Following some recent training with an international bank on AML and SARS I talked about how THE JPMORGAN/MADOFF/MICHELLE JARDINE AND STM FIDUCIAIRE LIMITED (“STM”) case studies provide valuable lessons for all financial institutions on AML and more specifically SAR management.

Michelle Jardine and STM Fiduciaire Limited (“STM”):

The first prosecution of its kind in Jersey, the Royal Court has acquitted Michelle Jardine and STM Fiduciaire Limited (“STM”) of charges under the Proceeds of Crime (Jersey) Law 1999 (POCA).  The offences carry with them penalties of up to 5 years imprisonment.

The case and the not guilty result of this trial give a measure of comfort to financial institutions, MLROs and directors of companies alike whilst also highlighting the importance of these roles in assessing risk and combatting cross-border crimes such as money-laundering.

I also revisited a case from 2014 – namely THE JPMORGAN/MADOFF CASE STUDY :

A deferred prosecution on two criminal charges for failing to report a suspicion and failing to have an effective AML programme along with a total penalty of US$2.6 billion imposed on JPMorgan is a salient lesson for all those in the financial sector and underscores the need to comply with AML and Know Your Customer (“KYC”) obligations.

This JPMORGAN/MADOFF case study provides 3 valuable lessons for the financial sector and these are shown below after an introduction and outline of the facts.

THE JPMORGAN/MADOFF CASE STUDY BACKGROUND

1. Following the largest known Ponzi scheme in the history of the United States (“US”), JPMorgan Chase Bank, N.A. (“JPMorgan”)(references to JPMorgan include references to its predecessor entities.) agreed, in early January 2014, to pay a US$1.7 billion penalty to the US government in exchange for a deferred prosecution on two criminal charges for
   1. failing to maintain an effective anti-money laundering (“AML”) program and
   2. failing to file a suspicious activity report (“SAR”) vis-à-vis the activities and transactions of Bernard L. Madoff Investment Securities LLC and other related companies (collectively, “Madoff Securities”).
2. In addition, JPMorgan agreed to pay US$900 million to a US bank regulator and to settle certain private claims.

JPMORGAN’S BANKING RELATIONSHIP WITH MADOFF

1. JPMorgan’s Banking Relationship with Madoff According to documents relating to the JPMorgan deferred prosecution agreement that were released by the US Department of Justice (“DOJ”) on 6 January 2014, JPMorgan had a 22-year old banking relationship with Madoff commencing from 1986 until Madoff’s arrest in 2008.
2. The Madoff Ponzi scheme was conducted almost entirely through a centralized bank account held at JPMorgan (“the Account”).
3. Monies that Madoff’s victims “invested” with Madoff Securities were deposited into the Account, but were not used for the purchase and sale of investment products. Instead, they were paid to Madoff from a linked disbursement account with JPMorgan that was held by Madoff Securities and used for his personal benefit.
4. When Madoff Securities collapsed in December 2008, it maintained more than 4,000 investment advisory accounts with a purported combined balance of about US$65 billion. However, in reality, Madoff Securities held only about US$300 million in assets at the time.

THE CHARGES AGAINST JPMORGAN

1. The first charge against JPMorgan for failing to maintain an effective anti-money laundering program in or about 2008 arose from a memorandum written in October 2008 (“the Memorandum”) by an analyst at JPMorgan’s London office.
2. The Memorandum, among other things,
   1. “described [JPMorgan’s] inability to validate Madoff’s trading activity or even custody of assets;
   2. questioned Madoff’s ‘odd choice’ of a small, unknown accounting firm; and
   3. reported that [JPMorgan] ‘seemed to be relying on Madoff’s integrity’ with little to verify that such reliance was well-placed”.
3. Shortly after, JPMorgan filed a report with the United Kingdom Serious Organised Crime Agency (“the SOCA Report”) which stated, inter alia, that
   1. “the investment performance achieved by [the Madoff Securities] funds … is so consistently and significantly ahead of its peers year-on-year, even in the prevailing market conditions, as to appear too good to be true – meaning that it probably is”.
4. The US Attorney alleged that JPMorgan had failed to communicate the concerns raised in the Memorandum to AML compliance personnel in the US and to investigate the banking relationship between JPMorgan and Madoff Securities, including the transactions in the Account.
5. In particular, JPMorgan was alleged to have
   1. “lacked effective policies, procedures, or controls designed to reasonably ensure” that the concerns raised in the Memorandum, or information about US-based clients obtained by JPMorgan in its business abroad, were conveyed to AML compliance personnel in the US.

CHARGES

1. The particulars of the first charge stated that at a minimum, an adequate AML program would include:
   1. developing internal policies, procedures, and controls designed to guard against money laundering;
   2. designating a compliance officer to coordinate and monitor day-to-day compliance with the Bank Secrecy Act and AML requirements;
   3. establishing an ongoing employee training program; and
   4. Implementing independent testing for compliance conducted by bank personnel or an outside party.
2. The second charge against JPMorgan for failing to file, in or about October 2008, a SAR vis-à-vis transactions in bank accounts maintained by Madoff Securities with JPMorgan rested on the same allegations for the first charge.

