Last week FINRA fined Raymond James & Associates, Inc. (RJA) and Raymond James Financial Services, Inc. (RJFS), a total of $17 million for widespread AML compliance failures. Most notable perhaps was this fact: RJA’s former AML Compliance Officer was personally fined $25,000 and suspended for three months by FINRA, effectively ending her AML compliance career. According to J. Bradley Bennett, FINRA’s Executive VP of Enforcement, additional anti-money laundering and enforcement cases are coming soon.
So what can be learned from the Raymond James fine to make sure your institution (and you) are not the next focus of FINRA or other regulators.
Plain and simple, the Raymond James companies and AML Compliance Officer were “fined for allowing certain red flags of potentially suspicious activity to go undetected or inadequately investigated from 2002 through 2013.”
Looking at the FINRA order, it becomes very clear the Raymond James failure was a failure to identify and analyze publicly available adverse media information, and a failure to conduct proper suspicious activity investigations.
Examples of AML investigations that were identified as deficient:
- When RJA conducted due diligence on an Ecuadorian bank customer at account opening, RJA’s adverse news information service identified a negative news report about the Ecuadorian bank’s subsidiary. RJA contracted with a third-party vendor to obtain adverse news information about customers and potential customers, but rather than having the vendor send the reports to the RJA AML Department, RJA had the vendor send reports to the RJA Credit Department. Adverse news information was not available or consistently escalated to the RJA AML Department, and in the case of the Ecuadorian bank’s subsidiary news, RJA’s Credit Department did not escalate the report to the AML Department to consider since the news did not directly involve the RJA customer. RJA conducted diligence on the bank customer’s president, but not the individual who had trading authorization over the account. If RJA’s AML Department had received the negative news about the bank’s subsidiary and reasonably investigated the news and the customer’s control person, it would have identified negative news that the person who held trading authorization and the subsidiary of the Ecuadorian bank each had been sanctioned by FinCEN and OCC for AML deficiencies.
- RJA did not reasonably investigate suspicious wire transfers sent from the personal account of a RJA foreign affiliate’s financial advisor into the accounts of his own foreign customers. In total, 194 customers of the same foreign financial advisor transferred over $10 million in third-party wires to a non-RJA client unregistered currency exchange business in the United States. RJA and Busby (the AML Officer) eventually opened an investigation in March 2012, which Busby conducted herself, into the non-client unlicensed currency exchange business, but the investigation was inadequate. For example, RJA failed to identify news reports that the non-client unregistered currency exchange business in the United States had been sanctioned by the U.S. Department of Treasury in 2009 relating to embargo program violations.
- RJA and Busby identified some red flags associated with the outgoing third-party wire transfer of $250,000 to a Panamanian bank account, but failed to reasonably investigate multiple red flags, which included: ( 1) the round dollar amount; (2) the stated purpose of ”export banana shipment” was inconsistent with the accounts’ prior activity relating to gold mining; (3) the individual receiving the funds was in Ecuador but the funds were transferred to Panama; and (4) the Letter of Authorization provided to RJA by the customer was dated a day before the invoice provided by the customer. One month after the RJA investigation, the owner of the Panamanian account was subsequently arrested in Venezuela and deported to Colombia for alleged money laundering.
- RJA’s failure to reasonably monitor journaling between accounts, combined with its failure to reasonably monitor incoming wires and inadequate investigation of red flags, also caused RJA to fail to adequately investigate activity in the 18 accounts related to an RJA customer JCM. JCM-related entities actively moved funds between the 18 accounts, often with no trading activity, including movement of $2 million to a South Korean bank account for the benefit of a third-party. In 2013, RJA opened two investigations into transactions in the JCM-related accounts, one after the $2 million wire appeared on the Foreign Disbursements Report and one after an SEC request relating to JCM, but these investigations failed to reasonably investigate all of the JCM-related account activity. RJA also closed 70 alerts generated from the Excessive Wires Report for these accounts without any documented rationale.
- RJA’s failure to have reasonable reports to review for patterns and trends across trading activity also led to the firm’s failure to identify red flags in the accounts of a foreign bank, BP. Over the period of January 2012 through October 2013, in which Busby was the RJA AMLCO for approximately thirteen months, BP engaged in short-term in-and-out trading of over $70 million in U.S. Treasury Bonds. Many of these transactions were in round dollar amounts, and many of the sales were followed by the almost immediate purchase of the same bond at a higher price which appeared to lack economic purpose. Such in-and-out activity without economic purpose by a foreign entity was a red flag of suspicious activity that was not detected by RJA or Busby.
The two overwhelming themes in the above examples are the failures to identify and escalate public adverse media and risk information and the failure to identify transaction red flags indicative of high risk activity. Even with all of the policies in the world in place, if an AML group is understaffed, lacks training, or doesn’t have the adequate tools to perform their function there will continue to be lapses similar to what was seen at Raymond James.