The New York branch of a Korean Bank must make both broad and deep improvements to its financial crime compliance program, including nearly every aspect of its automated monitoring and filtering systems, oversight of correspondent portals and trade financing deals.
The eight-page, joint written agreement for Seoul-based Industrial Bank of Korea issued by the Federal Reserve and New York Department of Financial Services, (NYDFS) runs the gamut of the anti-money laundering (AML) program, centering much of its criticism on the involvement of the bank’s board of directors and senior management at the New York branch.
In particular, the board must “maintain effective control over, and oversight of,” the New York branch’s senior management, compliance with overarching AML rules and requirements to screen for entities blacklisted by the US Treasury’s Office of Foreign Assets Control (OFAC), along with measures to improve both the data on customers and the accuracy and tuning of transaction monitoring systems.
In the last six months, federal and domestic regulators have dinged, or are considering releasing a formal action against, two other Asian banks, Bank of China and China Construction Bank, for a host of issues, including their shepherding of foreign correspondents, according to media reports and public actions.
As well, the US Treasury in its National Money Laundering Risk Assessment released in July highlighted the financial crime risks tied to correspondent portals – both from US and foreign banks – as one of the outstanding vulnerabilities in the country’s domestic framework. The report noted the risks were particularly high if the entities entering through those doorways are nebulous corporations with murky, convoluted beneficial ownership structures.
But the mention of compliance issues tied to trade finance is a new wrinkle for an AML action, though not one totally unexpected.
The US Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit, has also been using its vast power to improve the data gathered at key trading hubs in California and Florida while Congress last month convened a hearing with key experts in a bid to craft new solutions to trade-based money laundering, an age-old problem the panel dubbed the “most challenging” form of laundering.
The agreement also cites issues tied to the bank suppressing false positives tied to OFAC filters, an issue the agency has cited several times in recent orders, noting that in some instances, banks have given certain entities a pass in their systems, and failed to update the information later when the individual or company later became designated.
As for getting top bank officers more involved, the order calls for the board to ensure that any compliance issues tied to AML or OFAC are “appropriately tracked, escalated, and reviewed by the Branch’s senior management,” so that there is a system of accountability to determine who made what decisions for or against certain policies, transactions and conclusions to file or not to file suspicious activity reports (SARs).
Moreover, the board is responsible for gauging the cumulative understanding of financial crime compliance by any individuals involved in AML and ensuring they “possess appropriate subject matter expertise and are actively involved in carrying out such responsibilities,” and are given “adequate resources” to keep the branch in compliance, including training and staffing.
Transaction, screening challenges
In the latest action focusing on an Asian bank, though, regulators were both specific and prescriptive when it came to the standards they wanted employed in automated transaction monitoring systems, what many consider the heart of the AML program.
The order focuses on requiring that the system is calibrated to be in line with the risks the branch faces, that the transaction alert rules make sense and are both adequate to be the foundation of a case but don’t overwhelm analysts.
The agreement notes that such transaction systems should have:
- Method transacting: well-documented methodology for establishing monitoring rules and thresholds appropriate for the Branch’s profile which considers factors such as type of customer, type of product or service, geographic location, and, where appropriate, initial originator, and ultimate beneficiaries
- Correspondents, affiliates: policies and procedures for analyzing, testing, and documenting changes to monitoring rules and thresholds, including transactions conducted through foreign correspondent accounts and trade financing reimbursement activity, including activity involving the Bank’s affiliates
- Information escalation: appropriate allocation of resources to manage alert and case inventory, including adequate escalation of information about potentially suspicious activity through appropriate levels of management
- Documentation, data: maintenance of sufficient documentation with respect to the investigation and analysis of potentially suspicious activity, including the resolution and escalation of concerns, and maintenance of accurate and comprehensive customer and transactional data and ensuring that it is utilized by the Branch’s compliance program
- Gap analysis: an assessment of the gaps in the monitoring rules and a plan to implement corrective measures and establishment of automated monitoring system standards and a plan to make system enhancements, as necessary.
- Repetitive false positives: policies, procedures, and periodic testing to ensure that the OFAC designated parties list is current and includes all OFAC specified countries, entities, and individuals, and procedures to ensure that the processes used to suppress repetitive false positives are periodically reviewed and updated to ensure appropriateness and relevance.
The agreement with IBK “will strengthen existing safeguards and improve reporting of any suspicious activity”, said Maria T. Vullo, Acting Superintendent of Financial Services.