OFAC Settles with TD Bank, N.A. for $115,005.04 Related to Apparent Violations of the North Korea Sanctions Regulations and the Foreign Narcotics Kingpin Sanctions Regulations
TD Bank, N.A. (“TDBNA”), a bank incorporated in Wilmington, Delaware, has agreed to remit $115,005.04 to settle its potential civil liability for two separate matters involving apparent violations of the North Korea Sanctions Regulations and the Foreign Narcotics Kingpin Sanctions Regulations. In the first matter, TDBNA processed 1,479 transactions totaling $382,685.38 and maintained nine accounts on behalf of employees of the North Korean mission to the United Nations without a license from OFAC. In the second matter, TDBNA maintained two accounts for more than four years for a U.S. resident who was listed on OFAC’s list of Specially Designated Nationals and Blocked Persons (“SDN List”). The apparent violations in both cases resulted from multiple sanctions compliance breakdowns, including screening deficiencies and human error, and highlight the importance of maintaining and following proper escalation procedures and ensuring adequate employee training. The settlements reflect OFAC’s determination that TDBNA’s apparent violations in both matters were voluntarily self-disclosed and were non-egregious.
TD Bank’s North Korea-related actions
Between December 20, 2016 and August 15, 2018, TDBNA processed 1,479 transactions totaling $382,685.38, and maintained nine accounts on behalf of five employees of the North Korean mission to the United Nations without a license from OFAC. At account opening, the account holders of all nine accounts presented to TDBNA North Korean passports. However, these passports did not generate an alert during the customer screening process because TDBNA relied heavily on a vendor-supplied Politically Exposed Persons (PEP) list (“PEP list”), which did not include government employees of sanctioned countries. In addition, TDBNA employees often misidentified North Korea (referring to it as Korea or South Korea or using a country code meant for South Korea), or left the citizenship field blank in the customer profiles. As a result, TDBNA’s screening system did not flag any of these accounts because the citizenship information was missing or incorrect.
Under the North Korea Sanctions Regulations (NKSR), 31 C.F.R. § 510.510(c), a general license authorizing certain transactions with the North Korean Mission to the United Nations specifies that it does not authorize U.S. financial institutions to open and operate accounts for employees of the North Korean mission. It further specifies that U.S. financial institutions are required to obtain OFAC specific licenses to operate accounts for such persons. Because TDBNA did not have a specific license to provide these services, its conduct resulted in the apparent violations of 31 C.F.R. § 510.201.
TD Bank’s Kingpin-related actions
Esperanza Caridad Maradiaga Lopez was added to the SDN List in September 2013. In February 2016, Lopez opened two joint accounts at a Miami-area TDBNA branch. A sanctions screening alert was generated for Lopez the day after account opening. Despite first and last name and date-of-birth matches to the SDN List entry for Lopez, the reviewer dismissed the alert because there was “no match on full name DOB and geographical location.” Over the next four years, four additional high-confidence sanctions screening alerts were generated, three of which were manually dismissed for similar reasons. Only the fifth and final alert, in February 2020, was determined by a reviewer to be a true hit, triggering the blocking of Lopez’s accounts four years late and disclosure to OFAC. After the accounts were blocked, however, TDBNA’s Fraud Unit, unaware of the sanctions-related reason for account closure, credited one of Lopez’s accounts, causing it to be re-opened. The mistake was identified a few days later and the account was re-closed.
The failure to correctly identify Lopez as a person on the SDN List was the result of human error and a breakdown in TDBNA’s sanctions compliance procedures. Lopez’s name appeared in TDBNA’s systems as “Esperanza Maradiaga Lopez,” while the OFAC SDN List entry has the name “Esperanza Caridad Maradiaga Lopez.” The date of birth information TDBNA had on file also matched the date of birth in the SDN listing. In addition to incorrectly dispositioning these alerts, TDBNA analysts contravened TDBNA procedures which require alerts to be escalated if a match occurs in first and last name and any additional information field.
This conduct resulted in 145 apparent violations of 31 C.F.R. § 598.202 of the Foreign Narcotics Kingpin Sanctions Regulations.
Other things to note:
- TDBNA had reason to know that it maintained accounts for North Korean nationals because at account opening, the account holders of all nine accounts presented to TDBNA North Korean passports
- Although 1,479 transactions totaling $382,685.38 were processed in apparent violation of the NKSR, all of the transactions would likely have been licensable under existing licensing policy;
- (Kingpin-related violations) All of the transactions would likely have been licensable under existing OFAC policy had the account holder or TDBNA applied for a license
The lessons to learn here
These two actions highlight the importance of developing and implementing appropriate sanctions screening controls, following internal escalation procedures, and providing comprehensive training to relevant employees.
For example, the North Korea-related matter emphasizes that banks and other financial institutions should consider taking steps to ensure accurate recordkeeping, including the correct identification of nationality, especially when providing financial services in connection with diplomatic accounts. Banks and other financial institutions should also consider implementing appropriate controls to flag highly relevant information in customer profiles that may indicate a sanctions nexus, such as accountholder passports issued by a sanctioned jurisdiction.
Similarly, in the Foreign Narcotics Kingpin-related matter, the bank’s compliance program flagged an account multiple times for a possible SDN List match, but an incorrect evaluation was made multiple times and the potential match was not escalated, in contravention of existing compliance policy. This action demonstrates the necessity of not merely developing appropriate procedures and policies for adjudicating and escalating sanctions screening alerts, but also ensuring that they are followed and implemented accordingly. This action also highlights the need for proper coordination of compliance efforts and actions across various departments and business units within a financial institution, such that a decision to block an account by one department cannot be overturned by another without appropriate controls.
Finally, both matters highlight the need for comprehensive and thorough staff training, especially for employees tasked with reviewing customer onboarding information and adjudicating potential sanctions matches. Such training helps ensure that internal policies and procedures are followed and that potential matches are properly escalated consistent with those policies and procedures.