Home > Regulation & Examinations > Bank Examinations > FDIC Enforcement Decisions and Orders
FDIC Enforcement Decisions and Orders
A cease and desist order was issued, based on findings by the FDIC that
it had reason to believe that Respondent was engaged in unsafe and
unsound practices. (This order was terminated by order of the
FDIC dated 6-3-05; see ¶
[.1] Bank Secrecy ActCompliance Officer Required
[.2] Bank Secrecy ActCompliance
[.3] Violations of LawCorrections of Violations Required
[.4] Compliance ProgramWritten Compliance Plan Required
[.5] Customer Due Diligence ProgramMinimum Requirements
[.6] Suspicious Activity ReportAcquire Software-Based Tools
[.7] Suspicious Activity ReportImplement Policy
[.8] Board of DirectorsCommittee to Review Compliance with Cease and Desist Order Required
[.9] Progress ReportWritten Report Required
[.10] ShareholdersDisclosure of Cease and Desist Order Required
In the Matter of
Amerika Samoa Bank, Pago Pago, American Samoa ("Bank"), having been advised of its right to a Notice of Charges and of Hearing detailing the unsafe or unsound banking practices and violations of law and/or regulations alleged to have been committed by the Bank, and of its right to a hearing on the alleged charges under section 8(b)(1) of the Federal Deposit Insurance Act ("Act"), 12 U.S.C. §1818(b)(1), and having waived those rights, entered into a STIPULATION AND CONSENT TO THE ISSUANCE OF AN ORDER TO CEASE AND DESIST ("CONSENT AGREEMENT") with counsel for the Federal Deposit Insurance Corporation ("FDIC"), dated October 1, 2004, whereby, solely for the purpose of this proceeding and without admitting or denying the alleged charges of unsafe or unsound banking practices and violations of law and/or regulations, the Bank consented to the issuance of an ORDER TO CEASE AND DESIST ("ORDER") by the FDIC.
The FDIC considered the matter and determined that it had reason to believe that the Bank had engaged in unsafe or unsound banking practices and had committed violations of law and/or regulations. The FDIC, therefore, accepted the CONSENT AGREEMENT and issued the following:
ORDER TO CEASE AND DESIST
IT IS HEREBY ORDERED, that the Bank, its institution-affiliated parties, as that term is defined in section 3(u) of the Act, 12 U.S.C. §1813(u), and its successors and assigns, cease and desist from the following unsafe and unsound banking practices and violations of law and/or regulation:
(a) operating in violation of section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. §326.8, as more fully described on page 9 in the FDIC's Report of Examination dated August 31, 2004;
(b) operating in violation of section 353.3 of the FDIC's Rules and Regulations, 12 C.F.R. §353.3, as more fully described on
page 9 in the FDIC's Report of Examination dated August 31, 2004; and
(c) operating in violation of section 103.27 of the Rules and Regulations of the Department of the Treasury, 31 C.F.R. §103.22, as more fully described on page 9 in the FDIC's Report of Examination dated August 31, 2004.
IT IS FURTHER ORDERED, that the Bank, its institution-affiliated parties, and its successors and assigns, take affirmative action as follows:
[.1] 1. Within 30 days of the effective date of this ORDER, the Board shall select a senior bank official to be the Bank Secrecy Act ("BSA") and Anti-Money Laundering ("AML") Officer. The position shall have a detailed job description that specifies the BSA/AML Officer's authority to make and enforce BSA policies.
[.2] 2. Within 90 days of the effective date of this ORDER, the Bank shall comply in all material respects with the BSA and its rules and regulations.
[.3] 3. Within 90 days of the effective date of this ORDER, the bank shall correct all violations of law and contraventions of FDIC Statements of Policy cited on pages 9 and 10 of the FDIC's Report of Examination dated August 31, 2004. In addition, the Bank shall take all necessary steps to ensure future compliance with all applicable laws and regulations.
