Categories
Blog

TD Bank: Part 3 – Lessons Learned for Compliance

We continue our exploration of the resolution of the AML/BSA enforcement action involving the TD Bank US (the Bank) wholly owned by the TD Bank Group,  a publicly traded (NYSE: TD) international banking and financial services corporation headquartered in Toronto, Canada. Today, we explore some key lessons learned for the AML compliance professional. We begin with what Attorney Merrick Garland noted: “Three money laundering networks took advantage of TD Bank’s failed anti-money laundering system.”

The 3 Money-Laundering Scheme

The David Scheme

Da Ying Sze, also known as David, used the Bank as a money laundering and unlicensed money transmitting scheme for which he pled guilty in 2022. David conspired to launder and transmit over $653 million, with more than $470 million laundered through TDBNA. He bribed bank employees with over $57,000 in gift cards to facilitate the scheme. David laundered money by depositing large amounts of cash, sometimes exceeding $1 million in a single day, into accounts opened by other individuals. He also instructed bank employees to send wires and issue official checks. The Bank needed to correctly identify David as the person conducting the transactions in over 500 CTRs, which covered more than $400 million in transaction value, despite David directly depositing large cash sums into accounts he allegedly did not control.

Bank Insiders

Five Bank employees provided material assistance to a second money laundering scheme, which laundered millions of dollars from the United States to Colombia. The five individuals, referred to as “TDBNA Insiders,” held various positions within the bank, including Financial Service Representative, Retail Banker, Assistant Store Manager, and Store Supervisor at TDBNA stores in New Jersey and Florida. These insiders helped the money laundering networks by opening accounts and providing dozens of ATM cards used to launder funds through high-volume ATM withdrawals. They also assisted in maintaining these accounts by issuing new ATM cards and overcoming internal controls and freezes on account activity. Through these actions, approximately $39 million was laundered through the bank. Despite significant internal red flags, TDBNA did not identify the insiders’ involvement in the money laundering scheme until law enforcement arrested Insider-1 in October 2023.

Shell Company Scammers

From March 2021 through March 2023, a money laundering organization known as “MLO-1,” which claimed to be involved in the wholesale diamond, gold, and jewelry business, maintained accounts for at least five shell companies at the Bank. These accounts moved approximately $123 million in illicit funds through the bank. The Bank knew these shell companies were connected, sharing the same account signatories. Despite these red flags, The Bank did not file a Suspicious Activity Report (SAR) on MLO-1 until law enforcement notified the bank in April 2022. By then, MLO-1’s accounts had been open for over 13 months and had transferred nearly $120 million through TDBNA.

Lessons Learned

This enforcement action is a sobering reminder of compliance’s critical role in preventing and detecting financial crimes like money laundering. With over $470 million laundered in one scheme, $39 million moved through insiders, and $123 million transferred via shell companies, significant compliance failures occurred.  Of course, these are only a part of the $18.3 trillion in transactions that the Bank does not monitor due to its conscious compliance failures. These incidents underscore the importance of maintaining robust internal controls, employee oversight, and proper reporting mechanisms.

Failing to Detect Obvious Red Flags

In this case, one of the most glaring issues is the bank’s failure to identify the obvious red flags associated with laundering large sums of money. In the case of David, the Bank failed to file accurate CTRs for over $400 million in transactions. David regularly deposited enormous amounts of cash, over $1 million in a single day, into accounts opened by others, yet the bank failed to link him to these transactions.

The key takeaway for compliance professionals is to ensure that their systems are calibrated to flag suspicious activities, especially when transactions exceed certain thresholds. Large cash deposits, frequent activity involving multiple accounts, and nominee account holders should always trigger enhanced due diligence and review. Automated systems must be updated and combined with human oversight to catch these patterns.

The Role of Corrupt Employees in Facilitating Money Laundering

The involvement of the Bank Insiders in the second laundering scheme is a textbook example of how internal corruption can undermine even the most sophisticated compliance programs. These employees assisted money laundering networks by opening accounts, providing ATM cards, and circumventing internal controls and account freezes. In exchange, they received bribes, showing the vulnerability of staff in critical roles.

This scenario mandates why employees must undergo regular anti-bribery and anti-corruption training to reinforce the consequences of accepting bribes and engaging in unethical behavior. In addition, a strong compliance culture should include mechanisms for detecting internal misconduct, such as anonymous reporting systems and independent audits to identify corrupt employees early. Creating ethical guardrails within your organization, alongside frequent checks and balances, can protect against insider threats.

CTRs and SARs Must be a Priority

A key regulatory requirement under the Bank Secrecy Act (BSA) is the filing of Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs). The Bank’s failure to file accurate CTRs in David’s case and delayed filing of SARs in the Shell Company Scammers scheme underscores how devastating the consequences can be when compliance teams do not take their regulatory obligations seriously. Even after identifying that shell companies were linked to each other by shared account signatories, the Bank failed to act quickly, allowing nearly $120 million to be laundered through their systems.

The timely filing of CTRs and SARs is not just a best practice; it is a regulatory requirement. Compliance officers must ensure that processes for flagging suspicious activity are effective and swift. Training staff to recognize when CTRs and SARs are needed and implementing systems that automatically flag transactions for review will help ensure compliance with reporting obligations.

