The Drugstore Cowboy and Compliance

One does not have to look very far in the business world to come across the phrase “Know Your Customer.” A company certainly needs to know if an entity that it may sell products or provide services to will pay for those items. Running a Dun & Bradstreet credit check is routinely performed to ascertain if a counter-party is a good credit risk. But how much more should a company do in regards to its customers? Clearly banks, other financial institutions and even casinos need to assess a customer from the perspective of anti-money laundering (AML). Is there a reason grounded in the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act that would suggest that customers should go through background scrutiny from the anti-bribery/anti-corruption compliance perspective?

I thought about internal controls regarding due diligence requirements on customers, effective compliance programs and third party validation of credentials when reading an article in June issue of Wired Magazine, entitled “Drugstore Cowboy”, by Jake Pearson. I found this article to be a very cautionary tale for those companies which need to consider just whom they are doing business with or for. The story involved an undercover sting operation by the US government against Google. The operation involved a convicted felon, one David Whitaker, who convinced law enforcement authorities that Google had assisted him, in violation of its own internal protocols and US laws, to sell illegal “black market steroids and human growth hormones” online. Whitaker told federal officials that “Google employees had actively helped him advertise his business, even though he made no attempt to hide its illegal nature.” Based upon his experience, Whitaker believed that Google must be “helping other rogue Internet pharmacies too.”

On paper, it appeared from the article that Google has a systems designed to ferret out sites which used words or had other indicia that they were selling illegal drugs. There was an initial screening by a Google sales representative. There was an automated program which searched for key words that might indicate illegal drugs were being sold. There was a review of the website itself to see of other factors were present which might show that illegal products were being sold. Finally, Google used a third party verification service, to attest that any site selling pharmaceutical products was properly licensed.

Based upon his experiences, the government set Whitaker up with an alias, fake company, bank account and phone lines and then monitored and watched him to see if his claims were true. He was told to see if Google would actively assist him to sell advertising for a non-existent company called “SportsDrugs.net, a website that sold HGH and steroids from Mexico, with no doctor’s prescription.” The plan that Whitaker used was straightforward.

1. Establish a fake identity. Whitaker made cold calls to representatives of Google to get set up as an account in the company’s system.
2. Submit the site. The feds designed the sting operation so that it would be obvious the false company was selling illegal drugs. So it offered HGH and steroids, had pictures of the drugs and even had a ‘Buy Now’ button to make clear that no doctor’s prescription was required. The Google sales representative passed the fake sales site along for “policy review, an automated process that Google uses to vet all advertisers.”
3. Scrub the site. After the fake sales company was initially rejected by the policy review process, a Google representative agreed to help “tweak it” so that it would pass through the Google approval process. The Google sales representative advised Whitaker to rename the site, remove the pictures of the illegal drugs and delete the ‘Buy Now’ button from the site.
4. Rework the site. After the suggested changes were made by Whitaker, his fake site was approved by Google. Thereafter the items which had been removed from the website, including both the photos of illegal drugs and ‘Buy Now’ button were added back into the site, all with the assistance of the Google sale representative.
5. Raise the stakes. In this phase, the undercover sting operation widened. After their initial success with SportsDrugs.net; the feds created other fake websites for Whitaker, all of which purported to sell illegal drugs. The other sites included one selling “RU-486, better known as the abortion pill, which is normally taken under close supervision of a doctor.”  Another site sold the psychotropic drugs Xanax and Valium, both without any need of a doctor’s prescription. In a final example the feds created a ‘Trojan Horse’ site; in which a pharmacy site that held a valid license also had sales for “three clearly disreputable online pharmacies.”

The chilling thing I found in this article was it reported that in each one of the false scenarios, Whitaker was reported to have explained to the Google representative the true nature and purpose of the site. All of the information that Whitaker conveyed made clear that these sites were designed to sell drugs which are illegal in the US, without a doctor’s prescription. In just over the span of three months, the undercover operation spent over $200,000 with Google.

Google ended up settling with the US government for a fine of $500 million. Although Pearson did not quote the US Assistant District Attorney, who headed the investigation and enforcement action, Peter Neronha, was quoted as telling the Wall Street Journal (WSJ) the “culpability went far higher than the sales reps that Whitaker worked with. Indeed, he said, some of the company’s most powerful executives were aware that illegal pharmacies were advertising on the site.” Google itself would not comment for the Pearson article.

From the account in the Pearson piece it would appear that Google had a system in place to check and make sure that it was not advertising sites which sold illegal drugs but that system, both human and automated, was worked around. For the anti-corruption compliance practitioner, I think that there are several key lessons which can be learned from this tale.

Train, Train, Train. If you sell services, which can be used to facilitate illegal conduct, you need to train your sales force to watch out for signs of that illegal activity. The initial Google sales representative who was contacted by Whitaker should have been the first line of prevention to stop the issue before it came up for the company.

Monitor, Monitor, Monitor. There should be several types of monitoring. If a business name comes through your system and it is rejected, there should be a monitoring mechanism in place to note if it reappears later or is approved through some other means, as was done in this situation. Similarly, if the name of a business owner comes up in connection with another company, there needs to a mechanism in place to perform a cross check. The sales representatives should also be monitored to determine if they are manipulating the system.

Incentives, Incentives, Incentives. While not discussed in the Pearson article, what do you want to bet that the Google sales representatives were compensated, at least in part, with a commission based upon the number of GoogleAds that they sold? If your compensation structure or other incentive structure rewards people who use shortcuts, then there will always be employees who take them.

Audit, Audit, Audit. Remember the part of the story about how the Google sales representative would advise Whitaker how to scrub his website of key words, search terms and other information which would indicate that it was selling illegal pharmaceuticals only to reinsert those on the site after the scrubbed site had been approved? You need to audit to determine if any illegal conduct has begun after the contract is signed. And if you do not have audit rights, you have a very slim chance of actually performing an audit.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Marine Transportation and Anti-Money Laundering

My recent article on the marine transportation industry and the Foreign Corrupt Practices Act (FCPA) generated some discussion ranging wider than simply the port agent issue regarding interaction with foreign government officials. One of the discussion points was how and where a company should pay the crew. One of the sacrosanct rules that I learned while working at Halliburton was that payments to any third parties had to be made to either (1) the location where the services were delivered or (2) the location where the third party was domiciled. It was called ‘Offshore Payments’ and the legal department was charged with making sure that all contracts specified payments to be delivered into one of the aforementioned locations. The rule was designed to comply with Anti-Money Laundering (AML) rules and regulations. This concept also appears in the FCPA as a red flag if a third party desires to be paid outside either of the locations stated because a corrupt entity or person could use funds already in the banking or financial system to disguise any movement that might reveal the corrupt action, such as a bribe to a foreign governmental official.

Obviously you cannot pay a ship’s crew in the location where the services are delivered if those services are delivered at sea. So that would seem to leave jurisdiction where a crew member is domiciled. But in addition to the home domicile there are other AML issues such as the bank to which the payments are wired into from the US.. The Financial Action Task Force (FATF) Recommendations on the International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation set out several in its White Paper released last year. These included due diligence on payees to determine politically exposed persons and specially designed individuals, record keeping, controls regarding payee banks and financial institutions and reporting of suspicious transactions, among others. In others words, there are many concerns about paying third parties; even those third parties a company might not normally consider in their own compliance regime.

