Citigroup (C) 8-K Other Events

Exhibit 99.4

UNITED STATES OF AMERICA
DEPARTMENT OF THE TREASURY
OFFICE OF THE COMPTROLLER OF THE CURRENCY

In the Matter of: ​ Citibank, National Association
Sioux Falls, South Dakota ) ) ) ) ) ​ ​ AA-EC-2020-65

CONSENT ORDER

WHEREAS, the Office of the Comptroller of the Currency (“OCC”) has supervisory authority over Citibank, National Association, Sioux Falls, South Dakota (“Bank”);

WHEREAS, the OCC intends to initiate civil money penalty proceedings against the Bank pursuant to 12 U.S.C. § 1818(i), through the issuance of a Notice of Assessment of a Civil Money Penalty, for deficiencies in its data governance, risk management, and internal controls that constitute unsafe or unsound practices and that contributed to violations of law;

WHEREAS, in the interest of cooperation and to avoid additional costs associated with administrative and judicial proceedings with respect to the above matter, the Bank, by and through its duly elected and acting Board of Directors (“Board”), consents to the issuance of this Consent Order (“Order”), by the OCC through the duly authorized representative of the Comptroller of the Currency (“Comptroller”); and

NOW, THEREFORE, pursuant to the authority vested in the OCC by Section 8(i) of the Federal Deposit Insurance Act, as amended, 12 U.S.C. § 1818(i), the OCC hereby orders that:

ARTICLE I

JURISDICTION

(1)              The Bank is an “insured depository institution” as that term is defined in 12 U.S.C. § 1813(c)(2).

(2)              The Bank is a national banking association within the meaning of 12 U.S.C. § 1813(q)(1)(A), and is chartered and examined by the OCC. See 12 U.S.C. § 1 et seq.

(3)              The OCC is the “appropriate Federal banking agency” as that term is defined in 12 U.S.C. § 1813(q) and is therefore authorized to initiate and maintain this civil money penalty action against the Bank pursuant to 12 U.S.C. § 1818(i).

ARTICLE II

COMPTROLLER’S FINDINGS

The Comptroller finds, and the Bank neither admits nor denies, the following:

(1)            For several years, the Bank has failed to implement and maintain an enterprise- wide risk management and compliance risk management program, internal controls, or a data governance program commensurate with the Bank’s size, complexity, and risk profile.

(2)            The OCC has identified the following deficiencies, noncompliance with 12 C.F.R. Part 30, Appendix D, “OCC Guidelines Establishing Heightened Standards for Certain Large Insured National Banks, Insured Federal Savings Associations, and Insured Federal Branches,” or unsafe or unsound practices with respect to the Bank’s enterprise-wide risk management and compliance risk management program:

(a)        failure to establish effective front-line units and independent risk management as required by 12 C.F.R. Part 30, Appendix D;

2

(b)        failure to establish an effective risk governance framework as required by 12 C.F.R. Part 30, Appendix D;

(c)        failure of the Bank’s enterprise-wide risk management policies, standards, and frameworks to adequately identify, measure, monitor, and control risks; and

(d)        failure of compensation and performance management programs to incentivize effective risk management.

(3)            The OCC has identified unsafe or unsound practices with respect to the Bank’s internal controls, including, among other things, an absence of clearly defined roles and responsibilities and noncompliance with multiple laws and regulations.

(4)            The OCC has identified the following deficiencies, noncompliance with 12 C.F.R. Part 30, Appendix D, or unsafe or unsound practices with respect to the Bank’s data quality and data governance, including risk data aggregation and management and regulatory reporting:

(a)        failure to establish effective front-line units, independent risk management, internal audit, and control functions as required by 12 C.F.R. Part 30, Appendix D;

(b)        inability to develop and execute on a comprehensive plan to address data governance deficiencies, including data quality errors and failure to produce timely and accurate management and regulatory reporting; and

(c)        inadequate reporting to the Board on the status of data quality and progress in remediating identified deficiencies.

(5)            In addition to the deficiencies, noncompliance with 12 C.F.R. Part 30,

3

Appendix D, and unsafe or unsound practices detailed in paragraphs (2) – (4) above, the OCC has determined that Board and senior management oversight is inadequate to ensure timely, appropriate actions to correct the serious and longstanding deficiencies and unsafe or unsound practices in the areas of risk management, internal controls, and data governance at the Bank. Furthermore, inadequate reporting to the Board hinders its ability to provide effective oversight.

(6)            By reason of the foregoing conduct, the Bank was in noncompliance with 12 C.F.R. Part 30, Appendix D and engaged in unsafe or unsound practices that were part of a pattern of misconduct.

(7)            The foregoing conduct also contributed to violations of law and regulation and continuous noncompliance with 12 C.F.R. Part 30, Appendix D. Among other things, the Bank’s deficiencies in internal controls and compliance risk management have contributed to violations of laws and regulations and the OCC assessed civil money penalties in 2019 based specifically on violations of the Fair Housing Act, 42 U.S.C. § 3601—19, and its implementing regulation, 24 C.F.R. Part 100; violations of the holding period for other real estate owned, 12 U.S.C. § 29 and 12 C.F.R. § 34.82; and in 2020 based specifically on violations of the Flood Disaster Protection Act, as amended, 42 U.S.C. § 4012a(f), and its implementing regulations, specifically 12 C.F.R. § 22.7(a).

(8)            The Bank has begun taking corrective action and has committed to taking all necessary and appropriate steps to remedy the deficiencies identified by the OCC.

ARTICLE III

ORDER FOR A CIVIL MONEY PENALTY

(1)            The Bank shall make payment of a civil money penalty in the total amount of four hundred million dollars ($400,000,000), which shall be paid upon the execution of this Order.

