Thank you, Amy, for that kind introduction. I would also like to thank both the American Bar Association and the American Bankers Association for hosting this money laundering enforcement conference and inviting me to speak today. I am honored to be here, especially on the 25th anniversary of this important conference, which provides invaluable Bank Secrecy Act and anti-money laundering training – and underscores the vital importance of the compliance function at financial institutions.
As all of you know, banking and financial services play a vital role in our country. They spawn growth, spread risk, facilitate the creation of jobs, and generally drive our economy. Without it, much of the prosperity that allows for our freedoms and our power in the world would not exist.
But it is also susceptible to abuse. It can be used to launder the illegal proceeds of criminal and terrorist organizations. It can be used to defraud people, particularly when the transactions are complex. And the flow of dollars through our financial system is so large, that even a small fraudulent adjustment of a rate or a fee can result in billions of dollars being illegally diverted. Just as the financial industry has the power to create great good, it has the power to create great harm. The crash in 2008 was a stark reminder of this power to harm.
At the Department of Justice, we know that compliance officers within financial institutions, and the lawyers, bankers, and others who work with them, are the first line of defense against abuse within these institutions. Compliance officers are critical to protecting both a bank’s reputation and its bottom line. They’re essential when it comes to preventing criminal activity – and if that effort is not entirely successful, detecting and reporting such conduct. It is not an exaggeration to say that compliance is fundamental to protecting the security of our financial institutions and is essential to the integrity of our entire financial system.
Despite, and in some ways because of, this crucial role, I know that working in compliance is often difficult. Compliance is seldom thought of as a “money-maker” for any bank, and it may be challenging to get sufficient resources and authority to do the job well. To some, compliance may not seem to fit within the culture of a fast-moving, cutting-edge institution. And at times, certain business units or managers may seem downright hostile toward the compliance function.
We at the Department of Justice understand this reality. And we appreciate that, despite these challenges, you and your colleagues are fully committed to helping protect the integrity of your institutions and our financial system.
I want to assure you today that I am grateful for that, because you are our strongest partners in the fight against money laundering, fraud, and other financial crimes. You’re in a unique position to understand that a strong compliance culture is not only good for a bank’s overall standing and reputation in the business community, it is ultimately good for its business.
Right now, compliance within financial institutions is of particular concern to the Department, because we have recently seen cases that involved not only criminal conduct by bank customers, but – more concerning – serious criminal conduct by bank employees, including managerial employees. I’d like to speak with you today about how the Department evaluates financial institutions that violate the law, along with some of the considerations that all bankers should be mindful of as they decide how their institutions should operate.
I want to begin with the fundamental proposition that no individual or business – including a financial institution – is immune from prosecution. As I’m sure you’ve noticed, the Justice Department is taking a hard look at financial institutions in all areas – including AML, BSA, IEEPA, securities laws, tax violations, and all other forms of financial fraud. We are committed to holding banks and their employees responsible for their misconduct.
In recent years, we have proven our determination to pursue a range of challenging and complex financial crimes. For example, in one of the more brazen types of misconduct we have encountered in the financial industry, the Department and other law enforcement agencies and regulators around the world are investigating the manipulation of LIBOR and other benchmark interest rates. As you all know, LIBOR serves as the premier benchmark for short-term interest rates around the globe. Hundreds of trillions of dollars in financial derivatives, corporate debt, credit card debt, mortgages, student loans, and other financial instruments worldwide are tied to LIBOR. But LIBOR necessarily depends on the integrity of the rate setting process and the bankers who provide input into that process. The investigation revealed that traders in some banks were manipulating their bank’s LIBOR submissions in the hopes of affecting the final published LIBOR fix – thereby increasing their trading profits. Some even coordinated with traders at other banks and inter-dealer brokers to try to get several banks to submit LIBORs favorable to their trading positions. We’ve also seen that certain banks artificially lowered their LIBORs in order to appear more credit-worthy during the financial crisis.
Unfortunately, these manipulations were not isolated incidents involving a few rogue traders. In some institutions, LIBOR manipulation was pervasive. We found institutions with traders in multiple offices around the world attempting to manipulate LIBOR and other benchmark rates tied to multiple currencies, with the conduct at some banks extending over a period of five or more years. During our investigation, it became apparent that certain institutions condoned a culture of illegal behavior. And it was this culture that led the Justice Department to investigate and prosecute not just the individuals engaged in LIBOR manipulation, but the institutions that condoned it.
