French banking giant Credit Agricole will pay federal and state authorities nearly $800 million to settle charges it knowingly used a bevy of schemes to secretly move tens of billions of dollars through its New York branch on behalf of blacklisted regimes like Iran and Sudan.
The banking group, with nearly $1.7 trillion in assets and a presence in more than 30 countries, will pay $787 million as part of a deferred prosecution agreement (DPA) with the US Justice Department, must fire one of its managing directors involved in the illicit “stripping” of wire transfer details and must hire a monitor to review its adherence to the agreement and the health of its overall anti-money laundering (AML) and sanctions filtering programs.
From at least 2003 to 2008, Crédit Agricole used a series of schemes to process more than $32 billion in U.S. dollar payments through its New York Branch from its branches in Paris, London, Singapore, Geneva, Hong Kong and the Gulf, providing U.S. dollar clearing services on behalf of Sudanese, Iranian, Burmese and Cuban entities, according to the New York Department of Financial Services (DFS). To view a copy of the NY DFS order, click here.
A stark contrast in the Credit Agricole action from other similar international bank stripping cases that have cropped up since 2009 – there have been nearly a dozen since then with forfeitures and penalties of $12 billion – is that much of the illicit conduct was “blessed” by the bank’s financial crime compliance team, the group supposed to catch and report such actions.
In addition to “intentionally omitting information to identify sanctioned Sudanese parties on payment messages, the Bank’s Geneva employees were also encouraged to complete these otherwise illegal U.S. dollar transactions using a method fabricated by the Bank’s Anti-Money Laundering Committee (CLAB) known internally as the ‘Sudanese U-turn exception,’” according to penalty documents.
In reality, however, no U.S. law or regulation ever permitted an exception to the embargo on U.S. dollar transactions with sanctioned Sudanese parties by use of a two-stepped non-transparent “Sudanese U-turn exception.”
Still, with no legal basis, the AML committee concluded transactions are authorized when the underlying reason is “strictly limited to commercial transactions,” an erroneous conclusion that was propagated throughout certain foreign branches.
“Blessed by an Anti-Money Laundering committee of the Bank, the ‘Sudanese U-Turn’ permitted Geneva Branch employees to send stripped Sudanese wire messages through New York and complete U.S. dollar denominated transactions undetected,” according to investigators.
That the AML compliance team at a bank would actually draft practices to evade sanctions is “certainly strange,” said a former Treasury official, who asked not to be named, adding that the actions, though, could be considered equally egregious as other cases where compliance decried the stripping, but was summarily ignored.
Erroneous interpretation of US sanctions powers
The penalty documents highlight several significant failures in understanding how US sanctions practices work.
For example, personnel in the Geneva office “directed, possessed and oversaw these U.S. dollar transactions with the mentality that ‘[u]nder the territoriality of the laws principle, our Swiss activities are only subject to [laws] in force in the Switzerland and not those aboard,’” according to authorities.
Furthermore, written economic sanctions directives from the bank’s compliance managers that were in place throughout the Review Period assured staff that, with respect to U.S. dollar transactions, “the effect of the OFAC [SDN] list does not have any reach (outside of the United States).”
The penalty order continues, noting that in addition, “interviews of numerous Bank employees, including its legal and compliance professionals, revealed that many of the Bank’s staff who were involved with, or had knowledge of, the Bank’s business with Sanctioned Parties claimed ignorance of U.S. sanctions laws.”
These individuals feigned ignorance to the fact that “they applied or could be applied to foreign banks engaged in U.S. dollar denominated transactions – despite contrary admonitions from their colleagues at the New York Branch,” according to investigators.
One client, who referred to the crisis in the Darfur region of Sudan as “an exaggeration in the media,” urged the bank to continue processing payments connected to that country. In certain other transactions, a Sudanese bank client would send the following request to Credit Agricole’s Geneva subsidiary: “DON’T MENTION SUDAN ON THIS PAYMENT ORDER.”