(2)            Such payment shall be made by a wire transfer sent in accordance with

4

instructions provided by the OCC and the docket number of this case (AA-EC-2020-65) shall be entered on the wire confirmation. A photocopy of the wire confirmation shall be sent immediately, by overnight delivery, to the Director of Enforcement, Office of the Comptroller of the Currency, 400 7th Street, S.W., Washington, D.C. 20219.

ARTICLE IV

WAIVERS

(1)            The Bank, by executing and consenting to this Order, waives:

(a)        any and all rights to the issuance of a Notice of Charges pursuant to 12 U.S.C. § 1818;

(b)        any and all procedural rights available in connection with the issuance of this Order;

(c)        any and all rights to a hearing and a final agency decision pursuant to 12 U.S.C. § 1818 and 12 C.F.R. Part 19;

(d)        any and all rights to seek any type of administrative or judicial review of this Order;

(e)        any and all claims for fees, costs, or expenses against the OCC, or any of its officers, employees, or agents related in any way to this enforcement matter or this Order, whether arising under common law or under the terms of any statute, including, but not limited to, the Equal Access to Justice Act, 5 U.S.C. § 504 and 28 U.S.C. § 2412;

(f)         any and all rights to assert this proceeding, the consent to and/or the issuance of this Order, as the basis for a claim of double jeopardy in any

5

pending or future proceeding brought by the United States Department of Justice or any other governmental entity; and

(g)        any and all rights to challenge or contest the validity of this Order.

ARTICLE V

CLOSING

(1)              This Order is a settlement of the civil money penalty proceeding against the Bank contemplated by the OCC, based on the unsafe or unsound practices described in the Comptroller’s Findings set forth in Article II of this Order. The OCC releases and discharges the Bank from all potential liability for a civil money penalty order that has been or might have been asserted by the OCC based on the practices described in Article II of this Order, to the extent known to the OCC as of the effective date of this Order. Notwithstanding this release, the OCC expects the Bank to expeditiously undertake all necessary and appropriate actions to achieve compliance with the Consent Order issued by the OCC pursuant to 12 U.S.C. § 1818(b) (OCC Order AA-EC-2020-64). The OCC expressly reserves its right to assess future civil money penalties, or take other supervisory and/or enforcement actions, including in circumstances where the OCC determines that the Bank is not making sufficient and sustainable progress towards achieving compliance with this Order. Such actions could include instituting a cease and desist order pursuant to 12 U.S.C. § 1818(b)(6) that imposes additional business restrictions, including possible limitations on the declaration or payment of dividends, and/or requires the Bank to make changes to its senior executives or any and/or all members of the Board. Moreover, nothing in this Order shall prevent the OCC from:

6

(a)        instituting enforcement actions other than a civil money penalty order against the Bank based on the Comptroller’s Findings set forth in Article II of this Order;

(b)        instituting enforcement actions against the Bank based on any other findings;

(c)        instituting enforcement actions against institution-affiliated parties (as defined by 12 U.S.C. § 1813(u)) based on the Comptroller’s Findings set forth in Article II of this Order, or any other findings; or

(d)        utilizing the Comptroller’s Findings set forth in Article II of this Order in future enforcement actions against the Bank or its institution-affiliated parties to establish a pattern or the continuation of a pattern.

Further, nothing in this Order shall affect any right of the Comptroller to determine and ensure compliance with the terms and provisions of this Order.

(2)              Nothing in this Order is a release, discharge, compromise, settlement, dismissal, or resolution of any actions, or in any way affects any actions that may be or have been brought by any other representative of the United States or an agency thereof, including, without limitation, the United States Department of Justice.

(3)              This Order is:

(a)        an “order issued with the consent of the depository institution” within the meaning of 12 U.S.C. § 1818(h)(2);

(b)        an “effective and outstanding . . . order” within the meaning of 12 U.S.C. § 1818(i)(1); and

(c)        a “final order” within the meaning of 12 U.S.C. § 1818(i)(2) and (u).

7

(4)              This Order is effective upon its issuance by the OCC, through the Comptroller’s duly authorized representative.

(5)              This Order is not a contract binding on the United States, the United States Treasury Department, the OCC, or any officer, employee, or agent of the OCC and neither the Bank nor the OCC intends this Order to be a contract.

(6)              No separate promise or inducement of any kind has been made by the OCC, or by its officers, employees, or agents, to cause or induce the Bank to consent to the issuance of this Order.

(7)              The terms of this Order, including this paragraph, are not subject to amendment or modification by any extraneous expression, prior agreements, or prior arrangements between the parties, whether oral or written.

IN TESTIMONY WHEREOF, the undersigned, authorized by the Comptroller as his duly authorized representative, has hereunto set his signature on behalf of the Comptroller.

/s// Digitally Signed, Dated: 2020.10.07

Greg J. Coleman

Deputy Comptroller for Large Banks

Large Bank Supervision

8

IN TESTIMONY WHEREOF, the undersigned, as the duly elected and acting Board of Directors of Citibank, National Association, Sioux Falls, South Dakota have hereunto set their signatures on behalf of the Bank.

/s/	October 2, 2020
Barbara J. Desoer (Chair)	Date
/s/	October 2, 2020
Michael L. Corbat	Date
/s/	October 2, 2020
Ellen M. Costello	Date
/s/	October 2, 2020
Duncan P. Hennes	Date
/s/	October 2, 2020
S. Leslie Ireland	Date
/s/	October 2, 2020
James S. Turley	Date
/s/	October 2, 2020
Deborah C. Wright	Date

9