ICBC New York Branch Faces $32M Penalty Over AML and Sanctions Violations

In a significant move, the New York State Department of Financial Services (NYDFS) and the Federal Reserve jointly announced a hefty $32 million penalty and consent order against ICBC, New York branch, directly tied to Anti-Money Laundering (AML) and sanctions-related lapses. ICBC, a global banking giant boasting $5.7 trillion in assets, sees its New York branch, with $22 billion in assets, grappling with the aftermath of a 2018 cease and desist order. The recent penalty underscores persistent deficiencies in the New York Branch's BSA/AML (Bank Secrecy Act/Anti-Money Laundering) and OFAC (Office of Foreign Assets Control) compliance programs over multiple examination cycles.

Highlighting broader concerns, the NYDFS has flagged two additional non-AML issues tied to violations of New York banking laws, urging a closer look for banks operating in the state or those designated as Foreign Banking Organizations (FBOs).

The NYDFS has articulated consistent themes through this enforcement action, emphasizing crucial aspects for financial institutions:

1. Autonomy for AML Officers: The NYDFS insists on full autonomy for AML officers, recognizing their pivotal role. The directive emphasizes the importance of empowering AML officers without any illusions of authority.

2. Adequate Staffing and Resources: The ongoing discussion around staffing and resources continues, with the NYDFS underscoring its direct correlation to effectiveness in compliance efforts.

3. MIS Systems Configuration: The emphasis on configuring Management Information Systems (MIS) to detect illicit activities rather than aligning them with staff convenience or preference.

4. Timely and Full-Scope Auditing: The call for timely and comprehensive auditing and testing as a crucial component of a robust compliance framework.

5. Effective Training: Beyond generic online courses, the NYDFS stresses the need for tailored training programs aligned with a bank's specific processes, threats, and vulnerabilities.

6. Comprehensive Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD): The directive extends beyond customers to encompass affiliates, especially in the realm of foreign correspondent banking, emphasizing the need for comprehensive risk coverage.

7. Customer Risk Rating Program: The NYDFS underscores the importance of an all-encompassing approach to customer risk rating, ensuring accuracy, completeness, and documented rationale for adjustments. This includes not relying solely on AML systems to flag high-risk customers.

For community banks, a key takeaway is the reminder not to blindly accept every high-risk customer flagged by the system. Ownership of the High-Risk Customer (HRC) list is emphasized, urging banks to ensure their written programs support a nuanced and thoughtful approach to customer risk assessment.

By fLEXI tEAM