Exhibit 10.1
UNITED STATES OF AMERICA
DEPARTMENT OF THE TREASURY
COMPTROLLER OF THE CURRENCY
In the Matter of: 1st Century Bank, N.A. Los Angeles, California | ) ) ) |
AA-WE-13-58 |
CONSENT ORDER
The Comptroller of the Currency of the United States of America (“Comptroller”), through his National Bank Examiner, has supervisory authority over 1st Century Bank, N.A., Los Angeles, California (“Bank”).
The Bank, by and through its duly elected and acting Board of Directors (“Board”), has executed a “Stipulation and Consent to the Issuance of a Consent Order,” dated September 11, 2013, that is accepted by the Comptroller. By this Stipulation and Consent, which is incorporated by reference, the Bank has consented to the issuance of this Consent Order (“Order”) by the Comptroller.
Pursuant to the authority vested in it by the Federal Deposit Insurance Act, as amended, 12 U.S.C. § 1818, the Comptroller hereby orders that:
Article I
Compliance Committee
(1) Within ten (10) days of this Order, the Board shall appoint a Compliance Committee of at least five (5) Board members and, of which no more than two (2) shall be employees of the Bank or any of its affiliates (as the term “affiliate” is defined in 12 U.S.C. § 371c(b)(1)), or a family member of any such person. The Board shall remain responsible for the Bank’s adherence to the provisions of this Order and the appointment of the Compliance Committee shall not relieve the Board’s compliance responsibilities. Upon appointment, the names of the members of the Compliance Committee and, in the event of a change of the membership, the name of any new member, shall be submitted in writing to the Assistant Deputy Comptroller.
(2) The Compliance Committee shall be responsible for monitoring and coordinating the Bank’s adherence to the provisions of this Order and shall meet at least monthly.
(3) By no later than September 30, 2013, and by the end of every calendar month thereafter, the Compliance Committee shall submit a written progress report to the Board setting forth in detail:
(a) | a description of the action needed to achieve full compliance with each Article of this Order; |
| (b) | actions taken to comply with each Article of this Order; and |
| (c) | the results and status of those actions. |
The Compliance Committee’s reports shall also include copies of any reports prepared by or for the Bank or Board relating to any Bank Secrecy Act (“BSA”) or Anti-Money Laundering (“AML”) activity, compliance, or audit at the Bank.
(4) The Board shall provide a summary report of the progress reached in attaining compliance with each Article of this Order to the Assistant Deputy Comptroller within thirty (30) days of the end of each calendar quarter.
(5) All reports or plans which the Bank or Board has agreed to submit to the Assistant Deputy Comptroller pursuant to this Order shall be forwarded to the:
Assistant Deputy Comptroller
Los Angeles Field Office
550 North Brand Blvd., Suite 500
Glendale, California 91203
(6) The Board shall ensure that the Bank has processes, personnel, and control systems to ensure implementation of and adherence to the policies, procedures and programs required by this Order.
Article II
Suspicious Activity Report Review
(1) Within thirty (30) days of this Order, the Board shall submit to the Assistant Deputy Comptroller for a prior determination of no supervisory objection, a qualified, independent, third-party consultant to review and provide a written report on the Bank’s suspicious activity monitoring (“SAR Look-Back”). The purpose of the SAR Look-Back is to review the quality of SARs filed and determine whether corrections or amendments are necessary to ensure that the suspicious activity identified was accurately reported in accordance with 12 C.F.R. § 21.11, and whether additional SARs should be filed in additional subjects or for continuing suspicious activity.
(2) Prior to the appointment or employment of any individual or entering into any contract with any consultant to perform the SAR Look-Back, the Board shall submit the name and qualifications of the proposed consultant and the proposed scope and terms of engagement to the Assistant Deputy Comptroller for a prior written determination of no supervisory objection. After the OCC has advised the Bank that it does not take supervisory objection to the consultant or the scope of the review, the Board shall immediately engage the consultant pursuant to the proposed terms of the engagement.
(3) The SAR Look-Backshall be risk-based, incorporate the risks identified in the Bank’s Risk Assessment required by Article IV of this Order (to the extent possible), and identify the sampling, software screening, or analytical techniques used to identify transactions that are subject to review for suspicious activity.
(4) Upon completion of the SAR Look-Back, the consultant shall provide the Board with a written report that contains a list of any previously unreported suspicious activity reports that should be filed or modified to meet the requirements of 12 C.F.R. § 21.11, and provide the methods used for conducting the review. The Board shall review the SAR Look-Back report and ensure that the Bank files, or modifies, as appropriate, any suspicious activity reports in accordance with the requirements of 12 C.F.R. § 21.11.
(5) Based upon the results of the SAR Look-Back, the OCC may expand the scope of the independent review or expand the periods reviewed in the SAR Look-Back. If the OCC requires that the review or review period be expanded, the Board shall complete the SAR Look-Back in accordance with this Article.
