Earlier this year, New York’s Department of Financial Services (“DFS”), the State’s banking and insurance regulator, announced that it was increasing and strengthening its enforcement efforts aimed at financial institutions’ anti-money laundering (“AML”) and Bank Secrecy Act (“BSA”) compliance deficiencies. The latest installment in the DFS’s crackdown on financial institutions came on November 5th, when the DFS and the Federal Reserve Bank of New York (the “New York Fed”) entered into an agreement with The Bank of Nova Scotia and its New York agency (collectively, the “Bank”), obligating the Bank to submit revised compliance programs for several key areas, including BSA/AML, Customer Due Diligence, and Suspicious Activity Monitoring and Reporting. Once the programs are approved, the Bank must implement and follow them.
The agreement specifies key elements of adequate compliance programs for each of the areas that the Bank must address – standard fare for provisions like these, frequently found in Deferred Prosecution Agreements or Non-Prosecution Agreements for financial institutions with compliance issues. However, the agreement also contains an interesting provision requiring the Bank to review wire transfer activity at the Bank’s New York agency from July 1, 2014 through December 31, 2014 “to determine whether suspicious activity involving high risk customers and transfers at, by, or through the Agency was property identified and reported in accordance with applicable suspicious activity reporting regulations . . . and to prepare a written report detailing the findings.” Before the Bank undertakes this review, the DFS and New York Fed must approve the review’s methodology, scope, and “the expertise and resources to be dedicated” to it.
The agreement does not specify what penalty the Bank will face if it does not comply with the agreement’s provisions or if its revised compliance programs fail to include the required key provisions listed in the agreement. Importantly, although the agreement strongly suggests that the Bank currently has numerous compliance deficiencies, no financial penalty is imposed. This potentially is unsurprising because final authority to assess civil penalties for BSA violations rests with the Secretary of the Treasury and has been delegated to the Financial Crimes Enforcement Network (“FinCEN”). See 31 U.S.C. § 5321; 31 C.F.R. § 1010.810. By its own terms, the agreement does not prevent any federal or state agency from “taking any further or other action affecting the Bank.” Therefore, it remains an open question whether FinCEN also will turn its attention to the Bank and its potential BSA/AML deficiencies.