement. It requires the Federal banking 
agencies to: (i) prescribe regulations to require banks to establish 
and maintain procedures that are reasonably designed to assure and 
monitor compliance with the BSA; (ii) review those procedures at every 
examination; (iii) report problems with the procedures to the bank; and 
(iv) issue a C&D order if the financial institution fails to establish 
and maintain the procedures or fails to correct a problem that was 
previously reported to it. \1\ On January 27, 1987, the OCC and the 
other Federal banking agencies issued virtually identical regulations 
to implement this requirement. The OCC's regulation, codified at 12 CFR 
21.21 for national banks and at 12 CFR 163.177 for Federal savings 
associations, requires every bank to have a written program, approved 
by the board of directors, and reflected in the minutes of the bank. 
The program must, at a minimum: (1) provide for a system of internal 
controls to assure ongoing compliance; (2) provide for independent 
testing for compliance; (3) designate an individual responsible for 
coordinating and monitoring day-to-day compliance; and (4) provide 
training for appropriate personnel. In addition, the implementing 
regulation for section 326 of the USA PATRIOT Act \2\ requires that 
every bank adopt a customer identification program as part of its BSA 
compliance program.
---------------------------------------------------------------------------
     \1\ 12 U.S.C. 1818(s).
     \2\ Uniting and Strengthening America by Providing Appropriate 
Tools Required To Intercept and Obstruct Terrorism, P.L. 107-56, 115 
Stat. 272 (2001) (USA PATRIOT Act).
---------------------------------------------------------------------------
    The OCC has worked with the other Federal Financial Institutions 
Examination Council (FFIEC) agencies, \3\ FinCEN, and OFAC to review 
and develop BSA examination and enforcement policies and procedures for 
use at every examination. The publication of the Interagency BSA/AML 
Examination Manual (Manual) in 2005 effectively standardized 
examination procedures for the Federal banking agencies. The Manual 
reinforces the agencies' position that sound BSA/AML risk management 
enables a banking organization to identify BSA/AML risks and better 
direct its resources, with the ultimate goal of helping safeguard its 
operations from money laundering, terrorist financing, and other 
illicit activities. The Manual has been revised three times since its 
initial publication so that it remains current with the latest 
technological and payment system innovations and emerging threats and 
vulnerabilities.
---------------------------------------------------------------------------
     \3\ The FFIEC is a formal interagency body empowered to prescribe 
uniform principles and standards for the Federal examination of 
financial institutions by the OCC, the Board of Governors of the 
Federal Reserve (Federal Reserve), the Federal Deposit Insurance 
Corporation (FDIC), the National Credit Union Administration, and the 
Consumer Financial Protection Bureau. The FFIEC's primary goal is to 
promote uniformity in the supervision of financial institutions.
---------------------------------------------------------------------------
    The OCC monitors compliance with the BSA and its implementing 
regulations by applying the examination procedures set forth in the 
Manual during a bank's examination. Community banks are examined either 
on a 12- or 18-month cycle, and large banks and midsize banks are 
examined on an annual cycle. These procedures are risk-based and direct 
examiners to focus examination resources on high-risk areas within 
banks. Examiners use the procedures to assess the implementation and 
effectiveness of the bank's policies, procedures, systems, and 
controls. Every BSA/AML examination includes, at a minimum, a review of 
the bank's risk assessment and its BSA/AML compliance program (focusing 
on internal controls, training programs, independent testing, and BSA 
officer independence and qualifications). We also assess the 
effectiveness of the bank's OFAC compliance program.
    OCC examiners perform ongoing supervision and conduct targeted 
testing in areas that may present higher money laundering and terrorist 
financing risks. The Manual includes supplemental procedures that cover 
specific BSA requirements (e.g., currency transaction reporting, 
suspicious activity reporting, foreign correspondent bank, private 
banking, and funds transfer record keeping) and specific examination 
procedures covering risks from products and services and persons and 
entities (e.g., correspondent banking, private banking, trade finance, 
electronic banking, third-party payment processors, bulk shipments of 
currency, pouch activities, politically exposed persons, and business 
entities).
    The OCC routinely analyzes BSA data, currency transaction reports 
and SARs to identify unique risks and augment our examinations. This 
information permits examiners to scope and plan examinations to ensure 
that the bank's higher risk activities are evaluated. Such activities 
may be reflected in accounts associated with repetitive SAR filings, 
significant cash activity, or activity that is inconsistent with the 
type of business of the customer, and are examples of the types of 
accounts that would be selected for transaction testing and further 
examiner review. In cases where examiners identify areas of concern, 
deficiencies, or violations, they typically expand the examination 
scope and perform transaction testing in targeted areas to ensure they 
identify and evaluate all pertinent issues.
    In community banks, the OCC uses a risk identification and 
analytical tool called the Money Laundering Risk (MLR) System, which 
enables the OCC to identify potentially high-risk banks and activities 
that warrant increased scrutiny and supervisory resources. This 
combination of our ongoing supervision and targeted examinations allows 
us to determine the adequacy of a bank's BSA/AML compliance program at 
every exam.

Training and Internal Communications
    The OCC provides comprehensive BSA training to our examiners and 
organizes a BSA compliance conference every 3 years to inform our 
examiners of emerging money laundering and terrorist financing threats 
and vulnerabilities. A critical component of examiner training is also 
provided on an interagency basis by the FFIEC and the OCC works with 
the FFIEC and other Federal Government agencies to develop advanced AML 
courses for examiners, as well as periodic internal and external 
seminars, conferences, and teleconferences. Representatives of the law 
enforcement community are regular participants in these conferences and 
training sessions, establishing an ongoing dialogue with our examiners 
concerning criminal typologies, schemes and arrangements. Such forums 
allow our examiners to be continually aware of the risks facing the 
banks, to scope examinations accordingly, and to provide timely 
guidance to the industry in addressing those risks. OCC examiners also 
attend other FFIEC training courses, external courses and industry 
conferences to remain abreast of the latest trends in the areas of 
money laundering, payments systems, fraud, and cybercrime.
    The OCC Compliance Policy Department leads our National Anti-Money 
Laundering Group (NAMLG), which is an internal forum that serves as the 
focal point for BSA/AML issues within the agency. The NAMLG facilitates 
intra-agency communication; promotes cooperation and information 
sharing with national and district office AML groups; identifies 
emerging risks, best practices, and possible changes in anti-money 
laundering policies and procedures; discusses legislative proposals; 
and serves as a clearinghouse for ideas developed throughout the OCC. 
The NAMLG's resource sharing program initiative provides BSA policy 
expert resources to complex banks, higher risk banks, or examinations 
in need of specialized expertise. The resource-sharing program promotes 
BSA/AML knowledge transfer and examiner development, and improves the 
allocation of BSA resources.

Interagency Cooperation
    The OCC cooperates and coordinates on an interagency basis to 
address BSA/AML issues. For example, we are participating in the 
interagency Task Force on the U.S. AML Framework, led by Under 
Secretary of the Treasury David Cohen, which will take a close look at 
the BSA and its requirements to ensure that this 40-year old statutory 
framework remains relevant in today's world. The OCC also participates 
in several interagency groups, including the Bank Secrecy Act Advisory 
Group (BSAAG); \4\ the newly formed BSAAG Delta Team; \5\ the FFIEC BSA 
Working Group; \6\ and the National Interagency Bank Fraud Working 
Group. \7\
---------------------------------------------------------------------------
     \4\ The BSAAG is chaired by FinCEN and is composed of policy, 
legal, and operations representatives from the major Federal and State 
law enforcement and regulatory agencies involved in the fight against 
money laundering, as well as industry representatives.
     \5\ The BSAAG Delta Team is cochaired by FinCEN and an industry 
representative. The purpose of the BSAAG Delta Team is for industry, 
regulators, and law enforcement to come together and examine the 
variance between compliance risks and illicit financing risks. The goal 
is to reduce the variance between the two and build a smarter, more 
effective, and more cost efficient regulatory framework.
     \6\ The FFIEC BSA Working Group, similar to the FFIEC itself, has 
a rotating chair and is composed of representatives of Federal and 
State regulatory agencies.
     \7\ The National Interagency Bank Fraud Working Group is chaired 
by the Department of Justice, and composed of representatives of the 
Federal law enforcement and regulatory agencies (the OCC has been an 
active member of this group since its founding in 1984).
---------------------------------------------------------------------------
    The OCC works closely with the U.S. Treasury's Office of Terrorism 
and Financial Intelligence (TFI), FinCEN, and OFAC to promote the 
implementation of sound international anti-money laundering and 
counterterrorist financing (AML/CFT) standards. In addition, the OCC 
annually hosts two AML schools to train our foreign counterparts, and 
we are active participants in the U.S. delegation to the Financial 
Action Task Force (FATF) that is led by TFI. We have participated in 
various State and Treasury Department missions to assist foreign 
Governments in their anti-money laundering efforts.
    The OCC has a long history of cooperation with law enforcement and 
we work closely with law enforcement agencies when there are ongoing 
parallel investigations involving a national bank or thrift by 
providing documents, information, and expertise that is relevant to a 
potential criminal violation. As described in the Appendices to this 
testimony, OCC examination findings have been instrumental in 
developing some of the most significant BSA/AML cases, and have 
resulted in criminal charges and convictions of bank officials.

IV. OCC's BSA/AML Supervisory and Enforcement Process
    Effective bank supervision requires clear communications between 
the OCC and the bank's senior management and board of directors. In 
most cases, problems in the BSA/AML area, as well as in other areas, 
are corrected by bringing the problem to the attention of bank 
management and obtaining management's commitment to take corrective 
action. A Report of Examination, or Supervisory Letter (used for large 
or midsize banks), documents the OCC's findings and conclusions with 
respect to our supervisory review. Once problems or weaknesses are 
identified and communicated to the bank, the bank's senior management 
and board of directors are expected to promptly correct them. The 
actions that a bank takes, or agrees to take, to correct deficiencies 
are important factors in determining whether more forceful action is 
needed.

Enforcement Remedies and Process
    OCC enforcement actions fall into two broad categories: informal 
and formal. In general, informal actions are used when the identified 
problems are of limited scope and magnitude and bank management is 
regarded as committed to and capable of correcting them. Informal 
actions include safety and soundness plans, commitment letters, 
memoranda of understanding and matters requiring board attention in 
examination reports. These generally are not public actions.
    The OCC also uses a variety of formal enforcement actions to 
support its supervisory objectives. Unlike most informal actions, 
formal enforcement actions are authorized by statute, are generally 
more severe, and are disclosed to the public. Formal actions against a 
bank include C&D orders, formal written agreements, safety and 
soundness orders, and civil money penalties (CMPs). C&D orders and 
formal agreements may be entered into consensually by the OCC and the 
bank and require the bank to take certain actions to correct identified 
deficiencies. The OCC also may take formal action against officers, 
directors, and other individuals associated with an institution 
(institution-affiliated parties or IAPs). Possible actions against 
institution-affiliated parties include removal and prohibition from the 
banking industry, CMPs, and personal C&D orders.
    As previously mentioned, when deficiencies in the BSA/AML area rise 
to the level of a BSA compliance program violation (12 CFR 21.21 or 
163.177), or when a bank fails to correct problems with the program 
that had been previously reported to the bank, we are required under 12 
U.S.C. 1818(s) to use our C&D authority to correct the problem. The 
OCC worked with the other Federal banking agencies to develop and issue 
an interagency policy on citing BSA compliance program violations and 
taking enforcement actions, and our enforcement decisions are framed by 
that policy. The Interagency Statement on Enforcement of BSA/AML 
Requirements (Interagency Statement) was issued in 2007 and it sets 
forth the agencies' policy on the circumstances in which an agency will 
issue a C&D order to address noncompliance with certain BSA/AML 
requirements, particularly in light of the statutory mandate in Section 
1818(s). The Interagency Statement provides that a compliance program 
violation occurs where either of the following conditions exists:

        The bank fails to adopt or implement a written BSA compliance 
        program that adequately covers the required program elements: 
        (1) internal controls (including customer due diligence, 
        procedures for monitoring suspicious activity or appropriate 
        risk assessment); (2) independent testing; (3) designated 
        compliance personnel; and (4) training; or

        The bank has defects in its BSA compliance program in one or 
        more program elements indicating that either the written 
        program or its implementation is not effective. For example, 
        program deficiencies indicate ineffectiveness where the 
        deficiencies are coupled with other aggravating factors such as 
        evidence of: (i) highly suspicious activity creating a 
        significant potential for unreported money laundering or 
        terrorist financing; (ii) patterns of structuring to evade 
        reporting requirements; (iii) significant insider complicity; 
        or (iv) systemic failures to file currency transaction reports, 
        suspicious activity reports, or other required BSA reports.

    A program violation may occur where customer due diligence, 
monitoring of suspicious activity, risk assessment, or other internal 
controls fail with respect to a ``high risk area,'' or to ``multiple 
lines of business that significantly impact the bank's overall BSA 
compliance.'' The agency will also consider the application of the 
bank's program across its business lines and activities. In the case of 
banks with multiple lines of business, deficiencies affecting only some 
lines of business or activities would need to be evaluated to determine 
if the deficiencies are so severe or significant in scope as to result 
in a conclusion that the bank has not implemented an effective overall 
program.
    The Interagency Statement also specifically addresses repeat 
problems for purposes of the statutory mandate for a C&D order in 12 
U.S.C. 1818(s). It provides that in order to be considered a 
``problem'' within the meaning of section 1818(s), the deficiency 
reported to the institution would ordinarily involve a serious defect 
in one or more of the required components of the institution's BSA 
compliance program or implementation thereof. In addition, it sometimes 
takes a considerable period of time to correct BSA/AML deficiencies 
especially when large institutions merge system platforms and 
information technology changes are required. As a result, with regard 
to repeat problems, the Interagency Statement provides that a C&D is 
not required if the agency determines that the institution has made 
``acceptable substantial progress'' toward correcting the problem at 
the time of the examination immediately following the examination where 
the problem was first identified and reported to the institution.
    To ensure that the OCC's process for taking administrative 
enforcement actions based on BSA violations is measured, fair, and 
fully informed, in 2005, the OCC adopted a process for taking 
administrative enforcement actions against banks based on BSA 
violations, including situations where a bank fails to correct a 
problem that was previously brought to its attention. This process 
includes the following stages:

  1.  Preliminary assessment of the facts and discussion with bank 
        management.

  2.  Additional reviews by cross-functional review groups, including 
        the OCC's Large Bank Review Team.

  3.  Written findings provided to the bank and an opportunity for the 
        bank to respond.

  4.  Major Matters Supervision Review Committee or Washington 
        Supervision Review Committee review. \8\
---------------------------------------------------------------------------
     \8\ The MMSRC was established by the Comptroller late last year to 
further strengthen and enhance the review process for significant 
enforcement cases, including large bank BSA/AML cases, to include the 
most senior staff within the OCC. The MMSRC is chaired by the OCC's 
Senior Deputy Comptroller for Bank Supervision Policy and Chief 
National Bank Examiner, and includes the Chief of Staff, the Senior 
Deputy Comptrollers for Midsize and Community Bank and Large Bank 
Supervision, as well as the Chief Counsel. The MMSRC reviews all large 
bank enforcement actions that include articles addressing BSA, all BSA 
CMPs involving large banks and all prohibitions/removals against 
individuals for violations of the BSA. The Washington Supervision 
Review Committee (WSRC) continues to review BSA enforcement actions 
proposed by the OCC to be taken against midsize and community banks.

  5.  Final decision by the MMSRC or an appropriate Senior Deputy 
---------------------------------------------------------------------------
        Comptroller.

Recent Enforcement Actions
    Since September 11, 2001, the OCC has issued over 195 public formal 
enforcement actions based in whole, or in part, on BSA/AML violations 
(including formal agreements, C&D orders, and CMP actions). Some of the 
more significant recent cases were actions against Wachovia Bank, N.A., 
HSBC Bank USA, N.A., Citibank, N.A., and JPMorgan Chase, N.A. A brief 
description of these actions is set forth in Appendix A to this 
testimony. Each of these cases have been discussed extensively at 
public forums and they underscore the OCC's commitment to ensuring that 
all national banks and Federal savings associations have a strong BSA/
AML function that keeps pace with changing technologies and threats.
    The OCC has also brought enforcement actions against responsible 
individuals for BSA/AML violations, and OCC examination findings have 
been instrumental in bringing successful criminal actions against bank 
insiders, including a Vice-President of Riggs Bank and the Chairman of 
the Board of Directors of Broadway National Bank. Some of the more 
significant BSA/AML cases involving bank insiders are discussed in 
Appendix B to this testimony. In addition, the OCC's Enforcement and 
Compliance Division has also brought countless actions against bank 
insiders for insider fraud and abuse over the years. While establishing 
the culpability of individuals in cases of institutional failures such 
as BSA compliance program breakdowns can be challenging, the OCC is 
committed to taking such actions where they can be supported. To this 
end, the OCC conducts a review of individual misconduct as part of all 
significant investigations into BSA noncompliance. As further described 
below, the OCC is exploring possible regulatory changes that would 
enhance its ability to take removal and prohibition actions in 
appropriate cases.

V. Actions Undertaken To Improve BSA/AML Supervision and Enforcement
    The OCC is committed to rigorous supervision, strong enforcement, 
and continuous improvement to our supervisory approach to BSA/AML 
compliance. While the OCC has made substantial progress in improving 
its supervision in the BSA/AML area, we recognize that there remains 
work to be done, and that BSA/AML supervision can never be static. We 
are committed to ongoing evaluation of our approaches to BSA/AML 
compliance and to appropriate revisions to our approach in light of 
technological developments, and the increasing sophistication of money 
launderers and terrorist financiers, as well as to address aspects of 
the process where shortcomings were evidenced. To this point, we have 
recently made, or are in the process of making a number of enhancements 
to our supervisory processes which are described below:

    We have established a MMSRC comprised of the most senior 
        level staff within the OCC to review high profile and complex 
        BSA/AML enforcement matters;

    We no longer reflect BSA/AML findings in the FFIEC consumer 
        compliance rating, rather, we fully consider BSA/AML findings 
        in a safety and soundness context as part of the management or 
        ``M'' component of a bank's CAMELS rating;

    We are clarifying the operation of our BSA Large Bank 
        Review Team to ensure we bring different perspectives to bear 
        and react more quickly when a bank has multiple matters 
        requiring attention (MRAs), or apparent violations of its BSA/
        AML program;

    We have provided more flexibility for citing BSA/AML 
        violations for individual ``pillar'' violations (i.e., internal 
        controls, BSA officer, testing, and training) and will be 
        issuing additional guidance to the examination staff shortly;

    We are in the process of identifying steps we can take in 
        our examinations to obtain a holistic view of a bank's BSA/AML 
        compliance more promptly;

    We have implemented an internal bank supervision appeals 
        program that supports the open discussion of concerns, 
        reinforces our expectations that examiners and other 
        supervisory staff should identify potential problems they see 
        at the banks and thrifts we regulate, and provides the 
        opportunity to escalate those issues when necessary;

    We are reviewing the manner in which MRAs are reported to 
        ensure that banks with high numbers of MRAs in one particular 
        CAMELS/ITCC area are receiving additional supervisory attention 
        and, in the case of BSA/AML, consideration of formal 
        enforcement action; and

    We are annually updating the OCC's community bank MLR 
        System and considering whether similar tools should be 
        implemented in our large bank and midsize bank portfolios. \9\
---------------------------------------------------------------------------
     \9\ The OCC recently requested Office of Management and Budget 
(OMB) approval and invited public comment for this additional MLR data 
collection. See Office of the Comptroller of the Currency; Agency 
Information Collection Activities; Submission for OMB Review; Comment 
Request; Bank Secrecy Act/Money Laundering Risk Assessment, 77 FR 70544 
(Nov. 26, 2012). An additional 30-day request for OMB approval and 
comment letter will be published in the Federal Register that will 
provide a summary of the comments received.

    The OCC has also made, or is considering making, the following 
changes in the areas of corporate governance, enterprise-wide 
compliance, and removal and prohibition authority. In addition, there 
is one possible regulatory change that we believe should be considered, 
and the OCC supports two legislative changes in the BSA/AML area. Each 
is discussed below:

Corporate Governance
    A number of recent BSA/AML enforcement actions involving large 
complex banking organizations have highlighted the need for strong 
internal controls and corporate governance. \10\ To address this, 
recent OCC enforcement actions have included the following 
requirements:
---------------------------------------------------------------------------
     \10\ See, e.g., In the Matter of JPMorgan Chase Bank, N.A., 
Columbus, Ohio, OCC 2013-002 AA-EC-13-04, Art. IV, p. 8 (Jan. 14, 
2013); In the Matter of Citibank, N.A., Sioux Falls, South Dakota, OCC 
2012-52 AA-EC-12-18, Art. IV, p. 7. (April 4, 2012)); In the Matter of 
HSBC Bank USA, N.A., Mclean, VA, OCC 2010-199 AA-EC-10-98, Art. VI, p. 
10 (Sept. 24, 2010); In the Matter of Wachovia Bank, National 
Association, Charlotte, NC, OCC 2010-37 AA-EC-10-17, Art. II, p. 5. 
(Mar. 12, 2010).

