As compliance professionals take a seat at their desks for
another year of policing internal conduct at their firms, they face
a new risk themselves: individual liability that could result in
millions of dollars in fines and the effective end of their
careers. Last month, the Financial Crimes Enforcement Network
(FinCEN) and the US Attorney's Office for the Southern District
of New York combined to take action in United States Department
of the Treasury v. Thomas E. Haider1 against a
former Chief Compliance Officer for MoneyGram International Inc.
for his alleged failure to implement and maintain a compliance
program designed to protect against money laundering and to report
suspicious activity. On the basis of its determination that this
failure constituted a violation of the Bank Secrecy Act (BSA) and
its implementing regulations, FinCEN assessed a $1 million civil
penalty against Haider. A civil action, filed by the US
Attorney's Office the same day the assessment was announced,
seeks to turn FinCEN's assessment into an enforceable judgment
and an injunction barring Haider from the financial industry. This
litigation, certain to be contested, could signal a new approach by
federal regulators and law enforcement seeking to hold individual
compliance personnel responsible for programmatic
failures.
Summary of FinCEN's Assessment and the
Litigation
As Chief Compliance Officer from 2003 until he left
MoneyGram in 2008, Haider supervised MoneyGram's Fraud and
Anti-Money Laundering (AML) Compliance Departments.2
MoneyGram enables customers to transfer money from one location to
another through a global network of agents and outlets.3
MoneyGram's Senior Director of AML Compliance, Director of AML
Compliance and Fraud, and Director of Fraud (communications from
all of whom are quoted in the assessment and complaint)
"worked under, and had direct contact with"
Haider.4 Haider allegedly had the authority to terminate
or otherwise discipline MoneyGram agents and outlets due to
"compliance concerns" and also allegedly had the
authority to decline to approve new agents or outlets.5
Although he did not report directly to MoneyGram's Board of
Directors, he made presentations quarterly to the Audit Committee
on developments in MoneyGram's AML program and those
presentations "were not screened by MoneyGram's other
senior managers."6
In 2009, after Haider had left MoneyGram, the Federal Trade
Commission filed a complaint against MoneyGram alleging that,
between 2004 and 2008, MoneyGram agents in the United States and
Canada "aided fraudulent telemarketers and other perpetrators
of telephone and internet scams who misled US consumers into wiring
tens of millions of dollars" to participants in fraudulent
schemes.7 In 2012, MoneyGram entered into a deferred
prosecution agreement (DPA) with the US Department of Justice's
Asset Forfeiture and Money Laundering Section and the US
Attorney's Office for the Middle District of Pennsylvania on
charges of aiding and abetting wire fraud and willfully failing to
implement an effective AML program.8
As part of the DPA, MoneyGram admitted that it had "willfully
failed to maintain an effective anti-money laundering program that
was reasonably designed to prevent it from being used to facilitate
money laundering."9 The specific programmatic
failings to which MoneyGram admitted included:
- a failure to implement policies or procedures governing the termination of MoneyGram agents involved in fraud and money laundering;
- a failure to implement policies or procedures to file required suspicious activity reports (SARs) when victims reported fraud to MoneyGram on transactions over $2,000;
- a failure to file SARs on agents known to MoneyGram to be involved in fraud (MoneyGram's SARs instead listed the victim of the fraud as the likely wrongdoer);
- a failure to conduct effective AML audits of MoneyGram's agents and outlets10;
- a failure to implement policies or procedures to review MoneyGram transfer checks of agents known or suspected to be involved in check pooling, and
- a failure to conduct adequate due diligence on prospective MoneyGram agents or on agents seeking additional outlets.11
The Government claims that Haider's alleged failings entitle it to "far more" than the $1 million penalty FinCEN assessed. On the basis of Haider's "willful failure" to ensure that MoneyGram implemented and maintained an effective compliance program for a period encompassing approximately 190 days, the Government contends that under the BSA he is subject to a penalty of $25,000 per day of non-compliance.13
Key Takeaways
There are several important legal and policy questions raised by this new approach:
First, there is the question of whether individuals may be held liable under the BSA for what appear to have been, at bottom, institutional failures. Although the BSA requires a financial institution to establish an AML program and to designate a compliance officer to assure day-to-day compliance with any such program,14 neither the BSA nor its implementing regulations specify what is required, if anything, of compliance officers such that a cause of action against individuals could be said to have been created. Rather, the regulations merely list what designated compliance officers' responsibilities will include.15 Thus, while an institution may run afoul of the BSA for failing to establish the required AML program, it remains to be seen whether compliance officers may themselves be held liable for failing to carry out their listed responsibilities in an adequate manner.
Second, the Government's interpretation of the willfulness requirement in 31 U.S.C. § 5321(a)(1) may be subject to challenge, both broadly and in this specific instance. In the complaint and assessment against Haider, the Government claims that willfulness for purposes of the BSA covers not only "knowing violations" but also those in which the defendant "acted recklessly or with willful blindness."16 It remains an open question whether the type of inaction attributed to Haider in the assessment and complaint will satisfy such a standard.
Third, and perhaps most importantly, is the issue of the effect of this new approach, pursuant to which individuals may be held financially responsible for each day a financial institution's AML program is not in compliance with federal regulations. Already, industry observers are questioning whether the action taken against Haider will have negative effects on the ability of financial institutions to hire and retain qualified professionals willing to take on these jobs.17 Compliance personnel serve a key role in advising businesses on regulations that seemingly are ever-increasing in their complexity. They are an important backstop and internal check on the business. Now, compliance personnel face the specter of a regulator or law enforcement agency holding them individually responsible after the fact for the advice they provide on where lines can be drawn.
1 No. 14 CV 9987 (S.D.N.Y. Dec. 18, 2014).
2 Compl. at ¶ 13.
3 Id. at ¶ 30.
4 Id. at ¶ 46.
5 Id. at ¶ 49.
6 Id. at ¶ 52.
7 Id. at ¶ 61.
8 Id. at ¶ 62-63.
9 United States v. MoneyGram Int', Inc.,
12-cr-291 (M.D. Pa 2012).
10 In support of this allegation, the DPA (and the
assessment and complaint) cite a refusal on the part of
MoneyGram's Senior Director of AML to conduct audits on certain
outlets suspected of being involved in fraud and money laundering
that MoneyGram refused to terminate because such outlets were
"criminal operations" and sending audit teams into those
outlets would place MoneyGram's personnel in "physical
danger." Id.; Compl. at ¶ 63.
11 Id.
12 Compl. at ¶ 92.
13 Id. at ¶ 132-34.
14 31 U.S.C. § 5318(h).
15 31 C.F.R. § 1022.210(d)(2).
16 Id. at ¶ 27.
17 See, e.g., "In bid to punish individual, FinCEN
pursued MoneyGram business leaders, but caught compliance chief
– source," by Brett Wolf, Thomson Reuters (May 20,
2014), available at: http://blog.thomsonreuters.com/index.php/in-bid-to-punish-individual-fincen-pursued-moneygram-business-leaders-but-caught-compliance-chief-source/.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.