Member Article

On Dec. 16, 2009, U.S. Attorney General Eric Holder announced the terms of a deferred prosecution agreement reached with Credit Suisse AG to address prolonged and systematic violations of federal and state criminal law.  In that agreement, Credit Suisse, a Swiss financial institution operating in the United States, admitted to conducting financial transactions for over a decade which illegally transferred hundreds of millions of dollars from Iran, Sudan and other countries subject to U.S. sanctions.  The agreement required Credit Suisse to acknowledge that it violated the International Economic Powers Act, forfeit a total of $536 million to federal and state authorities, and implement certain changes to its compliance infrastructure designed to prevent future violations.  The criminal case will be dismissed provided that Credit Suisse satisfies the terms of the agreement over the next 24 months.

Court filings outlined the expansive scope of Credit Suisse’s criminal activity.  From 1995 to 2006, the institution altered records of wire transfers involving persons or countries subject to U.S. sanctions, deliberately removing information in order to allow those transfers to pass undetected through filters designed to identify prohibited transactions.  Credit Suisse also trained certain Iranian clients to evade U.S. filters, going so far as to produce and distribute a pamphlet on the subject.  The actions allowed U.S.-sanctioned countries to transfer hundreds of millions of dollars through the financial system before Credit Suisse wound down these activities in 2006.  Credit Suisse commenced a thorough internal investigation of this activity in 2007, and shared the results of that investigation with law enforcement officials and regulators.

While the Credit Suisse prosecution is significant in nature and scope, the statements made by the Attorney General about Credit Suisse’s handling of the matter have even greater importance for financial institutions across the country.  Attorney General Holder first confirmed the Justice Department’s continued commitment to prosecuting violations of banking laws and pledged to allocate the resources necessary to pursue financial institutions and individuals who engage in criminal activities.  In addition, he announced the government’s expectation that financial institutions will voluntarily self-disclose violations of criminal law by their employees.  He promised consideration to those institutional violators who self disclose, noting that Credit Suisse avoided substantially more onerous punishments because it came clean with investigators.

Notably, the Attorney General did not confine his remarks to cases of large magnitude.  Implicit in his statements is the government’s expectation that financial institutions of all sizes will implement reasonable measures designed to prevent, detect, and remedy violations of law, and thus be in a position to self-disclose these violations to the government.  This means that financial institutions should conduct an initial risk assessment and then create and monitor robust compliance programs designed to: 

• educate employees about applicable legal guidelines and sanctions, in order to prevent and deter violations;
• uncover instances where laws are unintentionally or purposely violated;
• and remediate breaches of law and the institution’s policies.

The “carrot” – or reward – for implementing such measures is the prospect of securing a more favorable resolution with the government when violations are detected.  While the Attorney General recognized that $536 million was a sizeable forfeiture, he also noted that the sum would have been much larger without Credit Suisse’s full and timely cooperation.  Left unsaid but of greater importance was the impact of Credit Suisse’s cooperation on the form of the government’s action:  Credit Suisse was not indicted but rather allowed to enter a deferred prosecution agreement which will result in dismissal of the criminal case in two years if the institution satisfies the agreed-upon conditions. 

Criminal indictment is the death knell for financial institutions.  Establishing and sustaining a robust compliance program and disclosing violations maximizes a financial institution’s options and ability to avoid this “stick” if and when violations of law occur.  These measures, coupled with vigorous advocacy from experienced counsel, maximize the financial institution’s ability to convince the government to abandon the traditional binary approach – limited to the question of whether to indict the institution or not – in favor of alternative resolutions which reflect that those breaches result from isolated transgressions rather than systemic flaws.

The Credit Suisse prosecution offers lessons of broader application for financial institutions beyond the issue of handling wire transfers from sanctioned countries.  The case signals the Justice Department’s commitment to a policy of rewards and punishment designed to induce financial institutions to prevent, detect, and remedy violations of law.  It also makes clear that the government expects that institutions will disclose evidence of those violations to authorities, or be subjected to extreme sanctions.  Financial institutions that heed that message will realize direct and substantial benefits, in the form reduced risk of violations of law and compelling arguments to limit sanctions when violations do occur.  Those who ignore the warning do so at their peril.