Derechos | Equipo Nizkor
Text of the Non-Prosecution Agreement entered into by Banamex and the U.S. DoJ
Back to top
U.S. Department of Justice
Money Laundering and Asset Recovery Section
Washington, D.C. 20530
May 18, 2017
Brad S. Karp
Paul, Weiss, Rifkind, Wharton & Garrison LLP
1285 Avenue of the Americas
New York, NY 10019-6064
Re: Banamex USA Criminal Investigation
Dear Mr. Karp and Ms. Buergel:
The United States Department of Justice, Criminal Division, Money Laundering and Asset Recovery Section (the "Office") and Banamex USA ("BUSA" or the "Company"), by its undersigned representatives, pursuant to authority granted by the Company's Board of Directors, enter into this Non-Prosecution Agreement ("Agreement"). BUSA's parent company, Citigroup Inc. ("Citigroup," together with its subsidiaries and affiliates, "Citi"), by its undersigned representatives, pursuant to authority granted by Citigroup's Board of Directors, also agrees to certain terms and conditions of the Agreement as set forth below.
The Office enters into this Agreement based on the individual facts and circumstances presented by this case and the Company, including:
(a) the Company engaged in extensive remedial measures, including: devoting significant internal and external resources to remediating compliance violations identified by its primary federal banking regulator; eliminating its engagement in the business line that posed a heightened risk for money laundering and the AML failings which form the focus of the instant prosecutorial action; enhancing its Bank Secrecy Act ("BSA") compliance program and internal controls through, among other things, investment in enhanced transaction monitoring technology and improvements to policies and procedures; significantly increasing the staffing for the BSA function; and ultimately dissolving the Company by ceasing all banking operations and surrendering the Company's state banking charter and membership in the federal bank insurance system;
(b) the Company received only partial credit for its cooperation with the Office's investigation because its initial efforts to provide relevant facts and documents to the Office were neither timely nor substantial. After the Office raised concerns regarding the quality and speed of the Company's cooperation, however, the Company provided cooperation that was timely, substantial, and that identified relevant facts and documents that allowed the Office to conduct the remaining investigation in an efficient manner. The Company's cooperation included making factual presentations to the Office, voluntarily making foreign-based employees available for interviews in the United States, producing documents to the Office from foreign countries in ways that did not implicate foreign data privacy laws, and collecting, analyzing, and organizing voluminous evidence and information for the Office, including providing targeted sets of highly relevant documents relating to certain individuals and topics;
(c) by the conclusion of the investigation, the Company and Citigroup provided to the Office all relevant facts known to it, including information about the individuals involved in the conduct described in the Statement of Facts;
(d) the Company paid a separate civil money penalty of $140 million to the Federal Deposit Insurance Corporation ("FDIC") and the California Department of Business Oversight ("CBDO") to resolve separate BSA regulatory investigations pursuant to a July 22, 2015 Joint Order to Pay Civil Money Penalty; three former senior executives of the Company entered into agreements with the FDIC prohibiting them from further participation in the conduct of the affairs of any financial institution (two of those three also agreed to pay civil money penalties of $90,000 and $70,000, respectively); and a fourth former executive agreed to pay a civil money penalty of $30,000;
(e) Citigroup Inc. and Citibank, N.A., are under ongoing consent orders with their primary banking regulators, the Board of Governors of the Federal Reserve System ("the Federal Reserve") and the Office of the Comptroller of the Currency, respectively, relating to BSA compliance, which, among other things, require Citigroup to improve its oversight and to coordinate compliance with its subsidiaries;
(f) based on the Company's remediation and dissolution, the separate ongoing oversight of Citigroup's BSA Compliance by the Federal Reserve, and the agreement to report to the Office as set forth in Attachment B to this Agreement (Corporate Compliance Reporting), the Office determined that an independent compliance monitor was unnecessary;
(g) the nature and seriousness of the offense conduct, including that certain senior executives and employees of the Company were aware that BUSA was engaged in a business line with a high risk for money laundering; understood that BUSA needed to improve its BSA compliance program to monitor and report suspicious transactions indicative of money laundering and other illicit activity; and failed to make such improvements, all of which contributed to the Company's violations of the BSA;
(h) the Company has no prior criminal history;
(i) the Company did not receive voluntary disclosure credit because neither it nor Citigroup voluntarily and timely disclosed to the Office the conduct described in the Statement of Facts; and
(j) the Company and Citigroup (on its behalf and through its subsidiaries and affiliates) have agreed to continue to cooperate with the Office in any investigation of the conduct of the Company, Citigroup, their subsidiaries and affiliates and any of these entities' officers, directors, employees, agents, business partners, distributors, and consultants relating to violations of the BSA or money laundering laws.
The Company admits, accepts, and acknowledges that it is responsible under United States law for the acts of its officers, directors, employees, and agents as set forth in the attached Statement of Facts, and that the facts described therein are true and accurate. The Company also admits, accepts, and acknowledges that the facts described in the attached Statement of Facts constitute violations of law, specifically willful failures to maintain an anti-money laundering compliance program (31 U.S.C. §§ 5318(a)(2), 5318(h), 5322(b)) and willful failures to file Suspicious Activity Reports (31 U.S.C. §§ 5318(g), 5322(b)). The Company and Citigroup expressly agree that they shall not, through present or future attorneys, officers, directors, employees, agents or any other person authorized to speak for the Company or Citigroup make any public statement, in litigation or otherwise, contradicting the acceptance of responsibility by the Company set forth above or the facts described in the attached Statement of Facts. The Company agrees that if it, Citigroup, or any of Citigroup's direct or indirect subsidiaries or affiliates issues a press release or holds any press conference in connection with this Agreement, the Company shall first consult the Office to determine (a) whether the text of the release or proposed statements at the press conference are true and accurate with respect to matters between the Office and the Company; and (b) whether the Office has any objection to the release.
The Company and Citigroup's obligations under this Agreement shall have a term of one year from the date on which the Agreement is executed (the "Term"). The Company and Citigroup agree, however, that, in the event the Office determines, in its sole discretion, that the Company or Citigroup has knowingly violated any provision of this Agreement or has failed to completely perform or fulfill each of the Company's and Citigroup's obligations under this Agreement, an extension or extensions of the Term may be imposed by the Office, in its sole discretion, for up to a total additional time period of one year, without prejudice to the Office's right to proceed as provided in the breach provisions of this Agreement below. Any extension of the Agreement extends all terms of this Agreement, including the terms of the reporting requirement in Attachment B, for an equivalent period. Conversely, in the event the Office finds, in its sole discretion, that there exists a change in circumstances sufficient to eliminate the need for the reporting requirement in Attachment B, and that the other provisions of this Agreement have been satisfied, the Agreement may be terminated early.
