Open for Business: Pressures Mount on Financial Institutions to Meet Their Compliance Obligations

Posted on 11-10-2014 by
Tags: Real Law

Brought to you by the Real Law Editorial Team

Think about transparency for a moment. As a property of physical objects, it is easy to define and understand. According to Merriam-Webster, for example, it’s the result of light that is transmitted “without appreciable scattering so that bodies lying beyond are seen clearly.”

We might be less certain about the word when it takes the form of a concept and, specifically, it is intended to convey the outcome of human activity, as in “free from pretense or deceit” or “characterized by visibility or accessibility of information.” Those qualities are more subjective.

Indeed, they require further definitions or standards (what is minimally acceptable to establish information accessibility?) and can even tempt philosophical musing (what amounts to pretense or deceit, and are the concepts fixed or dependent on circumstances?).

For organizations and businesses, regulators and other public bodies usually set the rules establishing what transparency means—and why it is desired or necessary.

Those rules acknowledge a need for consistency and fairness in their application, but they also suggest something else: transparency is not a natural reflex or state in many spheres of human endeavor. If it were otherwise, it would not need mandating or qualifying.

Moreover, the existence of external rules—and a requirement for compliance with them, resulting in penalties if they are not followed in prescribed ways—means that achieving transparency requires additional work.

And the more complex the rules are, the more work is necessary to comply with them.

No Longer an Option

For representatives of financial institutions or other businesses that handle or move money, the rules designed to impose desired levels of transparency and compliance are extremely complex. In particular, the Bank Secrecy Act, or BSA—the common name given to a series of statutes and regulations that form the country’s anti-money laundering (AML) and countering the financing of terrorism laws—can create a formidable amount of work for many organizations.

At the same time, agencies responsible for those rules are increasing their focus on strict and aggressive compliance enforcement. Regulators are also placing emphasis not just on institutions for BSA/AML violations, but on individual directors, executives and employees as well.

What’s obvious is that deep thinking about transparency, along with action to ensure that it is an integral part of an institution’s culture, is no longer an option.

“There’s a loud and clear message that organizations need to take this seriously,” says Nelson F. Everhardt, a former senior vice president and corporate compliance executive for Bank of America who now acts as an independent consultant and is a frequent speaker at global industry and government conferences.

“It sweeps across the entire franchise too, so it’s a big deal,” he adds. “In fact, it’s one of the riskiest issues that financial institutions face. So there has to be that culture of compliance, starting at the very top of organizations, that endorses, supports and nurtures it with fervor.”

Looking at Patterns

Everhardt’s arguments for robust and effective compliance programs are supported by a growing body of news stories that underscore the seriousness of failing to comply with BSA/AML regulations.

In January 2014, for example, JPMorgan Chase & Co. agreed to pay almost $2.6 billion in a settlement related to Bernard Madoff’s multi billion-dollar Ponzi scheme. The agreement included a $350 million civil penalty in a matter brought by the Office of the Comptroller of the Currency. In addition, the bank was criminally charged with two violations of the BSA and acknowledged that it had turned a blind eye to suspicions about Madoff’s financial operation for years.

That case topped a December 2012 admission by HSBC Holdings PLC that it had violated the BSA, the Trading with the Enemy Act and other laws intended to prohibit money laundering, which resulted in a $1.9 billion settlement with U.S. authorities. The deal included a civil fine of more than $650 million.

Other accounts might lack the same dramatic punch or the gravity that comes with such enormous penalties or sanctions. But that doesn’t take away from the impression that BSA/AML violations are ongoing and widespread across the financial industry—to the dismay of many people, including Everhardt.

Even so, he isn’t surprised by it. In fact, Everhardt sees a pattern in events that usually lead to banks and other financial institutions getting into trouble with regulators.

“When you look back at these incidents,” he explains, “often what you see is that many banks had a stellar compliance program at one point. But they let it slip, particularly after the financial crisis started in 2008, when suddenly they had a lot of other things on their minds. The problem is, when those programs start breaking—maybe through new management, mergers and acquisitions, complacency or whatever—you can get into trouble very quickly.”

