Citi International Financial Services of San Juan, Puerto Rico, agreed to pay a $5.75 million fine and agreed to revise its WSPs and internal control procedures to settle FINRA charges that its AML program was not reasonably designed to achieve and monitor compliance with the requirements of the Bank Secrecy Act, including policies and procedures reasonably designed to achieve compliance with those requirements.

ABOUT THE RESPONDENT.  CIFS, a FINRA member since 1987 and an indirect subsidiary of Citigroup, serves non-U.S. customers residing primarily in Latin America, all of which are required to establish and maintain bank accounts with a banking affiliate of CIFS. During the period relevant to this AWC, CIFS had more than 250 registered reps servicing customer accounts with assets exceeding $7 billion, and the firm processed more than $50 billion worth of customer securities trades. CIFS has no relevant disciplinary history.

FINRA’S SPECIFIC FINDINGS.   FINRA expressed several concerns about CIFS’s business: (i) substantially all of its business took place in a geographic region generally considered to present elevated AML risk; and, (ii) it handled a number of customer securities transactions of a kind often associated with elevated AML risk.

Nevertheless, CIFS relied primarily on manual supervisory review of securities transactions that was not sufficiently focused on AML risks and was otherwise insufficient to satisfy the firm’s AML compliance obligations.

• Its system was inadequate for detecting potentially suspicious activity and for evaluating whether transactions should be elevated for closer AML scrutiny and potential reporting.

►  Its manual supervisory review of customer securities transactions, in effect until at least July 2013, was not specifically focused on AML risk, and relevant supervisory personnel were not all educated about their responsibilities in the AML       context.

• Newly implemented WSPs that called for AML-specific heightened scrutiny were not consistently applied nor transactions elevated for further review. The firm also did not make effective use of automated surveillance to identify potentially suspicious transactions occurring in its customer brokerage accounts.

• The firm delegated to one of its banking affiliates the responsibility for monitoring - through automated surveillance and otherwise—transfers of money between the firm customer brokerage accounts and related customer bank accounts held at banking affiliates.

►  Yet, securities transactions and other activity that occurred entirely within the customer’s firm brokerage account were not adequately monitored pursuant to this delegation.
►  In some cases, automated alerts related to securities transactions in customer brokerage accounts were closed based on the erroneous assumption that the firm was conducting systematic AML monitoring of the securities transactions and addressing potential AML concerns as appropriate.

This case was reported in FINRA Disciplinary Actions for February 2017.

For details on this case, go to … FINRA Disciplinary Actions Online, and refer to Case #2013036434501.