In any corporate compliance program, chief compliance officers must be mindful that their programs are not guaranteed to maintain consistent levels of funding from year to year. Factors such as expanding or contracting business operations, declining business conditions, or external events such as recessions or COVID may require various year-to-year adjustments in a compliance program’s staffing levels and internal controls operations.[1]
Even so, it is essential that senior management in any company or financial institution recognize and accept the fact that at all times, the compliance programs in their enterprise must be adequately resourced and empowered to function effectively.[2] What a company’s senior leadership may not do, under any circumstances, is to make decisions that, over time, systematically starve critical compliance programs of resources essential to the effectiveness of those programs.
On October 10, the Department of Justice, the Financial Crimes Enforcement Network (FinCEN), the Office of the Comptroller of the Currency (OCC), and the Federal Reserve Board (FRB) announced an extraordinary set of coordinated criminal and civil resolutions involving TD Bank, N.A. and its parent company TD Bank US Holding Company (collectively TD Bank) for systematic and years-long violations of the Bank Secrecy Act (BSA) and money laundering. Collectively, the four agencies’ enforcement actions included –
- Guilty pleas by TD Bank to conspiring to fail to maintain an anti-money laundering (AML) program that complies with the BSA, fail to file accurate Currency Transaction Reports (CTRs), and launder money – reportedly the first bank in history to do so[3];
- The payment of more than $3.09 billion in criminal and civil monetary penalties, after crediting of certain interagency payments;
- An asset cap, with prolonged noncompliance triggering further potential reductions, business restrictions, board certification prior to dividend payments, a third-party assessment of the bank’s BSA/AML program, comprehensive corrective action, and a suspicious activity review lookback; and
- A four-year independent monitorship to oversee TD Bank’s required remediation.
Because of the extraordinary size and scope of the penalties that the four agencies imposed on TD Bank, this post will focus on the bank’s criminal resolution with the Justice Department, including the details of the multiple dimensions of TD Bank’s compliance failure. A second post will focus on TD Bank’s resolutions with the regulatory agencies, and provide observations on the lessons to be learned from this case.
Key Elements of TD Bank’s AML Compliance Failure
According to the Justice Department’s press release[4], which reflects the agreed statement of facts between the Department and TD Bank[5], between January 2014 and October 2023 TD Bank
had long-term, pervasive, and systemic deficiencies in its U.S. AML policies, procedures, and controls but failed to take appropriate remedial action. Instead, senior executives at TD Bank enforced a budget mandate, referred to internally as a “flat cost paradigm,” requiring that TD Bank’s budget not increase year-over-year, despite its profits and risk profile increasing significantly over the same period. Although TD Bank maintained elements of an AML program that appeared adequate on paper, fundamental, widespread flaws in its AML program made TD Bank an “easy target” for perpetrators of financial crime.[6]
The Department stated that over the previous decade,
TD Bank’s federal regulators and TD Bank’s own internal audit group repeatedly identified concerns about its transaction monitoring program, a key element of an appropriate AML program necessary to properly detect and report suspicious activities. Nonetheless, from 2014 through 2022, TD Bank’s transaction monitoring program remained effectively static, and did not adapt to address known, glaring deficiencies; emerging money laundering risks; or TD Bank’s new products and services. For years, TD Bank failed to appropriately fund and staff its AML program, opting to postpone and cancel necessary AML projects prioritizing a “flat cost paradigm” and the “customer experience.”[7]
The Department also stated that throughout this period, “TD Bank intentionally did not automatically monitor all domestic automated clearinghouse (ACH) transactions, most check activity, and numerous other transaction types, resulting in 92% of total transaction volume going unmonitored from Jan. 1, 2018, to April 12, 2024. This amounted to approximately $18.3 trillion of transaction activity.” TD Bank’s AML compliance failure included still other dimensions:
TD Bank also added no new transaction monitoring scenarios and made no material changes to existing transaction monitoring scenarios from at least 2014 through late 2022; implemented new products and services, like Zelle, without ensuring appropriate transaction monitoring coverage; failed to meaningfully monitor transactions involving high-risk countries; instructed stores to stop filing internal unusual transaction reports on certain suspicious customers; and permitted more than $5 billion in transactional activity to occur in accounts even after the bank decided to close them.[8]
As a direct consequence of these manifold dimensions of compliance failure, three money laundering networks were able