Based upon these conversations, I thought a deeper look into AML issues was warranted. Fortunately Carol Switzer, President of the Open Compliance and Ethics Group (OCEG) just penned another piece in her series in Compliance Week on compliance related issues. This month Switzer has taken a look at AML issues in an article entitled “The Complex Mechanics of Money Laundering” and compended with the article is another of OCEG/Compliance Week, GRC Illustrated Series, where in an illustrated manner, they review how to build an effective AML program.

Switzer explains that there are several laws which deal with AML compliance. They include “the Intelligence Reform & Terrorism Prevention Act of 2004, which amended the BSA; the Money Laundering and Financial Crimes Strategy Act; and the Money Laundering Suppression Act).” There are numerous regulatory and enforcement agencies with domestic AML oversight. They include “the U.S. Department of the Treasury and its Financial Crimes Enforcement Network (FinCEN), to the Security and Exchange Commission to the Dodd-Frank Act’s Consumer Financial Protection Bureau (CFPB) to the New York Stock Exchange, IRS, FBI, and a number of federal banking regulators.”

In the illustrated section following Switzer’s article, it sets out three basic steps which are (1) Define the Risk; (2) Quantify the Risk; and (3) Manage the Risk.

I.                   Define the Risk

It all begins with a comprehensive organizational analysis so that you can understand how much exposure your organization has and where it originates. A company should keep track of the places it does business and how it does business, either directly or through third parties. A company should determine where threats are hiding in its operations and to identify any specific AML issues posed by a particular products or service line. A company should also understand the enhanced risks posed by any specific geographic markets and then identify the risks inherent in different customer types.

II.                Quantify the Risks

Under this prong, a company should determine the quantitative impact of defined risks, both from a customer and asset perspective, while understanding how operating locations may affect these identified risks. Next a business should profile and risk rate customers and assets based on risk attributes including customer geography, business structure, sources of funds, business type, products and services utilized and other factors. From these factors a company should then formulate a comprehensive business risk assessment.

III.             Manage the Risk

Based on steps one and two a company should then implement an AML program consisting of people, processes, and controls proportional to the quantified risks which can ensure compliance, visibility, and protection. This Step III has four subparts.

1. Design: A company should define its internal roles and responsibilities. There should be designated risk categories which will inform the appropriate level of due diligence. A company should build and implement both suspicious activity controls and transaction monitoring.
2. Implement: This step involves the establishment of policies and procedures and training of employees and relevant third parties there. To the extent possible OCEG recommends using technology to monitor, review, escalate, and report suspicious activities using a risk-based and practical approach. Lastly, they recommend that companies should exchange knowledge with industry peers and experts.
3. Test and Analyze: A company should regularly test its controls and monitor personnel and third parties. A company should evaluate the data that it receives. Finally, as with all compliance regimes, there should be a confidential reporting mechanism to report suspicious activities or other violations.
4. Report: A company should report suspicious activity and any AML controls system weaknesses should be scheduled for analysis. A company should also document and file any suspicious activity for both its own internal use and regulatory reporting requirements.

A company must continually capture and update its understanding of threats and system weaknesses to influence continued evolution of an effective AML program. This should be coupled with the continuous evolution of your AML program because the nature of money laundering is ever-evolving as criminals construct new and “improved” methods to hide the proceeds of crime and funds for financing criminal action, making it ever more difficult to monitor and stop.

So how about the payment issue in marine transport industry and the ship’s crew? Most US companies no longer own and crew the ships they use to transport product or cargo and will typically use a charter party. The charterer gives orders for the employment of the vessel and payment of the crew. If your company is in such a position I would suggest that it make the following inquiries of your charter party. 1) Does the charter party have an International Organization for Standardization (ISO) program and policy in place for the hiring and paying of employees?; 2) Does the charter party vet all employees to include license checks; verify bank address to employee address and obtain background checks thereon?; 3) Does your charter party ensure that all banking transactions made to the employees are documented starting with hours worked, signature from masters and payments made to employees home country only?

If you are in the marine transport industry and use a third party to pay those working on your behalf you need to review the third party’s AML program. The same is true for any other business which uses a third party company to make payments to others outside the US.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

The HSBC AML Settlement – Lessons Learned for the AML Compliance Practitioner

I recently wrote about banks behaving badly. Currently, Exhibit A in that list is HSBC. In December, 2012, the UK banking giant HSBC agreed to pay a fine of $1.92 billion for its transgressions involving money laundering. Today I want to look at the violations which the company engaged in and its resolution.

I.                   HSBC AML Violations

Regarding the HSBC AML claims there were four major areas of money laundering violations by HSBC. As listed in the Statement Facts to the Deferred Prosecution Agreement (DPA) they read:

10. There were at least four significant failures in HSBC Bank USA’s AML program that allowed the laundering of drug trafficking proceeds through HSBC Bank USA:

1. Failure to obtain or maintain due diligence or KYC information on HSBC Group Affiliates, including HSBC Mexico;
2. Failure to adequately monitor over $200 trillion in wire transfers between 2006 and 2009 from customers located in countries that HSBC Bank USA classified as “standard” or “medium” risk, including over $670 billion in wire transfers from HSBC Mexico;
3. Failure to adequately monitor billions of dollars in purchases of physical U.S. dollars (“banknotes”) between July 2006 and July 2009 from HSBC Group Affiliates, including over $9.4 billion from HSBC Mexico; and
4. Failure to provide adequate staffing and other resources to maintain an effective AML program.

We will review each of these in more depth to provide guidance to the AML compliance practitioner on the steps that their financial institution needs to take.

a.      HSBC Bank USA Failed to Conduct Due Diligence on HSBC Group Affiliates

One of HSBC Bank USA’s high risk products was its correspondent banking practices and services. Correspondent accounts were established at banks to receive deposits from, make payments on behalf of, or handle other financial transactions for foreign financial institutions. They are considered high risk because the US bank does not have a direct relationship with the clients and, therefore, has no diligence information on the foreign financial institution’s customers who initiated the wire transfers. To mitigate this risk, the Bank Secrecy Act (BSA) requires financial institutions to conduct due diligence on all non-US entities for which it maintains correspondent accounts. There is no exception for foreign financial institutions with the same parent company.

HSBC Bank USA was required under the BSA to conduct due diligence on all foreign financial institutions with correspondent accounts, including HSBC Group Affiliates, which it failed to do, from at least 2006 to 2010.  The decision not to conduct due diligence was guided by a formal policy memorialized in HSBC Bank USA’s AML Procedures Manuals.

b.      HSBC Bank USA Failed to Adequately Monitor Wire Transfers

From 2006 to 2009, HSBC Bank USA monitored wire transfers using an automated system called the Customer Account Monitoring Program (“CAMP”). The CAMP system would detect suspicious wire transfers based on parameters set by HSBC Bank USA under which various factors triggered review, in particular, the amount of the transaction and the type and location of the customer. However, HSBC Bank USA knowingly set the thresholds in CAMP so that wire transfers by customers located in countries categorized as standard or medium risk, including foreign financial institutions with correspondent accounts, would not be subject to automated monitoring unless the customers were otherwise classified as high risk.

