TY - JOUR
AU - Zaring, David
AB - ABSTRACT Being a big bank means the regular payment of huge fines to a number of different regulators, paired with profuse apologies, and promises to do better next time. This article makes use of a hand-collected dataset to show how this enforcement worked in the United States after the passage of the Dodd-Frank Wall Street Reform Act. American regulators have tended to hunt the big banks in packs, with multiple regulators pursuing fines against financial institutions for the same misconduct. Regulators frequently enforce in a ‘viral’ manner: once they sanction one bank for a type of misconduct, the chances that they will sanction another bank for the same sort of misconduct increases. Some regulators like to bundle a variety of different unlawful actions by banks into one global settlement. Enforcement by the Department of Justice can result in spectacularly expensive settlements compared to the level of enforcement by primary banking regulatory agencies; overall, Department of Justice sanctions in dollars dwarf those of all other agencies policing part of what a bank does. American enforcement, despite suspicion to the contrary, does not appear to protect domestic banks and discriminate against foreign ones. Although this article’s primary goal is to make sense of the federal government’s overall enforcement practices, one recommendation is made: criminal prosecutors should consult with safety and soundness regulators before unveiling indictments and settlements against banks. I. INTRODUCTION People often say that the biggest banks ‘get away with murder’, that the banks caused the financial crisis but did not pay any penalty for it, and that the banks, with the assistance of Congress, have their regulators on a short leash. Perhaps so, but it is also the case that being a big, sophisticated bank means writing regular cheques, paired with profuse apologies and promises to change your ways, to a large array of American regulators. Sometimes the discipline takes the form of pile-ons, with multiple regulators sanctioning the same conduct. In this article, I analyse thousands of enforcement actions and take a census of the hundreds of such actions taken by American regulators against the world’s largest banks during the period between the passage of the Dodd–Frank Wall Street Reform and Consumer Protection Act (‘Dodd-Frank’) in July 2010, and 31 December 2016, which was near the end of the Obama administration. This effort allows us to characterize the nature of American bank enforcement. Much of the article’s contribution consists of this descriptive and analytical account, which tracks the legal nuances raised by the wide variety of actions on which the various financial regulators rely. The account allows for comparisons, and reveals enforcement trends that cut across the agencies. But the article concludes with a normative recommendation: because most of the fines that banks pay come from the Department of Justice (DOJ), which is focused more on national security and anti-money laundering rules rather than the safety and soundness of banks, prosecutors should consult with bank regulators before bringing charges. Enforcement against big banks can be cumulative. Increasingly, multiple agencies will penalize banks for the same misconduct, which might be deemed by one regulator as, say, a violation of public disclosure duties, and another regulator as a problem with the safety and soundness of the bank—a feature of enforcement that might be analogized to the ‘wolf pack’.1 It is also ‘viral’—in other words, enforcement against one bank for one kind of misconduct is correlated with enforcement against other banks for the same kind of misconduct. Virality is exemplified by the DOJ’s Swiss Tax Program, which sanctioned a number of banks, including some of the world’s largest, for helping their clients evade taxes by parking money in Switzerland in what became a standardized process. Finally, for many regulators, particularly the DOJ and the Securities and Exchange Commission (SEC), enforcement is ‘comprehensive’—one enforcement action bundles together a variety of similar sorts of misconduct. A bank will settle with the SEC, in other words, for all of its rate-rigging misconduct, and with the DOJ for all of the times it failed to prevent business being done with foreign countries on a sanctions list. Enforcement by most regulators does not only involve the payment of a fine. Settlements by regulators with global banks are also characterized by probationary periods and promises to increase investment in compliance programs, sometimes with the assistance of an outside monitor. We can also consider the winners and losers of enforcement—and I look at three such questions in particular. Is there discrimination against foreign firms? Is there discrimination in favour of large banks? In the United States, do large banks face more regulatory risk from their direct