Compliance Blog

Categories: BSA

FinCEN Civil Money Penalty

On January 15, 2021 the Financial Crimes Enforcement Network (FinCEN) announced the assessment of a $390 million civil money penalty against Capital One, National Association (Capital One). The civil money penalty addressed allegations of willful and negligent violations of the Bank Secrecy Act (BSA) and its related regulations.

The civil money penalty resulted from a check cashing group business line for conduct between 2008 and 2014. This business line provided services to check cashers in New York and New Jersey that cashed checks for individuals and businesses. Capital One, in turn, processed checks deposited by the business line’s customers and provided those customers with cash deliveries by armored car.

FinCEN and Capital One consented that the following conduct established violations of the BSA:

  • Between 2009 and 2014 Capital One failed to implement and maintain an effective risk-based anti-money laundering (AML) program to deter money laundering through the check cashing business line;
  • Capital One willfully failed to accurately and timely file suspicious activity reports (SARs); and
  • Capital One negligently failed to timely file currency transaction reports (CTRs).

As noted in the civil money penalty order, “the BSA and its implementing regulations require each financial institution to establish an AML program that includes at a minimum: (a) the development of internal policies, procedures, and controls; (b) designation of a compliance officer; (c) an ongoing employee training program; and (d) an independent audit function to test programs.”

The civil money penalty identified several factors contributing to the conclusion that the AML program was insufficient. For example, the check cashing business line grew out of regional bank acquisitions, and regulators for those institutions had noted that the acquired banks had deficient AML programs.

The civil money penalty also noted that Capital One’s customer due diligence (CDD) processes did not enable it to really understand the nature and purpose of its customer relationships with the check cashing business line’s customers. CDD helps banks identify transactions that are potentially suspicious. In evaluating transactions, Capital One relied on transactional dollar volume and consistency with historical benchmarks to establish whether a transaction seemed reasonable and consistent with the nature and purpose of the customer relationship. The civil money penalty suggests that this reliance was improper, “relying too heavily on . . . comparisons to past activity, without taking additional investigative steps or incorporating additional knowledge about the customers.” We’ll get to the additional knowledge a little later.

Moreover, some of the controls Capital One attempted to implement simply did not work as designed. In 2010, Capital One developed a Large Item Report to analyze checks greater than $9,000 cashed by the check cashing business line’s customers. The report was supposed to help identify potentially suspicious activity. Because of changes with the way transactional data was coded, the report did not work. Several checks cashed by the check cashing business line’s customers that should have been included failed to appear on the report from December 2010. There was another coding change in August 2012, and the change made the Large Item Report completely useless between August 2012 and July 2013.

Capital One’s processes led to a failure to complete a fulsome investigation and report suspicious activity. In investigating transactions that were flagged as potentially suspicious, Capital One’s AML analysts relied on justifications provided by the business line that were often vague or not believable.

With respect to the failure to file SARs as required by the BSA and its implementing regulations, FinCEN placed a lot of emphasis on Capital One’s failure to file SARs even when it knew about criminal indictments or guilty pleas involving the check cashing business line’s customers. The civil money penalty notes that SARs are required for “transactions that involve or aggregate to at least $5,000, are conducted by, at, or through the bank, and that the bank ‘knows, suspects, or has reason to suspect’ are suspicious.” And what is deemed suspicious depends on these factors:

  • The transaction involves funds originating from illegal activities or is designed to mask those types of funds;
  • The transaction attempts to evade BSA reporting or recordkeeping requirements; or
  • The transaction “has no business or apparent lawful purpose or is not the sort in which the customer normally would be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including background and possible purpose of the transaction.”

The civil money penalty noted that Capital One failed to identify potential suspicious activity by the check cashing business line’s customers even though it identified suspicious activity by the check cashers’ customers. But what appeared most distressing to FinCEN was the failure to identify suspicious activity and file SARs involving customers of the check cashing business line even though Capital One knew that some of these customers had pending criminal charges related to money laundering or violations of the BSA.

The CTR violations, on the other hand, relied on less exciting allegations. CTRs are required under the BSA for “each deposit, withdrawal, exchange of currency, other payment or transfer, by, through, or to such financial institution, which involve a transaction in currency of more than $10,000, including multiple transactions that aggregate to more than $10,000.” Under FinCEN’s regulations, CTRs are required be filed within 15 days of the transaction. The failure to file CTRs as required under the BSA and its implementing regulations resulted from the inaccurate coding of armored car cash shipments to its customers, including customers of the check cashing business line.

The civil money penalty assessed by FinCEN is in addition to earlier penalties that were assessed by the Office of the Comptroller of the Currency. Credit unions may find it helpful to review their policies and procedures to see if they align with the expectations set forth in the civil money penalty.

About the Author

David Park, NCCO, Senior Regulatory Compliance Counsel, NAFCU

David joined NAFCU in September 2018.  As part of the Regulatory Compliance Team, he provides daily compliance assistance to member credit unions on a variety of topics. 
Read full bio