  1.  A designated BSA Officer with sufficient knowledge, funding, 
        authority, independence, compensation, and supporting staff to 
        perform his or her assigned responsibilities and maintain 
        effective compliance with the BSA and its implementing 
---------------------------------------------------------------------------
        regulations;

  2.  An effective governance structure to allow the BSA Officer and 
        the compliance function to administer the program independently 
        by reporting directly to the board of directors, or a committee 
        thereof, with clear lines of responsibility beginning with 
        senior management and including each line of business that is 
        required to comply with the BSA;

  3.  Clearly defined channels for informing the board of directors, or 
        a committee thereof, and senior management, of compliance 
        initiatives, compliance risks, new product development, 
        identified compliance deficiencies, and corrective actions 
        undertaken;

  4.  Compliance staff with the appropriate level of authority and 
        independence to implement the BSA/AML compliance program and, 
        as needed, question account relationships, new products and 
        services and business plans;

  5.  Policies and procedures that clearly outline the BSA/AML 
        responsibilities of senior management and relevant business 
        line employees, and that hold senior management and line of 
        business management accountable for effectively implementing 
        bank policies and procedures, and fulfilling BSA/AML 
        obligations;

  6.  A well-defined succession plan for ensuring the program's 
        continuity despite changes in management, staffing, or 
        structure, and policies and procedures to ensure that problems 
        with excessive turnover of compliance staff or the BSA Officer 
        function are identified, investigated, and appropriately 
        addressed by the board;

  7.  Policies and procedures to ensure that the bank's risk profile is 
        periodically updated to reflect higher risk banking operations 
        (products, services, customers, entities, and geographic 
        locations) and new products and services;

  8.  An enterprise-wide management information system that provides 
        reports and feedback that enables management to more 
        effectively identify, monitor, and manage the organization's 
        BSA risk on a timely basis; and

  9.  A strong BSA/AML audit function that ensures that identified 
        deficiencies are promptly addressed and corrected.

    The OCC is in the process of drafting detailed guidance to banks on 
sound corporate governance processes that will incorporate many of 
these concepts, including business line accountability for BSA/AML 
compliance and the independence of the compliance function.

Enterprise-wide Compliance and Limitations on Activities
    Recent OCC enforcement actions have contained articles that address 
enterprise-wide compliance to ensure that the banking company's global 
AML program is commensurate with the risks and that all relevant 
affiliated institutions are included in the global risk assessment. 
Although current BSA/AML automated monitoring systems do not have the 
capability to ensure enterprise-wide monitoring on a real time global 
basis, the OCC expects banks to have strong customer due diligence 
processes and understand the extent that a particular customer may have 
accounts or transactions flowing through other segments of the 
organization. The OCC also expects that the extent and scope of this 
activity should be periodically reviewed on a risk basis by the bank's 
compliance staff and included within the audit.
    Recent enforcement actions have also contained provisions that 
limited or restricted a bank's products and services due to inadequate 
BSA/AML controls with respect to those products and services. \11\ In 
some cases, banks ceased engaging in a particular line of business as a 
result of the OCC examination (e.g., correspondent banking or bulk cash 
repatriation) and the OCC article required OCC approval should the bank 
decide to restart that particular line of business or service. In other 
cases, the OCC affirmatively took action to restrict certain high-risk 
lines of business or reduce the risk profile of the institution. \12\ 
This authority is similar to civil injunctive relief to limit bank 
activities for a period. The OCC will continue to use this C&D 
authority when warranted.
---------------------------------------------------------------------------
     \11\ See, e.g., In the Matter of JPMorgan Chase Bank, N.A., 
Columbus, Ohio, OCC 2013-002 AA-EC-13-04, Art. XI, p. 22 (Jan. 14, 
2013); In the Matter of Citibank, N.A., Sioux Falls, South Dakota, OCC 
2012-52 AA-EC-12-18, Art. VIII and XI, pp. 15, 21 (April 4, 2012); In 
the Matter of HSBC Bank USA, N.A., Mclean, VA, OCC 2010-199 AA-EC-10-
98, Art. XII, p. 17 (Sept. 24, 2010); In the Matter of Wachovia Bank, 
National Association, Charlotte, NC, OCC 2010-37 AA-EC-10-17, Art. IX, 
p. 13. (Mar. 12, 2010); In the Matter of Arab Bank, PLC, New York, NY, 
OCC 2005-14 AA-EC-05-12, Art. III and IV, pp. 4, 9 (Feb. 24, 2005).
     \12\ In the Matter of Arab Bank, PLC, New York, NY, OCC 2005-14 
AA-EC-05-12, Art. VII, p. 15 (Feb. 24, 2005)(Federal branch conversion 
to an agency).
---------------------------------------------------------------------------
Removal and Prohibition Authority
    As previously noted, the OCC has the statutory authority to issue 
an order of removal and prohibition from office against an IAP of a 
bank whenever the OCC determines that the IAP has committed a violation 
of the BSA and such violation was not inadvertent or unintentional, or 
the insider has knowledge that an IAP has violated any provision of the 
BSA. 12 U.S.C. 1818(e)(2)(A)(ii). In addition, the OCC may remove an 
officer or director of a bank who has knowledge that an IAP of the bank 
has violated any provision of the BSA, taking into account whether the 
officer or director took appropriate action to stop, or to prevent the 
recurrence of the violation. 12 U.S.C. 1818(e)(2)(A)(ii) and (B). The 
OCC is currently reviewing these provisions and exploring whether a 
regulation or other agency issuance interpreting these sections of the 
statute would be helpful in bringing such actions and providing notice 
to the industry regarding the type of conduct or wrongdoing that is 
subject to a removal or prohibition action.

Enhanced Information Sharing
    Financial intelligence, criminal typologies, and information 
sharing between Government agencies, regulators, and financial 
institutions is essential to the prevention and deterrence of money 
laundering and other financial crimes. In particular, financial 
institutions can benefit from improved and consistent access to 
information concerning money laundering and terrorist financing schemes 
and typologies, vulnerabilities, and red flags to ensure that they can 
appropriately manage their risks. Such information is also valuable to 
examiners in preparing for and performing examinations. In addition, 
active knowledge sharing processes will discourage situations described 
as a possible ``commodification'' of BSA reporting by banks that 
focuses on the quantity, rather than the quality or actual risk 
associated with a transaction, including with respect to SAR filings.
    To this end, the OCC supports efforts to enhance information 
sharing, including the provision of information from the Government to 
financial institutions. The OCC is interested in exploring all possible 
methods and means of accomplishing this, including changes in the way 
that communication channels established to implement section 314(a) of 
the USA PATRIOT Act are presently used.

Possible Legislative Changes--Expansion and Clarification of Safe 
        Harbors
    The OCC recognizes the importance of ensuring that the agencies' 
enforcement authorities remain current and relevant in this area. We 
think there are opportunities to modify existing BSA safe harbors to 
encourage institutions to share information without incurring 
liability, and to file SARs without running the risk that the bank will 
be exposed to litigation for simply complying with Federal law. The OCC 
would support legislation to expand the information sharing safe 
harbors in Section 314(b) of the USA PATRIOT Act beyond money 
laundering and terrorist financing, and to eliminate or modify the 
notice requirement to FinCEN, which may be limiting the ability of 
financial institutions to share information. The OCC would also 
strongly support legislation that clarifies that the safe harbor from 
liability for filing SARs is absolute and there is no good faith 
requirement.

VI. Conclusion
    The OCC is committed to rigorous BSA/AML and OFAC supervision, 
strong enforcement, and continuing improvement in our supervision in 
this important area. While there are many challenges in this area, we 
will continue to work with Congress, the other financial institutions 
regulatory agencies, law enforcement agencies, and the banking industry 
to develop and implement a coordinated and comprehensive response to 
the threat posed to the Nation's financial system by money launderers, 
terrorist financiers, and criminal organizations.

Appendix A
Notable OCC BSA/AML Enforcement Actions Against Banks
    Wachovia Bank, N.A., Charlotte, North Carolina (Wachovia)--In March 
2010, the OCC assessed a $50 million penalty and issued a C&D order 
against this bank for violations of the BSA as part of a coordinated 
action with the Department of Justice (DOJ), FinCEN, and other Federal 
agencies. Wachovia also entered into a deferred prosecution agreement 
with the U.S. Attorney's Office in the Southern District of Florida and 
the DOJ Asset Forfeiture and Money Laundering Section (AFMLS) and 
agreed to a $110 million forfeiture to the U.S. Government. 
Additionally, FinCEN assessed a $110 million civil money penalty that 
was deemed satisfied by the forfeiture. The OCC's enforcement action 
focused attention on the bulk cash repatriation money-laundering 
scheme. The OCC played a lead role in this case and linked remote cash 
letter instrument processing to the bulk cash scheme. Because of the 
Wachovia investigation and findings, the OCC took the lead in 
integrating bulk cash processing and the RDC implications into the 
Manual and commenced horizontal reviews of bulk cash activity and RDC 
at all national banks in the OCC's Large Bank supervision program, 
including HSBC's banknote activity. There were also significant 
corporate governance issues identified at Wachovia that prompted the 
OCC to include several corporate governance provisions in the C&D 
order.
    Shortly after the Wachovia case, the Government of Mexico 
implemented significant restrictions on U.S. dollar transactions at 
Mexican financial institutions and made significant changes to its AML 
laws and regulatory processes. In response, the drug cartels have 
adjusted their money-laundering schemes and techniques to adapt to this 
change, and the OCC continues to work with law enforcement to identify 
new areas of vulnerability.
    HSBC Bank USA, N.A., Mclean, VA (HSBC)--In October 2010, the OCC 
issued a C&D order against HSBC for compliance program and BSA 
violations. This was followed in December 2012 with a $500 million 
penalty against the bank--the largest penalty the OCC, or any other 
Federal banking agency, has ever assessed. In addition, the DOJ entered 
into a deferred prosecution agreement with the bank, which admitted to 
criminal violations of the BSA. The DOJ imposed a $1.256 billion 
forfeiture action against the bank and HSBC Holdings plc (London) (HSBC 
Group); and the Federal Reserve assessed a $160 million penalty against 
the bank's parent company, HSBC North American Holdings Inc. (HNAH), 
and HSBC Group. The assessed penalties and forfeiture amounts totaled 
$1.92 billion. FinCEN, the New York County District Attorney's Office, 
and OFAC also assessed penalties that were satisfied by the monetary 
sanctions levied by the OCC and DOJ. Additionally, the Financial 
Services Authority in the United Kingdom entered into an agreement with 
HSBC Group to enhance its BSA/AML compliance and will assist the DOJ 
and the Federal Reserve in monitoring HSBC Group's compliance with the 
deferred prosecution agreement and the Federal Reserve's order.
    In mid-2009, because of the bulk cash findings in the Wachovia 
investigation, the OCC launched horizontal examinations of banknote 
operations in other large national banks supervised by the OCC that 
included HSBC and its transactions with HSBC Mexico. After meeting with 
law enforcement and obtaining additional information on this activity, 
the OCC developed a detailed action plan to expand the scope of the 
ongoing examination of banknote customers. As a part of the 
examination, the OCC notified the bank in March 2010 that it had 
violated OCC regulations due to a significant backlog of unprocessed 
alerts. The bank's compliance program and its implementation were found 
to be ineffective and the OCC issued a C&D order against the bank in 
October 2010. \13\ Concurrent with the OCC's enforcement action, the 
Federal Reserve issued a C&D order upon consent with HNAH to ensure the 
adequacy of the parent company's firm-wide compliance risk management 
program. The OCC and the Federal Reserve coordinated closely in 
drafting the respective orders. The OCC's C&D order required the bank 
to submit a comprehensive BSA/AML action plan to achieve full 
compliance, ensure that the bank has sufficient processes, personnel, 
and control systems to implement and adhere to the order. The order 
also contains restrictions on growth, new products, and high-risk lines 
of business, and it requires OCC approval to reenter the bulk cash 
repatriation business.
---------------------------------------------------------------------------
     \13\ Some of the critical deficiencies in the Bank's BSA/AML 
compliance program cited in the OCC's order included the following: (i) 
lack of effective monitoring of wire activity; (ii) failure to perform 
any BSA/AML monitoring for banknote (or ``bulk cash'') transactions 
with Group Entities (affiliates) or maintain customer due diligence 
information on Group Entities; and (iii) serious weaknesses in Bank's 
systems and controls constituting violations of 12 CFR 21.21 (program), 
21.11 (SAR), and 31 CFR 103.176 (correspondent banking).
---------------------------------------------------------------------------
    Citibank, N.A., Sioux Falls, South Dakota (Citibank)--In April 
2012, the OCC entered into a C&D order with Citibank, N.A., to address 
BSA deficiencies involving internal controls, customer due diligence, 
audit, monitoring of its RDC and international cash letter instrument 
processing in connection with foreign correspondent banking, and 
suspicious activity reporting relating to that monitoring. These 
findings resulted in violations by the bank of statutory and regulatory 
requirements to maintain an adequate BSA compliance program, file SARs, 
and conduct appropriate due diligence on foreign correspondent 
accounts. Among its requirements, the order directs the bank to: (i) 
ensure the independence of the bank's compliance staff; (ii) require 
new products and services be subject to high level compliance review; 
(iii) ensure that all customer due diligence processes are automated 
and accessible; and (iv) conduct a look back review of the RDC cash 
letter activity.
    JPMC Bank, N.A., Columbus, Ohio (JPMC)--In January 2013, the OCC 
entered into a C&D order with JPMC Bank, N.A., and two of its 
affiliates, to address deficiencies involving internal controls, 
independent testing, customer due diligence, risk assessment, and SAR 
processes (monitoring, investigating and decision making). The bank 
also did not have enterprise-wide policies and procedures to ensure 
that foreign branch suspicious activity involving customers of other 
bank branches is effectively communicated to other affected branch 
locations and applicable anti-money laundering operations staff. 
Additionally, the bank did not have enterprise-wide policies and 
procedures to ensure that, on a risk basis, customer transactions at 
foreign branch locations can be assessed, aggregated, and monitored. 
OFAC deficiencies were also identified. These findings resulted in 
violations by the bank of statutory and regulatory requirements to 
maintain an adequate BSA compliance program, file SARs, and conduct 
appropriate due diligence on foreign correspondent accounts. Among its 
requirements, the consent order directs the bank to: (i) ensure the 
independence of the bank's compliance staff; (ii) ensure that there are 
clear lines of authority and responsibility for BSA/AML and OFAC 
compliance with respect to lines of business and corporate functions; 
(iii) require new products and services be subject to high level 
compliance review; (iii) ensure that all customer due diligence 
processes are automated and accessible; and (iv) conduct a look back 
review of certain account/transaction activity and SAR filings.

Appendix B
Notable OCC BSA/AML Enforcement Actions Against IAPs
    Jefferson National Bank, Watertown, New York (Jefferson)--During 
the examination of this bank, the OCC learned from the Federal Reserve 
Bank of New York that the bank was engaging in cash transactions that 
were not commensurate with its size. OCC examiners subsequently 
discovered that several bank customers were depositing large amounts of 
cash that did not appear to be supported by the purported underlying 
business, with the funds being wired offshore. The OCC filed reports 
with law enforcement pertaining to this cash activity and insider abuse 
and fraud at the bank. The OCC also briefed several domestic and 
Canadian law enforcement agencies alerting them to the significant sums 
of money flowing through these accounts at the bank. Additionally, the 
OCC brought a removal action against a director and issued a personal 
C&D order against the President. Based upon this information, law 
enforcement commenced an investigation of these large deposits. The 
investigation resulted in one of the most successful money-laundering 
prosecutions in U.S. Government history. The significant sums of money 
flowing through the bank were derived from cigarette and liquor 
smuggling through the Akwesasne Indian Reservation in northern New 
York. The ring smuggled $687 million worth of tobacco and alcohol into 
Canada between 1991 and 1997. The case resulted in 21 indictments that 
also sought the recovery of assets totaling $557 million. It also 
resulted in the December 1999 guilty plea by a subsidiary of R.J. 
Reynolds Tobacco Company and the payment of a $15 million criminal 
fine. Seven bank officers and directors were ultimately convicted of 
crimes.
    Broadway National Bank, New York, New York (Broadway)--The OCC 
received a tip from law enforcement that this bank may be involved in 
money laundering. The OCC immediately opened an examination that 
identified a number of accounts at the bank that were either being used 
to structure transactions, or were receiving large amounts of cash with 
wire transfers to countries known as money laundering and drug havens. 
Shortly thereafter, the OCC issued a C&D order that shut down the money 
laundering and required the bank to adopt stringent controls. The OCC 
also initiated prohibition and CMP cases against bank insiders. In 
referring the matter to law enforcement, we provided relevant 
information including the timing of deposits that enabled law 
enforcement to seize approximately $4 million and arrest a dozen 
individuals involved in this scheme, and the former Chairman of the 
Board of the bank pled guilty to structuring transactions through the 
bank using an import/export company that he owned. The subsequent OCC 
investigation resulted in the filing of additional SARs, the seizure of 
approximately $2.6 million in additional funds, more arrests by law 
enforcement, and a referral by the OCC to FinCEN. In November 2002, the 
bank pled guilty to a three-count felony information that charged it 
with failing to maintain an AML program, failing to report 
approximately $123 million in suspicious bulk cash and structured cash 
deposits, and aiding and assisting customers to structure approximately 
$76 million in transactions to avoid the CTR requirements. The bank was 
required to pay a $4 million criminal fine. In 2003, the OCC assessed 
civil money penalties against the former President and the former Chief 
Executive Officer.
    Riggs Bank, N.A., Washington, DC (Riggs)--In April 2002, the OCC 
conducted a review of Riggs' International Private Banking Department 
and discovered that the bank had established personal and private 
investment company accounts for deposed Chilean dictator Augusto 
Pinochet. The OCC review and subsequent investigation revealed that, 
among other things, the Pinochets and their private investment 
companies received approximately $1.9 million in funds. Shortly after 
these issues were discovered, the OCC brought the Pinochet accounts to 
the attention of the DOJ and the Department of the Treasury, conducted 
additional examination work and issued a C&D order against the Bank in 
July 2003. The OCC also discovered that the bank's vice president and 
relationship manager for these accounts had signature authority over 
two accounts within the relationship, failed to follow bank SAR 
processes concerning suspicious transactions on a timely basis, and did 
not properly monitor the accounts as high-risk accounts. The OCC 
reported these findings to law enforcement and the relationship manager 
and his wife were ultimately convicted of bank fraud and money 
laundering. As a result of the conviction, the OCC issued a notice to 
the relationship manager advising him that he was prohibited from 
banking under 12 U.S.C. 1829. The OCC also assessed a $25 million CMP 
against the bank, as did FinCEN (FinCEN's penalty was satisfied by a 
single $25 million payment to the Department of the Treasury). The bank 
also pled guilty to one felony count of failure to file suspicious 
activity reports and agreed to pay a $16 million criminal penalty.
    Pacific Bank, N.A., Miami, Florida (Pacific)--In March 2011, the 
OCC and FinCEN assessed $7 million civil money penalties against 
Pacific National Bank, Miami, Florida, for violations of the BSA as 
part of a coordinated action. The OCC conducted two examinations of the 
Bank in 2009 and 2010 and determined that the Bank: (i) continued to be 
in noncompliance with an OCC C&D Order that was issued in December 2005 
and which contained specific articles requiring enhancement to the 
bank's BSA compliance program, and (ii) continued to violate the 
requirements of the BSA and OCC regulations. The OCC shared its 
examination findings with FinCEN and issued a revised C&D Order against 
the Bank on December 15, 2010. In March 2011, the OCC issued civil 
money penalties against four Pacific National Bank board members and 
the bank's former CEO. The penalties were assessed for the failure of 
these responsible directors and officers to take the necessary actions 
to ensure the bank's compliance with the C&D order issued by the OCC in 
2005.
    Security Bank, N.A., North Lauderdale, Florida (Security)--In 
August 2010 the OCC initiated an investigation into the affairs of this 
bank after issuing a C&D order against the bank in May 2010. The Order 
related to safety and soundness concerns as well as BSA deficiencies, 
including a violation of the compliance program regulation and the SAR 
regulation. The investigation revealed that, among other things, former 
officers and directors of the bank failed to ensure that the bank 
complied with BSA/AML requirements and failed to comply with the C&D 
order issued by the OCC. In addition, the former Chief Executive 
Officer played a significant role in bringing high-risk business to the 
bank starting in 2007 even though he knew or should have known that the 
bank was ill equipped to monitor and control such accounts. In January 
2013, the OCC assessed civil money penalties and personal C&D orders 
against five former directors and officers of the bank, including the 
former CEO. The personal C&D orders addressed, among other things, the 
Bank's BSA deficiencies, and required each respondent to: (i) fully 
comply with all laws, regulations and policies applicable to any 
insured depository institution which employs him; (ii) exercise safe 
and sound banking practices; (iii) observe fiduciary duties of loyalty 
and care; (iv) adhere to written policies and procedures of any insured 
depository institution to which he may become affiliated; (v) obtain 
appropriate BSA/AML training; and (vi) provide appropriate BSA/AML 
training for bank officers and directors within his supervision and 
control.
                                 ______
                                 
                 PREPARED STATEMENT OF JEROME H. POWELL
        Member, Board of Governors of the Federal Reserve System
                             March 7, 2013

    Chairman Johnson, Ranking Member Crapo, and other Members of the 
Committee, thank you for inviting me to discuss the important role the 
Federal Reserve plays in the U.S. Government's effort to combat money 
laundering and terrorist financing. I will begin by describing our 
efforts to ensure banking industry compliance with the requirements of 
the Bank Secrecy Act (BSA) and the economic sanctions authorized by the 
President and Congress. I will also highlight some of the important 
actions we have taken to enforce the law and to promote safe and sound 
practices in this area.

