THE FIGHT AGAINST FINANCIAL CRIMES AND ITS EFFECT ON THE CHIEF COMPLIANCE OFFICER
How proposed New York regulations and the Department of Justice may hold CCOs personally liable
Sara K. WeedGlobal Banking and Payments Systems Practice GroupPaul Hastings, LLP
2
PENDING NEW YORK REGULATIONS
The “Compliance Officer Certification of Effectiveness”
3OVERVIEW
New York’s proposed regulations are driven originally by concerns regarding terrorist financing
“Money is the fuel that feeds the fire of international terrorism…[I]t is especially vital that banks and regulators do everything they can to stop that flow of illicit funds.”
- Governor Andrew Cuomo
4OVERVIEW
New York Department of Financial Services (the “Department”) conducted a series of investigations into terrorist finance and compliance issues
The Department identified shortcomings regarding transaction monitoring and filtering
Additionally, found a lack of robust governance and oversight at the senior levels of management
5OVERVIEW
The Department responded with new proposed regulation: Part 504 Banking Division Transaction Monitoring and Filtering Program Requirements and Certifications
First, the proposed regulation sets forth minimum requirements for anti-money laundering transaction monitoring systems and watch list filtering systems
Second, it requires chief compliance officers of banks and money transmitters to annually certify that their monitoring and filtering programs are in compliance
Could hold CCOs of banks and money transmitters personally and criminally liable for the effectiveness of these programs
6COVERED INSTITUTIONS
Two types of entities would be affected by this regulation:
“Bank Regulated Institutions,” meaning all banks, trust companies, private bankers, savings banks, and savings and loan associations chartered by the Department and all branches and agencies of foreign banking corporations licensed by the Department
“Nonbank Regulated Institutions,” money transmitters and check cashers licensed by the Department
7CURRENT COMPLIANCE OBLIGATIONS
Federal rules require financial institutions to report suspicious activity above certain dollar thresholds to the federal government in the form of Suspicious Activity Reports (“SARs”)
Office of Foreign Assets Control (“OFAC”) Rules generally prohibit persons from engaging in transactions involving the targets of OFAC sanctions
Financial institutions must screen transaction participants against lists of sanctions targets to ensure the proper transactions are blocked
8SHORTCOMINGS OF CURRENT OBLIGATIONS
Do not specify the exact steps for institutions. Currently only say institutions need a program “reasonably designed to satisfy the requirements”
No certification requirement
The proposed New York regulation aims to cure this by: (1) requiring monitoring systems with specific features; and (2) holding individuals accountable for AML and sanctions
compliance failures
9
PENDING NEW YORK REGULATION
Transaction Monitoring and Watch List Filtering Program Requirements – PART ONE
10TRANSACTION MONITORING PROGRAM REQUIREMENTS (1 OF 2)
1. Be based on the Risk Assessment of the institution;
2. Reflect all current BSA/AML laws, regulations, and alerts, as well as any relevant information available from the institution’s related programs and initiatives;
3. Map BSA/AML risks to the institution’s businesses, products, services, and customers/counterparties;
4. Utilize BSA/AML detection scenarios that are based on the institution’s Risk Assessment with threshold values and amounts set to detect potential money laundering or other suspicious activities;
11TRANSACTION MONITORING PROGRAM REQUIREMENTS (1 OF 2)
5. Include an end-to-end, pre- and post-implementation testing of the Transaction Monitoring Program, including governance, data mapping, transaction coding, detection scenario logic, model validation, data input and Program output, as well as periodic testing;
6. Include easily understandable documentation that articulates the institution’s current detection scenarios and the underlying assumptions, parameters and thresholds;
7. Include investigative protocols detailing how alerts generated by the Transaction Monitoring Program will be investigated, the process for deciding which alerts will results in a filing or other action, who is responsible for making such a decision, and how investigative and decision-making processes will be documented; and
8. Be subject to an on-going analysis to assess the continued relevancy of the detection scenarios, the underlying rules, threshold values, parameters and assumptions
12
“Watch List Filtering Program” to be maintained for the purpose of interdicting prohibited transactions
Both the Transaction Monitoring Program and Watch List Filtering Program must include various safeguards and oversight, as well as receive adequate staffing and funding
ADDITIONAL REQUIREMENTS
13
PENDING NEW YORK REGULATION
Annual Certification of Compliance – PART TWO
14CERTIFICATION REQUIREMENTS
Must attest that “to the best of their knowledge” that:1) Monitoring and filtering programs comply with the
requirements2) He or she reviewed the programs
Certification performed by the Chief Compliance Officer or equivalent
Submitted annually
15POTENTIAL RISK: SUBJECTIVITY
The CCO must attest not only that there are controls in place, but that the controls all comply
This is especially significant because some of the requirements have subjective components For example, the detection scenarios must be “easily
understandable”
A CCO who, in good faith, believes the subjective requirements are satisfied may still be held liable if the Department takes a different view
16CONSEQUENCES FOR NON-COMPLIANCE
Large fines for the institution
A CCO who files an incorrect or false certification may be subject to fines and criminal penalties
Additionally, there is no intent standard for imposing these penalties
17
PERSONAL LIABILITY FOR CHIEF COMPLIANCE OFFICERS: A CASE STUDY
MoneyGram International Inc.
