The Treasury Department and former MoneyGram Chief Compliance Officer Thomas Haider have settled their civil claims. This was the first-ever case against a compliance officer for failing to implement an appropriate anti-money laundering (AML) program at a company.
For all the hoopla surrounding it, the case went out with a whimper.
As I talked about in an earlier post, MoneyGram entered into a deferred prosecution agreement a few years ago, agreeing to pay $100 million for its compliance failures. Mr. Haider, to his credit, chose to fight.
The government’s complaint against him sought a $1 million penalty and an injunction preventing him from working in a compliance function. In the end, Mr. Haider agreed only to pay $250,000 and was enjoined “from performing a compliance function for any ‘money transmitter’ (as that term is used in the Bank Secrecy Act and its implementing regulations) . . . for a period of three years.”
The Haider settlement agreement is a public document. As in a plea agreement, the most interesting section is the one where Mr. Hader agrees to certain facts. This section shows exactly what the government was able to prove and what it wasn’t able to prove.
Basically, the agreed-upon facts state that MoneyGram had a poor compliance program. No news there. The company agreed to pay $100 million for that already. The facts also state that Mr. Haider didn’t take appropriate steps to fix it. It doesn’t appear that the government could prove much more than that.
Here are the key facts to which Mr. Haider agreed:
- MoneyGram operated a money transfer system.
- MoneyGram had a Fraud Department (maybe “Anti Fraud Department” would be a better name?) and an AML Compliance Department.
- Mr. Haider, as MoneyGram’s chief compliance officer, had direct supervisory authority over both of those departments. Mr. Haider was not in charge of the Sales Department.
- In 2006-2007, the Fraud Department developed a plan to terminate agents and outlets of MoneyGram that represented a high risk of fraud. However, the policy was not approved by the Sales Department and thus was not implemented.
- There was evidence that the company needed such a termination plan because of known risks.
- The Fraud Department also recommended terminating a number of specific MoneyGram outlets in Canada. Mr. Hader was provided with a spreadsheet analyzing 49 specific outlets and the spreadsheets “revealed that the 49 outlets accounted for approximately 50% of all reported fraud involving money sent through MoneyGram’s my transfer system to Canada during the six-month period.”
- Although Mr. Haider had the ultimate authority to terminate agents and outlets because of fraud or AML concerns, he did not do so. The agreement states that “in the face of pushback from the Sales Department, “did not exercise that authority with respect to the vast majority of the 49 outlets.”
- The Fraud Department had the ability to aggregate information about MoneyGram’s agents. However, Mr. Haider structured MoneyGram’s AML program so that this information was not generally provided to the MoneyGram analysts who were responsible for filing Suspicious Activity Reports or SARs. The information was also not provided to the AML Compliance Department.
- Numerous MoneyGram outlets had a disproportionate number of consumer fraud reports but MoneyGram did not file SARs for them. In addition, the AML Compliance Department failed to conduct adequate audits of many of those agents and outlets. There’s no statement that filing SARs was part of Mr. Haider’s responsibility.
No Evidence of Truly Willful Conduct
I’m struck by the fact that Mr. Haider was charged willfully failing to implement an AML policy at MoneyGram.
There are many definitions of willful but, at a minimum, it means more than negligent. It means more than simply doing a bad job. There must be some evidence of intent to do something wrong.
Yet none of the facts to which Mr. Haider agreed in the settlement agreement really suggest willfulness at all. The government perhaps established liability under a theory of willful blindness–that Mr. Haider knew about certain compliance problems, had the authority to take steps to try to ameliorate those problems, and deliberately chose not to do so or ignored the need to do so.
I’m also struck by the repeated use of the passive voice in the agreed facts. Grammar is telling. The facts pin very few specific bad acts on Mr. Haider. For example, with respect to the plan to terminate high-risk agents and outlets, “no such policy was implemented.” It was the government’s burden to prove that these compliance failings were Mr. Haider’s fault and that he engaged in willful misconduct. I’m reading between the lines here, but it sure looks like the government thought he was liable mostly because of his job title.
The statement of facts strongly suggests that the Sales Department had a lot of say in how rigorous the compliance program was. That may not be a best practice, but Mr. Haider didn’t set up the corporate structure. He wasn’t the head of the Sales Department. If the corporate structure gave a lot of authority to the Sales Department and if the Sales Department could torpedo a compliance program, then how would it be Mr. Haider’s fault?
The Bluster Continues
You would think that FinCEN might reconsider these types of cases. But judging from its press release for this settlement, it’s not. Acting FinCEN director Jamal El-Hindi said:
FinCEN relies on compliance professionals from every corner of the financial industry. FinCEN and our law enforcement partners need their judgment and their skills to effectively fight money laundering, fraud, and terrorist financing. Compliance professionals occupy unique positions of trust in our financial system. When that trust is broken, it is important that we take action so that the reputations of thousands of talented compliance officers are not diminished by any one individual’s outlying egregious actions. We have repeatedly said that when we take an action against an individual, the record will clearly reflect the basis for that action. Here, despite being presented with various ways to address clearly illicit use of the financial institution, the individual failed to take required actions designed to guard the very system he was charged with protecting, undermining the purposes of the BSA. Holding him personally accountable strengthens the compliance profession by demonstrating that behavior like this is not tolerated within the ranks of compliance professionals.
In the end, this case shouldn’t scare the compliance community too much. The government obviously wanted to put compliance officers in fear that if the company compliance plan isn’t perfect, then they are personally liable. Now, $250,000 is not insignificant, but it’s also not a prohibitively high penalty.
The government got one-quarter of what it wanted in fines and a 3-year ban. That’s not exactly a bang-the-drums result in a first-of-its-kind case. It will be interesting to see if the government follows up on its bluster. If it does, it should look for a better test case.