The Company and Citigroup shall cooperate fully with the Office in any and all matters relating to the conduct described in this Agreement and the attached Statement of Facts and other conduct under investigation by the Office or any other component of the Department of Justice involving the BSA and federal money laundering statutes at any time during the Term until the later of the date upon which all investigations and prosecutions arising out of such conduct are concluded, or the Term. At the request of the Office, the Company and Citigroup shall also cooperate fully with other domestic or foreign law enforcement and regulatory authorities and agencies in any investigation of the Company, Citigroup, their subsidiaries and affiliates, and any of these entities' officers, directors, employees, agents, business partners, distributors, and consultants, or any other party, in any and all matters relating to the conduct described in this Agreement and the attached Statement of Facts and other conduct under investigation by the Office or any other component of the Department of Justice involving the BSA and federal money laundering statutes. The Company and Citigroup agree that their cooperation shall include, but not be limited to, the following:
a. The Company and Citigroup shall truthfully disclose all factual information not protected by a valid claim of attorney-client privilege or attorney work product doctrine with respect to their activities, those of Citigroup and its subsidiaries and affiliates, and those of their present and former directors, officers, employees, agents, and consultants, including any evidence or allegations and internal or external investigations, about which the Company or Citigroup have any knowledge or about which the Office may inquire. This obligation of truthful disclosure includes, but is not limited to, the obligation of the Company and Citigroup to provide to the Office, upon request, any document, record or other tangible evidence about which the Office may inquire of the Company or Citigroup.
b. Upon request of the Office, the Company and Citigroup shall designate knowledgeable employees, agents, or attorneys to provide to the Office the information and materials described above on behalf of the Company or Citigroup. It is further understood that the Company and Citigroup must at all times provide complete, truthful, and accurate information.
c. The Company and Citigroup shall use their best efforts to make available for interviews or testimony, as requested by the Office, present or former officers, directors, employees, agents, and consultants of the Company or Citigroup. This obligation includes, but is not limited to, sworn testimony before a federal grand jury or in federal trials, as well as interviews with domestic or foreign law enforcement and regulatory authorities. Cooperation shall include identification of witnesses who, to the knowledge of the Company or Citigroup, may have material information regarding the matters under investigation.
d. With respect to any information, testimony, documents, records or other tangible evidence provided to the Office pursuant to this Agreement, the Company and Citigroup consent to any and all disclosures, subject to applicable law and regulations, to other governmental authorities, including United States authorities and those of a foreign government of such materials as the Office, in its sole discretion, shall deem appropriate.
e. During the Term, should the Company or Citigroup learn of any evidence or allegation of a violation of BSA or money laundering laws by Citi, the Company or Citigroup shall promptly report such evidence or allegation to the Office. Thirty days prior to the end of the Term, the Company and Citigroup, by the Citigroup BSA Officer, will certify to the Office that the Company and Citigroup have met their disclosure obligations pursuant to this Agreement. A similar certification will be made on the last day of the Term. Each certification will be deemed a material statement and representation by the Company and Citigroup to the executive branch of the United States for purposes of 18 U.S.C. § 1001.
f. In addition, Citigroup agrees that it will report to the Office during the Term regarding remediation and implementation of compliance measures to improve oversight of subsidiary BSA compliance or that are otherwise imposed by the Federal Reserve. These reports will be prepared in accordance with Attachment B (Corporate Compliance Reporting).
As a result of the Company's conduct, including the conduct set forth in the Statement of Facts, the Company agrees that the Office could institute a civil and/or criminal forfeiture action against certain funds held by the Company, and that such funds would be forfeitable pursuant to 18 U.S.C. §§ 981 and 982. The Company agrees to forfeit to the United States the sum of $97,440,000 (the "Forfeiture Amount"). The Forfeiture Amount is based upon profits of at least $92.8 million as a result of the offense conduct. The Forfeiture Amount is in addition to the $140 million civil money penalty paid to the FDIC and CDBO described above. The Company shall pay the Forfeiture Amount, plus any associated transfer fees, within ten business days of the date on which this Agreement is signed, pursuant to payment instructions provided by the Office in its sole discretion. The Company hereby agrees that, in the event the funds used to pay the Forfeiture Amount are not directly traceable to or involved in transactions sent through the Company in violation of federal money laundering statutes, the monies used to pay the Forfeiture Amount shall be considered substitute res for the purpose of forfeiture to the United States pursuant to 18 U.S.C. § 981(a)(1)(A), and the Company releases any and all claims it may have to such funds. The Company agrees to sign any additional documents necessary to complete forfeiture of the funds. The Company and Citigroup agree that they shall not file any petitions for remission, restoration, or any other assertion of ownership or request for return relating to the Forfeiture Amount, or any other action or motion seeking to collaterally attack the seizure, restraint, forfeiture, or conveyance of the Forfeiture Amount, nor shall they assist any others in filing any such claims, petitions, actions, or motions. The Company and Citigroup shall not seek or accept directly or indirectly reimbursement or indemnification from any source with regard to the Forfeiture Amount that the Company pays pursuant to this Agreement or any other agreement entered into with an enforcement authority or regulator concerning the facts set forth in the attached Statement of Facts. Additionally, the Company and Citigroup agree that they shall not claim, assert, or apply for, either directly or indirectly, any tax deduction, tax credit, or any other offset with regard to any U.S. federal, state, or local tax or taxable income the Forfeiture Amount paid pursuant to this Agreement.
The Forfeiture Amount paid is final and shall not be refunded should the Office later determine that the Company has breached this Agreement and commence a prosecution against the Company. In the event of a breach of this Agreement and subsequent prosecution, the Office is not limited to the Forfeiture Amount. The Office agrees that in the event of a subsequent breach and prosecution, it will recommend to the Court that the amounts paid pursuant to this Agreement be offset against whatever forfeiture or fine the Court shall impose as part of its judgment. The Company understands that such a recommendation will not be binding on the Court.
The Office agrees, except as provided herein, that it will not bring any criminal or civil case (except for criminal tax violations, as to which the Office does not make any agreement) against the Company or Citi relating to: (i) any of the conduct described in the attached Statement of Facts; (ii) the BSA and anti-money laundering compliance conduct investigated by the Office in partnership with the United States Attorney's Office for the District of Massachusetts prior to the signing of this Agreement; and (iii) information that the Company disclosed to the Office prior to the date on which the Agreement was signed relating to certain visa petitions for a former BUSA employee. To the extent there is conduct disclosed by the Company that is not described in (i) through (iii) of the preceding sentence, such conduct will not be exempt from prosecution and is not within the scope of or relevant to this Agreement. The Office, however, may use any information related to the conduct described in the attached Statement of Facts against the Company or Citigroup: (a) in a prosecution for perjury or obstruction of justice; (b) in a prosecution for making a false statement; (c) in a prosecution or other proceeding relating to any crime of violence; or (d) in a prosecution or other proceeding relating to a violation of any provision of Title 26 of the United States Code. This Agreement does not provide any protection against prosecution for any future conduct by the Company or any of its present or former parents or subsidiaries. In addition, this Agreement does not provide any protection against prosecution of any individuals, regardless of their affiliation with the Company or any of its present or former parents or subsidiaries. In particular, this Agreement provides no immunity from prosecution to any individual and shall not restrict the ability of the Office to charge any individual for any criminal offense and to seek the maximum term of imprisonment applicable to any such violation of criminal law.
