Compliance Officers Face Criminal Prosecution

The New York Department of Financial Services, which oversees some of the largest banks in the world, may soon find itself in opposition to its normal allies: compliance officers. The department, with the backing of Governor Andrew Cuomo, has proposed a new regulation that will require that "senior financial executive [sic] certify that their institutions has [sic] sufficient systems in place to detect, weed out, and prevent illicit transactions." Using Sarbanes-Oxley as a model, the NYDFS is attempting to close what it views as a serious gap in policy. Its investigations have uncovered a distinct lack of oversight related to transaction monitoring and filtering programs designed to prevent terrorist financing, sanctions violations, and anti-money laundering activities at financial institutions. As a result, the department is now seeking a rule by which to hold senior executives responsible for these shortcomings.

Positioning the new rule as an opportunity to cripple global terrorist networks (that rely on illicit funds shifted through financial institutions), the NYDFS has asked for comments on a multitude of proposed transaction monitoring and watch list filtering requirements, but the portion of the new rule that has garnered the most attention has been related to annual certification.

Under the proposal, the chief compliance officer of each firm must annually certify that the firm is in compliance with all the requirements of the rule. Chief compliance officers could then face individual enforcement actions directly as a result of this certification.

According to reporting in the Wall Street Journal, many compliance officers are feeling unfairly singled out by the regulator, noting that the new rule gives banks a natural scapegoat should anything happen, someone who could bear the brunt of enforcement below the CEO level. Traditionally, compliance professionals would be seen as a natural ally to regulators: someone on the front lines seeking to prevent fraud and other malfeasance within a corporation. In fact, as recently as three months ago, the director of the SEC’s Enforcement Division went out of his way to reassure compliance professionals that they did not need to fear enforcement action. He emphasized that:

"... compliance officers should not fear enforcement action if they perform their responsibilities diligently, in good faith, and in compliance with the law. That is still true today. You should know that both we in Enforcement and the Commission take the question of whether to charge a CCO very seriously and consider it carefully. We think very hard about when to bring these cases. When we do, it is because the facts demonstrate that the CCO’s conduct crossed a clear line."

Opening compliance officers to criminal prosecution in New York has many people worried that compliance professionals will find themselves between a rock and a hard place: frequently unloved within their own institutions, and now without support from regulators, either. The comment period on the new proposal ends in March.