Background
    Congress enacted the BSA in 1970 to help safeguard the U.S. 
financial system and our financial institutions from the abuses of 
financial crime, and has revised and strengthened the act many times 
since. The Federal Reserve has issued regulations to implement the BSA, 
including regulations that require the institutions we supervise to 
establish a BSA compliance program, and has integrated BSA examinations 
into our supervisory program. The Federal Reserve also works closely 
with Treasury's Financial Crimes Enforcement Network (FinCEN) to ensure 
that the institutions we supervise provide law enforcement with the 
reports prosecutors need to investigate suspicious activity.
    The particular steps a banking organization must take to develop a 
BSA compliance program have been documented extensively. The foundation 
for such a program begins with a well-developed and documented risk 
assessment that identifies and limits the risk exposures of the banking 
organization's products, services, customers, and geographic locations. 
Monitoring systems should be in place to identify and report suspicious 
activity, in particular any account or transaction activity that is not 
consistent with the bank's expectations. These systems should be 
accompanied by a strong training program to ensure that personnel, 
including those in offshore offices, are familiar with U.S. regulatory 
requirements and bank policies. The BSA compliance program should be 
reviewed by management, subjected to periodic independent tests that 
measure whether the program is functioning properly, and improved as 
needed. Finally, a qualified bank officer should be given sufficient 
authority to ensure that regulatory requirements and bank policies are 
being followed on a day-to-day basis.
    Banking organizations are also expected to maintain a program for 
ensuring compliance with U.S. economic sanctions administered by the 
Treasury's Office of Foreign Assets Control (OFAC). The OFAC program 
should identify higher-risk areas within a bank's operations, and 
implement appropriate internal controls for screening and reporting 
prohibited transactions. Banks are expected to perform independent 
testing for compliance, designate a bank employee or employees that are 
specifically responsible for OFAC compliance, and create training 
programs for appropriate personnel in all relevant areas of the bank. A 
bank's OFAC compliance program should be commensurate with its 
activities and its risk profile.

The Supervisory Process
    The Federal Reserve conducts a BSA and OFAC compliance program 
review as part of its regular safety-and-soundness examination program 
for the approximately 1,060 State-member banks; State chartered 
branches and agencies of foreign banking organizations; and Edge Act 
and agreement corporations we supervise. The frequency of the on-site 
examination is normally every 12 to 18 months, depending upon the 
banking organization's condition, asset size, and rating. On average, 
we conduct approximately 960 BSA and OFAC reviews each year.
    The Federal Reserve's BSA and OFAC reviews are risk-focused. In 
other words, supervisors have the flexibility to apply the appropriate 
level of scrutiny to higher-risk business lines. To ensure consistency 
in the design and execution of our BSA and OFAC examinations, we use 
procedures developed jointly with the member agencies of the Federal 
Financial Institutions Examination Council (FFIEC), \1\ FinCEN, and 
OFAC. The findings of our BSA and OFAC reviews are taken into account 
in determining the institution's examination ratings, either as part of 
the management component rating for domestic institutions, or as part 
of the risk management and compliance component ratings used to 
evaluate the U.S. operations of foreign bank branches and agencies we 
supervise.
---------------------------------------------------------------------------
     \1\ The FFIEC member agencies include the Federal Deposit 
Insurance Corporation (FDIC), National Credit Union Administration 
(NCUA), Office of the Comptroller of the Currency (OCC), and the 
Consumer Financial Protection Bureau (CFPB), as well as the Board of 
Governors of the Federal Reserve System.
---------------------------------------------------------------------------
    The Federal Reserve reinforces its supervisory program by 
conducting targeted examinations of financial institutions that show 
signs of being vulnerable to illicit financing. Banks are selected for 
such examinations based on, among other things, our analysis of the 
institution's payments activity, suspicious activity reports, currency 
transaction reports, and law enforcement leads.
    The Federal Reserve devotes substantial resources to BSA 
compliance. Each Federal Reserve Bank has a BSA specialist and 
coordinator on staff, and, since the late 1980s, the Board's Division 
of Banking Supervision and Regulation has included an anti-money 
laundering section, overseen by a senior official, to help coordinate 
these efforts.

Coordination Efforts
    Effective implementation and enforcement of the BSA and U.S. 
economic sanctions requires the participation of, and coordination 
among, several agencies and international groups. Let me be specific 
about the steps we are taking to coordinate.
    First, to ensure that the banking industry has clear understanding 
of regulatory expectations, the Federal Reserve has actively 
participated in supervisory forums, such as the FFIEC, which has an 
expansive BSA working group that promotes high standards for bank 
examinations and compliance. In addition, we participate in the Bank 
Secrecy Act Advisory Group, a public-private partnership established 
for the purpose of soliciting advice on the administration of the BSA. 
The Federal Reserve also joined the U.S. Treasury's Interagency Task 
Force on Strengthening and Clarifying the BSA/AML Framework (Task 
Force), which includes representatives from the Department of Justice, 
OFAC, FinCEN, the Federal banking agencies, the Securities and Exchange 
Commission, and the Commodity Futures Trading Commission. The primary 
focus of the Task Force is to review the BSA, its implementation, and 
its enforcement with respect to U.S. financial institutions that are 
subject to these requirements, and to develop recommendations for 
ensuring the continued effectiveness of the BSA and efficiency in 
agency efforts to monitor compliance.
    Second, to make the supervision of internationally active banking 
organizations more effective, we are engaged as a member of the U.S. 
delegation to the Financial Action Task Force, an international 
policymaking and standard-setting body dedicated to combating money 
laundering and terrorist financing globally. Further, as a member of 
the Basel Committee on Banking Supervision (BCBS), we have been 
involved in various efforts to prevent criminal use of the 
international banking system. For example, in 2009, as a complement to 
BCBS efforts to promote transparency in cross-border payments, the 
Federal Reserve issued guidance with other Federal banking agencies 
that clarifies U.S. regulatory expectations for U.S. banks engaged in 
correspondent banking activities.
    Finally, we are working cooperatively with other Federal banking 
agencies, State regulators, the Department of Justice, the Department 
of Treasury, and foreign regulators to ensure comprehensive enforcement 
of the law. We have participated in many of the largest, most complex 
enforcement cases in the BSA and U.S. sanctions area. Collectively, 
these cases have focused attention on potential misuse of the financial 
system for financial crimes, strengthened compliance programs at 
banking organizations (both in the U.S. and abroad), and generated 
billions of dollars in fines paid to the U.S. Treasury.
    Our coordination efforts begin at an early stage in the supervisory 
process. For example, the Federal Reserve brings every instance of an 
anti-money laundering deficiency or violation to the attention of 
FinCEN so that FinCEN may consider assessing a penalty for violations 
of the BSA. We also notify OFAC of any apparent, unreported sanctions 
violations discovered in the course of an examination, and direct the 
banking organization we supervise to provide information directly to 
OFAC as required by regulation. In addition, we share information and 
coordinate with the Department of Justice, State law enforcement, the 
Federal banking agencies, and State regulators, as appropriate, as part 
of our enforcement program.

The Enforcement Process
    It has been our experience that the majority of institutions 
supervised by the Federal Reserve have well-administered and effective 
BSA and OFAC compliance programs. Nevertheless, there have been 
instances where concerns have been raised by our examiners. 
Importantly, the Federal Reserve does not have authority from Congress 
to conduct criminal investigations or to prosecute criminal cases. The 
decision to prosecute a financial institution for money-laundering 
offenses and criminal violations of the BSA and U.S. sanctions laws is 
made by the Department of Justice.
    Most of these problems are resolved promptly after they are brought 
to the attention of a bank's management and directors. In some 
instances, problems are of more serious concern and use of the Federal 
Reserve's enforcement authority is deemed appropriate. In these cases, 
an informal supervisory action may be taken, such as requiring an 
institution's board of directors to adopt an appropriate resolution or 
executing a memorandum of understanding between an institution and a 
Reserve Bank.
    In the most serious cases, the Federal Reserve may take a formal 
enforcement action against an institution. These actions may include a 
written agreement, a cease and desist order, or a civil money penalty. 
Congress has also given the Federal Reserve the authority to terminate 
the operations of certain entities operating in the U.S. upon the 
conviction of a money-laundering offense by the Department of Justice, 
and to prohibit insiders who intentionally commit such offenses from 
participating in the banking industry. The type of enforcement action 
pursued by the Federal Reserve against an institution is directly 
related to the severity of the offense, the type of failure that led to 
the offense, and management's willingness and ability to implement 
corrective action.
    In the last 5 years, the Federal Reserve has issued 113 enforcement 
actions relating to BSA and OFAC compliance, including 25 public cease 
and desist orders and written agreements. Together with these recent 
actions, the Federal Reserve has assessed hundreds of millions of 
dollars in penalties. The institutions that have been subject to these 
actions are large and small, domestic and foreign. In each case, the 
Federal Reserve has required the institution to take corrective 
measures to ensure their programs are brought into compliance.

Enforcement of U.S. Economic Sanctions
    Many of the recent U.S. sanctions cases the Federal Reserve has 
pursued involve foreign banks with operations that extend across many 
different countries around the world. These cases have attracted 
significant attention and involve a particular type of activity worthy 
of special attention.
    The misconduct in these cases relates primarily to the manner in 
which these firms handle cross-border payments. Cross-border payments 
can be broadly defined as transactions between banking entities that 
are located in different countries, but there are many different 
permutations of cross-border payments. For example, cross-border 
payments can be carried out as a wire transfer where the originator and 
beneficiary are located in different countries; a wire transfer where 
the originator and beneficiary are in the same country, but where one 
or more correspondents in a second country are used; or as a chain of 
wire transfers that has at least one international element. Cross-
border payments typically occur when the originator and beneficiary, or 
their banks, are located in different countries or where the currency 
used for the payments is not the currency of the country where the 
transaction originates. For example, U.S. dollars may be used to make a 
payment between parties each located in a different foreign country.
    Structurally, there are usually two components to these cross-
border payments: (1) the instructions, which contain information about 
the originator and beneficiary of the funds, and (2) the actual funds 
transfer. The payment instructions for cross-border payments typically 
are sent to an intermediary bank using industry financial 
telecommunications systems, such as the Society for Worldwide Interbank 
Financial Telecommunication (SWIFT). The actual funds transfer occurs 
separately, typically through the domestic funds transfer system of the 
originator, via a book transfer of an intermediary with a presence on 
both sides of the border, and through the domestic funds transfer 
system of the beneficiary.
    Foreign banks often operate in jurisdictions that do not impose the 
same economic sanctions on foreign customers as the United States. 
Transactions involving these sanctioned customers are nonetheless 
subject to U.S. law if the transaction is routed through the U.S., as 
is typical for transactions conducted in U.S. dollars. Foreign banks 
that operate in countries without sanctions similar to those imposed by 
the United States have not always had in place the mechanisms to ensure 
transactions routed through the U.S. comply with U.S. law. Many of the 
Federal Reserve's enforcement activities are directed at remedying 
these situations.
    One of the Federal Reserve's most important sanctions enforcement 
cases involved ABN AMRO. In response to corrective measures the Federal 
Reserve imposed on the firm's New York branch in 2004, \2\ which 
required the bank to review certain historical transactions, ABN AMRO 
discovered numerous payment messages that were sent through its U.S. 
branch or a U.S. correspondent in a manner designed to circumvent the 
filters used by the U.S. institution to detect transactions involving 
sanctioned parties. In particular, the information that identified a 
U.S. sanctioned party was omitted from the SWIFT payment sent through 
the U.S., while a complementary payment instruction with sanctioned 
party information was deliberately routed outside the United States. 
The Federal Reserve responded by escalating our enforcement action to a 
cease and desist order and imposing a substantial penalty on ABN AMRO. 
\3\ The Federal Reserve's order required ABN AMRO to implement a global 
compliance program and take specific steps to prevent circumvention of 
the required U.S. sanctions filters. We coordinated this action with 
other U.S. and foreign regulators, including the home country 
supervisor for ABN AMRO.
---------------------------------------------------------------------------
     \2\ Board of Governors of the Federal Reserve System (2004), 
``Written Agreement With ABN AMRO Bank'', press release, July 26, 
www.federalreserve.gov/boarddocs/press/enforcement/2004/20040726/
default.htm.
     \3\ Board of Governors of the Federal Reserve System (2005), 
``Agencies Release Bank Supervisory and Penalty Actions Against ABN 
AMRO Bank, N.V.'', press release, December 19, www.federalreserve.gov/
boarddocs/press/enforcement/2005/20051219/default.htm.
---------------------------------------------------------------------------
    The Federal Reserve's enforcement action against ABN AMRO triggered 
important changes in cross-border payment practices. The Federal 
Reserve played a key role in this debate and in developing the 
standards that have since been adopted to improve transparency in 
cross-border payment messages--including the standards adopted by the 
Basel Committee on Banking Supervision and SWIFT. These standards 
require the expanded disclosure of the originator and beneficiary on 
payment instructions sent as part of cover payments.
    In the years since the ABN AMRO case, the Federal Reserve and other 
U.S. authorities have taken action against international banks that had 
been engaged in similar evasive misconduct. Most recently, the Federal 
Reserve has imposed cease and desist orders on Credit Suisse, Barclays, 
Standard Chartered, and HSBC. \4\ In each case, the bank's home country 
supervisor has agreed to help monitor compliance with the Federal 
Reserve's order. These enforcement cases reflect our continued view 
that international banks have an obligation to ensure that they do not 
interfere with the ability of U.S. financial institutions to comply 
with the sanctions laws.
---------------------------------------------------------------------------
     \4\ Board of Governors of the Federal Reserve System (2009), 
``Consent Order To Cease and Desist Against Credit Suisse'', press 
release, December 16, www.federalreserve.gov/newsevents/press/
enforcement/20091216a.htm; Board of Governors of the Federal Reserve 
System (2010), ``Cease and Desist Order Against Barclays Bank and 
Barclays Bank New York Branch'', press release, August 18, 
www.federalreserve.gov/newsevents/press/enforcement/20100818b.htm; 
Board of Governors of the Federal Reserve System (2012), ``Federal 
Reserve Board Issues Consent Cease and Desist Order, and Assesses Civil 
Money Penalty Against Standard Chartered'', press release, December 10, 
www.federalreserve.gov/newsevents/press/enforcement/20121210a.htm; and 
Board of Governors of the Federal Reserve System (2012), ``Federal 
Reserve Board Issues Consent Cease and Desist Order, and Assesses Civil 
Money Penalty Against HSBC Holdings PLC and HSBC North America 
Holdings, Inc.'', press release, December 11, www.federalreserve.gov/
newsevents/press/enforcement/20121211b.htm.
---------------------------------------------------------------------------
Enforcement of the Bank Secrecy Act
    The Federal Reserve has also taken a number of recent enforcement 
actions to require depository institutions to improve their BSA 
programs and comply with other anti-money laundering obligations, 
including the reporting requirements that exist under the BSA. While 
bank holding companies are not statutorily mandated to have the same 
program requirements as depository institutions, we have also taken 
action against bank holding companies to require them to improve their 
oversight of the subsidiary bank's BSA programs and compliance. For 
example, in 2010, we issued a cease and desist order against HSBC 
requiring the U.S. holding company to improve its oversight of the 
compliance program at HSBC's national bank subsidiary. \5\ HSBC's 
failure to address our concerns in a timely manner was part of the 
reason for imposing a substantial penalty on HSBC and its U.S. holding 
company last year. \6\
---------------------------------------------------------------------------
     \5\ Board of Governors of the Federal Reserve System (2010), 
``Cease and Desist Order Against HSBC North America Holdings'', press 
release, October 7, www.federalreserve.gov/newsevents/press/
enforcement/20101007a.htm.
     \6\ Board of Governors of the Federal Reserve System (2012), 
``Federal Reserve Board Issues Consent Cease and Desist Order, and 
Assesses Civil Money Penalty Against HSBC Holdings PLC and HSBC North 
America Holdings, Inc.'', press release, December 11, 
www.federalreserve.gov/newsevents/press/enforcement/20121211b.htm.
---------------------------------------------------------------------------
    The Federal Reserve takes seriously its responsibility to pursue 
formal, public action in cases of BSA noncompliance. For example, in 
January, the Federal Reserve issued a cease and desist order requiring 
JPMorgan Chase to take corrective action to enhance its program for 
compliance with the BSA and other anti-money laundering requirements at 
the firm's various subsidiaries. \7\ In June 2012, we issued a public 
enforcement action against Commerzbank AG and its U.S. branch for its 
failure to comply with certain BSA reporting obligations. \8\
---------------------------------------------------------------------------
     \7\ Board of Governors of the Federal Reserve System (2013), 
``Federal Reserve Board Issues Two Consent Cease and Desist Orders 
Against JPMorgan Chase & Co.'', press release, January 14, 
www.federalreserve.gov/newsevents/press/enforcement/20130114a.htm.
     \8\ Board of Governors of the Federal Reserve System (2012), 
``Federal Reserve Board Issues Enforcement Actions With Calvert 
Financial Corporation and Mainstreet Bank, Commerzbank AG, First 
Security Bank of Malta, Grant Park Bancshares, Inc., and Robertson 
Holding Company, L.P.'', press release, June 14, 
www.federalreserve.gov/newsevents/press/enforcement/20120614a.htm.
---------------------------------------------------------------------------
Conclusion
    The Federal Reserve places great importance on ensuring that the 
institutions we supervise comply with the BSA and U.S. economic 
sanctions. When we find problems at a supervised institution, we demand 
specific corrective measures, by specific dates, and we take strong 
enforcement actions when necessary. We will continue these efforts and 
work cooperatively with law enforcement and other financial regulators 
to ensure a coordinated response to the threat posed by illicit 
financing to the U.S. financial system.
    Thank you very much for your attention. I would be pleased to 
answer any questions you may have.

               RESPONSES TO WRITTEN QUESTIONS OF
              CHAIRMAN JOHNSON FROM DAVID S. COHEN

Q.1. The major AML-BSA cases discussed at the hearing all 
illustrate various forms of breakdown in the bank compliance 
systems on which the BSA/AML and economic sanctions rules 
depend. Would you favor a requirement that the CEOs of large 
banks certify the effectiveness of their BSA/AML/sanctions 
compliance systems annually? If not, why not?

A.1. Recent enforcement actions taken against some of the 
largest and most sophisticated financial institutions in the 
world demonstrate the need for us to take additional steps to 
ensure that financial institutions are able to effectively 
implement anti-money laundering and countering the financing of 
terrorism requirements. Understanding the circumstances of the 
failures and preventing their recurrence is a top priority for 
me and for Treasury. As such, I recently convened an 
interagency group, the AML Task Force, which is comprised of 
senior representatives from all the Federal regulatory agencies 
with responsibility for combating money laundering, as well as 
the Department of Justice. The Task Force is conducting a 
comprehensive review of our anti-money laundering (AML)/
countering the financing of terrorism (CFT) framework to assess 
its effectiveness with the goal of finding solutions to address 
any gaps, redundancies, or inefficiencies, and to ensure that 
effective AML/CFT is made a priority within financial 
institutions. The Task Force is committed to reviewing all 
practical options to improve the effectiveness of our regime, 
including a potential annual BSA/AML attestation requirement 
for the CEOs of financial institutions, which would be in 
addition to the existing Title 12 requirements for boards of 
directors to approve AML programs under banking agency rules.

Q.2. I understand that you are not prosecutors, but you are 
responsible for oversight of the Nation's largest financial 
institutions. Are there reasons that it is especially difficult 
to adequately discipline individuals with civil fines, industry 
removals, use of injunctions, limits on certain categories of 
bank activities, or other sanctions, in connection with 
seemingly significant BSA/AML violations?

A.2. Treasury is committed to protecting our financial system 
from money laundering, promoting effective compliance with the 
law, and minimizing unnecessary burdens on industry. For every 
case, we scrupulously review the facts and circumstances of the 
violation and determine the appropriate response. I personally 
am fully committed to enhancing our enforcement posture to the 
full extent of our authorities, including more aggressive 
injunctive action with respect to individuals that may involve 
barring them from the industry for BSA/AML violations. Although 
recent sanctions enforcement cases involving financial 
institutions have typically concluded with civil penalties at 
the corporate level, individuals can and do face liability 
under the International Emergency Economic Powers Act when they 
are personally responsible for sanctions violations.

Q.3. How does the seriousness with which foreign Governments 
take compliance in this area affect U.S. regulatory efforts and 
bank compliance? Why didn't foreign regulators, especially in 
the EU, pick up on the correspondent banking and cross-border 
problems, and the wire stripping activity, sooner? Are there 
other particular areas of concern that you think must be 
addressed in your current discussions with foreign regulators?

A.3. Treasury, along with others in the Federal Government, 
works closely with international counterparts through a 
combination of direct bilateral engagements and international 
organizations, such as the Financial Action Task Force, to 
strengthen the global AML/CFT framework and promote 
implementation and enforcement of effective AML/CFT measures in 
all jurisdictions around the world. In every engagement, we 
stress with our partners the importance of regulatory 
enforcement to our shared security. While it is true that 
Europe's diffuse legal and regulatory systems present a 
challenge for us and our European partners in building a 
unified system for combating global threats, we have made 
important progress in highlighting specific weaknesses. In one 
example of our specific engagement, we contribute to the Basel 
Committee on Banking Supervision's AML/CFT Experts Group that 
discusses supervisory issues with respect to AML/CFT, and 
communicates publicly about the role of supervisors with 
respect to these issues. We remain concerned that international 
regulators and legal systems have difficulty addressing 
challenges posed by cross border cash movements, clearing 
transactions and nonbank financial institutions such as 
exchange houses and hawaladars.

Q.4. In the last decade, major new innovative technologies and 
products have come onto the market, including prepaid access 
cards, mobile phone banking, smart ATM machines and kiosks, 
mobile wallets, Internet cloud-based payment processes, and 
others--and they are evolving rapidly. While they provide huge 
benefits to consumers, they can also pose major AML risks, 
including by making it easier to move large amounts of money on 
stored value cards. What are you doing to mitigate those risks 
now, and what should banks be doing to mitigate those risks on 
their own, even as they develop these products?