If, during the Term of this Agreement (a) the Company commits any felony under U.S. federal law; (b) the Company or Citigroup provides in connection with this Agreement deliberately false, incomplete, or misleading information, including in connection with their disclosure of information about individual culpability; (c) the Company or Citigroup fails to cooperate as set forth in this Agreement; or (d) the Company or Citigroup otherwise fails to completely perform or fulfill each of their obligations under the Agreement, regardless of whether the Office becomes aware of such a breach after the Term is complete, the Company shall thereafter be subject to prosecution for any federal criminal violation of which the Office has knowledge, including, but not limited to, the conduct described in the attached Statement of Facts, which may be pursued by the Office in any appropriate venue. Determination of whether the Company or Citigroup has breached the Agreement and whether to pursue prosecution of the Company shall be in the Office's sole discretion. Any such prosecution may be premised on information provided by the Company, Citigroup, their subsidiaries or affiliates, or their personnel. Any such prosecution relating to the conduct described in the attached Statement of Facts or relating to conduct known to the Office prior to the date on which this Agreement was signed that is not time-barred by the applicable statute of limitations on the date of the signing of this Agreement may be commenced against the Company, notwithstanding the expiration of the statute of limitations, between the signing of this Agreement and the expiration of the Term plus one year. Thus, by signing this Agreement, the Company agrees that the statute of limitations with respect to any such prosecution that is not time-barred on the date of the signing of this Agreement shall be tolled for the Term plus one year. In addition, the Company agrees that the statute of limitations as to any violation of U.S. federal law that occurs during the Term will be tolled from the date upon which the violation occurs until the earlier of the date upon which the Office is made aware of the violation or the duration of the Term plus five years, and that this period shall be excluded from any calculation of time for purposes of the application of the statute of limitations.
In the event the Office determines that the Company or Citigroup has breached this Agreement, the Office agrees to provide the Company and Citigroup with written notice of such breach prior to instituting any prosecution resulting from such breach. The Company and Citigroup shall have 30 days upon receipt of notice of a breach to respond to the Office in writing to explain the nature and circumstances of such breach, as well as the actions the Company and Citigroup have taken to address and remediate the situation, which explanation the Office shall consider in determining whether to pursue prosecution of the Company.
In the event that the Office determines that the Company or Citigroup has breached this Agreement: (a) all statements made by or on behalf of the Company to the Office or to the Court, including the attached Statement of Facts, and any testimony given by the Company before a grand jury, a court, or any tribunal, or at any legislative hearings, whether prior or subsequent to this Agreement, and any leads derived from such statements or testimony, shall be admissible in evidence in any and all criminal proceedings brought by the Office against the Company; and (b) the Company shall not assert any claim under the United States Constitution, Rule 11(f) of the Federal Rules of Criminal Procedure, Rule 410 of the Federal Rules of Evidence, or any other federal rule that any such statements or testimony made by or on behalf of the Company prior or subsequent to this Agreement, or any leads derived therefrom, should be suppressed or are otherwise inadmissible. The decision whether conduct or statements of any current director, officer or employee, or any person acting on behalf of, or at the direction of, the Company or Citigroup, will be imputed to the Company or Citigroup for the purpose of determining whether the Company or Citigroup has violated any provision of this Agreement shall be in the sole discretion of the Office.
Except as may otherwise be agreed by the parties in connection with a particular transaction, and other than the planned surrender of the Company's federal deposit insurance and California banking license effective as of June 30, 2017, the Company agrees that in the event that, during the Term, it undertakes any change in corporate form, including if it sells, merges, or transfers business operations that are material to the Company's consolidated operations, or to the operations of any subsidiaries or affiliates involved in the conduct described in the attached Statement of Facts, as they exist as of the date of this Agreement, whether such change is structured as a sale, asset sale, merger, transfer, or other change in corporate form, it shall include in any contract for sale, merger, transfer, or other change in corporate form a provision binding the purchaser, or any successor in interest thereto, to the obligations described in this Agreement. The purchaser or successor in interest must also agree in writing that the Office's ability to determine there has been a breach under this Agreement is applicable in full force to that entity. The Company agrees that the failure to include this Agreement's breach provisions in the transaction will make any such transaction null and void. The Company shall provide notice to the Office at least 30 days prior to undertaking any such sale, merger, transfer, or other change in corporate form. If the Office notifies the Company prior to such transaction (or series of transactions) that it has determined that the transaction(s) has the effect of circumventing or frustrating the enforcement purposes of this Agreement, as determined in the sole discretion of the Office, the Company agrees that such transaction(s) will not be consummated. In addition, if at any time during the Term the Office determines in its sole discretion that the Company has engaged in a transaction(s) that has the effect of circumventing or frustrating the enforcement purposes of this Agreement, it may deem it a breach of this Agreement pursuant to the breach provisions of this Agreement. Nothing herein shall restrict the Company from indemnifying (or otherwise holding harmless) the purchaser or successor in interest for penalties or other costs arising from any conduct that may have occurred prior to the date of the transaction, so long as such indemnification does not have the effect of circumventing or frustrating the enforcement purposes of this Agreement, as determined by the Office.
This Agreement is binding on the Company, Citigroup, and the Office, but specifically does not bind any other component of the Department of Justice, other federal agencies, or any state, local or foreign law enforcement or regulatory agencies, or any other authorities, although the Office will bring the cooperation of the Company and Citigroup and its compliance with its other obligations under this Agreement to the attention of such agencies and authorities if requested to do so by the Company or Citigroup.
It is further understood that the Company, Citigroup, and the Office may disclose this Agreement to the public.
This Agreement sets forth all the terms of the agreement between the Company, Citigroup, and the Office. No amendments, modifications or additions to this Agreement shall be valid unless they are in writing and signed by the Office, the attorneys for the Company and Citigroup, and a duly authorized representative of each.
Acting Chief, Money Laundering and Asset
United States Department of Justice
Jennifer E. Ambuehl
J. Randall Warden
Bank Integrity Unit
AGREED AND CONSENTED TO:
Banamex USA Date: BY: [Signed]
Eric K. Kawamura
Date: 5/19/17 BY: [Signed]
Brad S. Karp
Paul, Weiss, Rifkind, Wharton & Garrison LLP
Citigroup Inc. Date: [Signed]
Date: 5/19/17 [Signed]
Brad S. Karp
Paul, Weiss, Rifkind, Wharton & Garrison LLP
Attachment A - Statement of Facts
The following Statement of Facts is incorporated as part of the Non-Prosecution Agreement between the United States Department of Justice Criminal Division's Money Laundering and Asset Recovery Section (the "Department" or the "United States") and Banamex USA ("BUSA") (together, the "Parties"). The Parties stipulate that the following facts are true and correct:
1. BUSA admits that its conduct, as described herein, violated the Bank Secrecy Act ("BSA"), which makes it a crime to willfully fail to establish and maintain an anti-money laundering compliance program with appropriate policies, procedures, and controls to guard against money laundering and to willfully fail to report suspicious transactions.
2. Specifically, BUSA violated the BSA from at least 2007 until at least 2012 by willfully failing to (1) monitor appropriately millions of remittance transactions it processed to Mexico in partnership with money services businesses ("MSBs"); and (2) provide appropriate staffing and resources to ensure its BSA department could conduct appropriate transaction monitoring of MSB remittance transactions. As a result of these compliance program failures, BUSA failed to file suspicious activity reports ("SARs") on suspicious remittance transactions to Mexico that fit typologies consistent with illegal activity, such as human smuggling, fraud, and drug trafficking.
3. From 2007 to 2012, BUSA processed over 30 million remittance transactions to Mexico with a total value of more than $8.8 billion with virtually no investigation for suspicious activity. BUSA employed a limited and manual transaction monitoring system, running only two scenarios to identify suspicious activity on these millions of transactions. These two scenarios produced paper reports that were intended to be reviewed by hand by the two employees primarily assigned to perform BSA functions of the bank, in addition to significant, time-consuming non-BSA responsibilities.
4. BUSA personnel understood, and reported to the BUSA Board of Directors, that the average remittance to Mexico was $300 and primarily involved individuals periodically sending money to family members in Mexico. Yet, from 2007 to 2012, BUSA processed approximately $1.3 billion in remittances with a value greater than $1,500--five times the expected family remittance. BUSA personnel further understood that an individual receiving money from many, unrelated individuals from different geographic locations was a red flag for illicit activity. BUSA's limited transaction monitoring reports provided alerts to identify this money laundering typology. Because BUSA failed to invest in appropriate human and technological resources, however, its minimal BSA staff could not and did not appropriately review and investigate the alerts generated.
5. As early as 2004, BUSA recognized that it should enhance its MSB monitoring. Monitoring enhancement became particularly important starting in 2006 as BUSA began to add new MSB partners. By this time, BUSA knew that its BSA compliance program was unable to adequately monitor for suspicious activity with the resources and staffing available. Despite understanding the need to improve its transaction monitoring controls and add BSA compliance personnel, BUSA nevertheless expanded its MSB business and then added branches to the Southwest border without adding staffing resources, stretching an already strained BSA compliance program.
6. As a result of BUSA's inadequate transaction monitoring system and its understaffed BSA compliance function, BUSA not only failed to appropriately review and investigate the AML alerts identified in the existing monitoring reports of MSB transactions but also failed to appropriately identify and report suspicious transactions that were processed by BUSA. From 2007 to 2012, BUSA's monitoring reports identified over 18,000 alerts on more than $142 million in potentially suspicious remittance transactions. Certain transactions on BUSA's monitoring reports fit suspicious patterns that BUSA personnel understood were indicative of payments relating to illegal activity. Notwithstanding the thousands of alerts, BUSA opened fewer than ten investigations and filed only nine SARs. These nine SARs covered only 700 transactions totaling approximately $341,307.
Year No. of Transactions Amount Transacted # SARs Filed 2007 3.8M $1.3 B 6 2008 5.9M S1.9B 2 2009 5.1 M $1.5 B 1 2010 5.3 M $1.5 B 0 2011 5.1 M $1.3 B 0 2012 4.9 M $1.3 B 0 Total 30.1 M $8.8 B 9
U.S. BSA Laws
7. Congress enacted the BSA. 31 U.S.C. § 5311 et seq.. and its implementing regulations, to address an increase in criminal money laundering activity through financial institutions. Among other things, the BSA requires domestic banks, insured banks, and other financial institutions to maintain compliance programs designed to detect and report suspicious activity that might be indicative of money laundering, terrorist financing, and other crimes, and to maintain certain records and file reports related thereto that are especially useful in criininal, tax, or regulatory investigations or proceedings.
8. Pursuant to 31 U.S.C. §§ 5318(a)(2) and 5318(h)(1) and 12 C.F.R. § 326.8, BUSA was required to establish an anti-money laundering ("AML") compliance program that, at a minimum, provided for: (a) internal policies, procedures, and controls designed to guard against money laundering; (b) an individual or individuals to coordinate and monitor day-to-day compliance with the BSA and AML requirements; (c) an ongoing employee trairhng program; and (d) an independent audit function to test compliance programs.
9. Pursuant to 31 U.S.C. § 5318(g), 31 C.F.R. § 1020.320, and 12 C.F.R. § 326.8, BUSA was required to report to the Department of the Treasury "suspicious transaction[s] relevant to apossible violation of law or regulation." 31 U.S.C. § 5318(g)(1). The BSA's implementing regulations provide that a transaction is reportable if it is "conducted or attempted by, at, or through the bank, it involves or aggregates at least $5,000 in funds or other assets, and the bank knows, suspects, or has reason to suspect that: (i) [t]he transaction involved funds derived from illegal activities or was intended or conducted in order to hide or disguise funds or assets derived from illegal activities . . . as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under Federal law or regulation; (ii) [t]he transaction is designed to evade any requirements . . . promulgated under the Bank Secrecy Act; or (iii) [t]he transaction has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining available facts, including the background and possible purpose of the transaction." 31 C.F.R. § 1020.320(a)(2).
BUSA Background and BSA Program Overview
10. BUSA is a state-chartered bank based in Los Angeles, California, and an indirect subsidiary of Citigroup Inc. ("Citigroup"). Its primary regulators are the Federal Deposit Insurance Corporation ("FDIC") and the California Department of Business Oversight ("CDBO"). From 1998 to 2001, BUSA was the U.S. subsidiary of Banco Nacional de Mexico ("Banamex"), a bank based in Mexico. BUSA provided numerous U.S. dollar products and services for Banamex's high net worth and commercial customers in Mexico, and a substantial majority of BUSA's account holders were referred by Banamex. In 2001, Citigroup acquired both Banamex and BUSA. |1| At the time of the Citigroup acquisition in 2001, BUSA did not have traditional brick and mortar branches; the bank operated out of a high rise office tower in Los Angeles.
11. By 2011, BUSA had opened 10 retail branches in the Los Angeles area along with several branches near the border with Mexico in California, Arizona, and Texas. Although the bank had a small physical presence in the United States, it had approximately $1.2 billion in deposits and $1.5 billion in assets at the end of 2012. Many of BUSA's customers were based in Mexico and engaged in cross-border transactions, which pose an elevated AML risk.
12. From 2007 until 2012, BUSA employed no more than two people at any given time to work primarily on BSA compliance. The BSA employees were responsible for day-today BSA/AML functions for the bank, including but not limited to transaction monitoring and SAR reporting, reviews to ensure compliance with Office of Foreign Assets Control ("OFAC") sanctions, AML risk assessments and assisting with the drafting of compliance plans, training, and preparing management reports for BUSA and Citigroup management, among other things. For transaction monitoring alone, this entailed the largely manual creation and review of at least four reports per day and approximately ten reports per month. These reports were to be reviewed manually by the two BSA employees.
13. BUSA also assigned one of the BSA personnel ("BSA Employee #1") to information technology functions (referred to internally as "systems security" or "applications security"), requiring BSA Employee #1 to create new employee accounts and re-set employee computer passwords, among other tasks. These non-BSA responsibilities occupied approximately 50% of BSA Employee #1's time under normal circumstances. BUSA's BSA Officer from 2004 to 2005 recognized that BSA personnel should not be performing these functions because they prevented BSA personnel from timely performing their BSA compliance responsibilities. She expressed this concern to BUSA's Chief Compliance Officer before she left the bank in 2005.
14. In 2006, BUSA's BSA functional reporting line was adjusted to report directly to Citigroup's BSA/AML function. From that time forward, BUSA's Chief Compliance Officer (who also held the title of BSA Officer from 2006 to January 2011) reported directly to Citigroup Global Consumer Compliance |2| management in New York, with a supplemental "matrix" reporting to BUSA's CEO. Following this transition, the Citigroup Global Consumer Compliance Director (who was also the Chief Compliance Officer of Citigroup's U.S. retail bank) directly supervised BUSA's Chief Compliance/BSA Officer and conducted his performance reviews.
BUSA's MSB Remittance Business
15. BUSA partnered with and provided services to numerous MSBs in the United States to facilitate the transfer of money remittances primarily from the United States to Mexico. BUSA's agreements with MSBs were tri-party contracts involving both BUSA and Banamex.
16. BUSA's partnerships with MSBs for remittances to Mexico comprised the majority of its funds transfer business. In November 2000, BUSA and Banamex entered into an exclusive agreement with MSB #1 for BUSA to become MSB #1's master agent for remittances to Mexico for MSB #1 and its affiliate. Between 2006 and 2010, BUSA and Banamex expanded their business to include eight additional MSB partners. With that expansion, BUSA projected that it would be processing approximately 70% of all remittances sent from the United States to Mexico.
17. BUSA's partnership with MSBs and the role it played processing remittances to Mexico went beyond the bank account services typically provided to MSBs with an operating account at a bank. Among other things, BUSA provided the data transfer technology to transmit transactional data from the originating MSB agent to a paying agent in Mexico through its own servers; conducted the foreign exchange to convert U.S. dollars into Mexican pesos; transferred those funds to Banamex and other paying agents in Mexico; reconciled transactions paid on a daily basis and provided invoices to the MSBs in the United States for transactions paid in Mexico; assisted with marketing for the remittance services, including a contractual requirement to spend 7.5% of its annual gross revenues for marketing of its partners' remittance services; and contracted with paying agents in Mexico (sometimes referred to as "sub-agents") to expand the number of locations where beneficiaries could pick up remittances.
18. BUSA had visibility into the MSB transactions it processed. As part of its daily procedures, BUSA employees received or downloaded various data files from the MSBs containing data about each individual remittance BUSA processed, including information about the sender, beneficiary, amount, pay date, pay location, and transaction number. BUSA developed and maintained databases that stored this remittance data for each of its MSB partners. These databases were used to send information to paying agents in Mexico, create various business and compliance reports, and generate invoices to the MSBs. BUSA transmitted certain of these reports and invoices to its MSB partners so that the MSB could fund its account at BUSA.
19. BUSA and Banamex processed these payments to beneficiaries in Mexico through a network that included: (1) Banamex branches; (2) national and regional grocery and retail chains in Mexico (generally referred to as BUSA "subagents" because BUSA contracted directly with those paying agents) that processed MSB #1 remittance payments through a connection to the Banamex banking system; and (3) a variety of smaller establishments (such as gas stations and bodegas) that used a product called Banamex Aqui to access the Banamex banking system. The money used to pay remittances in Mexico flowed, in the aggregate, from the MSB in the United States to BUSA, which then conducted a foreign exchange transaction to purchase pesos. BUSA then transferred the pesos to a BUSA account at Banamex Mexico. Those funds would then be provided to Banamex and other paying agents.
20. Based on the tasks performed by BUSA, the flow of funds through BUSA, and the flow of data through BUSA described above, BUSA personnel understood that BUSA was required to maintain appropriate internal controls designed to monitor and report suspicious activity involving these individual remittances that were processed by the bank.
21. BUSA's MSB business was profitable to the bank. BUSA earned revenue from its MSB partnerships in two ways: (1) a portion of the fees charged to the customer by the MSB for each individual transaction, and (2) a portion of the foreign exchange gain charged to the customer by the MSB for each individual transaction. Between 2007 and 2012, BUSA earned over $144 million in gross revenue from these fees. The revenue from BUSA's MSB business comprised between 22% and 29% of the bank's gross revenue during this time. During this same time period, BUSA earned more than $92 million in net profit from its MSB business.
BUSA's BSA Violations
BUSA Understood its BSA Monitoring of Remittances Needed Enhancements but Failed to Make Improvements
22. From the early days of its MSB business, certain BUSA management believed BUSA should monitor the MSB remittance transactions it processed and report suspicious activity. In early 2004, BUSA's BSA Officer consulted with an organization of banks that associated to retain and share legal and compliance counsel ("Bankers' Association") as well as with MSB #1. On January 28, 2004, BUSA's BSA Officer reported back to the BUSA Compliance Officer that the Bankers' Association "is of the opinion that we should be monitoring for suspicious transactions," and that MSB #1 "also seems to think we have some monitoring responsibility." The BSA Officer also stated that the very limited monitoring in place at the time was inadequate: "I am of the opinion that our current monitoring is not adequate and that the entire process should be reviewed in order to avoid any future compliance issues." BUSA's Compliance Officer forwarded this email to BUSA's CEO and Sr. Vice President of Operations of the bank. The Sr. VP of Operations agreed that BUSA's monitoring procedures for MSB remittances should be reviewed.
23. Following this January 2004 determination, BUSA's BSA Officer developed two monitoring scenarios for the BSA department to review MSB transactions. The scenarios identified individual senders and receivers of five or more transactions totaling more than $5,000 in a single calendar month. The scenarios produced two paper reports each month for each MSB to be reviewed by the BSA analyst by hand. There was no procedure in place, however, to track whether the same individuals were sending and/or receiving potentially suspicious transactions over multiple months. Additionally, even for the very few SARs that were filed on MSB remittances, there were no procedures or controls in place to conduct follow-up investigations on subjects of past SAR filings to determine whether the suspicious activity continued.
24. Even as BUSA implemented this new monitoring procedure in early 2004, it initiated the process to move from this limited manual monitoring to a comprehensive electronic monitoring system. While initial efforts in 2004 stalled, BUSA's new BSA Officer resumed those efforts in 2005. Citigroup's Global AML management approved BUSA's request to enhance its monitoring of MSB remittances, concluding that "the exposure is sufficient to warrant monitoring." BUSA, however, failed to enhance its monitoring controls in 2005.
25. By the end of 2005, BUSA recognized that it would need to enhance its monitoring system because of the planned expansion of the MSB business and the limited staffing devoted to BSA. BUSA's 2006 Compliance Plan stated that "technology needs include . . . using GAMLU [Citigroup's BSA monitoring hub in Tampa] to monitor [MSB #1] and [its affiliate's] transactions." Meanwhile, at the same time, BUSA's limited BSA staff could not keep up with the reviews of the monthly paper reports. BUSA's October 2006 Risk Control Self-Assessment ("RCSA") identified a four-month delay in the monitoring of the monthly MSB #1 reports. Those problems continued, and the January 2007 RCSA noted delays in generating (much less reviewing) monitoring reports due to "system constraints." Despite the monitoring backlog and the recognized need for improvement, BUSA failed to enhance its monitoring of MSBs throughout 2006.
2007-2012: BUSA Expanded its MSB Business but Failed to Improve its Monitoring Despite Repeated Warnings and Increasing AML Risks
26. By 2007, BUSA's failure to make needed transaction monitoring enhancements and failure to add staffing resources caused a failure to maintain appropriate money laundering controls. As described in paragraph 16, BUSA began to expand its MSB remittance business in 2006 and continued adding several MSB partners through 2010. Though BUSA expanded its MSB business, it did not expand its AML compliance program to meet the needs of this expansion through investment in transaction monitoring technology or additional BSA staffing to assist with transaction monitoring reviews. Just as in 2006, BUSA's 2007 and 2008 Compliance Plans stated that AML compliance monitoring controls needed enhancement through automated technology. Yet BUSA did not make the improvements identified in its compliance plans (i.e., automated monitoring of MSB remittances), even as BUSA started processing millions of dollars of transactions for three additional MSBs in 2007.
27. Indeed, the additional MSB business caused further strain on BUSA's insufficient AML resources, resulting in a failure to review, investigate, and report transactions BUSA knew, suspected, or had reason to suspect were reportable pursuant to the BSA. For example, in September 2007, BUSA filed six SARs on remittance recipients engaged in a pattern of transactions "that may involve illegal border-crossing payments being received by the same beneficiary . . . and originated by different originators." This suspicious transactional pattern, however, continued in subsequent years, with only two SARs filed in 2008 and one in 2009 despite numerous transactions alerting on the same suspicious pattern identified in the 2007 SARs that BUSA filed. In some cases, the exact same beneficiaries identified as recipients of suspicious transactions in the 2007 SARs continued to conduct hundreds of thousands of dollars of transactions. Below are two representative examples of this pattern:
a. Remittance Beneficiary A: BUSA filed a SAR on Beneficiary A on September 4, 2007, as part of the remittances identified by BSA and operations personnel as potential illegal activity. That SAR covered transactional activity from January 6 to July 26, 2007, in which Beneficiary A received 41 remittances from numerous originators in the United States, Ecuador, and El Salvador, mostly under $3,000, totaling $146,738. The SAR failed to identify that Beneficiary A had been a beneficiary of over $400,000 in transactions in 2005 and 2006, appearing on BUSA's monthly monitoring scenario twelve times without any action by BUSA. The same suspicious activity continued for another year after the 2007 SAR through July 2008. That subsequent activity involved 89 transactions totaling $248,811 and appeared on nine BUSA monthly monitoring reports. BUSA failed to take any further steps to investigate and report the continuation of activity it had previously reported as suspicious in September 2007.
b. Remittance Beneficiary B: BUSA filed a SAR on Beneficiary B on September 4, 2007, as part of the remittances identified by BSA and operations personnel as potential illegal activity. The SAR covered 27 transactions he received from April to July 2007 totaling $92,900 from the United States and Ecuador. The same suspicious activity continued through August 2008. In the year following the SAR, Beneficiary B's transactions appeared on BUSA's monthly monitoring reports four more times. In total, Beneficiary B received 28 transactions totaling more than $102,000 in the year after BUSA filed a SAR on him. Just as with Beneficiary A, BUSA failed to take any further steps to investigate and report the continuation of activity it had previously reported as suspicious in September 2007.
28. The expansion of BUSA's MSB business raised concerns for a compliance manager in Citigroup. He voiced those concerns to BUSA and Citigroup management, as well as his expectation that BUSA would implement an enhanced and automated monitoring system to address the concerns before expanding the business. For example:
a. On December 6, 2007, the Citigroup Global AML manager told BUSA's CEO: "We feel the expansion of the MSB business presents Citi with risk from both an AML and reputation perspective." The same Citigroup Global AML manager subsequently informed the Chief Compliance Officer of Citigroup's Global Consumer Group on December 11, 2007, that BUSA "monitors the [remittance] activities passing through its system and is in the process of contracting with GAMLOM |3| to complete this monitoring in the future."
b. When BUSA had not made these needed improvements to its MSB transaction monitoring controls, the Citigroup Global AML manager continued to raise his concerns. In April 2008, he asked BUSA's Chief Compliance/BSA Officer: "Want to know how you are going to continue to expand your business before expanding your own monitoring capability."
c. A month later, on May 27, 2008, the same Citigroup Global AML manager warned BUSA's CEO and Chief Compliance/BSA Officer that BUSA would need to enhance its AML monitoring: "Clearly, expanding the MSB business, pending branch expansion, and the potential of the OTS [Office of Thrift Supervision, a banking regulator that was subsequently merged with several other financial regulators in 2011] as a primary regulator will require that we move to a more automated monitoring system."
d. BUSA's Chief Compliance/BSA Officer subsequently sent an email to a Citigroup GAMLOM manager in July 2008 requesting assistance with automated MSB remittance monitoring and identifying numerous monitoring scenarios and reports he wanted to be run for BUSA's MSB remittance transactions--far more than BUSA was doing at the time. BUSA's Chief Compliance/BSA Officer explained that "we [BUSA] want to outsource this process, as we do not have the resources to program or maintain this [process]." (Emphasis added.) Even after acknowledging that BUSA did not have the resources to implement automated MSB remittance transaction monitoring, BUSA failed to outsource the program in 2008 or to make other changes to remedy the problem.
