Last month Standard Chartered bank agreed to pay a $1.1 billion for both Anti-Money Laundering and Sanctions violations. This blog is an overview of the bank’s failures in relation to both cross-border violations and what they mean for firms.
It was revealed that Standard Chartered Bank violated US economic sanctions imposed against Burma, Cuba, Iran, Sudan and Syria by processing over 9,000 transactions (totaling $437,553,380) through the US from June 2009 to May 2014. The Dubai branch of the bank processed the bulk of these illicit transactions, the majority of which involved Iran-linked accounts, to the bank’s New York branch or other US-based banks. Standard Chartered settled this violation with OFAC for $639,000,000.
However, it doesn’t end there, OFAC also admonished that the bank’s Zimbabwean branch for processing transactions through the US which involved Zimbabwe-related Specially Designated Nationals (SDNs). The bank was also fined $164,000,000 by the Federal Reserve Board for having ‘’unsafe and unsound practices relating to inadequate sanction controls’’ and for failing to disclose the sanction risks to the Federal Reserve.
The above failures prompted the Federal Reserve to sharply slap Standard Chartered on the wrist, stating frankly that the bank urgently needed to improve its compliance program, mitigate the inherent risks identified in its subsidiaries and branches, enhance management oversight and install a sustainable corporate governance framework.
Anti-Money Laundering Violations
Across the water, the FCA fined Standard Chartered its ‘’second largest financial penalty ever’’ of £102,200,000 for employing weak anti-money laundering controls. The failings occurred in two areas of the bank considered high risk; its UK wholesale bank correspondent banking business, as well as the bank’s UAE branches.
Adequate AML/CTF controls in UAE and the UK
The failings were abundant; primarily, the firm had failed to ensure its UAE branches applied equivalent AML/CTF controls as present in the UK. The FCA was critical of this violation, pointing out that the ‘’UK set global standards across the group…(and)…inadequate standards in the UAE risked affecting the entire group’’.
Poor customer due diligence
The above thus led to ‘’serious and sustained shortcomings’’ in the quality of customer due diligence measures undertaken by the bank. In particular, the bank failed to establish and maintain risk sensitive policies. The firm therefore was unable to adequately identify, mitigate and escalate money laundering risks. Together, these failings contributed to the bank’s sanction breaches and meant that the bank was vulnerable to the risk of receiving illicit funds.
The FCA provided several striking examples of the lack of evidence Standard Chartered Bank collected from customers presenting a higher financial crime risk. For example, one customer was able to open an account with 3,000,000 UAE Dirham (around £500,000) of cash in a suitcase. However, there was little evidence of an investigation into the source of the client’s funds.
Additionally, insufficient information was obtained for a customer exporting a commercial product with potential military application (i.e. a dual use good); the product was exported to more than 75 countries, including two jurisdictions whereby armed conflict had, or had the potential to, take place.
Although the firm has made efforts to ‘’improve its AML controls to ensure all issues are fully addressed on a global basis’’, the damage has already been done. Facing extortionate fines as well as unseen reputational damage, the FCA has made a clear message; it will not tolerate inadequate AML controls posing ‘’unacceptable risk’’.
Standard Chartered Bank’s fine illustrates the importance of cross-border co-ordination between supervisors as regards to AML and Sanction breaches.
Firms should expect to be held up to a higher level of scrutiny following the Bank’s fines and should therefore, as a priority, ensure that group policies are followed at branches and group entities to ensure that AML/CTF processes are consistent.
Firms should ensure that sufficient risk sensitive policies and procedures are in place in order to identify and mitigate all relevant risks. Not only this, but firms need to ensure that staff members are adequately trained to distinguish the relevant risks and escalate them to the appropriate authority.
Firms are also encouraged to designate adequate resources to establishing sufficient compliance monitoring systems to ensure that all policies and procedures, systems and controls are functioning as required.
The importance of a good compliance culture cannot be overlooked. Firms need to ensure that the value of compliance is instilled from the top down and communicated to all employees. and the apparent lack of a good compliance culture was arguably a principal factor in precipitating Standard Chartered Bank’s violations.
Interested in getting help or back up for your compliance programme? Lets start a conversation today. Book a free consultation with Philip Creed, Director of Fincrime, fscom.