You might also be thinking of HSBC [1] or Wachovia [2] or possibly one of several Australian banks [3] or maybe this European bank [4] or this one [5], or indeed Credit Suisse.
The thing to know about money laundering is that the rules are basically set by the USA, and after the 9/11 attacks the US made money laundering a strict liability crime. It means you can be found guilty of it even if you didn't know you were doing it, made extensive efforts to ensure you didn't and even if the actual violations were made by someone else not yourself. And money laundering is defined as moving money on the behalf of criminals, or not doing enough to realize you were doing so. How much is doing enough? That's subjective, up to the regulators and they are allowed to do things like tell you you're doing enough then later change their mind and prosecute you for it.
Because it's impossible to successfully comply with such a moving target, every large bank in the world is constantly being fined for AML violations. It doesn't mean much about any specific bank to say it's been fined for that. If it was possible to actually comply, there'd be no crime that involved any financial component any more i.e. no drug trade or fraud, because the banks would always detect it, suspend the accounts, report the owners and seize the money.
Clearly these crimes do still exist because banks don't have enough information to reliably beat all criminals. They don't have police powers, so the most they can do is rely on heuristics. It's especially tough in parts of the world where cartels may have unlimited budgets to beat your systems, corrupt your employees, corrupt government employees or threaten your staff with having their arms chopped off if they don't help out. AML regulations don't recognize these problems as legitimate however, meaning you as a banker can be prosecuted and jailed for up to 20 years because someone, somewhere else in your organization, wasn't suspicious enough about some activity and report it in a timely manner.
That's why it feels like banks are always "getting away with it". Governments, even the US government, can't actually enforce the laws as written because if they did then the entire financial industry would collapse overnight from mass staff exodus. This was the very real risk that led to HSBC being fined rather than directly prosecuting the staff. There was apparently a big fight inside the US Gov about this between the Justice Dept and the Treasury, with (I think) the former wanting prosecutions and the latter pushing for no prosecutions. The Treasury knew that prosecutions could succeed and if they did, there'd be a very different and much worse kind of bank run.
To me, it doesn't seem reasonable to expect bankers to achieve what the world's police forces and intelligence agencies never could. But the public doesn't really understand these dynamics. Whenever they read about banks laundering money, they think it's bankers who are knowingly taking part in organized crime and so demand punitive action. Governments can then blame the banks for crime whilst simultaneously taking some billions of dollars from them for the general budget. In the short term it's a win for them. The true cost is somewhat subtle and long term, in things like innocent people being unable to get bank accounts, or finding it very difficult, and a general feeling of society being rigged in favor of the bankers who never seem to be punished for their claimed crimes. The fix would be a mix of changes to AML rules and the PATRIOT Act, transforming the system into something a lot more mechanical and objective. It might make some crime a bit easier, but that can be counterbalanced by e.g. increased funding to the police.
Selective enforcement of broad regulations like this is one of the hallmarks of a corrupt regime.
The great thing about everybody being guilty is that they can use nudges and winks to force people to toe the line about anything at all, far in excess of the power and authority granted to them by laws on paper. Get uppity and they'll send some goons around to smash up the place.
This not a case of the hapless simpletons in government having a good heart and the right intentions, and yet again bungling the legislation spectacularly, and now they're dutifully serving the people by doing their gosh darndest to keep the financial system from collapsing due to their prior incompetence. These laws and regulations are constructed and implemented by and for the ruling class, for the purpose of increasing their wealth and power.
They are being used left and right. Want to penalize a European bank? Pull some some fine in the $x00 millions out of thin air. The way the laws are structured, it's almost guaranteed that they broke some law somehow. Don't like this dude/girl? Ban them from banking for no reason because your ToS allows you to and make it hell for them to recover their money.
Wow, this is the best comment I've read in a while. I was one of those ppl who thought that bankers were "getting away with it" but I can clearly see your point here.
Agreed, great explanation. Also worth noting that US government has forced many industries other than banks to somehow detect, report and/or catch money-laundering activity, while also lacking police power. Any time you hear KYC (Know your customer), anti-money-laundering is essentially the reason.
Thanks for this comment. This highlight the crux of the issue. Banks should have something like "banking neutrality" where they'll bank anyone and any money until a court order says otherwise.
It's funny most people accept this situation which can significantly abused by lots of parties (See: Operation Choke Point as an example). But if you live in a small village, and there is only one bank branch, the banker there not liking you means you being unbanked for no reason.
