USAA fined $140 million over ‘willful’ Bank Secrecy Act lapses

USAA Federal Savings Bank will pay a combined $140 million to the Office of the Comptroller of the Currency and the Financial Crimes Enforcement Network for violations of the Bank Secrecy Act.

Fincen gave the San Antonio bank an $80 million civil money penalty on Thursday, while the OCC levied a $60 million fine. Both agencies also issued enforcement actions against the bank in connection with violations of anti-money-laundering rules.

USAA didn’t report thousands of suspicious transactions, including those of customers who used personal accounts for what appeared to be criminal activity, Fincen said. And from at least January 2016 to April 2021, the bank failed to implement and maintain an anti-money-laundering program that met BSA standards, according to Fincen.

USAA will pay an $80 million civil money penalty to the Financial Crimes Enforcement Network and a $60 million fine to the Office of the Comptroller of the Currency.
Adobe Stock

Even as USAA’s customer base and revenue grew, the bank “willfully failed to ensure that its compliance program kept pace, resulting in millions of dollars in suspicious transactions flowing through the U.S. financial system without appropriate reporting,” Fincen acting Director Himamauli Das said in a statement.

It’s the latest in a series of regulatory problems for USAA, a $117.4 billion-asset bank that mostly caters to military members and their families.

USAA said in a statement that the problems stemmed from the bank having failed to “sufficiently strengthen” its “capabilities and expertise necessary” to meet BSA/anti-money-laundering requirements.

“We are working cooperatively with the OCC and will continue to do so,” the bank said.

Fincen, which is a bureau of the Treasury Department, outlined its findings in a 29-page consent order.

Management at the bank, the order said, “had knowledge of the violations, yet they failed to quickly and effectively remediate the identified deficiencies.”

In one example of the shortcomings that were identified, the consent order referred to “Customer B,” a 22-year-old living in Los Angeles whose account triggered alerts for various transactions, including unexplained international travel and expensive art purchases.

Some high-cost transactions were tied to a foreign-based individual who, on further investigation, was found to be connected to an entity named in the Panama Papers, a series of leaked documents on the finances of wealthy individuals that made a splash globally in 2016.

USAA failed to report the suspicious activity, which totaled about $125,000, for more than a year, according to Fincen.

Meanwhile, the OCC told USAA “by at least 2017” that its anti-money-laundering program had significant problems, according to the consent order. The bank initially told the OCC it would overhaul its program by 2020, but later pushed the date back to June 20, 2021.

“USAA FSB authored the 2018 Commitments and pledged to make improvements, yet it missed two completion deadlines over four years and remains out of compliance with them,” the Fincen consent order stated.

A cease-and-desist order from the OCC requires USAA to “take broad and comprehensive” action to improve its internal controls, and to provide training and third-party risk management of its BSA and anti-money-laundering program.

In a statement, Wayne Peacock, chief executive of USAA, said that “issues identified in these orders did not result in any individual member harm” before adding that “we understand the importance of these requirements.”

“USAA has already made progress in many critical areas by investing in new systems and training, enhancing staffing and expertise, and improving our processes,” he said in the statement.

In 2020, the OCC fined USAA $85 million for falling short of risk management standards and for being out of compliance with laws protecting military service members. The year before, the agency issued a consent order that identified shortcomings in the bank’s risk management program and information security systems.

Also in 2019, the Consumer Financial Protection Bureau issued a consent order against USAA, ordering the bank to pay more than $15 million in restitution and fines over claims that it didn’t adequately respond to stop-payment requests, and that it reopened deposit accounts without customers’ permission.

For reprint and licensing requests for this article, click here.
Regulation and compliance Money laundering
MORE FROM AMERICAN BANKER