Our guest blogger is a Certified Compliance & Ethics Professional (CCEP)®.
Increased scrutiny for Chief Compliance Officers
Compliance officers are facing increasing scrutiny from a variety of regulatory agencies. The Department of Justice and the Securities Exchange Commission have announced their intention to hold companies accountable through the individuals involved. As a result, many in the compliance industry have stated that the personal risk involved in being a chief compliance officer is becoming deeply concerning. Such concerns are not unfounded, but people in compliance must also recognize that they hold a unique position of trust, requiring a higher level of responsibility to ensure that risks are recognized and effectively mitigated and that regulations are closely followed.
First individual Chief Compliance Officer held accountable by FinCEN
Earlier this month, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) settled its first suit ever filed against an individual compliance officer in the financial industry. Thomas Haider, the former Chief Compliance Officer for MoneyGram International, Inc., agreed to a three-year injunction barring him from performing compliance functions for any money transmitter. In addition, Haider will pay a $250,000 penalty.
What did Haider do to become the first financial compliance officer to be assessed a civil monetary penalty? After all, FinCEN had already entered into a deferred prosecution agreement with MoneyGram in 2012, under which MoneyGram forfeited $100 million and agreed to an independent compliance monitor. In addition, MoneyGram had settled consumer fraud claims with the FTC in 2009 by paying an $18 million penalty.
Willfully blind or reckless?
FinCEN’s announcement of the assessment of a $ 1 million civil penalty against Haider in December 2014 stated that he not only willfully violated the requirement to implement and maintain an effective anti-money laundering (“AML”) program, but he also willfully violated the requirement to report suspicious activity under the federal Bank Secrecy Act (“BSA”). Under the BSA, the government does not have to prove knowledge, improper motive or bad purpose to establish that an individual acted willfully. Rather, it is only necessary to demonstrate reckless disregard or willful blindness.
In Haider’s case, he was the chief compliance officer from 2003 through May 23, 2008, and had authority over both the fraud and the AML compliance departments. During this period, despite having been told by MoneyGram’s Fraud Department, as well as outside counsel and consultants of the need to implement certain policies and procedures due to high risks of possible fraud and money laundering activities, Haider failed to:
- Implement a discipline policy;
- Terminate high risk agents;
- File timely suspicious activity reports (“SARs”);
- Conduct effective audits; and
- Conduct adequate due diligence.
Considering that under the BSA an individual can be assessed $25,000 for each day for lacking an effective AML program as well as $25,000 a day (up to $100,000) for each failure to file a company SAR, it appears that Haider may have gotten a pretty good deal. FinCEN stated that from approximately January 2004 through May 2008, over 30,000 consumer fraud reports were filed, totaling close to $60 million in losses. Yet, FinCEN determined, Haider “siloed” MoneyGram’s fraud department from the analysts who were responsible for filing the SARs, effectively negating any chance of proper action – despite multiple guidance sources reiterating the importance of sharing information between departments.
Great power, great responsibility
Bottom line is that those who are given the authority or power must follow through to ensure that policies, procedures and controls are in place, as well as ongoing employee training and independent audits, in order to test whether the compliance program functions commensurate with the risks of the organization.
Ben Parker’s line from the Spiderman movie is appropriate here: “With great power comes great responsibility.” Acting FinCEN director Jamal El-Hindi summed up the responsibility of those in the compliance field: “Compliance professionals occupy unique positions of trust . . . when that trust is broken, it is important that we take action so that reputations of thousands of talented compliance officers are not diminished by any one individual’s outlying egregious actions.”