Commerzbank AG agreed to pay $1.45 billion for doing business with Iran and other sanctioned countries and its failure to have adequate money laundering controls, the DOJ and New York financial regulator said Thursday.
Prosecutors gave Commerzbank AG, based in Frankfurt, Germany, and its New York branch a three-year deferred prosecution agreement.
No individuals were charged.
The bank agreed with New York’s Department of Financial Services to fire five executives or allow them to resign, including the former head of compliance for the bank’s New York branch.
The sanctions offenses occurred from at least 2002 and 2008, the DOJ said. The bank covered up the violations by removing identifying information from incoming wire transfers.
The bank "concealed hundreds of millions of dollars in transactions prohibited by U.S. sanctions laws on behalf of Iranian and Sudanese businesses,” the DOJ's Leslie Caldwell said in a statement Thursday.
Commerzbank in Germany and New York didn't do adequate due diligence or obtain “know your customer” information for accounts at the bank's own foreign branches and affiliates, the DOJ said.
"These systemic deficiencies reflected a failure to maintain adequate policies, procedures and controls to ensure compliance with the Bank Secrecy Act and regulations prescribed thereunder and to guard against money laundering," the DOJ said.
Prosecutors also said Commerzbank failed to detect and report years of suspicious transactions involving Japan’s Olympus Corp.
Starting in 1999, Olympus used Commerzbank and its Singapore branch to commit loan and accounting fraud. The bank handled more than $1.65 billion in transfers that triggered red flags. The bank ignored the red flags and internal warnings.
A senior legal and compliance officer responsible for Commerzbank’s Singapore branch and affiliates wrote in 2000 that he was concerned about fraud, asset stripping, market manipulation, and tax offenses. He reported internally that “[i]f the [Olympus] structure and transactions can not [be] explained we must file Suspicious Transaction report as a matter of law and [Commerzbank] policy.”
In 2010, a compliance officer based in New York sent an email to the head of New York compliance (who had also spent time in Singapore) that the bank was essentially overwhelmed with alerts for suspicious transactions.
The following day, the head of compliance in New York forwarded the e‑mail to Commerzbank’s global head of compliance, adding that “things are not getting better with regards to th[ose] findings. . . . I will forward you the draft memo on potential revision of staffing needs.”
The global compliance chief put in place new procedures to increase the speed of responses to the alerts. But, the DOJ said, "problems persisted with the timely flow of information from business units outside the United States to compliance officers in New York."
When the former head of New York compliance was still in Singapore, a resigning compliance officer there told him that Singapore compliance was “a time bomb ready to go off.” But even after moving to New York to be the head of compliance there, he "failed to share any concerns with the New York compliance staff who would have been in a position to scrutinize the fraudulent transactions being processed through New York," the New York Department of Financial Services said.
The DFS said the former head of compliance in New York had played a "central role in the improper conduct" and as a result of the investigation had resigned from the bank.
The $1.45 billion in federal and state penalties included $563 million in forfeitures and fines to the DOJ for the BSA violations. The Treasury Department's Office of Foreign Assets Control fined the bank $258.6 million for the sanctions violations. And the New York DFS fined the bank $610 million.
* * *
The DOJ's March 11, 2015 criminal information (charging document) against Commerzbank AG and its New York branch is here (pdf).
The deferred prosecution agreement is here (pdf).
The consent order with the New York Department of Financial Services is here (pdf).
Richard L. Cassin is the publisher and editor of the FCPA Blog. He can be contacted here.