Most of the compliance world—particularly the Bank Secrecy Act/Anti-Money Laundering compliance folks—has heard about the $1 million civil money penalty assessed by FinCEN earlier this month against the former chief AML compliance officer of MoneyGram International.
FinCEN assessed the unusual penalty against the individual compliance officer for allegedly failing to administer an effective compliance program to identify and report illicit activity of MoneyGram agents.
Basics of the case
FinCEN maintains that Thomas Haider knowingly ignored signs of illegal activity, failed to implement effective controls to prevent the activity, and did not terminate agents who were involved in schemes to defraud customers.
Suspicious Activity Reports (SARs) were not filed on the suspicious activity or not filed in a timely manner, it is alleged. [Editor’s note: Links to key documents, including a statement for Haider from his law firm, appear at the end of this blog.]
The company was fined $100 million back in November 2012 for the same alleged fraud scheme complicity. Now, two years later, the chief compliance officer is also being blamed.
Impact on the compliance officer’s job
I’m wondering how this affects the position of the compliance officer in financial institutions in general.
Does it make one think twice about going into that field?
Does it encourage current compliance officers to move on?
Even before this wrinkle, I’ve heard from several compliance colleagues in the last couple of years that Dodd-Frank has caused them to redefine their careers in substantial ways. (One has been driven to open a winery!)
Does a precedent of imposing a large civil money penalty against an individual compliance officer for failing to ensure a satisfactory compliance program concern some or any compliance officers?
Compliance manager as risk manager
We know that there is risk in compliance. Compliance is all about managing risk.
Some compliance officers manage risk by analyzing the pros and cons of an issue. They present their analysis to management and sit back and let someone else make the final decision about what to do.
At the other end of the spectrum, some compliance officers have the ultimate authority to make the business decisions that have compliance implications.
Usually, it’s somewhere in between. The compliance officer has to work with senior management and provide information about the compliance risks as part of any business decision facing the institution.
There are so many factors at play, particularly the attitude and support of senior management and the board of directors of the institution. If you’re extremely fortunate, compliance is given a very high priority in your institution above most other priorities. However, it usually has to compete with profitability, customer service, shareholders price, loan growth, etc.
So, the compliance officer has to be a risk manager. Compliance risk cannot always be avoided. But, it also cannot be ignored.
Do you fit the new profile?
So, today, the compliance officer has to be strong, persuasive, knowledgeable, articulate, and persistent.
If financial goals overwhelm the compliance sense of the institution, the likely result will be the outcome of a MoneyGram situation.
Where do you and your bank fit into the spectrum?
Important links for further reading in this case