Michael LaFontaine, the former chief operational risk officer at a subsidiary of U.S. Bancorp, was fined USD 450,000 by the U.S. Treasury Department for his failure to prevent violations of U.S. anti-money laundering (AML) regulations during his tenure at the bank.
U.S. Bank National Association used automatic transaction monitoring software to spot potentially suspicious activity, but it improperly capped the number of alerts generated, limiting the ability of law enforcement to investigate criminal activity, according to Treasury’s Financial Crimes Enforcement Network (FinCEN). The bank also failed to staff the compliance function with enough people to review the reduced number of alerts that could cause the bank to file suspicious activity reports (SARs), FinCEN said.
“[LaFontaine’s] actions prevented the proper filing of many, many SARs, which hindered law enforcement’s ability to fully combat crimes and protect people,” said FinCEN Director Kenneth A. Blanco. “FinCEN encourages technological innovations to help fight money laundering, but technology must be used properly.”
U.S. Bancorp, the parent company of U.S. Bank, agreed to pay USD 613 million in February 2018 to federal and state authorities over failures in its AML and Bank Secrecy Act (BSA) compliance program. U.S. Bancorp entered into a two-year deferred prosecution agreement as part of the settlement.
Regulators have previously penalized individual compliance officials in cases of AML failure.
LaFontaine, who was the bank’s chief compliance officer from 2005 through 2010 and held the role of chief operational risk officer from October 2012 until his 2014 departure, admitted that he participated in the violations, according to a filing by FinCEN relating to the penalty. Since leaving the bank, LaFontaine co-founded and is the managing director of Redpoint Advisors, a management consulting firm, and he co-founded cybersecurity company knectIQ.
He was warned by subordinates and regulators about capping the number of alerts, FinCEN said. The OCC told the bank on several occasions that numerical caps limiting alerts could result in a potential enforcement action, and LaFontaine received internal memos saying increases in SAR volumes and law enforcement inquiries created a situation where the AML staff was “stretched dangerously thin,” FinCEN said.
The conduct continued until May 2014, when an anti-money laundering officer bypassed LaFontaine and sent an email to the bank’s then-chief risk officer referencing the alert caps issue, according to the FinCEN filing. The bank didn’t begin to address its deficient policies and procedures for monitoring transactions and generating alerts for another month, when questions from the OCC and reports from an internal complaint caused the chief risk officer to retain outside counsel for an investigation, according to the filing.