Bank’s Alleged “Tick Box” Approach Failed to Attain Substantive AML Compliance
Late last week, the Financial Conduct Authority (“FCA”), the United Kingdom’s financial services regulator, imposed a $1.2 million (896,100 pound) fine on the UK division of India’s Canara Bank, an Indian state-owned bank, and ordered a moratorium on new deposits for nearly five months. The cause—according to Reuters—was Canara’s systemic anti-money laundering (“AML”) failures.
A 44-page final notice published by the FCA explains the multi-year regulatory process that led to a finding of systemic failures and the imposition of penalties. The FCA’s investigation began in late 2012 and early 2013 with assessments of Canara’s AML systems. Upon inspection, the FCA “notified Canara of a number of serious weaknesses in its AML systems and controls.” After promises of remedial action by Canara, an April 2015 visit revealed that the AML systems had not been fixed. The investigation ended with a final report from a “skilled person,” an expert brought in by the FCA to assess Canara’s AML policies and procedures, completed in January 2016. Settlement followed, resulting in sanctions and the FCA’s published final notice.
These three visits from the FCA generated a laundry list of Canara’s AML shortcomings. This enforcement action reflects three main take-aways: (i) the potential risks faced by banks operating in foreign countries in which they have limited AML experience; (ii) the need for swift remedial action after the first examination finding AML deficiencies; and (iii) the need for a substantive AML policy implemented in a substantive way, rather than through a rote reliance on AML-related checklists.