The financial institution in question is, according to the DFS, a repeat offender that has been subject to various AML-related enforcement actions since 2007, and, as a result, the CO was accompanied by a fine of $235 million. Cited deficiencies include:
- Deficient transaction monitoring that failed, among other things, to consider shell company activity
- Alert clearing practices that deviated from written policies and procedures
- Undetected logic flaws/gaps in the transaction monitoring system
- Non-transparent payment processing in which key details were omitted from payment instructions
- Breakdowns in audit and management oversight
It’s not the serious deficiencies that make this CO unusual, though. What is noteworthy is that the CO provides a platform for the DFS to justify and reinforce its commitment to its newly enacted Part 504, Transaction Monitoring and Filtering Program Requirements and Certifications. In the Introduction to the CO, the DFS focuses on The Culture of Compliance in the Age of Risk and Transaction Monitoring – An Essential Compliance Tool – basic tenets of Part 504 – and, in fact, closes out the Introduction with language reminiscent of its introduction of Part 504:
“In both past investigations and routine examinations, the Department has identified significant shortcoming in transaction monitoring and filtering programs of a number of major financial institutions. The Department found that such deficiencies generally were attributable to a lack of robust governance, oversight, and accountability at senior levels. These findings have resulted in a number of enforcement actions, and have led the Department to issue a new regulation (effective January 1, 2017) governing transaction monitoring and filtering systems. Among other things, the regulation creates an obligation for a covered institution’s chief compliance officer (or functional equivalent) to certify compliance with this regulation, thereby encouraging institutions to proactively ensure compliance with existing federal and state anti-money laundering and sanctions requirements. The Department views effective transaction monitoring systems as an essential tool in the battle against illicit transactions and terrorist financing in this age of risk.”
New York-regulated financial institutions that haven’t developed and launched their Part 504 compliance initiatives should enjoy the holidays. Next year may be a very busy year.
For additional information on Part 504, see the Protiviti flash report, New York Department of Financial Services’ Final Transaction Monitoring and Filtering Program Regulation.