A.4.We have been closely following the rapidly evolving 
technological landscape over the past several years to ensure 
that our AML/CFT regulatory system keeps pace with new risks 
brought about by new technologies. For example, when we 
developed rules for prepaid access products, the objective was 
to allow the regulation to evolve in concert with, and 
anticipate, technological advancements so that we do not have 
to return to Congress to request additional authorities every 
time a new technology-driven product enters the prepaid access 
marketplace. We also work collectively with our regulatory 
counterparts on the Federal Financial Institutions Examination 
Council (FFIEC) to ensure evolving technologies are constantly 
reviewed and addressed as needed through updates to the FFIEC 
Bank Secrecy Act (BSA) exam manual, which is used by bank 
examiners and made available as a reference guide to industry. 
Moreover, we provide guidance to banks to ensure that they are 
appropriately informed of these developments in order to be 
vigilant in their compliance obligations. The most recent 
example of this is March 2013 guidance issued by the Financial 
Crimes Enforcement Network (FinCEN) on the application of 
regulations on Virtual Currencies. My office is also helping to 
lead work in the Financial Action Task Force on developing and 
implementing an international standard that requires both 
countries and financial institutions to identify and address 
money laundering and terrorist financing risks associated with 
new payment methods before the products are launched.

Q.5. A few months ago, you announced that the Government would 
be carrying out a multi-agency review of AML policies, 
procedures and enforcement, and you described it in detail in 
your testimony. Can you outline for the Committee who is 
leading this review, your objectives, and the expected work 
product? What is the timetable for this work? What's been 
accomplished so far? How do you think another review, which to 
some might sound much like prior similar Government-industry 
reviews, will assist you in tightening enforcement and 
improving industry compliance?

A.5. Treasury convened the AML Task Force last fall to take an 
in-depth look at the entire anti-money laundering (AML)/
counterterrorist financing (CFT) framework. Along with 
Treasury, the AML Task Force is comprised of senior 
representatives from each of the regulators with responsibility 
for combating money laundering--that is, FinCEN, the Board of 
Governors of the Federal Reserve System, the Office of the 
Comptroller of the Currency, the Federal Deposit Insurance 
Corporation, the National Credit Union Administration, the 
Commodity Futures Trading Commission, the Securities and 
Exchange Commission, and the Internal Revenue Service, along 
with the Justice Department's Criminal Division. Collectively, 
we are taking stock of those components of the framework that 
are working well and those that require improvement. The goal 
is to find solutions to address any gaps, redundancies, or 
inefficiencies, and to ensure that effective AML/CFT compliance 
is made a priority within financial institutions. The AML Task 
Force is an ongoing priority for my office, and we would be 
happy to brief your staff as appropriate as our work 
progresses.

Q.6. Over the last several years there has been increasing 
cooperation in enforcing and tightening sanctions against Iran 
within the financial community here and in Europe. However, as 
we have seen, some banks have resisted that effort. What are 
you doing to ensure that we continue to have the support of the 
European financial sector in enforcing financial sanctions 
against Iran and that the sorts of sanctions evasion these 
cases involve doesn't recur?

A.6. Treasury has been highly successful in enlisting the 
support of the financial sector worldwide, including in Europe, 
to promote compliance with and enforce our sanctions against 
Iran. We regularly work with banks to strengthen controls and 
investigate persons who are attempting to evade our sanctions. 
We also publish special alerts and advisories for the financial 
community, reach out to industries both domestically and abroad 
that could be impacted by Iran's manipulation and subterfuges, 
and elicit cooperation in our investigations. The degree of 
international collaboration on these issues, both with our 
overseas partners and the private sector, has been very strong. 
These efforts are vital to our ability to enforce our 
sanctions, and they play a central role in realizing our total 
commitment to identifying and taking effective action against 
sanctions evasion.

Q.7. And, what are you doing to ensure that banks in other 
areas of the world--including in Asia--do not become safe 
havens for illicit Iranian transactions? And that clearing and 
settlement processes are fully covered by our multilateral 
sanctions regime on Iran?

A.7. Treasury regularly engages with authorities and banks 
worldwide to inform them of the exposure to U.S. sanctions they 
face if they conduct certain transactions with Iran. And when 
necessary, we have taken action against them. For instance, in 
July 2012, we sanctioned two banks, including the Bank of 
Kunlun in China, for facilitating significant transactions for 
Iranian banks designated in connection with Iran's support for 
international terrorism and proliferation of weapons of mass 
destruction. As a result, the great majority of the world's 
banks, in Asia and elsewhere, refrain from business activities 
with Iran. Under the U.S. sanctions regime, foreign financial 
institutions that engage in certain clearing and settlement 
activities for U.S.-designated Iranian persons could be cut off 
from the U.S. financial system. We have undertaken extensive 
engagement to see that other jurisdictions also extend their 
financial restrictions on Iran to clearing and settlement 
activities.

Q.8. The BSA regulations about wire transfers (at 31 CFR 
1010(f)(2)) allow a U.S. bank to accept and process a wire 
transfer from overseas even if the ``transmitter'' field is 
blank. That may have been understandable 15 years ago when the 
regulations were written. But why has the rule not been 
changed, in light of the sanctions abuses illustrated by these 
cases and the possibility of other attempts to avoid our 
sanctions rules in the future? The changes in the SWIFT 
regulations to require completion of all fields, which you 
mentioned in your testimony, do not appear to have the force of 
law. In a world in which banking institutions operate globally, 
effective money laundering control is extremely difficult 
without uniform and uniformly enforced cross-border standards 
within banks and under applicable law.

A.8. Treasury's aggressive pursuit of some of the world's 
largest financial institutions for the systematic removal of 
references or names of U.S.-sanctioned entities, banks, or 
other parties in violation of U.S. sanctions has led to changes 
in SWIFT messaging formats and advancements in financial 
institutions' filters to ensure compliance with the sanctions 
programs administered by the Office of Foreign Assets Control 
(OFAC). U.S. banks, particularly the clearinghouse banks that 
handle the majority of dollar clearing, do not want to risk 
processing international wires without originator information 
due to concerns about violating U.S. sanctions laws. For 
purposes of the Bank Secrecy Act (BSA), 31 CFR 1010.410(f)(2) 
requires a receiving financial institution that acts as an 
intermediary financial institution to include the name and 
account number of the transmitter (as well as other 
information) in a corresponding transmittal order if that 
information is received from the sender. As such, it may not be 
a technical violation of the BSA to process international wires 
with missing originator information in many circumstances. 
Nevertheless, an institution should take the lack of 
transparency, and potential motivation for not including the 
information, into account as part of its risk-based approach to 
compliance. We are currently exploring whether and how 
evolution of communications in payment systems may support more 
stringent information and record keeping requirements in this 
context to best prevent U.S. financial institutions from 
serving as conduits for laundered funds transfers, assist law 
enforcement, and conform with international standards.

Q.9. Various international activities of these major banks, 
especially foreign correspondent banking and other means for 
cross-border funds transfer, have been recognized by Congress 
as special risk areas since at least 2001. What further steps 
should be taken to prevent the movement of illicit funds into 
and out of the U.S. through banks' non-U.S. branches in 
violation of U.S. law? What are your agencies doing 
specifically to address the myriad problems that have arisen in 
these areas, including by strengthening cooperation with 
foreign regulators who may be in a position to flag problem 
banks earlier for U.S. regulators?

A.9. To address the illicit finance risks associated with 
correspondent banking and transactions with non-U.S. financial 
institutions, the Bank Secrecy Act appropriately requires 
specific AML safeguards for financial institutions that engage 
in these activities. Moreover, FinCEN in September 2010 issued 
a Notice of Proposed Rulemaking proposing that certain U.S. 
banks and money transmitters would be required to report cross 
border electronic fund transfers to FinCEN. Implementation of 
the proposed rule would facilitate the reporting of cross-
border electronic funds transfer information, which could 
greatly assist law enforcement. In addition, we are working to 
strengthen international information sharing arrangements, 
including directly with foreign regulators and through ongoing 
discussions at the Financial Action Task Force. With respect to 
specific cross-border risk associated with drug trafficking and 
money movements across the Mexican border, we have partnered 
with the Government of Mexico to form the Bilateral Illicit 
Finance Working Group, which has created a mechanism for 
information exchange, joint training, and cooperation against 
money laundering organizations.
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
                      FROM DAVID S. COHEN

Q.1. Coordination: At what point in time is the Director of the 
Financial Crimes Enforcement Network (FinCEN), as the 
Administrator of the Bank Secrecy Act, informed of BSA 
violations and what does FinCEN do with that information?

A.1. FinCEN has Memoranda of Understanding (MOUs) with the 
Federal banking agencies, the Securities and Exchange 
Commission, the Commodity Futures Trading Commission, the 
Internal Revenue Service, as well as 63 State regulatory 
agencies (as of April 5, 2013), that provide for exchange of 
information regarding BSA compliance. These MOUs require 
regulatory agencies to notify FinCEN in writing as soon as 
practicable, but no later than 30 days after the agency cites a 
financial institution, for a significant BSA violation or 
deficiency. FinCEN reviews the provided information regarding 
significant BSA violations or deficiencies by assessing 
noncompliance, and considers use of enforcement authorities as 
appropriate. As warranted, FinCEN will conduct further 
investigation of potential violations as part of its 
enforcement review.

Q.2. In large bank examinations, is any office there collecting 
and collating program and other deficiency information?

A.2. Yes, as part of the MOUs, FinCEN receives aggregate 
quarterly data on BSA examinations, violations, and enforcement 
actions by regulatory agencies. This information is not 
restricted to large banks, but is in aggregate form and does 
not identify specific institutions. FinCEN shares consolidated 
quarterly data with the Federal banking agencies.

Q.3. Is that office also in position to connect all the dots to 
determine that an institution is actually in the midst of an 
enterprise-wide failure, as opposed to just a series of 
seemingly disconnected matters requiring attention?

A.3. While Federal financial regulatory agencies are in a 
better position to determine that an institution is in the 
midst of an enterprise-wide failure, FinCEN works very closely 
with these agencies to ensure BSA compliance. FinCEN 
administers the BSA data and receives information on BSA 
violations or deficiencies from Federal banking agencies.

Q.4. What can your offices contribute, possibly through FinCEN 
as the Administrator of the Bank Secrecy Act, and compiler of 
anti-money laundering trend data, to assist each of the Federal 
banking regulators with the exam process, to promptly recognize 
the high risk nature of a bank's enterprise-wide business 
activities?

A.4. On a quarterly basis FinCEN compiles and shares with the 
Federal banking regulators a consolidated trend report of the 
aggregate compliance data that FinCEN receives from each 
agency. In addition, FinCEN provides regulatory agencies with 
information concerning potential BSA violations, either as 
identified by proactive FinCEN internal analysis (such as 
identifying deficiencies in an institution's reporting to 
FinCEN) or where such potential violations are brought to 
FinCEN's attention by law enforcement agencies. Moreover, 
FinCEN also issues, in partnership with law enforcement, 
numerous advisories to financial institutions on current 
threats and red flag indicators to the financial system.

Q.5. Bulk Cash Smuggling: As a result of recent enforcement 
actions, and maybe for other reasons, several banks have exited 
the lucrative bulk cash business.
    What types of firms are stepping into the market to handle 
this business, now and do they have better compliance systems 
and records than the banks?

A.5. While some banks have exited the bulk cash business 
following recent enforcement actions, repatriation of U.S. 
dollars from abroad continues to occur through U.S. banks and 
nonbank financial institutions. Effective guidance to, and 
supervision of, these financial institutions is essential to 
ensuring that they comply with their obligations under the Bank 
Secrecy Act when receiving cash. Treasury has also been working 
with law enforcement, regulatory, and international partners to 
facilitate greater implementation of relevant controls to guard 
against the risks associated with the bulk cash business.

Q.6. Are you seeing bulk cash connections to Hezbollah and drug 
trafficking in any particular Nations or regions?

A.6. Treasury has exposed linkages between Hizballah and those 
connected with drug trafficking and has taken strong action to 
target this activity using all available authorities. Treasury 
designated a key Colombia-based Hizballah facilitator (Ali 
Mohamad Saleh) under our counterterrorism authority (Executive 
Order 13224) in June 2012 for acting for or on behalf of and 
providing financial, material, or technological support to 
Hizballah, including raising funds in Maicao, Colombia. Saleh 
was previously designated under the Foreign Narcotics Kingpin 
Designation Act (Kingpin Act) on December 29, 2011, for his 
role as a Maicao, Colombia-based money launderer for the 
Cheaitelly/El Khansa criminal organization. This organization 
is linked to the Ayman Joumaa network, which Treasury also 
designated under the Kingpin Act in January of 2011. Ayman 
Joumaa has coordinated the transportation, distribution, and 
sale of multiton shipments of cocaine from South America and 
has laundered the proceeds from the sale of cocaine in Europe 
and the Middle East, according to investigations led by the 
Drug Enforcement Administration. Operating in Lebanon, West 
Africa, Panama, and Colombia, Joumaa and his organization 
launder proceeds from their illicit activities--as much as $200 
million per month--through various channels, including bulk 
cash smuggling operations and Lebanese exchange houses. 
Treasury has also taken action under Section 311 of the USA 
PATRIOT Act identifying Lebanese Canadian Bank (2011), and 
Rmeiti Exchange and Halawi Exchange (April 2013) as foreign 
financial institutions of primary money laundering concern for 
their role in facilitating the money laundering operations of 
the Joumaa network from which Hizballah derived financial 
benefit. Regulatory action can be taken under Section 311 to 
protect the U.S. financial system from the risks posed by 
global narcotics money laundering networks and terrorist 
financiers. Treasury will continue to take action when we have 
information of this type of activity.

Q.7. International Coordination: The dangers of illicit global 
money must receive adequate and effective attention at the G20, 
IMF, World Bank, and foreign national levels.
    Do each of you, together with the Comptroller, at your 
particular levels of office, ever meet together to discuss and 
review BSA programs and policies, both domestically and abroad?

A.7. In addition to the close coordination taking place within 
the recently established AML Task Force discussed in my written 
and oral statements, FinCEN, along with its Federal financial 
regulatory counterparts, meet regularly through the Federal 
Financial Institutions Examination Council to discuss current 
and future BSA policies, prescribe principles for promoting 
uniformity in the BSA oversight of financial institutions, and 
ensure that our examination procedures are carefully adapting 
to the changes in marketplace threats and vulnerabilities both 
domestically and internationally.

Q.8. How effective is the international compliance structure 
and how exposed are our financial system and individual 
institutions to cross border enforcement challenges?

A.8. The U.S. financial system and individual institutions are 
exposed to cross-border enforcement challenges because of the 
preeminence of the U.S. financial system and because of the 
dominant role of the U.S. dollar in cross-border trade and 
investment. To address this exposure, Treasury and our 
interagency partners have developed a global AML/CFT framework 
through the Financial Action Task Force (FATF). The FATF (i) 
maintains a universally accepted list of AML and CFT criteria, 
or Recommendations, for the public and private sectors, (ii) 
coordinates a global peer review process to assess compliance 
with those Recommendations, and (iii) achieves success in 
encouraging remedial action by drawing public attention to 
country-specific AML/CFT deficiencies. Treasury is working 
within this framework to address cross-border enforcement 
challenges, while also pursuing unilateral action under 
domestic authorities when appropriate.

Q.9. It appears that BSA regulations permit wire transfers to 
enter the U.S. with an incomplete originator field. Since that 
situation can potentially harm a U.S. bank--what should be done 
to address this issue?

A.9. Treasury's aggressive pursuit of some of the world's 
largest financial institutions for the systematic removal of 
references or names of U.S.-sanctioned entities, banks, or 
other parties in violation of U.S. sanctions has led to changes 
in SWIFT messaging formats and advancements in financial 
institutions' filters to ensure compliance with the sanctions 
programs administered by the Treasury's Office of Foreign 
Assets Control (OFAC). U.S. banks, particularly the 
clearinghouse banks that handle the majority of dollar 
clearing, do not want to risk processing international wires 
without originator information due to concerns about violating 
U.S. sanctions laws. For purposes of the Bank Secrecy Act 
(BSA), 31 CFR 1010.410(f)(2) requires a receiving financial 
institution that acts as an intermediary financial institution 
to include the name and account number of the transmitter (as 
well as other information) in a corresponding transmittal order 
if that information is received from the sender. As such, it 
may not be a technical violation of the BSA to process 
international wires with missing originator information in many 
circumstances. Nevertheless, an institution should take the 
lack of transparency, and potential motivation for not 
including the information, into account as part of its risk-
based approach to compliance. We are currently exploring 
whether and how evolution of communications in payment systems 
may support more stringent information and record keeping 
requirements in this context to best prevent U.S. financial 
institutions from serving as conduits for laundered funds 
transfers, assist law enforcement, and conform with 
international standards.
                                ------                                


         RESPONSES TO WRITTEN QUESTIONS OF SENATOR REED
                      FROM DAVID S. COHEN

Q.1. Studies have demonstrated an increase in money laundering 
and terrorist financing being done through securities 
transactions. What are the steps you have recently taken to 
support efforts at preventing money laundering and terrorist 
financing through the conduit of securities transactions? How 
are you working with regulators domestically and abroad to 
ensure that financial market intermediaries are appropriately 
applying existing rules and being made aware of new trends in 
the industry that are indicative of money laundering via 
securities transactions? Are there specific recommendations of 
the Financial Action Task Force that you are hoping to 
implement domestically in this area? Please explain.

A.1. My office organized a working group with interagency 
colleagues, including staff at the Securities and Exchange 
Commission and the Commodity Futures Trading Commission, to 
focus specifically on understanding and mitigating the money 
laundering and terrorist financing risks in the securities and 
futures markets. The work of the group includes a systemic 
analysis by FinCEN staff of suspicious activity reports related 
to these industries to determine trends and typologies that can 
be useful in identifying and addressing risks. FinCEN is also 
working on a proposal to impose AML program and suspicious 
activity reporting requirements on investment advisors, which 
will further protect our securities markets from abuse and 
address a regulatory deficiency that was identified by the 
Financial Action Task Force.
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
                      FROM DAVID S. COHEN

Q.1. The United States Government takes money laundering very 
seriously. A bank that launders drug money or terrorists' money 
can be shut down, \1\ and individuals in the bank can be banned 
from banking. \2\ In December, HSBC admitted to laundering at 
least $881 million for Colombian and Mexican drug cartels, and 
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and 
Burma. \3\ These were not one-time actions. The bank was warned 
over and over and told to fix the problem, and it didn't. It 
just kept making money by laundering money for drug dealers. 
\4\
---------------------------------------------------------------------------
     \1\ See, e.g., Annunzio-Wylie Anti-Money Laundering Act of 1992, 
1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
     \2\ 12 U.S.C. 1818(e) and (g).
     \3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at: 
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
     \4\ Senate Permanent Subcommittee on Investigations, ``U.S. 
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing: 
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
    In the hearing, you noted that the threshold determination 
for revoking a bank's charter is dependent on prosecution and 
conviction, and you testified that the Justice Department makes 
determinations about when it is appropriate to prosecute. 
However, there are other tools available to hold accountable 
banks and bankers who engage in illegal activity, such as 
banning individuals from the banking industry. Could you please 
describe:
    Whether your agency has any regulation, guidance, policies, 
formal or informal, that guide when individuals should be 
banned from banking under 12 U.S.C. 1818(e) and (g). If so, 
please provide those documents.

A.1. The procedures established in 12 U.S.C. 1818(e) and (g) 
for removing an ``institution-affiliated party'' from office at 
a depository institution, or prohibiting such person from 
further participation in the conduct of such institution's 
affairs, are powers that may be exercised by the Office of the 
Comptroller of the Currency (OCC), the Board of Governors of 
the Federal Reserve System, or the Federal Deposit Insurance 
Corporation, depending on the type of depository institution 
involved. The Treasury Department has no authority to exercise 
removal or prohibition powers under these provisions. The 
Financial Crimes Enforcement Network (FinCEN), however, has 
authority under 31 U.S.C. 5320 to bring an action in district 
court against a person it believes has violated, is violating, 
or will violate the Bank Secrecy Act (BSA) or its regulations, 
to enjoin the violation or to enforce compliance with the 
requirement. (The OCC is a bureau of Treasury, but it operates 
independently of Treasury in its role as a financial 
regulator.)

Q.2. Under what circumstances your agency has used 12 U.S.C. 
1818(e) and (g) in the past, including any actions taken 
against bankers in the largest financial institutions.

A.2. As described in response to [Question 1] above, Treasury 
has no authority to utilize these provisions.

Q.3. The process your agency does or would follow to use its 
authority under 12 U.S.C. 1818(e) and (g).

A.3. As described in response to [Question 1] above, Treasury 
has no authority to utilize these provisions.

Q.4. Attorney General Holder testified before the Judiciary 
Committee that he is ``concerned that the size of some of these 
institutions becomes so large that it does become difficult for 
us to prosecute them when, . . . if you do bring a criminal 
charge, it will have a negative impact on the national economy, 
perhaps even the world economy.''
    Can you explain how your efforts to ensure compliance with 
money laundering laws are affected when so many people--even 
the Attorney General of the United States--think it is 
``difficult to prosecute'' the biggest banks?

