Home > Regulation & Examinations > Bank Examinations > FDIC Enforcement Decisions and Orders
FDIC Enforcement Decisions and Orders
A cease and desist order was issued, based on findings by the FDIC that it had reason to believe that respondent was engaged in unsafe and unsound practices.
[.1] ManagementReport Required
[.2] Bank Secrecy ActWritten Policy Required
[.3] Board of DirectorsWritten BSA Plan Required
[.4] Bank Secrecy ActCompliance ProgramMinimum Requirements
[.5] Bank Secrecy ActCompliance Officer Required
[.6] Bank Secrecy ActSystem of Internal Controls
[.7] Bank Secrecy ActAnnual Account Review
[.8] Bank Secrecy ActCompliance ProgramIndependent Testing Required
[.9] Bank Secrecy ActCompliance ProgramEmployee Training
[.10] Bank Secrecy ActComplianceAudit
[.11] Bank Secrecy ActPeriodic Reports Required
[.12] Bank Secrecy ActThird Party Review
[.13] Bank Secrecy ActUpdate Based on Review Required
[.14] Bank Secrecy ActThird Party Look Back Review
[.15] Bank RecordsReview of Accounts Involving Foreign Money Transmitters
[.16] ShareholdersDisclosure of Cease and Desist Order Required
[.17] Compliance CommitteeEstablishment of Required
[.18] Progress ReportWritten Report Required
[.19] Reconciliation of Books and RecordsExamination Required
In the Matter of
Israel Discount Bank of New York, New York ("Insured
Institution"), having been advised of its right to a Notice of
and of Hearing detailing the unsafe or unsound banking practices and violations of law and/or regulations alleged to have been committed by the Insured Institution and of its right to a hearing on the alleged charges under section 8(b)(1) of the Federal Deposit Insurance Act ("Act"), 12 U.S.C. §1818(b)(1), and having waived those rights, entered into a STIPULATION AND CONSENT TO THE ISSUANCE OF AN ORDER TO CEASE AND DESIST ("CONSENT AGREEMENT") with counsel for the Federal Deposit Insurance Corporation ("FDIC"), dated December 15, 2005, whereby solely for the purpose of this proceeding and without admitting or denying the alleged charges of unsafe or unsound banking practices and violations of law and/or regulations, the Insured Institution consented to the issuance of an ORDER TO CEASE AND DESIST ("ORDER") by the FDIC.
The FDIC considered the matter and determined that it had reason to believe that the Insured Institution had engaged in unsafe or unsound banking practices and had committed violations of law and/or regulations. The FDIC, therefore, accepted the CONSENT AGREEMENT and issued the following:
ORDER TO CEASE AND DESIST
IT IS HEREBY ORDERED that the Insured Institution, its directors, officers, employees, agents, subsidiaries, and other institution-affiliated parties (as that term is defined in section 3(u) of the Act, 12 U.S.C. §1813(u)), and its successors and assigns cease and desist from the following unsafe or unsound banking practices and violations:
(a) Operating without effective management supervision and board of directors ("Board") oversight to prevent unsafe or unsound practices and violations of the Bank Secrecy Act ("BSA"), 31 U.S.C. §§53115330, the Department of Treasury Rules and Regulations ("Treasury Rules and Regulations), 31 C.F.R. Part 103, Federal Deposit Insurance Corporation Rules and Regulations ("FDIC Rules and Regulations"), 12 C.F.R. Section 326.8 and Part 353 (collectively "BSA Rules"), and 3 N.Y.C.R.R. Part 300.
(b) Operating in violation of the USA PATRIOT ACT ("PATRIOT Act"), 31 U.S.C. §5318(i)(1), and Treasury Rules and Regulations, section 103.181, for failure to adopt appropriate policies and procedures for identifying and monitoring high-risk correspondent accounts and failure to detect and report instances of potential money laundering including for accounts of its subsidiary correspondent bank, Discount Bank Latin America.