18OVERVIEW
MoneyGram received thousands of complaints in the mid-2000s from consumers claiming to be victims of fraud
Various scams were utilized
The scammers had the victims use MoneyGram’s transfer system to send them money
From 2004 to 2009, the DOJ reports fraud totaling at least $100 million
19MONEYGRAM’S ROLE
MoneyGram failed to terminate agents it knew were involved
The Fraud Department would identify specific agents involved in the fraud scheme and recommend termination to management
The executives in control of termination included the Sales Department and the Fraud Department
The agents were not terminated
20INEFFECTIVE ANTI-MONEY LAUNDERING PROGRAM
The DOJ claimed MoneyGram had a systematic, pervasive, and willful failure to meet its AML obligations under the Bank Secrecy Act
Claimed they failed in a number of ways, including: Allowing the Sales Department to have a significant influence on
termination recommendations Not filing SARs on agents they knew were involved in fraud Underfunding and understaffing its AML program
21CONSEQUENCES FOR MONEYGRAM
MoneyGram entered into a deferred prosecution agreement with the DOJ in 2012, in which it admitted to criminally aiding and abetting wire fraud and failing to maintain an effective anti-money laundering program
MoneyGram forfeited $100 million
22CHIEF COMPLIANCE OFFICER UNDER FIRE
FinCEN has already assessed a $1 milllion penalty against the MoneyGram CCO, Thomas Haider
The DOJ for the Southern District of New York and FinCENhave filed a complaint against the CCO, seeking to enforecethe FinCEN penalty and bar him from working in the financial industry
23CHIEF COMPLIANCE OFFICER UNDER FIRE
The complaint alleges that Haider willfully violated the Bank Secrecy Act by failing to ensure that MoneyGram:
Implemented and maintained an effective AML program
Filed timely suspicious activity reports when it knew, suspected, or had reason to suspect that third parties were using its money transfer service for criminal activity
24CHIEF COMPLIANCE OFFICER UNDER FIRE
The complaint notes supervisory failures as well as actual knowledge of fraud
To illustrate this, the following situation was highlighted: Haider was personally on notice that the Toronto Police
Department regarded an agent to be a fraud outlet. MoneyGram’s own Fraud Department identified it as such and
recommended its termination. Despite this recommendation, the agent was not terminated.
25PENALTIES
FinCEN assessed a $1 million civil penalty against the CCO
Haider is potentially barred from working in the financial industry in the United States
20 OfficesACROSS ASIA, EUROPE AND NORTH AMERICA
1 Legal TeamTO INTEGRATE WITH THE STRATEGIC
GOALS OF YOUR BUSINESS
EUROPE
BrusselsFrankfurtLondonMilanParis
ASIA
BeijingHong Kong
SeoulShanghai
Tokyo
27
NORTH AMERICA
AtlantaChicagoHouston
Los AngelesNew York
Orange CountyPalo Alto
San DiegoSan Francisco
Washington, D.C.
For further information, you may visit our home page atwww.paulhastings.com or email us at [email protected]
www.paulhastings.com ©2015 Paul Hastings LLP
NORTH AMERICA EUROPE ASIAAtlanta1170 Peachtree Street, N.E.Suite 100Atlanta, GA 30309t: +1.404.815.2400f: +1.404.815.2424
Chicago71 S. Wacker DriveForty-Fifth FloorChicago, IL 60606t: +1.312.499.6000f: +1.312.499.6100
Houston600 Travis StreetFifty-Eighth FloorHouston, TX 77002t: +1.713.860.7300f: +1.713.353.3100
Los Angeles515 South Flower StreetTwenty-Fifth FloorLos Angeles, CA 90071t: +1.213.683.6000f: +1.213.627.0705
New York75 East 55th StreetFirst FloorNew York, NY 10022t: +1.212.318.6000f: +1.212.319.4090
Orange County695 Town Center DriveSeventeenth FloorCosta Mesa, CA 92626t: +1.714.668.6200f: +1.714.979.1921
Palo Alto1117 S. California AvenuePalo Alto, CA 94304t: +1.650.320.1800f: +1.650.320.1900
San Diego4747 Executive DriveTwelfth FloorSan Diego, CA 92121t: +1.858.458.3000f: +1.858.458.3005
San Francisco55 Second StreetTwenty-Fourth FloorSan Francisco, CA 94105 t: +1.415.856.7000f: +1.415.856.7100
Washington, D.C.875 15th Street, N.W.Washington, D.C. 20005t: +1.202.551.1700f: +1.202.551.1705
BrusselsAvenue Louise 480-5B1050 BrusselsBelgiumt: +32.2.641.7460f: +32.2.641.7461
FrankfurtSiesmayerstrasse 21D-60323 Frankfurt am MainGermanyt: +49.69.907485.0f: +49.69.907485.499
LondonTen Bishops SquareEighth FloorLondon E1 6EGUnited Kingdomt: +44.20.3023.5100f: +44.20.3023.5109
MilanVia Rovello, 120121 MilanoItalyt: +39.02.30414.000f: +39.02.30414.005
Paris96, boulevard Haussmann75008 ParisFrancet: +33.1.42.99.04.50f: +33.1.45.63.91.49
Beijing19/F Yintai Center Office Tower2 Jianguomenwai AvenueChaoyang DistrictBeijing 100022, PRCt: +86.10.8567.5300f: +86.10.8567.5400
Hong Kong21-22/F Bank of China Tower1 Garden RoadCentral Hong Kongt: +852.2867.1288f: +852.2526.2119
Seoul33/F West Tower Mirae Asset Center126, Eulji-ro 5-gil, Jung-gu, Seoul, 04539, Koreat: +82.2.6321.3800f: +82.2.6321.3900
Shanghai43/F Jing An Kerry Center Tower II1539 Nanjing West RoadShanghai 200040, PRCt: +86.21.6103.2900f: +86.21.6103.2990
TokyoArk Hills Sengokuyama Mori Tower40th Floor, 1-9-10 Roppongi Minato-ku, Tokyo 106-0032 Japant: +81.3.6229.6100f: +81.3.6229.7100
OUR OFFICES 28