[.4] 4. Within 90 days of the effective date of this ORDER, the Bank shall develop, adopt and implement a written compliance program, as required by the applicable provisions of section 326.8 of the FDIC's Rules and Regulations, 12 C.F.R. §326.8, designed to, among other things, ensure and maintain compliance by the Bank with the BSA and the rules and regulations issued pursuant thereto. The program shall ensure that clear and comprehensive BSA compliance reports are provided to the Bank's Board of Directors on a monthly basis. Such program and its implementation shall be in a manner acceptable to the Regional Director of the FDIC's San Francisco Regional Office ("Regional Director") as determined at subsequent examinations and/or visitations of the Bank. At a minimum, the program shall:
(a) Establish a system of internal controls to ensure compliance with the BSA and the rules and regulations issued pursuant thereto, including policies and procedures to detect and monitor all transactions to ensure that they are not being conducted for illegitimate purposes and that there is full compliance with all applicable laws and regulations.
(b) Provide for independent testing of compliance with the BSA, all applicable rules and regulations related to the BSA, and the reporting of suspicious transactions required to be reported pursuant to Part 353 of the FDIC's Rules and Regulations, 12 C.F.R. Part 353. The independent testing shall be conducted on an annual basis in compliance with the procedures described in the FDIC's "Guidelines for Monitoring Bank Secrecy Act Compliance." The testing, at a minimum, shall include the following:
(i) a test of the Bank's internal procedures for monitoring the BSA;
(ii) a sampling of large currency transactions followed by a review of the Currency Transaction Report filings;
(iii) a test of the validity and reasonableness of the customer exemptions granted by the Bank;
(iv) a test of the bank's recordkeeping system for compliance with the BSA; and
(v) documentation of the scope of the testing procedures performed and the findings of the testing.
Written reports shall be prepared which document the testing results and provide recommendations for improvement. Such reports shall be presented to the Bank's Board of Directors.
(c) An internal audit shall be performed which includes quarterly reviews of the BSA as required by bank policy. The internal audit shall incorporate the following components into the BSA scope.
(i) an assessment of whether all CTRs required to be filed have been received by the Financial Crimes Enforcement Network ("FinCEN");
(ii) a review of the appropriateness of customers on the exempt list; and
(iii) a determination whether the suspicious activity monitoring system is reasonably capable of identifying all suspicious activity.
(d) Ensure that the Bank's BSA compliance
program is managed by a qualified officer who shall have responsibility for all BSA compliance and related matters, including, without limitation;
(i) the identification of timely, accurate and complete reporting to law enforcement and supervisory authorities of unusual or suspicious activity or known or suspected criminal activity perpetrated against or involving the Bank; and
(ii) monitoring the Bank's compliance and ensuring that full and complete corrective action is taken with respect to previously identified violations and deficiencies.
(e) Provide and document training by competent staff and/or independent contractors of all board members and all appropriate personnel, including, without limitation, tellers, customer service representatives, lending officers, private and personal banking officers and all other customer contact personnel, in all aspects of regulatory and internal policies and procedures related to the BSA, with a specific concentration on accurate recordkeeping, "Know Your Customer" policies, form completion and the detection and reporting of known and/or suspected criminal activity. Training shall be updated on a regular basis to ensure that all personnel are provided with the most current and up-to-date information, including information about illicit banking practices and the latest criminal activities.
(f) The BSA/AML Officer shall attend periodic conference-based training that covers, among other things, best practices and current BSA issues.
[.5] 5. Within 90 days of the effective date of this ORDER, the Bank shall submit to the FDIC an acceptable enhanced customer due diligence program. The program shall be designed to reasonably ensure the identification of customers, particularly those bank customers with unfamiliar identification documents. The program shall reasonably ensure the timely, accurate and complete reporting of known or suspected criminal activity against or involving the bank to law enforcement and supervisory authorities as required by the suspicious activity reporting provisions of Part 353 of the FDIC Rules and Regulations. The enhanced customer due diligence program shall include:
(a) A risk focused assessment of the customer base of the Bank to:
(i) identify customers which are "higher risk" due to the nature of their activities and may require increased monitoring; and
(ii) determine the appropriate level of enhanced due diligence and monitoring necessary for those "higher risk" customers that the Bank has reasons to believe pose a heightened risk of illicit activities at or through the Bank. "Higher risk" customers include money service businesses.
(b) For those customers whose transactions require enhanced due diligence, written procedures that:
(i) specify the appropriate documentation necessary to confirm the identity and lawful business activities of the customer;
(ii) require the documentation of the normal and expected transactions of the customer; and
(iii) require the reporting of suspicious activities in compliance with existing reporting requirements set forth in Part 353 of the FDIC's Rules and Regulations.
