Money Laundering Controls Scrutinized

Banks Review AML Practices in Wake of Action Against SCB
Money Laundering Controls Scrutinized

New York state officials are demanding answers from a New York branch of London-based Standard Chartered Bank that it accuses of handling more than $250 billion in illegal Iranian transactions.

See Also: Defense Strategies for Advanced Threats: Breaking the Cyber Kill Chain with SANS 20 Critical Security Controls

The investigation, which comes on the heels of testimony executives at HSBC Holdings gave last month before a Senate panel regarding similar violations at their institution, signals to all banks the importance of complying with the Bank Secrecy Act and ramping up their anti-money-laundering efforts.

In the case against SCB, the New York State Department of Financial Services on Aug. 6 issued an order outlining allegations of BSA violations by the bank.

As for HSBC, the Senate investigation is just one of many the bank holding company has faced in recent years for lax BSA compliance (see HSBC's BSA Violations Set Example). In 2003, the Federal Reserve Bank of New York and state banking regulators ordered HSBC to improve monitoring of suspect transactions. In May, HSBC said regulators and government agencies continued to scrutinize its client activities and AML practices.

Increasing regulatory scrutiny by state agencies and others is motivating banking institutions to take BSA and AML compliance more seriously, says David Kwan, an AML expert at NICE Actimize, which a vendor of anti-fraud and AML technologies.

"The ripple effect of this is that AML concerns are more pervasive throughout an organization, extending beyond the purview of the compliance department," Kwan says. "Recent regulatory actions have brought to light significant shortcomings of some financial institutions in meeting their regulatory obligations for anti-money laundering and sanctions."

Banks cannot afford to neglect AML, Kwan says.

"Reputational damage from an AML scandal directly harms how much new business the financial institution can secure and could also affect the financial institution's ability to even do business in certain jurisdictions," he says.

Iranian Transactions

New York state regulators allege SCB moved at least $250 billion through its New York branch on behalf of client Iranian financial institutions that were subject to U.S. economic sanctions, and then covered up its transgressions.

The illegal activity, regulators charge, goes back nearly 10 years, involving transactions that were originated and terminated in banks in the United Kingdom and the Middle East and cleared through SCB's New York branch.

The regulators also contend SCB's external auditor, Deloitte & Touche, played a role by helping the bank conceal its violations, which allegedly involved 60,000 secret transactions.

The state department of financial services is demanding that SCB executives meet with them on Aug. 15 to explain the apparent violations and demonstrate why SCB's license to operate in New York should not be revoked. The bank also has been ordered to undergo another review, this time with an auditor chosen by the state regulators.

A formal hearing date to determine what, if any, fines SCB will be asked to pay has not been set.

The Allegations

The department of financial services claims SCB's actions starting in early 2001 through 2010 "left the U.S. financial system vulnerable to terrorists, weapons dealers, drug kingpins and corrupt regimes, and deprived law enforcement investigators of crucial information used to track all manner of criminal activity."

Standard Chartered PLC, the group that manages SCB, rejects that portrayal.

In a response issued late Aug. 6, the banking group disputes the state's allegations. "The group does not believe the order issued by the DFS [Department of Financial Services] presents a full and accurate picture of the facts," the response states. "The analysis that the group shared with all the U.S. agencies demonstrates that throughout the period, the group acted to comply, and overwhelmingly did comply, with U.S. sanctions."

The response goes on to state that SCB's review of Iranian payments did not reveal any payments made on behalf of terrorist entities or suspect organizations.

"The group is engaged in ongoing discussions with the relevant U.S. agencies," the response states. "Resolution of such matters normally proceeds through a coordinated approach by such agencies. The group was therefore surprised to receive the order from the DFS, given that discussions with the agencies were ongoing. We intend to discuss these matters with the DFS and to contest their position."

Deloitte's Role

The order claims SCB hired Deloitte sometime shortly after October 2004, when the bank agreed to formal enforcement action demanded by the department and the Federal Reserve Bank of New York. That action related to BSA and anti-money-laundering violations, including deficiencies in SCB's suspicious activity reporting and customer due diligence policies and procedures linked to foreign accounts.

Deloitte was asked to identify suspicious activity involving accounts or transactions that had been held at or went through SCB's New York branch between July 2002 through October 2004. Instead, regulators allege that Deloitte helped SCB cover up previous suspicious activity with Iran and gave it tools continue hiding ongoing activity.

The department claims Deloitte provided SCB with confidential, historical transaction review reports it obtained from other foreign banking clients involved in illegal U.S. dollar clearing activities.

"This evidence shows that members of SCB's top management were involved," the order states.

Using the reports provided by Deloitte, regulators claim SCB's management falsely convinced the Department of Financial Services and the Federal Reserve that SCB had corrected flaws to its BSA/AML program. As a result, the enforcement action against the bank was lifted in 2007, despite the fact, regulators say, that no steps had been taken to correct the violations.

In a statement provided to Reuters, Deloitte denies any wrong-doing or involvement in a BSA violations cover-up.

"Deloitte Financial Advisory Services performed its role as independent consultant properly and had no knowledge of any alleged misconduct by bank employees. Allegations otherwise are unsupported by the facts."

About the Author

Tracy Kitten

Tracy Kitten

Executive Editor, BankInfoSecurity & CUInfoSecurity

A veteran journalist with more than 18 years' experience, Kitten has covered the financial sector for the last 11 years. Before joining Information Security Media Group in 2010, where she now serves as the Executive Editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network