The global increase in economic sanctions-related enforcement has put many companies in deeply challenging positions and some of the most recent cases captured the attention of compliance and legal officers worldwide. One of the more significant enforcement actions, albeit relatively low in monetary value, was the personal $1 million fine against the former Chief Compliance Officer of MoneyGram International Inc. In 2014 – the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) argued that the CCO was at fault for not ensuring that MoneyGram followed anti-money laundering laws, which resulted in significant money laundering activity.
Global trends indicate that penalties, fines and other enforcement mechanisms are increasingly draconian. Furthermore when combined with internal and external legal and advisory costs, as well as other costs stemming from Deferred Prosecution Agreements (such as independently appointed compliance monitors), the aggregate cost increases even more. In one such example, the 2014 BNP Paribas S.A. (BNPP) case included a total monetary penalty of $8.97 billion due to violations of US sanctions – which included processing over $30 billion dollars through the US financial system on behalf of Iranian, Sudanese and Cuban entities.
Another case of significant importance was the HSBC Holdings PLC and HSBC Bank USA (together – HSBC) in 2012. The enforcement action included a record number of government agencies, and yielded the highest settlement to date – $1.9 billion. The matter of the case was widespread and included violations of sanctions as well as AML laws. This resulted in $1.256 billion forfeiture and numerous civil penalties totalling $665 million.
It is also important to understand the significance of the Standard Chartered (SC) cases of 2012 and 2014. In 2012, SC settled with the NYDFS for sanctions violations by processing transactions on behalf of entities under US sanctions. The settlement included a $340 million penalty, as well as a deferred prosecution agreement which imposed external compliance monitors. However, unlike most monitorships, the NYDFS mandate in this case included specific investigative requirements. As a result, SC was found by the monitor to have violated AML compliance issues and NYDFS imposed an additional $300 million penalty in 2014. Further, initial enforcement action in late 2012 was taken against SC by the US DoJ which resulted in a DPA and a $227 million forfeiture. The significance of this case lies in the fact that NYDFS acted first and alone, while other regulators were still considering the case.
Another significant development has been the cooperative enforcement efforts between multiple regulators and prosecutors. This is particularly noteworthy as these violations are frequently by their very nature cross border. Increasingly, more agencies and more divisions of agencies get involved in enforcement actions by attempting to establish liability for double or even triple violations – for example, AML and sanctions or sanctions and the Foreign Corrupt Practices Act or Bribery Act violations. This trend is proving itself to be an easy enforcement option, for example, when a financial institution carries out transactions that are covered by the sanctions, those institutions take steps to hide and/or legitimise such transactions.
The same holds true for sanctions and FCPA – if a bribe is paid by an organisation that is within the FCPA jurisdiction to an official of a government that is under sanctions, the organisation improperly records the payment and therefore violates the books and records provision of the FCPA. Such double-violations in turn attract more enforcement agencies – as seen in the HSBC case, it involved a record number of government agencies. This is a particularly significant development because it also increases the costs of non-compliance.
The cost of non-compliance is growing steadily as regulatory enforcers are imposing increasingly higher fines and penalties. The follow-on legal costs, DPA limitations and reputational damage can often be several times more damaging than the initial fines and penalties. Individual prosecutions are also on the increase. It is therefore crucial for global companies to implement targeted compliance programs – including risk management strategies, training, monitoring structures and procedures, top-down culture, whistleblowing lines and trained personnel.
In conclusion, global regulatory enforcement is continuously growing and becoming much more rigorous – and, therefore, so should the investment in companies’ compliance efforts. However, it is vital to remember that one size does not fit all – measures have to be tailored to the risks of the company. And that’s not anywhere as simple and straightforward as it might sound.
About Forensic Risk Alliance
Forensic Risk Alliance (FRA) is an international consultancy specialising in anti-corruption compliance testing, forensic accountancy, and supporting clients facing regulatory investigations and cross-border, multi- jurisdictional litigation. FRA provides multi-jurisdictional expertise in financial and electronic forensics to analyse and help companies manage risks in an increasingly regulated global business climate. www.forensicrisk.com