International Financial Law Prof Blog

"If for whatever reason CB New York inquires why our turnover has increase[d] so dramatically, under no circumstances may anyone mention that there is a connection to the clearing of Iranian banks!!!!!!!!!!!!!.”  Why did Commerzbank get off with only $1.45 billion in penalties when BNP paid nearly $9 billion for very similar conduct?  See BNP Paribas pleads guilty, pays $8.9 billion for Iran and Sudan sanctions busting

What Did Commerzbank Do?

Commerzbank AG, a global financial institution headquartered in Frankfurt, Germany, and its U.S. branch, Commerzbank AG New York Branch (Commerz New York), have agreed to forfeit $563 million, pay a $79 million fine and enter into a deferred prosecution agreement with the Justice Department for violations of the International Emergency Economic Powers Act (IEEPA) and the Bank Secrecy Act (BSA).  

The bank has also entered into settlement agreements with the Treasury Department’s Office of Foreign Assets Control (OFAC) ($258.6 million), the Board of Governors of the Federal Reserve System ($200 million) (previous Federal Reserve Cease & Desist), and the New York State Department of Financial Services ($610 million). Moreover, the New State DFS requires Commerzbank terminate the four remaining employees who though still employed played central roles in the admitted wrong doing (the other employees centrally involved already left the bank, including the resignation from Head of AML, Fraud, and Sanctions Compliance or Commerzbank’s New York Branch, who played a central role in the improper conduct) - 

• a relationship manager in the Financial Institutions Department;
• a front office staff member in the Interest, Currency & Liquidity Management Department; and 
• two back office staff members in the Cash Management & International Business Department.

In entering the deferred prosecution agreement, Commerzbank admitted and accepted responsibility for its criminal conduct in violation of IEEPA, and Commerz New York admitted its criminal conduct in violation of the BSA. 

Commerzbank further agreed to pay $263 million in forfeiture and a fine of $79 million for the IEEPA violations, and to pay $300 million in forfeiture in connection with the BSA violations, which will be remitted to the victims of a multi-billion dollar securities fraud scheme that was permitted to operate through Commerzbank. 

Commerzbank also agreed to implement rigorous internal controls and to cooperate fully with the Justice Department, including by reporting any criminal conduct by an employee.

A four-count felony criminal information was filed charging Commerzbank with knowingly and
willfully conspiring to commit violations of IEEPA and Commerz New York with three violations of the BSA for willfully failing to have an effective anti-money laundering (AML) program, willfully failing to conduct due diligence on its foreign correspondent accounts, and willfully failing to file suspicious activity reports.  Assuming the bank’s continued compliance with the deferred prosecution agreement, the government has agreed to defer prosecution for a period of three years, after which time, the government would seek to dismiss the charges. 

The New York County District Attorney’s Office is also announcing today that Commerzbank has entered into a deferred prosecution agreement, and in the corresponding factual statement, Commerzbank admitted that it violated New York State law by falsifying the records of New York financial institutions.  

In addition, the Board of Governors of the Federal Reserve System is announcing that Commerzbank has agreed to a cease and desist order, to take certain remedial steps to ensure its compliance with U.S. law in its ongoing operations and to pay a civil monetary penalty of $200 million.  The New York State Department of Financial Services (DFS) is announcing Commerzbank has agreed to, among other things, pay a monetary penalty to DFS of $610 million.  The OFAC has also levied a fine of $258.6 million, which will be satisfied by payments made to the Justice Department.  In total, Commerzbank will pay $1.45 billion in penalties.

“Commerzbank concealed hundreds of millions of dollars in transactions prohibited by U.S. sanctions laws on behalf of Iranian and Sudanese businesses,” said Assistant Attorney General Caldwell.  “Commerzbank committed these crimes even though managers inside the bank raised red flags about its sanctions-violating practices.  Financial institutions must heed this message: banks that operate in the United States must comply with our laws, and banks that ignore the warnings of those charged with compliance will pay a very steep price.”

IEEPA Violations

According to admissions contained in the deferred prosecution agreement, from 2002 to 2008, Commerzbank knowingly and willfully moved $263 million through the U.S. financial system on behalf of Iranian and Sudanese entities subject to U.S. economic sanctions.  Commerzbank engaged in this criminal conduct using numerous schemes designed to conceal the true nature of the illicit transactions from U.S. regulators.