(c) Actions to be taken when accounts are suspected of significant illegal activity or noncompliance with FinCEN requirements including, where appropriate, steps to close such accounts consistent with applicable law; and
(d) Procedures for changing lower risk customer classifications to higher risk, based upon suspicious activity monitoring processes.
[.6] 6. Within 90 days of the effective date of this ORDER, the Bank shall review its core processing system and acquire available software-based tools that can assist in suspicious activity monitoring.
[.7] 7. (a) Within 60 days of the effective date of this ORDER, the Bank shall establish and implement policies and procedures to advise the Bank's Board of Directors of Significant Suspicious Activity Reports. At a minimum, the Board of Directors shall be advised in detail of all Suspicious Activity Reports involving employees, contractors, officers and directors. The policies and procedures shall also include guidelines to determine what Suspicious Activity Reports are significant.
(b) Within 90 days from the effective date of this ORDER, the Bank shall develop a written suspicious activity monitoring program that is appropriate for the size and risk nature of the institution.
(i) The system must incorporate appropriate
intelligence gathered as a result of the enhanced "Know Your Customer" practices.
(ii) The system must, at minimum, use software such as spreadsheets to facilitate the review of customer transactions over extended periods of time.
(iii) The system must consider wire transfers and the purchase of monetary instruments.
(iv) The system must be reasonably designed to detect structured transactions and transactions inconsistent with customers' known legal business activity. The system must not be limited to reviewing transactions over $10,000.
(c) The BSA/AML Officer shall closely monitor each branch's CTR process and procedures to ensure CTRs are prepared accurately, timely, and in a consistent format amongst branches. Adjustments to systems, staffing, training, and compliance monitoring procedures shall be made by the BSA/AML Officer, as appropriate.
(d) The Bank shall perform a forensic review of cash transaction and CTR records to ensure that:
(i) all CTRs were prepared and submitted as required; and
(ii) all CTRs were received by FinCEN.
(e) Within 60 days of the effective date of this ORDER, the BSA/AML Officer will perform documented reviews of each exempt customer to ensure that ineligible customers, such as money service businesses, are excluded.
[.8] 8. Following the effective date of this ORDER, the Bank's Board of directors shall monitor and confirm the completion of actions taken by management to comply with the terms of this ORDER. The Board of Directors shall certify in writing to the Regional Director when all of the above actions have been accomplished. All actions taken by the Board of Directors pursuant to this ORDER shall be duly noted in the minutes of its meetings. The Board shall receive reports from the qualified officer, selected in paragraph 1, regarding compliance with the BSA and Parts 326 and 353, at least monthly, and shall report to the Bank's Board of Directors at every meeting.
[.9] 9. Within 15 days of the end of the first quarter following the effective date of this ORDER, and within thirty (30) days of the end of each quarter thereafter, the Bank shall furnish written progress reports to the Regional Director detailing the form and manner of any actions taken to secure compliance with this ORDER and the results thereof. Such reports shall include a copy of the Bank's Report of Condition and the Bank's Report of Income. Such reports may be discontinued when the corrections required by this ORDER have been accomplished and the Regional Director and the Commissioner have released the Bank in writing from making further reports.
[.10] 10. Following the effective date of this ORDER, the Bank shall send to its shareholder or otherwise furnish a description of this ORDER in conjunction with the Bank's next shareholder communication and also in conjunction with its notice or proxy statement preceding the Bank's next shareholder meeting. The description shall fully describe the ORDER in all material respects. The description and any accompanying communication, statement, or notice shall be sent to the FDIC, Accounting and Securities Section, Washington, D.C. 20429, at least fifteen (15) days prior to dissemination to shareholders. Any changes requested to be made by the FDIC shall be made prior to dissemination of the description, communication, notice, or statement.
This ORDER shall become effective ten (10) days from the date of its issuance.
The provisions of this ORDER shall remain effective and enforceable except to the extent that, and until such time as, any provisions of this ORDER shall have been modified, terminated, suspended, or set aside by the FDIC.
Pursuant to delegated authority,
Dated at San Francisco, California, this 4th day of October, 2004.
|Last Updated firstname.lastname@example.org|