TD Bank Insider Bribery Case Exposes Persistent AML Control Failure

A former TD Bank employee has pleaded guilty to accepting bribes and facilitating the laundering of more than 5.5 million dollars to Colombia, in a case that starkly illustrates the continuing vulnerability of banks to insider-enabled financial crime.

On 30 January 2026, the US Department of Justice announced that Leonardo Ayala, a 25-year-old from Homestead, Florida, admitted to exploiting his role at TD Bank to support a cross-border money laundering scheme linked to drug trafficking proceeds. Between June and November 2023, Ayala abused his system access to open fraudulent accounts, issue more than 150 debit cards to shell companies, and repeatedly unblock cards that had been restricted by the bank due to suspicious activity.

Those accounts and cards were subsequently used to conduct more than 12,000 ATM withdrawals in Colombia, moving approximately 5.5 million dollars out of the United States. In return for his assistance, Ayala received over 6,000 dollars in bribes, paid both in cash and via a peer-to-peer digital payment platform. While the bribe amounts were relatively modest, the scale of the laundering activity they enabled was significant.

Ayala pleaded guilty to conspiracy to launder monetary instruments and to receiving bribes as a bank employee. The money laundering conspiracy offence carries a maximum sentence of 20 years in prison, while the bribery offence carries a potential sentence of up to 30 years. Sentencing is scheduled for 11 June 2026, with the final outcome to be determined by a federal judge in line with the US Sentencing Guidelines.

The investigation was led by the Drug Enforcement Administration, Internal Revenue Service Criminal Investigation and the Federal Deposit Insurance Corporation Office of Inspector General, with support from local law enforcement. The prosecution is being handled by the Department of Justice’s Criminal Division and the US Attorney’s Office for the District of New Jersey.

From a compliance perspective, the case reinforces several uncomfortable truths for financial institutions. Insider threat remains a critical risk, particularly where frontline or junior staff retain the ability to override controls, unblock restricted instruments or create accounts without robust secondary approval. The use of debit cards and cash withdrawals to move funds offshore also highlights the continued attractiveness of relatively low-tech laundering methods, even as institutions invest heavily in advanced transaction monitoring.

Regulators on both sides of the Atlantic have repeatedly warned that culture, access controls and post-implementation oversight are as important as the design of AML systems themselves. This case demonstrates how quickly those controls can be undermined when employee activity monitoring, segregation of duties and escalation governance fail to operate as intended.

For banks, the message is clear. Preventing sophisticated external threats is only part of the challenge. Persistent focus on internal controls, staff behaviour monitoring and effective response to red flags remains essential to protecting the integrity of the financial system.

Read the press release here.