The New York State Department of Financial Services (DFS) identified $32 billion in dollar clearing transactions in which the identity of the parties was obscured, $442 million of which were illegal. In addition, the U.S. identified $312 million in transactions that violated sanctions against Iran, Sudan and other blacklisted countries.
In New York, even if certain transactions were permitted under federal provisions, but were stripped of data to obscure the origins of transactions, they are violations of state books and records rules.
The overall $787.3 million Crédit Agricole will pay includes $385 million to the DFS, $90.3 million to the Federal Reserve; $156 million to the Manhattan District Attorney’s Office and $156 million to the U.S. Attorney’s Office for the District of Columbia. The U.S. Department of the Treasury’s Office of Foreign Assets Control is also imposing a penalty that is deemed satisfied by the amounts Crédit Agricole is paying to the other agencies.
In public documents and earnings reports, European institutions Deutsche Bank AG, Societe Generale SA and UniCredit AG have all also disclosed they are cooperating with U.S. authorities in investigations over whether they allowed foreign clients from sanctioned countries to move money through US offices.
Corporate monitor to review all AML, sanctions programs
On the independent consultant, or monitor, part of the agreement, the person will be at least engaged for a year to “conduct a comprehensive review of the Bank’s existing BSA/AML and OFAC sanctions compliance programs, policies and procedures in place at the New York Branch.”
Those analyses will also include transactions between the New York Branch and the Bank, including all of the Bank’s branches outside the U.S., including those transactions performed outside the U.S. that pertain to or affect activities conducted by or through the New York Branch.
The monitor will have a broad ambit of control and will report directly back to the government, but must cover several critical areas of the compliance and remediation efforts, including:
- Corporate governance: The elements of the Bank’s corporate governance that contributed to or facilitated the improper conduct discussed in the order and that permitted it to go on
- Current Reforms: Relevant changes or reforms to its corporate governance that the bank has made since the time of the conduct discussed in this Consent Order, and whether those changes or reforms are likely to significantly enhance the bank’s BSA/AML and OFAC compliance going forward.
- AML grade: The thoroughness and comprehensiveness of the bank’s current global BSA/AML and OFAC compliance program.
- Organizational structures: The organizational structure, management oversight, and reporting lines that are relevant to BSA/AML and OFAC compliance.
- Staffing expertise: An assessment of the staffing of the BSA/AML and OFAC compliance teams, including the duties, responsibilities, authority, and competence of officers or employees responsible for the bank’s compliance with laws and regulations pertaining to BSA/AML or OFAC compliance.
- Current proposals: The propriety, reasonableness, and adequacy of any proposed, planned, or recently-instituted changes to the Bank’s BSA/AML and OFAC compliance programs.
- Corrective measures: Any corrective measures necessary to address identified weaknesses or deficiencies in the Bank’s corporate governance or its global BSA/AML and OFAC compliance program.
Collectively, stripping cases reach $12 billion
The latest sanctions penalty and heft remediation requirements, are just the latest in a series of major sanctions violation actions against large foreign banks.
“Sanctions laws are critical to both our national security and foreign policy interests,” said Channing Phillips, U.S. Attorney for Washington, in a statement.
In June 2014, BNP Paribas Bank (BNPP) pleaded guilty in New York County to falsifying business records and conspiring to evade U.S. sanctions and paid a record $8.83 billion in criminal forfeiture and penalties.
Since 2009, nine banks, including BNPP and CACIB, have forfeited approximately $12 billion for their illegal conduct, with half of the funds being paid to the City and State of New York.