Between 2000 and 2009, HSBC Bank USA, specifically disregarded numerous publicly available and industry-wide advisories about the money laundering risks inherent to Mexican financial institutions. These included the following:

1. The U.S. State Department’s designation of Mexico as a “jurisdiction of primary concern” for money laundering as early as March 2000;
2. The U.S. State Department’s International Narcotics Control Strategy Reports from as early as 2002 stating that Mexico was and continues to be one of the most challenging money laundering jurisdictions for the United States;
3. The April 2006 Financial Crimes Enforcement Network (“FinCEN”) Advisory concerning bulk cash being smuggled into Mexico and deposited with Mexican financial institutions;
4. The federal money laundering investigations that became public in 2007-08, involving Casa de Cambio Puebla, a Mexican-based money services business that had accounts at HSBC Mexico, and Sigue, a U.S.-based money services business, that had accounts at HSBC Mexico; and
5. The federal money laundering investigation into Wachovia for its failure to monitor wire transactions originating from the correspondent accounts of certain Mexican money services businesses, which became public in April 2008.

 c.       HSBC Bank USA Failed to Monitor Banknotes’ Transactions with HSBC Group Affiliates

HSBC Bank USA’s Banknotes business (“Banknotes”) involved the wholesale buying and selling of bulk cash throughout the world. The Banknotes business line was a high risk business because of the high risk of money laundering associated with transactions involving physical currency and the countries where some of its customers were located. In an attempt to mitigate these risks, Banknotes’ AML Compliance monitored customer transactions.  The purpose of transaction monitoring was to identify the volume of currency going to or coming from each customer and to determine whether there was a legitimate business explanation for buying or selling that amount of physical currency.

Despite the high risk of money laundering associated with the Banknotes business and FinCen advisories to the contrary, the HSBC Banknotes’ AML compliance consisted of one, or at times two, compliance officers. Unlike the CAMP system for wire transfers, Banknotes did not have an automated monitoring system, and, as a result, the Banknotes’ compliance officers were responsible for personally reviewing the transactions of approximately 500 to 600 Banknotes customers. These attempted reviews were deemed wholly insufficient.

d.      HSBC Bank USA Failed to Provide Adequate Staffing and Other Resources to Maintain an Effective AML Program

HSBC’s conduct regarding its AML policy was found to be completely wanting. Not only did the Bank fail to fill senior compliance officer positions after personnel left the Bank but it actually reduced the resources available to the compliance program by cutting funding in 2007. In 2008, the Chief Operating Officer (COO) for Compliance conducted an internal review of the AML compliance program and found it to be “behind the times” and noted that the program was under-resourced and understaffed. Despite these findings the Bank did not begin to address the resource problems until late 2009.

II.                HSBC Remedial Measures

The Department of Justice (DOJ) listed the remedial actions which HSBC engaged in that led, in part, to successfully avoiding a Criminal Indictment by the DOJ.

1. Change in Leadership and increase in resources. The Bank hired a new leadership team. In 2011, the Bank spent more than $244 on its compliance program. The Bank substantially increased the personnel in its compliance function from 92 full time employees and 25 consultants in 2010 to 880 full time employees and 267 consultants as of May 2012.
2. Claw Backs. The Bank ‘clawed back’ compensation from senior company executives.
3. Compliance Function. The Compliance Department was separated from the legal department and given direct reporting lines to the Board of Directors.
4. Exiting high risk business lines. The Bank exited the Banknotes business and ended 109 high risk business relationships.

The HSBC investigation and enforcement action took years and cost the Bank millions of dollars. The Bank ignored not only its internal compliance requirements but also outside information about the high risk nature of many of its business relationships. Banks must review their compliance programs to determine if any of the factors present in the HSBC matter are risks to their business models and remediate them as soon as possible to avoid a similar fate.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Is It the End of the (Compliance) World?

It’s the end of the world as we know it.

 It’s the end of the world as we know it.

It’s the end of the world as we know it and I feel fine.

Today the Mayans predicted the world would end. I must say that I find the Mayans had a complete lack of courtesy, indeed if not foresight, as they did not identify the time the world would end and further did not specify if the time not indicated would be GMT or some other time zone. I would note for the record that for anyone who went to college in the 1980s, the R.E.M. version may be more prescient – “It’s the End of the World as We Know It (And I Feel Fine)” and I actually feel pretty good today, and thanks for asking. Finally, for all you conspiracy theorists out there, you might recall that, in the final episode of the X-Files, the Cigarette-Smoking Man predicted the end of the in 2012, although with even less courtesy than the Mayans, he did not give us any date. So if you are reading this blog it means that the world has not yet ended. If you are not reading it, I hope you enjoyed the rapture.

While the Mayans may have believed that the apocalypse was coming down as we neared the end of 2012, there may well be other events which have a more contemporary meaning for us. Exhibit A is the article in the Wednesday Wall Street Journal (WSJ), entitled “A Banker’s Costly Cab Ride”, in which reporter Aaron Lucchetti detailed the woes which have befallen the former Morgan Stanley employee William Bryan Jennings who got into a dispute with a cab driver over a fare during the holiday season in the pre-apocalypse year of 2011. The dispute got so heated that Jennings pulled a pen knife on the cab driver and cut him so that the driver required stitches. Police filed and later dropped charges against Jennings but Morgan Stanley fired him in October of this year, before there was a final determination that the charges would be dropped.

Jennings, a 22 year veteran of the company, was fired for breaching the Company’s Code of Conduct, which was reported to read in part “We promote a culture of integrity by taking personal responsibility for our actions, making the right decisions and being accountable.” The Code further specifies, “…If you violate the Code or other Morgan Stanley policy or procedure, you will be subject to the full range of disciplinary sanctions, including termination of your employment.” In addition to summarily firing him, the WSJ article reported “Morgan Stanley refused to give him a deferred-compensation payment in June and has frozen as much as $5 million or more…” Ouch!

In our continuing look at “Banks Behaving Badly” Exhibit B is the report by Bloomberg News regarding the HSBC $1.9 billion settlement with the US Department of Justice (DOJ) to resolve its anti-money laundering violations. In an article entitled “HSBC Judge Requests Reasons to Approve Drug-Money Accord” it is reported that the Judge, who will pass upon the settlement with HSBC, has asked the parties “to submit a brief giving reasons he should approve the bank’s $1.9 billion settlement of money-laundering charges over drug cartel-related transfers.” The Judge was quoted as saying, “My suggestion is you present to the court a document that demonstrates why I should accept the agreement” and “There’s been some publicized criticism of this. I think you should feel free to address it.” With all the criticism of the settlement and its no criminal penalties perhaps he wants to know the same thing as Halah Touryalai, who asked in an article entitled “Final Thought On HSBC Settlement: How Much Bad Behavior Will We Tolerate?”, “What’s a bank got to do to get into some real trouble around here?” She then added, “The scary part about the HSBC settlement is that U.S. authorities are essentially saying they couldn’t act on criminal charges because it would harm the larger financial system. That’s got many calling HSBC (and potentially others) too-big-to-jail.”

