U.S. Targets Foreign Financial Institutions for 'Causing' Violations of Sanctions Regulations

Deferred Prosecution Agreements and Settlements
Under deferred prosecution agreements, U.S. Department of Justice (DOJ) and New York District Attorney’s Office (NYDA) bring charges by filing a criminal information but agreeing not to prosecute the charges, provided the defendant complies with certain requirements outlined in the settlement. The requirements frequently include stipulating to the facts constituting the alleged violations, paying a monetary penalty, and instituting compliance procedures to prevent future violations. If the defendant abides by the terms of the agreement for a specified period, the charges are dismissed. Failure to comply with the agreement allows the DOJ and NYDA to proceed against the defendant on the basis of their prior stipulated facts.

Lloyds TSB Bank Plc. (Lloyds). Lloyds’ January 2009 deferred prosecution agreements with the DOJ and NYDA included a $350 million payment to settle allegations that Lloyds allowed Iran and Sudan to access U.S. financial institutions in violation of U.S. sanctions regulations and New York criminal law. Lloyds internally “stripped” customer names, bank names, and addresses from SWIFT payment messages to allow them to pass undetected through filters at U.S. correspondent banks. Had the messages contained transparent data concerning the parties, the U.S. correspondent banks would have been required to reject or block the transactions in compliance with U.S. sanctions regulations.

As part of the settlement, Lloyds agreed to employ an independent pre-approved consultant to review and report on five years of transactions. In addition, Lloyds agreed to comply with the Wolfsberg Anti-Money Laundering Principles for Correspondent Banking. In return, the DOJ deferred prosecution for two years and will subsequently dismiss the charges provided Lloyds remains in full compliance with the terms of the settlement.

In December 2009, Lloyds entered into a separate settlement with the Office of Foreign Assets Control (OFAC) agreeing to a $217 million fine, which was credited against the previous payment, and agreed to conduct annual reviews for two years of its policies and procedures and a “statistically significant” review of payments cleared through the United States.

Australia and New Zealand Bank Group, Ltd. (ANZ). In its August 24, 2009 OFAC settlement, ANZ paid $5.75 million to settle allegations of violations of the Sudanese Sanctions Regulations and the Cuban Assets Control Regulations. OFAC alleged that between 2004 and 2006, ANZ illegally processed 31 transactions through U.S. correspondent accounts totaling in the aggregate approximately $106 million. ANZ allegedly manipulated the SWIFT messages “stripping” them of any reference to Sudan or Cuba. ANZ’s actions concealed the identity of the sanctions targets and impeded U.S. financial institutions from identifying the restricted transactions.

OFAC agreed to mitigate the penalty based on three predominant factors. First, although ANZ did not voluntarily disclose the violations, ANZ cooperated in conducting an extensive review of the transactions and brought to OFAC’s attention additional transactions of which OFAC was not aware and which ANZ did voluntarily disclose. Second, ANZ promptly initiated a remedial policy. ANZ re-engineered its operating model to enhance its ability to identify and resolve operational gaps and weaknesses. ANZ agreed to continually audit its compliance model to ensure that future transactions that would be in violation of OFAC’s regulations are not processed by or through U.S. financial institutions. The Australian Prudential Regulation Authority also agreed to monitor the results of ANZ’s internal review. Third, ANZ had not been subject to an OFAC enforcement action in the five years preceding the transactions at issue.

Credit Suisse AG (Credit Suisse). On December 16, 2009, DOJ, NYDA and OFAC announced a record-breaking $536 million settlement with Credit Suisse. The settlement documents alleged Credit Suisse’s involvement in thousands of concealed financial transactions with OFAC target countries processed through U.S. correspondent banks. Credit Suisse allegedly developed procedures to instruct clients on how to structure transactions and Credit Suisse altered payment paths and “stripped” payment messages of any reference to the target countries.

In addition to the fine, the settlement subjects Credit Suisse to a cease and desist order and requires implementation of a transparent global regulatory compliance program. The compliance program must include training for Credit Suisse employees on OFAC-related issues, an audit program designed to test for compliance, and an annual review of the compliance program by qualified personnel.

ABN Amro Bank N.V. (ABN AMRO)/Royal Bank of Scotland (RBS). In 2006, ABN AMRO agreed to a cease and desist order with OFAC and the Board of Governors of the Federal Reserve System. ABN AMRO was assessed a $40 million penalty, which also satisfied a concurrent $30 million FinCEN penalty. The violations, which were voluntarily disclosed, involved ABN AMRO’s overseas branches, which removed references to entities in which Libya or Iran had an interest before forwarding wire transfers, letters of credit and U.S. dollar checks to ABN AMRO branches in New York and Chicago. This 2006 settlement, however, did not address criminal penalties.

On May 4, 2010, ABN AMRO, which had since been acquired by RBS, entered into a deferred prosecution agreement with DOJ agreeing to forfeit $500 million in connection with a two-count criminal information. Specifically, ABN AMRO waived indictment on one count of violating the Bank Secrecy Act and one count of conspiracy to defraud the U.S. by violating the International Emergency Economic Powers Act (IEEPA) and the Trading with the Enemy Act (TWEA).

The 2010 deferred prosecution agreement details a much broader pattern of violations. The factual statement accompanying the deferred prosecution agreement alleges that from 1998 through 2005, ABN AMRO conducted transactions valued at $500 million in violation of IEEPA, TWEA and the Bank Secrecy Act involving targets of U.S. economic sanctions and ignoring OFAC compliance obligations. ABN AMRO removed or altered names and references to target countries from payment messages. The “stripping” procedures allowed the transactions to pass undetected through filters at U.S. correspondent banks, where they would otherwise have been blocked and reported to OFAC. In addition to altering the payment messages, ABN AMRO failed to maintain adequate anti-money laundering procedures and processes.

ABN AMRO provided prompt and substantial cooperation, committed substantial resources to investigate transactions, and agreed to enhance its compliance policy to ensure transparency. In light of ABN AMRO’s remedial actions, DOJ agreed to recommend dismissal of the information in one year provided ABN AMRO continues to fully cooperate.

Policy Trends and Compliance Risks
These cases are a direct result of the United States’ policy to strengthen U.S. sanctions against Iran, as well as other countries, without explicitly requiring foreign financial institutions to comply with extraterritorial U.S. legal requirements. These cases also reflect a growing trend among enforcement agencies to cooperate on sanctions enforcement, bringing to bear not only the threat of higher monetary penalties but also heightened scrutiny from bank regulatory authorities and potential criminal fines and imprisonment. Regardless of the legal merits and possible defenses that may have been available, these institutions evidently decided to settle rather than face consequences that could have been even more serious.

A number of global financial institutions with headquarters outside the United States have adopted their own internal policies to comply with U.S. sanctions regulations as though they were U.S. institutions, judging that the risks of non-compliance and potential adverse impact on their business in the United States outweighed the risks of continuing to engage in business with countries targeted by U.S. sanctions.

The expanded reach of U.S. enforcement to activities that cause U.S. persons to commit violations within the United States presents a serious compliance risk. Financial institutions that clear dollar transactions through the United States must ensure that they comply with U.S. sanctions regulations.

Download: U.S. Targets Foreign Financial Institutions for 'Causing' Violations of Sanctions Regulations