Bank Secrecy Act (BSA)

Today the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) announced that it had fined a California card club, Artichoke Joe’s Casino, $8 million for numerous willful violations of the Bank Secrecy Act occurring since 2009. In its assessment, FinCEN found that during the last eight years, the card club failed to implement and maintain an effective anti-money laundering program and failed to detect and adequately report suspicious transactions in a timely manner. This is the third enforcement action against a card club for FinCEN, the only federal regulator with anti-money laundering enforcement authority over card clubs. Artichoke Joe’s Casino did not consent to imposition of the assessment, which means that the Justice Department must now file suit in federal court to enforce the assessment and collect the penalty amount.

Artichoke Joe’s Casino is located in San Bruno, California, and has been in operation since 1916. A “card club” is a gaming establishment that only offers card games, and most are located in Montana and California. One of the largest card clubs in California, Artichoke Joe’s Casino contains 38 tables offering card and tile games, including baccarat, blackjack, poker, and Pai Gow, and has a history of compliance deficiencies. The Internal Revenue Service, which examines card clubs for compliance with the Bank Secrecy Act, conducted an examination in 2015 that identified significant violations of the Bank Secrecy Act. In addition, on May 9, 2011, Artichoke Joe’s Casino entered into a stipulated settlement with the California Bureau of Gambling Control, agreeing to pay a fine of $550,000, with $275,000 stayed for a two-year period, and agreed to modify its surveillance, work with the city of San Bruno to improve coordination with law enforcement, replace employees at the Pai Gow tables, and provide additional training on loan-sharking, illegal drugs, and compliance with the Bank Secrecy Act.

In a press release announcing the assessment, Jamal El-Hindi, Acting Director of FinCEN, said, “[f]or years, Artichoke Joe’s turned a blind eye to loan sharking, suspicious transfers of high-value gaming chips, and flagrant criminal activity that occurred in plain sight. FinCEN’s $8 million civil penalty results from the card club’s failure to establish adequate internal controls and its willful violations of the Bank Secrecy Act. Casinos, card clubs and others in the gaming industry should consider their risk of exploitation by criminal elements, and understand that they will be held accountable if they disregard anti-money laundering and illicit finance laws. This significant action highlights the need for all entities, including those in the gaming industry, to build a robust culture of compliance into their policies and procedures to ensure they are not facilitating illicit activities.”

In March 2011, Artichoke Joe’s Casino was the subject of a raid by state and federal law enforcement which led to the racketeering indictment and conviction of two customers for loan-sharking and other illicit activities conducted at the casino. Senior-level employees knew that loan-sharks were conducting criminal activity through the card club and using gaming chips to facilitate illegal transactions. Nonetheless, according to FinCEN, Artichoke Joe’s Casino failed to file any Suspicious Activity Reports (SARs) on this activity.

According to FinCEN, Artichoke Joe’s Casino also failed to implement adequate internal controls, which exposed the card club to a heightened risk of money laundering and other criminal activity. In particular, the card club failed to adopt adequate policies and procedures to address risks associated with gaming practices that allow customers to pool or co-mingle their bets with relative anonymity. Further, Artichoke Joe’s Casino did not establish procedures for obtaining and incorporating information from propositional players (players paid by casinos or card clubs to wager at a game) or other employees who may have observed suspicious transactions. The card club also failed to file complete and timely reports on suspicious transactions involving potentially structured chip redemptions and purchases, and redemptions of large volumes of chips with no cash-in or gaming activity.

FinCEN’s action today represents only its third enforcement action against a card club, and its first ever non-consensual card club assessment. Its first action was against Oaks Card Club of Emeryville, California in December 2015. In that proceeding, Oaks Card Club admitted that it violated the program and reporting requirements of the Bank Secrecy Act and agreed to pay a fine of $650,000. In July 2016, FinCEN fined Hawaiian Gardens Casino (also based in California) $2.8 million, which admitted that it violated the Bank Secrecy Act’s program and reporting requirements and agreed to future undertakings, including periodic independent reviews to examine and test its AML program.

This article is Part II of a series in which we address the U.S. government’s attempts to combat money laundering in real estate transactions. Part I is available here.

