On 9 April 2019, the London based global financial institution, Standard Chartered (the ‘Bank’) agreed with the UK and US regulators to pay a combined USD1.1 billion fine for failings in its Anti-Money Laundering (AML) controls and for violations of its obligations under the US sanctions regime. This amount corresponds to separate settlement arrangements of the Bank with the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), the US Department of Justice (DOJ), the New York Department of Financial Services (NYDFS), the New York County District Attorney’s Office, the Board of Governors of the Federal Reserve System and the UK Financial Conduct Authority (FCA).
US sanctions regime
The Bank reached a USD639 million settlement agreement with the OFAC for alleged violations of US economic sanctions in relation to Burma, Cuba, Iran, Sudan, and Syria. The apparent violations relate to 9,335 transactions, totaling USD437,553,380, that the Bank processed through the US in the period from June 2009 to May 2014. The majority of the issues occurred with regards to Iran-related accounts held with the Bank’s United Arab Emirates (UAE) branches in Dubai. The Dubai branches received instructions from persons located in or having a connection with Iran and processed these transactions through the Bank ‘s branch in New York or other US financial institutions. Separately, the Bank agreed to pay USD18,016,283 for apparent violations of the US sanctions in connection with Zimbabwe. According to OFAC, the Bank’s branch in Zimbabwe processed transactions involving Zimbabwe-related Specially Designated Nationals through the US.
In addition, the Federal Reserve Board issued a USD164 million fine against the Bank for “unsafe and unsound practices relating to inadequate sanctions controls and failure to disclose sanctions risks to the Federal Reserve.” The Bank was also ordered to improve its compliance programme and take measures to mitigate the risks associated with its subsidiaries and branches. Further, the Bank must enhance its management oversight and put in place a sustainable corporate governance framework.
Moreover, the US DOJ announced that the Bank had agreed to pay a fine for criminal conduct that took place from 2007 to 2011 and in particular “for conspiring to violate the International Emergency Economic Powers Act (IEEPA).” The Bank also admitted having violated New York State law, including by falsifying the records of New York financial institutions. At the same time, a former employee of the Dubai branch of the Bank pleaded guilty to conspiring to defraud the US and to violate IEEPA.
The FCA fine
The Bank also agreed with the FCA to pay GBP102,163,200 for AML failings. This is the second-largest fine ever imposed by the FCA for AML-related breaches. According to the relevant FCA Decision Notice, the key high-risk areas for the Bank involved the UK wholesale bank correspondent banking business as well as the Bank’s branches in the UAE. The FCA found “serious and sustained shortcomings” in the Bank’s AML controls, particularly with regards to customer due diligence and ongoing monitoring. More specifically, the Bank failed to establish and maintain risk-sensitive policies in accordance with its obligations under the Money Laundering Regulations 2007 (MLRs). Moreover, significant failures occurred in relation to the Bank UAE branches, despite its duty to ensure that global branches and subsidiaries apply controls equivalent to the UK regime.
One illustrative example of misconduct is the Bank allowing an individual to open an account with AED3 million (just over GBP500,000) in cash held in a suitcase, without sufficiently investigating the origin of the funds. Another incident involved the relevant branch not requesting adequate information on a customer exporting a commercial product to multiple jurisdictions, including where armed conflict was taking place, even though the product could have a potential military application. In another case, the Bank did not review due diligence on a client, ignoring repeated red flags, including a blocked transaction from another bank indicating a connection to a sanctioned entity.
According to Mark Steward, the Bank’s remediation work and its cooperation during the FCA investigation were also taken into account. Otherwise, the “financial penalty would have been even higher.” It is noted that the Bank was offered a 30% discount from the FCA for settling at an early stage, otherwise the UK penalty would have amounted to GBP145,947,500.
The Bank’s fine is a good example of cross-border coordination between supervisors in relation to AML and sanctions breaches. Firms in general should expect heightened awareness of regulators in this area. Therefore, they should ensure that they have in place sufficiently risk sensitive policies and procedures to identify, mitigate and address the relevant risks. Importantly, firms need to be able to demonstrate adequate management oversight and a robust corporate governance framework in this respect. They also need to ensure that their staff are properly trained to understand the relevant risks and to report potential breaches.