The Federal Deposit Insurance Corp., along with the Financial Crimes Enforcement Network and the State of Florida Office of Financial Regulation has fined Miami-based Ocean Bank [$3.6 billion in assets] $10.9 million for violations of the Bank Secrecy Act as well as other anti-money laundering laws and regulations, such as failure to file currency transaction reports.

Ocean Bank, Florida’s largest state-chartered bank, failed to implement an effective BSA/AML Compliance Program, with internal controls “reasonably designed to detect and report money laundering and other suspicious activity in a timely manner,” according to a statement issued by the FDIC. Regulators determined that the bank did not conduct adequate independent testing to meet requirements for suspicious activity reporting. The bank also reportedly failed to hire staff appropriately trained in BSA compliance and requirements.

Ocean Bank consented to the penalty, without admitting or denying the FDIC’s and FinCEN’s findings.

AML expert Kevin Sullivan says banks and credit unions can expect fines to continue steepening, especially for the mid-sized and smaller institutions. Regulators are taking BSA compliance and SARs seriously. “These major fines all start to sound like a broken record: Inadequate AML program. Inadequate testing. Inadequate training. I know I’ve heard it before. Perhaps, if some financial institutions stop treating security, fraud, AML, compliance like the red-headed stepchild and realize that those units, while they will never be profit-making sure as heck can be profit-keeping, most certainly can be reputation-saving.”
According to regulators, 28 percent of Ocean Bank’s customers reside outside the United States in high-risk geographies susceptible to money laundering, including Venezuela. The bank established direct relationships in the U.S. for politically exposed persons, also known as PEPs, such as consulates and established “bearer share” corporations. But the bank had insufficient policies, procedures and systems in place to assess and mitigate the risks of narcotics-related money laundering activity and ensure the detection and reporting of suspicious transactions. [See How to Marry AML and Fraud.]

“Effective Bank Secrecy Act/anti-money laundering programs commensurate with the risk profile of the institution is paramount in protecting our financial system and individual banks from harm,” said Sandra L. Thompson, director of the FDIC’s Division of Risk Management Supervision, in a statement issued by the FDIC and FinCEN. “This penalty underscores the significance for banks to have strong internal systems and controls to detect and report suspicious activity and ensure compliance with Bank Secrecy Act requirements.”

Regulators Scrutinize Certain Cross-Border Activity
By the end of 2006, Ocean Bank reportedly had a backlog of more than 100,000 alerts that had been generated by its AML monitoring system. That backlog was alarming, regulators noted, because only 15 percent of the bank’s customer accounts were automatically being monitored. The majority of the alerts were cleared by bank staff that was “ill-trained,” according to the FinCEN assessment. “As a result, few suspicious activity reports were filed by the Bank, relative to the number of alerts generated,” the assessment states.
David Kwan, director of product management for NICE Actimize, says regulators have heightened the attention they pay to correspondent banking business and cross-border money movement.

“Over the last few months, we’ve seen a focus on the correspondent banking business; historically, that has not gotten a lot of attention from the regulators,” Kwan says. “But equally important is the fact that the correspondent-banking activity is international, which can involve high-risk parties or high-risk locations.”

The other concern: cross-border money movement, especially when it relates to the movement of cash. “Recent activity in drug enforcement at the Mexican-U.S. border has also received a lot of scrutiny from regulators in recent months,” Kwan says. “In terms of what they’re looking for, they are taking a very keen interest in the bank’s due diligence, customer due diligence, and in periodic review and ongoing due diligence.”
In March, Pacific National Bank, which like Ocean Bank is based in Miami, was slapped with a $7 million penalty for violations to the BSA and USA Patriot Act. Penalties from the OCC and FinCEN stemmed from the bank’s failure to adequately identify, monitor and report suspicious activities, as well as failure on the bank’s part to sufficiently monitor foreign correspondent bank accounts. The bank also reportedly failed to audit high-risk areas as well as transactions conducted in those areas.

In February, the Office of the Comptroller of the Currency and FinCEN found deficiencies in AML practices related to transactions made in 2006 and 2007 between Zions First National Bank and money-service customers in Mexico. Regulators say Zions failed to adequately monitor activity and transactions totaling more than $5.4 billion, most of which related to a new remote deposit capture service. Wire activity totaling more than $7.9 billion with foreign customers also was not sufficiently monitored, the investigation found.

And last October, HSBC North America [USA] ($186 billion in assets) got slapped with a cease and desist order for similar violations. Regulators found deficiencies in HSBC USA’s BSA compliance program that affected SARS, customer due diligence relating to foreign affiliates and risk assessment, and the monitoring of bulk-cash purchases and international funds transfers.

In Ocean Bank’s case, the bank eventually cleared its backlog of alerts in 2009. But the automated monitoring system was ineffective when detecting suspicious activity, regulators say.

“The bank failed to recognize and mitigate risks and report transaction activity often associated with money laundering involving direct foreign account relationships in high-risk jurisdictions, particularly Venezuela,” said FinCEN Director James H. Freis Jr. in the FDIC and FinCEN statement. “The bank’s failure to respond to such risk with commensurate systems and controls was both systemic and longstanding. The civil money penalties and forfeiture concludes joint investigations by FinCEN, the Drug Enforcement Administration, Internal Revenue Service-Criminal Investigation and the United States Attorney’s Office for the Southern District of Florida, and parallel examinations conducted by the Federal Deposit Insurance Corp. and the Florida Office of Financial Regulation.”

The Florida OFR will continue to monitor Ocean Bank.