4 min read

10 Best Practices for Navigating Enforcement Actions

connected wooden tiles with imprinted bank icons on each with one coloured red to indicate a problem

Regulatory failings and misconduct weigh heavily on global bank profitability and equity positions, affecting bank stock returns and market valuations, too. 

This leads to closer scrutiny by regulatory supervisors trying to understand what triggered enforcement investigations, a hot seat no financial institution wants to be in. 

Chuck Taylor, Head of the Financial Crimes Advisory team at AML RightSource, assembled a top-notch panel of experts for our latest webinar focused on using recent enforcement actions to fine-tune compliance programs. 

Based on this conversation, here are ten best practices for navigating and applying enforcement actions: 


1. Act Immediately  

If an examiner identifies a potential violation or deficiency, it's crucial to address and correct these issues immediately. Attempting to resolve issues prior to the exit meeting can help avoid a formal citation.  

Likewise, maintain open communication with your examiners during their visit; don't wait until the exit meeting to discuss potential problems.  

If you face an enforcement path, understand the process, whether formal or informal. If it's formal, you have certain rights that you should be aware of, and you’ll want to consult with experts to respond effectively to information requests from agencies. 


2. You Can Appeal  

All federal banking agencies have appeal processes, enabling you to contest examination findings if there are factual inaccuracies or unsupported violations. 


3. Take Advantage of the Opportunity to Respond  

In the event of severe Anti-Money Laundering violations, where there's a failure in your program or a recurring issue, the federal banking agencies are mandated by 12 United States Code 1818(s) to issue a cease-and-desist order.  

Before issuing this order, the agencies must provide the bank with an opportunity to respond. It's crucial to utilize this chance to respond, as your response will be included in the final recommendation memorandum viewed and approved by the agency's senior managers. 


4. Demonstrate Actionable and Defendable Progress 

Correcting AML deficiencies can take more than one examination cycle. 

If you are making substantial acceptable progress towards rectifying a previously cited deficiency, examiners are not obligated to impose an order against your institution. 

Likewise, when a violation of the law is considered system or technology-related, due to the complexity and extended time frames involved in implementing a new system, regulators are not required to include it in the report.  

Instead, they can address it in a separate formal or informal agreement for discussion, but this will largely depend on the trust-based relationship you’ve established with your regulator.  

Download our 'Mastering Implementation' Guide here.  


5. Take Note of Regulation by Enforcement: It's Not Always Going to be Black and White 

Ideally, the laws governing AML programs would adapt swiftly and dynamically, but that is not the reality in the real world.  

Cryptocurrency and Artificial Intelligence are two good examples, where risks to the financial system and its stability have outpaced the legislative process. 

Part of an examiner's role involves interpretation, which is inherent in a risk-based environment. As such, not every enforcement action can be traced directly back to legislation. Instead, examiners will provide commentary on practices they believe inadequately mitigate risk, prompting the bank to act appropriately. 

While it can feel like regulatory bodies are breaking new ground, regulation by enforcement is unavoidable to mitigate risk, so be mindful and prepared for it. 


6. Go Beyond your Banking Model when Reviewing Enforcement Actions 

Enforcement actions present a valuable opportunity to reassess your program’s efficacy. When reviewing these, expand your focus beyond just your immediate banking model and treat each enforcement action as if it applies directly to you.  

Look for similarities and insights that are transferable to your business model, associated risks, controls; anything that can help to assess, refine, and strengthen your program. 

Likewise, enforcement actions will help you to identify regulatory themes and emerging risks and can help to predict where your regulators might focus their supervisory expectations next.  


7. Have a Process for Reviewing Enforcement Actions  

Start by examining the statement of facts; this will provide context and pertinent information. Pay attention to the cited violations—are they recurrent problems or simply unsafe and unsound banking practices? Often, a single term can give you insight into some of the issues that examiners encountered.  

Then, establish a matrix for reviewing consent orders related to your program. Have your team individually review the orders and document what stood out to them. Align these with your pillars and draw a conclusion, clearly distinguishing between the 'nice-to-haves' and 'must-haves.’  

“Provide thematic information to senior line of business leaders, product development leads, as well as board and senior management” – Michael Hall, SVP, Director of AML and Sanctions and BSA Officer at Fifth Third Bank.  

“What is the message that a BSA officer needs to ensure people understand correctly?” – Megan Hodge, Executive Compliance Director, BSA/AML Officer at Ally 


8. Talk to your Regulators Directly and With Confidence  

If a business model or product has been the subject of discussion and an enforcement action has emerged on that theme that's relevant to your institution, proactively bring it up with your regulator. 

Whether it's to validate the measures you're implementing or disclose the measures you will be reviewing, it demonstrates how your program identifies and responds to risk. 

This proactive approach ensures alignment between everyone involved and allows you to build credibility and trust with your examiner by showing them you're attentive and responsive. 


9.  Use Enforcement Actions to Demonstrate ROI 

When updating leadership, enforcement actions, especially those relating to staffing, backlogs, or skills, can be used to underscore that the funds allocated to your AML program are indeed a strategic investment, allowing your team to remain in compliance with regulations and expectations while also supporting a proactive position that pre-empts future issues. 


10. Make Sure You Have a Strong Culture of Compliance  

Ensure a robust compliance culture within your organization. The 'M' rating, which represents management strength, is a significant bank rating component.  

The presence of this culture within your organization and the strength of management can significantly influence the type of enforcement action your institution may be subjected to. 


Want to hear directly from our expert panel? Access the webinar here

Or, if you want to learn more about how our advisory and managed services solutions can help you navigate enforcement actions, simply fill out our contact form, and let's start the conversation. 

Connect with our Speakers

chuck taylor headshot

Chuck Taylor

EVP, Financial Crime Advisory, AML RightSource 


James Vivenzio

Jim Vivenzio

Senior Counsel at Perkins Coie LLP 


Megan Hodge-1

Megan Hodge

Executive Compliance Director, BSA/AML Officer at Ally 


Michael Hall

Michael Hall

SVP, Director of AML and Sanctions and BSA Officer at Fifth Third Bank