US regulators ding China Construction Bank for lax customer risk rating

State and federal regulators Tuesday issued a formal enforcement action against the New York-based branch of one of China’s largest state run banks this week for broad failures in implementing financial crime program provisions, from customer risk ranking to correspondent portals and affiliate oversight.

The Federal Reserve and New York State Banking Department cited the Construction Bank of China, the country’s second largest, for deficiencies across the anti-money laundering (AML) program and issues related to properly responding to law enforcement and other requests for information.

The bank has operated in New York since 2009. It entered a written agreement with the two regulatory agencies on July 21 to correct a swath of compliance weaknesses.

Due to the gaps in customer scoring, automated monitoring and compliance staff able to calibrate alert protocols and understand certain data results, examiners have called for a transaction review for dollar clearing activities for the period from July 2013 through the end of the year to ensure any missed suspicious transactions get properly reported.

The regulatory agencies also cited issues related to the depth and adequacy of employee training programs at branches and affiliates that perform AML compliance-related functions, in part, so they can better understand what should be going into, and coming out of, the transaction monitoring system in terms of quality alerts.

The agreement was particularly prescriptive related to properly capturing customer details at account opening, risk rating and weighting those accounts and plugging in the details accurately into the transaction monitoring system so that any aberrations can be documented, escalated and, if needed, turned into a suspicious activity report.

The Fed order called for stronger monitoring and investigative standards to ensure the “timely detection, investigation and reporting of all known or suspected violations of law,” including:

  • Proper monitoring of customer accounts and transactions, including through foreign correspondent portals.
  • Adequate escalation of possible suspicious activity, including what management signed off, who made decisions to escalate or not and any related data and documents.
  • That data and information is collected and aggregated across business lines and any identified data gaps are identified and have a timeframe to be corrected

Read the written agreement here.