Personal liability of compliance officers now a permanent occupational risk, cases show

A quickening trend has emerged that puts compliance officers at financial institutions and other businesses at a greater personal risk than ever before. This new occupational hazard has resulted in adverse actions against individual compliance officers by government regulatory and enforcement agencies, including monetary penalties, dismissals or downgrading of positions, and criminal prosecutions.

Individual compliance officers are increasingly exposed to personal liability for institutional lapses and failings. This brings a new dynamic to one of the fastest-growing occupations in the United States and other countries.

In recent years, financial crime compliance officers have been elevated to a position of greater distinction – and visibility – at financial institutions and other businesses vulnerable to financial criminals. At the same time, the compensation paid to compliance officers also grew. It is not uncommon today that a senior compliance officer at a major institution in an urban area earns more than $1 million per year.

The perceived and actual value of compliance officers at medium-sized and large institutions has risen substantially. Much of this has been driven by far-reaching government efforts against tax evasion, money laundering, sanctions violations and public corruption, primarily in the US and UK – and the reputational harm that befalls institutions and other businesses caught up in these high visibility crimes.

While the stature of compliance officers has increased, so has their exposure to personal liability for programmatic failings. Increasingly, compliance is a “high-risk, high-reward” profession.

These increased risks are largely a result of “Congressional and regulatory demand for individual liability when systemic issues are identified [at financial institutions],” says Nick Hartofilis, Director of Risk Advisory Services at the accounting and consulting firm, Kaufman, Rossin & Co, in Miami. He says there are pragmatic reasons for regulators to target compliance officers rather than just bringing enforcement actions against an institution.

“Individual liability raises the bar across the entire compliance landscape,” Hartofilis says.

Brown Brothers Harriman case spotlights rising liability risk

“In the current regulatory environment there is definitely a greater risk for compliance officers, especially at the senior levels, to be held personally liable,” says Christian Focacci, principal at the financial crime compliance jobs resource firm, AMLSource, in New York.

“The trend is being driven by a combination of enhanced scrutiny on individuals by law enforcement and regulatory agencies, which has been amplified by heightened media attention to cases against major institutions,” Focacci continued.

A landmark example of the heightened liability risks that compliance officers face appeared in the enforcement action by the Financial Industry Regulatory Authority (FINRA) against Brown Brothers Harriman last month. Much of the publicity surrounding this case focused on the record $8 million penalty by FINRA for an array of anti-money laundering program failings at the largest US investment bank.

Just as significant were the sanctions FINRA imposed against Brown Brothers Harriman’s director of the AML program. The “self-regulatory organization” (SRO) for the securities industry imposed a $25,000 monetary penalty on the Global AML Officer and suspended him for one month.

While fines and suspensions from FINRA are not uncommon, such penalties are usually reserved for securities fraudsters or boiler-room bosses, not compliance officers at major banks.  Yet the Brown Brothers Harriman case is not an isolated incident, and FINRA is not the only agency aiming for compliance officers.

Across industries and borders, regulators target compliance officers

In the past year, a growing number of cases have been brought against compliance officers by SROs and enforcement agencies. The cases have extend to an array of financial institutions beyond banks and broker-dealers.

In January 2013, the US Department of Justice secured an eight-month prison sentence for Humberto Sanchez, the compliance officer of a money services business in Los Angeles. Sanchez pleaded guilty to failing to have an effective AML program in place, in violation of the Bank Secrecy Act (BSA).

Earlier this year, US federal prosecutors targeted compliance officers in the fledgling virtual currency industry. In January, the Office of the US Attorney in Manhattan charged Charlie Shrem, Chief Compliance Officer of Bitcoin provider BitInstant, with money laundering conspiracy. Prosecutors allege that Shrem knowingly helped funnel money into the online drug bazaar Silk Road and failed to file suspicious activity reports.

In July 2013, the National Futures Association (NFA), the SRO of the US futures industry, imposed a $75,000 monetary penalty on James Green, the Chief Compliance Officer of foreign currency trading firm FX Direct Dealer. The NFA found that Green was personally responsible for failing to supervise the firm’s AML program. It suspended him from serving as chief compliance officer for one year.

Examples are not limited to the US. In August of last year, the UK’s Financial Conduct Authority fined a compliance officer of a securities dealer about $115,000 for “not acting with enough care and diligence” to prevent a client from committing securities fraud.

No deterrence without individual penalties, says Lawsky

The push to bring regulatory, civil and even criminal penalties against compliance officers may not surprise those who have followed recent comments made by regulators in the US. Facing substantial political and media pressure, regulatory and enforcement agencies are seeking to appear tough on financial crime.

“If we are resolving cases without individuals held accountable we’re not really deterring much,” said Benjamin Lawsky, Superintendent of the New York Department of Financial Services, in a speech to the Securities Industry and Financial Markets Association conference last month.

Some US elected officials clearly share his views. In October 2013, US Rep. Maxine Waters, Democrat of California, introduced a bill in the US House of Representatives that contains a raft of regulatory changes designed to augment penalties against individuals.

Called the “Holding Individuals Accountable and Deterring Money Laundering Act,” the bill would allow US regulators to impose civil monetary penalties on individuals for BSA violations, and “remove and ban bad actors from [the financial services industry].” The proposed law would also increase penalties for BSA violations to 20 years, up from the current cap of five years, and authorize the US Financial Crimes Enforcement Network to litigate cases on its own. The bill has several co-sponsors, but has not yet emerged from the House Subcommittee on Crime, Terrorism, Homeland Security and Investigations.

Most compliance professionals predict increase in personal liability

Based on industry surveys, compliance officers are already aware of the growing liability they face. A recent survey by Thomson Reuters that polled more than 600 compliance practitioners worldwide at banks, broker-dealers, insurers and asset management firms found that 53 percent felt their personal liability had increased over the previous year.

The heightened risks have not fallen equally on all compliance roles, however. “To date the additional liability has generally been on very senior level professionals, which represent only a very small percentage the of financial crime compliance population,” Focacci said.

Despite the limited population that has been affected so far, some experts question whether an ongoing focus on individual accountability will harm the financial crime compliance field by driving away talented candidates.

“The industry concern is that qualified professionals may not pursue compliance officer roles given an increased risk of individual liability and tough enforcement actions,” says Hartofilis. “Regulatory agencies have emphasized that they do not want to push top talent away from compliance officer roles.”

Compliance officers must build strong programs, but also seek other protections

Beyond having strong compliance programs in place, compliance officers should proactively seek ways to mitigate risks of liability, suggest experts interviewed by ACFCS.

Focacci highlighted the need for a qualified and highly trained staff as a key protection against liability for compliance managers . Hartofilis underscored the centrality of the risk-based approach and a robust financial crime audit program, including AML audit. He said compliance officers should implement ongoing training programs for relationship managers and ensure these managers have clear channels to report and escalate client’s suspicious activity.

The new risks compliance officers face may also prompt their review of liability insurance coverage and indemnification provided by their organizations.

*Note: a previous version of the story incorrectly stated that the Global AML Officer for Brown Brothers Harriman was dismissed. ACFCS regrets the error and apologizes.