A.4. The Treasury Department supports vigorous enforcement of 
the law and believes that no individual or institution is above 
the law regardless of size or any other characteristic. 
Attorney General Holder has testified recently that the Justice 
Department shares this view. Although Treasury does not have 
statutory authority to impose criminal penalties--that 
authority rests exclusively with the Department of Justice--
Treasury does have authority to investigate potential 
violations of U.S. economic sanctions, as well as certain anti-
money laundering laws and regulations, and to impose civil 
penalties. Treasury has a clear record of aggressively pursuing 
investigations and enforcement actions against both U.S. and 
foreign financial institutions that violate those laws and 
regulations.

Q.5. Are you worried that the size and interconnectedness of 
our Nation's largest financial institutions negatively affects 
your ability to enforce the law and reduces your leverage?

A.5. No. Treasury has a clear record of aggressively pursuing 
investigations and enforcement actions against both U.S. and 
foreign financial institutions that violate the laws and 
regulations administered by Treasury, regardless of the size of 
the financial institutions involved.

Q.6. At the hearing, Under Secretary Cohen and Governor Powell 
both testified that the Justice Department was in contact with 
their institutions regarding the HSBC case. Without reference 
to any particular case, can you describe the general or usual 
process for cooperation between your institution and the 
Justice Department regarding money laundering and Bank Secrecy 
Act issues? In particular:
    Which office or offices in the Justice Department contact 
your institution?

A.6. The Treasury Department bureau responsible for enforcing 
the money laundering regulations promulgated under the Bank 
Secrecy Act--the Financial Crimes Enforcement Network 
(FinCEN)--typically cooperates with the Justice Department on 
anti-money laundering investigations. Although the offices in 
the Department of Justice vary from case to case, these matters 
are typically coordinated with the Criminal Division 
(particularly the Asset Forfeiture and Money Laundering 
Section) and the National Security Division (particularly the 
Counterespionage Section) and relevant U.S. Attorneys offices.

Q.7. Which office or offices in your institution are contacted?

A.7. On matters involving anti-money laundering and U.S. 
economic sanctions laws and regulations, the Financial Crimes 
Enforcement Network (FinCEN) and the Office of Foreign Assets 
Control (OFAC), respectively, serve as the primary points of 
contact within Treasury.

Q.8. At what points in the enforcement process is your 
institution contacted?

A.8. Although the facts vary from matter to matter, initial 
contact is typically made early in the investigative stages 
after one agency has assessed that there is a potential 
violation of law and that another agency is likely to have an 
interest in the conduct underlying the case.

Q.9. What information is usually requested?

A.9. Treasury and the Department of Justice share information 
that would facilitate the development of a common understanding 
of the facts underlying the potential violations.

Q.10. Are there are any formal or informal guidelines that are 
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?

A.10. Treasury has established a number of formal and informal 
mechanisms to facilitate such interagency cooperation. 
Consistent with its responsibilities under the Bank Secrecy Act 
(BSA), FinCEN maintains a Government-wide BSA data service, and 
provides access to this data and related analytic products to 
Federal, State, and local law enforcement and regulatory 
agencies, in accordance with applicable legal requirements. 
Frequently, this data-sharing takes place pursuant to memoranda 
of understanding that provide for the exchange of information 
(including advance notification by FinCEN that enforcement 
action may be warranted by another regulator). OFAC has 
executed memoranda of understanding regarding the sharing of 
information with every functional Federal financial regulator. 
OFAC's Economic Sanctions Enforcement Guidelines, which are 
published in Treasury's regulations at 31 CFR part 501, App. A, 
provide additional information about the circumstances under 
which potential sanctions violations are referred for criminal 
investigation.
                                ------                                


       RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
                      FROM DAVID S. COHEN

Q.1. As all of you mentioned, the sophistication and 
determination of money launderers, terrorist financiers, and 
other criminals has evolved and changed as they find ways to 
gain access to our institutions. How can we support smaller 
institutions that cannot afford to put the same programs in 
place as the large banks? In your examinations, have you 
noticed vulnerabilities on a large scale?

A.1.Given the wide array of institutions that comprise the 
financial system, many anti-money laundering (AML) obligations 
imposed under the Bank Secrecy Act are predicated on the risk-
based approach. In general, financial institutions with lower 
risk customer bases or product lines may not require the same 
AML procedures as institutions that engage in higher risk 
activity. Moreover, as highlighted in my testimony, a primary 
focus of recent initiatives to improve the AML/counterterrorist 
financing (CFT) framework, is to ensure that compliance efforts 
at financial institutions are commensurate with actual illicit 
finance risk. FinCEN recently organized a group dubbed the 
``Delta Team'' under the auspices of the Bank Secrecy Act 
Advisory Group (BSAAG). This group includes representatives 
from the financial services industry, financial regulators, and 
law enforcement, with the mission of examining any gaps between 
illicit finance risks and compliance efforts. Treasury also 
recently convened a broad interagency group known as the AML 
Task Force, to look in depth at the existing anti-money 
laundering and counterterrorist-financing framework--from the 
legal and regulatory foundation, to the compliance and 
examination function, to the enforcement efforts. These 
initiatives provide greater clarity on implementing the risk-
based approach will benefit all financial institutions, 
including smaller ones that engage in lower risk activities.

Q.2. Some smaller financial institutions are concerned about 
the cost of adopting a customer due diligence program (to 
verify the identity of members when opening accounts, 
understand the purpose and intended nature of the account, 
etc.). Are the objectives of this program already being reached 
through compliance with existing FinCEN guidelines, including 
the agency's BSA/AML exam manual?

A.2. Treasury has embarked on a rule-making process to consider 
whether to impose an explicit customer due diligence rule that 
includes a broad requirement to identify beneficial owners. 
Such a rule would put financial institutions in a better 
position to assess risks and protect themselves from illicit 
finance. Moreover, a broad beneficial ownership requirement 
would support law enforcement, intelligence, and tax 
authorities in their efforts to combat financial crime and 
advance national security interests. Explicitly imposing clear 
customer due diligence requirements would also address 
Treasury's concern that there is a lack of uniformity and 
consistency in the way financial institutions currently conduct 
diligence under existing requirements. In furthering the rule-
making process to advance these objectives, we will continue to 
work towards achieving clear and harmonized customer due 
diligence expectations, leveraging best practices to minimize 
burden and maintaining a risk-based approach.
                                ------                                


               RESPONSES TO WRITTEN QUESTIONS OF
             CHAIRMAN JOHNSON FROM THOMAS J. CURRY

Q.1. The major AML-BSA cases discussed at the hearing all 
illustrate various forms of breakdown in the bank compliance 
systems on which the BSA/AML and economic sanctions rules 
depend. Would you favor a requirement that the CEOs of large 
banks certify the effectiveness of their BSA/AML/sanctions 
compliance systems annually? If not, why not?

A.1. The OCC is currently considering issuing a regulation or 
guidance on corporate governance accountability with respect to 
banks' BSA/AML programs and activities. As part of that effort, 
we will consider whether it would be appropriate to include a 
certification requirement by some or all banks as to the 
effectiveness of the bank's BSA/AML controls.

Q.2. I understand that you are not prosecutors, but you are 
responsible for oversight of the Nation's largest financial 
institutions. Are there reasons that it is especially difficult 
to adequately discipline individuals with civil fines, industry 
removals, use of injunctions, limits on certain categories of 
bank activities, or other sanctions, in connection with 
seemingly significant BSA/AML violations?

A.2. Establishing the culpability of specific individuals in 
cases of institutional failures such as BSA/AML compliance 
program breakdowns can be challenging, especially in larger 
institutions, because responsibility for the program is widely 
shared within the organization, and often results from a poor 
compliance culture. Contributing causes of BSA/AML compliance 
program breakdowns include deficiencies in corporate 
governance, business strategy, use of technology, payment 
system monitoring, staffing resources, communication 
breakdowns, gaps in technology, and delays in the evolution of 
standard industry practices. These are all institutional 
problems that can be addressed through the use of a remedial 
document such as a cease-and-desist order. But these types of 
cases do not lend themselves readily to actions against 
specific individuals because of the stringent legal standards 
we must meet to bring such actions, and because of the 
multitude of factors that typically cause the compliance 
program breakdowns.
    Notwithstanding that, the OCC has successfully brought 
enforcement actions against individuals responsible for BSA/AML 
violations, and OCC examination findings have been instrumental 
in successful criminal prosecutions against bank insiders. 
These include Simon Kareri, a Vice President of Riggs Bank, and 
Wen Chu Huang, a Director and former Chairman of the Board of 
Directors of Broadway National Bank. These cases were brought 
because the OCC or the prosecuting agency was able to establish 
that the individuals were directly involved in money laundering 
or fraud being conducted through a bank, as opposed to 
compliance breakdowns.
    The OCC is committed to taking actions whenever they are 
legally supportable. To this end, the OCC conducts a review of 
individual misconduct as part of all significant investigations 
into BSA/AML noncompliance. We are also exploring ways to 
enhance our ability to take removal and prohibition actions in 
appropriate cases. For example, we are including articles in 
our enforcement actions against institutions that require the 
institution to establish responsibility and accountability for 
BSA compliance at senior management levels of the institution, 
including in the institution's business lines. We are also 
developing industry-wide standards in this area that can be 
issued in the form of a regulation or guidance. And we are 
reviewing the statutory standards for removal and prohibition 
actions in order to determine whether issuing a regulation or 
agency guidance would facilitate bringing removal and 
prohibition actions under the statute.

Q.3. How does the seriousness with which foreign Governments 
take compliance in this area affect U.S. regulatory efforts and 
bank compliance?

A.3. During OCC regulatory reviews in foreign countries, we 
make it a practice to meet with local regulators to discuss 
findings and concerns allowed by country law. We also hold 
supervisory colleges where we share information. Finally, OCC 
gives consideration to Financial Action Task Force findings 
when scoping and conducting AML examinations.

Q.4. Why didn't foreign regulators, especially in the EU, pick 
up on the correspondent banking and cross-border problems, and 
the wire stripping activity, sooner?

A.4. We are unable to address the question. This is a matter 
that should be asked of those foreign regulatory bodies in 
question.

Q.5. Are there other particular areas of concern that you think 
must be addressed in your current discussions with foreign 
regulators?

A.5. We will continue to meet with foreign regulators to 
further discuss our regulatory posture and we welcome the 
sharing of information when allowed by country privacy laws. 
Such a meeting was held recently on April 19 with the new U.K. 
Financial Conduct Authority.

Q.6. In the last decade, major new innovative technologies and 
products have come onto the market, including prepaid access 
cards, mobile phone banking, smart ATM machines and kiosks, 
mobile wallets, Internet cloud-based payment processes, and 
others--and they are evolving rapidly. While they provide huge 
benefits to consumers, they can also pose major AML risks, 
including by making it easier to move large amounts of money on 
stored value cards. What are you doing to mitigate those risks 
now, and what should banks be doing to mitigate those risks on 
their own, even as they develop these products?

A.6. The OCC, along with the other Federal banking agencies, is 
involved in the Task Force on the U.S. AML Framework. This task 
force was assembled to review the administration, 
implementation, and enforcement of the U.S. AML framework. In 
addition, the OCC regularly works with the other Federal 
banking agencies and FinCEN on industry guidance related to 
emerging AML risks, including risks arising from new products 
and services. For example, in 2011, the OCC issued guidance to 
national banks on assessing and managing the risks associated 
with prepaid access programs, including BSA/AML and OFAC-
related risks. More recently, in January, the OCC in 
collaboration with other members of the Federal Financial 
Institutions Examination Council issued for comment proposed 
risk management guidance on the use of social media that 
highlights BSA/AML issues that can arise with the use of such 
media.
    Before offering new products or services, the OCC expects 
banks to conduct thorough due diligence to assess the potential 
risks and to determine how those risks can be mitigated. Banks 
should have in-place commensurate controls and should perform 
ongoing evaluations of the adequacy of processes devised to 
manage or mitigate risks arising from higher-risk products, 
services; customers and geographies. Banks should ensure they 
have in place appropriate risk assessment, customer due 
diligence, and suspicious activity monitoring processes. As 
part of the examination process, the OCC verifies that these 
processes are in place.

Q.7. Comptroller Curry, you mentioned in a recent speech that 
you are concerned about the possibility that problematic 
transactions with third parties may begin to migrate from large 
financial institutions to smaller institutions as large banks 
exit high-risk business areas. To what extent can smaller banks 
become substitutes for larger more compliant banks, since most 
of them cannot directly clear dollar transactions 
internationally? What can smaller institutions do to protect 
themselves and how can regulators aid them in their efforts?

A.7. To be clear, problematic transactions encompass more than 
just those with international implications. For example, we 
have seen higher-risk customers such as money services 
businesses (MSBs), ATM owners, third-party payment processors, 
etc., migrate to smaller institutions. Also, smaller banks can 
assume risk by providing banking services for high-risk 
businesses outside of just clearing dollar transactions. The 
banks can offer a variety of products and services that involve 
international exposure, such as international ACH, 
international wire transfers, and remote deposit capture, or 
the banks may have international customers. The OCC has 
consistently discussed with community banks, during 
examinations and through outreach efforts, the risks involved 
with these products and services and has cautioned the bankers 
about the need to carefully monitor customer transactions. The 
OCC has made it clear that it is vital that community banks 
understand the nature of their customers' businesses and 
transactions, including how they do what they do, why they do 
it, and for whom they do it, and that the banks appropriately 
and carefully monitor customer transaction activity. An 
important way a small bank can protect itself is to resist 
accepting customer relationships that are in business sectors 
with which the bank is unfamiliar or that are so large and 
complex the bank cannot properly administer the relationship 
(i.e., properly monitor transaction activity). OCC portfolio 
managers assigned to community banks perform quarterly reviews 
that include questions about what new products the bank is 
offering to help identify activities that could signal a change 
in a bank's BSA/AML risk profile. Additionally, the OCC 
conducts a Money Laundering Risk survey annually for all 
community banks, which is targeted at identifying products that 
pose higher levels of BSA/AML risk.

Q.8. Your testimony reasonably cites cutback of compliance 
staffs during the financial crisis as one element of the recent 
spate of cases. Why didn't regulators act more decisively as 
they saw compliance staffs being cut back, since those staffs 
are critical for an adequate AML system under the BSA?

A.8. Compliance management metrics failed to point out the risk 
of declining staff, and banks often cut staff while making the 
case that system enhancements permit efficiencies. That can be 
true and it sometimes takes time to see a negative effect of 
reduction in personnel. It is something we now pay closer 
attention to and expect the banks to have better MIS to provide 
early warning internally when staff cannot keep pace with 
workload or quality. Our heightened expectations around risk 
management and audit are directed at these functions doing 
better to identify such issues.

Q.9. You have noted that there is now a growing belief that--
for the first time in recent memory, operational risks--
including those related to AML issues--rather than credit risk 
pose the greatest potential for loss for many banks and 
thrifts. How do banks and thrifts ensure that operational risk, 
including that in regards to BSA issues, does not undermine 
safety and soundness? What are bank regulators doing to ensure 
these steps are being taken?

A.9. As I mentioned in my March 4, 2013, speech before the 
Institute of International Bankers, operational risk is at the 
top of our safety and soundness concerns for the large banks we 
supervise. In order to properly manage this risk, senior bank 
compliance personnel need to be involved in product 
development. This is especially true when banks are 
contemplating whether to offer higher-risk products and 
services that may require robust controls. The critical 
ingredients for a sound BSA/AML program include the strength of 
an institution's compliance culture, its willingness to commit 
sufficient resources, the strength of its information 
technology and monitoring processes and the adequacy of risk 
management protocols. The OCC regularly examines banks to 
determine the adequacy of policies, procedures, and processes 
devised to manage or mitigate risks. We expect banks to have 
risk management processes commensurate with the quantity of 
risk arising from products and services offered and customers 
and geographies served.

Q.10. Under current law, what statutory provisions would apply 
to limit the business activities of a bank if that bank was 
convicted of a violation of the BSA, but its charter was not 
terminated?

A.10. There is no statutory provision that specifically limits 
the business activities of a bank that has been convicted of a 
criminal BSA or money laundering violation, but whose charter 
has not been revoked under 12 U.S.C. 93(d). However, the OCC 
has the authority to limit the business activities of a bank 
under its general cease-and-desist authority set forth in 12 
U.S.C. 1818(b). The OCC has exercised this authority in its 
BSA/AML enforcement orders. In merger transactions, the USA 
PATRIOT Act further requires the OCC to consider the 
effectiveness of a bank or savings association, including its 
overseas branches, in combating money laundering activities. 12 
U.S.C. 1828(c).
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
                      FROM THOMAS J. CURRY

Q.1. Deferred Prosecution Agreements: The use of a Deferred 
Prosecution Agreement, or DPA, represents the continuation of a 
trend in enforcement matters in economic sanctions, export 
controls, and other matters. In opting for a DPA, companies may 
avoid criminal prosecution; in exchange, they assume ongoing 
responsibilities and risks. The DPA is open, on average, for 
about 18 months.
    If it sometimes takes years to uncover BSA violations and 
other bad behavior, how useful is the DPA as an enforcement 
tool?
    What is an example of the lowest trigger for a violation of 
a DPA?
    How long have DPAs been in place on financial institutions 
and has any resulted in a violated? What was the end result?

A.1. A DPA is an agreement between the Department of Justice 
(DOJ) and a bank or savings association. Consequently, the DOJ 
is in a better position to assess the usefulness of DPAs as an 
enforcement tool than the OCC is. The triggers for determining 
a DPA violation are solely within the DOJ's jurisdiction, 
although the DOJ will normally consult with the OCC prior to 
terminating a DPA against a national bank or Federal savings 
association. If the OCC identifies a breach of a DPA by a 
financial institution, or if the OCC identifies continuing 
problems with an institution's BSA compliance program after it 
has entered into a DPA, the OCC would notify the DOJ of the 
breach or problems. No such instances have occurred.

Q.2. Referrals and Examinations: Has either OCC or the Federal 
Reserve made any criminal referrals to Federal or other law 
enforcement officials as a result of examinations and, if so, 
what were the results?

A.2. Yes. Suspicious transactions and potential criminal 
violations are usually reported to law enforcement through the 
filing of a Suspicious Activity Report (SAR) with the Financial 
Crimes Enforcement Network (FinCEN). Federal and State law 
enforcement agencies have direct, online access to the SAR 
database. Depending on the significance of the SAR filing, the 
OCC may contact the DOJ to direct its attention to particular 
suspicious activity at financial institutions. In some cases, 
the OCC may file a SAR itself, direct an institution to file a 
SAR, or refer the matter through other means.
    While the OCC does not have information concerning the 
disposition of most of these SARs, one example of a SAR that 
resulted in successful prosecutions was at Jefferson National 
Bank. Here, the OCC identified money laundering transactions, 
filed reports with law enforcement, and took the lead in 
scheduling several meetings with Federal, State, and Canadian 
law enforcement personnel alerting them to the significance of 
the OCC's findings and the large sums of illicit funds flowing 
through accounts at this bank. Additionally, the OCC brought a 
removal action against a director and issued a personal cease-
and-desist order against the president. Based upon this 
information, law enforcement began an investigation that 
resulted in one of the most successful money laundering 
prosecutions in U.S. Government history. The case resulted in 
21 indictments, and law enforcement's seeking the recovery of 
$557 million. It also resulted in a December 1999 guilty plea 
by a subsidiary of R.J. Reynolds Tobacco Company and the 
payment of a $15 million criminal fine. Seven bank officers and 
directors were ultimately convicted of crimes.
    In addition to filing SARs, the OCC provides extensive 
support to law enforcement in criminal cases. For example, we 
regularly provide documents and information, make our staff 
available for interviews or to assist an investigation, and 
provide expert witnesses to testify at trial. Over the years, 
the OCC has been involved in several high profile BSA/AML 
investigations and penalty actions involving large national 
banks that also involved a parallel criminal investigation, 
including Union Bank of California, Wachovia Bank, N.A., and 
HSBC Bank USA, N.A. The OCC's findings and contributions in 
these cases were instrumental in bringing those cases to 
closure.

Q.3. Have the results of any BSA examinations had any negative 
impact on a bank's CAMEL rating?

A.3. OCC issued internal guidance, ``Consideration of Bank 
Secrecy Act/Anti-Money Laundering Examination Findings in the 
Uniform Interagency Rating Systems and OCC's Risk Assessment 
System'' in 2012. The guidance was effective beginning July 18, 
2012. As part of that guidance, staff were reminded that in 
keeping with current policy, examiners must consider BSA/AML 
examination findings in a safety and soundness context as a 
part of the management component of a bank's FFIEC Uniform 
Financial Institutions Rating System (CAMELS ratings). Since 
then, the results of BSA examinations have had a negative 
impact on certain banks' management components. For Federal 
branches and agencies, BSA/AML examination findings must be 
considered as part of the risk management component of the ROCA 
rating system. Examination procedures used to evaluate the 
adequacy of a bank's BSA/AML compliance remain unchanged.

Q.4. Exam Consistency: The Committee understands that, in the 
interests of exam consistency, all of the Federal regulators 
now use the Federal Financial Institutions Examination Council 
or FFIEC manual for Bank Secrecy Act examinations.
    Are there differences in the manner of which each agency 
conducts its examinations? Particularly, is there a substantial 
difference in the manner so-called pillar violations or program 
violations are treated before there is movement to a formal 
enforcement action. If so, why?

