On Thursday, March 8, 2018, the New York League of Independent Bankers (NYLIB) held its Winter 2018 Meeting. The evening featured a presentation by Thomas Lawler, a Senior Liaison Officer with the Financial Crimes Enforcement Network (FinCEN), as well as an update by Mr. Jeffrey Alberts, a partner at Pryor Cashman LLP and NYLIB’s Law Enforcement Liaison.

Enforcement Action Against U.S. Bank

Jeffrey Alberts

The evening began with Mr. Alberts giving a quick update concerning the recent enforcement action against U.S. Bank (the “Bank”).  On February 15, 2018, federal authorities, including FinCEN and the U.S. Department of Justice, filed charges against the Bank for allegedly neglecting its duties to monitor and report suspicious and potentially unlawful transactions.  The action alleges that the Bank set up its transaction monitoring software to provide only a certain number of alerts, based upon the number of people working in its compliance department.  Mr. Alberts explained that setting up a monitoring system as U.S. Bank did is not necessarily problematic, but that U.S. Bank was allegedly in further derogation of its BSA/AML duties.  For example, the action alleges that U.S. Bank conducted a look back to review its monitoring system’s work, but when it realized its system was not sufficiently flagging suspicious transactions, instead of fixing that system, the Bank simply halted the look back and attempted to keep negative information concerning the system from the regulators.

Mr. Alberts, discussed the difficulty that banks have in determining what an appropriate amount of alerts is, noting that no level of monitoring can catch every single suspicious transaction, but emphasizing that Banks cannot ignore signs that their suspicious activity monitoring system is deficient.

Thank you to Mr. Alberts for sharing this timely update and related analysis with NYLIB!

FinCEN BSA/AML Regulatory Perspective

Thomas Lawler

Mr. Lawler works with FinCEN’s Domestic Liaison Division and is based in Washington D.C.  The Liaison Division aims to better ensure industry compliance with the Bank Secrecy Act through supporting, overseeing, and working in partnership with the federal functional regulators, foreign financial intelligence units, and the state regulatory agencies that examine for BSA Compliance. Mr. Lawler’s duties include serving as the direct liaison to the Board of Governors of the Federal Reserve System, the FDIC, OCC, NCUA, and FFIEC.  Prior to joining FinCEN, Mr. Lawler spent over 20 years coordinating the Compliance, Risk Management, and Security divisions of two regional bank holding companies, as well as a state chartered credit union.

Mr. Lawler began by discussing the important work done by FinCEN.  He identified that FinCEN is in charge of administering the Bank Secrecy Act (“BSA”) and explained that it does so in large part by analyzing suspicious activity and other reports submitted by banks in order to identify trends and patterns in criminal activity and to uncover people and networks perpetrating those crimes.  Mr. Lawler explained that federal and state agencies across the United States utilize FinCEN’s data and analysis in order to assist them in prosecuting crimes in their jurisdictions.  For example, he noted that the FBI cites that approximately 30% of all the FBI’s drug and organized crime cases are initiated based on the information gained from financial institution reports filed with FinCEN.

Mr. Lawler next discussed FinCEN’s new beneficial ownership rules, which have a compliance date of May 11, 2018.  He stressed that financial institutions should give FinCEN comments concerning this and any other new regulations, explaining that if the agency does not receive comments, it generally assumes its regulations are “okay.” 

Mr. Lawler identified that the only truly “new” component of the regulation, was that, starting May 11, banks must request the identity of, and verify beneficial owners of new legal entity customer accounts.  However, he explained that institutions may rely on the information the entity provides them, and must simply request and receive the information unless the institution suspects that the information provided is not truthful.  Mr. Lawler then identified that FinCEN would soon be releasing FAQs addressing questions FinCEN had received about the new regulation

Mr. Lawler additionally discussed several FinCEN enforcement action case studies and provided those in attendance with detailed information concerning suspicious activity and other reporting from New York State financial institutions.

Q & A

At the conclusion of Mr. Lawler’s presentation, Mr. Lawler took numerous questions from those in attendance. For example:

• One attendee asked at what point FinCEN would join an investigation being conducted by another federal functional regulator. Mr. Lawler explained that when an institution is cited with a significant violation of the BSA, especially one involving allegations of a “systemic” or “willful” violation, then FinCEN will step in and collaborate with the federal functional regulator.

• Another attendee asked how FinCEN works with the functional regulators once it has joined an investigation. Mr. Lawler identified that FinCEN would be the lead AML regulator as it has more authority than the other regulators, but explained that—in the case of concurrent investigations—each regulator generally does their own, separate examination, and then the regulators discuss their findings and try to come to an agreement. Assuming the regulators come to an agreement, he noted, they would then give a joint presentation to the financial institution.

• In regards to the new beneficial ownership rules, another attendee asked Mr. Lawler whether, if a current legal entity customer of a financial institution opened a new account, the institution would need to again verify the identity of that customer. Mr. Lawler explained that, if the new account was opened within a certain time frame, the institution would likely either not have to re-verify, or would just need to check whether anything had changed, but noted that FinCEN was still in the process of codifying the answer to this question.

Thank you to Mr. Lawler for speaking with NYLIB!

On Wednesday, August 9, 2017, the New York League of Independent Bankers (NYLIB) held their Summer 2017 Meeting. The evening featured Michael Flynn, an Information Technology Examination Specialist in the FDIC’s Boston Area Office, who discussed the cybersecurity risks and challenges currently facing the banking industry. Mr. Flynn has been with the FDIC for 24 years and began as a Field Examiner in the former Holyoke, MA, Field Office. Over the past five years, he has focused primarily on supervising technology risks at large, complex, and problem banks and technology service providers.

