In an eye-watering conclusion to one of the most high-profile Anti-Money Laundering (AML) cases in recent years, TD Bank was handed a $3bn fine for violating the Bank Secrecy Act, following criminal charges that it facilitated the transfer of hundreds of millions of dollars in illicit funds. These funds were linked to international drug cartels and other criminal enterprises, sparking serious questions about the effectiveness of TD Bank’s AML policies and practices.
The bank has now reached settlements with both US and Canadian authorities, but the case sent shockwaves through the global financial industry for TD’s glaring regulatory failings that exposed serious vulnerabilities in its compliance framework.
What went wrong at TD Bank?
According to the reports, between 2015 and 2020, the bank’s inadequate AML controls allowed drug cartels and other organised crime networks to funnel hundreds of millions of dollars in dirty money through its systems.
US authorities pointed out that TD Bank’s AML framework failed at multiple levels, including:
- Deficient Know Your Customer (KYC) procedures: TD Bank’s onboarding processes failed to detect red flags, enabling high-risk clients to gain access to the banking system with insufficient scrutiny
- Inadequate monitoring: Suspicious transactions, many of which had clear ties to criminal organisations, were not flagged or investigated in a timely manner. This allowed illegal funds to flow unchecked for years
- Weak internal controls and culture of complacency: A lack of adequate training and an ineffective compliance culture reportedly compounded these issues. Employees were not sufficiently empowered or informed to detect and report suspicious activities.
In a press release issued by the US Department of Justice, TD Bank pleaded guilty to violating the Bank Secrecy Act and became the first bank in US history to plead guilty to conspiracy to commit money laundering.
It has been widely reported that the “gaps in compliance were so well-known internally that staff joked that the bank’s motto – ‘America’s most convenient bank’ – was marketed toward criminals,” highlighting a serious compliance culture problem: a distinct lack of awareness of the crucial role of AML processes and a focus on ticking boxes rather than building a proactive, risk-based AML approach.
In a statement issued by the bank, it cited its ability to recover and remediate its failings: “TD has the financial strength, stability, and operational flexibility to deliver the required U.S. AML remediation programme, continue to serve the financial needs of its more than ten million U.S. customers, and invest to strengthen the business.”
But an effective AML programme isn’t just about implementing policies and programmes; it’s about creating a culture where compliance is taken seriously at every level of the organisation, from the boardroom to the back office.
While TD Bank’s $3bn fine is an extreme case, other financial institutions face similar risks if they don’t act. The cost of implementing AML technologies pales in comparison to the financial penalties and reputational damage that can come with a major compliance breach.
The role of technology in preventing future failures
While most compliance leaders will confidently believe that their firms have robust AML programmes in place, the reality is that many of these systems are built on outdated technology, manual processes, and overburdened staff.
A report by the BBC shared how US officials ruled that “the bank had ‘starved’ its compliance programmes of investment, even as it grew.” As a result, compliance teams were likely severely overworked and dangerously under-resourced as the bank grew to become one of Canada’s biggest lenders and the 6th largest bank in North America.
Financial crime is evolving, and so must the technology used to combat it. Legacy systems that rely on outdated rules are easily circumvented by sophisticated criminals.
But technology is not a magic bullet. It needs to be effectively integrated into a broader AML programme, working alongside human expertise. For TD Bank, the cost of implementing state-of-the-art AML technology would have been far less than the price of its record fine and the reputational damage – it’s an investment that no compliance leader should hesitate to make.
Can people fix your AML gaps?
In the wake of TD Bank’s settlement, a critical question for many compliance officers is: can hiring more people fix AML failings?
It’s tempting to think that simply adding more compliance officers would have prevented TD Bank’s debacle. After all, wouldn’t more eyes on client onboarding, risk profiles, and transactions mean more opportunities to detect suspicious behaviour?
Unfortunately, the reality is more complex. While human expertise is irreplaceable, especially in the complex understanding of criminal behaviour and regulatory requirements, people alone cannot keep up with the sheer volume of data and sophistication of money laundering schemes.
There is no denying that skilled professionals are essential in interpreting data, making judgement calls, and handling exceptions that systems may not flag. But in an era of massive onboarding volumes and increasingly complex criminal networks, relying solely on manual processes is a losing battle.
In the wake of the record-breaking fine, TD Bank announced that it has already taken on more than 700 new staff specialised in AML compliance, along with 40 new leaders in the profession.
Adding compliance staff is expensive. According to research by Glassdoor, the average salary for an AML Compliance Officer in the USA is around $93,000 per year, depending on experience.
With 700 new employees, the estimated cost to TD Bank sits at around $650m per annum – that’s before we consider training, benefits, and overheads. Even then, without the right tools and technology in place, human error will remain a significant risk.
Striking the right balance between people and technology
The TD Bank case should be a sobering reminder for compliance leaders across the UK. No matter how large or established your institution, complacency can be costly. The regulatory landscape is only becoming more complex, with criminals finding ever more sophisticated ways to launder money. Relying on outdated systems or merely throwing more staff at the problem is no longer sufficient.
A more cost-effective approach would be to combine technology that automates the bulk of the onboarding and ongoing monitoring work with a highly skilled team of AML professionals who can focus on investigating the most complex cases.
Finding the right balance between people and technology in AML compliance is all about using the strengths of both. Technology should be your go-to for handling the heavy lifting, such as automating KYC and KYB processes, monitoring client risk, and sifting through mountains of data. It’s fast, efficient, and scalable.
But, human oversight is still crucial for complex, high-risk cases that need expertise and professional judgement. The goal is to let tech do what it does best – processing volume – while people focus on more complex cases where human expertise is needed most.