Exhibit C is the article today in the WSJ by Chris Matthews entitled, “Judge Won’t Approve IBM, SEC Bribery Settlement”. In it he reported that the District Judge, in whose court the SEC filed its agreed to settlement with IBM for FCPA violation, refused to accept the agreed upon settlement. Judge Leon, the trial judge in the Gun Sting cases, was reported to have said he, “couldn’t approve the settlement unless the SEC and IBM agreed to abide by additional settlement terms imposed by the court or explain why the terms are too burdensome.” IBM’s counsel argued that certain of the Judge’s conditions were too burdensome and these included, that “that IBM must report to the court and the SEC annually on its efforts to comply with the FCPA, report any future violations of the FCPA, and report any new criminal or civil investigations.” Matthews wrote that “IBM said it was willing to report future improper payments, and books and records violations related to such payments, but was unable to report broader accounting inaccuracies that weren’t tied to improper payments.” Judge Leon asked “So if they learn about other FCPA violations, they get a pass on that?” He also “pressed lawyers for the SEC and IBM about what data they had to prove reporting FCPA books and records violations would be burdensome and wondered aloud why “one of the largest companies in the world” couldn’t track that.” Burdensome indeed.

So if the world does not end today, I hope that you have (or will) enjoy the shortest day of the year. As this will be my final post before Christmas, a Merry Christmas to all. I submit for your holiday enjoyment what I consider to be the greatest Christmas and holiday song of all-time, Nat King Cole singing “The Christmas Song”.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Race to the Bottom: Wal-Mart’s FCPA Investigation and the Houston Astros

So who do you think had the better day – the Houston Astros Monday or Wal-Mart Tuesday? Yesterday, the Astros announced the signing of Carlos Pena to be their Designated Hitter (DH) for the 2013 season. Pena’s 2012 average – a whopping ‘buck ‘97’; Yes sports fans the Astros have signed a DH who hit below the dreaded Mendoza Line for the past season. How is that for a strong opening move as the Astros move to the most talented Division in baseball? Anyone out there have the smallest inking that the Astros are ‘racing to the bottom’?

Nevertheless the Astros DH move probably pales with the PR debacle that Wal-Mart is facing today as the New York Times (NYT) once again, with superior reporting, had a story, entitled “The Bribery Aisle How Wal-Mart Used Payoffs To Get Its Way in Mexico”, above the fold on its front page on alleged bribery and corruption engaged in by Wal-Mart’s Mexico subsidiary. Reporters David Barstow and Alejandra Xanic von Bertrab did extensive research to find out not only the alleged amounts of bribes paid but also to whom, and the benefits that Wal-Mart allegedly received back in return.

Wal-Mart Bribery Box Score – (alleged) all scores courtesy of NYT

Store Type and Site	Number of Alleged Bribe Payments Made	Amount of Alleged Bribes USD
Sam’s Club in Mexico City	19	$341,000
Refrigeration Distribution Center north of Mexico City	9	$765,000
Wal-Mart in Teotihuάcan	4	$221,000

Teotihuάcan Store Bribery Box Score – (alleged) all scores courtesy of NYT

Purposed of Bribe	Person(s) Bribed	Amount USD
Obtain altered Zoning Map	Director of Urban Planning	$52,000
Obtain waiver of approved traffic plan.	In State Agency that regulates roads	$25,900
Town approval for store construction, where permits not in place.	Mayor and Town Council	$114,000
Obtain waiver to build at cultural heritage site, where no investigation performed.	In National Institute of Anthropology and History (NIAH)	(up to) $81,000

So reviewing the types of activity that fall under the Facilitation Payment exception to the US Foreign Corrupt Practices Act (FCPA) we find the following:

… “shall not apply to any facilitating or expediting payment to a foreign official, political party, or party official the purpose of which is to expedite or to secure the performance of a routine governmental action . . .”

The recent Department of Justice (DOJ) Guidance on the FCPA included a list of actions which are ordinarily and commonly performed by a foreign official and would fall within the definition of a facilitation payment. Also remember that the facilitation payment only applies for a “non-discretionary governmental action”.

• obtaining permits, licenses, or other official documents to qualify a person to do business in a foreign country;
• processing governmental papers, such as visas and work orders;
• providing police protection, mail pickup and delivery, or scheduling inspections associated with contract performance or inspections related to transit of goods across country;
• providing phone service, power and water supply, loading and unloading cargo, or protecting perishable products or commodities from deterioration; or
• actions of a similar nature.

Of course all proper facilitation payments must be recorded as facilitation payments. Further, as stated in the Guidance, “Whether a payment falls within the exception is not dependent on the size of the payment, though size can be telling, as a large payment is more suggestive of corrupt intent to influence a non-routine governmental action. But, like the FCPA’s anti-bribery provisions more generally, the facilitating payments exception focuses on the purpose of the payment rather than its value.” Based upon the facts set forth in the NYT article, it does not appear that the payments made were ‘non-discretionary’ or were not made without corrupt intent.

Are there any examples, either in Opinion Releases, enforcement actions, DOJ pronouncements or anything else that the payments by Wal-Mart were legal under the FCPA? I would have to give a resounding NO to my own question. The FCPA Professor did cite to three Opinion Releases in his post yesterday, entitled “Wal-Mart Again On The Front Page Of The New York Times”. They dealt with charitable donations under the FCPA and one of the alleged payments made in the Teotihuάcan Store Bribery, the payment to the National Institute of Anthropology and History (INAH) was alleged, in part, to be a charitable donation. However, in each one of the three Opinion Releases cited there were donations made with post-donation auditing of the use of the cash to ensure the money was used as specified and other protections to ensure compliance with the FCPA. The donations were also made with transparency and not, as reported by the NYT, “Sergio Raúl Arroyo, the director general of INAH, recalled in an interview that Ms. Miró had told him about Wal-Mart’s offer. He could not recall any other instance of a company offering a donation while it was seeking a permit. “That would have been totally irregular,” he said.”

So, as the FCPA Professor also noted in his piece, “from an FCPA perspective, the issues largely remain the same.” From the factual perspective, he may well correct. However, what may have changed is the conversation. The NYT piece shows just how invidious a culture of bribery and corruption can be and how such a culture can subvert local governments and even national cultural heritage protections.

Another interesting issue raised by the NYT article is the investigation of the underlying facts. As reported by the FCPA Blog, in a piece entitled “Wal-Mart’s latest FCPA disclosure (December 2012)”, in its Form 10-Q filed with the Securities and Exchange Commission (SEC) by Wal-Mart Stores, Inc. on December 4, Wal-Mart state the following,
“The Company has incurred expenses of approximately $48 million and $99 million during the three and nine months ended October 31, 2012, respectively, related to these matters.” In other words Wal-Mart has spent a pretty penny since the original NYT article in April. Recognizing that not all of these monies were dedicated solely the Mexico investigation, I would still pose the following question, “How is it that two intrepid reporters from the NYT were able to piece together this story and Wal-Mart was not able to do so when confronted with allegations of bribery and corruption in its Mexican subsidiary?” Lastly is the effect that this story may have on the DOJ. Given the criticism that the DOJ sustained in the wake of the HSBC Deferred Prosecution Agreement (DPA) for its money-laundering conduct, will the Department feel compelled to attempt to prosecute individuals in this case? How about the fine? What does the DOJ try and communicate when the world’s largest retailer is alleged to have engaged in such conduct? What about those licenses, if they were indeed obtained by bribery and corruption, should they still be valid?

So who will win this race to the bottom? I can say that it appears Wal-Mart is trying to get its house in order. It has hired a new Chief Compliance Officer (CCO), created new compliance positions around the globe and put on extensive FCPA compliance training. It may take other steps to help to remedy the predicament it now finds itself in. As for the Astros, I had always thought that DH stood for Designated Hitter…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Banks Behaving Badly or Brother Can You Spare A Billion (or Two)?

