Community Bank Pays Hefty BSA PenaltyCase Shows AML Woes Affect Institutions of All Sizes
A $400,000 settlement in a case against a community bank in North Carolina for violations of the Bank Secrecy Act should serve as a reminder that anti-money-laundering woes are not just a big-bank issue, experts say.
A U.S. District Court in North Carolina last month dismissed its case against $2 billion CommunityOne Bank after the bank agreed to pay $400,000 toward restitution to victims of a third-party ponzi scheme that operated through accounts maintained at the bank.
That penalty should send a powerful signal to community banks and credit unions, says Brian Simpson, the bank's CEO. "Know your customer," he says. "It's an issue that the entire industry needs to recognize. Perpetrators of financial crimes and fraud have to conduct their fraud through a banking institution, and so we all must be vigilant to be sure we play our part and work with law enforcement to stop financial crimes."
In 2011, the Department of Justice cited CommunityOne for the bank's failure to file suspicious activity reports and maintain an effective AML program.
According to federal authorities, from April 2007 until September 2009, CommunityOne bank customer Keith Franklin Simmons laundered more than $35 million through his accounts with the bank. The funds were linked to a $40 million ponzi scheme Simmons operated for two and a half years. In December 2010, Simmons was convicted of securities fraud, wire fraud and money laundering.
Federal authorities say CommunityOne should have detected and reported Simmons' suspicious transactions. Yet the bank failed to file any suspicious activity reports during Simmons' scheme, despite hundreds of suspicious transactions, authorities claim.
Bank records later showed Simmons had transferred more than $2 million to other accounts with the bank and moved nearly $800,000 in cash withdrawals, gift cards and transfers to his personal account with the bank. He also used the proceeds to buy private jets, vehicles and gifts, court records show.
In April 2011, CommunityOne entered into a deferred prosecution program with the government. According to the deal, the charges against CommunityOne would be dismissed if the bank could effectively remediate its AML deficiencies within two years, which it did, Simpson says.
"Banks asleep at the switch need to wake up," said Anne Tompkins, U.S. Attorney of the Western District of North Carolina, at the time the agreement with CommunityOne was reached. "Federal law requires banks to implement a robust and proactive anti-money laundering program to detect fraud and protect the public from harm. This bank's failure to detect and report a ponzi scheme cost it 16 percent of its value. Other financial institutions should heed this warning: The Bank Secrecy Act applies to more than just drug and terrorist financing."
Simpson admits CommunityOne's AML program at the time of Simmons' scheme was insufficient, but he contends that no member of the bank's staff was actively covering up the scheme.
"No one was ever complicit in the fraud at the bank, but the bank's BSA program was, frankly, not up to snuff to identify what was going on," he says.
Some of circumstances in the CommunityOne case may have led authorities to be more willing to work with the bank on resolving the issues, Simpson says. In 2011, CommunityOne was in the midst of a $310 million recapitalization and merger effort, and the bank was being led by an entirely new management group, including Simpson.
"In order for us to move forward with the recapitalization transaction, we came to agreement with DOJ to remediate the weaknesses and to have some outside review from the OCC [Office of the Comptroller of the Currency] and external audit firms to confirm that we had fixed the problem. And if we did those things within two years, they would dismiss the case, which they did."
Federal prosecutors might not be so willing to show leniency to other banks, say some experts.
But Mike Wyffels, chief technology officer of community bank holding company QCR Holdings, how banks and credit unions approach AML will inevitably differ, regardless of how they view the outcome of this case.
"Institutions may vary their [AML] approach based on their size, expense and risk appetite," he says. "But the reality is you may not really understand how satisfactory or strong your program is without testing it first."
Many institutions may not realize or appreciate their AML shortcomings until they are slapped with a violation, Wyffels adds.
But Joe Bognanno of NICE Actimize, which provides AML and anti-fraud detection solutions for banks and credit unions, says the key message of the CommunityOne case is that banking institutions of all sizes need to move beyond antiquated AML detection.
"That has to do with proper [enhanced due diligence] together with transaction monitoring, and the integration of the two," he explains. "This is certainly something that community banks ... do largely on a manual basis with a heavy reliance on the RM [relationship manager] and his/her opinion of the risk associated with a customer, which can be biased, for obvious reasons."