supervisors or from other regulators? As for the last question, the primary regulators of the large banks—the Federal Reserve (Fed) and Office of the Comptroller of the Currency (OCC)—have launched a similar number of enforcement actions per agency against big banks as have their secondary regulators. The secondary regulators are regulators who are responsible not for the ongoing supervision of the systemically important financial institutions (SIFIs) but instead police certain activities in which SIFIs are engaged—ie the DOJ, the Consumer Financial Protection Bureau (CFPB), capital markets regulators, and anti-terrorism regulators.2 However, because the DOJ has imposed massive penalties on the largest banks since the passage of Dodd-Frank, amounting to 80 per cent of the fines paid to the federal government, the real regulatory risk for financial institutions lies, at least in terms of dollars paid, with criminal prosecutors. Because those prosecutors can also threaten the liberty of the bankers at the largest banks, it is easy to predict that white-collar criminal defence is a particular obsession of big bank compliance departments. The largest banks, though holding a disproportionate share of the assets of all banks, account for less than 1 per cent of the enforcement actions launched by regulators. However, the largest banks pay a higher proportion of fines than do community banks. Foreign large banks have been subject to the same number of enforcement actions as domestic large banks—even though domestic banks hold a much larger share of the American market. Significance testing does not suggest that American regulators are disproportionately likely to launch enforcement actions against foreign banks, however. The largest domestic banks have paid the most in penalties as a percentage of their total assets to American regulators. Two limits of this study are worth acknowledging at the outset: one concerning unobservable enforcement and the other concerning the representativeness of big banks. If sometimes regulators require banks to pay penalties, those penalties can be observed. But banking agencies sometimes prefer to impose more ‘equitable’ relief, requiring banks to take steps to prevent illegal activity in the future. If this sort of relief ends a filed enforcement action, it can also be observed. However, there is a third style of regulation—regulation by hints, winks, phone calls, and, more formally, private letters. This is bank supervision, as opposed to enforcement, and it is largely hidden from view. As the Federal Deposit Insurance Corporation (FDIC) has explained, ‘informal actions are neither publicly disclosed nor legally enforceable’, but often compel action by a bank.3 But it is impossible to observe informal supervision when examining the published record of the enforcement activity against the nation’s largest banks.4 Studying the most important banks and the most important regulators is important. But it is worth remembering that most of the enforcement actions by financial regulators do not target the largest banks, but other sorts of banks; indeed, the largest American banking regulator by headcount, the Federal Deposit Insurance Corporation (FDIC), barely brings enforcement actions against large banks at all, but is a constant presence in the life of so-called community banks with state banking charters. These banks, along with national banks of a small or medium size, were not included in this study, except as aggregates, because they do not pose the same risks to the financial system as large banks.5 Moreover, the relationship between small banks and their regulators may be very different from that of large banks and theirs. This article begins with a review of the literature on regulatory capture and regulatory xenophobia in section II, providing some context for the distinction between big banks and the thousands of other banks in the American system. In section III I analyse the actual practice of enforcement since the passage of Dodd-Frank of the federal regulators who supervise banks (ie the Fed, the OCC, and the FDIC), which I deem to be their primary regulators. In section IV I analyse the enforcement records of the secondary regulators, in particular the record of the most dangerous regulator—the DOJ. More qualitative conclusions from this enforcement record are drawn in section V. I show how regulators currently ‘hunt in packs’ when it comes to big banks and that enforcement is viral and cumulative, and I argue that foreign banks have been treated no worse than American banks by American regulators. Finally, I offer a consultation recommendation in section VI. II. BACKGROUND AND PRIOR LITERATURE The big banks studied in this article make up the formal list of who in the world is ‘too big to fail’: a term applied to financial institutions whose collapse would be so disruptive that it could not be permitted.6 Ever since the financial crisis, American