Skip to main content
close search
site logo
Dive Brief

USAA to pay $140M in penalties over AML shortcomings

Published March 18, 2022
Dan Ennis's headshot
Senior Editor
USAA
Courtesy of USAA

Dive Brief:

  • USAA Federal Savings Bank will pay $140 million in penalties after admitting it failed to maintain sufficient anti-money laundering (AML) safeguards from at least January 2016 until April 2021, the Financial Crimes Enforcement Network (FinCEN) said Thursday.
  • The Office of the Comptroller of the Currency (OCC) notified USAA of deficiencies in its anti-money laundering program in 2017, and the bank committed the following year to revamping its customer due diligence and risk identification processes but consistently failed to meet deadlines and lacked adequate staffing, FinCEN said.
  • Between August 2017 and August 2021, USAA failed to timely file at least 3,873 suspicious activity reports (SARs), some of which flagged apparent criminal activity by customers using their personal accounts, FinCEN said. During that span, the bank filed SARs an average of 226 days after the suspicious activity ended — nearly four times the 60-day limit under the Bank Secrecy Act (BSA).

Dive Insight:

Thursday’s penalties break down to $80 million from FinCEN and $60 million from the OCC — each of which filed consent orders against USAA. The OCC ordered the bank to appoint a compliance committee within 15 days and to develop and implement a written plan to align with the BSA within 30 days.

"As its customer base and revenue grew in recent years, USAA FSB willfully failed to ensure that its compliance program kept pace, resulting in millions of dollars in suspicious transactions flowing through the U.S. financial system without appropriate reporting," FinCEN Acting Director Himamauli Das said in a statement Thursday, adding the bank "received ample notice and opportunity to remediate its inadequate AML program, but repeatedly failed to do so."

USAA said it was cooperating with regulators. The bank’s CEO, Wayne Peacock, called compliance "a top and urgent priority," according to a statement seen by The Wall Street Journal and The New York Times.

"While the issues identified in these orders did not result in any individual member harm, we understand the importance of these requirements," Peacock said. "USAA has already made progress in many critical areas by investing in new systems and training, enhancing staffing and expertise, and improving our processes."

Yet USAA’s staffing represented a major sticking point for regulators. A 2018 assessment by the bank found it needed 178 permanent full-time positions to staff its compliance function. But the bank had 62 vacant positions as of 2021, including the chief of the bank’s financial intelligence unit, FinCEN said. Additionally, third-party contractors met roughly three-quarters of the bank’s compliance staff needs, the regulator said.

FinCEN also found issues with the bank’s old and new transaction monitoring systems. The regulator labeled the legacy system as "chronically deficient." But USAA reported its replacement, installed in the first quarter of 2021, was overly sensitive — creating a backlog of around 90,000 alerts and 6,900 cases yet to be reviewed. 

USAA failed to adequately test the new system before launching it, FinCEN found. In the two months the bank used both systems in parallel testing, the new system failed to flag more than 1,300 cases the legacy system caught, meaning the bank would have filed at least 160 fewer SARs with the newer technology, the regulator said.

USAA’s woes, in the eyes of regulators, encompassed suspicious activity tied to customers, too. 

In its consent order, FinCEN highlighted three cases in which USAA allowed suspicious activity to continue for seven, 12 and 15 months. One involved a doctor who made more than 2,800 withdrawals over six months from ATMs in Colombia, connected to a virtual currency side business. A second case involved a 22-year-old customer whose account received high-value wire deposits from a person overseas connected to an offshore entity named in the Panama Papers. A third involved two people, including a self-employed construction worker, who deposited 3,457 small-dollar checks intended as rebate coupons to be cashed by companies that deal in baby formula and baby products.

Thursday’s penalty is not the first recent instance in which USAA has run afoul of regulators. The OCC fined the bank $85 million in October 2020 for risk management and information security failures. The regulator’s report cited 546 violations of the Servicemembers Civil Relief Act, including wrongful repossessions of vehicles and the filing of inaccurate affidavits in default judgment cases. The OCC also found evidence of 54 violations of the Military Lending Act for using remotely created checks to collect past-due amounts from members who were covered borrowers.

Filed Under: Regulations & Policy

Editors' picks

  • Michael Barr, the Federal Reserve's vice chair for supervision, speaks during a congressional hearing, while sitting next to Martin Gruenberg, chair of the FDIC and Michael Hsu, acting comptroller of the currency
    Image attribution tooltip
    Kevin Dietsch / Staff via Getty Images
    Image attribution tooltip

    Did regulators send warning shot at already roiled BaaS space?

    It’s clear the Synapse debacle was on regulators’ minds when they issued last week’s statement highlighting risks associated with banks’ third-party partnerships, analysts said.

    By Caitlin Mullen • July 31, 2024
  • The exterior of Five Star Bank's Rancho Cordova office building is shown, with "Five Star Bank" in white letters at the top left of the building exterior.
    Image attribution tooltip
    Permission granted by Smriti Shakargaye
    Image attribution tooltip

    Five Star Bank bets on its California roots in Bay Area move

    The Sacramento-area lender found San Francisco a tough market to crack. But when East Coast banks swooped in and former First Republic customers grew disenchanted, Five Star hatched a strategy.

    By Caitlin Mullen • Aug. 27, 2024

Company Announcements

View all | Post a press release
Agent IQ and Narmi Announce Strategic Partnership to Improve Digital Banking Experiences
From Agent IQ
October 31, 2024
Agent IQ and Narmi Announce Strategic Partnership to Improve Digital Banking Experiences
From Narmi
October 31, 2024
Zingly Announces a Proven, Safe-AI Solution for Banks and Financial Institutions to Drive Reve…
From Zingly.ai
October 28, 2024
Congressman urges CFPB to support SoLo Funds’ community-focused lending model
From Solo Funds
October 30, 2024
Editors' picks
  • Michael Barr, the Federal Reserve's vice chair for supervision, speaks during a congressional hearing, while sitting next to Martin Gruenberg, chair of the FDIC and Michael Hsu, acting comptroller of the currency
    Image attribution tooltip
    Kevin Dietsch / Staff via Getty Images
    Image attribution tooltip

    Did regulators send warning shot at already roiled BaaS space?

    It’s clear the Synapse debacle was on regulators’ minds when they issued last week’s statement highlighting risks associated with banks’ third-party partnerships, analysts said.

    By Caitlin Mullen • July 31, 2024
  • The exterior of Five Star Bank's Rancho Cordova office building is shown, with "Five Star Bank" in white letters at the top left of the building exterior.
    Image attribution tooltip
    Permission granted by Smriti Shakargaye
    Image attribution tooltip

    Five Star Bank bets on its California roots in Bay Area move

    The Sacramento-area lender found San Francisco a tough market to crack. But when East Coast banks swooped in and former First Republic customers grew disenchanted, Five Star hatched a strategy.

    By Caitlin Mullen • Aug. 27, 2024
Latest in Regulations & Policy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell