The Office of the Comptroller of Currency (“OCC”) issued an extraordinary announcement regarding the decision of a former bank general counsel – Daniel Weiss, formerly employed by Rabobank, N.A. – to enter into a Consent Order in which Mr. Weiss agreed to be barred from the banking industry and pay a $50,000 fine. The Consent Order is relatively generic; the Notice of Charges issued by the OCC which lead up to the Consent Order is the more interesting document.
The Notice of Charges, in part, alleges that a former Chief Compliance Officer (“COO”) of the bank, shortly after coming to the bank in July 2012, identified “serious deficiencies in the Bank’s BSA/AML program and communciated her findings to Bank Management.” Management disagreed. Shortly thereafter, the OCC began an examination of the bank’s BSA/AML compliance program. In December 2012, and partly in reponse to concerns raised by the COO, the bank contracted with an audit firm to provide “an independent, written assessment of the Bank’s BSA/AML compliance program[.]” Allegedly, the findings of the audit firm corroborated the findings of the COO that the program was deficient in several signficant ways. Later, the COO turned into a whistleblower and gave the audit firm’s report to the OCC, which responded by resuming its 2012 examination of the bank’s BSA/AML compliance program.
Long story short, according to the Notice of Charges, the bank responded to an OCC letter regarding potential BSA/AML deficiencies as follows:
The Bank’s response did not disclose the existence of the [audit firm’s report], or acknowledge its findings, which corrobarated the OCC’s examination findings. Instead, the Bank’s response, drafted by [Weiss and another individual], disputed the OCC’s preliminary conclusion regarding the Bank’s BSA/AML compliance program.
To be clear, subsequent allegations by the Notice of Charges allege additional obfuscation by the bank in communications with the OCC regarding the nature and the details of the audit firm’s report. But the theme of the Notice of Charges is that the OCC continually sought from the bank the audit firm’s report, and Weiss instead “knowingly and willfully participated in the making of materially false statements regarding the Bank’s possession of the [audit firm] Report to the OCC continuously and repeatedly throughout March of 2013 until April 18, 2013.” This claim is the heart of the enforcement case against Weiss.
This is a significant development in the ongoing issue regarding the liability of individuals for alleged AML failures – particularly given the fact that Mr. Weiss was not “just” a compliance officer, but was the general counsel of a major financial institution.
It is perhaps slightly unnerving that the government would focus its case on the alleged failure to turn over a report by a third-party hired to enhance compliance. In theory, that general enforcement approach, if taken to extremes, could have real consequences for financial institutions and the consulting and legal service providers in their orbit. That approach also could have perverse compliance consequences. Some institutions could conclude that it is “too risky” to hire a third-party – whether it be a consulting, advisory or legal firm – because the findings, however helpful, could form a roadmap for a future enforcement action. Such an inconvenient report would be in the file, and therefore could be subject to potential requests by regulators – thereby creating a “Catch 22” scenario for the institution. Lest one be too cynical, and conclude that this is only a problem for financial institutions that don’t want to confront real problems, it also must be noted that some advisors stay in business by finding serious problems everywhere. However, and on a more practical level, Rabobank had serious problems in this specific case, which resulted in a criminal charge and a significant penalty of $360 million. As always, concerns regarding the potential spread of an overly broad theory must be considered in light of its real-world application and limitations.