(c) Operating in violation of FDIC Rules and Regulations, sections 353.3(a)(4)(i) and (iii), Treasury Rules and Regulations, section 103.18, 31 U.S.C. section 5318(g), and 3 N.Y.C.R.R. Part 300, for failure to file Suspicious Activity Reports ("SARs").
(d) Operating in violation of New York Banking Law ("NYBL"), Art. XIII-D, Section 672(1).
IT IS FURTHER ORDERED that the Insured Institution, its institution-affiliated parties, and its successors and assigns, shall take affirmative action as follows:
REVIEW OF MANAGEMENT ACTIONS WRITTEN REPORTS TO REGULATORS
[.1] 1. The Board of the Insured Institution shall:
(a) within 60 days from the effective date of this ORDER, contract for an independent third party review of the actions taken or not taken by senior management personnel in response to prior criticism by regulators of the Insured Institution's BSA compliance deficiencies, including criticism contained in examination reports issued since 2001, and to inquiries communicated to the Insured Institution by law enforcement suggesting deficiencies in such compliance. Based upon conclusions drawn from such review, the Board shall determine whether disciplinary action should be taken against responsible officers or employees; and
(b) within 180 days from the effective date of this ORDER, submit to the FDIC New York Regional Director ("Regional Director") and the Superintendent of the New York State Banking Department ("Superintendent") a written report detailing (i) the scope of its review, (ii) the measures undertaken to perform such review, and (iii) its factual findings and the conclusions drawn, including a description of actions to be taken, if any.
BSA PLAN IN RESPONSE TO EXAMINATION FINDINGS
shall establish and submit to the Regional Director and the Superintendent an acceptable written Bank Secrecy Act Plan ("BSA Plan") designed to ensure compliance with the BSA as defined above, and to address the BSA program deficiencies contained in the New York State Banking Department Report of Examination that commenced February 22, 2005.
[.3] 3. The Board shall provide a copy of the BSA Plan to the Regional Director and the Superintendent promptly upon adoption of the BSA Plan, for their review and non-objection.
[.4] 4. The BSA Plan shall, at a minimum, include the requirements set out in section 326.8(c) of the FDIC Rules and Regulations, 12 C.F.R. §326.8(c), and shall comply with the specific requirements described in paragraphs 5 through 9 of this ORDER.
DESIGNATION OF A BSA OFFICER
[.5] 5. The BSA Plan shall provide for the designation of a qualified individual or individuals ("BSA Officer") responsible for coordinating and monitoring day-to-day compliance with the BSA pursuant to FDIC's Rules and Regulations section 326.8. The BSA Officer shall: (i) have sufficient executive authority to monitor and ensure compliance with BSA and FDIC Rules and Regulations, section 326.8; (ii) be responsible for determining the adequacy of Bank Secrecy Act-Anti-Money Laundering ("BSA-AML") staffing and for supervising such staff in complying with BSA laws and regulations; (iii) report directly to the Insured Institution's Board, the committee established pursuant to paragraph 17 of this ORDER, or Chief Executive Officer; (iv) report to the Insured Institution's Audit Committee on a regular basis, not less than quarterly, with respect to BSA-AML matters; and (v) be responsible for assuring the proper filing of Currency Transaction Reports ("CTRs"), Reports of International Transportation of Currency or Monetary Instruments, and SARs relating to the BSA.
