A LESSON IN COMPLIANCE
Home > Case Studies
Our client is a British banking and financial services company headquartered in London. It has its primary retail, corporate and investment operations in the UK and the US along with a presence in over 40 other countries and territories worldwide.
The client received a Cease & Desist Order (CDO) from the US regulators, which required our client to improve their compliance programme with US economic sanctions requirements on a global basis.
Our client needed to perform an internal review of its conduct with respect to USD payments made over nearly 10 years. This involved identifying countries, persons and entities subject to US economic sanctions and then report any breaches to the US Authorities including the US Department of Justice (DoJ) and the Office of Foreign Assets Control (OFAC).
Like many of its peers, our client was accused of stripping vital information out of payment messages that would have alerted US financial institutions about the true origins of the funds. Whilst our client screened customers and payments for sanctions, these controls were not globally consistent nor had they been in place from the outset of sanctions. Our client needed to understand the extent of its exposure.
This was a large-scale look-back programme which lasted several years and involved internal and external counsel, sanctions and compliance teams, payment teams, IT and internal audit. The complexity of the programme was increased due to the sheer volume of accounts and payments to analyse, much of which had already been archived in several data warehouses.
We played a critical role in this multi-disciplinary programme. This included:
Working closely with internal and external counsel, compliance teams and other external consultants.
Extracting complete and comprehensive payment information from archives and data warehouses.
Conducting deep forensic reviews and establish definitively if a payment was ultimately paid by scrutinising the individual legs of a payment.
Designing a controlled process with inherent completeness and accuracy checks.
Identifying transactions, reviewing material and assembling coherent narratives as to why, where, when and how a payment was made.
Considering if the customers had made similar payments which had been disguised or stripped.
Designing, building and operating Voluntary Self Disclosure processes for investigating and reporting of breaches to regulators.
At the conclusion of the look-back review our client was able to agree a Deferred Prosecution Agreement with the US Authorities. With our assistance, our client had confidence to accurately report sanctions violations supported by comprehensive reporting packs.
Our client was also able to take significant steps to enhance further its compliance programmes, including the further development and implementation of a global sanctions policy which included a prohibition of transactions with entities on the UN, EU, UK and US sanctions lists. Substantial investment was made in market-leading payment and customer screening technology as part of an improvement in overall sanctions governance.
After the look-back project we continued to provide assistance in the remediation programme.