regulators have sought to ‘end too big to fail’ largely by trying to make sure that big banks will not come close to failure.7 Large banks face enhanced capital requirements and a regular regime of stress testing designed to ensure that the bank’s balance sheet is strong enough to survive an unpleasant shock such as a recession or a financial crisis. The requirements, which have spread through the world, also act as a deterrent towards bigness, because with size comes additional regulation—an additional capital requirement, for example, or more frequent stress tests.8 But regulators also have also policed the conduct of these banks through enforcement actions. The actual practice of federal regulators with regard to the world’s largest banks speaks to three different literatures: one invoking regulatory capture, one raising issues about foreign discrimination, and one trying to tease out the difference between enforcement and supervision. In addition, as we will see in section V, the ‘style’ of enforcement is something that I argue can be characterized as a few different techniques. The first strand of the literature, which has resounded in the broader culture, is about whether there was enough punishment of large banks in the wake of the financial crisis.9 Despite the fact that large banks were intimately involved in the conduct that led to the financial crisis, they were bailed out and barely sanctioned, at least criminally, in its aftermath. Julie Anderson Hill identifies a ‘near-complete absence of capital enforcement actions issued to the largest banks’, even as capital-focused enforcement has risen substantially in the wake of the financial crisis.10 Many observers have bemoaned this record as a failure of regulators to hold financial institutions accountable after the financial crisis. The journalist Jesse Eisenger has argued that there was a toxic settlement culture at these agencies—and most of the matters covered by this article are in fact settlements—that meant that financial executives who had engaged in criminal wrongdoing never had to go to jail because of caution on the part of government law enforcement.11 The story is one of regulatory capture—government officials are unwilling to go after the large banks because of their political power, because the officials aspire to be employed at those financial institutions, or, perhaps, because they view the institutions as staffed with the sort of sophisticated lawyers and compliance officers who are peers, and occasionally former classmates, of their regulatory antagonists.12 There are other ways that the ‘captured enforcer’ narrative has been expressed.13 Some academics worry that the largest banks in any country will be viewed by that country as a ‘national champion’, to whom light-touch regulation is thought to be owed, even if the bank is taking risks that are undeserving of such deference.14 The incentives for taking action against a high-profile financial defendant is complicated. As Jill Fisch has put it: On the one hand, these political pressures can cause prosecutors to fail in holding wrongdoers accountable, especially if those wrongdoers are high-level corporate officials. On the other hand, they can lead regulators to pursue cases that produce headline-generating fines and penalties, but where the nature of the wrongdoing is ambiguous.15 Placing the enforcement track records of every federal regulator in the context of all the others helps to make sense of just what kind of punishments were meted out, and how regulators compared with one another. The second strand of the literature focuses on whether American law enforcement has discriminated against foreign corporations. Stephen Choi and Kevin Davis have found that enforcement of the Foreign Corrupt Practices Act (FCPA) has disproportionately affected foreign corporations as opposed to American ones.16 As Rachel Brewster has observed, ‘Out of the top ten FCPA fines (from $800 million to $338 million), seven are foreign corporations’.17 Alan Sykes and Rebecca Perlman have also noted the ‘the aggressive extension of U.S. jurisdiction to foreign companies’.18 These authors argue that American regulators discriminate against foreign firms when it comes to the enforcement against financial wrongdoing. It is hard to know what the ‘right’ level of enforcement is against any two populations. Even disproportionate enforcement could show that foreign banks find compliance with American law, which they do not understand, difficult. But establishing that American regulators have imposed disproportionately large fines against foreign large banks relative to their market share in the United States would be suggestive that, indeed, American regulators take a particularly gimlet-eyed view towards foreign misconduct. What should we make of this extraterritoriality, if it exists? It might suggest that American regulators view their statutory remit as something that extends