How this bank’s anti-laundering blunders became a ‘sales tool’

At the end of a yearslong project to remediate its anti-money-laundering compliance systems, Gibraltar Private Bank & Trust CEO Angel Medina wondered if it was worth all the trouble and expense.

But he eventually decided, with its consent order terminated earlier this summer, that the $1.6 billion-asset bank in Coral Gables, Fla., will seek to turn the pain and agony it endured into a competitive advantage — namely, being a bank that can confidently seek out affluent, but high-risk, clientele that rivals might be afraid to serve in the current regulatory environment.

“We have taken what would otherwise be a compliance matter and created a sales tool,” said Medina, who was promoted from president to CEO in September 2016.

“Matter” perhaps is an understatement. Few banks have run the gantlet that Gibraltar did, said Ross Delston, a Washington attorney who advises banks on AML and Bank Secrecy Act matters.

AB-GIBRALTAR-090517.jpeg

A Gibraltar customer began circulating funds from a $1.2 billion Ponzi scheme through the bank in 2009, regulators said. The client, Florida attorney Scott Rothstein, was sentenced in 2010 to 50 years in prison for his role in the scheme. Some of the fallout for Gibraltar included the dismissal of the bank’s founder and former CEO, Steven Hayworth, and subsequent litigation alleging wrongful termination. Then in 2016 the bank was fined a total of $4 million by the Office of the Comptroller of Currency and the Treasury Department’s Financial Crimes Enforcement Network for violations of BSA provisions.

Gibraltar’s staff ballooned to 278 full-time employees, about 12% of whom are assigned to BSA/AML compliance, as a result of the remediation project. Gibraltar also brought in a new anti-laundering department head, luring Sara Christie in 2014 from the $780 million-asset Helm Bank USA in Miami. Medina declined to say which BSA/AML software program the bank acquired or how much it spent on the entire project.

More banks should consider this kind of overhaul, Delston said.

“There has to be a consciousness that unusual and suspicious transactions can occur at any time and at any bank,” Delston said.

It is true, though, that suspicious activity is more likely to occur at a bank with wealthy clients bringing in money from outside the country, said David Stewart, director of the security intelligence for banks practice at SAS in Cary, N.C. Some banks would rather avoid the risk, he said.

“If your bank is being required to spend a lot of money to manage those high-risk relationships, some institutions may just decide to not be in those businesses,” Stewart said.

Medina might not wish the journey on his worst enemy. “The amount of money and time and effort was really a lesson in survival and resiliency,” he said.

The problems at Gibraltar were profound and pervasive. Gibraltar failed to file timely suspicious activity reports, according to Fincen’s report assessing the civil penalty. The bank had insufficient systems for monitoring transactions and for creating accurate risk profiles for customers.

Perhaps most problematic is that when the bank received an alert about potential suspicious activity, it closed the book on too many alerts that should have been escalated for deeper examination, Fincen said in the report. That led to the ongoing perpetration of the Ponzi scheme.

After overhauling its compliance systems, Medina said that Gibraltar is better prepared than its competitors to handle the complex financial needs of wealthy clients.

“Our markets are South Florida and New York, so we deal with high rates of financial crimes and high rates of drug trafficking,” Medina said. “Fraud is very prevalent in our markets. We’re at the forefront of requiring additional information from our clients, and we know how to have tough conversations with them.”

Gibraltar is far from the only bank to have beefed up its BSA-AML compliance measures. Other institutions with ongoing projects include the $215 billion-asset BB&T in Winston-Salem, N.C.; the $24 billion-asset Investors Bancorp in Short Hills, N.J.; and the $7 billion-asset Ameris Bancorp in Moultrie, Ga.

“We’ve made substantial investments in BSA that go significantly above the standards that the [Federal Deposit Insurance Corp.] is expecting,” Ameris CEO Edwin Hortman said in a July 21 conference call. “We’ve [spared] no expense.”

Then there’s the $124 billion-asset M&T Bank in Buffalo, N.Y., which Delston called the “poster child” for the concept that “no one is safe” from making BSA/AML improvements.

M&T paid the price in more ways than one for its inadequate anti-money-laundering compliance systems. Its planned purchase of Hudson City Bancorp was delayed more than three years as it spent about $400 million to remediate compliance controls.

“We [reviewed] literally every single customer in the bank to better understand who they were and the type of business they conducted and what purpose,” M&T Vice Chairman Richard Gold said in an interview with the Buffalo News.

Anti-money-laundering compliance is also an area for cutting-edge fintech developments. The 10 largest U.S. banks each has launched a program to test artificial intelligence applications for BSA/AML compliance, Stewart said. And IBM acquired the bank consulting firm Promontory Financial Group in part to enhance the regulatory capabilities of its artificial intelligence product Watson.

AI technology is seen a possible means to lowering banks’ compliance costs, Stewart said.

“The technology is mostly there,” he said. “The challenge is that it’s going to take years” to persuade executives to abandon their outdated ideas surrounding compliance.

In the meantime, it remains a fact that most banks have inadequate systems for detecting money laundering and other financial crimes, Delston said. These banks can either wait for a catastrophic event to happen before addressing the situation, or they can jump on the problem immediately.

Unfortunately, most banks do not act voluntarily, Stewart said.

“Banks seldom come to the realization on their own,” Stewart said. “It’s usually through an examination, or sometimes from an audit, that banks realize they have matters requiring attention.”

Or it comes from discovering one of your best customers was running a Ponzi scheme. Now that Gibraltar has survived that trial by fire, Medina said he’s ready for the next challenge

“We couldn’t have made it without maintaining a steadfast optimism,” he said.

For reprint and licensing requests for this article, click here.
AML KYC Enforcement actions Community banking Regional banks FinCEN OCC
MORE FROM AMERICAN BANKER