LEARNING POINTS

1. Banks and financial institutions should take note of the following three learning points from the JPMorgan/Madoff case study:

1-COMPLIANCE/SENIOR MANAGEMENT TO DECIDE ON SAR (STR) FILING

1. As early as the mid-1990s, red flags had been raised over the Account, which involved “round-trip” transactions beginning with
   1. Madoff writing cheques regularly from an account at a second bank to the account of a large private bank client at JPMorgan for no apparent business purpose.
   2. Madoff would then transfer the money from the Account to his account at the second bank to cover the earlier cheque from the second bank to the private bank client at JPMorgan.
   3. Finally, the private bank client would transfer exactly the same amount of funds back to the Account after the cheque had been cleared.
2. These round-trip transactions occurred almost daily over the years, and were each in the sum of tens of millions of dollars.
3. Because Madoff’s balances at JPMorgan appeared larger than they actually were, JPMorgan made inflated interest payments to Madoff.
4. In one instance, when personnel from the second bank discovered that the round-trip transactions had no legitimate business purpose, the second bank terminated its banking relationship with Madoff Securities.
5. Although JPMorgan was aware of the round-trip transactions,
   1. IT DID NOT file a SAR or terminate its banking relationship with Madoff. Instead, it allowed the private bank client transactions to continue, subject to reimbursement by the private bank client for the inflated interest payments.
   2. Moreover, JPMorgan DID NOT REPORT the round-trip transactions to its AML personnel and only filed a SAR after Madoff’s arrest in 2008.
6. THE LESSON HERE IS THAT
   1. The decision whether to file a SAR should not be left to private bankers, who may have had an incentive to turn a blind eye to the round-trip transactions given their profitability.
   2. Decisions on whether to file a SAR (STR) must reside with MLROs so that there is some degree of independence and they can authorise further verification of the transactions where appropriate.

2- A SYSTEM IS ONLY AS GOOD AS ITS WEAKEST LINK

1. Following internal restructuring in 2007, JPMorgan used an automated system to comply with its AML obligations.
2. When potentially irregular activity was detected, the system would generate an “alert” and under JPMorgan’s protocol, an AML investigations team within JPMorgan’s compliance department would investigate the alert and take appropriate action, if any.
3. The AML investigators were also presumed to have access to KYC information maintained by JPMorgan, which were stored in electronic form.
   1. However, the automated system was incomplete as the electronic storage of KYC information was behind schedule.
   2. As a result, the AML investigators did not have access to electronically stored KYC information at times.
4. In 2007, there were two occasions when the automated system generated “alerts” regarding potentially suspicious activity in Madoff Securities. IN both cases,
   1. The AML investigators closed the alerts as they were unable to access Madoff’s KYC documentation electronically.
   2. They also noted that the transactions did not seem unusual in light of the prior transactions in the Account.
5. THE LESSON HERE IS THAT
   1. as a starting point, AML systems need to be in place and more importantly, these systems need to be complete and functioning well because a system is only as good as its weakest link.

3- SHARE INFORMATION ACROSS AFFILIATES

1. the charges against JPMorgan were founded primarily on its failure to communicate the concerns raised in the Memorandum to AML compliance personnel in the US. At the time, JPMorgan did not have any formal protocol to share information about suspicious activity across borders.
2. As a result, internal information flows about the concerns regarding Madoff Securities were ad hoc and premised heavily on the initiative (or the lack thereof) of individual compliance officers.
3. The following communication gaps were mentioned by the DOJ:
   1. the UK officer who filed the SOCA Report tried to call his counterpart in the US but, after failing to reach him, did not follow up with any other AML compliance personnel in the US;
   2. the same UK officer also contacted JPMorgan’s Head of Global Compliance but did not raise any issue about whether to file a SAR in the US;
   3. The UK Markets Compliance Officer alerted a senior compliance officer in the US (“the US Senior Compliance Officer”) about concerns with Madoff Securities.
   4. The US Senior Compliance Officer learnt about the SOCA Report but did not receive a copy.
   5. The UK Markets Compliance Officer did not ask the US Senior Compliance Officer to undertake any AML review;
   6. the US Senior Compliance Officer was given a copy of the Memorandum but did not alert US AML compliance personnel about the concerns expressed in it or investigate JPMorgan’s banking relationship with Madoff; and
   7. negative information about Madoff Securities were reviewed by the US Senior Compliance Officer and he was copied on internal correspondence within JPMorgan’s London office querying the relationship between JPMorgan and Madoff securities, no one in JPMorgan took any action to investigate this relationship.

THE LESSON HERE IS THAT

1. Cross-border flows of information are critical in detecting possible irregularities in transaction activity in a bank account.
2. A written protocol should be implemented to address how information about suspicious activity should be transmitted across affiliates, and who should take the lead in conducting further investigations.

CONCLUSION

1. The JPMorgan/Madoff case study as well as Jardine/STM has provided valuable lessons for the financial sector.
2. Banks and financial institutions should examine their policies and procedures to ensure that they have adequate and functioning systems to comply with their AML and reporting obligations.
3. Where gaps exist, banks and financial institutions should prioritize implementing the necessary controls to ensure that banking relationships, no matter how profitable, do not compromise their regulatory obligations.