That was not my experience. I worked a lot with various banking regulators (Fed, OCC, NFA, British PRA, a bit of SEC, FDIC and probably a few I don't remember now), although not on AML matters. My experience was that before being slapped with a Consent Order, you get warnings. They are either Matters Requiring Attention (MRA) or Matters Requiring Immediate Attention (MRIA). It is highly improbable the regulators just hit you with something out of the blue, just because they feel like that.
Even there there is the progression of MRA (Matters Requiring Attention), MRIA (Matters Requiring Immediate Attention) before going to actual criminal prosecution (which invariably ends in a settlement, which takes the form of a large fine and a Consent Order). Just take a look at [1], where an unnamed bank has appealed an MRA given by the OCC on the topic of AML in 2020.
Yes, but in for example the HSBC case that didn't happen, I think (might be wrong, it's been years since I looked at this stuff). Although there were MRAs, there wasn't any intermediate step I think between that and prosecution?
Senator Levin. Did the OCC ever cite a violation of law for
noncompliance with AML statutes prior to 2010? Do you know, Ms.
Dailey?
Ms. Dailey. I do not believe we did prior to 2010.
[...]
Senator Levin. What about informal enforcement action? Was
there any informal enforcement action taken against HBUS prior
to 2010?
Ms. Dailey. There was not.
I can accept that this isn't how the system is meant to work, although the core problems of subjectivity remain even if there are warnings. For instance, wasn't a key pillar of the case against HSBC that it didn't consider all Mexican clients to be high risk, and the regulators decided they should have done? We might consider that this was ~15 years ago, in the environment of 2023 such a classification might actually be considered racism! So exactly what the standards are for things like "high risk", "politically exposed persons", "structured transactions" and so on are always open to interpretation.
Meanwhile KYC and AML makes lives of the average Joe much tougher - banks increasingly ask more documents every time, and more often. It will not stop real criminals anyway, as history shows.
A shocking idea would be to prosecute the source of the ill gotten gains, or the underlying crime, rather than imposing these AML externalities on other actors. After all, something is not money laundering if the funds were legitimate to begin with.
Alas prosecuting dictators and government officials in third-world countries doesn’t really happen, and the only way to prevent them stealing the nation’s wealth is to block the transfers
I take issue with the idea that AML as currently implemented is the "only way" and also with the characterization you've made that what we did stopped the stealing.
> A shocking idea would be to prosecute the source of the ill gotten gains, or the underlying crime, rather than imposing these AML externalities on other actors.
Of course. But there's 2 big problems with that from a government's perspective.
1) Prosecuting actual criminals would require hard work: real investigation without having an automatic sneak peak into everybody's finances is hard.
2) This wouldn't give the government any extra power.
Your point about banks being forced to do what governments cannot is a stretch. Your comparing a thrird party (governments) to a first party (banks). Your drug dealer knows your an addict well before your parents do. Also as another poster said banks get warnings to respond.
You can miss me with this banks are the victim. It has been shown over and over and over from the dawn of Banking that no matter who you are if you have a lot of money there is a bank willing to work with you.
Whether banks should be allowed to do this is a different question but they are absolutely not victims.
> if you have a lot of money there is a bank willing to work with you
That's how people think it works but it's actually not the case, and one of the reasons why SVB ended in disaster. Read those threads and you'll see complaints that SVB was the only bank that "understood" startups, because they appear out of nowhere with millions of dollars. The word "understand" is euphemism for "startups trigger AML filters" because if you show up with lots of money from a single source, that looks like it might be corruption or drug dealing to the automated systems banks use. And then individual bankers aren't allowed to override the checks because they might become corrupt, and it's not just their lives on the chopping block if that happens, it's their bosses lives too.
SVB was built from the start to bank this sort of clientele, so their AML software was configured to allow it, but this led to a huge over-weighting of startups in their depositor base which then led to massive influxes and outflows of capital that they didn't manage properly. Other banks don't have quite the same sort of instability in their depositor base.
<< Governments, even the US government, can't actually enforce the laws as written because if they did then the entire financial industry would collapse overnight from mass staff exodus.
This.
Treasury recently had to send a note via remarks to indicate to banks that 'derisking' resulting defensive SAR filing may be overdoing it. Naturally, some regulators will question every instance SAR was not filed so the banks are in weird "punching bag" position.
While a lot of text written out, this is an extremely weak argument.