A.4. In 2005, the members of the FFIEC developed a 
comprehensive ``FFIEC Bank Secrecy Act/Anti-Money Laundering 
Examination Manual''. The FFIEC BSA/AML Examination Manual has 
been revised a number of times and was most recently published 
in 2010. While the manual provides a consistent examination 
framework across the agencies for evaluating BSA/AML 
compliance, each agency may supplement the framework with 
additional tools or guidance. For example, the OCC has 
developed and deployed a Money Laundering Risk System that 
collects risk information from the banks the OCC supervises and 
factors the information into each bank's examination strategy 
development. OCC examiners use this information to help 
determine appropriate areas to select for transaction testing 
during an examination.
    In August of 2007, the FFIEC issued the Interagency 
Statement on Enforcement of Bank Secrecy Act/Anti-Money 
Laundering Requirements, which is the guiding enforcement 
policy for all of the Federal banking agencies. As noted in our 
written testimony, we have amended our approach for citing 
pillar violations to provide more flexibility for citing BSN/
AML violations for individual ``pillar'' violations (i.e., 
internal controls, BSA officer, testing, and training) and to 
make our approach consistent with the other Federal banking 
agencies. The OCC has communicated this change to our 
examination staff and now expects examiners to cite pillar 
violations when warranted. The OCC has drafted and will soon 
issue formal internal guidance for examiners to follow when 
considering such violations.

Q.5. OCC and Federal Reserve Practice: What is the practice of 
the OCC and Federal Reserve on prevention and resolution of 
deficiencies within its supervisory framework?

A.5. The OCC has a range of supervisory responses depending on 
the severity of individual examination findings. The OCC makes 
use of informal actions, including: matters requiring attention 
(MRAs), commitment letters, and memorandums of understanding 
(MOUs). The OCC can also take formal actions, including: formal 
agreements, cease-and-desist orders, and civil money penalties, 
as well as actions to remove individuals from banking.

Q.6. In the course of resolving deficiencies, has a member 
bank, or other entity, ever opted to leave either the national 
banking system or the Federal Reserve System rather than accept 
an enforcement document?

A.6. While the OCC does not keep records of banks that have 
converted from the national banking system because of an OCC 
enforcement action, anecdotal information and informal 
interactions with bankers suggest that there have been banks 
that have switched charters because of an OCC enforcement 
action or because of a desire to be subject to less rigorous 
supervision. One such bank is Colonial Bank, N.A., which 
converted to a State charter and subsequently failed. Section 
612 of the Dodd-Frank Act specifically addresses this issue by 
restricting the ability of a national bank, state-chartered 
bank, or Federal or State savings association to convert 
charters if they are subject to a cease-and-desist order or 
other formal enforcement action.
                                ------                                


         RESPONSES TO WRITTEN QUESTIONS OF SENATOR REED
                      FROM THOMAS J. CURRY

Q.1. Earlier this year, the Office of the Comptroller of the 
Currency (OCC), along with the Federal Reserve and 13 mortgage 
servicers, reached a $9.3 billion settlement to dispense with 
the Independent Foreclosure Review process. As part of the 
settlement, banks were ordered to identify military members and 
other borrowers who were evicted in violation of Federal law. 
It was reported by the New York Times in early March that over 
700 military families were identified through this process as 
victims of wrongful foreclosure. This article notes that ``the 
people with direct knowledge cautioned that the numbers were 
not precise and could underestimate the extent of the problems 
. . . .''
    Given the reports that roughly 700 foreclosures could be an 
underestimation, are there efforts underway to ensure that all 
impacted military families are identified and provided relief? 
Can you assure me that these military families will get the 
relief that they deserve?

A.1. At the outset of the Independent Foreclosure Review, 
independent consultants were required to identify 100 percent 
of SCRA eligible borrowers. These borrowers were identified 
through a process by which the entire in-scope population for 
each of the servicers (all 4.2 million borrowers) was checked 
against the DoD database. As part of the settlement, the 
servicers were required to either: (1) assume an SCRA violation 
for all identified SCRA eligible borrowers and pay the maximum 
financial injury, or (2) to have the independent consultant 
complete a review to determine if there was an SCRA violation 
with respect to the identified SCRA eligible borrowers. For 
this reason, we are confident that there was not an 
underestimation of the number of SCRA violations. If anything, 
the SCRA numbers would be over-reported due to the number of 
SCRA borrowers whose errors were assumed.

Q.2. This same New York Times article reports: ``Under the 
settlement, banks receive credit for the size of the 
outstanding loan balance, rather than the amount of actual 
assistance provided. For example, if a bank cut a borrower's 
$100,000 mortgage debt by $10,000, the lender could then reduce 
its commitment under the settlement by $100,000. In a previous 
foreclosure settlement, the banks received credit only for the 
$10,000.''
    Please confirm whether this characterization is accurate. 
If true, please explain why banks are now being given extra 
credit.

A.2. The Amendments to the Consent Orders, which implemented 
the Independent Foreclosure Review settlement, are specific 
about the standards the regulators will use to measure the 
servicers' performance on loss mitigation and foreclosure 
prevention. They emphasize sustainable and meaningful home 
preservation actions for qualified borrowers and that 
preference should be given to activities designed to keep 
borrowers in their homes.
    The unpaid principal balance (UPB) is straightforward, 
transparent, and an easily measurable barometer of the value of 
the foreclosure that was prevented. It does not measure the 
expense of the action taken or the economic benefit for the 
consumer, but simply measures the foreclosure that was 
prevented based on what the borrower owes, which therefore 
reflects the amount of assistance received. Complicated 
crediting formulas are not transparent, and people tend to find 
ways to manipulate complicated formulas, which can often have 
unintended consequences. Further, sustainable modifications 
come in numerous forms, not only through principal reductions, 
but also through, for example, reduced interest rates.
    Finally, the OCC will focus on the overall efforts and 
results of the loss mitigation and foreclosure prevention 
programs of each servicer as we evaluate compliance with the 
remainder of our original Consent Orders. In doing so, we will 
evaluate the effectiveness of all the loss mitigation and 
foreclosure prevention activities, not just those they request 
credit for under the Amendments to the Consent Orders. We 
intend to ensure that loss mitigation efforts will be done in a 
manner consistent with the principles we described in the 
Amendments to the Consent Orders.
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
                      FROM THOMAS J. CURRY

Q.1. The United States Government takes money laundering very 
seriously. A bank that launders drug money or terrorists' money 
can be shut down, \1\ and individuals in the bank can be banned 
from banking. \2\ In December, HSBC admitted to laundering at 
least $881 million for Colombian and Mexican drug cartels, and 
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and 
Burma. \3\ These were not one-time actions. The bank was warned 
over and over and told to fix the problem, and it didn't. It 
just kept making money by laundering money for drug dealers. 
\4\
---------------------------------------------------------------------------
     \1\ See, e.g., Annunzio-Wylie Anti Money Laundering Act of 1992, 
1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
     \2\ 12 U.S.C. 1818(e) and (g).
     \3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at: 
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
     \4\ Senate Permanent Subcommittee on Investigations, ``U.S. 
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing: 
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
    In the hearing, you noted that the threshold determination 
for revoking a bank's charter is dependent on prosecution and 
conviction, and you testified that the Justice Department makes 
determinations about when it is appropriate to prosecute. 
However, there are other tools available to hold accountable 
banks and bankers who engage in illegal activity, such as 
banning individuals from the banking industry. Could you please 
describe:
    Whether your agency has any regulation, guidance, policies, 
formal or informal, that guide when individuals should be 
banned from banking under 12 U.S.C. 1818(e) and (g). If so, 
please provide those documents.

A.1. The standards for removal and prohibition actions are set 
forth in the applicable statutes, 12 U.S.C. 1818(e) and (g). 
In addition, individuals who are convicted of certain criminal 
violations are prohibited from banking by operation of law 
under 12 U.S.C. 1829. The following OCC guidance and policies 
address when individuals should be banned from banking under 
those sections:

  A.  OCC Policies and Procedures Manual (PPM) 5310-8;

  B.  Fast Track Enforcement Program Procedures Manual;

  C.  Charters for Washington Supervision Review Committee and 
        Major Matters Supervision Review Committee; and

  D.  Delegations of Authority for Major Matters, Large Bank 
        Supervision, and Midsize and Community Bank 
        Supervision.

    The OCC will provide copies of these documents. [See below]

    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

Q.2. Under what circumstances your agency has used 12 U.S.C. 
1818(e) and (g) in the past, including any actions taken 
against bankers in the largest financial institutions.

A.2. As a matter of course, the OCC pursues all legally 
supportable removal and prohibition actions. The OCC has 
removed and prohibited bankers under sections 1818(e), (g), and 
1829 in a variety of circumstances where the applicable legal 
standard is met. Most removal and prohibition cases involve 
instances of insider abuse and self-dealing.
    Since 2000, the OCC has issued 422 removal and prohibition 
orders under section 1818 and 3,963 prohibition notices under 
section 1829. Forty-one percent of the 1818 removals and 67 
percent of the 1829 removal notices involved individuals 
affiliated with large banks. All OCC formal enforcement 
actions, including final orders of removal and prohibition, are 
listed on the OCC's Web site at http://apps.occ.gov/
EnforcementActions/.

Q.3. The process your agency does or would follow to use its 
authority under 12 U.S.C. 1818(e) and (g).

A.3. The documents we identified in response to your first 
question govern the process the OCC follows to use its 
authority under sections 1818(e), (g), and 1829.
    Most OCC enforcement actions, including removal and 
prohibition cases, originate from examination findings and 
referrals from the examiners in the bank to the appropriate 
supervisory office. The supervisory office then works closely 
with the OCC's Enforcement and Compliance (E&C) Division to 
develop the case. In many cases, the E&C Division will conduct 
an investigation to gather additional facts to support the 
action, aided by the OCC's examiners. Once sufficient evidence 
has been obtained to support the case, the E&C Division 
presents its recommendation to the appropriate Supervision 
Review Committee. The OCC proceeds with an enforcement action 
if the OCC's Major Matters Supervision Review Committee 
authorizes the action, or if the Senior Deputy Comptroller for 
Midsize and Community Banks authorizes the action after 
reviewing the recommendation of the Washington Supervision 
Review Committee.
    Upon receiving authorization, the E&C Division seeks to 
obtain the issuance of the order with the respondent's consent. 
While the majority of removal and prohibition cases are 
resolved this way, the respondent has the right to contest the 
action and, in cases where the respondent does not consent, the 
E&C Division will initiate litigation by filing a notice of 
charges with the administrative law judge who adjudicates 
enforcement actions brought by the Federal banking agencies. 
The matter then proceeds to an administrative hearing, with the 
presentation of evidence and full briefing on the matter by 
both parties. Both parties may file exceptions to the 
administrative law judge's recommended decision, and the 
Comptroller then issues a final agency decision. If the 
Comptroller issues a final order of removal and prohibition, 
that order is subject to review by an appropriate United States 
court of appeals.

Q.4. Attorney General Holder testified before the Judiciary 
Committee that he is ``concerned that the size of some of these 
institutions becomes so large that it does become difficult for 
us to prosecute them when, . . . if you do bring a criminal 
charge, it will have a negative impact on the national economy, 
perhaps even the world economy.''
    Can you explain how your efforts to ensure compliance with 
money laundering laws are affected when so many people--even 
the Attorney General of the United States--think it is 
``difficult to prosecute'' the biggest banks?

A.4. The OCC's efforts to ensure compliance with the BSA and 
AML laws are not affected by concerns that some banks are 
``difficult to prosecute.'' Indeed, the OCC has brought many 
actions against large institutions for BSA violations in recent 
years, including actions against Key Bank, N.A. (2005), Union 
Bank of California, N.A. (2001), Wachovia Bank, N.A. (2010), 
Zions First National Bank (2010), Citibank, N.A. (2012), HSBC 
Bank USA, N.A. (2010, 2012) and JPMC Bank, N.A. (2012).
    The OCC's willingness to take action is also not affected 
by a decision by DOJ to decline to prosecute a bank. The only 
significant impact of a decision by DOJ not to prosecute an 
institution is on the OCC's charter revocation authority set 
forth at 12 U.S.C.  93(d). If the Attorney General declines to 
prosecute a bank or fails to obtain a criminal conviction for 
money laundering, the OCC does not have the legal authority to 
conduct a revocation hearing under that section. Revocation 
hearings can only be conducted upon the conviction of a bank of 
any criminal money laundering offense (18 U.S.C. 1956 or 1957) 
and the OCC does not have the authority to conduct such a 
hearing on its own accord.

Q.5. Are you worried that the size and interconnectedness of 
our Nation's largest financial institutions negatively affects 
your ability to enforce the law and reduces your leverage?

A.5. The OCC believes that no institution is above the law, 
regardless of its size and interconnectedness. Consequently, we 
take seriously our responsibilities as a regulator and we 
expect full compliance with BSA/AML requirements at all times. 
The OCC examines large banks for compliance using the FFIEC 
examination procedures. As noted immediately above, we have not 
been reluctant to enforce the U.S. banking laws against the 
largest banks. That said, there will always be challenges for 
our BSA/AML examinations of large financial institutions due to 
their global footprint, transaction volumes, diverse product 
lines, and the rapid changes in technology and payment systems. 
In addition, keeping pace with the innovation, flexibility, and 
speed with which criminals are able to alter their tactics to 
avoid detection is a constant challenge for both examiners and 
banks. In response to these challenges, the OCC continues to 
expand its ongoing dialogue with law enforcement to understand 
current money laundering and terrorist financing typologies.
    Through participation in international forums such as the 
Financial Action Task Force (FATF), the OCC works with 
international law enforcement, prosecutors, and regulatory 
counterparts to identify and understand risks to national banks 
and Federal savings associations from international money 
laundering and terrorist financing schemes that impact the 
largest international banks. The OCC disseminates this 
information internally to examiners through training and 
guidance. The examiners also participate in external seminars, 
workshops, and conferences.
    The OCC will continue to refine its examination and 
enforcement processes to keep up with these challenges in this 
ever-changing environment, and to ensure that both large and 
community banks maintain effective BSA/AML compliance programs. 
The OCC will not hesitate to use its enforcement authority to 
ensure that the U.S. banking laws are complied with, suspicious 
activity is properly identified and reported to law 
enforcement, and wrongdoers are held accountable.

Q.6. At the hearing, Under Secretary Cohen and Governor Powell 
both testified that the Justice Department was in contact with 
their institutions regarding the HSBC case. Without reference 
to any particular case, can you describe the general or usual 
process for cooperation between your institution and the 
Justice Department regarding money laundering and Bank Secrecy 
Act issues?
    In particular: Which office or offices in the Justice 
Department contact your institution?

A.6. The OCC cooperates extensively with the DOJ in BSA/AML 
cases. This cooperation includes discussion of cases through 
meetings and calls, providing documents and information, and 
making OCC examiners available to discuss transactions or serve 
as witnesses in grand jury proceedings and trials. Depending on 
the case, the initial contact in such cases may be initiated by 
the OCC, or it may be initiated by the DOJ. The DOJ components 
that typically contact us in BSA/AML cases are the Asset 
Forfeiture and Money Laundering Section of the DOJ's Criminal 
Division, and any U.S. Attorney's Office that is conducting or 
participating in an investigation. The OCC is also often 
contacted by the FBI and other investigative agencies.
    In addition, we also interact with the DOJ through our 
active participation in several interagency groups focusing on 
BSA/AML compliance, including: (a) Treasury's Interagency Task 
Force on the U.S. AML Framework; (b) the Bank Secrecy Act 
Advisory Group (BSAAG); and (c) the National Interagency Bank 
Fraud Working Group.

Q.7. Which office or offices in your institution are contacted?

A.7. Contact with the DOJ is typically conducted through the 
OCC's Chief Counsel's Office, although sometimes law 
enforcement agents will initiate contact with field examiners 
(field examiners who are contacted by law enforcement will 
typically direct the call to the Chief Counsel's Office).

Q.8. At what points in the enforcement process is your 
institution contacted?

A.8. The timing of contact with the DOJ or other law 
enforcement agency varies depending on the case. In some cases, 
the OCC develops a case and refers it to law enforcement. In 
other cases, the OCC works closely with law enforcement on 
ongoing investigations.

Q.9. What information is usually requested?

A.9. Typically the DOJ will request OCC examination reports and 
underlying supervisory correspondence, examination work papers, 
look-back reports, investigation reports, and access to OCC 
examiners, due to their expertise and knowledge of the 
institution under investigation. In some cases, the OCC may 
obtain access to grand jury materials and OCC attorneys will 
participate and assist in the investigation process, interview 
or depose witnesses, and provide responses to DOJ information 
requests.

Q.10. Are there are any formal or informal guidelines that are 
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?

A.10. The OCC has a Memorandum of Understanding in place with 
both FinCEN and the Office of Foreign Assets Control (OFAC). 
These agreements provide guidance on information sharing and 
interagency coordination with those agencies. In addition, as 
described above, the OCC actively participates in various 
interagency groups that focus on BSA/AML compliance. Those 
groups generally have charter documents that describe their 
purpose and provide guidelines for participation.

Q.11. As I understand it, when the OCC identifies a bank's 
failure to comply with its internal policies regarding money 
laundering, the bank then develops a new policy to address 
these shortfalls and the OCC examines the bank's practices 
during its next examination period.
    When the OCC evaluates a bank's internal policies for BSA 
compliance, does it consider the extent to which, based on past 
supervision data, the policy is likely to be implemented 
effectively? If yes, can you explain the OCC's method of 
evaluation? If the OCC does not consider past supervision data, 
then how is the OCC able to evaluate whether the bank's 
policies are likely to lead to sufficient compliance with the 
BSA?

A.11. OCC's regulatory preplanning process for examinations 
includes an analysis of ongoing quarterly reviews of corrective 
actions taken to address matters requiring attention and 
violations of law and regulations. In addition, OCC examination 
planning includes a review of prior regulatory findings and 
those noted in bank internal audit, quality assurance and 
quality control reports. Finally, while on-site, staff review 
policy and system changes that were made to correct prior 
concerns. When applicable, this includes testing sustainability 
through transactional testing.

Q.12. When the OCC does find potential weaknesses in money 
laundering detection or controls, does the OCC provide that 
information to the Department of Justice or other regulators?

A.12. The OCC ensures that suspicious and potentially criminal 
activity is referred to the DOJ. In addition, in criminal 
cases, the DOJ will routinely contact the OCC and request 
examination reports and other supervisory information that 
documents any problems that the OCC identified in the bank's 
BSA/AML compliance program.
    When the OCC finds potential weaknesses in money laundering 
detection or controls, the OCC provides the information to 
FinCEN and OFAC consistent with the terms of our MOUs with 
those agencies. If the weaknesses result in the failure to 
properly file reports with FinCEN or OFAC, including SARs, the 
OCC will typically coordinate with FinCEN and OFAC on any look-
back or back-filing requirements to ensure that activity is 
reported appropriately. If the weaknesses will result in a 
penalty action, the OCC will coordinate with FinCEN, which also 
has BSA penalty authority, and other applicable agencies 
(Federal Reserve, DOJ, State Attorney Generals, etc.).
    Pursuant to the MOU with OFAC, the OCC reports (as 
permitted by law) to OFAC any sanctions violations discovered 
in the course of an examination. The OCC also requires banking 
organizations under our supervision, which are suspected of 
sanctions violations, to communicate this information directly 
to OFAC.

Q.13. Has the OCC adopted or will adopt a policy of imposing 
stiffer penalties for second, third, or repeated failures to 
achieve compliance?

A.13. Yes. In the case of civil money penalty actions, the OCC 
will follow the statutory framework set forth in 12 U.S.C. 
1818(i) which provides for increased penalty amounts depending 
on the severity of the wrongdoing. The statute also requires 
that in determining the amount of any penalty, the OCC shall 
take into account the appropriateness of the penalty with 
respect to the history of previous violations. 12 U.S.C. 
1818(i)(2)(G).
                                ------                                


       RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
                      FROM THOMAS J. CURRY

Q.1. As all of you mentioned, the sophistication and 
determination of money launderers, terrorist financiers, and 
other criminals has evolved and changed as they find ways to 
gain access to our institutions. How can we support smaller 
institutions that cannot afford to put the same programs in 
place as the large banks? In your examinations, have you 
noticed vulnerabilities on a large scale?

A.1. We scale our expectations of smaller institutions to the 
risk and complexity of the products they offer. As long as the 
smaller institutions perform sufficient due diligence on their 
customers, and truly understand their customers' use of their 
accounts and the risks associated with their customers' 
transactions, small banks should meet regulatory expectations. 
We provide guidance to smaller banks through the examination 
process, as well as in various meetings and outreach sessions. 
We have, for instance, been very active for many years in 
offering workshops for bank directors to help them understand 
the risks associated with BSA. Additionally, as part of our 
examination process, we offer recommendations to bankers based 
on our unique knowledge of industry best practices. While the 
risks in smaller institutions vary from bank to bank, we have 
not noted significant vulnerabilities on a large scale. Rather, 
banks are adjusting to an increasing distance from their 
customers through technological innovation such as remote 
deposit capture and prepaid cards, some of which is facilitated 
through third parties with their own independent BSA programs. 
In many cases, reasonably sophisticated software is available 
to smaller banks to help them manage the increasing customer 
risks.
                                ------                                


               RESPONSES TO WRITTEN QUESTIONS OF
             CHAIRMAN JOHNSON FROM JEROME H. POWELL

Q.1. The major AML-BSA cases discussed at the hearing all 
illustrate various forms of breakdown in the bank compliance 
systems on which the BSA/AML and economic sanctions rules 
depend. Would you favor a requirement that the CEOs of large 
banks certify the effectiveness of their BSA/AML/sanctions 
compliance systems annually? If not, why not?

