Federal Deposit
Insurance Corporation

   [¶12,221] In the Matter of Hudson United Bank, Mahwah, New Jersey, Docket No. 04-134b (5-28-04).

   A cease and desist order was issued, based on findings by the FDIC that it had reason to believe that respondent was engaged in unsafe and unsound practices. (This order was terminated by order of the FDIC dated 9-9-05; see ¶16,436.)

   [.1] Compliance Program—Written Compliance Plan Required

   [.2] Board of Directors—Written BSA Plan Required

   [.3] Compliance Program—Retain Qualified Personnel

   [.4] Suspicious Activity Report—Filing of Required

   [.5] Bank Secrecy Act—Compliance Program—Employee Training

   [.6] Audit—Review of Policies Required

   [.7] Bank Secrecy Act—Compliance

   [.8] Audit—Audit Committee—Establish

   [.9] Bank Secrecy Act—Consumer Identification Program

   [.10] Suspicious Activity Report—Policy Required

   [.11] Consumer Due Diligence Program—Minimum Requirements

   [.12] Bank Secrecy Act—Review of High Risk Accounts Required

   [.13] Shareholders—Disclosure of Cease and Desist Order Required

In the Matter of
HUDSON UNITED BANK
MAHWAH, NEW JERSEY
(Insured State Nonmember Bank)
ORDER TO CEASE AND DESIST

FDIC-04-134b

   Hudson United Bank, Mahwah, New Jersey ("Insured Institution"), having been advised of its right to a Notice of Charges and of Hearing detailing the unsafe or unsound banking practices and violations of law and/or regulations alleged to have been committed by the Insured Institution and of its right to a hearing on the alleged charges under section 8(b)(1) of the Federal Deposit Insurance Act ("Act"), 12 U.S.C. §1818(b)(1), and having waived those rights, entered into a STIPULATION AND CONSENT TO THE ISSUANCE OF AN ORDER TO CEASE AND DESIST ("CONSENT AGREEMENT") with counsel for the Federal Deposit Insurance Corporation ("FDIC"), dated May 28, 2004, whereby solely for the purpose of this proceeding and without admitting or denying the alleged charges of unsafe or unsound banking practices and violations of law and/or regulations, the Insured Institution consented to the issuance of an ORDER TO CEASE AND DESIST ("ORDER") by the FDIC.

   The FDIC considered the matter and determined that it had reason to believe that the Insured Institution had engaged in unsafe or unsound banking practices and had committed violations of law and/or regulations. The FDIC, therefore, accepted the CONSENT AGREEMENT and issued the following:

   IT IS HEREBY ORDERED that the Insured Institution, its directors, officers, employees, agents, and other institution-affiliated parties (as that term is defined in Section 3(u) of the Act, 12 U.S.C. §1813(u)), and its successors and assigns cease and desist from the following unsafe or unsound banking practices and violations:

   (a) Operating without effective Board of Directors and management supervision to prevent unsafe or unsound practices and violations of the Bank Secrecy Act, 31 U.S.C. §§ 5311-5330, 31 C.F.R. Part 103 (hereinafter "BSA"), section 326.8 and Part 353 of the FDIC's Rules and Regulations;

   (b) Operating with inadequate internal BSA routines and controls, including, but not limited to inadequate audit procedures;

   IT IS FURTHER ORDERED that the Insured Institution, its institution-affiliated parties,
{{7-31-04 p.C-6152}

   and its successors and assigns, take affirmative action as follows:

   [.1] 1. By or before June 30, 2004, the Insured Institution shall complete:

   (a) an internal assessment by the BSA Officer or designee of the Insured Institution's compliance with the policies and procedures reviewed in connection with subparagraphs (viii)-(xiii) of this paragraph; and

   (b) a comprehensive written review ("Review") conducted by an independent third party or parties of the Anti-Money Laundering/Bank Secrecy Act (BSA-AML) Program for the Insured Institution, its departments, business lines, and operating subsidiaries. At a minimum, the Review shall include:

   (i) The customer identification program and account opening procedures;

   (ii) The appropriateness of the Insured Institution's criteria for identifying activity as suspicious;

   (iii) The identification and reporting of cash transactions;

   (iv) The appropriateness of the Insured Institution's criteria for designating an account as high risk;

   (v) An assessment of the effectiveness of communications between the Insured Institution's BSA-AML Program staff and the Insured Institution's business areas, operating subsidiaries and retail branches, with respect to BSA-AML policies, procedures and requirements;

   (vi) An assessment of the adequacy of the Insured Institution's staffing for the BSA-AML Program, including an evaluation of the capability of the BSA Officer and the BSA Officer's supporting staff to monitor and ensure compliance with BSA laws and regulations;

   (vii) An assessment of the adequacy of the Insured Institution's BSA-AML training program for employees, including, but not limited to, the content and frequency of such training;

   (viii) The Insured Institution's policies and procedures with respect to high-risk accounts and customers, including the adequacy of methods for identifying and conducting due diligence on high-risk accounts and customers at account opening and thereafter, and for monitoring high-risk client relationships on a transaction basis as well as by account and customer;

   (ix) The Insured Institution's policies, procedures and systems for identifying, evaluating, monitoring, investigating and reporting suspicious activity, particularly including transactions involving high-risk customers or accounts, and/or high-risk jurisdictions;

   (x) The Insured Institution's policies and procedures with respect to wire transfer recordkeeping requirements and Travel Rule requirements;

   (xi) The Insured Institution's policies and procedures for transactions involving non-customers, including, but not limited to, wire transfer services, traveler's check services, and foreign exchange services;

   (xii) The Insured Institution's policies and procedures for conducting due diligence to assess the risk of money laundering or suspicious activity posed by new or proposed products and services;

   (xiii) The Insured Institution's policies and procedures for conducting due diligence to assess the risk of money laundering or suspicious activity posed by potential acquisitions, mergers or liquidation purchases;

   (xiv) Written recommendations ("Review Recommendations") to ensure the implementation and effectiveness of the Insured Institution's BSA-AML Program and to ensure compliance in all material respects with BSA, Part 353 and section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. Part 353, §326.8.

   [.2] 2. Within 15 days of completion of the Review, the Board of Directors shall adopt a written plan ("BSA Plan") to comply in all material respects with the BSA, Part 353 and section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. Part 353, §326.8. The BSA Plan shall include, at a minimum, (i) the Review Recommendations and (ii) paragraphs 5 through 14 of this ORDER. Thereafter, the Insured Institution shall comply in all material respects with the BSA Plan.

   (a) The Board of Directors shall provide a copy of the Review and the BSA Plan to the Regional Director and Commissioner of the New Jersey Department of Banking and Insurance ("Commissioner") promptly upon adoption of the BSA Plan. If the Board failed to adopt any of the Review Recommendations, it shall provide to the Regional Director and Commissioner a

   comprehensive explanation of its rationale for failing to do so.

   (b) By or before June 30, 2004, the Board of Directors shall establish a committee of the Board that is charged with the responsibility of ensuring compliance with the provisions of this ORDER and the BSA Plan. At least two-thirds of the members of such committee shall be independent, outside directors. The committee shall report monthly to the entire Board of Directors, and a copy of the report and any discussion relating to the report, the ORDER or the BSA Plan shall be included in the minutes of the Board of Directors. Nothing contained herein shall diminish the responsibility of the entire Board of Directors to ensure compliance with the provisions of this ORDER and the BSA Plan.

   (c) On September 1, 2004, and on the first day of every calendar quarter thereafter, the Insured Institution shall furnish written progress reports to the Regional Director and Commissioner detailing the form and manner of any actions taken to secure compliance with this ORDER and the BSA plan and the results thereof. Such reports may be discontinued when the actions required by this ORDER and the BSA Plan have occurred and the Regional Director and Commissioner have released the Insured Institution in writing from making further reports.