As a result of our enforcement actions stemming from this illegal conduct, billions of dollars have been paid in penalties, banks have admitted to serious crimes, and certain employees have been criminally charged. To date, corporate LIBOR resolutions with Rabobank, Barclays, UBS, RBS, and the brokerage firm ICAP have resulted in over $3.7 billion in penalties paid to law enforcement and regulatory agencies. Thus far, the Department has charged five individuals – two former senior traders at UBS, and three former brokers at ICAP – with crimes in connection with the LIBOR investigation. In addition, many in executive management on whose watch these crimes took place have paid a heavy price. Two CEOs have resigned, other senior managers have stepped down; executives have testified before the U.K. Parliament; bonuses have been withheld; and other compensation has been clawed back. And this may be only the beginning – because our investigation of LIBOR is far from over.
As another example, just last month, a jury in the Southern District of New York found Countrywide, Bank of America, and a senior executive liable for making bad loans and removing quality control checks. Countrywide initiated the “hustle” program to move loans quickly through the origination process and eliminate quality control steps that could slow it down. Countrywide, then Bank of America, sold the toxic mortgage loans to Fannie Mae and Freddie Mac, knowing that they did not meet the representations of quality.
We have also seen IEEPA violations involving the circumvention of sanctions against Cuba and Iran; violations of the Bank Secrecy Act; Residential Mortgage Backed Securities fraud and mortgage origination fraud; anti-trust violations; tax violations involving off-shore accounts; and civil rights violations for discriminatory lending practices.
And in one of the more recent developments, the Department's Criminal and Antitrust Divisions, along with the FBI, regulators and other law enforcement agencies around the world, are aggressively investigating possible manipulation of foreign exchange rates, involving a number of financial institutions, and you will be hearing more about these investigations in the future.
These investigations are just a few examples of how the Justice Department is pursuing corporate financial malfeasance. Financial institutions have agreed to pay about $17 billion in settlements with law enforcement and regulators in the United States this year alone. And that number will increase, as we are more committed than ever to investigating crimes committed by and within financial institutions, and to hold the perpetrators of those crimes accountable.
In every case and circumstance, our decisions about prosecuting corporate crime are guided by the Principles of Federal Prosecution of Business Organizations, which describes nine factors we consider when determining whether to charge a corporation. Those factors include, among other things: the nature and seriousness of the offense; the pervasiveness of the wrongdoing within the corporation, including the complicity of corporate management; the corporation’s history of similar misconduct, including prior criminal, civil, and regulatory actions against it; and the adequacy of a corporation’s pre-existing compliance program. We have found that these factors are often linked. How widespread the misconduct is, how high in the corporate hierarchy knowledge of it goes, and how effective a corporate compliance program is – are often related to each other, and to a corporation’s criminal history.
The notion that compliance must be firmly embedded in a corporation’s culture has been raised before, including at this conference, by many government officials. You’ve heard a great deal about the importance of “tone at the top.” Indeed, companies regularly argue during negotiations that they have taken various steps to set the right tone at the highest levels of their institutions. But based on what we have seen, we cannot help but feel that the message is not getting through often enough or clearly enough.
Despite years of admonitions by government officials that compliance must be an important part of a corporation’s culture, we continue to see significant violations of law at banks, inadequate compliance programs, and missed opportunities to prevent and detect crimes.
We are concerned that too many bank employees and supervisors value coming as close to the line as possible, or even crossing the line, as being “competitive” or “aggressive.” Too many seem to be willing to take advantage of any edge – including those of dubious legality – to make money. Too many supervisors seem to incentivize excessive risk-taking – knowing that risky products can be unloaded down the road, or anticipating that they will have left for another bank by the time such risks are played out, leaving someone else to deal with the consequences. And we are troubled that many employees believe that their supervisors, including in some cases corporate management, actually want them to behave this way. Even a single employee who thinks this way is one too many. And what we’ve been seeing and making public in a number of our recently-announced resolutions should give everyone pause, and cause all leaders and managers within financial institutions to reflect on how they can do better.
Now we’ve seen numerous news reports of senior bank management condemning the uncovered conduct after an announced resolution – calling the conduct “shameful”; “contrary to our core values”; “reprehensible.” One CEO said that he “strongly condemn[ed]” the behavior at issue; another said that learning about the misconduct made him “physically ill.” While it’s easy for everyone to agree with these after-the-fact condemnations of the discovered misconduct, our collective goal must be to establish cultures within these important institutions that prevent people from engaging in this type of conduct in the first instance. Labeling certain behavior “shameful” after being caught is simply too little, too late.
