First Criminal Charge of U.S. Broker-Dealer for Bank Secrecy Act Violation Highlights Importance of Anti-Money-Laundering Controls

The investigation was prompted by CSCM’s willful failure to file a suspicious activity report (SAR) concerning the illegal activities of its customer, Scott Tucker (Tucker). Tucker and his attorney, Timothy Muir (Muir), operated a nationwide internet payday lending enterprise, which extended small, short-term, high-interest loans with rates as high as 70 percent or more.² To circumvent state usury laws, Tucker entered into sham relationships with Native American tribes in order to conceal his ownership and control of the companies involved, and to gain the protection of the tribes’ sovereign immunity, which generally prevents states from enforcing their laws against the tribes. In October 2017, Tucker and Muir were convicted of racketeering, wire fraud, and money laundering for their roles in this scheme.

The government’s investigation of Tucker revealed that CSCM, Tucker’s broker-dealer, was aware of multiple red flags leading up to, during and after the opening of accounts used in the scheme but failed to file a SAR. CSCM opened accounts for the supposedly tribal companies (the Tribal Companies) but routinely took direction for those accounts from Tucker and his brother and failed to follow its own customer due diligence (CDD) procedures when it neglected to verify in writing Tucker’s authority to represent the companies. Even before opening the accounts, Tucker had informed the CEO of CSCM that he was involved in the payday lending business and had approached Native American tribes to gain the protection of sovereign immunity. CSCM also learned that Tucker had been convicted of fraud, was reportedly involved in a “rent-a-tribe” scheme and was the subject of an action by the Federal Trade Commission (FTC) but nevertheless failed to investigate further when Tucker provided assurances that these matters would be resolved.

After onboarding the Tribal Companies’ accounts, CSCM also failed to properly monitor account activity. The company never tuned its tool for transaction monitoring for the specific, risk-based needs of CSCM and instead relied on the tool’s default factory settings. Between 2011 and 2015, even with those default settings, the transaction monitoring tool generated 103 alerts indicating possible suspicious activity, but CSCM failed to take any action to investigate the alerts.

CSCM also failed to use a monitoring function that would have enabled it to identify third-party wire transfers to CSCM account holders. In a three-month period, between December 21, 2012, and March 13, 2013, 18 wire transfers totaling more than $40 million, in round dollar amounts, were sent from accounts in the names of Tribal Companies at a Florida bank to Tucker’s personal CSCM account. CSCM never investigated any of these transactions.

In response to the criminal charge, CSCM entered into a deferred prosecution agreement with the government, accepting responsibility for its actions in a detailed stipulated statement of facts, agreeing to forfeit $400,000 and making a commitment to enhance its BSA/AML controls. CSCM also entered into a cease and desist order with the U.S. Securities and Exchange Commission³ that included a censure and a requirement that CSCM retain a compliance consultant to monitor its BSA/AML compliance program over a two-year period.

* * *

This criminal charge is a reminder that all financial institutions⁴ governed by the BSA, including but not limited to banks, broker-dealers, futures commission merchants, introducing brokers in commodities and insurance companies, may be subject to criminal charges when systemic AML program failures related to suspicious activity are present. This case reaffirms the need for financial institutions with BSA obligations to ensure that they are effectively monitoring, detecting and reporting suspicious activity to the government. Financial institutions should make concerted efforts to develop and establish robust internal BSA/AML compliance programs. Such programs should include reasonably effective and consistently monitored automated and manual tools to detect suspicious activity, employee training, controls for detecting suspicious activities and transactions, and regular internal audits. The prosecution of CSCM demonstrates that when financial institutions do not effectively meet their BSA obligations, criminal charges can follow.

1. Deferred prosecution agreement, In the Matter of Central States Capital Markets, (S.D.N.Y., Dec. 10, 2018); Manhattan U.S. Attorney Announces Bank Secrecy Act Charges Against Kansas Broker Dealer, DOJ Release 18-499 (Dec. 19, 2018), available at https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-bank-secrecy-act-charges-against-kansas-broker-dealer.

2. Scott Tucker Sentenced to More Than 16 Years in Prison for Running $3.5 Billion Internet Payday Lending Enterprise, DOJ Release 18-007 (Oct. 13, 2017), available at https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-bank-secrecy-act-charges-against-kansas-broker-dealer.

3. In the Matter of Central States Capital Markets, LLC, Admin. Proceeding File No. 3-18940 (Dec. 19, 2018), available at https://www.sec.gov/litigation/admin/2018/34-84851.pdf.

4. Bank Secrecy Act, 31 U.S.C. § 5312(a).