The Manhattan District Attorney’s Office previously has entered into Deferred Prosecution Agreements with the following financial institutions related to U.S. sanctions violations:
- Commerzbank AG for $342 million in 2015
- HSBC Bankfor $375 million in 2012
- Standard Chartered Bankfor $327 million in 2012
- ING Bankfor $619 million in 2012
- Barclays Bankfor $298 million in 2010
- Credit Suisse AGfor $536 million in 2009
- Lloyds TSB Bankfor $350 million in 2009
Manhattan D.A. Cyrus Vance Jr. said the settlement sends “a clear message that financial institutions must comply with sanctions against rogue nations.”
Iran gets ‘special treatment’ to go through New York
When it came to Iran, written policies and procedures directing employees to omit information that would identify Iranian parties to U.S. dollar payments processed by the Bank “were drafted by a relationship manager dealing in Iranian business and approved by CASA Compliance in Paris.”
Such “special treatment” procedures “acknowledged the operational risk for conducting these transactions in violation of U.S. laws and regulations, but allowed nevertheless that ‘our bank has been dealing with these [Iranian] counterparts for over 14 years and in line with market practice and as customary to all our competitors in this market, we have been routing USD payments in the manner specified below in order to prevent funds being seized by the US authorities.’”
In addition, the conclusion when it came to Iran was that the “various departments involved in this process, i.e. front, middle and the back office, are aware of this special treatment as procedures have been implemented to cover this aspect of operational risk. The matter has also been passed through compliance and Legal to ensure that all aspects are covered…The method for [U.S. dollar] payments is as follows: no mention of Iran is made on the instruction.”
But to answer the vexing question as to why, you have to look at the general understanding of sanctions at the time the actions took place, which was, for some banks, not very strong, said the person.
“At that time for foreign banks, it was a little bit like the Wild West,” said the person. “Everyone did whatever they wanted to do. Some foreign banks didn’t understand” that US sanctions applied to any transaction in US dollars or they didn’t care, thinking they were too big to get chastised by US authorities.
It’s only later, after big sanctions screening penalties started coming out in 2009 that foreign banks started realizing that stripping is illegal and that any sanctioned transaction that touched New York could be seen as a violation and that there is a “strict liability standard with OFAC. If they find a violation, the only thing that can mitigate it is having a strong compliance program” and cooperating extensively with authorities.
Penalty mitigated by ‘extensive’ OFAC cooperation, remediation
On its side as to mitigating the size of the penalty, OFAC stated Credit Agricole has “taken global remedial action designed to strengthen its program through enhancements to information technology, training, and updates to policies and procedures.”
These measures include doubling the number of compliance and know-your-customer personnel, and creating a Risk Management Group that is responsible for tracking sanctions rules and regulations in order to assess the need to update the bank’s policy and governance procedures.
In addition, the bank strengthened its procedures in order to address the escalation of high risk customer files and transactions to the Financial Security Unit.
The bank has also “required that all employees participate in sanctions training and has provided detailed sanctions training to the Legal, Financial Security, and Internal Audit groups, relationship managers, local compliance officers, U.S. Persons and other employees in various branches and subsidiaries.”
In addition in 2013, the operation appointed a global head of sanctions responsible for monitoring regulatory updates with the legal department, preparing group policies, preparing training to group employees, and advising on the settings of the group filtering tool in conjunction with the systems compliance units.
The bank provided “substantial cooperation” to OFAC by expending a significant amount of resources to conduct an extensive internal investigation and transaction review of payments processed between 2003 and 2008 by the bank’s offices in France, the United Kingdom, Singapore, Switzerland, the Gulf (Dubai and Bahrain), and Hong Kong.
It also responded to multiple inquiries and requests for information, executed a statute of limitations tolling agreement and signed multiple extensions to the agreement.
Even so, the penalty is also meant to send a warning to other banks who have engaged in such activities or continue to do so.
“Crédit Agricole engaged in a series of schemes to evade U.S. sanctions and deceive its regulators,” Acting DFS Superintendent Anthony Albanese said in a prepared statement. “Our agency will continue to aggressively investigate and uncover misconduct at banks meant to circumvent U.S. sanctions laws – both past and present.”