Meanwhile, regulators continue to come down hard on institutions and individuals who fail to keep up with compliance requirements.

“I don’t think you’re going to see a let-up on any of this,” says Everhardt.

Staying Away From Bad Guys

Of course, all that scrutiny will come with an added price for many financial institutions that already spend a significant amount of time and money to balance risks and ensure that they are operating with transparency.

In fact, according to Citigroup Inc., the third-largest U.S. bank, the finance industry could spend as much as $10 billion annually in coming years on anti-money laundering and know-your-customer programs.

“Companies must spend massively to keep up with regulation and stay ahead of the bad guys,” declared James Forese, the bank’s co-president, while speaking at a conference in September 2014. Yet he also acknowledged in his remarks: “Compliance and control measures are not optional—they are our industry’s license to do business.”

Aggressive enforcement activities by government agencies have also caused significant cost increases in compliance programs at many mid-sized and small community banks, credit unions and other organizations.

Still, regulators worry that complacency or lack of awareness in some of those institutions could account for many of the BSA/AML shortcomings that have triggered recent civil and criminal enforcement actions.

“It has always been the situation among some community bankers that they feel, ‘Hey, these bad things, they happen to Bank of America, JPMorgan Chase or Citibank. They don’t happen here.’ But they do,” says Everhardt.

The same might be said about casinos, insurance and armored car companies, money services businesses and many others subject to the same reporting requirements. Not everyone is fully on board yet with the need for organizational compliance.

Meanwhile, there are concerns that the regulations could limit innovation in some areas. As The Wall Street Journal reported recently, “While marijuana businesses aren’t required to implement specific anti-money laundering systems, banks will likely want to see that a business in this field has strict controls before taking it on as a client.”

In fact, few banks or credit unions seem willing to take on legitimate grow-op companies, but that may change given the expanding prospects of the cannabis industry.

Virtual currencies such as Bitcoin represent another gray area. It’s unclear to many bankers and others how the technology behind a decentralized, digital payment system actually works. That, along with fears that virtual currencies may be used to further criminal or terrorist activities, has contributed to many institutions refusing to deal with businesses that have embraced the new way of conducting global financial transactions.

Practical Steps for Promoting a Culture of Compliance

Fear, uncertainty and doubt, combined with a healthy respect for bottom lines and pressures from boards and shareholders, may explain why some financial institutions continue to have less than ideal track records when it comes to their compliance programs.

Shortcuts are also often the result of a lack of awareness about the extent of an organization’s obligations, or the product of difficulties encountered while attempting to build or maintain a coherent and effective compliance program.

Finally, belief in the level of commitment required to achieve compliance may be lacking at various levels within an institution—most noticeably at the top.

To address those factors, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued an advisory to U.S. financial institutions in August 2014. It describes six crucial elements that it says are necessary to establish and promote a culture of compliance in organizations.

According to FinCEN, an organization can strengthen its BSA/AML readiness by ensuring that:

  1. Its leadership actively supports and understands compliance efforts
  2. Efforts to manage and mitigate BSA/AML deficiencies and risks are not compromised by revenue interests
  3. Relevant information from the various departments within the organization is shared with compliance staff to further BSA/AML efforts
  4. The institution devotes adequate resources to its compliance function
  5. The compliance program’s effectiveness is ensured by, among other things, testing by an independent and competent party
  6. Its leadership and staff understand the purpose of its BSA/AML efforts and how its reporting is used by regulatory and law enforcement agencies

“It’s pretty clear what banks and others need to do,” says Everhardt, who has covered the same key messages that FinCEN outlined in its advisory while writing about practical aspects of implementing BSA/AML compliance and as a regular host of Webinars on the subject.

The number-one action item for those who have yet to heed those key messages? Start doing so now, or potentially risk hefty organizational—and even personal—consequences.

If you found the above article to be helpful, you may be interested in the following information: