A Strong Culture Yields Strong Compliance

2016 has been a trying year for financial institutions. Record Consumer Financial Protection Bureau (CFPB) penalties were levied and well-known financial institutions found themselves on the front page of news publications because of widespread compliance violations. In the wake of these highly-publicized compliance breaches, business analysts opined on the possible root causes of these events. Often the answer was a simple one: company culture.

Company culture is a unique set of internal norms, values, beliefs and behaviors that characterize the spirit of a firm. From the outside, one might describe the culture as entrepreneurial, hierarchical, collaborative or top-down, to name a few. Whatever the label, culture plays an essential role in effective or ineffective compliance.

Healthy company cultures have high levels of engagement, commitment, productivity, innovation--and good compliance. Unhealthy company cultures do not. There have been some compliance success stories in 2016 and culture played an important part, especially given the aggressive regulatory landscape. Doing the right thing because it is good business ensures that compliance becomes part of a company’s culture, making it stronger. Without a strong compliance culture, compliance becomes merely ‘check the box.’

By: Sheryl Smikle Ph.D

A Win for the Foreign Corrupt Practices Act: J.P Morgan's Latest Settlement

J.P. Morgan Chase and its Hong Kong affiliate have agreed to pay a total of more than $200 million in fines to the U.S government to settle charges of nepotism related to its hiring practices in Asia.

Since at least 2006, J.P. Morgan had been allegedly hiring people in China who have personal ties to influential government officials, legislators and, business moguls in hopes of securing favor with the country’s leaders and decision makers. Under the 1977 U.S. Foreign Corrupt Practices Act, companies are prohibited from paying bribes to Foreign countries, but the practice had become so common at J.P. Morgan over the past decade that the bank even had a formalized internal program called “Sons and Daughters” to help keep track of any employees referred to J.P. Morgan by clients, and how often these referred hires would lead to business deals after hire.

In many cases, those hired through the “Sons and Daughters” program were unqualified for the positions that they received, and although some were given prestigious titles, they were often tasked with light clerical duties such as photocopying and proofreading.

This settlement is considered to be one of the first big wins for the Foreign Corrupt Practices Act of 1977. U.S. officials are also said to be investigating the hiring practices of several other large banks that do business in Asia, including Citigroup, Goldman Sachs, Deutsche Bank and UBS.

By:Christine Belusko

The CFPB: More Than a Super Regulator

Two years after the ‘Great Recession,” sweeping banking and consumer reforms were ushered in with the passage of The Dodd-Frank Act. One result of this unprecedented legislation was the creation of a consumer watchdog: The Consumer Financial Protection Bureau (CFPB). The CFPB is charged with protecting the rights of consumers in the marketplace. Their charge is to ensure the marketplace remains fair, transparent and competitive.

The CFPB regulates large and small banks, credit unions and non-bank financial institutions, such as payday lenders and private mortgage brokers, which were previously unregulated. When there is an egregious violation of consumer law, the CFPB can issue consent orders and levy significant monetary penalties. Often, such fines are in the millions. By statutory design, the CFPB has broad regulatory oversight, authority, and enforcement power. However, Dodd-Frank empowered the CFPB to engage in activities beyond enforcement. Below is a list of non-enforcement CFPB tasks:

• Creating financial tools for consumers
• Educating consumers from cradle to grave
• Providing answers to consumer inquiries
• Logging consumer complaints
• Educating financial institutions about their consumer responsibilities
• Publishing consumer behavior research
• Monitoring the marketplace for new consumer risks

The CFPB is uniquely positioned to use the proverbial ‘carrot and the stick’ to protect consumers, preserve the integrity of the marketplace and ensure accountability across the financial services industry.

By: sheryl Smikle PhD

The Importance of SARs,CTRs, and Other Due Dilligence Measures

Following the ‘paper trail’ is a widely-held mantra in compliance, especially financial crime compliance. Post-9/11, effective compliance means relying increasingly upon monitoring and reporting. The passage of the USA PATRIOT Act in 2002 elevated the importance of compliance reporting, especially suspicious activity reports (SARs). Given that compliance is designed to prevent and detect potential breaches, suspicious activity reporting becomes an important tool in this effort. Filing of SARs provides data to financial institutions and law enforcement that is integral to identifying patterns of potential criminal behavior or facilitating investigations into possible wrongdoing.

To complete a SAR, data must be recorded not only about the transaction but also about the person attempting or completing the transaction. Even incomplete transactions can be reported as suspicious. A simple example would be a person who intends to purchase a monetary instrument at the local bank, such as a money order, but cancels the transaction after learning the denomination requested will require completing a currency transaction report (CTR). A reasonable interpretation of this behavior would be that the purchaser is attempting to avoid the reporting requirement. Thus, this may be viewed as a red flag and a SAR may be filed after further review. By contrast, if this transaction is completed and the purchaser balks at the need to provide documentation, an employee may reasonably conclude the purchaser’s reaction is suspicious. In this case, not only is a CTR required, but a SAR may also be necessary, given the purchaser’s reticence. In both simplistic examples, the key concept is how the transaction is perceived at the point of sale. What is ‘suspicious’ is, at times, a judgment call grounded in one’s experience and knowledge. As such, we may not always get it right.

Nevertheless, effective compliance rests upon ‘good faith efforts’ and ‘due diligence.’ To underscore the importance of employee vigilance during cash transactions, financial institutions and their employees are not legally liable for filing SARs. This federal protection is called safe harbor. Submission of SARS or any other compliance or fraud report is protected under safe harbor, as described in federal law 31 USC 5318 (g) (c). This protection encourages the flow of suspicious transaction data between financial institutions and law enforcement agencies, while protecting the sources of such information.

By: Sheryl Smikle, PhD

Sources

https://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_015.htm

https://www.fdic.gov/news/news/inactivefinancial/1998/fil9836b.html

https://www.fincen.gov/sites/default/files/advisory/advissu5.pdf

https://www.fincen.gov/sites/default/files/shared/f902256b.pdf