Remember when a billion dollars was real money? Over the past couple of weeks there have been some mammoth fines paid by financial institutions for conduct, which would appear to fall under the category of “Banks Behaving Badly”. Last week HSBC agreed to pay a fine of $1.92 billion for its transgressions involving money laundering. UBS is in the final stages of negotiations to pay $1.5 billion to resolve allegations that it tried to rig interest rate benchmark (i.e. ‘Libor’) to boost trading profits. Finally, on December 10, coming in at a paltry $327 million are our old friends Standard Chartered, which admitted processing thousands of transactions for Iranian and Sudanese clients through its American subsidiaries; subsequently to avoid having Iranian transactions detected by the US Treasury Department computer filters, Standard Chartered deliberately removed names and other identifying information, according to the authorities. All in all, it’s not been a bad couple of weeks for the US Treasury, given the current stalemate over the ‘fiscal cliff’ and the need to reduce the US deficit.

For those of you keeping score at home, we present our updated Banks Behaving Badly Box Score of Settlements

Banks Behaving Badly – Box Score of AML Settlements

Bank	Amount	Date of Settlement
Lloyds TSB Bank	$567MM	December 2009
Credit Suisse	$536MM	December 2009
ING Bank	$619MM	June 2012
Royal Bank of Scotland	$500MM	May 2012
Barclays	$298MM	August 2012
Standard Chartered – NY state	$340MM	August 2012
Standard Chartered – Federal	$327MM	December 2012
HSBC	$1.92 BN	December 2012
Total	$4.004BN

Banks Behaving Badly – Box Score of Libor Manipulation Settlements

Bank	Amount	Date of Settlement
Barclays	$450MM	June 2012
UBS	$1.5BN (proposed)	December 2012?
Total	$1.95BN (proposed)

If you do not have a calculator handy, for the 2012 banking season alone, that is $4,004,000,000 all going to the US Treasury thanks to our friends at Banks Behaving Badly. If you want to sneak-a-peak at what it might look like if the UBS settlement comes through just add on an additional $1.5 bn so that is over $6 billion in fines, penalties and disgorged profits from one industry sector in one year. And people have the temerity to complain about the energy industry being corrupt.

So what is the cause of ‘Banks Behaving Badly’? Back in June, at the time of the Barclays Libor manipulation settlement, the Financial Times (FT) wrote on its Op-Ed page in the piece entitled “Shaming banks into better ways” that “few have shone such an unsparing light on the rotten heart of the financial system” and then went on to say “nothing less than a long-running confidence trick played on the public for personal and institutional advantage” and even pointed out the “rotten culture at Barclays”. The FT editorial clearly focused on ethics when it said “But beyond the questions about legality there is a bigger worry about the wayward behavior of the financial sector.” The FT editorial concluded by telling banks that if “banker-bashing is to stop, the banks themselves must change.” Typical British understatement at its finest wouldn’t you say?

The HSBC settlement was announced by Lanny A. Breuer, Assistant Attorney General of the Justice Department’s Criminal Division. In the Department of Justice (DOJ) Press Release it was reported that HSBC received a Deferred Prosecution Agreement (DPA) which required, among other things, that it “committed to undertake enhanced AML and other compliance obligations and structural changes within its entire global operations to prevent a repeat of the conduct that led to this prosecution.  HSBC has replaced almost all of its senior management, “clawed back” deferred compensation bonuses given to its most senior AML and compliance officers, and has agreed to partially defer bonus compensation for its most senior executives – its group general managers and group managing directors – during the period of the five-year DPA.  In addition to these measures, HSBC has made significant changes in its management structure and AML compliance functions that increase the accountability of its most senior executives for AML compliance failures.” There will also be an independent outside monitor appointed to oversee the bank’s compliance efforts and report periodically to the DOJ.

Even with all the above and the fines, penalty and profit disgorgement, the DOJ has come under withering criticism for its failure to both let HSBC off so lightly, with a DPA, where “HSBC Bank USA failed to monitor over $670 billion in wire transfers and over $9.4 billion in purchases of physical U.S. dollars from HSBC Mexico” and no individuals were indicted. CNN reported that Sen. Charles Grassley, R-Iowa, sent a stinging letter to Attorney General Eric Holder, calling it “inexcusable” for the department [DOJ] not to prosecute criminal behavior by HSBC. Senator Grassley’s letter was quoted as saying, “What I have seen from the department is an inexplicable unwillingness to prosecute and convict those responsible for aiding and abetting drug lords and terrorists.” Further, “By allowing these individuals to walk away without any real punishment, the department is declaring that crime actually does pay,” Grassley asserted.

Halah Touryalai, in an article entitled “Final Thought On HSBC Settlement: How Much Bad Behavior Will We Tolerate?” in forbes.com, put it another way. Touryalai asked “What’s a bank got to do to get into some real trouble around here?” She went on to say, “So, let’s get this straight. A major global bank failed to catch activity that put our country’s security at risk and now it is sorry… The HSBC case brings to the forefront a big question for the U.S.: How much are we willing to tolerate from financial services companies? If we’re looking at the HSBC case then a lot, apparently.” Finally, Touryalai spoke for many when she said, “The scary part about the HSBC settlement is that U.S. authorities are essentially saying they couldn’t act on criminal charges because it would harm the larger financial system. That’s got many calling HSBC (and potentially others) too-big-to-jail.”

However, the DOJ had many data points to factor into its calculus on settlement. First, and foremost, (apparently) remains Arthur Anderson. If the DOJ had pushed for a criminal settlement, would it have debarred HSBC from doing business with the US government or its monies going through the US banking system? What would be the effect of such a remedy? What if the DOJ had pushed too far and HSBC felt it had no choice but to go to trial, would they have been Arthur Andersen’d out of business? Perhaps this is a variant of the “too big to fail” argument, called the ‘too-big-to-put-out of business’ argument.

But there is another reason for the specific terms of the HBSC settlement, which was discussed by Lanny Breuer during the news conference. He stressed the extraordinary cooperation by HSBC during the investigation in addition to the structural changes the bank put in place as noted above. If the DOJ wants to obtain the highest level of cooperation from a defendant during an investigation, turning around after such cooperation and indicting either the entity or a bunch of its employees will most probably end such a level of cooperation. My guess is that the DOJ wants to encourage as much cooperation as it can from parties under investigation. That would include greater compliance after the resolution in addition to extraordinary cooperation during the investigation. However this may not be enough to quell the critics. So the DOJ may be stuck in the position of damned if they do (indict) and damned if they don’t (indict).

But whatever your take on the DOJ’s position as to HSBC, it certainly has been a year of reckoning for “Banks Behaving Badly”.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

After the White Whale – Enforcement of AML Laws Against Companies for Traded Goods

Whenever you look at the Top Ten Foreign Corrupt Practices Act (FCPA) settlements of all-time, the figures can look pretty high. However, this summer has seen some absolutely astronomical fines and penalties agreed to by financial institutions for violations of Anti-Money Laundering (AML) laws and regulations. Since May we have seen the following financial institutions agree to the resulting fines and penalties:

AML Penalty Box of Settlements

Bank	Amount (all in USD$ MM)	Date of Settlement
ING Bank	$619	June 2012
Royal Bank of Scotland	$500	May 2012
Standard Chartered	$340	August 2012
Barclays	$298	August 2012
Total	$1,757

So for all you sports fans keeping score at home that is $1.757 billion in fines and penalties. And this amount does not even include the grand-daddy of them all, HSBC, which has reserved $700MM for its own fine. Some commentators have speculated that the HSBC fine may exceed One Billion Dollars alone.