It boils down to "they can't do it perfectly so they shouldn't try at all".
And the exact opposite of defense in depth.
Tons of places people will cast a blind eye to things that they know are illegal if they can profit off it. Banking is absolutely one of those areas where there are huge incentives to do so, as it requires no effort and is easy to profit off of criminality.
This law says we're not going to allow you to be part of the broader global system while knowingly profiting off of criminality. Yes you may not catch 100% of it, but you sure have to thoroughly try to eliminate it. And there will be financial punishments to ensure you're not doing it just in name only.
This is exactly what we want in our financial system.
I really don't understand the motivation behind your post. "Let's eliminate a great law for crime prevention because it doesn't prevent 100% of crime?" That makes no sense.
> "Let's eliminate a great law for crime prevention because it doesn't prevent 100% of crime?" That makes no sense.
It makes no sense because that's not what my post says. In the final paragraph it advocates for a reform of AML law, not total abolition.
> This law says we're not going to allow you to be part of the broader global system while knowingly profiting off of criminality
No it doesn't, please read my post again. Your statement would be correct if you deleted the word "knowingly". AML laws can jail bankers if they provide services to criminals, even if they didn't know of their criminal nature and even if they did actually make extensive efforts to "know their customer". In fact it can jail them even if there was no actual crime happening at all, simply for procedural reporting failures.
> The fix would be a mix of changes to AML rules and the PATRIOT Act, transforming the system into something a lot more mechanical and objective. It might make some crime a bit easier, but that can be counterbalanced by e.g. increased funding to the police.
Without a real suggestion of what to replace it with, all I'm really hearing is get "rid of it and magic some some other solution."
Transforming it into something more mechanical and objective? Taking a pop culture related concept (a bit contrived compared to what actually happens) of "banks must report all transactions over $10k." Mechanical and objective. So now criminals do transfers in $9k amounts. And we sit around waiting for a new law to be passed to catch this loop hole while criminality runs wild laundering. Then the new law passes, they spend 1 week to circumvent it and we wait around for another law to pass.
It's like trying to legislate what specific exploits a company needs to have patched to say they prevented hackers. Then a new exploit comes out, it isn't in the law and that's used until the law catches up. It's useless.
The solution is recommend/require best practices and also require that companies are responsibility for the security of their systems. Meaning they need to stay on top of things in earnest, and not just say we have those 5 legally mandated patches so we did our part.
Current security is a mess - and I guarantee if companies did have the equivalent banking laundering laws applied for security, all of a sudden a lot of companies would be interested in "provably safe" technology. Instead of today's world of essentially "do what's convenient for security, but nothing that will inconvenience our profits too much."
My post was pretty long already. A complete proposal for reforming AML laws would be a book sized topic.
Structuring is a good example of an AML rule that makes no sense any more. The goal was to try and build a database of transactions that might be vaguely relevant to crime (large cash transactions) but it was phrased in an odd way with a per-transaction limit triggering a report to the federal government, probably to deal with the limitations of paper based banking at the time. Due to this poor lawmaking - whether forced or not - of course criminals just started making deposits of $9,999 each time to avoid the reporting and this was addressed with yet more terrible law, specifying a suspicious transaction pattern whose only definition is "you should know it when you see it". Then they threaten bankers with jail if they don't see it. What if the two sides disagree on knowing-it-when-they-see-it? Well, the bankers always lose. This is hardly upholding the core principles of the justice system and only raised the difficulty for organized crime by a small amount, essentially just requiring the bring-up of front companies so they could deposit large amounts of cash without appearing to be suspicious.
Structuring rules could be abolished entirely. Since that time computers and databases got a lot more powerful, and so now in reality the US monitors all financial transactions of any size regardless of the SAR rules. They just do it via semi-secret programmes at the Treasury (TFTP), CIA and NSA. Arguably they shouldn't and an ideal system would abolish all those things, with FinCEN being folded into the FBI and it being the only agency that engages in financial forensics. Reporting in turn could simply be eliminated and replaced with a system in which the investigative agencies submit database queries to banks, and those queries are then approved by bank staff if they are complying with the rules that constrain police activity. This would bring it into line with how other requests for information (are supposed to) work in the modern era.
You could also go further and state that there's nothing special about finance and that as fishing expeditions aren't allowed in classical law enforcement, transaction reporting should be eliminated entirely. That would be consistent with other areas of law, but is presumably too radical for you.