29. At the same time that BUSA recognized that its transaction monitoring should be enhanced and resources added in mid-2008, BUSA failed to add employees to its already understaffed BSA compliance program. In June 2008, BUSA's Chief Compliance/BSA Officer recommended to Citigroup's Global Consumer Compliance Director (his direct supervisor) to "transfer the application security function currently performed by [BSA Employee #1] to the IT Department." This would have provided more time for BSA Employee #1 to perform BSA responsibilities such as transaction monitoring. BUSA failed to implement its own proposed change.
30. In early 2009, BUSA BSA personnel prepared BUSA's 2009 Enterprise-Wide AML Risk Assessment. Similar to the 2006, 2007, and 2008 Compliance Plans, this document again highlighted BUSA's understanding of its need to improve MSB remittance monitoring: "EPO |4| business expansion with new MSBs, has triggered the need for enhancing our EPO monitoring capabilities; [BUSA] has contacted various vendors to develop and quote a new monitoring tool and reports to better mitigate our future Monitoring risk exposure needs." (Emphasis added.) For the fourth year in a row, however, BUSA failed to obtain enhanced monitoring.
31. Another warning sign regarding the high risk nature of BUSA's MSB business came in early 2010 when BUSA's largest and most significant MSB partner (MSB #1) entered into a settlement agreement with Arizona to resolve allegations concerning MSB #1's anti-money laundering controls. The settlement agreement arose out of Arizona's investigation into, among other things, the use of MSB #1's remittance services by criminal enterprises to facilitate human smuggling through remittances sent to Mexico. Following news of the settlement and discussions with MSB #1, BUSA took no steps to review why it had failed to identify these suspicious transactions that it processed in partnership with MSB #1. Nor did BUSA take any immediate steps to enhance its suspicious activity monitoring controls or increase the number of staff reviewing the manual paper monitoring reports.
32. After failing to increase BSA staffing during the four years of MSB business expansion, BUSA finally sought and received approval from Citigroup Global Consumer Compliance management to hire two additional BSA employees in 2010 in connection with BUSA's expansion of its bank branches. Rather than hire two additional BSA analysts, BUSA instead re-hired the BSA Officer who had left the bank in 2005. Shortly after the former BSA Officer returned, one of the two existing BSA employees (BSA Employee #2) transferred out of the BSA department, leaving BSA staffing again at two individuals (the BSA Officer and BSA Employee #1). Ultimately, BUSA failed to increase BSA staffing even though Citigroup and BUSA management had approved hiring more resources.
33. BUSA's BSA Officer quickly identified numerous problems upon her return in 2011, including a backlog of investigations and outdated policies and training materials. She alerted the Compliance Officer to these problems starting in early 2011 and did so regularly during weekly meetings with him. An additional BSA analyst was hired (BSA Employee #3) to replace BSA Employee #2, but this did not increase the staffing dedicated to BSA because BSA Employee #1's non-BSA responsibilities had increased significantly with BUSA's branch expansion. In fact, by early 2011, BSA Employee #1 was spending 80-90% of her time on systems security. Thus, there was no actual increase in BSA staffing resources.
34. Towards the end of 2010, BUSA finally purchased a new, comprehensive automated monitoring tool from an outside vendor for all BUSA transactions, including MSB remittances. The newly hired BSA Officer was responsible for implementing the system in concert with business and IT personnel. The strain on the BSA department from the backlog of investigations and increased systems security responsibilities, however, left the newly hired BSA Officer performing the day-to-day BSA responsibilities of the BSA analyst, resulting in months-long delays in performance of basic BSA management tasks she was hired to complete, including the implementation of the new BSA transaction monitoring system. As a result, BUSA failed to implement its new transaction monitoring software until after the FDIC issued a Consent Order against BUSA for significant BSA deficiencies in 2012. The monitoring system was never made operational for the review of MSB remittances.
35. While BUSA's Chief Compliance Officer had promised BUSA's BSA Officer prior to her return that systems security responsibilities would be transferred out of the BSA function, senior management actually added a new systems security function to the BSA department in June 2011, placing further strain on the BSA program. BUSA's BSA Officer tried to prevent this because it would negatively impact the performance of BSA responsibilities. She told BUSA's Sr. VP of Operations in a June 20, 2011 email that this function should not be assigned to BSA personnel "based on a corporate directive" resulting from a critical audit finding by Citigroup's internal audit function. BUSA's CEO and Sr. VP of Operations overruled her and said that BUSA's BSA Officer had "no authority to make a change" to his designation of the BSA analyst's responsibilities. When BUSA's BSA Officer expressed to BUSA's Chief Compliance Officer that she was "distress[ed]" with not being able to transfer systems security functions out of BSA, he replied that she should have known "that the direct route seldom gets things done" and that "[g]etting arround [sic] all the BS is my job." Despite the concerns of BUSA's BSA Officer, the BSA department's system security responsibilities did not change.
36. As her complaints and requests for change went unanswered, BUSA's BSA Officer documented the increasing problems in a series of emails to BUSA's Chief Compliance Officer:
a. October 19, 2011: "We are short staffed . . . plus we are way behind on AML cases and Patriot Officer (I do not want us to fail on AML). . . . I am spending lots of my time on Systems Security I cannot concentrate on the pending high level BSA/AML projects."
b. October 25, 2011: "I do not want [BSA Employee #3] to get involve [sic] on Systems Security projects unless I approve. . . . Also, we are way behind on AML and this is priority for now."
c. November 21, 2011: "On a side note, although I understand from time to time we have to manage priorities, including systems security projects, I am very stretched and I am seriously concerned on how behind we are on BSA/AML. We currently have 32 open AML cases, pending 6 SARs to be filed, and a backlog of 42 AML cases involving cash activity of 20 are possible structuring. I have not been able to complete the implementation of Patriot Officer or start on the high-risk customers risk scoring methodology. I also need to develop the annual BSA training material . . . All of these projects are on top of the day-to-day regular operations of my area. As the BSA Officer for the bank I want to do a good job but feel that staff and time being dedicated to BSA does not commensurate with the size and risk profile of the bank to ensure safe operations." (Emphasis added.)
