Closer Look: Standard Chartered’s $1.1 Billion Settlement

Not all deferred prosecution agreements go gentle into that good night.

Such at least was the lesson learned Tuesday, when Standard Chartered Bank and the US Justice Department disclosed a 2-year extension to a 7-year-old settlement that required the institution to adopt a host of remedial steps to its sanctions compliance programs in exchange for the withholding of a criminal prosecution.

The newly announced extension comes with amendments to the 2012 deferred prosecution agreement (DPA) and nearly $1.1 billion in additional forfeitures and monetary penalties for violations of US sanctions on Iran and UK anti-money laundering (AML) regulations related to customer due diligence and ongoing monitoring.

All told, Standard Chartered has agreed to new compliance obligations not only to the Justice Department but also to the Federal Reserve Board, the US Office of Foreign Assets Control (OFAC), the UK Financial Conduct Authority (FCA), the New York State Department of Financial Services (NYDFS), and the Manhattan District Attorney’s Office.

What follows is a rundown of how the bank found itself in trouble again and what to expect going forward:

Why is Standard Chartered Bank in trouble?

Much of the lender’s latest woe stems from its subsidiary in the United Arab Emirates, and particularly in Dubai, where two former bank employees helped Iranian national Mahmoud Reza Elyassi process approximately 9,500 US-dollar transactions from November 2007 to August 2011.

Elyassi’s transactions, which totaled more than $120 million, ultimately benefitted a Marshad, Iran-based money exchange business seeking access to American currency.

The unnamed bankers—a relationship manager for small and medium enterprise companies and a foreign exchange sales manager—were aware that Elyassi’s primary business operated as a front for the Iranian exchange, and that Standard Chartered and other financial institutions had blocked or rejected outgoing payments from his company over sanctions concerns.

But rather than drop the lucrative account, the pair recommended ways to avoid detection, including the opening of a new business account under the name of a second front company with a nominal owner and the accepted offer of instructions on how to structure the payments so as to avoid raising compliance red flags.

The scheme was enabled in part by a since-abandoned Standard Chartered platform that allowed clients to submit payment instructions by fax or online, regardless of whether the fax numbers or Internet Protocol addresses could be easily traced to Iran. The subsidiary’s lax compliance controls, in one case, allowed it to process more than $150 million in dollar transactions for a blacklisted Iranian petrochemical company.

Officials at OFAC, NYDFS and the Manhattan District Attorney’s Office separately cited tens of millions of dollars in payments handled by Standard Chartered in violation of sanctions against Syria, Sudan, Myanmar, Cuba and Zimbabwe, much of which flowed through the bank’s New York branch.

How is the UK Financial Conduct Authority involved?

The British supervisory authority uncovered “significant shortcomings” in Standard Chartered’s AML controls, including the Dubai subsidiary’s acceptance of over 3-million UAE dirham (or roughly £500,000) in cash to open an account with little indication of the source of funds and its failure to obtain sufficient information on a client exporting a commercial product that could, “potentially, have a military application.”

The FCA’s conclusions relate to Standard Chartered’s UK wholesale bank’s correspondent banking business and its branches in the UAE but do not include its operations in the Dubai International Financial Centre.

How are these infractions different from the violations cited in the 2012 settlement?

The initial DPA outlined a broader array of sanctions violations involving US-dollar transactions processed on behalf of clients in Iran, Sudan, Libya and Myanmar.

To avoid scrutiny of the total $200 million in payments, Standard Chartered instructed its employees to scrub or omit data typically appended to payments in the interbank SWIFT messaging platform, officials said in 2012. As a result, correspondent institutions receiving cover payments from the London lender remained unaware that they were processing transactions on behalf of blacklisted entities.

The amended Justice Department DPA cites payments through 2011, but Standard Chartered’s original DPA was inked in 2012. Why is this new settlement coming out now?

According to the Justice Department, Standard Chartered’s leadership were unaware of any specific criminality in its UAE affiliate when the 2012 agreement was executed, though “certain high-level” managers knew that clients were accessing the bank’s online platform from Iran to initiate payments. US investigators first learned of the matter after obtaining information through an unrelated investigation. As a consequence, federal and state officials identified related infractions that occurred as late as 2014.

Is this the first time the DPA has been extended?

 No. The Justice Department and bank first amended the agreement in 2014 and extended its terms by another three years, and have subsequently extended the deal another five times, including its latest revision.

As the bank noted on Tuesday, the latest changes do not require it to work under the supervision of a court-appointed compliance monitor—an obligation separately imposed by NYDFS and the Justice Department in 2012.

What are the terms of the various settlements? 

By and large, governmental officials involved in the global settlement praised the bank’s remediation efforts since 2014, noting its installation of new senior leadership on its board of directors and among its management, as well as the “voluminous” data handed over to US investigators.

Under terms of the DPA and related enforcement actions, Standard Chartered must submit a written plan to enhance its compliance program, conduct an annual assessment of its OFAC-related risks for a period of five years and establish an OFAC-compliance reporting system and audit program.

The bank must also continue its work with an independent consultant and submit a “sanctions corporate oversight plan” that outlines related steps by board members. Under the global settlement, restrictions on hiring or re-hiring individuals linked to the violations or other compliance failures remain.