- Source: fincen.gov
Treliant knows how to design, operationalize, and maintain Compliance and Conduct Risk Programs. While recognizing there may always be some liability risk for the misconduct of others, Treliant understands how to operationalize the controls to demonstrate appropriate mechanisms are in place to minimize Chief Compliance Officer liability. If your business needs assistance with compliance risk management, Treliant can help.
On March 4, 2020, the Financial Crimes Enforcement Network (FinCEN) has assessed a $450,000 civil money penalty against a former Chief Operational Risk Officer (and, before that, Deputy Risk Officer and Chief Compliance Officer) at a financial institution, for failures to prevent violations of the Bank Secrecy Act (BSA). The financial institution used automated transaction monitoring software to spot potentially suspicious activity, but it improperly capped the number of alerts generated. In addition, the financial institution failed to staff the BSA compliance function with enough people to review even the reduced number of alerts.
In February 2018, FinCEN, in coordination with the Office of the Comptroller of the Currency (OCC) and the U.S. Department of Justice, issued a $185 million civil money penalty against the financial institution for, among other things, willfully violating the BSA’s requirements to implement and maintain an effective anti-money laundering (AML) program and to file Suspicious Activity Reports (SARs) in a timely manner.
It was revealed in the penalty; the former Chief Operational Risk Officer was advised by two subordinates that they believed the existing automated system was inadequate because caps were set to limit the number of alerts. In addition, the former Chief Operational Risk Officer received internal memos from staff claiming that significant increases in SAR volumes, law enforcement inquiries, and closure recommendations, created a situation of an understaffed AML program.
Furthermore, the OCC warned the financial institution on several occasions that using numerical caps to limit the financial institution’s monitoring programs based on the size of its staff and available resources could result in a potential enforcement action, and FinCEN had taken previous public actions against financial institutions for the same activity.