ARE PAYMENT PROCESSORS WITH INADEQUATE AML/CFT PROGRAMS NOW AT INCREASED RISK FOR REGULATORY AND LAW ENFORCEMENT ACTION IN 2024?

The recent media reports, concerning an investigation into one of the world's leading payment processing firms, alleging major deficiencies in its AML/CFT program, with extremely damaging allegations from two whistleblowers, and an independent report claiming rampant OFAC sanctions violations, and terrorist financing transactions, should be a wake up call for the Payment industry to immediately audit their compliance programs. The fact that one of the reported investigations is being conducted by the U.S. Attorney's Office for the Southern District of New York, should be adequate cause for everyone in the sector to take a hard look at how it manages its Customer Identification Procedures, especially the management of sanctions risks.

In the current strict enforcement environment, especially involving terrorist financing involving cybercurrency, senior company officers, board members and compliance directors are at risk of not only fines and penalties, but criminal indictments. While companies in the industry that commit systemic AML/CFT violations may end up with a Deferred Prosecution Agreement, officers and directors could end up deciding that a plea of guilty to a Federal criminal charge filed against them is their only viable solution, employing damage control under very personally painful circumstances.

Therefore, it is humbly suggested that entities in the Payment sector immediately have an external audit conducted of their entire compliance program, by independent compliance firms with established credibility, and forthwith implement all the recommendations that they report, including the expansion of the program, to include additional experienced staff, and all the resources and assets that add up to what we call banking best practices, as part of a risk-based compliance program, with attention to the specific risks posed by industry products. Anything less will send the wrong message to inquiring regulatory and law enforcement agencies who come calling in the future.