Headquartered in San Francisco, Wells Fargo is one of the most well-known financial services firms in the US, and indeed, the world.
However, at the end of last month, the firm was handed a near $100m fine for its role in helping a foreign bank circumvent US sanctions on more than half a billion dollars of transactions.
The bank was found to have supplied trade finance software to another lender, which used it to carry out transactions involving Iran, Sudan and Syria.
The bank kicked the foreign client off its platform in 2015 and reported the issue to the Fed and the Treasury, according to a filing from the US regulators. And yet the US Office of Foreign Assets Control (OFAC) said on 30th March 2023 that “Wells Fargo allowed an unnamed European bank to continue using the software for some six years after staff first raised concerns that it posed a sanctions risk.” (Global Trade Review, 2023).
An enforcement notice from OFAC described “multiple occasions between 2008 and 2015 when staff raised concerns about the sanctions risks posed, but the bank still failed to identify the violations.”
The US Federal Reserve fined the San Francisco-based bank a staggering $67.8 million, while the Treasury Department, through its Office of Foreign Assets Control, tacked on an additional $30 million in penalties.
In a statement issued by the Federal Reserve, Wells Fargo were cited for their “unsafe or unsound practices relating to historical inadequate oversight of sanctions compliance risks.” These failures “enabled the bank to violate US sanctions regulations by providing a trade finance platform to a foreign bank that used the platform to process approximately $532 million in prohibited transactions between 2010 and 2015.”
What are sanctions?
Global sanctions are measures taken by governments or international organisations to restrict certain activities, transactions, or business relationships in order to achieve foreign policy, national security, or other objectives. These sanctions may apply to specific individuals, entities, countries, or industries, and failure to comply with them can have serious consequences for financial institutions, as in this recent Wells Fargo case.
What are the penalties for not complying with global sanctions?
Sanctions violations can result in significant financial penalties, reputational damage, and loss of business.
In addition, sanctions violations can have serious legal and regulatory implications, and can lead to criminal charges and even imprisonment for individuals involved in the violations.
Therefore, it is critical for financial institutions to have a robust sanctions compliance programme in place that includes comprehensive due diligence, risk assessments, and ongoing monitoring of customers, transactions, and business relationships, in any, and all subsidiaries.
What’s more, AML compliance programmes and policies should be regularly updated and tested to ensure they are effective in detecting and preventing sanctions violations. Financial institutions should also maintain a culture of compliance throughout the organisation, with strong governance, oversight, and reporting mechanisms to ensure that potential sanctions violations are identified and addressed promptly.
Key takeaways from the Wells Fargo violations
The Wells Fargo sanctions violations case offers several important lessons for compliance teams in financial institutions.
Compliance starts at the top: The Wells Fargo scandal highlights the importance of a strong culture of compliance that starts at the highest levels of the organisation. Compliance officers and other personnel need to feel empowered to raise concerns and report potential violations without fear of retaliation.
Monitoring and testing are critical: Wells Fargo’s compliance failures were in part due to inadequate monitoring and testing. Compliance teams should regularly test and assess their own internal controls to ensure they are effective in detecting and preventing potential violations.
Pay attention to risk factors: The source of sanctions violations originated within what was known as Wachovia Bank, a company acquired by Wells Fargo at the height of the 2008 financial crisis, and the bank was ultimately held responsible. Compliance teams need to carefully evaluate the risks associated with any mergers or acquisitions and ensure that compliance processes are adapted to ensure appropriate due diligence and oversight.
Swift and transparent remediation is key: When violations or potential risks are detected, compliance teams need to act quickly and transparently to remediate the issue and prevent similar violations from occurring in the future. Wells Fargo’s slow response to the earlier staff reports of sanctions risks contributed to the severity of the fines imposed.