For example, in the deferred prosecution agreement, Commerzbank acknowledged that it used non-transparent payment messages, known as cover payments, to conceal the involvement of sanctioned entities, and also removed information identifying sanctioned entities from payment messages, in transactions processed through Commerz New York and other financial institutions in the United States.  Specifically, in 2003, Commerzbank designated a group of employees in the Frankfurt back office to review and amend Iranian payments so that the payments would not be stopped by U.S. sanctions filters.  In doing so, Commerzbank ensured that Iranian payment messages did not mention the Iranian entity, as transactions may have otherwise been stopped pursuant to the U.S. sanctions.

Commerzbank admitted that it hid these practices from Commerz New York.  For example, in 2003, when two state-owned Iranian banks wanted to begin routing their U.S. dollar clearing business through Commerzbank, a Commerzbank back office employee emailed other Commerzbank employees directing: “If for whatever reason CB New York inquires why our turnover has increase[d] so dramatically, under no circumstances may anyone mention that there is a connection to the clearing of Iranian banks!!!!!!!!!!!!!.”  

Commerzbank admitted that this conduct continued even though its senior management was warned that the bank’s practices for Iranian clients “raised concerns.”  For example, in October 2003, the head of Commerzbank’s internal audit division stated in an email to a member of Commerzbank’s senior management that Iranian bank names in payment messages going to the United States were being “neutralized” and warned: “it raises concerns if we consciously reference the suppression of the ordering party in our work procedures in order to avoid difficulties in the processing of payments with the U.S.A.” 

In another scheme designed to avoid U.S. sanctions, Commerzbank admitted that, in 2004, it agreed with an Iranian bank client that, rather than sending direct wire payments to the United States, the Iranian bank would pay U.S. beneficiaries with Commerzbank-issued checks listing only the Iranian bank’s account number and address in London with no mention of the Iranian bank’s name. 

Additionally, Commerzbank admitted that in 2005, it created a “safe payment solution” for an Iranian shipping company client, which allowed the client to conduct transactions using the U.S. financial system.  The safe payment solution involved routing payments through special purpose entities controlled by the Iranian company, which were incorporated outside of Iran and bore no obvious connection to the Iranian client.  Commerzbank and its client switched use of such special purpose entities when Commerz New York’s sanctions compliance filters were updated to detect the use of a particular special purpose entity.  Commerzbank continued to process payments on behalf the Iranian client even after the client had been designated by OFAC as an entity subject to U.S. sanctions for its involvement in weapons of mass destruction proliferation.    

In addition, Commerzbank admitted that, from 2002 to 2007, it provided Sudanese sanctioned entities with access to the U.S. financial system by engaging in similar schemes to remove reference to Sudanese companies from the transaction records.    

Olympus Accounting Fraud

Since 2008, and continuing until at least 2013, Commerz New York violated the BSA and its implementing regulations.  Specifically, Commerz New York failed to maintain adequate policies, procedures and practices to ensure its compliance with U.S. law, including its obligation to detect and report suspicious activity.  As a result of the wilful failure of Commerz New York to comply with U.S. law, a multibillion-dollar securities fraud was operated through Commerzbank and Commerz New York.

Olympus was a Japanese-based manufacturer of medical devices and cameras.  Its common stock is listed on the Tokyo Stock Exchange, and its American Depository Receipts trade in the United States.  From at least the late 1990s through 2011, Olympus perpetrated a massive accounting fraud designed to conceal from its auditors and investors hundreds of millions of dollars in losses.  In September 2012, Olympus and three of its senior executives pleaded guilty in Japan to inflating the company’s net worth by approximately $1.7 billion.

Olympus used Commerzbank and Commerz New York to perpetrate its fraud.  Commerzbank, through its branch and affiliates in Singapore, both loaned money to off-balance-sheet entities created by or for Olympus to perpetrate its fraud, and transacted more than $1.6 billion through Commerz New York in furtherance of the fraud.

Commerzbank and Commerz New York were used in furtherance of the Olympus fraud during two different time periods.  From approximately 1999 through 2000, Olympus perpetrated its fraud primarily through Commerzbank and its Singapore branch and affiliates.  Among other things, Olympus used special purpose vehicles to facilitate the fraud, some of which were created by Commerzbank – including several executives based in Singapore – at Olympus’s direction, using funding from Commerzbank.  One of those Singapore-based executives, Chan Ming Fon, was involved in creating the Olympus structure in 1999 while at Commerzbank (Southeast Asia) Ltd., and later managed an Olympus-related entity in 2005-2010 on behalf of which he submitted false confirmations to Olympus’s auditors.  In September 2013, Chan pleaded guilty in Manhattan federal court to conspiracy to commit wire fraud.

