In today’s ACFCS Fincrime Briefing, GAO reviews bank SAR efforts, need for more FinCEN, law enforcement feedback, London evades U.S. sanctions to pay Iran in Bank Mellat settlement, five major Brazilian banks accused of laundering hundreds of millions of dollars, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

GAO calls on FinCEN, law enforcement to provide FIs more details on value of SARs, grant futures association full access to AML bank filing database  

A government watchdog group is calling on the country’s administrator of financial crime compliance rules to give more feedback to banks on the use and value of suspicious activity reports – and further nudge law enforcement agencies to provide detailed feedback to specific institutions on the quality and usefulness of those efforts.

Those are just some of the recommendations by the U.S. Government Accountability Office (GAO) for the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) and law enforcement agencies in a nearly 100-page report reviewing the banking sector’s at-times herculean efforts to produce suspicious activity reports (SARs), the finial filing of the federal anti-money laundering (AML) program.

Those filings – now numbering in the hundreds of millions of SAR and customer transaction report (CTR) filings after several decades – are critical pieces of intelligence housed in a massive FinCEN database used by local, state and federal investigative agencies to create new or make a break in ongoing cases.

At the same time, GAO is also recommending a closer kinship between FinCEN and some of the other more arcane and esoteric securities-related associations with oversight of entities considered financial institutions and subject to AML rules.

In this case, GAO is urging the National Futures Association (NFA) – the self-regulatory organization delegated AML exam duties by the Commodities Futures Trading Commission (CFTC) – become a full member of the Bank Secrecy Act Advisory Group (BSAAG), the public-private working group that meets several times a year to tackle the most vexing fincrime compliance challenges of the day.

In that same vein, FinCEN, after consulting with CFTC, should take steps to explore providing direct AML database access to the NFA, similar to the access afforded other federal regulatory and investigative bodies, (via GAO).

Monroe’s Musings: GAO is fearless in tackling the toughest challenges, most pressing vulnerabilities and areas where efficiency and effectiveness can improve in the country’s counter-crime compliance and investigations defenses.

This report is fascinating and its recommendations right on the money – dirty or clean.

Banks have been bemoaning the AML compliance exercise for years, not because they don’t see the efforts as worthy, but because of a longstanding lack of broad feedback from the law enforcement agencies actually using those SARs to form, further or close cases.

Why is this so important, you ask?

For one, its powerful validation for compliance departments that are spending – in some cases – hundreds of millions of dollars to comply with domestic and international AML compliance rules.

It is also vital feedback to see where AML teams are on the mark, or missing the mark, and better determine where resources could best be marshalled to better identify illicit trails and stop bad guys.

And the other huge reason a bank would want to know from law enforcement its efforts actually helped in a case – or even many big cases – is because that knowledge could be used as a buffer of protection when regulators attempt to find more minor AML failings and threaten an exhaustive matter requiring immediate attention, or worse, a formal compliance penalty.

In short, the bank has more leverage at the examiner negotiating table, being able to say essentially, back off from dinging me on something minor – a la death by a thousand cuts – because my AML team is clearly creating SARs with actual value to investigators, rather than just filing defensively to prevent examiner tongue lashings.

U.K. government evaded U.S. sanctions against Iran to pay court settlement over blacklisted Bank Mellat

Britain used a third country to avoid US sanctions as it paid an Iranian bank a settlement in a £1.25 billion damages case, a result that could cause other countries to tarry on enacting secondary U.S. sanctions due to fears they could also be sued by Iranian entities, The Times has learned.

Bank Mellat, in which the Iranian government owns a 17 per cent stake, sued the government over British sanctions imposed in 2009 that prevented it from doing business with the UK’s financial sector.

The Supreme Court ruled that the sanctions were illegal and a five-week hearing of the bank’s claim for damages covering its loss of business had been scheduled for June.

Bank Mellat had sought £3.2 billion but this fell to £1.25 billion with interest.

On the eve of the trial the government reached a private settlement. The Treasury said yesterday: “Bank Mellat’s claims have been concluded on terms confidential to the parties.” Iranian media reported that the bank had declared the payment to its government.

The payment was made through a third country and entity to evade US sanctions, which have in effect cut Iran off from the global financial system. Washington reimposed sanctions on Bank Mellat in October.

Britain, France and Germany have had limited success in helping Iran to trade despite the American move, (via The Times).

Monroe’s Musings: This is a development that could cause major complications for large international banks attempting to comply with dueling and conflictive sanctions regimes.

What is stopping Iran, or Bank Mellat, from suing, say individual European banks that blocked or rejected blacklisted funds due to attempts to comply with U.S. sanctions rules?

Moreover, any of the institutions involved in this movement of settlement funds from the U.K. to Iran could face the wrath of OFAC in response to having its sanctions superiority challenged on the global stage with a rare regional legal defeat.

Lava Jato task force links five major Brazilian banks to R$1.3 billion money laundering scheme

A financial crime task force, according to findings based on two operational stages carried out this year, is scrutinizing if funds used for the payment of bribes were transferred through Banco do Brasil, Bradesco, Caixa, Itaú, and Santander.