beyond American borders. The motivation could be as base as protectionism or as laudatory as a view that the United States owes the world its best efforts to combat financial fraud and corruption. In either case, we might expect to see disproportionate (again, using the term advisedly—it is hard to tell what the ‘right’ level of enforcement might be) attention paid to foreign banks, and, these authors argue, we do see this. Finally, a comprehensive account of enforcement against large banks places their regulatory risk in context. Pierre Verdier has argued that the best way to make sense of what banks need to worry about is to focus not on their interactions with their principal supervisors, but rather on their relationships with the ‘wildcard’ agencies—the criminal prosecutors at the federal and state level and the anticorruption monitors at the Securities Exchange Commission (SEC)—which do not ordinarily concern themselves with banking, but which can disrupt banks when they choose to do so. As we will see, secondary regulators are a bane of the existence of large global banks, but they are not the only bane. The primary regulators of those banks—the Fed and the OCC—have imposed plenty of fines on both domestic and foreign institutions; fines that rival those imposed by the Commodities Futures Trading Commission (CFTC) and the SEC, but that are dwarfed by the sanctions imposed by criminal justice regulators.19 III. REGULATORY ENFORCEMENT PRACTICES OF THE CORE FINANCIAL REGULATORS: BROADENING THE SCOPE OF SAFE AND SOUND Core financial regulators share a common set of enforcement powers against banks—outlined in the Federal Deposit Insurance Act, and granted to the OCC, the Fed, and the FDIC. These three federal regulators are the primary regulators of banks in the United States. Each of these agencies possesses the power to terminate or suspend deposit insurance; to issue orders to cease and desist certain practices; to remove, prohibit, or suspend the ability of banks, their employees, or their managers to engage in the business of banking; and to impose civil money penalties.20 These sorts of enforcement actions are the unit of study in this section of this article. Congress has divided their supervisory responsibilities among a confusingly large number of regulators; in this article I consider the three federal supervisory regulators, but each state has a role to play in chartering banks. The OCC acts for national banks; the FDIC handles state chartered banks, which means that it is essentially out of the business of the supervision of the large banks. The Fed regulates bank holding companies, and American operations of large foreign banks, which gives it a degree of extra oversight of large, complex financial institutions. Other federal regulators regulate banks as broker-dealers, derivatives structurers, or assess the way their businesses treat consumers. For each of these regulators, the enforcement tools at their disposal range from what could be described as a scolding to the death penalty—the revocation of a charter or deposit insurance.21 Because we cannot observe scolding, and because American regulators reserve charter revocations for small and seriously underfunded institutions, the enforcement actions by primary regulators against big banks feature a combination of quasi-injunctive relief and civil monetary penalties that exist in the middle of this spectrum. Federal regulators divide their enforcement actions into two categories: formal and informal. As the OCC has observed, ‘formal enforcement actions are authorized by statute (mandated in some cases), are generally more severe, and are disclosed to the public. Also, formal actions are enforceable through the assessment of civil money penalties and, with the exception of formal agreements, through the federal court system.’22 While informal enforcement actions are not legally binding, there is extensive literature on the ways that they constrain regulated industry. This informal enforcement can be dramatic; for six years, Obama Administration regulators prevented JPMorgan, the nation’s largest bank by assets,23 ‘from opening branches in new states as punishment for violating banking rules’.24 This is the sort of sanction that any investor would find material, and yet it was never disclosed, and so it is not reflected this article’s data or JPMorgan’s stock price. To determine the amount of a fine, the banking agencies considers four statutory factors:25 (1) the size of financial resources and good faith of the institution or person charged; (2) the gravity of the violation; (3) the history of previous violations; and (4) such other matters as justice may require.26 In what follows, I review the legal authority and actual practice of the primary regulators, and then offer some comparisons of the regulatory risk they pose for large banks. Figure 1 illustrates the value in dollars of enforcement actions paid, broken down by agency. 