In two recent bank penalties involving two countries, three regulators and nearly $150 million in combined fines, the failings tied to anti-money laundering and corruption controls appear to hint at more significant gaps in a broader culture of compliance, a growing regulatory focal point.
The actions occurring days apart in late November involve a $109 million penalty against Barclays for arranging a secretive, more than $2 billion deal for rich clients and a roughly $37 million joint penalty and deferred prosecution agreement – the UK’s first such accord – against ICBC Standard Bank from failing to prevent a former sister company from bribing officials in Tanzania with a $6 million payment as part of a $600 million sovereign debt offering.
The actions highlight that a push by regulators in the US, UK and European Union for large financial institutions to institute a strong “culture of compliance” across borders, business units and clients still has not been fully embraced as some pockets are still giving short shrift to due diligence, monitoring or control duties.
As well, the Barclays case in particular reveals that nearly any financial crime compliance program can be nullified by insiders with financial incentives to skirt rules designed to ensure risky or criminal entities can’t use their operation to move illicit funds through the international financial system.
In many cases, large scale corruption and the related payments to satisfy the parties involved “can’t happen without the use of banks,” said Paul Pelletier, a member of Mintz, Levin, Cohn, Ferris, Glovsky & Popeo in Washington, DC.
Moreover, in the latest cases involving lapses in AML and corruption controls highlighted by UK and US authorities, there is “nothing nuanced about them,” he said. “The regulators believed there was no way the banks could justify these activities in any way shape or form. The banks were not doing their jobs.”
In both cases, a bank either skirted an AML bedrock tenet, such as customer due diligence measures to know the customer and calibrate the financial crime risk, or failed to monitor a customer’s behavior in the course of a banking relationship to identify and act on classic red flags of corruption.
But that isn’t surprising because the more than $1 billion sum is “not a small amount of money,” Pelletier said, adding that insiders who know compliance controls can also use that knowledge to keep a transaction or deal “out of compliance networks and only on paper.”
The ‘elephant deal’ in the room
In the Barclays penalty, regulators noted, however, that deal didn’t involve any actual financial crimes. Instead, the regulator accused Barclays of “failing to minimize risk” as it structured a product for certain wealthy clients between 2011 and 2012 that exclusively kept them out of bank monitoring systems.
The deal in question was never entered and logged on a Barclays computer, the Financial Conduct Authority (FCA) said. In fact, the shadowy deal included a clause that offered to pay the clients up to £37.7 million if their names were ever disclosed.
To prevent that from happening, Barclays officials ensured the documents were locked in a specially bought safe that few staff knew about.
“Barclays applied a lower level of due diligence than its policies required for other business relationships of a lower risk profile,” the FCA said.
The clients were clearly higher risk due to many being politically-exposed persons, or PEPs, and should have been subject to higher levels of due diligence, the regulator said. The bank made £52.3 million on the deal, known as an “elephant deal” structured to pay returns for the clients over several years.
This is not the first time the bank has gotten in trouble for lapses tied to financial crime controls. In 2010, Barclays paid US authorities nearly $300 million for compliance control violations and dealing with blacklisted regimes including Iran, Libya and Sudan.
Affiliate oversight critical to crimp corruption
In the ICBC Standard Bank action, the bank paid $36.9 million in a global settlement with the UK’s Serious Fraud Office and US Securities Exchange Commission to settle a host of issues tied to lax due diligence and corruption.
The Serious Fraud Office accused the institution of not doing enough to prevent a former sister company from attempting to bribe officials in Tanzania from 2012 to 2013.
The fraud office said that Stanbic Bank Tanzania made a $6 million payment in March 2013 to a local partner in a bid to induce members of the Tanzanian government to favor Stanbic Tanzania in a $600 million private placement to be carried out on behalf of the government. The placement generated transaction fees of $8.4 million for Stanbic Tanzania and ICBC Standard Bank.
When it comes to steering clear of corruption, when processing financial transactions that could be tinged with graft banks should engage in and document heightened PEP and KYC due diligence to minimize the risk of getting ensnared in or become the focus of a government investigation, he said.
- Ask where the money is coming from, such as individuals or companies and do the sums seem out of scope for the entities involved?
- Does the manner in which transactions enter and exit the account make any business sense?
- How quickly are these transactions happening and where is the money going when it leaves?
- Are there any jurisdictions involved known for lax AML rules, corruption or financial secrecy?
- When was the company started that is involved in the business deal or transaction and what is the nature of its business? Does its involvement in the transaction make business sense?
One of the most important things for regulators is that these inquiries and due diligence initiatives are meaningful and “show that the bank is serious about trying to get to the bottom” of finding out the true risk of financial crime for the entities involved. Investigators and regulators want to determine whether the bank engaged in adequate due diligence or just gave a “superficial” look that amounted to “window dressing.”