Third-Party Risk and Shell Companies: Know Your Customer (KYC) Failures

The shell companies used to launder $123 million demonstrate a significant lapse in the bank’s Know Your Customer (KYC) protocols. The Bank knew the shell companies were linked by the same account signatories yet failed to act for over a year. This gap in KYC enforcement allowed significant funds to pass through without appropriate scrutiny or action.

KYC processes should be foundational to every compliance program. Regular reviews and enhanced due diligence are required when dealing with high-risk entities like shell companies. Compliance professionals should prioritize the identification of ultimate beneficial ownership (UBO) and remain vigilant when patterns suggest potential fraud, even if account openings appear legitimate at first glance. Your KYC protocols must also integrate ongoing monitoring, not just one-time checks.

The Consequences of Ignoring Red Flags

Across all three schemes, the Bank ignored significant internal red flags—whether employees directly deposited large sums of cash, insiders actively assisting in laundering activities, or shell companies linked by shared signatories. Compliance must be more than just a checkbox exercise. Red flags must be taken seriously and escalated quickly to prevent further damage.

Compliance teams must be empowered to act decisively when red flags are raised. This includes having the authority to freeze accounts, file reports, and escalate issues to senior management and regulatory authorities when needed. Additionally, a strong culture of compliance, backed by leadership, should encourage immediate action when suspicious activity is detected.

Monitoring and Auditing: Preventing Future Failures

Finally, this case reveals the importance of ongoing monitoring and regular auditing. In all three schemes, the Bank failed to sufficiently monitor account activities and employees, which allowed the laundering schemes to continue for extended periods. Regular audits and automated transaction monitoring systems are essential to detect and prevent similar issues.

Auditing and monitoring systems should be built into your compliance framework, focusing on high-risk accounts, employees, and geographies. By continuously reviewing and auditing compliance processes, teams can identify gaps early and prevent further exploitation. Technology can be key in monitoring, but human oversight is critical to analyzing more complex behavior patterns.

This enforcement action is a stark reminder of the consequences of weak compliance controls, employee corruption, and failure to act on red flags. For compliance professionals, the lessons from this case are clear: robust internal controls, continuous training, effective KYC procedures, and timely reporting are essential to preventing and detecting money laundering. By learning from these failures, compliance officers can strengthen their programs and ensure their organizations remain vigilant in the fight against financial crime.

I will explore this matter in depth over the next several blog posts. Tomorrow, I will consider the Bank’s culture and flat cost paradigm.

Resources

OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lessons on Post – Acquisition Integration and Investigation in M&A from John Deere

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

The rules for compliance programs on post-acquisition integration and investigation are set out in the DOJ M&A Safe Harbor Policy. Learn and implement them.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Adventures in Squeezing Out Compliance – TD Bank’s Flat Cost Paradigm

The award-winning Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the TD Bank BSA and AML enforcement action, which led to $3 billion in fines and penalties.

Tom and Matt discuss TD Bank’s conscious strategy of not raising the budget, known as the Flat Cost Paradigm or Zero Expense Growth Paradigm, and how this strategy severely restricted the Bank’s compliance and AML functions. This tactic aimed to increase profits by keeping expenditures flat year after year. The impact of this strategy is particularly evident in the global AML team’s expenditures on the U.S. anti-money laundering program, which decreased in 2021 compared to 2018. Despite significantly growing U.S. assets and net income, the bank refrained from increasing its budget for essential programs, a fact highlighted in the Justice Department indictment. The Bank’s strategy serves as a clear warning about the dangers of prioritizing profits over compliance.

Key Highlights:

  • Introduction to the Flat Cost Paradigm
  • Details of the Budget Strategy
  • Impact on Anti-Money Laundering Efforts
  • Financial Growth Amidst Budget Constraints

Resources:

  1. Blogs

Matt in Radical Compliance

Tom in the FCPA Compliance and Ethics Blog

  1. Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

  1. Enforcement Related Material

OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

 DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Great Women in Compliance

Great Women in Compliance: Maria Lancri – Successful Global Compliance: A View from France and The EU

In this episode of the Great Women in Compliance podcast, Lisa speaks with Maria Lancri. Maria is a partner at Squair, based in Paris, and has experience both in law firms and in-house, spending 12 years at Hachette Livre—Hachette Books to English speakers like me. She is a member of the Steering Committee at Sorbonne D.U. Compliance & Ethique des Affaires. She is also a leading speaker about the EU and French compliance laws, doing so in various languages (and provides some tips on how she has been successful).

Maria provides information about the French anti-bribery and anti-corruption laws, including their history and current application. She provides timely information about the Sapin II framework in France as well as the current EU Landscape.

While the US laws often lead the global discussion about anti-corruption and anti-bribery, the EU has led in data privacy, ESG, and now AI, and some of the key issues over the next year that are relevant to global organizations.

Maria and Lisa discuss the cultural challenges that E&C professionals may encounter in a global practice and how to support ethical decision-making when you have a multi-cultural employee base.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Daily Compliance News

Daily Compliance News: October 16, 2024 – The Gone in 60 Seconds Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Canada’s reputation for clean banking gone in 40 minutes.  (The Globe and Mail)
  • Grewal moves to Wall Street. (WSJ)
  • Which EU country is the most corrupt? (EuroNews)
  • It wasn’t the AML; it was intentionally starving compliance. (Bloomberg)