From 1999 through 2000, Olympus executives asked Commerzbank executives to provide certain false documents to Olympus’s auditors, which would have failed to disclose that certain Olympus assets were pledged as collateral for loans from a Commerzbank affiliate. Commerzbank obtained a legal opinion, which, in the words of one Commerzbank executive written to an Olympus executive, “ma[de] clear that our bank could be subject to both civil and criminal penalties if we are seen to be assisting or facilitating you in the non-disclosure.”  Although Commerzbank ultimately declined to provide the false documents, its executives suggested a variety of ways Olympus could nonetheless fail to disclose the pledge.

In 2000, Olympus took its business away from Commerzbank and transferred it to another bank.  In 2005, however, Olympus – and its fraud – returned to Commerzbank.  From that point until at least 2010, Commerzbank executives expressed strong suspicions about the Olympus transactions and structure.  One senior executive worried that Olympus would have to “write off [the] full amount” of the relevant transactions, and wondered about the effects on Commerzbank if “any negative news is splash[ed] on the front page.”  A senior legal and compliance officer responsible for Commerzbank’s Singapore branch and affiliates wrote at the time that he was “concerned” about fraud, asset stripping, market manipulation and tax offenses, and that “[i]f the [Olympus] structure and transactions can not [be] explained we must file Suspicious Transaction report as a matter of law and [Commerzbank] policy.”             

In March 2010, two wire transfers in the amounts of approximately $455 million and $67 million, respectively, related to the Olympus scheme were processed by Commerz New York through the correspondent account for the Singapore branch of Commerzbank.  Those wires caused Commerz New York’s automated AML monitoring software to “alert.” 

At the time, Commerz New York had conducted no due diligence on the Singapore branch and affiliates of Commerz, consistent with Commerz's policy of not conducting due diligence on its own branches.  In response to the alerts, however, Commerz New York sent a request for information to Commerz in Frankfurt and Commerz's Singapore branch, inquiring about the transactions.  The Singapore branch responded in a brief e-mail, dated April 20, 2010, referring to the Olympus-related entities involved in the wires:

GPA Investments Ltd. ist [sic] a Caymen Islands SPV, Creative Dragons SPC-Sub Fund E is a CITS administered fund both of which are part of an SPC structure to manage securities investments for an FATF country based MNC.

According to the Relationship Manager the payment reflects the proceeds from such securities investments to be reinvested.

Commerzbank’s Singapore branch did not relay any of the concerns about the Olympus-sponsored structures and transactions. 

Based on its response, Commerz New York closed the alert without taking any further action other than to note that in March 2010 alone, GPA Investments had been involved in six transactions through Commerz New York totalling more than $522 million.  In fact, between 1999 and 2010, a total of more than $1.6 billion in furtherance of the Olympus fraud was cleared through Commerz New York.  Commerz New York failed to file a SAR in the United States concerning Olympus or any of the Olympus-related entities until November 2013 – more than two years after the Olympus accounting fraud was revealed. 

Commerz New York had the same designated BSA Officer continuously from approximately 2003 until early 2014.  Over those years, she raised concerns about AML compliance, both to her superiors at Commerz New York and with Commerz Frankfurt.

Under the BSA, a financial institution is required to detect and report suspicious activity.  This is accomplished, in part, through conducting due diligence, and enhanced due diligence where appropriate, of the correspondent relationship – which Commerz New York failed to do – and by sending requests for further information to the correspondent bank when potentially suspicious transactions are detected. 

Commerz New York frequently had difficulties getting responses to requests for information generated in connection with automated transaction monitoring “alerts.”  Because requests for information went unanswered for as much as eight months without SARs being filed, alerts were often closed without any response to the pending request.  As a result of these deficiencies, Commerz New York cleared numerous AML “alerts” based on its own perfunctory Internet searches and searches of public source databases but without ever receiving responses to its requests for information.