SYSTEM OF INTERNAL CONTROLS
[.6] 6. The Insured Institution shall develop, adopt, and implement an enhanced system of internal controls to ensure compliance with the BSA, including, but not limited to, the monitoring of high-risk and suspicious activities for all types of accounts, customers, products, services, and geographic areas. At a minimum, such enhanced system of internal controls shall include:
(a) procedures for conducting a risk-based assessment of the Insured Institution's customer base to identify the categories of customers whose transactions and banking activities are routine and usual; and determine the appropriate level of enhanced due diligence necessary for those categories of customers whose transactions and banking activities are not routine and/or usual ("high-risk accounts");
(b) policies and procedures with respect to high-risk accounts and customers identified through the risk assessment conducted pursuant to subparagraph (a), including the adoption of adequate methods for conducting enhanced due diligence on high-risk accounts and customers at account opening and on an ongoing basis, and for monitoring high-risk client relationships on a transaction basis as well as by account and customer;
(c) policies, procedures, and systems for identifying, evaluating, monitoring, investigating, and reporting suspicious activity in the Insured Institution's products, accounts, customers, services, and geographic areas, including:
(i) establishment of meaningful thresholds for identifying accounts and customers for further monitoring, review and analyses;
(ii) periodic testing and monitoring of such thresholds for their appropriateness to the Insured Institution's products, customers, accounts, services, and geographic areas;
(iii) review of existing systems to ensure adequate referral of information about potentially suspicious activity through appropriate levels of management, including a policy for determining action to be taken in the event of multiple filings of SARs on the same customer, or in the event a correspondent or other customer fails to provide due diligence information. Such procedures shall describe the circumstances under which an account should be closed and the processes and procedures to be followed in doing so;
(iv) procedures and/or systems for each subsidiary and business area of the Insured Institution to produce periodic reports designed to identify unusual or suspicious activity, to monitor and evaluate
unusual or suspicious activity, and to maintain accurate information needed to produce these reports, with the following features:
(A) the Insured Institution's procedures and/or systems should be able to identify related accounts, countries of origin, location of the customer's businesses and residences to evaluate patterns of activity; and
(B) the periodic reports should cover a broad range of timeframes, including individual days, a number of days, and a number of months, as appropriate, and should segregate transactions that pose a greater than normal risk for non-compliance with BSA;
(v) documentation of management's decisions to file or not to file a SAR; and
(vi) systems to ensure the timely, accurate and complete filing of required SARs and any other similar or related reports required by law; and
(d) development and maintenance of policies and procedures with respect to wire transfer recordkeeping, including requirements for complete information on beneficiaries and senders, as required by Treasury Rules and Regulations 31 C.F.R. 103.33.
ANNUAL ACCOUNT REVIEW
[.7] 7. The BSA Plan shall require periodic review, by business line, not less than each calendar year, of all account documentation for all high-risk accounts and all other related accounts of those customers at the Insured Institution to determine whether the account activity is consistent with the customer's business and the stated purpose of the account.
[.8] 8. The Insured Institution shall establish an independent testing program for compliance with the BSA Rules, to be performed on no less than an annual basis. The scope of the testing procedures to be performed, and testing results, shall be documented in writing and approved by the Board or its designee. The testing program, at a minimum, should provide the following:
(a) compliance testing for all appropriate business lines conducted by qualified staff who are independent of the Insured Institution's compliance function;
(b) formal, documented testing programs, including adequately detailed reports and workpapers;
(c) review of independent testing results by senior management;
(d) procedures to ensure that senior management institutes appropriate actions in response to independent testing results;
(e) direct lines of reporting between the independent testing function and the Insured Institution's Board or its designee;
(f) a program to test the adequacy of internal controls designed to ensure compliance with the provisions of the BSA;
(g) a program to test the adequacy of the Insured Institution's Training Program, as that term is defined in paragraph 9; and
(h) a risk-based approach that includes transactional testing and verification of data for higher risk accounts.
[.9] 9. The Insured Institution shall provide an effective training program for management and staff on all relevant aspects of laws, regulations, and Insured Institution policies and procedures relating to the BSA compliance program ("Training Program"). This training shall ensure that all appropriate personnel are aware of, and can comply with, the requirements of the BSA including the currency and monetary instruments reporting requirements and the reporting requirements associated with SARs. The Training Program shall also cover:
(a) the Insured Institution's BSA/AML policies and procedures, and new rules and requirements as they arise;
(b) a requirement that the Board will fully document the training of each employee, including the designated BSA Compliance Officer; and
(c) a requirement that training shall be conducted no less frequently than annually.
