The high cost of BSA and anti-money laundering violations

We in NAFCU’s regulatory compliance department are constantly reminded of the seriousness of the Bank Secrecy Act (BSA). The Financial Crimes Enforcement Network (FinCEN) does not play around when it comes to compliance with its anti-money laundering rules. Compliance failures have resulted in some pretty high penalties assessed by FinCEN and other regulators. We know credit unions are serious about BSA compliance, but just in case you need a reminder, here are some of the more serious compliance failures under recent BSA and Office of Foreign Assets Control (OFAC) requirements, and they have exacted heavy costs:

• In March 2015, Commerzbank AG, a global financial institution based in Frankfurt, Germany, agreed to forfeit $563 million, pay a $79 million fine and enter into a deferred prosecution agreement with the Justice Department, a settlement agreement with the Treasury Department’s OFAC and a consent cease-and-desist order with the Federal Reserve. This all-hands-on-deck response was prompted by Commerzbank knowingly and willfully moving around $263 million through the U.S. financial system on behalf of sanctioned entities in Iran and Sudan, using a system known as cover payments. There was even an internal email warning employees to “under no circumstances” tell the New York office about the Iranian connection. BSA violations included poor to no “know your customer” due diligence or reporting of suspicious activity.
• In June 2015, FinCEN fined a West Virginia bank $4.5 million after finding it had processed more than $9.2 million in structured and suspicious cash transactions between 2008 and 2012. The Bank of Mingo, with $94 million in assets, had failed to file 619 currency transaction reports (CTRs) – 438 of which were all related to one corporate customer.
• In February, FinCEN announced a $4 million civil money penalty against Gibraltar Private Bank and Trust Company, of Coral Gables, Fla. Despite being warned about its subpar compliance program in 2010, Gibraltar failed to monitor and detect suspicious activity, disregarding repeated red flags, and failed to properly file at least 120 suspicious activity reports (SARs) involving almost $558 million in transactions, between 2009 and 2013. This included transactions related to a $1.2 billion Ponzi scheme led by a Florida-based attorney. In some cases, Gibraltar filed SARs years after the suspicious activity had already occurred.
• In April, FinCEN fined a Nevada casino $1 million for egregiously and willfully violating AML requirements. FinCEN found that Sparks Nugget Inc. routinely disregarded warnings from the employee responsible for BSA compliance and did not file SARs for activity that she flagged. Sparks even failed to file a SAR after a county official was convicted of embezzling at least $2.2 million and gambling with half of it at the casino.

Unfortunately, NAFCU’s BSA Seminar in October is already sold out, but credit union professionals looking for more compliance training can still reserve spots at the Regulatory Compliance Seminar, set for Oct. 25-28 in New Orleans. You’ll get an overview of all the compliance hot topics facing the industry, including BSA issues, and have an opportunity to earn all the credits needed for recertification as a NAFCU Certified Compliance Officer (NCCO). We also encourage credit union professionals to follow our quarterly BSA Blast publication for more stories of BSA fails and tips on how to stay on top of compliance issues.

Learn from the mistakes of others and make sure your credit union is a BSA success story!