In all, the accounts opened in the name of front companies operated by moneylenders investigated by Lava Jato handled approximately R$1.3 billion (US$325 million).

The cooperation of bank employees and flaws in control systems for suspicious transactions are alleged to have enabled the use of the national financial system for illegal transactions.

As a result of these flaws, Lava Jato investigators are now examining whether the large banks mentioned are also liable for the crimes committed, (via KYC360 and the Rio Times).

Monroe’s Musings: Brazil has already struggled to change its image of a country rife with corruption and being a choice destination for criminals, fraudsters and money launderers to move their money – because they can bribe their way past AML rules.

In early 2019, the country bolstered the power and powers of its chief AML agency to better capture, share and analyze financial intelligence – without judicial review – and take on larger domestic and international cases.

But as this story points out, its clear Brazil, and many of its banks, have a way to go to raise their compliance standards and expertise to international best practices.

These details could also cause other large banks, in particular institutions connected with those named in this story, to re-risk these banks and give more scrutiny to transactions originating from them or flowing through them.

Indian police arrest former managing director of fraud-hit PMC Bank as authorities raid multiple Mumbai locations

Indian police on Monday arrested Joy Thomas, the former managing director of Punjab and Maharashtra Co-operative Bank (PMC), which has been accused of creating fictitious accounts to hide loans, a spokesman for Mumbai Police said in a just-released statement.

The PMC case has sparked renewed concerns about India’s banking sector, which has been rocked by a multi-billion dollar fraud at a state-run lender, the collapse of a major infrastructure lender, bad loan issues at state-run banks and a liquidity squeeze that has hit shadow lenders.

“He (Joy Thomas) has been arrested. Further enquiry going on,” Mumbai Police spokesperson Pranaya Ashok told Reuters.

Bank officials on Tuesday accused PMC Bank’s management of concealing non-performing assets and disbursing loans leading to a loss of at least 43.55 billion rupees ($617 million), adding that the bank camouflaged its financials.

The complaint named bank chairman Waryam Singh and Managing Director Thomas, along with other bank officials, and accused them of criminal breach of trust, forgery and falsification of records.

It also names bankrupt realty company Housing Development and Infrastructure Ltd, along with its former senior executives Sarang Wadhwan and Rakesh Wadhwan, who were arrested on Thursday.

More than two dozen co-operative banks are now under RBI administration, but PMC Bank – with deposits of 116.2 billion rupees as of March 31 – is by far the largest.

As well on Friday, the Enforcement Directorate (ED) raided six locations in Mumbai in connection with irregularities in the management of Punjab and Maharashtra Cooperative Bank.

Investigators conducted searches at the residences of the promoters of Housing Development and Infrastructure Limited (HDIL) and PMC Bank board members, among others.

Based on an FIR registered by the Economic Offences Wing (EOW) of the Mumbai Police, the ED had filed a case under the Prevention of Money Laundering Act (PMLA).

An officer told The Indian Express that the police had found records of alleged direct transfers from the bank to the personal accounts of the Wadhawans that were password-protected. “During investigation, we found that there were nearly 44 accounts at the bank that were password-protected.

These accounts were linked to the Wadhawans and DHIL-linked entities where a lot of the money from the bank had been transferred,” the officer claimed.

The Reserve Bank of India (RBI) had, last month, barred PMC Bank from routine banking activities after the collapse of the bank.

PMC Bank’s now suspended managing director Joy Thomas admitted that the bank extended Rs 2,500 crore loans — almost 30 per cent of its total loan portfolio of Rs 8,383 crore — to HDIL over several years.

He said the bank did not disclose to the central bank that HDIL was unable to pay for years fearing it “will affect the bank’s growth,” (via Reuters) and the (Indian Express).

Monroe’s Musings: When I read a story like this about a massive internal fraud related to fictitious accounts and faulty loans at a banking group, one question reverberates through my mind: where was the financial crime compliance team in this?

Now, I know what you are going to say: AML, fraud, corruption – all of these groups are trained and primed to stop external threats from getting in, and dirty money flowing through the institution, not identify an internal fraud allegedly run at the bank’s upper echelons.

As well, if you are also thinking to yourself, why does this sound familiar, here’s why.

That’s because one of the biggest banks in the U.S. was hauled before Congress and paid massive penalties due to a fake accounts scandal, created by stressed and harried salespeople attempting to make unrealistic sales quotas.

In covering congressional hearings on the Wells Fargo scandal, I highlighted that AML-style analytics came into play to identify what salespeople were cooking the books and what managers allowed it to happen.

I also asked the question at the time: what entity in a bank has the responsibility to review salespeople or teams to determine when some are potentially rising to the level of fraudulent activity that is actually taking advantage of customers and creating penalty risks for a bank?

My answer: maybe that is a compliance responsibility.

My point: In an era of innovation, financial crime compliance professionals in a bank can’t just look outward to really – and I really mean truly – create a convergent, holistic and enterprisewide compliance function to counter the broad array of threats institutions can face because powerful risks, enough to crush a bank, can also come from within.