Shinhan Bank reaches $25m settlement over compliance issues

Three US regulatory agencies take enforcement against Shinhan Bank America for violations of mandates involving suspicious activity monitoring and reporting.

Shinhan Bank America (SHBA), the US unit of South Korea’s Shinhan Bank, has agreed to pay $25m to settle investigations into alleged compliance problems pursuant to a consent order entered into with the New York State Department of Financial Services (NYDFS), Federal Deposit Insurance Corporation (FDIC) and the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN). 

The consent order resolves the Department’s investigation into repeated violations of Bank Secrecy Act/Anti-Money Laundering (BSA/AML) requirements and New York law.

SHBA admitted to willfully violating the BSA from April 2016 through March 2021, by failing to implement and maintain an effective AML program that was reasonably designed to guard against money laundering and failing to timely report several hundred transaction involving suspicious financial activity by its customers processed by, at, or through the bank.  

Tax evasion and other crimes

As a result, tens of millions of dollars in suspicious transactions were not reported to the regulators in a timely manner, including transactions connected to tax evasion, public corruption, money laundering, and other financial crimes, the enforcement agencies said.

The agencies noted that SHBA’s BSA/AML programs suffered from material deficiencies and that it neglected to remediate them over a period of years. Despite prior enforcement actions by the FDIC in 2017 and the FDIC in 2020, the Bank failed to address weaknesses and unsafe and unsound conditions, the NYDFS said in its announcement of the consent order.

“Today’s action should serve as a reminder to banks of all sizes that AML program deficiencies must be promptly and effectively addressed.”

Andrea Gacki, director, FinCEN

SHBA’s transaction monitoring system “lacked basic predetermined scenarios needed to flag abnormal activity,” and it “adhered to a 90-day timeline to file SARs,” which is beyond the statutory timeline, according to the FinCEN enforcement action.

FinCEN assessed a civil money penalty of $15m and the FDIC assessed one for $5m for related violations; FinCEN will credit that penalty. The NYDFS also assessed a civil penalty of $10m for AML-related violations. 

“Today’s action should serve as a reminder to banks of all sizes that AML program deficiencies must be promptly and effectively addressed,” FinCEN head Andrea Gacki said.

Prior deficiencies not remediated

By 2020, SHBA had not yet satisfied the terms of a 2017 FDIC consent order regarding its BSA/AML program deficiencies. As a result, in May 2020, the NYDFS and SHBA entered into a Memorandum of Understanding (MOU) to address the bank’s ongoing problems.

Among other things, the MOU required SHBA to submit written reports detailing the remediation of its BSA/AML compliance program, suspicious activity monitoring and reporting procedures, customer due diligence procedures, and internal audit program. By agreeing to the terms and conditions of the MOU, SHBA committed to remediating its prior problems and addressing the goals outlined in the MOU, but it failed to do so, the NYDFS said.

Additionally, it incorrectly certified compliance with Part 504.3 of NYDFS regulations for calendar years 2019 and 2020, despite having an action plan in place to address the number of material deficiencies within its transaction monitoring and filtering programs. (Under NYDFS rules, regulated Institutions must maintain a transaction monitoring program reasonably designed for the purpose of monitoring transactions after their execution for potential BSA/AML violations and suspicious activity reporting.)

The NYDFS said it gave substantial weight to the cooperation of the bank and recognized its recent efforts toward building an effective and sustainable BSA/AML compliance program.

The NYDFS said it gave substantial weight to the cooperation of the bank and recognized its recent efforts toward building an effective and sustainable BSA/AML compliance program, including transitioning to a more sophisticated transaction monitoring system, hiring additional vendors and consultants to validate and finetune its transaction monitoring system, increasing its BSA/AML staffing, and improving its BSA policies and procedures.

In addition to submitting a new BSA/AML program action plan to the NYDFS, every six months, beginning six months after the NYDFS’s approval of it, SHBA must submit to the department a written status update detailing its progress.

Key points to note

First, SHBA had poor BSA/AML examinations continuously between 2015 and 2021, but it failed to adopt the affirmative remedial efforts it had agreed to take, maintaining poor internal controls to alert them to this failure, and signaling a disregard for the duties banks have under BSA/AML rules to identify and report suspicious transactions relevant to possible violations in SARs.

Second, each of the three agencies involved in the case took its own actions within that six-year timeframe to specifically outline to SHBA what it needed to do to meet its obligations under its BSA and New York regulatory obligations. Those included increasing its supervision over its AML personnel, appointing a designated person to coordinate and monitor its BSA compliance, and revising and then validating its system of internal controls to ensure ongoing compliance with the BSA. The problems persisted, despite the specific directives, leading to this action. 

Third, and related to the last point, the repeated violations here showcase how if you go cheap on staffing and implementing the right technology in the BSA and AML arenas, you will likely pay for it. May not be now, but it will happen. And penalties and reputational risk don’t usually get smaller when repeatedly triggered.

Fourth, the NYDFS notes that SHBA had more than $1.8 billion in assets at the end of March and operates 15 branches in the US, focusing on areas with larger Korean populations, such as New York, California, Texas and Georgia. The bank has the resources to meet the bedrock banking regulations pertaining to money laundering monitoring and reporting.

Other legal issues facing SHBA

As the WSJ notes, SHBA faces a lawsuit in federal court in Manhattan brought by several former employees including James Park, who was a Senior Vice President and BSA Officer at the bank. They allege Korean expat employees surveilled US compliance staff and obstructed their work, and the former employees behind the suit claim the bank fired them in violation of US whistleblower laws. 

In legal filings, the bank has said it terminated the employees for performance reasons and asked a judge to throw out the suit. A representative for the bank declined to comment beyond its statement to the WSJ.