   [.3] 3. The Insured Institution shall designate a qualified individual or individuals responsible for coordinating and monitoring day-to-day compliance with the BSA (BSA Officer) pursuant to section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. §326.8. Such individual shall: (i) have sufficient executive authority to monitor and ensure compliance with BSA and section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. §326.8; (ii) be responsible for determining the adequacy of BSA-AML staffing and for supervising such staff in complying with BSA laws and regulations; (iii) report directly to the Insured Institution's Board of Directors, the committee established pursuant to paragraph 2(b) of this ORDER, or Chief Executive Officer; (iv) report to the Insured Institution's Audit Committee on a regular basis, not less than quarterly, with respect to BSA-AML matters; and (v) be responsible for assuring the proper filing of Currency Transaction Reports, Reports of International Transportation of Currency or Monetary Instruments, and Suspicious Activity Reports relating to BSA.

   [.4] 4. No later than June 1, 2004, the Insured Institution shall complete its filing of Suspicious Activity Reports related to its former customers of the now closed international banking business at 90 Broad Street, New York, NY.

   [.5] 5. The Insured Institution shall provide training for appropriate personnel pursuant to section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. §326.8. This training shall ensure that all appropriate personnel are aware of, and can comply with, the requirements of the BSA including the currency and monetary instruments reporting requirements and the reporting requirements associated with Suspicious Activity Reports.

   [.6] 6. On or before August 15, 2004, the Insured Institution shall ensure that its audit policies, procedures, and practices, both with regard to internal audits and with regard to external audits, so that the Insured Institution periodically reviews its compliance with the BSA, Part 353 and section 326.8 of the FDIC's Rules and Regulations as part of the Insured Institution's routine auditing. As long as this ORDER shall remain in effect, the Insured Institution's internal and external audits shall include review of these areas, with significant exceptions reported directly to the Insured Institution's Audit Committee and the Board of Directors.

   [.7] 7. On the date set forth in the BSA Plan and as acceptable to the Regional Director and Commissioner, the Insured Institution shall develop, adopt and implement an enhanced system of internal routine and controls to ensure compliance with the BSA, including, but not limited to, the monitoring of high-risk and suspicious activities for all types of accounts, customers products, services, and geographic areas. At a minimum, such internal routine and controls shall include:

   (a) reviews of cash purchases of monetary instruments;

   (b) periodic analysis of aggregate cash, monetary instrument, and wire activity;

   (c) periodic analysis of Currency Transaction Report filings;

   (d) automatic reviews of accounts or customers for which the Insured Institution

   has received criminal subpoenas that may involve the BSA;

   (e) reviews of high risk accounts;

   (f) reviews of areas identified as high risk for money laundering and terrorist financing;

   (g) reviews of high risk transactions;

   (h) submission of Suspicious Activity Reports based on these reviews and analyses;

   (i) establishment of meaningful thresholds for filtering accounts and customers for further monitoring, review and analyses; and

   (j) periodic testing and monitoring of such thresholds for their appropriateness to the Insured Institutions' customer base, products, services and geographic area.

   8. The BSA Plan shall provide for independent testing for compliance with BSA and Part 353 of the FDIC's Rules and Regulations to be conducted on an annual basis in compliance with the procedures described in the FDIC's "Guidelines for Monitoring Bank Secrecy Act Compliance." The testing, at a minimum, should include the following:

   (a) A test of the Insured Institution's internal procedures for monitoring BSA;

   (b) A sampling of large currency transactions followed by a review of the Currency Transaction Reports filings;

   (c) A test of the validity and reasonableness of the customer exemptions granted by the Insured Institution;

   (d) A test of the Insured Institution's recordkeeping system for compliance with the BSA; and

   (e) Documentation of the scope of the testing procedures performed and the findings of the testing. Written reports should be prepared which document the testing results and provide recommendations for improvement and shall be presented to the Insured Institution's Board of Directors.

