For several years now, Compliance Week has reported the speeches from regulators vowing to pursue “gatekeepers” of corporate conduct. Leaders from the Justice Department, U.S. attorney offices, the Securities and Exchange Commission—they've all made relatively the same promise, to hold accountable the CEOs, board directors, general counsels, and senior executives who should have stopped corporate misconduct they saw.
And now, it seems, they will pursue compliance officers too, in a big way.
That seems to be the conclusion to draw from the case of Thomas Haider, chief compliance officer of MoneyGram in the 2000s. News broke last week that Haider is the target of a Treasury Department probe into weak anti-money laundering controls at MoneyGram during Haider's tenure. He is facing potential fines of up to $5 million.
First, the MoneyGram misconduct itself. According to the Justice Department, from 2003 to 2009 the company's money-transfer agents bilked customers of their money by posing as the victims' relatives, and arranging bogus transfers so they could pocket the cash themselves. MoneyGram settled the charges in a deferred-prosecution agreement with the Justice Department in 2012, and paid $100 million in fines and penalties.
When you read through the facts stated in the DPA, they will make any ethics & compliance officer wince. As early as 2003, MoneyGram's fraud department had a database of complaints from customers that showed the pattern of misconduct. By 2007, 32 specific outlets in Canada were identified as high-risk, and the fraud department recommended they be closed; a meeting was held of MoneyGram officers “at the senior and executive vice president level” to discuss the matter, and they decided to keep the 32 outlets open. The Fraud Department developed policies to fire any transfer agent with excessive complaints against him—which was never implemented because the sales department would not allow it.
Failures to implement policy, to conduct due diligence, to investigate, to take disciplinary action; those phrases are all over MoneyGram's DPA, and worse. The settlement never mentions Haider by name, but then again, it doesn't mention any compliance program at all except to lament the lack of one.
Haider left MoneyGram in 2008 (with a $1.6 million severance package), after 16 years with the company. Then came the Justice Department investigation of MoneyGram, plus numerous compliance reforms the company began implementing in 2009. Now the Treasury Department's Financial Crimes Enforcement Network, FinCEN, set its sights on Haider.
Here's the awkward truth about this case: You read a headline about a CCO facing a $5 million fine and gasp, “How can they hold him responsible for a company's misconduct? Are they crazy? Nobody will want to work in compliance with liability like that.” Then you read the DPA and are left wondering: “Where on earth was the compliance officer? Who was running the ship? A CCO would have to be crazy to stay at a company like that.”
Let's hope FinCEN settles its case against Haider soon and discloses all the facts of this hugely important case. It gets to the very heart of the risks a compliance officer faces: how far to push senior corporate leaders to do a better job, and how lax you can be in that role before you, too, cross the line into complicity.
Compliance officers have long argued that they should be the ethical leaders of the company, fighting for higher standards—which is a hard job, and they should not be punished for failing to knock out misconduct in the early rounds. Then again, CCOs are only human; we can all engage in some pretty nefarious misconduct or turn a very blind eye to it. For all our hand-wringing about Haider's personal liability here, it may be that he's facing it because he deserves it. We don't yet know, and we need to.
No comments yet