The former chief operational risk officer of U.S. Bank National Association has been hit with a $450,000 civil money penalty by Treasury’s financial crimes unit over his failure to prevent violations of the Bank Secrecy Act (BSA) during his tenure, the agency said Wednesday.
The Financial Crimes Enforcement Network (FinCEN), announcing what appears to be the first CMP order issued by that office in 2020, said Michael LaFontaine failed to act when warned by staff and by the bank’s federal regulator, the Office of the Comptroller of the Currency (OCC), that the bank’s automated transaction monitoring software used to flag potentially suspicious activity improperly capped the number of alerts generated, in turn limiting law enforcement’s ability to target criminal activity. Additionally, FinCEN said, the bank failed to staff the BSA compliance function with enough people to review “even the reduced number of alerts,” which FinCEN said enabled criminals to escape detection.
FinCEN said LaFontaine was advised by two subordinates that they believed the existing automated system was inadequate because caps were set to limit the number of alerts. The OCC warned U.S. Bank on several occasions that using numerical caps to limit the bank’s monitoring programs based on the size of its staff and available resources could result in a potential enforcement action, and FinCEN had taken previous public actions against banks for the same activity, it said.
LaFontaine held senior positions in the bank’s anti-money laundering (AML) hierarchy from January 2005 through his separation around June 2014, according to the order. The order states that U.S. Bank failed to establish and implement an adequate AML program and to report suspicious activity over the course of LaFontaine’s employment and continuing until May 2015.
The bank did not begin to address its deficient policies and procedures for monitoring transactions and generating alerts until June 2014, the order states, when questions from the OCC and reports from an internal complainant caused the bank’s chief risk officer to retain outside counsel to investigate the bank’s practices. “At that point, the Bank had maintained inappropriate alert caps for no less than five years,” FinCEN stated.
It added that in February 2018, FinCEN, in coordination with OCC and the U.S. Department of Justice, issued a $185 million CMP against U.S. Bank for, among other things, willfully violating the BSA’s requirements to implement and maintain an effective AML program and to file SARs in a timely manner.