   9. Within 90 days of the implementation of the BSA Plan, an independent third party or parties shall conduct an assessment of the Insured Institution's compliance with the policies and procedures in paragraph 1(h)-(1) of this Order.

   [.8] 10. The Insured Institution shall provide periodic reports to the Audit Committee of the Board of Directors setting forth any law enforcement inquiry that relates in any way to any topic covered by the BSA Plan and any criminal subpoena received by the Insured Institution and any action taken on the affected account.

   [.9] 11. The BSA Plan shall require the Insured Institution to adopt and implement, and thereafter maintain a Customer Identification Program ("CIP") that meets the requirements of 31 C.F.R. §103.121. The requirements of this paragraph shall be completed by the date set forth in the BSA Plan, provided that such date is acceptable to the Regional Director and Commissioner.

   [.10] 12. On the date set forth in the BSA Plan and as acceptable to the Regional Director and Commissioner, the Insured Institution shall adopt and implement, and thereafter maintain appropriate procedures and/or systems for each subsidiary and business area of the Insured Institution to produce periodic reports designed to identify unusual or suspicious activity, to monitor and evaluate unusual or suspicious activity, and to maintain accurate information needed to produce these reports, with the following features:

   (a) The Insured Institution's procedures and/or systems should be able to identify related accounts, countries of origin, location of the customer's businesses and residences to evaluate patterns of activity;

   (b) The periodic reports should cover one day, a number of days, and monthly reports, and should segregate transactions that pose a greater than normal risk for compliance with the BSA;

   (c) The periodic reports should include reports deemed necessary or appropriate by the BSA Officer or the Insured Institution.

   [.11] 13. On the date set forth in the BSA Plan and as acceptable to the Regional Director and Commission, the Insured Institution shall adopt and implement and thereafter maintain enhanced due diligence procedures for all high risk accounts that are newly-established, renewed or modified, including maintaining the following information:

   (i) the name of the customer(s);

   (ii) as applicable by BSA, the officers, directors and major shareholders of any corporate customer and the partners of any partnership customer;

   (iii) any other accounts maintained by the customer(s) and, as applicable by BSA,

   its officers, directors, major shareholders or partners;

   (iv) as applicable by BSA, a detailed analysis of the due diligence performed on the customer(s) and, as applicable, its officers, directors, major shareholders or partners;

   (v) any related accounts of the customer at the Insured Institution;

   (vi) any action taken on the account; and the purpose, balance and any unusual activity for each account.

   [.12] 14. The BSA Plan shall require that all account officers shall periodically review, not less than each calendar year, all account documentation for all high risk accounts managed by or originated through the account officer and all other related accounts of those customers at the Insured Institution to determine whether the account activity is consistent with the customer's business and the stated purpose of the account. This paragraph shall apply only to accounts, as determined by the Insured Institution, that pose greater than normal risks for compliance with the BSA.

   [.13] 15. Following the effective date of this ORDER, the Insured Institution shall send to its shareholders or otherwise furnish a description of this ORDER (i) in conjunction with the Insured Institution's next shareholder communication, and also (ii) in conjunction with its notice or proxy statement preceding the Insured Institution's next shareholder meeting. The description shall fully describe the ORDER in all material respects. The description and any accompanying communication, statement, or notice shall be sent to the FDIC, Division of Supervision, Registration, Disclosure & Securities Unit, 550 17th Street, N.W., Room F-6043, Washington, D.C. 20429 for review at least 20 days prior to dissemination to shareholders. Any changes requested to be made by the FDIC shall be made prior to dissemination of the description, communication, notice or statement.

   The provisions of this ORDER shall be binding upon the Insured Institution, its directors, officers, employees, agents, successors, assigns, and other institution-affiliated parties of the Insured Institution.

   The ORDER shall be effective upon issuance.

   The provisions of this ORDER shall remain effective and enforceable except to the extent that, and until such time as, any provisions of this ORDER shall have been modified, terminated, suspended, or set aside by the FDIC.

   Pursuant to delegated authority.

   Dated: May 28, 2004.