New York Law Adds Teeth to Federal AML Oversight
A rule implemented by the New York State Department of Financial Services that took effect on Jan. 1 will add teeth to federal statutes requiring financial institutions to validate their anti-money laundering compliance programs. The state law covers certain financial institutions registered or doing business in New York, and requires not only that they certify their AML transactions monitoring and screening programs, but that the chief financial officer sign a document stating the programs comply with all federal statutes, said Joe Cataldo, head of AML and model management at Sionic Advisors, a firm offering consulting and technology services for financial institutions.
A false filing could lead to a financial and criminal penalty on the institution–and on the certifying officer, said Mr. Cataldo. “That’s putting a lot of teeth into the existing set of regulations. If I am certifying in blood and putting my name on a document, and I now have personal liability, I am going to be much more cautious and make sure it is doing what I expect it to do,” he said. Undertaking such validation reviews is important as there may be changes to the business such as new acquisitions, changes to the suppliers and partners that may be submitting data, and changes to regulations, said Mr. Cataldo. “Is it really still doing what you expect it to be doing? That is the whole process of validating,” he said. “Many banks have not been taking that seriously, and this law gives it a real impetus now. Banks will go in and validate these models.”
For those institutions looking to adhere to the law’s reporting date of April 2018, that means defining and documenting the roles and responsibilities for who is responsible for doing what, maintaining risk-based evidence for all decisions that are made, making sure that models are mapped to the actual risks the bank faces, and that there is an understanding of where gaps are, said Mr. Cataldo. Most of the issues here involve making sure systems have the proper data. “There are a lot of problems at the basic blocking and tackling level, connecting data pipes to systems,” he said. “That’s something big banks really struggle with.” Another issue is whether to self-disclose any gaps or problems before April 2018 and whether to do so even if there is no remediation plan in place. “The best practice is to get it out, but typically banks don’t feel like getting things out until their ducks are in a row and they can say ‘We have a problem, here’s what we are doing to remedy it and when,’” said Mr. Cataldo. “The hesitation comes if they have to say ‘I have a problem’ and not have their ducks in a row.”
EXCLUSIVE ON RISK AND COMPLIANCE JOURNAL
How to improve cybersecurity. Paul Ferrillo, counsel in Weil Gotshal & Manges’ litigation department and member of the firm’s data privacy and information management practice, speaks about the biggest cybersecurity errors companies make and what they can to do improve. Mr. Ferrillo is the co-author of a new book, “Take Back Control of Your Cybersecurity Now.”
Wells branches warned of inspections. As Wells Fargo & Co.’s sales-tactics scandal unfolded, investors, regulators and politicians asked how improper practices could have persisted for so long. One possible reason: bank branches were given a heads up before Wells Fargo’s internal monitors landed for inspections, the WSJ reports. Managers and employees at the bank’s roughly 6,000 branches across the U.S. typically had at least 24 hours’ warning about annual reviews conducted by risk employees, current and former Wells Fargo employees and executives said. That gave many employees time to cover up improper practices, such as opening accounts or signing customers up for products without their knowledge. A Wells Fargo spokeswoman said the bank has boosted oversight, monitoring and accountability so unethical practices don’t happen again.
Cordray pursues agenda despite Trump. On the first full business day of the Trump administration, Richard Cordray, the head of the Consumer Financial Protection Bureau, made his presence known by alleging that Citigroup’s mortgage-servicing units mistreated struggling borrowers. Monday’s settlement with Citigroup—the bureau’s 15th enforcement action in the past two months—underscores Mr. Cordray’s intention to keep pursuing a busy regulatory agenda, unfazed by the intensifying heat from the Republican administration to rein in his agency and remove him from its helm, the WSJ reports.
Philips in talks over defibrilators. Royal NV Philips said Tuesday it is in talks with the U.S. Department of Justice following inspections of its defibrillator business by the Food and Drug Administration before and during 2015, the WSJ reports. The outcome of the talks could have a “meaningful impact on the operations of this business” and hurt group earnings this year, it said. The FDA in 2013 warned that thousands of defibrillators made by Philips may not deliver the needed shock during medical emergencies due to an electrical component failure that could mistakenly indicate that the device was ready to be used.
BT warns on accounting scandal. BT Group PLC said a bigger-than-expected £530 million ($661 million) write-down related to an accounting scandal at its Italian business will weigh down on earnings for the next two years, the WSJ reports. Shares in the British telecom operator, whose management originally expected to take a charge of £145 million, fell sharply in early trading, dropping more than 14%. Since the announcement of an internal investigation into the Italian business last October, including an independent review by auditing firm KPMG LLP, BT said it has found that “the extent and complexity of inappropriate behavior in the Italian business were far grater than previously identified.” The activity involved improper sales, purchase, factoring, and leasing transactions. They led BT to overstate its Italian profit over “a number of years.”
VW dealer settlement approved. Reuters reports a U.S. judge signed off on a settlement between Volkswagen and its dealers in which the car company will pay $1.2 billion over its diesel emissions scandal.
Trump names free-marketeer to FCC. President Donald Trump named Ajit Pai, a GOP member of the Federal Communications Commission, to be the agency’s chairman, the WSJ reports. The designation of Mr. Pai, a sitting commissioner, allows the new administration to hit the ground running in the telecommunications area, a huge and dynamic part of the economy. Mr. Pai brings a staunchly free-market approach that generally appears to jibe with Mr. Trump and his economic advisers.
Survey shows cyber skills shortage. U.S. companies, girding for an expected clampdown by the Trump Administration on hiring foreign IT workers, are facing fierce competition for cybersecurity professionals at home, according to a report by job-search site Indeed.com, the WSJ’s CIO Journal reports. Jobseekers nationwide responded to just 66.7% of all cybersecurity jobs posted on the site between July and September last year, suggesting demand outweighs supply, the report said. That’s up from 60% over the same period in 2014, but below a 68.7% rate for similar job postings in Canada.
U.K. hospitals targeted by ransomware. The Daily Mail reports three North Lincolnshire hospitals were recently hit with ransomware, resulting in canceled operations, as hackers encrypted files and demanded money to release the data.
Hackers hit library system. CNN Money reports hackers have infected every public computer in the St. Louis Public Library system, halting book borrowing, as they demand a ransom, which the library system has refused to pay.
Avis adopts poison pill. Avis Budget Group took an unusual step Monday to block its biggest shareholder from potentially increasing its sway over the company, a year after giving the investor a board seat, the WSJ reports. The rental-car company put in place a “poison pill” aimed at blocking hedge fund SRS Investment Management LLC from acquiring more than 10% voting power. SRS currently owns 9.7% of the common stock and has another 18.8% in economic interest that doesn’t have voting power. Avis’s move prevents SRS from converting its derivatives into common stock, which would increase its voting power to nearly 30%.
Trump could make some visa changes directly. During his campaign, President Donald Trump assailed the H-1B visa program used to allow foreigners with skills to work in the U.S. The WSJ reports a significant shakeup would likely need to be approved by Congress, though there are some steps Mr. Trump could take himself immediately.
[Copyright by BEN DIPIETRO]