On August 22, 2017, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued revised Geographic Targeting Orders (GTOs) requiring title insurance companies, and their subsidiaries and agents, to collect and report information about certain residential real estate transactions in the following jurisdictions: (1) all boroughs of New York City; (2) Miami-Dade County and the two counties immediately to the north (Broward and Palm Beach); (3) Los Angeles County, California; (4) three counties comprising part of the San Francisco area (San Francisco, San Mateo, and Santa Clara counties); (5) San Diego County, California; (6) the county that includes San Antonio, Texas (Bexar County); and (7) the City and County of Honolulu in Hawaii. In this article, which address the additional reporting and recordkeeping requirements imposed upon businesses that engage in transactions covered by the terms of the revised GTOs.

Which Title Insurance Companies Are Impacted by the Revised GTOs?

Any title insurance company, and its subsidiaries and agents, is deemed to be a “Covered Business” subject to the terms of the revised GTOs. In addition, each Covered Business must supervise, and is responsible for, compliance by each of its officers, directors, employees, and agents with the terms of the revised GTOs. Each Covered Business must transmit a copy of the revised GTO to each of its agents. Each Covered Business must also transmit a copy of the revised GTO to its Chief Executive Officer or other similarly acting manager.

What Type of Transactions Are Covered by the Revised GTOs?

A real estate transaction that is considered a “Covered Transaction” is subject to the revised GTOs. In order for a transaction to be “covered,” it must meet all of the following requirements:

  1. A “Legal Entity” (which is defined as a corporation, limited liability company, partnership, or other similar business entity, whether formed under the laws of a state or of the U.S. or a foreign jurisdiction) purchases residential real property:
    • For a total purchase price of $500,000 or more in the Texas county of Bexar;
    • For a total purchase price of $1,000,000 or more in the Florida county of Miami-Dade, Broward, or Palm Beach;
    • For a total purchase price of $1,500,000 or more in the Borough of Brooklyn, Queens, Bronx, or Staten Island in New York City, New York;
    • For a total purchase price of $2,000,000 or more in the California county of San Diego, Los Angeles, San Francisco, San Mateo, or Santa Clara;
    • For a total purchase price of $3,000,000 or more in the Borough of Manhattan in New York City, New York; or
    • For a total purchase price of $3,000,000 or more in the City and County of Honolulu in Hawaii; and
  1. Such purchase is made without a bank loan or other similar form of external financing; and
  2. Such purchase is made, at least in part, using currency or a cashier’s check, a certified check, a traveler’s check, a personal check, a business check, or a money order in any form, or a funds transfer.

For purposes of the revised GTOs, “residential real property” means real property (including individual units of condominiums and cooperatives) designed principally for the occupancy of from one to four families.

Payment of at least part of the purchase price using one of these methods, such as a wire transfer, a cashier’s check (sometimes referred to as a “bank check,” “official check,” or “treasurer’s check”), a personal check, a business check, or a certified check, triggers a Covered Transaction, assuming the other three criteria listed above are met.

Importantly, FinCEN has made clear that there is no de minimis exception to any of the methods of payment covered by the revised GTOs. If any part of the purchase price was made using one of the specified methods of payment in the revised GTOs, then the transaction is considered a Covered Transaction (assuming the other three criteria are met). FinCEN expects a Covered Business to take reasonable steps to determine whether any part of the purchase price was made using one of the specified methods of payment. FinCEN recognizes that in some instances a small percent of the purchase price of a residential real estate transaction may be held by a third party, such as a real estate agent holding an earnest money deposit. A Covered Business may reasonably rely on information provided to it by such third parties.

What Information Is Required To Be Reported Pursuant to the GTOs?

If the Covered Business is involved in a Covered Transaction, then the Covered Business shall report the Covered Transaction to FinCEN by filing a FinCEN Form 8300, which is entitled “Report of Cash Payments Over $10,000 Received in a Trade or Business.” This form must be filed within 30 days of the closing of the Covered Transaction. Each FinCEN Form 8300 filed pursuant to the revised GTOs must be (i) completed in accordance with the terms of the revised GTOs and FinCEN Form 8300 instructions (although when such terms conflict, the terms of the revised GTOs apply), and (ii) e-filed through the Bank Secrecy Act E-filing system.

Each Form 8300 filed pursuant to the revised GTOs shall contain the following information about the Covered Transaction:

Part I shall contain information about the identity of the individual primarily responsible for representing the Purchaser, which refers to the individual authorized by the entity to enter legally binding contracts on behalf of the entity. The Covered Business must obtain and record a copy of this individual’s driver’s license, passport, or other similar identifying documentation. A description of such documentation must be provided in Field 14 of the form.