In an article in the Financial Times (FT), entitled “We all must clean up our act on money laundering”, reporter John Cassara noted International Monetary Fund (IMF) estimates that world-wide money laundering can be as high as $3.5 trillion annually. While traditional criminal enterprises had used banks to wash dirty money into clean money, after 9/11, the US government saw money-laundering as a security issue. One of key issues in the Standard Chartered enforcement action by the New York state Department of Financial Services was its financial dealings with banks in Iran.

But the problem is simply beyond financial institutions. Cassara writes that there are three generally recognized ways to launder money: (1) via financial institutions; (2) bulk cash smuggling across borders; and (3) via traded goods. The US approach to fighting money laundering in financial institutions is to demand transparency and require due diligence not only on customers but on transactions as well. But money launderers will move to where they see the least resistance in the financial system. So if banks ramp up their internal compliance systems, criminal enterprises and terrorists will move to the old fashioned method of smuggling money across borders to money laundering via traded goods.

Indeed in an article in the Wall Street Journal (WSJ) last week, entitled “U.S. Seeks to Patch Laundering Net”, Jeffery Sparshott reported that the US Treasury Department’s Financial Crimes Enforcement Network, known as FinCen, “are proposing to enlist companies across the financial sector – and possibly beyond – as a front-line defense against money laundering.” These new rules “may eventually extend the rules to mortgage lenders, casinos, gemstone dealers and others…in a bid to deter criminal activity and terrorist financing and stop firms from taking on shell companies without knowing ownership details.” If FinCen extends the most robust regulations beyond traditional financial institutions, it would seem to me that the next logical step would be to extend such regulations to non-financial commercial operations.

However, we have recently seen examples of criminals using method three (3) above to engage in money laundering; that being via traded goods. One recent example is a process whereby teams of money launderers working for cartels use dollars to purchase a commodity from the US and then export the commodity to Mexico or Colombia. A key is that “Paperwork is generated that gives a patina of propriety” which means that drug money is given the appearance of legitimate proceeds from a legitimate commercial transaction. One Immigration and Customs official interviewed said, “It’s such a great scheme. You could hide dirty money in so much legitimate business, and they do. You can audit their books all day long and all you see is goods being imported and exported.”

Another scheme involved even more sophisticated tactics such as “overvaluing and undervaluing invoices and customs declarations.” There is even a new term “trade-based money-laundering” which is being used to denominate the schemes. It was reported that in another recent operation, which was estimated to launder over $1MM every three weeks, money launderers were exporting from the US to Mexico polypropylene pellets that are used to make plastic. However, the money-launderers inflated the value declared on the high-volume shipments and this eventually attracted suspicion of US bank investigators, “who shut down the export operation by discontinuing letters of credit that the suspected launderers were using.” One official noted, “You generate all this paperwork on both sides of the border showing that the product you’re importing has this much value on it, when in reality you paid less for it. Now you’ve got paper earnings of a million dollars and the million dollars in my bank account – it’s legitimate. It came from this here, see?”

What can companies do to protect themselves from inadvertently running afoul of AML laws?  Just as transactional based due diligence and internal controls are mandatory components of a FCPA minimum best practices compliance program; they should be used in transactions with customers or other third parties. In addition to due diligence on agents, distributors or others in the sales distribution chain, companies need to perform due diligence on those to whom they sell. Know Your Customer (KYC) rings true not just for financial institutions but for companies engaged in other forms of commercial operations. If a new customer approaches your company, you should investigate them beyond simply running a Dun & Bradstreet Report to check their credit-worthiness. You need to investigate their background to see if they really are in a business which would use your products.

There is also the issue of how you will be paid for the sale of your widgets. If someone from Mexico suddenly comes to your business and wants to buy widgets with cash, this needs to send up a huge Red Flag. It would seem just as unlikely if a customer with a relatively low net worth would come to you and seek to purchase a high cost product with cash. If such an eventuality happened this should also raise a very large Red Flag.

Even if you are not being paid in cash, but are being paid via wire transfer, you should check the source of the wire funds. If the money comes from a bank or other financial institution which is on a sanctions list, you need to tread very carefully. In another article in the FT, entitled “Taken to the Cleaners”, the piece ended by comparing the problem of money laundering with a sucker fish which attaches itself to a whale. It may not be noticed as it is “submerged and discreet” but it is “hard to capture as it can just swim off elsewhere.”

So perhaps the white whale analogy may need to be reconsidered. Or perhaps, just as Captain Ahab kept searching for the white whale;  as criminals continue to probe for structural weakness to exploit in the area of money laundering; as regulators respond with more, greater and broader regulations; companies will need to increase and refine their own processes and procedures.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Settling with Multiple International Regulators: What Has Standard Chartered Wrought?

“Tell me what can a poor boy do; ‘Cept for sing for a rock ‘n’ roll band?”

As a teenager I often pondered those lyrics and wondered if Mick Jagger was really a closet radical who was ready to “let his freak flag fly” (to cross-mix musical metaphors) and take to the streets to protest as was so often done in the 1960s. That Stones lyric popped into my head more than once over the past week when I was trying to sort out the story of Standard Chartered Bank (SBC) and the New York state Department of Financial Services (DFS) in the context of an international company subject to many different international regulators. Quite simply, what is a poor company to do when it is being investigated by multiple regulatory agencies or government departments in many different countries and with even further differentiated jurisdictions within the same country, such as the role of the (DFS) and the US Department of Treasury or Federal Reserve?

Companies and Regulators-waiver of privilege and negotiations

This question clearly came up in the context of the SBC anti-money laundering (AML) fine announced earlier this week. In addition to the UK Financial Services Authority (FSA), SBC was under investigation by several US federal authorities including the Department of Treasury, Department of Justice (DOJ), Federal Reserve and Federal Bureau of Investigation (FBI). Who and how does an entity under investigation communicate? In an article in the Huffington Post, entitled (appropriately enough) “Standard Chartered May Have Burned Itself By Waiving Attorney-Client Privilege In Probe”, reporters Aruna Viswanatha and Andrew Longstreth wrote that SBC “appears to have been burned by a decision to waive attorney-client privilege, a move that usually helps appease U.S. authorities.”

In addition to the waiver issue, how does an institution negotiate with several over-lapping jurisdictions or multiple regulators within one jurisdiction? The Financial Times (FT), in an op-ed piece entitled “StanChart rushes to unsettling deal”, said that “If banks are to be clear about their responsibilities and obligations, regulators have to establish coherent norms and processes.” The piece went on to opine that it would “be perverse” if the DFS is applauded for “going it alone” even though the FT acknowledged that the DFS was “right to raise questions over the legality of wire-stripping”.