A.1. Imposing a Bank Secrecy Act/anti-money laundering (BSA/
AML) and U.S. sanctions certification requirement may result in 
changes to an institution's strategic focus and the need to 
alter or curtail certain high-risk activities in order to 
reduce exposure. While such a change could reduce the risk 
profile of an institution and result perhaps in a more 
effective compliance program, it may also result in a reduced 
availability of certain financial services, such as private 
banking or correspondent bank services, or a curtailment of 
certain products and services in certain markets.
    Even without any specific certification requirements, the 
Federal Reserve reviews the quality of an institution's BSA/AML 
and U.S. sanctions compliance programs through the ongoing 
exercise of supervision, and the results of these reviews are 
reflected in the ``management'' or ``M'' rating component of 
the CAMELS rating system we use to evaluate these institutions. 
For large, complex banking organizations, safety and soundness 
examination is a continuous process, and BSA/AML compliance is 
incorporated into examinations conducted throughout the year.
    Additionally, the Federal Reserve has available at its 
disposal a broad range of supervisory tools to ensure 
appropriate compliance processes and programs. For example, the 
Federal Reserve may require an institution to address a BSA/AML 
or sanctions program deficiency through informal supervisory 
action, such as requiring an institution's board of directors 
to adopt an appropriate resolution or executing a memorandum of 
understanding between an institution and a Reserve Bank. In the 
most serious cases, the Federal Reserve may take a formal 
enforcement action against an institution.

Q.2. I understand that you are not prosecutors, but you are 
responsible for oversight of the Nation's largest financial 
institutions. Are there reasons that it is especially difficult 
to adequately discipline individuals with civil fines, industry 
removals, use of injunctions, limits on certain categories of 
bank activities, or other sanctions, in connection with 
seemingly significant BSA/AML violations?

A.2. The Federal Reserve and other Federal banking agencies 
have and use statutory authority to remove and prohibit 
insiders from participating in the banking industry. This 
authority is an effective tool in dealing with serious cases of 
insider abuse and self-dealing because it results in a lifetime 
ban on the individual working in the banking industry. In these 
cases, we may also determine that the assessment of civil money 
penalties is appropriate against the individual. In the past 5 
years, the Federal Reserve has issued 44 prohibition orders, 
including several orders that included an assessment of a civil 
money penalty.
    We believe that this existing authority to sanction 
misconduct by individuals is an effective tool to address 
significant BSA/AML violations involving specific insiders. For 
example, the Federal Reserve may prohibit an institution-
affiliated party for violations of the BSA that are ``not 
inadvertent or unintentional.'' 12 U.S.C. 1818(e)(2). 
Significant violations of the BSA and related anti-money 
laundering laws typically involve parallel criminal 
investigations. An individual convicted of a felony offense 
also is subject to the prohibitions set forth in section 19 of 
the Federal Deposit Insurance Act (FDI Act). 12 U.S.C. 1829. 
In these instances, the Federal Reserve will typically defer 
the decision to commence an investigation of an insider, at the 
request of prosecutors, to avoid interference with any ongoing 
criminal investigation. The Federal Reserve's enforcement 
program will instead focus on requiring an institution to 
remediate problem areas as quickly as possible in order to 
mitigate any negative effects on the bank and the U.S. 
financial system. We believe that the Federal Reserve's 
approach to enforcement matters accomplishes the statutory 
objective set by the Congress of ensuring the safe and sound 
operation of the banking system.

Q.3. How does the seriousness with which foreign Governments 
take compliance in this area affect U.S. regulatory efforts and 
bank compliance? Why didn't foreign regulators, especially in 
the EU, pick up on the correspondent banking and cross-border 
problems, and the wire stripping activity, sooner? Are there 
other particular areas of concern that you think must be 
addressed in your current discussions with foreign regulators?

A.3. Not all countries impose the same economic sanctions as 
the United States. Countries without these standards or with 
different sanctions than those in the U.S. do not approach 
sanctions enforcement in the same manner as the United States.
    The Federal Reserve believes that a sound global compliance 
program, and proper oversight, is critical to deterring and 
preventing illicit activities at, or through, U.S. banks and 
other financial institutions, and we continuously reinforce 
this view with our foreign supervisory counterparts. Many of 
the enforcement actions we have taken in this area have 
required institutions to implement global compliance measures 
that will help them evaluate risk comprehensively, taking into 
account the full range of products, services, customers, and 
geographic locations of the firm. In a number of BSA/AML and 
U.S. sanctions enforcement cases, the Federal Reserve has 
enlisted the aid of our foreign counterparts, including what 
was formerly the U.K. Financial Services Authority, to ensure 
that a supervised institution is meeting its responsibilities 
in its home country and other jurisdictions where our examining 
authority is limited.
    The Federal Reserve promotes high supervisory standards for 
international BSA/AML and U.S. sanctions compliance and payment 
transparency through our participation in the U.S. delegation 
to the Financial Action Task Force (FATF) and the Basel 
Committee on Banking Supervision's (BCBS) anti-money laundering 
experts group. For example, the U.S. delegation to the FATF 
continues to press for the strengthening of the international 
compliance framework and has contributed to the revised set of 
international standards for AML compliance adopted by the FATF 
adopted its revised set of standards earlier this year. The 
BCBS's anti-money laundering experts group provides a forum for 
regular cooperation on anti-money laundering matters, and has 
issued guidance in several key areas, such as cover payment 
transparency. In addition, the Federal Reserve has strong and 
ongoing coordination and communication channels with our 
counterparts at foreign regulatory agencies, including but not 
limited to the U.K.'s Financial Services Authority and its 
successor organizations, the Prudential Supervisory Authority 
and the Financial Conduct Authority. On an institution-specific 
basis, Federal Reserve also participates in supervisory 
colleges with its foreign supervisory colleagues. These groups 
are intended to promote information sharing and discussion on a 
range of supervisory issues and emerging risks at the 
institution, including anti-money laundering concerns.

Q.4. In the last decade, major new innovative technologies and 
products have come onto the market, including prepaid access 
cards, mobile phone banking, smart ATM machines and kiosks, 
mobile wallets, Internet cloud-based payment processes, and 
others--and they are evolving rapidly. While they provide huge 
benefits to consumers, they can also pose major AML risks, 
including by making it easier to move large amounts of money on 
stored value cards. What are you doing to mitigate those risks 
now, and what should banks be doing to mitigate those risks on 
their own, even as they develop these products?

A.4. The Federal Reserve has long recognized the anti-money 
laundering risks associated with prepaid cards and other 
payment systems and has taken steps to address these threats as 
they emerge. The Federal Reserve maintains an open dialogue 
with other regulatory agencies and the prepaid card industry 
and participates in many discussions focused on identifying 
risks associated with prepaid cards and other technologies. For 
example, in 2006 and 2010, the Federal Reserve, working with 
the member agencies of the Federal Financial Institutions 
Examination Council (FFIEC) working group on BSA/AML matters, 
incorporated guidance in the FFIEC examination manual on ways 
banks can mitigate the risks associated with prepaid card 
programs, and developed specific examination procedures for 
reviewing the adequacy of a bank's BSA/AML program as it 
relates to its prepaid card program. The guidance is publicly 
available through the Federal Reserve's Web site. \1\
---------------------------------------------------------------------------
     \1\ ``Federal Financial Institutions Examination Council Bank 
Secrecy Act/Anti-Money Laundering Examination Manual''. Available at: 
www.federalreserve.gov/boarddocs/supmanual.default.htm.
---------------------------------------------------------------------------
    The Federal Reserve also serves as cochair to the BSA 
Advisory Group Subcommittee on Prepaid Access alongside the 
National Branded Prepaid Card Association (NBPCA). The 
subcommittee has been in existence now for several years, and 
includes representatives from the banking regulatory agencies 
(both Federal and State), the Financial Crimes Enforcement 
Network (FinCEN), law enforcement, and industry. In addition, 
Federal Reserve staff speaks regularly at conferences and 
meetings focused on prepaid cards and emerging payment systems, 
including NBPCA events and the annual Federal Reserve Bank of 
Chicago's Payments Conference.

Q.5. The BSA regulations about wire transfers (at 31 CFR 
1010(f)(2)) allow a U.S. bank to accept and process a wire 
transfer from overseas even if the ``transmitter'' field is 
blank. That may have been understandable 15 years ago when the 
regulations were written. But why has the rule not been 
changed, in light of the sanctions abuses illustrated by these 
cases and the possibility of other attempts to avoid our 
sanctions rules in the future? The changes in the SWIFT 
regulations to require completion of all fields, which you 
mentioned in your testimony, do not appear to have the force of 
law. In a world in which banking institutions operate globally, 
effective money laundering control is extremely difficult 
without uniform and uniformly enforced cross-border standards 
within banks and under applicable law.

A.5. Foreign banks that operate in countries without sanctions 
similar to those imposed by the United States have not always 
had in place the mechanisms to ensure transactions routed 
through the U.S. comply with U.S. law. In 2009, based on 
transparency concerns raised by the Board and others, the 
Society for Worldwide Interbank Financial Transaction (SWIFT) 
adopted a new message format for cover payments (the MT 202 
COV) that provides intermediary banks with additional 
originator and beneficiary information, enabling them to 
perform sanctions screening and suspicious activity monitoring. 
In furtherance of these efforts, the Board issued guidance on 
the necessity for transparency and proper monitoring with 
respect to cross-border funds transfers. \2\ The guidance 
clarifies that financial institutions should not omit, delete, 
or alter information in payment messages or orders for the 
purpose of avoiding detection of that information by any other 
financial institution in the payment process. Also effective 
since 2009, the domestic wire transfer systems, Fedwire and 
Clearing House Interbank Payments System (CHIPS), have created 
similar message formats to improve transparency of cross-border 
payment messages.
---------------------------------------------------------------------------
     \2\ ``Transparency and Compliance for U.S. Banking Organizations 
Conducting Cross-Border Funds Transfers'' (November 19, 2009). 
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
    While the SWIFT message format for cover payments does not 
have a direct statutory basis, it is enforced by SWIFT against 
its members, and any institution that fails to provide the 
appropriate information or that processes a transaction without 
the appropriate information is subject to penalties imposed by 
U.S. regulators if the transaction does not conform with U.S. 
law.
    The Board participates in several organizations that are 
actively involved in enhancing the uniformity of cross-border 
anti-money laundering standards. In particular, Board is a 
member of the U.S. delegation to the FATF, which was 
established with the objective of creating and promoting a 
common set of anti-money laundering standards for incorporation 
into the legislative frameworks of its member countries. FATF 
Standard 16 is primarily concerned with ensuring financial 
institutions include relevant information with cross-border 
wire transfers, which includes accurate originator and required 
beneficiary information, as described in the standard. \3\
---------------------------------------------------------------------------
     \3\ For additional information, see http://www.fatf-gafi.org/
media/fatf/documents/recommendations/pdfs/FATF_Recommendations.pdf.

Q.6. Various international activities of these major banks, 
especially foreign correspondent banking and other means for 
cross-border funds transfer, have been recognized by Congress 
as special risk areas since at least 2001. What further steps 
should be taken to prevent the movement of illicit funds into 
and out of the U.S. through banks' non-U.S. branches in 
violation of U.S. law? What are your agencies doing 
specifically to address the myriad problems that have arisen in 
these areas, including by strengthening cooperation with 
foreign regulators who may be in a position to flag problem 
---------------------------------------------------------------------------
banks earlier for U.S. regulators?

A.6. The management of complex international banking businesses 
creates inherent risks, which must be mitigated through 
sophisticated enterprise-wide risk management and internal 
controls. These systems and controls should be reasonably 
designed by financial institutions to ensure that the 
institution has effective anti-money laundering procedures in 
place, including procedures to cover transactions involving its 
overseas affiliates. The Federal Reserve has issued guidance 
that highlights the importance of enterprise-wide risk 
management, and has taken supervisory action to ensure that the 
internationally active firms we supervise have appropriate 
controls in place. In many cases, we have enlisted the 
assistance of foreign regulators, including what was formerly 
the U.K. Financial Services Authority, to ensure that the 
supervised institution is meeting its responsibilities in its 
home country and other jurisdictions where our examining 
authority is limited.
    The Federal Reserve has placed particular emphasis on the 
importance of risk management in the context of correspondent 
banking activities. Examiners regularly evaluate whether a 
bank's compliance program can detect and report suspicious 
activity with respect to its foreign correspondent account 
relationships. In addition, we have prescribed advanced 
procedures for our examiners regarding specific money 
laundering risks for foreign correspondent banking activities, 
such as bulk shipments of currency, pouch activity, U.S. dollar 
drafts, and payable through accounts.
    Earlier this year, the FATF issued recommendations 
concerning the obligations of financial institutions with 
respect to customer due diligence (CDD). These new 
recommendations, which are based on input provided by the 
Federal Reserve and other members of the U.S. delegation to the 
FATF, emphasize that financial institutions must use CDD 
information to better understand customer behavior and query 
whether the customer relationship is being used for improper 
means. Through its participation at FATF, the Federal Reserve 
has encouraged our foreign regulatory counterparts to ensure 
that the financial institutions they supervise have the 
programs necessary to conduct CDD appropriately.
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR CRAPO
                     FROM JEROME H. POWELL

Q.1. International Coordination: The dangers of illicit global 
money must receive adequate and effective attention at the G20, 
IMF, World Bank, and foreign national levels.
    Do each of you, together with the Comptroller, at your 
particular levels of office, ever meet together to discuss and 
review BSA programs and policies, both domestically and abroad?

A.1. The Federal Reserve maintains an active dialogue with its 
regulatory counterparts regarding efforts to combat illicit 
financing in the U.S. banking system, both domestically and 
abroad. In addition to strengthening the compliance programs of 
U.S. financial institutions, we remain committed to making the 
supervision of internationally active banking organizations 
more effective and we have engaged in several efforts to 
achieve this important goal. The Federal Reserve also 
coordinates with foreign regulators as part of our enforcement 
program. For example, the Federal Reserve's recent enforcement 
action against HSBC involved participation from what was 
formerly the U.K. Financial Services Authority. Likewise, the 
ABN AMRO case involved De Nederlandsche Bank N.V. (the 
regulator of Dutch banks).
    On the domestic side, the Federal Reserve participates in 
the Federal Financial Institutions Examinations Counsel 
(FFIEC), which has an expansive Bank Secrecy Act and anti-money 
laundering (BSA/AML) working group that promotes high standards 
for bank examinations and compliance. The Federal Reserve, 
other FFIEC member agencies, and the Financial Crimes 
Enforcement Network (FinCEN) meet monthly to review and discuss 
supervisory issues and to share information regarding emerging 
risks and other matters regarding banking industry compliance 
with BSA/AML requirements. To further enhance the goals of the 
BSA working group, a broader set of Government agencies with 
supervisory and regulatory responsibilities under the BSA are 
routinely invited to participate in these discussions.
    The Federal Reserve also participates in the U.S. 
Department of the Treasury's Interagency Task Force on 
Strengthening and Clarifying the BSA/AML Framework (Task 
Force), which includes representatives from the Federal banking 
agencies, the Department of Justice (DOJ), Office of Foreign 
Asset Control (OFAC), FinCEN, the Commodity Futures Trading 
Commission (CFTC), and the Securities and Exchange Commission 
(SEC). The primary focus of the Task Force is to review the 
BSA, its implementation, and its enforcement with respect to 
U.S. financial institutions that are subject to these 
requirements, and to develop recommendations for ensuring the 
continued effectiveness of the BSA and efficiency in agency 
efforts to monitor compliance.

Q.2. How effective is the international compliance structure 
and how exposed are our financial system and individual 
institutions to cross-border enforcement challenges?

A.2. With respect to international coordination efforts, the 
Federal Reserve is a member of the U.S. delegation to the 
Financial Action Task Force (FATF). The FATF's primary 
objective is to set standards to promote the effective 
implementation of the AML framework in its member countries. As 
a member of the U.S. delegation to the FATF, the Federal 
Reserve continues to press for the strengthening of the 
international compliance framework and has contributed to the 
revised set of international standards for anti-money 
laundering compliance adopted by the FATF earlier this year. 
These standards are intended to create a global AML framework 
that is consistent across countries.
    The FATF also conducts regular peer reviews, or mutual 
evaluations, of its member countries' AML frameworks against 
the standards to facilitate compliance and a level playing 
field. The mutual evaluations are publicly available and 
identify specific deficiencies and opportunities for 
enhancement for each country. Once the FATF evaluates its 
member countries against the standards, it revises the 
standards to incorporate lessons learned and implement improved 
AML measures. Finally, the FATF has a structured process to 
enhance the AML frameworks of noncompliant countries, such as 
action plans, publishing lists of noncompliant countries, and 
engaging the countries' senior Government officials. These 
measures will help U.S. financial institutions to conduct 
appropriate due diligence of foreign correspondent accounts 
involving noncompliant countries.
    The Federal Reserve also coordinates internationally 
through the Basel Committee on Banking Supervision (BCBS). The 
BCBS provides a forum for regular cooperation on anti-money 
laundering matters, and has issued guidance in several key 
areas, such as transparency with respect to cross-border 
payments. On an institution-specific basis, Federal Reserve 
also participates in supervisory colleges with its foreign 
supervisory colleagues. These groups are intended to promote 
information sharing and discussion on a range of supervisory 
issues and emerging risks at the institution, including anti-
money laundering concerns.

Q.3. It appears that BSA regulations permit wire transfers to 
enter the U.S. with an incomplete originator field. Since that 
situation can potentially harm a U.S. bank--what should be done 
to address this issue?

A.3. Foreign banks that operate in countries without sanctions 
similar to those imposed by the United States have not always 
had in place the mechanisms to ensure transactions routed 
through the U.S. comply with U.S. law. In 1995, the Board and 
FinCEN issued a rule that requires U.S. financial institutions, 
at the initiation of a funds transfer, to collect and retain 
the name of the originator (and, if received with an incoming 
funds transfer order, the name of the recipient) on funds 
transfers in excess of $3,000. In 2009, based on transparency 
concerns raised by the Board and others, the Society for 
Worldwide Interbank Financial Telecommunication (SWIFT) adopted 
a new message format for cover payments (the MT 202 COV) that 
requires banks located outside the United States that send 
payments through or to the U.S. banking system to provide 
intermediary banks with originator and beneficiary information 
that enables them to perform sanctions screening and suspicious 
activity monitoring. In furtherance of these efforts, the Board 
issued guidance on the necessity for transparency and proper 
monitoring with respect to cross-border funds transfers. \1\ 
The guidance clarifies that financial institutions should not 
omit, delete or alter information in payment messages or orders 
for the purpose of avoiding detection of that information by 
any other financial institution in the payment process. Also 
effective since 2009, the domestic wire transfer systems, 
Fedwire and the Clearing House Interbank Payments System 
(CHIPS), have created similar message formats to improve 
transparency of cross-border payment messages.
---------------------------------------------------------------------------
     \1\ ``Transparency and Compliance for U.S. Banking Organizations 
Conducting Cross-Border Funds Transfers'' (November 19, 2009). 
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
    Through supervisory and enforcement efforts, the Board has, 
for many years, focused attention on the payment messages that 
accompany funds transfers. From a compliance standpoint, U.S. 
financial institutions routinely screen the information 
contained in cross-border payment messages to identify 
transactions that violate U.S. economic sanctions.
    The Board participates in several organizations that are 
actively involved in enhancing the uniformity of cross-border 
anti-money laundering standards. In particular, Board is a 
member of the U.S. delegation to the FATF, which was 
established with the objective of creating and promoting a 
common set of anti-money laundering standards for incorporation 
into the legislative frameworks of its member countries. FATF 
Standard 16 is primarily concerned with ensuring financial 
institutions include relevant information with cross-border 
wire transfers. This information includes accurate originator 
and required beneficiary information, as described in the 
standard. \2\
---------------------------------------------------------------------------
     \2\ For additional information, see http://www.fatf-gafi.org/
media/fatf/documents/recommendations/pdfs/FATF_Recommendations.pdf.

Q.4. Deferred Prosecution Agreements: The use of a Deferred 
Prosecution Agreement, or DPA, represents the continuation of a 
trend in enforcement matters in economic sanctions, export 
controls, and other matters. In opting for a DPA, companies may 
avoid criminal prosecution; in exchange, they assume ongoing 
responsibilities and risks. The DPA is open, on average, for 
about 18 months.
    If it sometimes takes years to uncover BSA violations and 
other bad behavior, how useful is the DPA as an enforcement 
tool?

A.4. Please see response for Question 6.

Q.5. What is an example of the lowest trigger for a violation 
of a DPA?

A.5. Please see response for Question 6.

Q.6. How long have DPAs been in place on financial institutions 
and has any resulted in a violated? What was the end result?

A.6. A Deferred Prosecution Agreement (DPA) is a tool of the 
law enforcement community. The Federal Reserve does not have 
the legal authority to impose criminal penalties against 
financial institutions for violations of the BSA/AML 
requirements or U.S. economic sanctions, and also does not use 
DPAs. The decision to use a DPA or any other criminal law 
enforcement tool rests solely with the DOJ. In cases where the 
DOJ has imposed a DPA on a financial institution supervised by 
the Federal Reserve, the institution is also typically required 
to abide by any orders we impose requiring the firm to take 
corrective measures, which provides an additional mechanism for 
enforcing our enforcement actions. Together, these actions 
result in an overall improvement to the firm's compliance 
program. The DOJ has imposed DPAs on institutions supervised by 
the Federal Reserve that are in place for as long as 5 years. 
Any institution found by the DOJ to be in breach of a DPA may 
be subject to criminal charges, or any civil or administrative 
charge that was not filed as a result of the agreement.

Q.7. Referrals and Examinations: Has either OCC or the Federal 
Reserve made any criminal referrals to Federal or other law 
enforcement officials as a result of examinations and, if so, 
what were the results?

