Bank Settles Fed Charges on AML Deficiencies
Commentary by Thomas Delaney
A state chartered bank ("Bank") that provides digital asset services and a tokenized instant payments platform settled Federal Reserve Board ("FRB") charges for anti-money laundering compliance deficiencies.
According to the settlement, the Bank agreed to address deficiencies found by the Bank's supervisor, the Federal Reserve Bank of Philadelphia ("PFRB") in recent examinations. In its examination, the PFRB found "significant deficiencies related to the Bank's risk management practices and compliance with ... AML regulations," and uncovered deficiencies in the Bank's "Instant Token service," which allows real-time, blockchain-based, US dollar payments on a platform for crypto clients.
To settle the charges, the Bank agreed to present a detailed plan to strengthen and revise the Bank's (i) board oversight, (ii) risk management practices, (iii) BSA/AML compliance program, (iv) customer due diligence program, (v) suspicious activity monitoring and reporting, (vii) transaction review (including hiring a transaction review consultant to analyze the bank's transaction monitoring activity) and (viii) OFAC compliance and to provide notice of any new or related banking activity.
Commentary
The settlement agreement reflects risks associated with banking as a service, where a bank is in the background of providing transactional rail support to digital service providers that offer a more streamlined experience than would be the case if customers dealt with banks directly.
As the settlement agreement between the Bank and its Fed supervisor makes clear, such arrangements do not reduce the bank service provider's responsibility for performing risk management and AML compliance to the same extent as the bank would be required to do if dealing with the underlying customers directly. This includes having the ability to monitor transactions that may be executed instantaneously and/or with digital (tokenized) currencies.
The procedural upgrades the bank will have to make are extensive and will be expensive. Most notably, the requirement to hire a third party to review transactions that occurred over a six-month period in 2023, could be a pandora's box in that if the review results in the filing a number of late suspicious activity reports, the bank could be subject to further supervisory action. Also, based on the results of the review, the Federal Reserve could expand the look back period. To this point the bank seems to have avoided the assessment of a financial penalty, but the process and costs of meeting the requirements specified in the agreement with the Federal Reserve will be burdensome.