1. The Fed: foreign jurisdiction, but American banks The Federal Reserve Board plays an important supervisory role when it comes to banks. For the largest banks, the Fed is more likely than other regulators to bring enforcement actions against foreign firms (probably for jurisdictional reasons). Otherwise, it has imposed approximately similar numbers of enforcement actions and sanctions against firms as the OCC. The Fed’s foreign banking remit has not resulted in an obvious over-policing of foreign financial institutions. Those institutions paid one-third of the penalties that the Fed received after the financial crisis, while domestic firms paid the rest. The Fed’s 56 enforcement actions resulted in almost $6 billion in penalties, a number dwarfed by DOJ, but large compared to the less active financial regulators. Some themes emerged from the Fed’s enforcement priorities, as was the case for most financial regulators. Banks settled a number of enforcement proceedings concerned with their handling of suspicious activities reports in terrorism financing cases—to the Fed, this was a safety and soundness matter. Banks with large consumer finance arms often paid penalties for the way they had handled foreclosures in the wake of the crisis. In cases where the bank had lost money due to an operational problem, the Fed often faulted its inadequate risk management practices. These matters predominated the agency’s enforcement matters posed against the largest banks. a. The Fed’s enforcement powers The Fed’s way into banking supervision has come from three responsibilities granted to it by Congress. The first concerns its responsibility to monitor the safety and soundness of bank holding companies,27 or the parent company of a group of bank subsidiaries, which, for historical reasons, characterizes the structure of many of the largest banks in the country.28 Second, the Fed is also the primary regulator of banks that have chosen to join the Federal Reserve System; uniquely in the United States, banks can choose their regulator by obtaining a charter from their state regulator, by joining the Fed’s system, or by obtaining a federal banking charter from the OCC.29 Finally, the Fed is the primary regulator of foreign banks doing business in the United States.30 In this area, it is a regulator that throws its weight around. In 2014, the Fed finalized a rule to ‘require foreign banking organizations with a significant U.S. presence to create an intermediate holding company over their U.S. subsidiaries’, which would be subject to US capital requirements.31 As with all banking regulators, the Fed’s practice, when it comes to ensuring that the largest financial institutions do not misbehave, is a combination of supervision by phone call and letter, and more concrete measures, initiated ‘for violations of laws, rules, or regulations, unsafe or unsound practices, breaches of fiduciary duty, and violations of final orders’. 32 These formal enforcement actions include cease and desist orders, written agreements, prompt corrective action directives, removal and prohibition orders, and orders assessing civil money penalties.33 The agency, like its peers, makes these proceedings public. Like its peers, it also has a panoply of non-public informal enforcement actions including directives to the bank board and informal agreements with bank managers on how to remedy a variety of derelictions. They include commitments, Board resolutions, and memoranda of understanding (MOU). Commitment requests are conveyed by letter to the bank, seeking a letter back establishing compliance.34 Board resolutions are sought when a number of commitments must be made, and the bank regulator would accordingly like to see them expressed in the bank Board’s minutes.35 A MOU is the most elaborate type of informal supervisory tool; it involves ‘highly structured written, but informal, agreements that are signed by both the Reserve Bank and the bank’s board of directors. An MOU is generally used when a bank has multiple deficiencies that the Reserve Bank believes can be corrected by the present management.’36 Preceding these kinds of enforcement arrangements is the confidential and basic supervision tool, a communication known as a ‘Matter Requiring Attention’ (MRA) or a ‘Matter Requiring Immediate Attention’ (MIRA). An MRIA is, the Fed has explained, a way a supervision can communicate a: matter[] of significant importance and urgency, and include (1) matters that have the potential to pose significant risk to the safety and soundness of the banking organization; (2) matters that represent significant instances of noncompliance with laws or regulations; and, (3) repeat criticisms that have escalated in importance due to insufficient attention or action by the banking organization.37 The MRA covers a similar concern, but the response by a bank that receives an MRA is not expected to be ‘immediate.’38 Like all legal