Financial Industry Regulatory Compliance: A New Era of Government Enforcement

Recent enforcement efforts by the Department of Justice (DOJ) have shifted focus from the 2008 financial crisis to alleged involvement by banks in aiding criminal activity committed by bank customers, such as consumer fraud schemes.

Under the Bank Secrecy Act (BSA), all banks are required to establish and maintain effective internal compliance programs to prevent fraud and other illegal uses of the banking system by customers.  See 31 U.S.C. §5311, et seq.  The program must contain certain anti-money laundering checks to prevent such diverse harms as international wire fraud, improper payday loan lending practices, and theft via unauthorized ACH debits.  Under the banner of fraud-prevention, the Department of Justice has embarked on aggressive enforcement initiatives against financial services providers for perceived failures in compliance with BSA requirements.

A recent complaint and consent order filed by the DOJ in North Carolina against Four Oaks Bank & Trust Company illustrates this trend.  Under “Operation Choke Point,” a sweeping, multiagency enforcement initiative targeting banks and other financial institutions that serve online payday lenders, the DOJ is investigating scores of financial institutions.  The Operation Choke Point name reflects the DOJ’s stated goal of preventing fraud by cutting off perpetrators of fraud from access to the banking system.

The Four Oaks case, the first publicized action by the DOJ under Operation Choke Point, involved a civil enforcement action brought by DOJ accusing Four Oaks of turning a blind eye to wire fraud being committed by a customer who processed payments for payday lenders engaged in defrauding consumers.  Four Oaks settled and paid over $1 million in penalties.

In another recent, and very high-profile, case, the DOJ brought a criminal action against JP Morgan Chase based on Chase’s banking relationship with the Ponzi schemer Bernie Madoff.  The case resulted in a deferred prosecution agreement and the payment of over $2 billion in penalties by the bank.  See (last article).

The tentacles of the DOJ, including through Operation Choke Point, have also reached non-bank financial services companies — for example, Western Union recently revealed that it is being investigated by the U.S. government for failing to properly monitor and prevent fraudulent wire transfers to third parties.  The DOJ has also targeted the bank customers themselves, particularly online payday lenders and payment processors.

Because it is the rare bank or financial institution that intentionally aids a customer in committing consumer fraud or other criminal conduct, the DOJ has relied on a variety of more subtle evidence.  For example, the lack of proper licensing by a third party payment processor, or the processor’s merchants, might be considered a “red flag” viewed by the DOJ as creating an inference that the bank looked the other way at fraud being committed by a customer.  Thus, in its complaint against Four Oaks, the DOJ stated that certain merchants for whom the third party payment processor processed payments were unlicensed, and this fact should have tipped the bank off that the processor may have been operating illegally.

Due diligence gaps or a lack of attention to anything that could be viewed later as a red flag — things that may once have been viewed as indicative of negligence, at the most — may now be viewed by the DOJ as evidence of complicity by banks in their customers’ criminal conduct.  And, as a practical matter, the DOJ may look at a bank’s compliance program with the benefit of hindsight to judge what more could have been done to detect and prevent fraud.  Banks today are expected to not only thoroughly know their customers, but also to know their customers’ customers.

When banks fall short of the government’s very high expectations, the government has a variety of enforcement tools at its disposal.  The DOJ can bring criminal cases against banks, which may result in convictions at trial (although trials are rare in this area), guilty pleas, or deferred prosecution agreements.  The DOJ can bring civil enforcement actions under the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (FIRREA), which is what happened in the Four Oaks case.  Regulators such as the OCC, the Federal Reserve, FinCEN, the FDIC, and state banking agencies may also impose fines and compliance remedies.

Both criminal and civil enforcement actions can result in large financial penalties and court-ordered compliance plans, among other things.  The government’s increasing use of these tools should make all banks and financial institutions particularly vigilant when on-boarding and monitoring customer accounts.

Mr. Coopersmith is a partner at Davis Wright Tremaine and a former federal prosecutor who defends and investigates civil and criminal white-collar cases and matters in the financial services and other industry sectors.  He frequently represents and advises clients in Bank Secrecy Act/AML compliance and enforcement matters.  Mr. Coopersmith practices out of DWT’s Seattle and Los Angeles offices and can be reached at  Ms. Watkins is an associate in the firm’s Portland office who focuses her practice on complex litigation, including white-collar defense and investigations.  She can be reached at

Please wait...

Subscribe to our Technical Publication!

Want to be notified when Compass is published? Enter your email address and name below and sign up to our mailing list!
Please wait...

Download the PDF File