United States: FinCEN Penalizes Texas-Based Bank For AML Violations

The Financial Crimes Enforcement Network ("FinCEN") assessed a $2 million civil penalty against a Texas-based community bank in connection with anti-money laundering ("AML") related violations.

FinCEN determined that Lone Star National Bank ("Lone Star") failed to collect and analyze the information necessary to ascertain customer risk and develop individualized risk profiles. Such risk profiles are required to take into account the purpose of an account, the nature of a customer's business, the types of products and services a customer uses, geographic risk indicators, and other factors. Lone Star was found to have assigned improper risk ratings to several of its customers, resulting in a failure to identify high-risk activity. FinCEN determined that insufficient risk identification, coupled with an inadequate process to review and escalate AML alerts, "severely limited the effectiveness of Lone Star's AML program."

FinCEN found that with respect to its foreign correspondent accounts, Lone Star did not meet Bank Secrecy Act ("BSA") due diligence requirements, which mandate enhanced measures to identify and report potential money-laundering activity. The FinCEN assessment states that Lone Star permitted a Mexico-based bank to process $260 million through a correspondent account without identifying or reporting any suspicious activity. Despite the fact that the account holder had paid civil penalties to resolve SEC fraud allegations, among other indicators of elevated risk, Lone Star did not confirm the veracity of the purported source of funds or the purpose of the account. FinCEN asserted that, in light of these red flags, Lone Star should have investigated unusual deposits and other suspicious activity related to the account. Lone Star was also penalized for failure to file Suspicious Activity Reports, as required by the BSA.

FinCEN noted that Lone Star previously agreed to pay $1 million to resolve an enforcement action by the Office of the Comptroller of the Currency ("OCC") related to this conduct. Acknowledging Lone Star's significant efforts to address its AML-related deficiencies, FinCEN stated that the payment to the OCC will be credited against the $2 million due to FinCEN.

Commentary / Christian Larson

This FinCEN enforcement action is far from unique, but two significant issues stand out.

First, regulators often provide financial institutions with an initial opportunity to correct, but they rarely offer two bites at the apple. Where a financial institution fails to satisfy a regulator's request for early corrective action, other regulators may pile on additional penalties.

Second, financial institutions may accept risks that they effectively mitigate. FinCEN Acting Director Jamal El-Hindi  states that "risks can indeed be managed, but not if they are ignored." The Lone Star enforcement action is an example of one end of the risk tolerance spectrum: the bank took on risk it was unprepared to handle. The other end of the spectrum is exemplified by the practice of de-risking, in which a financial institution exits whole categories of customers, products, or services after calculating that the cost of managing the associated risks is too high. The government frowns upon both practices and the challenge for financial institutions is to identify the sweet swath in the middle.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.