to collectively transfer more than $670 million through TD Bank accounts between 2019 and 2023. Between January 2018 and February 2021, one money laundering network processed more than $470 million through the bank through large cash deposits into nominee accounts. The operators of this scheme provided employees gift cards worth more than $57,000 to ensure employees would continue to process their transactions. And even though the operators of this scheme were clearly depositing cash well over $10,000 in suspicious transactions, TD Bank employees did not identify the conductor of the transaction in required reports. In a second scheme between March 2021 and March 2023, a high-risk jewelry business moved nearly $120 million through shell accounts before TD Bank reported the activity. In a third scheme, money laundering networks deposited funds in the United States and quickly withdrew those funds using ATMs in Colombia. Five TD Bank employees conspired with this network and issued dozens of ATM cards for the money launderers, ultimately conspiring in the laundering of approximately $39 million.[9]
The Justice Department’s Responses
The Justice Department’s investigation of these money laundering and BSA violations resulted not only in charging more than two dozen individuals, including two bank insiders, across the money-laundering schemes described above, but in obtaining guilty pleas from both TD Bank, N.A. and its parent company, TD Bank US Holding Company. TD Bank, N.A. pleaded guilty to a one-count information charging it with conspiring to fail to maintain an anti-money laundering (AML) program that complies with the BSA, fail to file accurate Currency Transaction Reports (CTRs), and launder money.[10] For its part, TD Bank US Holding Company pleaded guilty to a separate two-count information charging it with causing TDBNA to fail to maintain an AML program that complies with the BSA and to fail to file accurate CTRs.[11]
As part of its plea agreement, TD Bank agreed to forfeit $452,432,302.00 (with the Justice Department crediting $123.5 million of the forfeiture to the FRB resolution) and pay a criminal fine of $1,434,513,478.40, for a total financial penalty of $1,886,945,780.40; to retain an independent compliance monitor for three years and to remediate and enhance its AML compliance program; and to provide continued cooperation in ongoing investigations of individuals.
The Department stated that it reached its resolution with TD Bank based on a number of factors, including the nature, seriousness, and pervasiveness of the offenses. In particular, in applying the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy[12], the Department stated that TD Bank did not voluntarily disclose its wrongdoing, but received partial credit “for its strong cooperation with the Department’s investigation and the ongoing remediation of its AML program.” The Department added, however, that “TD Bank did not receive full credit for its cooperation because it failed to timely escalate relevant AML concerns to the Department during the investigation. Accordingly, the total criminal penalty reflects a 20% reduction based on the bank’s partial cooperation and remediation.”[13]
Footnotes
[1] See, e.g., Adrienne Appel, Compliance budgets, staffing brace for impact of recession prep efforts, in Compliance Week, ‘Inside the Mind of the CCO’ on the 2022-23 compliance landscape 9 (December 2022), https://d6jxgaftxvagq.cloudfront.net/Uploads/b/h/u/dec2022itmebook_432967.pdf.
[2] See Criminal Division, U.S. Dep’t of Justice, Evaluation of Corporate Compliance Programs 10 and 12-13 (revised September 2024), https://www.justice.gov/criminal/criminal-fraud/page/file/937501/dl.
[3] Christian Hancock and Jonathan Harrington, TD Bank’s Historic $3.1B Money Laundering Settlement a Warning to All Financial Institutions, JD Supra, October 17, 2024, https://www.jdsupra.com/legalnews/td-bank-s-historic-3-1b-money-6370754/.
[4] U.S. Department of Justice, TD Bank Pleads Guilty to Bank Secrecy Act and Money Laundering Conspiracy Violations in $1.8B Resolution, October 10, 2024, https://www.justice.gov/opa/pr/td-bank-pleads-guilty-bank-secrecy-act-and-money-laundering-conspiracy-violations-18b.
[5] See Agreed Statement of Facts, U.S. Department of Justice, Plea Agreement, U.S. v. TD Bank, N.A. (October 10, 2024), https://www.justice.gov/opa/media/1373336/dl.
[6] U.S. Department of Justice, supra note 4.
[7] Id.
[8] Id.
[9] Id.
[10] See Plea Agreement, United States v. TD Bank, N.A., Crim. No. 24- 667 D.N.J., filed October 10, 2024), https://www.justice.gov/opa/media/1373346/dl.
[11] See Plea Agreement, United States v. TD Bank US Holding Company, Crim. No. 24- 668 (D.N.J., filed October 10, 2024), https://www.justice.gov/opa/media/1373341/dl.
[12] See U.S. Department of Justice, Justice Manual §9-47.120 – Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy, https://www.justice.gov/criminal/criminal-fraud/file/1562831/dl?inline.
[13] See U.S. Department of Justice, supra note 4.
Jonathan J. Rusch is Director of the U.S. and International Anti-Corruption Law Program and Adjunct Professor at American University Washington College of Law and a Senior Fellow with the NYU Program on Corporate Compliance and Enforcement at New York University Law School.
The views, opinions and positions expressed within all posts are those of the author(s) alone and do not represent those of the Program on Corporate Compliance and Enforcement (PCCE) or of the New York University School of Law. PCCE makes no representations as to the accuracy, completeness and validity or any statements made on this site and will not be liable any errors, omissions or representations. The copyright of this content belongs to the author(s) and any liability with regards to infringement of intellectual property rights remains with the author(s).