37. Despite BUSA's BSA Officer's repeated concerns and complaints, BUSA's Chief Compliance Officer did not further increase staffing in the bank's BSA department. In turn, the BSA Officer sent additional appeals for assistance to the Chief Compliance officer in in late 2011:
a. December 5, 2011: There is no doubt that I also want to move forward and ensure that all outstanding compliance concerns are resolved but my hands are also tied with staffing contains [sic]. |5| I am going to sound like a broken record but I am busy this week and next week providing BSA training. I have 23 open AML cases plus 6 new SARs to file. . . . I have not been able to move forward with implementation of Patriot Officer due to all the systems security issues. [BSA Employee #3] is the day-to-day system security fires and BSA operations plus a back log of 40 AML cases." (Emphasis added.)
b. December 12, 2011: "Just as an 'FYI', here is an example of systems security requests due to new branch openings . . . [BSA Employee #3] is spending nearly 90% of his time on systems security issues and I have been trying to catch up with BSA/AML stuff and unable to move forward with Patriot Officer implementation. Systems Security takes a lot of our time and . . . there is a lot of pressure from requests received to set up users on some of the other 8 applications that we continue to manage . . . BSA/AML is our main priority but due to staffing constrains and system security admin issues we have had no choice but to put BSA/AML functions on the back burner since early October." (Emphasis added.)
38. After these repeated concerns from BUSA's BSA Officer, BUSA's Chief Compliance Officer sent a request to Citigroup's Global Consumer Compliance Director on December 15, 2011, for approval to hire a temporary employee, which was approved in early 2012. By this point, however, BUSA's BSA Officer concluded that it was impossible for her to do her job given the resources available. She submitted her resignation letter to the Chief Compliance Officer on February 6, 2012, highlighting the concerns regarding systems security responsibilities, among other things:
I left the bank 6 years ago because I did not want to manage systems security. When I was rehired we agreed that I would not have to be involved with systems security. Yet 4 months after my return I was made responsible for managing systems security[.]
39. As a result of BUSA's failures to enhance its transaction monitoring controls and to add appropriate BSA staffing, the bank processed remittance transactions from 2007 to 2012 for which it failed to investigate and report suspicious activity as required by the BSA. The following examples of transactions processed by BUSA include suspicious activity in the time period of BSA failures:
a. Remittance Beneficiary C: From February 16, 2004, through December 17, 2007, Beneficiary C received more than 1,400 individual remittance transactions from more than 950 different senders located in more than 40 different states across the United States. Of those transactions, BUSA's AML monitoring rule produced 24 separate alerts, comprising 1,382 transactions totaling $824,102. BUSA never filed a SAR.
b. Remittance Beneficiary D: From August 1, 2009, through May 13, 2013, Beneficiary D received 241 transactions from 14 different senders located in eight different cities in Texas. Of those transactions, BUSA's monitoring rule produced 20 separate alerts from October 2009 through October 2012, comprising 176 transactions totaling $280,062. BUSA finally filed a SAR in April 2013, after the FDIC's lookback request.
c. Remittance Beneficiary E: From January 21, 2003, through August 3, 2009, Beneficiary E received 172 remittance transactions from more than 130 different senders located in more than 15 different states. Of those transactions, BUSA's monitoring rule produced 14 separate alerts, comprising 128 transactions totaling $311,157. BUSA never filed a SAR.
d. Remittance Originator F: From December 10, 2009, through July 3, 2013, Originator F sent 233 remittance transactions to more than 40 different recipients in more than 30 different states in Mexico. Of those transactions, BUSA's monitoring rule produced 24 alerts between May 2010 and February 2013, comprising 183 transactions totaling $207,842. BUSA finally filed a SAR in April 2013 after the FDIC's lookback request.
BUSA's and Citigroup's Remedial Actions and Compliance Enhancements
40. After BUSA entered into a Consent Order with the FDIC in August 2012, the FDIC required BUSA to conduct a lookback on certain MSB remittances processed between 2011 and 2013. As part of that limited scope review, BUSA filed over 1,400 SARs on MSB remittance transactions.
41. Following the FDIC Consent Order and critical regulatory examinations of BUSA's BSA compliance in 2012, Citigroup and BUSA devoted significant resources to remediation of the BSA/AML deficiencies at BUSA. In addition to outside consultants hired by BUSA, Citigroup provided dozens of employees to assist with BUSA's remediation efforts in addition to outside consultants hired by BUSA. BUSA also undertook a significant de-risking of its business and exited its MSB business entirely by the end of 2013.
42. In July 2015, BUSA agreed to pay a $140 million civil penalty to the FDIC and the CDBO in connection with BSA deficiencies. Citigroup also announced that it would shut down BUSA's operations.
43. In March 2017, the FDIC announced regulatory resolutions with four former BUSA executives relating to BUSA's violations of the BSA: the former Chief Executive Officer was prohibited from further participation in the conduct of the affairs of any financial institution and ordered to pay a civil money penalty of $90,000; the former Sr. Vice President of Operations was prohibited from further participation in the conduct of the affairs of any financial institution; the former Chief Compliance/BSA Officer was prohibited from further participation in the conduct of the affairs of any financial institution and ordered to pay a civil money penalty of $70,000; and the former Executive Vice President of Corporate and International Banking was ordered to pay a civil money penalty of $30,000.
CORPORATE COMPLIANCE REPORTING
Citigroup agrees that it will report to the Office one month prior to the end of the one-year Term regarding remediation and implementation of compliance enhancements and/or requirements imposed by the Federal Reserve in connection with BSA and money laundering compliance, including internal controls, policies, and procedures relating to Citigroup's oversight of BSA and money laundering compliance at its subsidiary financial institutions. Such report should consist of information regarding the status of Citigroup's compliance with the 2013 Consent Order, BSA compliance examinations at Citigroup and its subsidiaries by the Federal Reserve, and the status of any remediation required by the Federal Reserve, subject to permission from the Federal Reserve. The report will likely include proprietary, financial, confidential, and competitive business information. Moreover, public disclosure of the report could discourage cooperation or impede pending or potential government investigations and thus undermine the objectives of the reporting requirement. For these reasons, among others, the report and the contents thereof are intended to remain and shall remain non-public, except as otherwise agreed to by the parties in writing, or except to the extent that the Office determines in its sole discretion that disclosure would be in furtherance of the Office's discharge of its duties and responsibilities or is otherwise required by law.
1. At that time, BUSA was known as California Commerce Bank. In 2006, the bank was re-branded as Citibank (Banamex USA). In 2009, its name was changed again to Banamex USA. Unless specifically quoting a document, all references to the bank in this Statement of Facts will refer to it as BUSA or Banamex USA. [Back]
2. The Citigroup Global Consumer Compliance function provides compliance oversight of multiple Citigroup consumer businesses. Personnel serving in this function were employees of either Citigroup Management Corporation or Citibank, N.A. [Back]
Corruption and Organized Crime
|This document has been published on 18Aug17 by the Equipo Nizkor and Derechos Human Rights. In accordance with Title 17 U.S.C. Section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes.|