By Andrew A. Turner, J.D.
Gibraltar Private Bank and Trust Company of Coral Gables, Fla., has been assessed with civil money penalties by the Financial Crimes Enforcement Network and the Office of the Comptroller of the Currency for willful anti-money laundering compliance violations that led to its failure to monitor and detect suspicious activity despite red flags. The penalties will be satisfied by payments of $1.5 million to the Treasury Department and $2.5 million for the penalty imposed by the OCC.
The OCC, Gibraltar’s primary regulator, had previously placed it under a consent order to address deficiencies in the bank’s compliance program and customer due diligence and reporting obligations. These deficiencies ultimately caused Gibraltar to fail to timely file at least 120 suspicious activity reports (SARs) involving nearly $558 million in transactions occurring during the period of 2009 to 2013, much of which related to a $1.2 billion Ponzi scheme perpetrated by Scott Rothstein.
“We may never know how that scheme might have been disrupted had Gibraltar more rigorously complied with its obligations under the law. This bank’s failure to implement and maintain an effective AML program exposed its customers, its banking peers, and our financial system to significant abuse,” said FinCEN Director Jennifer Shasky Calvery.
Transaction monitoring. FinCEN found that Gibraltar’s transaction monitoring system contained incomplete and inaccurate account opening information and customer risk profiles, which hindered its compliance staff from adequately spotting unusual account activity. Gibraltar also failed to sufficiently address an automated monitoring system that generated an unmanageable number of alerts, including large numbers of false positives, which caused significant delays in Gibraltar’s review.
The deficiencies of Gibraltar’s SAR reporting were also due in part to Gibraltar’s investigation process. In particular, Gibraltar allowed the Rothstein investigation to languish and did not file a suspicious activity report on Rothstein-related activities until after information regarding his activities appeared in the media.
Risk assessment. Gibraltar did not adequately risk rate its high net-worth private banking customers, like Scott Rothstein, FinCEN said. As a result, the bank applied insufficient scrutiny to his and related accounts, and missed significant red flags. In addition, Gibraltar did not have up-to-date, accurate, and verified information to enable it to conduct its annual risk assessment.
For more information about anti-money laundering compliance issues, subscribe to the Banking and Finance Law Daily.