matters, most enforcement actions brought by the Fed settle; moreover, the Fed has some constraints on the type of relief it can seek through settlement. For example, when the Fed determines that a civil money penalty is justified, it must consider a number of different factors to arrive at an appropriate amount, including the financial resources and good faith of the person charged; the gravity of the misconduct; the history of previous misconduct; the economic benefit derived by the person from the misconduct; and such other matters as justice may require.39 b. The Fed’s enforcement practices For the purposes of this study, all 56 enforcement actions brought by the Fed against a big bank during the period from the passage of Dodd-Frank to the end of 2016, were obtained from Bloomberg and hand coded by defendant, penalty, statutory basis, and other forms of relief. In many of these cases the Fed insisted on the addition of internal controls—in 20 of the enforcement actions, the bank had to promise to add a new compliance programme to its roster; in 19 enforcement actions, the bank promised to add additional executive oversight, and in 17 enforcement actions, the bank committed itself to a written plan of improvement. As we have observed, the subject matters of the enforcement actions varied, but in some cases the Fed would team up with the OCC to fault a bank for some crisis-related misconduct, often resulting in large penalties. It frequently joined with other regulators in rate-fixing cases, where RBS, Barclays, and BNP Paribas, among others, paid penalties for failing to prevent their traders from colluding with their counterparts at other banks. It also sanctioned a number of banks for inadequately managing their anti-terrorism financing programs, and for hurting consumers with their mortgage foreclosure practices. The Fed brought eight actions against HSBC, seven actions against Citigroup, and 11 actions against JPMorgan Chase during the period, making these institutions the ones most likely to be targeted. The Bank of China and the China Construction Bank were also the recipient of an enforcement action each—this was unique among federal regulators who otherwise ignored these foreign, state-run institutions with little presence in the United States. Because of its jurisdiction over large foreign banks doing business and with significant operations in the United States, the Fed also pursued other foreign banks, bringing enforcement actions against RBS, Standard Chartered, BNP Paribas, Santander, Barclays, Credit Suisse, and UBS. The Fed imposed fines in approximately half of these actions. In some cases, the fines were substantial. BNP Paribas was fined $508 million in 2014 and Barclays paid a $342 million fine in 2015. In other cases, the amounts involved were quite small, including, for example, a $500,000 fine against JPMorgan Chase in 2016. All told, the Fed imposed approximately $6 billion in fines against large banks during the period of study. This made it a relatively standard issue enforcer that would be essentially matched by the SEC, the CFTC, and the OCC. No fines were imposed in 38 of the actions brought during the period, in which cases the banks were subjected to the regulatory form of injunctive relief. In such cases, the largest banks tended to commit themselves to better internal controls designed to catch misconduct before it could be visited on clients, and promised not to make the same mistakes again in the future, with the Fed reserving the right to revisit the matter if necessary. Most regulators imposed no-fine sanctions on banks, but these sorts of sanctions were particularly likely when the Fed or the OCC was involved. This sort of ongoing relationship with the regulator to ensure that compliance was in place looks a bit like the ordinary supervision that marks the relationship between the Fed, the OCC, and the big banks.40 In most cases, the Fed’s enforcement actions were brought against the banks themselves rather than against individual employees for wrongdoing, although approximately 15 enforcement actions were brought against individual bankers at the large banks. Because these enforcement proceedings affected the big banks for which the bankers worked, they were included in the sample. But the tenor of these enforcement proceedings was often different. Sometimes, the bank’s compliance officials cooperated with the Fed to uncover the wrongdoing or were the ones who initially brought the case to the Fed. In many of these cases, the proceeding was a prelude to drumming the banker out of the profession for the sort of misconduct that no regulator would want to see—theft from the employer, or illegal trading with the bank’s resources, for example. 