Part II shall contain information about the identity of the Purchaser, which refers to the Legal Entity that is purchasing residential real property as part of a Covered Transaction. The Covered Business should select Field 15 on the FinCEN Form 8300, which will enable reporting of multiple parties under Part II of the form.

Part II shall also contain information about the identity of the Beneficial Owner(s) of the Purchaser. “Beneficial Owner” means each individual who, directly or indirectly, owns 25 percent or more of the equity interests of the Purchaser. The Covered Business must obtain and record a copy of the Beneficial Owner’s driver’s license, passport, or other similar identifying documentation. A description of such documentation must be provided in Field 27 of the form.

Part III shall contain information about the Covered Transaction as follows:

  • Field 28: Date of closing of the Covered Transaction.
  • Field 29: Total amount transferred using currency or a cashier’s check, a certified check, a personal check, a business check, or a money order in any form.
  • Field 31: Total purchase price of the Covered Transaction.
  • Field 34: Address of real property involved in the Covered Transaction.

With respect to information required to be reported in Field 29 of the Form 8300, the Covered Business should include the total amount of the purchase price, if any, that was paid using currency or a cashier’s check, a certified check, a traveler’s check, a personal check, a business check, or a money order in any form. With respect to information required to be reported in Field 31, the Covered Business should include the total purchase price, if different from the amount included in Field 29.

Part IV shall contain information about the Covered Business.

The Comments section to the Form 8300 shall contain the following information:

  • The term “REGTO” as a unique identifier for this Order.
  • If the purchaser involved in the Covered Transaction is a limited liability company, then the Covered Business must provide the name, address, and taxpayer identification number of all its members.
  • If a Form 8300 is being filed by an agent of the Covered Business named in this Order, then the agent shall include the name of such Covered Business.

When Are the Revised GTOs Effective?

The revised GTOs are effective beginning on September 22, 2017, and ending on March 20, 2018 (unless they are further extended by FinCEN).

What Records Relating to the Revised GTOs Must Be Retained?

Consistent with the general recordkeeping provisions of the regulations promulgated under the Bank Secrecy Act, each Covered Business must (1) retain all records relating to compliance with the revised GTOs for a period of five years from the last day that the GTOs are effective (including any renewals); (2) store such records in a manner accessible within a reasonable period of time; and (3) make such records available to FinCEN or any other appropriate law enforcement or regulatory agency, upon request.

What Are the Penalties for Noncompliance with the Revised GTOs?

Each Covered Business, and any of its officers, directors, employees, and agents, may be held liable for civil or criminal penalties for violating any of the terms of the revised GTOs.

What Procedures Should Covered Businesses Implement to Ensure Compliance with the Revised GTOs?

To assist Covered Businesses in complying with the revised GTOs, FinCEN has published an updated list of frequently asked questions (FAQs) in response to inquiries it has received. In those FAQs, FinCEN states that it expects a Covered Business to implement procedures reasonably designed to ensure compliance with the terms of the GTOs, including reasonable due diligence to determine whether it (or its subsidiaries or agents) is involved in a Covered Transaction and to collect and report the required information. In complying with the terms of the GTOs, a Covered Business may reasonably rely on information provided to it by third parties, including other parties involved in Covered Transactions. Covered Businesses may also contact the FinCEN Resource Center at (800) 767-2825.

To What Extent Must a Covered Business Verify Information About the Beneficial Owner of a Purchaser?

The revised GTOs require a Covered Business to collect and report certain identifying information about the Beneficial Owner(s) of the Purchaser in a Covered Transaction. For purposes of the GTOs, a “Beneficial Owner” means each individual who, directly or indirectly, owns 25 percent or more of the equity interests of the Purchaser. The GTOs provide that the Covered Business must obtain and record a copy of the Beneficial Owner’s driver’s license, passport, or other similar identifying documentation. The Covered Business may reasonably rely on the information provided to it by third parties involved in the Covered Transaction, including the Purchaser or its representatives, in determining whether the individual identified as a Beneficial Owner is in fact a Beneficial Owner.

Who Is Considered a Covered Business’s “Agents” for Purposes of the Revised GTOs?

“Agents” of a Covered Business refer to people or entities that are authorized by the Covered Business, usually through a contractual relationship, to act on its behalf to provide title insurance underwritten by the Covered Business (or its subsidiaries). FinCEN notes that the recordkeeping and reporting requirements under the GTOs are triggered only when a Covered Business (or its subsidiaries or agents) is involved in a Covered Transaction by providing title insurance underwritten by that Covered Business (or its subsidiaries) in connection with the Covered Transaction.