Regulators and Regulators-who’s on first?(International Division)

What about the relationship between international regulators, is it now damaged? In a Wall Street Journal (WSJ) article, entitled “Trans-Atlantic Tensions Increase”, Dana Cimilluca and Victoria McGrane reported that “the special relationship between the financial authorities in the U.S. and U.K. is going through a rough patch.” To underscore this point, they noted that after the DFS went public, the Governor of the Bank of England “chastised” US regulators. However, this chastisement did not sit well with all on this side of the pond. In another WSJ article entitled “Bank Deal Rankles Regulators” Liz Rappaport quoted Neil Barofsky, former special inspector general in the US Treasury Department, who believes, “The FSA should stop griping about other regulators and focus on overseeing London’s banks”.

Regulators and Regulators-who’s on first?(US Division)

What about the relationships between US federal and state regulators? Rappaport reported that the DFS met with all other US regulatory agencies investigating SBC conduct in April. The DFS seems to believe that it communicated that it was ready to move while the federal regulators “didn’t feel that they had got any indication from Mr. Lawsky’s office that he was going to pursue a case on his own. Rappaport quoted Mark Williams, a former Federal Reserve Bank examiner, who said that it was “unprecedented, from a regulatory perspective” for a state regulator to move without waiting for federal regulators to move fist. However, he was also quoted as saying “It will likely embolden other state banking commissioners”. But the final word, at least from the US side, may have come from Senator Carl Levin (D-Mi.) who was quoted as saying, “Holding a bank accountable for past misconduct doesn’t need to take years of negotiation over the size of the penalty. It simply takes a regulator with the backbone to act.”

What Should Wal-Mart Do?

So what does all of this mean? Certainly in the financial services sector, counsel needs to tread carefully and have a clear understanding about turning over evidence and how that evidence may be presented. Companies also need to have clear understanding of who they are negotiating with and under what conditions. For those Foreign Corrupt Practices Act (FCPA) compliance practitioners, witness the release of the letter this week by two House members, Oversight and Government Reform Committee Ranking Member Elijah E. Cummings and Energy and Commerce Committee Ranking Member Henry A. Waxman, who sent a letter to Wal-Mart Chief Executive Officer (CEO) Michael Duke regarding the company’s failure to provide Congress with information relating to the Wal-Mart bribery allegations. In the letter, they claim to have found evidence “of “questionable financial behavior” including tax evasion and money laundering in Mexico.” Further, they threaten to make “public any documents we have obtained as part of the investigation.” I probably do not need to remind the readers of this blog that Wal-Mart has announced it is conducting an internal investigation for allegations of FCPA violations in Mexico. So tell me “What can a poor boy [bank, company, fill in the blank] do?”

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

When to Not Use the F-Bomb? The Standard Chartered AML Settlement

I guess it is appropriate that the word “F-Bomb” will now, as of next week and for the first time, be in the mainstream Merriam-Webster’s Collegiate Dictionary. I say this while thinking about Howard Sklar’s blog post, entitled “Best.Quote.Ever”, in which he cited the following email from Standard Chartered Bank’s (SBC) Group Executive Director to its head of Compliance in New York.

You f…ing Americans. Who are you to tell us, the rest of the world, that we’re not going to deal with Iranians?

[Ed. Note - This is a PG-rated blog so we have edited the curse word. We would note that the family G-rated New York Times (NYT) cut the entire first sentence from its reporting.]

Well, as of yesterday, SBC seems to have found the understanding that if you are going to do business, in at least the state of New York, you had better follow the rules as it agreed to pay a $340MM fine to the New York state Department of Financial Services (DFS) for breaking the law. Unfortunately, the SBC settlement was just one more in long line of settlements by banks for violations of anti-money laundering (AML) laws. In an article in the <>Wall Street Journal (WSJ), entitled “British Bank Settles Iran Money Case”, reporter Liz Rappaport cited figures from the US Department of Treasury and Justice Department regarding the largest US anti-money laundering settlements.

AML Penalty Box of Settlements

Bank	Amount (all in $millions)	Date of Settlement
ING Bank	$619	June 2012
Lloyds TSB Bank	$567	December 2009
Credit Suisse	$536	December 2009
Royal Bank of Scotland	$500	May 2012
Standard Chartered	$340	August 2012
Barclays	$298	August 2012

We also note, as reported in the WSJ, that HSBC Holding has publicly announced it “has reserved $700 million to pay fines” relating to its AML violations.

While the amount paid by SBC is low on the scale of fines paid to date, Rappaport quoted analysts as saying “the settlement is a good outcome for Standard Chartered. They say the penalty is manageable for a bank that generated nearly $4 billion in profit in the first half of 2012.” However, there were some components of this settlement that could cause SBC further pain down the line. The first, as reported in a Financial Times (FT) article entitled “StanChart settles NY claims for $340m”, is that the agreement is with the state of New York regulators only. It does not cover the “US Department of Treasury, Department of Justice, Federal Reserve and Federal Bureau of Investigation” all of whom are “also probing the bank’s transactions with Iran” in long running investigations. Credit Suisse analyst Amit Goel was quoted in another WSJ article, entitled “Standard Chartered Faces a New Normal in New York”, that “We would expect the other regulators to settle in due course, and the fines may be material, but we think the aggregate cost will be below $1 billion and will not require the company to issue any additional equity.”

In addition to these ongoing investigations SBC will have not only an external monitor, appointed by the New York DFS, but also examiners from the DFS installed on site at the bank who “will assess the money-laundering risk controls in StanChart’s New York branch, advise on the implementation of “corrective measures” and report back to the DFS for a full two years.” I can assure SBC that having such compliance monitors, both external and from the DFS, will prove to be very disruptive to their ongoing business operations. A bank spokesman was quoted, in a WSJ article, as saying “the bank said it has no idea how intrusive the installation of monitors might be because the final details have yet to be hammered out.” Indeed.

So how about that idiotic email that started this piece. I would say that SBC needs some serious training on email etiquette. Maybe they could have Bobby Knight come in for sensitivity training? Or maybe, just maybe, they could follow the law.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012

Anti-Money Laundering For the Non-Banking Entity

While many companies which operate under anti-bribery laws such as the UK Bribery Act or anti-corruption laws such as the US Foreign Corrupt Practices Act (FCPA), have compliance programs in place to review business relationships, I have found that one of the areas which most non-banking companies do not sufficiently focus on is anti-money laundering (AML). Money laundering is conduct designed to disguise the proceeds of criminal activity. These include making illegal or improper payments to Foreign Government Officials, the misappropriation, theft or embezzlement of public funds by any party as well as by or for the benefit of Government Officials, paying kickbacks to employees of private companies, creating a scheme to defraud third parties and, in the United States, misusing the mails (whether it is the US mail, private or commercial couriers) and the wires in interstate or international commerce. Money laundering can arise when there is an effort to evade reporting requirements by engaging in a series of funds transfers that individually are below the amount requiring disclosure. Funds may also be laundered by transfers among bank accounts or through the purchase of apparently legitimate assets. Even though they have been “laundered,” these funds still represent the proceeds of criminal activity, and knowingly receiving, transferring, transporting, retaining, using, or hiding such criminal proceeds is illegal.

Legitimate businesses may be targets for persons or entities who want to make the proceeds of criminal activity appear to be legitimate. For example, companies that offer to do business with a company may be “fronts” for money laundering or other criminal activity. Similarly, agents, customers or other parties may seek to have a company wire their fees to jurisdictions other than the ones in which they reside to avoid the laws and requirements of their home country. It is, therefore, essential for a company to “know” the parties with whom it conducts business and perform the due diligence required by the company Code with respect to all potential Business Partners, Representatives, Agents, Distributors and others in the sales chain. A company should also take care with its business relationships in the supply chain such as vendors that are viewed as high risk under the FCPA or UK Bribery Act.