Article III
BSA Action Plan
(1) The Board shall revise, adopt, and thereafter adhere to, a comprehensive, written program that ensures the Bank’s compliance with the Bank Secrecy Act, as amended (31 U.S.C. §§ 5311 et seq.), the regulations promulgated thereunder at 31 C.F.R. Part 103, as amended, and 12 C.F.R. Part 21, Subparts B and C, and the rules and regulations of the Office of Foreign Assets Control (“OFAC”) (collectively referred to as the “Bank Secrecy Act” or “BSA”) for the Bank, and that incorporates, at a minimum, the substantive requirements of Articles IV through VIII of this Order.
(2) Within thirty (30) days of this Order, the Board shall submit to the Assistant Deputy Comptroller for a prior determination of no supervisory objection, a comprehensive, written action plan designed to provide for Bank compliance with the BSA, complete with specific time-frames to meet the requirements of Articles IV through VIII of this Order (“BSA Action Plan”), and that also includes a comprehensive review of the Bank’s BSA systems and programs, training, audit, leadership, and staffing, including an analysis of the improvements needed to develop and maintain a comprehensive BSA compliance program that ensures compliance with 12 C.F.R. § 21.21.
(3) Upon receipt of a written determination of no supervisory objection to the Bank’s BSA Action Plan, the Board shall immediately implement it (hereafter the “BSA Plan Inception date”) in accordance with the dates set forth therein and thereafter adhere to it.
(4) Prior to making any changes that will cause, result, or bring about a significant deviation or material change to the BSA Action Plan adopted pursuant to this Article, the Board shall submit the changes to the Assistant Deputy Comptroller for a prior written determination of no supervisory objection.
Article IV
BSA Risk Assessment
(1) Within thirty (30) days of the BSA Plan Inception date, the Board shall review and revise the Bank’s BSA Risk Assessment to ensure it accurately identifies the BSA risks posed to the Bank after consideration of all relevant information (“Risk Assessment”). The Risk Assessment shall include a comprehensive analysis of the Bank’s vulnerabilities to money laundering and financial crime activities and provide strategies to control the risk and limit the identified vulnerabilities and comport with the expectations set forth in the2010 FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual (Rev. April 29, 2010) (the “2010 BSA Exam Manual”) and include, at a minimum:
(a) | the identification of the activities and other elements that present BSA risk to the Bank, including the Bank’s inherent and residual risk and mitigating factors and that considers its: (i) products and services; (ii) customers; (iii) transactions; (iv) countries and geographies served; (v) means used by the Bank to perform transactions with, or on behalf of, its customers; and (vi) findings or relevant information contained in any external reviews, toinclude the BSA Audit, OCC examinations, and any findings made by thattime by the SAR Look-Back; |
(b) | a detailed analysis of all relevant data obtained regarding the information in Subparagraph (a), including but not necessarily limited to: (i) volumes and types of transactions and services by country or geographic location; and (ii) numbers of customers that typically pose higher BSA risk, both by type of risk and by geographic location, so as to permit the Bank to revise and implement appropriate policies, processes, and procedures to monitor and mitigate the Bank’s BSA risks within those risk categories. The analysis to be conducted also shall include an evaluation of all relevant information obtained through the Bank’s Customer Identification Program (“CIP”), Customer Due Diligence (“CDD”), and Enhanced Due Diligence programs (“EDD”); |
(c) | an assessment of BSA risk both individually within the Bank’s business lines and on a consolidated basis across all Bank activities and legal entities, so as to permit the Bank to accurately identify BSA risks and risk categories within and across specific lines of business and product categories; and |
(d) | a review of the Risk Assessment determination made above to determine its reasonableness to be completed ninety (90) daysafter its completion. |
(2) After completing the Risk Assessment, the Board shall ensure the Bank thereafter maintains an accurate Risk Assessment to include at a minimum, a periodic review and revision of the Bank’s Risk Assessment (no less than annually) that considers all material changes in the Bank’s operating environment, to include risk and mitigating factors.
Article V
BSA Officer and Staff
(1) Effective as of the BSA Plan Inception date, the Board shall ensure the Bank has a dedicated, full-time BSA officer with sufficient leadership, knowledge, training and skills, to develop and implement an effective BSA program commensurate with the high BSA risk level and complexity of operations. The Board shall also ensure the BSA officer has adequate time and resources to effectively manage the BSA program.
(2) Within thirty (30) days of BSA Plan Inception date, the Board shall review and determine whether any changes are needed regarding the BSA Officer’s supporting staff, including the responsibilities, authority, structure, independence, competencies, or capabilities of the BSA Officer’s supporting staff.
(3) The Board shall periodically review (no less than annually) and revise as necessary, the adequacy of the Bank’s BSA officer and staff and shall document its determination(s) in writing as part of the Bank’s ongoing efforts to comply with the BSA. The reviews shall evaluate and consider, as appropriate, the effectiveness of the Bank’s BSA program, as well as the leadership, knowledge, training and skills of the BSA officer and staff.