FinCEN also recognizes that a person or entity may be an independent agent of a Covered Business, and thus may act on behalf of multiple title insurance companies. A Covered Business is responsible for the recordkeeping and reporting requirements under the revised GTOs only when such agents are acting on its behalf in connection with a Covered Transaction.

For more up-to-date coverage from Tax Controversy Sentinel, please subscribe by clicking here.

T2000px-US-FinancialCrimesEnforcementNetwork-Seal_svghe Financial Crimes Enforcement Network (FinCEN) and Office of the Comptroller of the Currency (OCC) yesterday announced the assessment of a $7 million civil money penalty against Merchants Bank of California of Carson, California, for willful violations of several provisions of the Bank Secrecy Act (BSA). (The FinCEN press release is here and assessment is here; the OCC press release is here and consent order is here.) FinCEN and the OCC found that the bank failed to (a) establish and implement an adequate anti-money laundering (AML) program, (b) conduct required due diligence on its foreign correspondent accounts, and (c) detect and report suspicious activity. FinCEN found that “Merchants’ failures allowed billions of dollars to flow through the U.S. financial system without effective monitoring to adequately detect and report suspicious activity. Many of these transactions were conducted on behalf of money services businesses (MSBs) that were owned or managed by Bank insiders who encouraged staff to process these transactions without question or face potential dismissal or retaliation.” In addition, FinCEN determined that bank insiders directly interfered with the BSA staff’s attempts to investigate suspicious activity related to these insider-owned accounts.

Seal_of_the_Office_of_the_Comptroller_of_the_Currency_svgThe OCC (Merchants’ federal functional regulator) previously identified deficiencies in Merchants’ BSA/AML compliance program which resulted in the issuance of consent orders in June 2010 and June 2014. Those consent orders required the bank to correct deficiencies in all four pillars of its BSA program (the system of internal controls, independent testing, a designated individual or individuals responsible for coordinating and monitoring BSA/AML compliance, and training for appropriate personnel). OCC concluded that Merchants violated numerous provisions of those consent orders, which no doubt contributed to the decision by FinCEN and the OCC to impose such a significant civil money penalty against the bank.

Merchants specialized in providing banking services for check-cashers and money transmitters (commonly referred to as “money services businesses” or MSBs). However, FinCEN found that it provided those services without adequately assessing the money laundering risks and without designing an effective AML program. Merchants also provided its high-risk customers with remote deposit capture services without adequate procedures for monitoring their use.

FinCEN’s assessment disclosed that one of Merchants’ MSB customers was the subject of a federal criminal investigation into its anti-money laundering compliance program. That customer, a Los Angeles-based check cashing store, its head manager, and its designated anti-money laundering compliance officer eventually pleaded guilty to criminal charges including conspiracy to fail to file currency transactions reports (CTRs) and failing to maintain an effective anti-money laundering program in connection with over $8 million in transactions. The head manager was sentenced to 5 years in prison, and the AML compliance officer was sentenced to 8 months in prison. FinCEN concluded that even after learning that this customer was under criminal investigation in February 2012, Merchants failed to report the customer and its activity on a Suspicious Activity Report (SAR).

According to FinCEN, Merchants also failed to provide the necessary level of authority, independence, and responsibility to its BSA officer to ensure compliance with the BSA as required, and compliance staff was not empowered with sufficient authority to implement the Bank’s AML program. Merchants’ leadership impeded BSA analysts and other employees from investigating activity on transactions associated with accounts that were affiliated with Bank executives, and the activity in these accounts went unreported for many years. FinCEN found that Merchants’ interest in revenue compromised efforts to effectively manage and mitigate its deficiencies and risks.

In addition, Merchants banked customers located in several jurisdictions considered to be high-risk but did not identify these customers as foreign correspondent customers and therefore did not implement the required customer due diligence program. In a three-month period, Merchants processed a combined $192 million in high-risk wire transfers through some of these accounts.

Merchants consented to imposition of the $7 million civil money penalty and accepted the findings of FinCEN that the bank had willfully violated the BSA’s program, recordkeeping, and reporting requirements. Merchants also consented to imposition of another OCC consent order. Notably, FinCEN’s settlement with Merchants does not preclude consideration of separate enforcement actions that may be warranted with respect to any financial institution or any partner, director, officer, or employee of a financial institution, suggesting the possibility that future criminal or civil enforcement actions may be forthcoming.

