Banks Need More Concrete Regulatory Steps on De-Risking

While it is encouraging for government officials to give public statements expressing their views about the practice of de-risking, the financial services industry could still benefit from more concrete and specific policy on this issue from the regulatory community.

Over the past year and a half, public commentary about de-risking has been heard not only from officials at the U.S. Treasury Department, but also from the World Bank, the International Monetary Fund and individual regulators in countries most affected by the practice.

In September, Comptroller of the Currency Thomas Curry gave a speech in which he sought to "clarify" the OCC's position on de-risking. He reminded his listeners, as had recently been explained in a joint publication by the Treasury Department and federal banking agencies, that no "general requirement" exists under U.S. regulations for institutions to conduct due diligence on the customers of their foreign correspondent partners. In other words, he emphasized, there is no broad requirement to "know your customers' customers."

Curry also cautioned that while financial institutions must vigilantly protect against money laundering, they nevertheless must be "sensitive to the fact that, when a large number of banks withdraw from foreign correspondent banking relationships, it can lead to entire regions being cut off from the positive effects of modern financial systems and broader financial inclusion." Curry commented that the "global financial system cannot be paralyzed by risk" and previewed guidance the OCC would issue clarifying "best practices" for foreign correspondent banking.

The guidance that followed in October instructed financial institutions for the first time to consider the extent to which "account closures may have an adverse impact on access to financial services for an entire group of customers or potential customers, or an entire geographic location." It listed four "best practices" that banks should employ when determining whether to terminate foreign correspondent accounts: an effective governance process; communicating account termination decisions to senior management; communicating deficiencies to correspondent banks and offering them the chance to present mitigating information or find another relationship; and ensuring a clear audit trail of the reasons and method used for account closures.

As did the Treasury publication, the OCC said a decision to terminate a correspondent banking relationship should be based on an analysis of the risks presented by the individual foreign financial institution and the bank's ability to manage those risks, and should consider factors such as the bank's systems and controls and the foreign institution's specific attributes, including the anti-money laundering and supervisory regime of the licensing/chartering jurisdiction.

Clearly, the OCC believes U.S. financial institutions should consider the societal impact of de-risking when they evaluate the risk profiles of their correspondent banking clients. Account termination practices that lack "appropriate risk assessment and consideration" include "terminating entire categories of foreign correspondent account relationships without regard to the risks presented by individual foreign financial institutions." Wholesale exiting of categories of clients or countries is to be avoided.

Just like similar guidance from international bodies such as the Financial Action Task Force, the OCC standards are welcome and timely. These published details give institutions a clearer sense of regulators' expectations. But are they enough? It is not yet clear whether these regulatory steps will have the desired effect of redefining the de-risking process and giving U.S. and other global financial institutions sufficient impetus to onboard or keep those they perceive to be riskier clients.

Perhaps it is time to consider a more concrete solution that will encourage financial institutions to re-engage with clients deemed to be higher-risk.

One idea for a reasonable standard of AML and due diligence for correspondent banking relationships is to borrow from a model used by the United Kingdom related to bribery cases. The U.K. Bribery Act of 2010 provides a "full defence" from liability and prosecution if the financial institution can prove that, despite a particular case of bribery, the institution had adequate procedures in place to prevent persons associated with the institution from committing bribery. In order to avail itself of the defense, the organization must show that it had a program incorporating six principles: Proportionate Procedures, Top-Level Commitment, Risk Assessment, Due Diligence, Communication (including training), and Monitoring and Review.

Why not put in place a similar statutory provision in the U.S. protecting financial institutions from liability related to correspondent banking? If a correspondent banking client steered transactions through accounts with the U.S. institution that were found to be tied to illegal conduct, the U.S. institution would be safe from any enforcement proceeding as long as it had in place a program that satisfied the five pillars of an effective AML program laid out in the Bank Secrecy Act. Those pillars are: written policies and procedures, a designated AML compliance office, independent testing of the AML program, annual training, and the recently added fifth pillar of establishing and maintaining risk-based customer due diligence procedures including procedures to identify the beneficial owners of accounts.

If an institution's AML program is reviewed against these requirements and found to meet them, why not then provide the institution with protection against an enforcement action if one of their correspondent banking clients is a bad actor? It appears that only this type of concrete protection will encourage major institutions to reverse the pervasive de-risking trend.

Julie Copeland is a partner with Lewis Baach Kaufmann Middlemiss and formerly a general counsel and managing director for the global financial crimes legal department at JPMorgan Chase. Mirella deRose is an associate with Lewis Baach Kaufmann Middlemiss and formerly principal counsel in the enforcement department of the Financial Industry Regulatory Authority.