> It's like trying to legislate what specific exploits a company needs to have patched to say they prevented hackers. Then a new exploit comes out, it isn't in the law and that's used until the law catches up. It's useless.
Yes, and AML is like passing a law that says "don't get hacked, if you do you go to jail for a couple of decades if a regulator thinks you didn't make enough effort". What counts as enough effort? What even counts as getting hacked? They won't tell you these things and in reality it depends on what the press says. If such a law were passed and then actually enforced you'd just see people refusing to work in the computing industry because no salary is worth that kind of risk.
I think the question is whether there's any evidence these laws have mitigated or prevented anything.
After 20 years there should be a vast body of evidence to justify the second, third, and fourth order effects these pernicious laws have had on society. Rather than looking at the facts, we keep pointing to nonsense perpetuating the existence of a self-licking ice cream cone. It's easier to put your head in the sand and ignore or downplay legitimate grievances when the rules you impose on everyone (and enforced at gunpoint) objectively has zero positive outcomes and a litany of negative outcomes.
I'm sure the TSA confiscated a lot of leatherman multi-tools at the airport, but that isn't a benchmark for their success. Take a guess how many terror plots have been foiled by the FBI/DHS/TSA versus random people over the same time span -- or how many caught by random people were already a person of interest by FBI/DHS/TSA.
The thing to know about money laundering is that the rules are basically set by the USA, and after the 9/11 attacks the US made money laundering a strict liability crime. It means you can be found guilty of it even if you didn't know you were doing it, made extensive efforts to ensure you didn't and even if the actual violations were made by someone else not yourself. And money laundering is defined as moving money on the behalf of criminals, or not doing enough to realize you were doing so. How much is doing enough? That's subjective, up to the regulators and they are allowed to do things like tell you you're doing enough then later change their mind and prosecute you for it.
Because it's impossible to successfully comply with such a moving target, every large bank in the world is constantly being fined for AML violations. It doesn't mean much about any specific bank to say it's been fined for that. If it was possible to actually comply, there'd be no crime that involved any financial component any more i.e. no drug trade or fraud, because the banks would always detect it, suspend the accounts, report the owners and seize the money.
Clearly these crimes do still exist because banks don't have enough information to reliably beat all criminals. They don't have police powers, so the most they can do is rely on heuristics. It's especially tough in parts of the world where cartels may have unlimited budgets to beat your systems, corrupt your employees, corrupt government employees or threaten your staff with having their arms chopped off if they don't help out. AML regulations don't recognize these problems as legitimate however, meaning you as a banker can be prosecuted and jailed for up to 20 years because someone, somewhere else in your organization, wasn't suspicious enough about some activity and report it in a timely manner.
That's why it feels like banks are always "getting away with it". Governments, even the US government, can't actually enforce the laws as written because if they did then the entire financial industry would collapse overnight from mass staff exodus. This was the very real risk that led to HSBC being fined rather than directly prosecuting the staff. There was apparently a big fight inside the US Gov about this between the Justice Dept and the Treasury, with (I think) the former wanting prosecutions and the latter pushing for no prosecutions. The Treasury knew that prosecutions could succeed and if they did, there'd be a very different and much worse kind of bank run.
To me, it doesn't seem reasonable to expect bankers to achieve what the world's police forces and intelligence agencies never could. But the public doesn't really understand these dynamics. Whenever they read about banks laundering money, they think it's bankers who are knowingly taking part in organized crime and so demand punitive action. Governments can then blame the banks for crime whilst simultaneously taking some billions of dollars from them for the general budget. In the short term it's a win for them. The true cost is somewhat subtle and long term, in things like innocent people being unable to get bank accounts, or finding it very difficult, and a general feeling of society being rigged in favor of the bankers who never seem to be punished for their claimed crimes. The fix would be a mix of changes to AML rules and the PATRIOT Act, transforming the system into something a lot more mechanical and objective. It might make some crime a bit easier, but that can be counterbalanced by e.g. increased funding to the police.
[1] https://www.learnsignal.com/blog/hsbc-money-laundering/#:~:t....
[2] https://www.theguardian.com/world/2011/apr/03/us-bank-mexico...
[3] https://www.vice.com/en/article/g5bkyq/drug-cartels-used-aus...
[4] https://money.cnn.com/2018/02/08/news/rabobank-mexico-drug-m...
[5] https://www.newyorker.com/news/news-desk/the-fincen-files-sh...