Mr. Flynn’s presentation highlighted the increasing and inherent risk due to the banking industry’s ever-growing dependence on technology. Mr. Flynn identified specific technology, organization, human, and physical risks to financial institutions, and ways that institutions could minimize those risks, conceding that cybersecurity attacks were a “matter of when, not if.” He stressed that institutions were responsible not only for minimizing the possibility of such attacks, but for implementing a plan to deal with their aftermath. Mr. Flynn emphasized that the FDIC’s focus in examining institutions’ IT and cybersecurity would be on their preparedness and risk mitigation efforts.

Mr. Flynn took numerous questions from those in attendance both during and after his presentation. For example:

• One attendee asked how to deal with the possibility of cybersecurity attacks on third party vendors and core service providers. Mr. Flynn explained, in response, that financial institutions could outsource tasks but not the responsibility, and that they needed to provide sufficient oversight of third party vendors and the vendors’ systems.

• Another attendee asked whether New York State’s new cybersecurity regulations (Part 500) were more stringent than federal regulations and, therefore, whether banks could put off implementing more aggressive systems until a New York State examination year. Mr. Flynn stated that, just because the FDIC did not have regulations that paralleled Part 500, did not mean that the FDIC held banks to a lower level of cybersecurity. Instead, he explained that he believed cybersecurity issues could be tied back to safety and soundness and that the FDIC expected cybersecurity diligence equivalent to that required under Part 500. Mr. Flynn added that the Federal banking regulators continue to discuss and review issuing cybersecurity regulations, but that he did not know if, or when, these regulations would be passed.

Thank you to Mr. Flynn for coming to speak with the NYLIB community!

NYLIB held a Banking Conference on May 12, 2017 at the TKP New York Conference Center. The conference discussed important topics affecting community bankers in the tri-state area and featured multiple notable speakers including:

Judy Selby, Senior Advisor at Hanover Stone Partners and former National Lead of Cyber Insurance & Data Privacy at BDO Consulting. Ms. Selby has been hailed as “one of the premier voices in legal technology” by Legaltech News, and consults with clients on cyber insurance, cybersecurity, information governance, data privacy and complex insurance matters.  Ms. Selby presented on New York’s recently adopted cybersecurity regulation, Part 500, giving advice about how bankers might approach compliance with the rule, and manage risks related to the same.

Jeffrey Alberts, Partner and Co-Head of Pryor Cashman LLP’s Financial Institutions Group and former Assistant United States Attorney for the Southern District of New York. Mr. Alberts’ practice focuses on government investigations and related regulatory proceedings, asset-forfeiture litigation, victims’ rights representation, and complex civil and commercial litigation. 

Asaad Faquir, Director of Compliance at RSK Compliance Solutions. Mr. Faquir has a wide range of experience in regulatory compliance, business process improvement, and risk management in the banking and finance industry, and is an active compliance educator and trainer through a variety of outlets, including the RSKonnect Webinar Series, BankWebinars.com, and Atlantic Community Bankers Bank (ACBB) “Compliance Anchor.” 

Mr. Alberts and Mr. Faquir shared an in-depth look into New York’s recently adopted transaction monitoring and filtering regulation, Part 504, and set forth potential solutions for compliance with the regulation from both legal and compliance perspectives.

Thank you to BDO for sponsoring this event, as well as all those who spoke or were in attendance, for making NYLIB’s First Annual Conference a huge success!

On January 18, 2017, the New York League of Independent Bankers hosted its Winter meeting at Pryor Cashman’s office located at 7 Times Square.

Pinchus Raice, a NYLIB co-founder and board member, hosted the evening on behalf of Pryor Cashman LLP. Raice is a partner in the firm's Banking & Finance, Corporate, and Litigation Groups, as well as the co-leader of its Financial Institutions practice.

Guests enjoyed a cocktail hour, followed by dinner and a discussion led by Congresswoman Carolyn B. Maloney (NY-12). Maloney discussed issues concerning the banking industry, including Dodd-Frank and other federal regulatory matters, as well as the outlook under the new administration. Guests were eligible for 1 CPE Finance credit.

On September 14, 2016, the New York League of Independent Bankers hosted its Fall meeting at Pryor Cashman’s office located at 7 Times Square.

Pinchus Raice, a NYLIB co-founder and board member, hosted the evening on behalf of Pryor Cashman LLP. Raice is a partner in the firm's Banking & Finance, Corporate, and Litigation Groups, as well as the co-leader of its Financial Institutions practice.

Guests enjoyed a cocktail hour, followed by dinner and a discussion led by Yolanda Ford, Deputy Superintendent of Banks at the New York Department of Financial Services Community & Regional Banks Unit. Ford's presentation highlighted relevant issues and evolving expectations from NYDFS on BSA, regulatory compliance, and safety and soundness for financial institutions.

On June 9, 2016, the New York League of Independent Bankers hosted its Summer meeting at Pryor Cashman’s office located at 7 Times Square.

Pinchus Raice, a NYLIB co-founder and board member, and Jeffrey Alberts hosted the evening on behalf of Pryor Cashman LLP. Raice is a partner in the firm's Banking & Finance, Corporate, and Litigation Groups, as well as the co-leader of its Financial Institutions practice. Alberts, partner and head of the firm’s White Collar Defense and Investigations practice, moderated a Q&A session.

Guests enjoyed a cocktail hour, followed by dinner and an enlightening presentation by ‎John P. Conneely, Deputy Regional Director at Federal Deposit Insurance Corporation.