Last week, the Federal Deposit Insurance Corporation (FDIC) issued an “order to pay civil monetary penalty” to Apple Bank for Savings based in New York City. This was done because of alleged violations of the federal Bank Secrecy Act (BSA) from 2014 to 2018. The FDIC order stated that “it had reason to believe” that Apple Bank violated the BSA’s anti-money laundering (AML) provisions and failed to comply with a 2015 FDIC consent order–also related to alleged BSA/AML violations–all of which justified a $12.5 million penalty.

The FDIC order also stated that the bank regulator considered a variety of factors including “the gravity of the violations” and “the history of previous violations.” These factors point towards the 2015 consent order through which Apple Bank was directed to enhance its BSA/AML compliance program. Apple Bank was directed to enhance risk assessments, develop internal policies and processes, update its suspicious activity monitoring system, and other actions.

The 2021 order to pay made specific mention of 12 C.F.R. § 326.8, one of the federal regulations implementing the BSA. The regulation mandates that FDIC-regulated banks implement an AML compliance program. This program would need to provide sufficient internal controls to assure compliance with record keeping and reporting requirements, independent testing for compliance, and the use of a designated person for monitoring day-to-day compliance.

The $12.5 million fine against Apple Bank serves as a warning for financial institutions who must remain vigilant regarding BSA/AML compliance. Big and small banks alike must tailor their compliance program to fit their institution, customers, and circumstances. While a bank is not expected to be perfect in following its BSA obligations, it may be appropriate to apply the adage of “fool me twice,” as the FDIC likely won’t have patience with continued AML violations.