On June 24, 2010, a Commerz New York-based compliance officer who had primary responsibility for automated transaction monitoring wrote in an e‑mail to the BSA Officer and the Head of Compliance in New York (who had previously served as the Head of Compliance in Asia) that “we currently have 90 alerts a day,” with “808 alerts outstanding,” which “could lead to a possible back log.”  He continued, “I also wanted to make you aware that we have currently over 130 Frankfurt RFIs [i.e., requests for information] outstanding,” noting “a decrease in response to the RFIs” from Frankfurt.  The following day, the Head of Compliance in New York forwarded the e‑mail to Commerz’s Global Head of Compliance, adding that “things are not getting better with regards to th[ose] findings. (see below).  I will forward you the DRAFT memo on potential revision of staffing needs.”  Although the Global Head of Compliance thereafter instituted new procedures designed to increase the speed of responses to RFIs from New York, problems persisted with the timely flow of information from business units outside the United States to compliance officers in New York.

Commerzbank and Commerz New York also failed to conduct adequate due diligence or to obtain “know your customer” information with respect to correspondent bank accounts for Commerzbank’s own foreign branches and affiliates.  These systemic deficiencies reflected a failure to maintain adequate policies, procedures and controls to ensure compliance with the BSA and regulations prescribed thereunder and to guard against money laundering.

What did BNP Paribas do?

For a number of years, up to and including 2012, BNPP processed thousands of transactions to or through U.S. financial institutions that involved countries, entities, and/or individuals subject to the sanctions programs listed above.  BNPP appears to have engaged in a systematic practice, spanning many years and involving multiple BNPP branches and business lines, that concealed, removed, omitted, or obscured references to, or the interest or involvement of, sanctioned parties in U.S. Dollar Society for Worldwide Interbank Financial Telecommunication payment messages sent to U.S. financial institutions.

The specific payment practices the bank utilized in order to process sanctions-related payments to or through the United States included omitting references to sanctioned parties; replacing the names of sanctioned parties with BNPP’s name or a code word; and structuring payments in a manner that did not identify the involvement of sanctioned parties in payments sent to U.S. financial institutions.  While these payment practices occurred throughout multiple branches and subsidiaries of the bank, BNPP’s subsidiary in Geneva and branch in Paris facilitated or conducted the overwhelming majority of the apparent violations.

How egrigous was BNP Paribas' conduct v. Commerzebank?

OFAC determined that BNPP did not voluntarily self-disclose its violations (it was a whistleblower), and that the apparent violations constitute an egregious case: BNPP’s systemic practice of concealing, removing, omitting, or obscuring references to information about U.S.-sanctioned parties in 3,897 financial and trade transactions of multiple billions of dollars routed to or through banks in the United States between 2005 and 2012.

OFAC determined that Commerzbank did not voluntarily self-disclose its violations, and that the apparent violations constitute an egregious case.  For several years, up to and including January 2010, Commerzbank processed thousands of transactions through U.S. financial institutions that involved countries, entities, or individuals subject to the sanctions programs administered by OFAC. Commerzbank engaged in payment practices that removed, omitted, obscured, or otherwise failed to include references to U.S.-sanctioned persons in Society for Worldwide Interbank Financial Telecommunication payment messages sent to U.S. financial institutions.

Commerzbank processed 959 wire transfers or other transactions totaling approximately
$22,033,133 between September 14, 2005 and August 29, 2008, involving Iran in apparent
violation of the ITSR. Commerzbank processed 375 wire transfers totaling approximately $78,289,519.83 between September 12, 2005 and December 19, 2007, involving Sudan in
apparent violation of the SSR.  Both the statutory maximum and base civil monetary penalties in this case were $574,801,770.  Commerzbank processed more than a billion dollars for the Olympus fraud.

Who at BNP Paribas was involved?

Benjamin M. Lawsky, New York's Superintendent of Financial Services, said, "BNPP employees – with the knowledge of multiple senior executives – engaged in a long-standing scheme that illegally funneled money to countries involved in terrorism and genocide. As a civil regulator, we are taking action today not only to penalize the bank, but also expose and sanction individual BNPP employees for wrongdoing. In order to deter future offenses, it is important to remember that banks do not commit misconduct – bankers do."

- COO Signed Off on Continuing Illicit Transactions at Meeting Where He Asked Minutes Not to be Taken";

- North American Head of Ethics/Compliance wrote: "The Dirty Little Secret Isn’t So Secret Anymore, Oui?"

International Financial Law Prof Blogger William Byrnes is the author of Lexis' Money Laundering, Asset Forfeiture and Recovery and Compliance -- A Global Guide, a resource detailing anti-money laundering and counter-terrorist financing law, asset forfeiture, risk and compliance, and international agreements for 87 countries & territories.

https://lawprofessors.typepad.com/intfinlaw/2015/03/commerzbank-admits-to-sanctions-and-money-laundering-violations-will-pay-145-billion-penalties.html