The specific findings made by FinCEN and accepted by the bank are outlined in more detail below.

  1. Failure to Establish and Implement an Adequate AML Program

The OCC requires each bank under its supervision to develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with the BSA’s recordkeeping and reporting requirements. At a minimum, a bank’s AML compliance program must: (a) provide for a system of internal controls to assure ongoing compliance; (b) provide for independent testing for compliance to be conducted by bank personnel or by an outside party; (c) designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and (d) provide training for appropriate personnel. FinCEN found that Merchants failed to establish and maintain adequate internal controls to assure ongoing compliance. In particular, Merchants did not conduct a sufficient independent audit commensurate with the institution’s complexity and risk profile; it failed to provide the necessary level of authority, independence, and responsibility to its BSA Officer to ensure day-to-day compliance; and it did not provide adequate training for appropriate personnel.

Merchants provided banking services for as many as 165 check-cashing customers and 44 money transmitters, many of which were located hundreds of miles away from the bank. According to the assessment, Merchants did so without adequately assessing the money laundering risk of these customers and designing an effective AML program to address those risks. Specifically, it did not implement adequate due diligence programs and provided its high-risk customers with remote deposit capture services (RDC) without adequate procedures for monitoring their use. In addition, in several instances, bank insiders directly interfered with the BSA staff’s attempts to investigate suspicious activity related to insider-owned accounts. Insiders owned or managed MSBs, which had accounts at Merchants, and from 2007 to September 2016 certain of these accounts demonstrated highly suspicious transaction patterns including possible layering schemes, transactions not commensurate with the business’s purpose, and commingling of funds between two independent check cashing entities. Merchants’s leadership impeded BSA analysts and other employees investigating activity on transactions associated with accounts that were affiliated with Bank executives, and the activity in these accounts went unreported for many years. Employees who attempted to report suspicious activity in these accounts were threatened with possible dismissal or retaliation. Merchants’s executives weakened the Bank’s AML program by creating a culture that did not sufficiently detect or report on suspicious activity involving the accounts of insiders.

Until 2015, Merchants failed to conduct an independent audit that was commensurate with the Bank’s customer complexity and risk profile. Merchants is required to conduct independent compliance testing commensurate with the BSA/AML risk profile of the Bank to monitor and maintain an adequate program. By not conducting the required independent review, Merchants was unable to identify vulnerabilities in its compliance program and properly monitor the account activity of its customers to detect suspicious activity going through the Bank.

Merchants failed to have proper requirements within the Bank’s AML program to ensure that the audit firm conducted a comprehensive independent audit of its program. Specifically, Merchants failed to adequately review the engagement proposal of the audit firm to confirm it was sufficient in scope to identify weaknesses in the Bank’s program.

Merchants’ independent audit was not commensurate to the risk and complexity of the types of customers Merchants served, including its high-risk MSB customers. Therefore the 2012 independent audit failed to identify internal control deficiencies in Merchants’s AML program. The audit’s scope, procedures, and transaction review of Merchants’s independent testing were inadequate, given the bank’s high-risk customer base. In 2014, a new independent consultant conducted an audit but failed to identify significant gaps in Merchants’s overall BSA compliance program. In 2015, Merchants hired a different independent consultant only to conduct a required SAR look-back review of the bank’s MSB account activity. During this review, the consultant identified a number of AML compliance issues that Merchants’s former auditors failed to identify. The consultant identified issues that were consistent with Merchants’s internal controls violations related to providing banking services to high-risk MSBs without implementing the appropriate risk-based controls required by the BSA or creating an appropriate due diligence program.

2.  Due Diligence Program for Correspondent Accounts

From 2008 to 2014, Merchants failed to maintain a due diligence program for foreign correspondent accounts, which FinCEN refers to as “gateways to the U.S. financial system.” In particular, FinCEN concluded that the bank did not have policies and procedures to elevate foreign correspondent bank customers for enhanced due diligence, as required by the USA PATRIOT Act. For example, Merchants had four banking customers located in several jurisdictions considered to be high-risk including Honduras, Mexico, Colombia, and Romania but did not identify these customers as foreign correspondent customers, and therefore did not implement the required customer due diligence program. These four customers sent and received a combined $192 million in high-risk wire transfers during the period of August 2014 through October 2014. Merchants failed to establish adequate alert parameters for these accounts, resulting in the exclusion of this wire activity from monthly transactional monitoring because the bank failed to establish appropriate alert parameters on the accounts. Merchants also failed to identify suspicious wires and report that activity to FinCEN during this time.