Article VI
BSA Program of Internal Controls
(1) Within sixty (60) days of BSA Plan Inception date, the Board shall revise, adopt, implement and thereafter ensure adherence to a written program of policies and procedures to provide for compliance with the BSA, to include consideration of:
(a) | the findings of the Risk Assessment; |
(b) | the deficiencies identified in the Report of Examination dated as of December 31, 2012; |
(c) | the requirements of 12 C.F.R. § 21.21; and |
(d) | the requirements of this Order. |
(2) The Bank’s compliance with Paragraph (1) of this Article shall include, at a minimum, revisions to:
(a) | the Bank’s process to identify, track, and document the BSA risk ratings for new and existing customers to include: |
(i) | enhancements to the Bank’s account risk rating definitions, e.g., high-risk, medium-risk, and low-risk; |
(ii) | a process to track and re-assess the customer BSA risk score periodically to ensure accuracy for all new customers; |
(iii) | a process to review existing accounts to identify those that are high-risk, and periodically review and revise as appropriate; and |
(iv) | a process to review all accounts that are related to a high-risk customer to ensure all high-risk accounts are identified; |
(b) | enhance the ongoing monitoring system to include: |
(i) | procedures to ensure all high-risk (and related) accounts are monitored from the time the account is designated high-risk; |
(ii) | periodic monitoring of all accounts designated medium-risk and low-risk; |
(iii) | a system to periodically review and validate or revise account risk scores; and |
(iv) | periodic validation of the Bank’s automated monitoring tool, to include the filtering parameters and risk rating table used to determine the high, medium, and low risk designations; and |
(c) | the Bank’s CDD and EDD processes, to include: |
(i) | procedures to ensure that customer’s accounts are periodically reviewed and updated so that they contain current information and the risk rating is re-assessed based upon that updated information; |
(ii) | procedures to ensure multi-vesting accounts (group of accounts that have a master signer but different business purposes) and lawyer trust accounts have completeCDD on each of the individual accounts todetermine with relative certainty the types and volume of expected transaction(s), and that EDD is performed where warranted in accordance with the requirements specified in the2010 BSA Exam Manual; and |
(iii) | procedures to ensure Remote Deposit Capture (“RDC”) accounts are properly administered and monitored to include: (A) the establishment of appropriate individual RDC transaction limits; (B) determination of anticipated RDC transaction and dollar volumes, and type (e.g., payroll checks, third-party checks, or traveler’s checks); and (C) compare projected activity to actual activity, and ensure results are reasonable and consistent. |
(3) Within ten (10) days of BSA Plan Inception date,the Board shall ensure Bank employees are trained on the new internal control policies and procedures.
Article VII
BSA Training
(1) Effective as of the BSA Plan Inception date, the Board shall ensure the Bank maintains a comprehensive training program for all appropriate operational and supervisory personnel to ensure their awareness of their specific assigned responsibilities for compliance with the requirements of BSA. The program shall include advanced training for supervisory personnel as appropriate for their respective BSA responsibilities.
(2) The BSA training program shall include, at a minimum, strategies for mandatory attendance, frequency of training, procedures and timing for updating training programs and materials, and methods for delivering training.
Article VIII
BSA Audit
(1) Effective as of the BSA Plan Inception date, the Board shall ensure the Bank maintains an external BSA audit that is independent, adequate in scope and frequency, and designed to ensure compliance with the BSA in all areas of the Bank.
(2) Effective as of the BSA Plan Inception date, the Board shall ensure appropriate oversight of the BSA audit function, with particular emphasis on an adequately staffed department or outside firm with respect to both the experience level and number of the individuals employed.
Article IX
Closing
(1) Although the Bank is required to submit certain proposed actions and programs for the review or prior written determination of no supervisory objection of the Assistant Deputy Comptroller, the Board has the ultimate responsibility for proper and sound management of the Bank and the completeness and accuracy of the Bank’s books and records.
(2) If, at any time, the Comptroller deems it appropriate in fulfilling the responsibilities placed upon him by the several laws of the United States to undertake any action affecting the Bank, nothing in this Order shall in any way inhibit, estop, bar or otherwise prevent the Comptroller from so doing.
(3) The provisions of this Order shall remain effective and enforceable, except to the extent that, and until such time as, any provisions of this Order shall have been amended, suspended, waived, or terminated in writing by the Comptroller.
(4) In each instance in this Order in which the Bank or the Board is required to ensure implementation of or adherence to, or to undertake to perform, an obligation of the Bank, the Board shall:
(a) authorize and adopt such actions on behalf of the Bank as may be necessary or appropriate for the Bank to perform its obligationsunder this Order;
(b) require the timely reporting by Bank management of such actions directed by the Board to be taken under the terms of this Order;
(c) follow up on any non-compliance with such actions in a timely and appropriate manner; and
(d) require corrective action be taken in a timely manner for any non-compliance with such actions.
(5) This Order is intended to be, and shall be construed to be, a final order issued pursuant to 12 U.S.C. § 1818(b), and expressly does not form, and may not be construed to form, a contract binding the Comptroller or the United States.
(6) The terms of this Order, including this Paragraph, are not subject to amendment or modification by any extraneous expression, prior agreements or prior arrangements between the parties, whether oral or written.
IN TESTIMONY WHEREOF, the undersigned has hereunto set his hand.
/s/ Richard S. Dixon, Jr. | September 11, 2013 | |
Richard S. Dixon, Jr. Assistant Deputy Comptroller Los Angeles Field Office | Date |
12