So what are some of the ways a company can facilitate money-laundering? In an article in the Los Angeles Times (LAT) entitled “Cartels use legitimate trade to launder money, US and Mexico say” by Tracy Wilkinson and Ken Ellingwood, the authors described a process whereby teams of money launderers working for cartels use dollars to purchase a commodity from the US and then export the commodity to Mexico or Colombia. A key is that “Paperwork is generated that gives a patina of propriety” which means that drug money is given the appearance of legitimate proceeds from a legitimate commercial transaction. One Immigration and Customs official interviewed said, “It’s such a great scheme. You could hide dirty money in so much legitimate business, and they do. You can audit their books all day long and all you see is goods being imported and exported.”

The key is that the commodities being purchased are so innocuous that large bulk purchases will rarely, if ever, draw any official scrutiny. The goods purchased can be red tomatoes or bolts of cotton fabric. In either case, the commodity itself does not matter, as the simple fact of purchasing in the US, shipping into, and reselling in Mexico, allows the drug cartels to “transfer earnings back home to pay bills and buy new drug supplies while converting dollars to pesos in a transaction relatively easy to explain to authorities.”

There have been some interdictions in this system, however. In 2010, US authorities arrested several executives of Angel Toy company, who the government alleged were conspiring with Mexican drug cartels to launder drug money through a scheme to purchase Teddy Bears (of all things), for shipment back to and for resale in Mexico. The plan was straightforward, just under $10K of cash for each shipment of Teddy Bears, which were then resold in Mexico.

However, now money launderers use even more sophisticated tactics such as “overvaluing and undervaluing invoices and customs declarations.” There is even a new term “trade-based money-laundering” which is being used to denominate the schemes. It was reported that in another recent operation, which was estimated to launder over $1MM every three weeks, money launderers were exporting from the US to Mexico polypropylene pellets that are used to make plastic. However, the money-launderers inflated the value declared on the high-volume shipments and this eventually attracted suspicion of US bank investigators, “who shut down the export operation by discontinuing letters of credit that the suspected launderers were using.” One official noted, “You generate all this paperwork on both sides of the border showing that the product you’re importing has this much value on it, when in reality you paid less for it. Now you’ve got paper earnings of a million dollars and the million dollars in my bank account — it’s legitimate. It came from this here, see?”

In an article in the Wall Street Journal (WSJ), entitled “Sands Probed in Money Moves”, reporters Kate O’Keefe, Justin Scheck, Alexandra Berzon and James Grimaldi, reported that US authorities are investigating Las Vegas Sands Corp. and several of its executives regarding allegations of violations of US money-laundering laws by failing to alert authorities to millions of dollars transferred to its casinos by two Las Vegas high rollers. The specific allegations involve an examination of the Sand’s “handling of money received several years ago from a Chinese-born Mexican national, Zhenli Ye Gon, later accused of drug trafficking and Ausaf Umar Siddiqui a former California executive subsequently convicted of taking illegal kickbacks.

Regarding Mr. Ye Gon, the WSJ reported that in 2006, Ye Gon “made tens of millions of dollars in transfers to Sands accounts from Mexican “casas de cambio,” which are currency-exchange firms that have been the focus of several recent money-laundering probes in the U.S., several people involved in the case said he transferred a total of around $85 million to casinos owned by Sands and other operators, court filings indicate. Prosecutors have told lawyers representing Sands employees that Mr. Ye Gon’s use of Mexican exchange houses to handle such huge transfers was a red flag.” Regarding Mr. Siddiqui, the WSJ reported that Sands received more than $100 million from Mr. Siddiqui, while he had an annual salary of $200,000 with Fry Electronics.

Transactional based due diligence and internal controls are mandatory components of a FCPA minimum best practices compliance program. In addition to due diligence on agents, distributors or others in the sales distribution chain, companies need to perform due diligence on those to whom they sell. If someone from Mexico suddenly comes to your business and wants to buy widgets with cash, this needs to send up a huge Red Flag. It would seem just as unlikely if a customer with a relatively low net worth would come to you and seek to purchase a high cost product with cash. If such an eventuality happened this should also raise a very large Red Flag.

 What Should You Look For-Red Flags

Red flags are circumstances that should alert a reasonable person that illegal or improper conduct is substantially likely to occur and, therefore, further inquiry is necessary. Red flags reflecting possible violations of anti-money laundering laws and regulations include:

1. Legitimacy of the party and/or assets are undeterminable through due diligence or independent verification;

2. The party proffers false, misleading or substantially incorrect information and documentation;

3. The party suggests transactions involving cash or insists on dealing only in cash equivalents;

4. The party refuses to disclose or to provide documentation concerning identity, nature of business, or nature and source of assets;

5. The party refuses to identify a principal or beneficial owner;

6. The party appears to be acting as an agent for an undisclosed principal or beneficial owner, but is reluctant to provide information, or is otherwise evasive, regarding the identity of the principal or beneficial owner;

7. The party is a shell company and refuses to disclose the identity of the party’s beneficial owner;

8. The party has assets that are well beyond its known income or resources;

9. The party requests that funds be transferred to an unrelated third party and is unable to provide sufficient legitimate and independently verifiable justification for such request;

10. The party requests a wire transfer to a jurisdiction other than the one in which the party is located and is unable to provide sufficient legitimate and independently verifiable justification for such request, particularly if located in an “off shore” bank secrecy or tax haven;

11. The party engages in transactions that appear to have been structured so as to avoid government reporting requirements, especially if the cash or monetary instruments are in an amount just below reporting or recording thresholds;

12. The party exhibits unusual concern about compliance with government reporting requirements;

13. The party exhibits a lack of concern regarding risks or other transaction costs;

14. The party wishes to engage in a transaction that lacks business sense, economic substance or apparent investment strategy;

15. The party lacks general knowledge of its industry or lacks adequate facilities or qualified staff to perform the required tasks or work;

16. The party requests that a transaction be processed in a manner that circumvents a company procedure or avoids company documentation requirements;

17. The party is included on list of Specially Designated Nationals, or similar lists, maintained by the US Government and the United Nations or is associated with such individuals and entities;

18. The party is located or has accounts or financial dealings in countries either identified as being non-cooperative with international efforts against money laundering by the Financial Action Task Force, or against whom the US Treasury Department has issued an advisory;

19. The party, or any person associated with the party, is or has been the subject of any formal or informal allegations (including in the reputable media) regarding possible criminal, civil or regulatory violations or infractions; and

20. The independent due diligence conducted by a company uncovers allegations that raise concerns regarding the party’s integrity.

In this age of cross-border criminal activity and cross-border enforcement, companies should be aware of these techniques used to launder money. Company compliance programs need to incorporate transactional due diligence into an overall anti-corruption compliance program. You may not see multi-millions of dollars in cash come into your company as Sands did from Mr. Ye Gon and Mr. Siddiqui but you should run the basic checks as suggested by the list of Red Flags.

============================================================================================

A big shout out to the USA Women’s Soccer team for their win in stoppage time of Extra Time over Canada. Also a shout out to Team Canada for a great game and playing their collective hearts out in one of the best matches I have ever seen.

============================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2012