Credit Suisse unit fined $16.5 million over AML program
Credit Suisse Securities (USA) (CSSU) has been fined $16.5 million and will have to undertake a compliance review to settle Financial Industry Regulatory Authority allegations that it had serious weaknesses in its anti-money laundering efforts.
AML has been a long-standing concern for regulators and an area of considerable investment by financial institutions, but has gained even greater prominence over the past few years following major enforcement settlements and a long-awaited proposal by the US Department of the Treasury’s Financial Crimes Enforcement Network that would expand Bank Secrecy Act responsibilities to investment advisers.
Finra has accepted a letter of acceptance, waiver and consent from CSSU, which did not admit or deny wrongdoing.
According to the self-regulatory organization, CSSU between January 2011 and December 2015 had ‘significant deficiencies’ in its AML program, principally related to its ability to hunt adequately for potentially suspicious trading and money movements. From the beginning of the period at issue until September 30, 2013, the firm failed to review effectively trading from an AML standpoint, Finra says.
The firm at the time described its procedures as a ‘lines of defense’ strategy that, in theory, was intended to provide overlapping layers of protection, but in practice the firm did not have an effective system to review trading for suspicious activity, according to the SRO.
The systems and procedures used by the firm to monitor trading for other purposes were not designed to detect potentially suspicious activity from an AML perspective, and non-AML compliance departments and branches did not assume responsibility for reviewing trading for AML reporting purposes – meaning that, in certain instances, CSSU did not investigate trading adequately to assess whether a suspicious activity report (SAR) should be filed, Finra alleges.
In addition, the SRO alleges, certain potentially suspicious trading was not escalated to CSSU’s AML compliance team so that the firm could investigate and determine, as it was required to do, whether SARs needed to be filed. The trading at issue included suspicious microcap stock transactions and sales of unregistered securities, according to Finra, adding that the firm then implemented additional procedures and controls limiting the trading of microcap securities.
For the whole period at issue, CSSU relied on an automated surveillance system to monitor client activity for potentially suspicious money and securities transfers, using scenarios the firm chose to implement, but CSSU failed to implement effectively the scenarios it chose to use and failed to implement other available scenarios designed to identify several other common suspicious patterns or activities, Finra alleges. When its scenarios triggered an alert, the firm also did not always adequately review and investigate the activity, according to the SRO.
Although CSSU engaged a consulting firm in 2012 to evaluate its automated surveillance system and then made efforts to implement the firm’s recommendations, some of the alleged inadequacies in CSSU’s implementation of the automated surveillance system remain outstanding, Finra says.
During the relevant period, the firm also did not establish, maintain and enforce an adequate supervisory system, including written supervisory procedures, reasonably designed to ensure compliance with Section 5 of the Securities Act, according to the SRO. As a result, Finra alleges, CSSU participated in certain instances in the distribution of unregistered microcap securities through both its investing banking business and its private banking business.
In addition, from January 2011 through September 30, 2013, CSSU failed to conduct adequate due diligence on correspondent accounts of certain foreign financial institutions that were its affiliates, and it failed to conduct enhanced due diligence of correspondent accounts of certain foreign banks that were also its affiliates, as required by the Bank Secrecy Act, Finra says. Although the firm was aware of the nature of its affiliates’ business and activity, it did not apply its due diligence program to these correspondent accounts, according to the SRO.
Finra also alleges that the ability of the firm’s AML compliance analysts to review adequately alerts generated to detect suspicious activity was hampered by the level of resources dedicated to AML surveillance.
A spokesperson for Credit Suisse says in a statement, ‘Credit Suisse is pleased to have reached a settlement with Finra in this matter. We cooperated with Finra’s inquiry and have been taking appropriate internal remedial efforts.’
As part of the settlement, CSSU has agreed to:
- Implement written supervisory policies and procedures reasonably designed to address each of the issues alleged by the SRO
- Implement a detailed plan and fully allocated funding and resources to fully remediate each of the issues identified in a report prepared by the consulting firm
- Complete a risk-based look-back of past money and securities movements reasonably designed to detect and cause the reporting of suspicious transactions.
In a statement on the enforcement action, Finra chief of enforcement Brad Bennett says, ‘It’s critical that firms have effective AML systems in place so that they can comply with their obligations to review and report suspicious transactions, including those involving trading in microcap securities or potentially suspicious money transfers.’