When Head Office Tells You “How to be Compliant”

For foreign branches conducting business in the U.S., head office can sometimes be both Dr. Jekyll and Mr. Hyde. On occasion this has proved to be a problem. At times banks are faced with a bureaucracy of business, which can get in the way, and sometimes they can be pressured to make decisions with the business in mind absent of compliance. Many banks consider head office to be low risk, but they may not be as low risk as perceived. For these institutions, that was the reason for their subsequent consent orders, or at least in part. I’ll give three examples of the institutions that faced this challenge, what happened with each, what action the bank faced, and the message of hope.

Bank one: Standard Chartered

Standard Chartered (SCB), which is headquartered in Britain, found themselves in BSA hot water in 2012 with their consent order. Among the violations, “From at least January 2001 through 2007, SCB provided U.S. dollar clearing services to Iranian state and privately owned banks, corporations and individuals. In processing transactions on behalf of its Iranian customers, SCB removed or omitted Iranian information from U.S. dollar wire payment messages through a practice known internally at SCB as “repair”, which was designed to help SCB compete for Iranian business and to avoid potential processing delays.” (NYSD, 2012).

Since the exam found that there was a “repair” practice in place at the bank, the allegation was that it was a practice known to or provided by management. Standard Chartered agreed to pay $340 million dollars, and an independent compliance monitor was instituted at the NY branch for two years to review their program in place at that time and the subsequent adjustments that were made in light of the consent order.

Bank two: Commerzbank

Commerzbank is headquartered in Frankfurt, Germany, and received a consent order for a number of BSA violations. They “maintained ineffective compliance procedures relating to due diligence on its foreign branches and its customers, failed to share information about customers or transactions necessary for BSA/AML compliance with the appropriate New-York based compliance personnel, and constructed its monitoring processes and tools so as to reduce the number of alerts that would be generated and require further investigations.” (NYSD, 2015). They “failed to maintain accurate records” or “did not have access to the customer information necessary to investigate the alert”, and “overseas personnel, however, did not respond to those requests for…many months or sent inadequate or insufficient responses” (NYSD, 2015). Further, “in some instances, when compliance personnel in New York attempted to strengthen transaction monitoring filters, business personnel in Frankfurt overruled those efforts” NYSD, 2015).

Again, decision makers outside of the U.S. made a decision for the U.S. business that at the least fell short of compliance. Commerzbank agreed to pay over $610 million dollars for their wrong-doing and terminate the employees involved who were not already gone. Still, the bank faces an independent monitor sitting in each day for the next two years, and the distrust of the U.S. financial system.

Bank three: BNP Paribas

For BNP Paribas (BNPP), which is headquartered in France, there were a number of violations on their consent order, including U.S. dollar denominated transfers through U.S. banks for sanctioned countries and specially designated nationals, allowing access to the U.S. financial system. With regard to the Bank Secrecy Act (BSA) violations, “In 2004, BNPP executives from its Paris headquarters and its Geneva branch met on the subject of the U.S. embargoes “against sensitive countries (Sudan, Libya, Syria…)” and their impact on BNPP’s business. To shield the NY Branch from potential regulatory enforcement actions, BNPP officials fashioned a solution whereby BNPP Geneva would use an unaffiliated U.S. bank to conduct illicit U.S. dollar-denominated transactions for sanctions parties.” (NYSD, 2014).

At the decision of someone outside of the U.S., BNP Paribas engaged in illegal activity, and whether willfully or not the group head of compliance was laid to blame for the decisions that BNP executives in Paris and Geneva made for their U.S. business. In the end, the group head of compliance was terminated, BNP Paribas was fined $3.2 billion dollars for this consent order and an independent monitor was implemented at the NY branch location for two years.

The similarities between these examples and the message of hope

In each case above, the bank participated to some degree in the wrongdoings that were taking place. Whether blatantly and willfully or by lacking a robust AML program and omitting the truth, these banks were competitive businesses in the financial industry that lost focus of their AML compliance program and they suffered. Just using these banks as a sampling of the consent orders, especially in the case of foreign banks though certainly not limited to, the focus of revenue trumps compliance. This is a common struggle in every type of institution. Theoretically, someone in management is making a decision that will affect the institution, whether in fines or termination, and the regulating bodies have to increase the pressure of the punishment to make a point.

However, with all of that said and as meek as a picture that may paint there is hope. For everyone else, it is a much less costly lesson to watch someone else go through it. As a compliance professional it is your job to remind management, the board, whoever questions your expertise on AML compliance what the institution will face at minimum for such a decision. It is your job to hold the compliance regulations for their institution. Regardless of the size of your institution, you were hired to be the AML compliance expert so be prepared to fight with real-life examples of what is happening around you, and therefore what could happen. Unfortunately, that also leaves the door open for either you to leave or be encouraged to leave because you don’t see eye-to-eye, but not only is your career in jeopardy if you stay through a decision similar to any of these, you could personally be fined for the decisions.

Conclusion

The facts as presented by these three institutions, points to a larger problem, and the hardest to contend with on a daily basis. At times head office is putting pressure on the U.S. branch to conduct business for revenue reasons, but seeing that head office has arguably too much influence they are not a low-risk customer to the U.S. business. Unfortunately, the compliance professional(s) is held accountable for the bank’s actions, whether or not they participated willfully, but there is a guiding light. As the compliance professional, you must be steadfast in your resolve to uphold compliance despite any influences. Perhaps look at head office more closely, scrutinize the KYCC (Know Your Customer’s Customer) of head office and do not de-risk head office. Their influence of the branch for business reasons gives them too much control, and in the end could cost them and you more than the revenue business.

References

New York State Department of Financial Services. (2014, June 29). BNP Paribas, S.A., New York Branch Consent Order Under New York Banking Law § 44. http://www.dfs.ny.gov/about/ea/ea140630.pdf

New York State Department of Financial Services. (2015, March 12). Commerzbank AG, Commerzbank AG New York Branch Consent Order Under New York Banking Law §§ 39 and 44. http://www.dfs.ny.gov/about/ea/ea150312.pdf

New York State Department of Financial Services. (2012, August 6). Standard Chartered Bank, New York Branch Consent Order Under New York Banking Law § 44. http://www.dfs.ny.gov/about/ea/ea120921.pdf

If you would like to know more about ARC Risk and Compliance or our services, please contact us.

Facebooktwitterlinkedin