3.  Failure to Report Suspicious Transactions

The BSA and its implementing regulations impose an obligation on banks to report transactions that involve or aggregate to at least $5,000, are conducted by, at, or through the bank, and that the bank “knows, suspects, or has reason to suspect” are suspicious. A transaction is “suspicious” if the transaction: (a) involves funds derived from illegal activities, or is conducted to disguise funds derived from illegal activities; (b) is designed to evade the reporting or recordkeeping requirements of the BSA or regulations under the Act; or (c) has no business or apparent lawful purpose or is not the sort in which the customer normally would be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including background and possible purpose of the transaction. From 2012 to 2016, Merchants failed to adequately monitor billions of dollars of transactions for suspicious activity. Because of this failure, Merchants failed to file or file timely on hundreds of millions of dollars of suspicious activity including millions of dollars of transactions of 57 of its customers later identified as part of an independent look-back review.

FinCEN determined that many of Merchants’ failures to file or file timely SARs were related to its higher-risk MSB customers’ activities, which were inconsistent with the anticipated behavior, stated business purpose, or customer profile information of these MSBs. FinCEN’s assessment set forth the following examples:

  • One of the MSB customers was a money transmitter located in the basement of the owner’s private residence in New York. Despite several red flags resulting from Merchants’s account review, including the fact that this MSB was the subject of multiple information requests from law enforcement, had significant increases in its account activity, and its wire transfers were, in two instances, rejected by another bank, Merchants determined that its activities were not suspicious and failed to timely file a SAR.
  • Merchants failed to file a SAR on another MSB customer engaging in suspicious activity. In a six-month period between 2011 and 2012, the MSB conducted approximately $500,000 and $700,000 in deposits and withdrawals, respectively, and received over $1.3 million in wire transfers. Within two to three days of receiving the funds, the MSB wrote large checks, cashing them out at other financial institutions. In January 2012, Merchants conducted a due diligence analysis on the same MSB’s activity and did not consider it suspicious. In February 2012, after learning of a criminal investigation involving the MSB, Merchants again conducted a due diligence analysis and again failed to report the customer and its activity in a SAR. As noted above, on September 19, 2012, the MSB, its manager, and its compliance officer pleaded guilty to eight counts of failing to file currency transaction reports and one count of failing to maintain an effective AML program.
  • Merchants failed to file a SAR on another licensed money transmitter and seller of money orders with physical locations in Nevada and California. This MSB’s customer base was located in Russia, Armenia, the United Kingdom, and Germany, and the MSB sent most of its money transmissions to these regions. Merchants rated this account as high-risk and conducted an account review, which indicated that for several months, the volume of account activity had significantly exceeded the anticipated activity established by the MSB during the account application process. Although the review indicated that Merchants asked the MSB for an explanation of its unexpected account behavior, the customer never provided the requested information and the Bank failed to investigate further. Merchants also failed to identify evidence of structuring flowing through the account.

In 2015, an independent consultant completed a look-back review of a sample of 100 of Merchants’s high-risk MSB accounts for the period of July 1, 2012 through June 30, 2014. The look-back review identified 57 customer accounts with activity that was deemed potentially suspicious and required escalation to management level along with an additional 11 customer accounts requiring further review due to a lack of documentation or a lack of transparency in the customer transactions. As a result of the look-back review, Merchants filed SARs on the activity and transactions identified through the review. The late SAR filings included reports covering structured transactions that were conducted through Merchants for two consecutive years totaling over $400 million. The subjects of one of the SARs engaged in a suspicious pattern of cashing multiple structured checks made to the order of the same individuals in Mexico without providing information concerning source of funds. Also, these subjects engaged in several suspicious wire transfers to the Office of Foreign Assets Control sanctioned countries. These same subjects were under a U.S. federal law enforcement investigation for fraudulent tax returns. This activity started in 2014 and was reported on a SAR two years later only after Merchants was required to conduct a look-back review. Another late SAR covered transactions worth over $395 million related to customers conducting large wire transfers between multiple foreign financial institutions without validating the source of funds or identifying the ultimate beneficiary. This activity resulted in large payouts to unknown entities in Colombia.