A.7. The Federal Reserve routinely coordinates with the DOJ and 
State law enforcement, as appropriate, as part of our 
enforcement program. When requested by the DOJ or other Federal 
law enforcement authorities, the Federal Reserve provides 
support to criminal investigative authorities in connection 
with criminal investigations that are initiated as a result of 
these interagency contacts, consistent with applicable legal 
restrictions. For example, many of the enforcement cases the 
Federal Reserve has pursued involving violations of the BSA, 
the related AML rules, and U.S. economic sanctions, have 
involved a coordinated resolution with the DOJ and State 
criminal enforcement authorities. These include our case 
against Riggs Bank, ABN Amro, American Express, Credit Suisse, 
Barclays, Standard Chartered, and HSBC. These cases are among 
the largest, most complex enforcement cases in the BSA and U.S. 
sanctions area. Collectively, these cases have generated 
billions of dollars in fines paid to the U.S. Treasury.

Q.8. Have the results of any BSA examinations had any negative 
impact on a bank's CAMEL rating?

A.8. The Federal Reserve assesses the quality of an 
institution's BSA/AML compliance program and the results are 
reflected in the management or ``M'' rating component of the 
CAMELS rating system. For bank holding companies, the Board 
conducts an annual supervisory assessment of the firm on a 
consolidated basis. BSA deficiencies at the holding company or 
at a subsidiary bank are taken into account in determining the 
Risk Management rating contained in the Board's annual 
assessment. Specifically, BSA deficiencies are reflected in the 
Board's evaluation of the risk management practices, policies, 
and internal controls at the firm.

Q.9. Exam Consistency: The Committee understands that, in the 
interests of exam consistency, all of the Federal regulators 
now use the Federal Financial Institutions Examination Council 
or FFIEC manual for Bank Secrecy Act examinations.
    Are there differences in the manner of which each agency 
conducts its examinations? Particularly, is there a substantial 
difference in the manner so-called pillar violations or program 
violations are treated before there is movement to a formal 
enforcement action. If so, why?

A.9. Since 2005, the Federal banking agencies and State 
regulatory authorities have relied on the FFIEC manual as a 
tool for promoting consistency in the BSA/AML examination 
process for the banking organizations we supervise. These 
agencies meet regularly under the auspices of the FFIEC working 
group on BSA/AML to share their examination experiences, and we 
have revised the manual several times to further ensure 
consistency in the examination process. Differences in the 
examination approach taken by the Federal banking agencies are 
typically the result of differing risk profiles of the 
individual banking organizations we supervise.
    In 2007, the Federal Reserve and the other Federal banking 
agencies issued a policy, again on an interagency basis, on the 
application of our enforcement authority in the BSA/AML area. 
This policy explains when the banking agencies must issue a 
cease and desist order against a depository institution that 
fails to establish and maintain a BSA/AML program as required 
by the agencies' regulations. Under the agencies' regulations, 
an effective BSA/AML program must have four minimum elements or 
``pillars,'' including a system of internal controls to ensure 
ongoing compliance; independent testing of BSA/AML compliance; 
a designated individual responsible for managing BSA compliance 
(BSA compliance officer); and training for appropriate 
personnel. The enforcement policy was issued in 2007 to promote 
a consistent approach to agency enforcement of BSA/AML 
requirements and to make those standards more transparent to 
the industry.
    When an agency identifies a supervisory concern relating to 
a financial institution's BSA compliance program in the course 
of an examination or otherwise, the agency may communicate 
those concerns to the financial institution by various means. 
In the most serious cases, the Federal Reserve may take a 
formal enforcement action against an institution. The Federal 
Reserve has a longstanding practice of citing institutions for 
failing to establish or maintain one of the individual BSA 
pillars in formal enforcement actions (referred to as a ``sub-
part'' violation). Since the 1980s, the Board has had a 
specialized group in the Division of Bank Supervision that 
reviews BSA/AML examination findings and consults with 
examiners on enforcement actions to ensure that the Federal 
Reserve's enforcement responses are consistent with the policy 
statement, and through this review we ensure an appropriate 
supervisory response to deficiencies in a bank's BSA/AML 
compliance program, whether through a formal enforcement action 
or otherwise.

Q.10. OCC and Federal Reserve Practice: What is the practice of 
the OCC and Federal Reserve on prevention and resolution of 
deficiencies within its supervisory framework?

A.10. Please see response for Question 11.

Q.11. In the course of resolving deficiencies, has a member 
bank, or other entity, ever opted to leave either the national 
banking system or the Federal Reserve System rather than accept 
an enforcement document?

A.11. The Federal Reserve examines, on a regular basis, 
institutions for which we have been granted supervisory 
authority by Congress and, through that authority, reviews the 
programs financial institutions use to maintain compliance with 
BSA/AML requirements and U.S. economic sanctions. Enforcement 
measures may escalate depending on the nature, duration, and 
severity of the problem. Problems that cannot be corrected 
immediately will be formally reported to the institution in the 
examination report or in a supervisory letter as matters 
requiring management's attention and corrective action. These 
matters are presented to the institution's board of directors, 
which is charged with ensuring that management addresses and 
corrects them. Federal Reserve supervision staff will 
subsequently follow management's actions to ensure that the 
problem is corrected. If a problem requires a more detailed 
resolution or is more pervasive at an institution, the Federal 
Reserve may enter into a memorandum of understanding with the 
financial institution in which the board of directors commits 
to specific actions to correct the potentially unsafe and 
unsound banking practice or possible violations of laws or 
regulations. More serious deficiencies may result in a public 
enforcement against the institution such as a written 
agreement, a cease and desist order, and civil money penalties.
    Congress has placed significant restrictions on a bank's 
ability to change charters when subject to an enforcement 
action regarding a significant supervisory matter. Section 612 
of the Dodd-Frank Wall Street Reform and Consumer Protection 
Act generally prohibits charter conversions by an insured 
depository institution while the institution is subject to 
formal enforcement order issued by, or a memorandum of 
understanding entered into with, its current Federal banking 
agency, or a State bank supervisor with respect to a 
significant supervisory matter. The Federal Reserve and the 
Federal banking agencies have issued guidance to the 
institutions we supervise advising them of these restrictions. 
\3\
---------------------------------------------------------------------------
     \3\ Interagency Statement on Section 612 of the Dodd-Frank Act 
Restrictions on Conversions of Troubled Banks (November 26, 2012). 
Available at: http://www.federalreserve.gov/bankinforeg/srletters/
sr1216al.pdf.
---------------------------------------------------------------------------
    Where a depository institution attempts to evade a formal 
enforcement action by converting charters in advance of the 
action, under section 612, the current Federal banking agency 
will notify the prospective Federal banking agency supervisor 
of any ongoing supervisory or investigative proceedings that 
the current Federal banking agency believes are likely to 
result in a formal action in the near term with respect to a 
significant supervisory matter. Under these circumstances, the 
current Federal banking agency will provide the prospective 
Federal banking agency supervisor with access to all 
investigative and supervisory information relating to the 
proceedings.
                                ------                                


        RESPONSES TO WRITTEN QUESTIONS OF SENATOR WARREN
                     FROM JEROME H. POWELL

Q.1. The United States Government takes money laundering very 
seriously. A bank that launders drug money or terrorists' money 
can be shut down, \1\ and individuals in the bank can be banned 
from banking. \2\ In December, HSBC admitted to laundering at 
least $881 million for Colombian and Mexican drug cartels, and 
violating U.S. sanctions against Iran, Cuba, Libya, Sudan, and 
Burma. \3\ These were not one-time actions. The bank was warned 
over and over and told to fix the problem, and it didn't. It 
just kept making money by laundering money for drug dealers. 
\4\
---------------------------------------------------------------------------
     \1\ See, e.g., ``Annunzio-Wylie Anti Money Laundering Act of 
1992'', 1501-1507, Pub. L. 102-550, 106 Stat. 3680 (1992).
     \2\ 12 U.S.C. 1818(e) and (g).
     \3\ Dept. of Justice, Press Release, Dec. 11, 2012, available at: 
http://www.justice.gov/opa/pr/2012/December/12-crm-1478.html.
     \4\ Senate Permanent Subcommittee on Investigations, ``U.S. 
Vulnerabilities to Money Laundering, Drugs, and Terrorist Financing: 
HSBC Case History'', July 16, 2012, available at: http://
www.levin.senate.gov/download/?id=90fe8998-dfc4-4a8c-90ed-704bcce990d4.
---------------------------------------------------------------------------
    In the hearing, you noted that the threshold determination 
for revoking a bank's charter is dependent on prosecution and 
conviction, and you testified that the Justice Department makes 
determinations about when it is appropriate to prosecute. 
However, there are other tools available to hold accountable 
banks and bankers who engage in illegal activity, such as 
banning individuals from the banking industry. Could you please 
describe:
    Whether your agency has any regulation, guidance, policies, 
formal or informal, that guide when individuals should be 
banned from banking under 12 U.S.C. 1818(e) and (g). If so, 
please provide those documents.

A.1. Please see response for Question 3.

Q.2. Under what circumstances your agency has used 12 U.S.C. 
1818(e) and (g) in the past, including any actions taken 
against bankers in the largest financial institutions.

A.2. Please see response for Question 3.

Q.3. The process your agency does or would follow to use its 
authority under 12 U.S.C. 1818(e) and (g).

A.3. The Federal Reserve and other Federal banking agencies 
make decisions on whether to initiate actions to ban 
individuals from banking based on application of the statutory 
criteria to the facts of the particular case. To prohibit an 
individual from participating in the banking industry under 12 
U.S.C. 1818(e), the Federal Reserve must show that the 
individual engaged in an unsafe or unsound practice, breach of 
fiduciary duty or violation of law that resulted in losses or 
other harm to the institution or gains to the individual, and 
that involved personal dishonesty, or willful or continuing 
disregard for safety and soundness. 12 U.S.C. 1818(e)(1). 
Congress has also provided the Federal banking agencies with 
authority to prohibit insiders in cases involving violations of 
the Bank Secrecy Act (BSA) if such violation ``was not 
inadvertent or unintentional,'' or is aware that an 
institution-affiliated party has engaged in a criminal 
violation of the BSA or the anti-money laundering laws. 12 
U.S.C. 1818(e)(2). The Federal banking agencies may also 
suspend an institution-affiliated party who is charged with a 
felony involving dishonesty or a breach of trust or with a 
criminal violation of anti-money laundering laws, pending final 
resolution of the criminal charges. 12 U.S.C. 1818(g)(1). In 
these cases, we may also determine that the assessment of civil 
money penalties is appropriate against the individual.
    Because application of the statutory factors for a 
prohibition order is highly dependent on the individual factual 
record relating to a particular banker's conduct, we have not 
issued any general guidance or policies related to the exercise 
of this authority.
    An individual convicted of a criminal offense involving 
dishonesty or a breach of trust also is subject to the 
prohibitions set forth in section 19 of the Federal Deposit 
Insurance Act (FDI Act). 12 U.S.C. 1829. Section 19 prohibits 
a convicted person from directly or indirectly owning, 
controlling, or participating in the affairs of any insured 
depository institution, or a bank or savings and loan holding 
company in the United States without the consent of the Federal 
Depository Insurance Corporation (FDIC), in the case of an 
insured depository institution, or the Board in the case of a 
holding company. 12 U.S.C. 1829(a)(1). The regulators may not 
consent to such service or control by a person who has been 
convicted of certain types of crimes, such as a conviction for 
money-laundering, for 10 years from the date of the conviction. 
12 U.S.C. 1829(a)(2).
    In the past 5 years, the Federal Reserve has issued 44 
prohibition orders, including several orders that included an 
assessment of a civil money penalty, and notified more than 200 
individuals of their ban from banking under section 19. These 
actions involve individuals employed by several large financial 
institutions, including UBS, Bank of New York Mellon, American 
Express, CitiFinancial, Wells Fargo, SunTrust, and Regions. 
These prohibitions involved, among other things, instances of 
unauthorized trading activity, falsification of records, and 
other unsafe bank practices and violations of law.
    The Federal Reserve and the Federal banking agencies have 
issued rules of practice and procedures that govern prohibition 
and removal actions. 12 CFR 263 et seq. A copy of these 
regulations is attached. The Federal Reserve makes public all 
of its prohibition orders and posts them on its Web site at: 
www.federalreserve.gov/apps/enforcementactions/search.aspx.

Q.4. Attorney General Holder testified before the Judiciary 
Committee that he is ``concerned that the size of some of these 
institutions becomes so large that it does become difficult for 
us to prosecute them when, . . . if you do bring a criminal 
charge, it will have a negative impact on the national economy, 
perhaps even the world economy.''
    Can you explain how your efforts to ensure compliance with 
money laundering laws are affected when so many people--even 
the Attorney General of the United States--think it is 
``difficult to prosecute'' the biggest banks?

A.4. Please see response for Question 5.

Q.5. Are you worried that the size and interconnectedness of 
our Nation's largest financial institutions negatively affects 
your ability to enforce the law and reduces your leverage?

A.5. The Federal Reserve firmly believes that no institution is 
above the law or too large to be prosecuted for failure to 
comply with the law. Indeed, the Federal Reserve, which has 
authority to impose only civil penalties and orders, has on its 
own and in coordination with other law enforcement agencies, 
imposed a number of substantial fines and penalties against the 
largest, most complex financial firms using the enforcement 
authorities granted by Congress to the Federal banking 
agencies. In addition to fines, the Federal Reserve's 
enforcement actions required firms to implement the necessary 
firm-wide compliance risk management programs.

Q.6. At the hearing, Under Secretary Cohen and Governor Powell 
both testified that the Justice Department was in contact with 
their institutions regarding the HSBC case. Without reference 
to any particular case, can you describe the general or usual 
process for cooperation between your institution and the 
Justice Department regarding money laundering and Bank Secrecy 
Act issues? In particular:
    Which office or offices in the Justice Department contact 
your institution?

A.6. Please see response for Question 10.

Q.7. Which office or offices in your institution are contacted?

A.7. Please see response for Question 10.

Q.8. At what points in the enforcement process is your 
institution contacted?

A.8. Please see response for Question 10.

Q.9. What information is usually requested?

A.9. Please see response for Question 10.

Q.10. Are there are any formal or informal guidelines that are 
used for interagency cooperation on Bank Secrecy Act or Anti-
Money Laundering issues?

A.10. The Federal Reserve maintains close contact with multiple 
offices of the Department of Justice (DOJ). In cases involving 
potential money-laundering or BSA violations, the Board's Legal 
Division is typically in contact with the Asset Forfeiture and 
Money-Laundering Section (AFMLS) of the Criminal Division of 
the DOJ. The Board and the Reserve Banks also maintain contact 
with the local United States Attorney. For example, in the HSBC 
case the Board and the Reserve Bank legal departments 
maintained contact with the local United States Attorney's 
office, the District Attorney for New York County, and AFMLS. 
The Federal Reserve contacts the DOJ whenever we have reason to 
believe a criminal violation of the BSA has occurred. The Board 
also contacts Office of Foreign Assets Control (OFAC) and 
Financial Crimes Enforcement Network (FinCEN) as appropriate, 
as well as State prosecutors. The Federal Reserve provides 
support to criminal authorities investigating potential 
violations of the BSA, related anti-money laundering laws, and 
U.S. economic sanctions consistent with applicable legal 
restrictions. The kind of cooperation provided depends on the 
circumstances of the particular case. Typically, such 
assistance involves sharing supervisory information and 
expertise with staff from the criminal division of the DOJ and 
the local United States Attorney's office. The Federal Reserve 
makes its own decision whether to bring a civil enforcement 
case; the decision to file criminal charges in a particular 
case is fully within the discretion of the DOJ or other Federal 
agency with the authority to press criminal charges.
    The rules or procedures that govern our interagency 
cooperation efforts depend on the type of assistance requested 
by law enforcement. For example, requests made by law 
enforcement for supervisory information and other assistance 
are subject to the rules and procedures regarding the 
availability of supervisory information. 12 CFR 261.21. 
Conversely, the circumstances may require Federal Reserve staff 
to obtain access to Grand Jury information in order to lend our 
expertise on matters under consideration by the Grand Jury. 
Congress has prescribed a legal mechanism to facilitate the 
sharing of such information in these instances. 12 U.S.C. 
3322(b).

Q.11. The Federal Reserve has conducted a great deal of 
research around various topics in money laundering, including 
around compliance issues. As you know, the Federal Reserve has 
a unique ability to take a broader, deeper look at the industry 
and its practices, rather than focusing on a particular case.
    Has the Federal Reserve conducted any studies, similar to 
its private banking study, recently? If so, can you provide 
these studies?

A.11. Please see response for Question 13.

Q.12. Are there plans to conduct similar studies in the future?

A.12. Please see response for Question 13.

Q.13. Has the Federal Reserve conducted any studies of problems 
revealed during examinations on BSA issues? If so, can you 
provide these studies?

A.13. Since the Federal Reserve's efforts to highlight the 
illicit financing risks associated with private banking 
activities in 1996, we have continued to addresses perceived 
anti-money laundering vulnerabilities in the banking industry 
by developing supervisory guidance and making improvements to 
our examination procedures. For example, in 2008, the Federal 
Reserve issued supervisory guidance regarding firm-wide 
compliance expectations for large, complex banking 
organizations. \5\ A firm-wide compliance function that plays a 
key role in managing and overseeing compliance risk while 
promoting a strong culture of compliance across the 
organization is particularly important for large, complex 
organizations that have a number of separate business lines and 
legal entities that must comply with a wide range of applicable 
rules and standards. In 2009, based on transparency concerns 
raised by the Board and others, the Society for Worldwide 
Interbank Financial Telecommunication (SWIFT) adopted a new 
message format for cover payments (the MT 202 COV) that 
provides intermediary banks with additional originator and 
beneficiary information, enabling them to perform sanctions 
screening and suspicious activity monitoring. In furtherance of 
these efforts, the Board issued guidance on the necessity for 
transparency and proper monitoring with respect to cross-border 
funds transfers. \6\
---------------------------------------------------------------------------
     \5\ S.R. 08-8, ``Compliance Risk Management Programs and Oversight 
at Large Banking Organizations With Complex Compliance Profiles'' 
(October 18, 2008). Available at: www.federalreserve.gov/boarddocs/
srletters/2008/SR0808.htm.
     \6\ ``Transparency and Compliance for U.S. Banking Organizations 
Conducting Cross-Border Funds Transfers'' (November 19, 2009). 
Available at: www.federalreserve.gov/boarddocs/srletters/2009/
sr0909al.pdf.
---------------------------------------------------------------------------
    The Federal Reserve's expectations in the area of firm-wide 
compliance have been incorporated into the procedures utilized 
by the member agencies of the Federal Financial Institutions 
Examination Council (FFIEC) for conducting compliance 
examinations under the BSA and anti-money laundering (BSA/AML) 
rules and regulations. The Federal Reserve has not conducted 
any special studies; however, we have recently begun working 
with the FFIEC member agencies to identify additional areas of 
concern that require heightened attention by the banking 
organizations we supervise, based on our examination 
experience, and will incorporate the results of this effort as 
part of our continuing effort to update our examination 
procedures.
    Currently, as a member of the U.S. Department of the 
Treasury's Interagency Task Force on Strengthening and 
Clarifying the BSA/AML Framework (Task Force), the Federal 
Reserve is engaged in a review of the BSA, its implementation, 
and its enforcement with respect to U.S. financial institutions 
that are subject to these requirements. The Task Force will 
develop recommendations for ensuring the continued 
effectiveness of the BSA and efficiency in agency efforts to 
monitor compliance.
                                ------                                


       RESPONSES TO WRITTEN QUESTIONS OF SENATOR HEITKAMP
                     FROM JEROME H. POWELL

Q.1. As all of you mentioned, the sophistication and 
determination of money launderers, terrorist financiers, and 
other criminals has evolved and changed as they find ways to 
gain access to our institutions. How can we support smaller 
institutions that cannot afford to put the same programs in 
place as the large banks? In your examinations, have you 
noticed vulnerabilities on a large scale?

A.1. Financial institutions are expected to maintain a Bank 
Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program 
scaled to the specific risk profile of the institution. An 
institution's risk profile involves factors such as the size of 
the banking organization, the products and services it offers, 
and the markets it serves. Consequently, the risk profile for a 
smaller community banking organization will be different than 
that of a large, complex banking organization with 
international operations, and the examination process will be 
tailored in accordance with that profile. The Federal Reserve 
understands that some community banks may not share the same 
level of risk and resources as their larger peers. When 
determining the depth of a BSA/AML review, our examiners 
consider the institution's risk profile, history of BSA/AML 
compliance, and emerging risks in the markets it serves.
    While the majority of the institutions supervised by the 
Federal Reserve have well-administered programs for complying 
with the BSA, there have been occasions when examiners have 
raised concerns with the programs maintained at smaller 
institutions. For example, in 2012, the Federal Reserve issued 
a Cease and Desist Order against Asian Bank, Philadelphia, 
Pennsylvania, for BSA compliance deficiencies and required the 
bank's management maintain effective control over, and 
supervision of the bank's BSA/AML compliance program. The 
Federal Reserve and the member agencies of the Federal 
Financial Institutions Examination Council (FFIEC) have 
developed a uniform manual for examining the programs used by 
banking organizations to maintain compliance with the BSA/AML 
rules and regulations. Examinations are based on the broad 
principle that an effective BSA/AML compliance program requires 
sound risk management. This FFIEC BSA/AML examination manual 
also provides guidance that smaller institutions can use to 
identify and control these risks. The manual undergoes periodic 
revisions to ensure it is relevant and responds appropriately 
to risks identified by examiners or law enforcement, and that 
those procedures apply to those specific institutions that 
carry those risks.