This is why, when deciding whether to prosecute an institution for the actions of its employees, we look hard at the messages that bank management and supervisors are actually giving to employees in the context of their day-to-day work. We look at chats, emails, and recorded phone calls -- things that are readily available to senior management and compliance professionals. We talk to witnesses in order to determine what kinds of messages about compliance have been conveyed, or, on the flip side of that coin, what encouragement they may have received to exploit any possible edge to make money. We examine the incentives that banks provide their employees to either cross the line, or to exhibit compliant behavior. If a financial institution wants to encourage compliance – if its values are not skewed towards making money at all costs – then that message must be conveyed to employees in a meaningful and effective way if they’d like Department to view it as credible. To have an effective compliance program, we expect banks to put in place procedures to detect problems, and proactively utilize those procedures -- without waiting until the government comes knocking at their door with a subpoena.
When a problem is identified, we expect banks to undertake a thorough search – at every level, across the institution – for misconduct that may have been committed elsewhere, by similarly-situated employees or in similar business units. We expect that banks will not look only at employees in the same positions or in the same offices to determine whether they are violating the law – but that, cognizant of the ways in which violations have occurred, they will also look to other places or other types of employees where similar misconduct could take place. Whenever employees in different units, or in different office locations, or involved in different product lines, are engaging in criminal conduct at the same institution, it is well past time for that institution to think more broadly about problems that may span across the organization as a whole. In fact, we have seen this pattern in a number of financial institutions and what this tells us is that even if a specific conduct didn't directly involve senior management, that repetition speaks volumes about the culture senior management has create in the institution. A culture that breeds violations instead of a culture that encourages compliance.
The benefits of having a strong compliance program can go a long way toward mitigating institutional liability. For instance, last year, we announced the guilty plea of a former managing director of Morgan Stanley to a violation of the Foreign Corrupt Practices Act. The managing director admitted that he had conspired to evade Morgan Stanley’s internal accounting controls in order to transfer a multi-million dollar ownership interest in a Shanghai building to himself and a Chinese public official. The Department announced that it was declining to bring any enforcement action against Morgan Stanley – in large part because the bank had voluntarily disclosed the misconduct, cooperated throughout the investigation, and had constructed and maintained a system of internal controls that provided reasonable assurances that its employees were not bribing government officials. Our decision not to prosecute Morgan Stanley was founded primarily on the strength of its robust and active compliance program.
But where we do not see such exemplary conduct, we must – and we will – use all of the tools available to us to hold banks answerable for their crimes.
When we see criminal violations in multiple business units or locations, we will hold banks accountable. When we see compliance programs that are not comprehensive, or are not funded, or lack sufficient resources to be effective, we cannot give them credit. When we see repeat players – such as banks that have previously entered into non-prosecution agreements or deferred prosecution agreements with the Department, and yet come under scrutiny again for other violations of law – we will have no choice but to consider all of the possible actions at our disposal. And when we see crimes condoned by management, banks, like all corporations, will face significant consequences.
Of course, we are mindful of the consequences of our actions, and we must act responsibly. Collateral consequences, including harm to innocent employees and to the public, is one of the nine factors we carefully consider in determining what action to take. And in this regard, we work closely with our regulatory partners, both here and abroad, to ensure that we understand the specific, likely consequences for a bank when it is accused of criminal conduct or when when it is resolving criminal conduct. And we take steps to minimize those consequences, while holding the individuals and institutions that are responsible to account. But to be clear, the size of a financial institution does not mean that it gets immunity in a criminal case.
The last session in this conference is entitled “What to tell your CEO when you return to the bank: A 30-minute recap of the critical issues from the conference.” With this in mind, here is my message to you: Businesses need to create a culture of compliance. To do this, compliance programs must be real, effective, and proactive. Banks need to think more broadly about problems within their institutions, and redouble their efforts to detect and prevent them. It will never be enough merely to identify and address a particular problem once it surfaces. If we see illegal conduct at a number of the bank's business units, the old saw of "It's an isolated instance of bad actors in a single business unit. The institution as a whole should not be held accountable" won't cut it. Instead, banks must actively seek out whether there could be similar misconduct elsewhere. They must analyze what steps are necessary to reduce the risk of such misconduct occurring. And then they must take those steps. All banks should demonstrate their institutional commitments to ensuring that a clear and powerful message is being sent to their employees: that compliance matters, and if they cross the line, both they and their employer will face serious consequences. I know these can be difficult messages to deliver, but they are important messages to deliver -- messages that in the long run are good for the bank as well as good for society as a whole.
I want to thank you for the opportunity to discuss these issues with you today. I’m grateful for your hard work, your dedication to the goals we share, and your resolve to help strengthen compliance programs and instill cultures of accountability throughout the financial sector. I look forward to continuing this critical dialogue at future forums like this one.