[.10] 10. Within 30 days from the effective date of this ORDER, the Insured
Institution shall amend its audit policies, procedures, and practices,
and those of its subsidiaries, both with regard to internal audits and
with regard to external audits, so that the Insured Institution
periodically reviews compliance with the BSA, FDIC Rules and
Regulations sections 326.8 and 353, and Treasury Rules and Regulations
as part of the Insured Institution's routine auditing. As
long as this ORDER shall remain in effect, the Insured Institution's internal and external audits shall include review of these areas, with significant exceptions reported directly to the Insured Institution's Audit Committee and the Board.
[.11] 11. The Insured Institution shall provide periodic reports to the Audit Committee of the Board setting forth any law enforcement inquiry that relates in any way to any topic covered by the BSA Plan and any criminal subpoena received by the Insured Institution and any action taken on such account.
THIRD PARTY REVIEW OF BSA-AML PROGRAM
[.12] 12. Within 180 days of adoption of the BSA Plan, and independent third party, engaged by the Insured Institution, shall complete a comprehensive review ("Review") of the BSA-AML Program for the Insured Institution and its subsidiaries. At a minimum, this Review shall include the Insured Institution's compliance with the BSA Plan and the provisions of this ORDER. The independent third party shall prepare and submit a written report of the Review to the Regional Director and the Superintendent within 200 days of the adoption of the BSA Plan.
UPDATE BSA PLAN IN RESPONSE TO INDEPENDENT REVIEW FINDINGS PRESENT NEW PLAN TO REGULATORS
[.13] 13. (a) Within 30 days of receipt of the Review findings, the Board shall update its written BSA Plan to comply in all material respects with the BSA, FDIC Rules and Regulations, sections 326.8 and 353, Treasury Rules and Regulations and 3 N.Y.C.R.R. Part 300.
(b) The Board shall provide a copy of the Review and the updated BSA Plan to the Regional Director and the Superintendent. If the Board fails to adopt any of the Review recommendations, it shall provide to the Regional Director and the Superintendent a comprehensive explanation of its rationale for failing to do so.
THIRD PARTY LOOK BACK REVIEW
[.14] 14. (a) Within 20 days from the effective date of this ORDER, the Insured Institution shall engage a qualified independent firm ("Consultant") acceptable to the Regional Director and the Superintendent to conduct a review of account and transaction activity for the time period beginning January 1, 2003 through the effective date of this ORDER to determine whether suspicious activity involving accounts or transactions at, by, or through the Insured Institution was properly identified and reported in accordance with the applicable suspicious activity reporting requirements ("SAR Review").
(b) Within 10 days of the engagement of the Consultant, but prior to the commencement of the SAR Review, the Insured Institution shall submit to the Regional Director and Superintendent for approval an engagement letter that sets forth:
(i) the scope of the SAR Review, including the types of accounts and transactions to be reviewed;
(ii) the methodology for conducting the SAR Review, including any sampling procedures to be followed;
(iii) the expertise and resources to be dedicated to the SAR Review; and
(iv) the anticipated date of the completion of the SAR Review.
(c) Upon completion of the SAR Review, the Consultant shall provide a copy of its report detailing the findings of the SAR Review to the Regional Director and Superintendent at the same time the report is provided to the Insured Institution.
(d) Within 30 days of receipt of the SAR Review, the Insured Institution shall ensure that all matters or transactions required to be reported, that have not previously been reported, are reported in accordance with applicable laws and regulations.
REVIEW OF CERTAIN ACCOUNTS INVOLVING MONEY TRANSMITTERS
[.15] 15. The Insured Institution shall undertake the following:
(a) Immediately upon the effective date of this ORDER, the Insured
Institution shall commence an account review in order to determine
whether its customers, particularly foreign money transmitters, are
accurately described on the Insured Institution's books and records,
and are licensed or otherwise authorized by applicable law to engage in
the type of money transmission activities that are reflected in the
Insured Institution's books and records or which should be reflected
in such books and records.
(b) The Insured Institution shall immediately cease and desist from conducting any further business with accounts of customers that the Insured Institution now knows, or determines under (a) or otherwise, are not authorized by applicable law to engage in the type of money transmission activities that are reflected in the Insured Institution's books and records or which should be reflected in such books and records.
(c) With respect to any other Insured Institution customers conducting business in the United States with illegal foreign money transmitters, the Insured Institution shall immediately cease and desist from conducting any further business with such customers.
(d) With respect to accounts maintained by the Insured Institution on behalf of other foreign money transmitters that operate legally in foreign countries, the Insured Institution shall perform enhanced due diligence procedures with respect to such accounts.
[.16] 16. Following the effective date of this ORDER, the Insured Institution shall send to its shareholders or otherwise furnish a description of this ORDER (i) in conjunction with the Insured Institution's next shareholder communication, and also (ii) in conjunction with its notice or proxy statement preceding the Insured Institution's next shareholder meeting. The description shall fully describe the ORDER in all material respects. The description and any accompanying communication, statement, or notice shall be sent to the FDIC, Division of Supervision and Consumer Protection, Accounting and Securities Disclosure Section, 550 17th Street, N.W., Washington, D.C. 20429 for review at least 20 days prior to dissemination to shareholders. Any changes requested to be made by the FDIC shall be made prior to dissemination of the description, communication, notice, or statement.
[.17] 17. Within 30 days from the effective date of this ORDER, the Insured Institution's Board shall appoint a committee ("Compliance Committee") composed of at least three directors who are not now, and have never been, involved in the daily operations of the Insured Institution, and whose composition is acceptable to the Regional Director and the Superintendent, to monitor the Insured Institution's compliance with this ORDER, including the BSA Plan. Within 30 days from the effective date of this ORDER, and at monthly intervals thereafter, such Compliance Committee shall prepare and present to the Insured Institution's Board a written report of its findings, detailing the form, content, and manner of any action taken to ensure compliance with this ORDER and the results thereof, and any recommendations with respect to such compliance. Such progress reports shall be included in the minutes of the Insured Institution's Board meetings. Nothing contained herein shall diminish the responsibility of the entire Board to ensure compliance with the provisions of this ORDER.
[.18] 18. By the 30th day after the end of the calendar quarter following the effective date of this ORDER, and by the 15th day after the end of every calendar quarter thereafter, the Insured Institution shall furnish written progress reports to the Regional Director and Superintendent detailing the form, content, and manner of any actions taken to secure compliance with this ORDER, and the results thereof.
BOOKS AND RECORDS
[.19] 19. For purposes of this paragraph, the terms "documents, books and records" shall have the broadest possible meaning and shall include, without limitation, paper and electronic records of all kinds, reports, notes, emails, calendars, phone logs, financial instruments, computer tapes and discs and digital recording and storage media. The Insured Institution shall:
(a) not destroy, alter, or remove any documents, books and records until further written notice from the Regional Director and/or the Superintendent.
(b) maintain and, upon request, immediately make available to the Regional Director and the Superintendent all documents, books and records maintained by the Insured Institution and its subsidiaries.
20. It is expressly and clearly understood that if, at any time,
the Regional Director or the Superintendent shall deem it appropriate
in fulfilling the responsibilities placed upon either of them under
applicable law to undertake any further action affecting the Insured
Institution, nothing in this ORDER shall in any way inhibit, estop, bar
or otherwise prevent either of them from doing so,
including, but not limited to, the imposition of civil money penalties.
It is expressly and clearly understood that nothing herein shall preclude any proceedings brought by the Regional Director or the Superintendent to enforce the terms of this ORDER, and that nothing herein constitutes, nor shall the Insured Institution contend that it constitutes, a waiver of any right, power, or authority of any other representatives of the United States or agencies thereof, Department of Justice or any other representatives of the State of New York or any other agencies thereof, including any prosecutorial agency, to bring other actions deemed appropriate.
The effective date of this ORDER shall be immediately upon the date of issuance.
The provisions of this ORDER shall be binding upon the Insured Institution, its directors, officers, employees, agents, successors, assigns, and other institution-affiliated parties of the Insured Institution.
The provisions of this ORDER shall remain effective and enforceable except to the extent that, and until such time as, any provisions of this ORDER shall have been modified.
Pursuant to delegated authority.
Dated: December 15, 2005
|Last Updated email@example.com|