2. The OCC: the domestic regulator The Office of the Comptroller of the Currency (OCC) was created during the American Civil War to handle the first wave of federally charted banks.41 Ever since, it has been the lead supervisor of financial institutions that choose to be chartered by the federal government rather than by one of the states in which they do business. OCC-monitored banks tend to be somewhat larger than state-regulated banks, and for the largest banks, it is quite common for the OCC to regulate the bank along with the Fed for safety and soundness, with similar regulatory powers. This system of dual regulation is due to the different levels of complex institutions on which the two federal regulators focus. Federally chartered banks that are subsidiaries of bank holding companies are overseen by the OCC at the bank level, and by the Fed at the holding company level. The result is that the OCC has a disproportionate role to play over large domestic banks, a role that was exemplified by its matching up with the Fed and SEC when it comes to sanctions against those financial institutions—the OCC obtained $6.4 billion in penalties against large banks. Those penalties came from 70 enforcement actions, and the OCC directed over half at the largest American financial institutions: Wells Fargo accounted for 20 such actions, and Bank of America for 24. The next largest repeat violator was HSBC, which was sanctioned 13 times. a. The OCC’s enforcement powers Like other financial regulators, the OCC has the power to enforce its priorities through, at the lightest of its touches, complaining to the executives of the banks it supervises, and progressing to, at the heaviest of touches, revoking the bank’s charter, or forbidding it to rely on FDIC deposit insurance. Like the Fed and the FDIC, the OCC distinguishes between formal enforcement actions, which are public, legally binding, and can include monetary penalties, and informal enforcement actions, which are non-public, non-binding in theory, and can cover any kind of equitable relief. Most OCC matters settle, meaning that the relief obtained by the agency must be negotiated. But that negotiation can be cabined by the agency’s regulatory authority when it comes to assessing penalties. Its power to assess penalties is limited to a statutory scheme that classifies them into three tiers based on the severity of the actionable conduct and the level of culpability and sets maximum amounts that may be assessed, which are periodically adjusted for inflation.42 The agency has tried to make these penalties consistently applied across enforcement actions,43 but it has plenty of flexibility even in litigated monetary penalty matters; it can consider, by statute, ‘such other matters as justice may require’.44 b. The OCC’s enforcement practices Collecting every OCC enforcement action against a big bank and hand coding it for remedy, statutory basis, and defendant offers a look at what the agency is actually doing when it takes on big finance. As with the Fed, Bloomberg offered comprehensive enforcement action data, after which actions taken against large banks were reviewed by hand to tease out the monetary relief and the other remedies ordered. The OCC’s enforcement actions during the period reviewed in this study covered a wide array of activity. They frequently required the defendant bank to, going forward, develop a ‘progress report’ or ‘action plan’, which was a part of 27 of the 76 actions. Otherwise, financial institutions would sometimes be required to retain a third party for a management analysis, in rare cases were given restrictions on the sort of business that could be done going forward, and in still other cases required to do an internal audit or come up with a reimbursement or distribution plan to make right damage done by the illegal activity. The OCC imposed fines in 25 of the 70 actions it brought. Usually those fines were relatively modest. In one case, however, $765,823,531 in relief was imposed on Wells Fargo for mortgage-related misdeeds and Wells Fargo was required to develop a plan to compensate homeowners, or at least reduce the burden on them, in the wake of the financial crisis and decline in the value of housing assets. Most of the OCC’s biggest targets were domestic banks, though HSBC might have rued its $660 million paid to the government by the end of 2016. The series of fines, however painful, were dwarfed by the totals paid by domestic incumbents—JPMorgan Chase paid $1,980,450,340, Bank of America paid $1,610,900,009, while Wells Fargo topped them both with $2,147,659,194. Domestic firms faced the brunt of OCC enforcement, along with the London-based HSBC. These matters were concerned with failures in the anti-terrorism financing programs managed by the banks; derelictions in the treatment of mortgage holders by the consumer financing wings of the banks; and safety and soundness problems created by their practices during the financial crisis. The mortgage relief could be substantial—although the government’s leniency for banks involved with the housing bubble came in for some criticism, the three largest American banks, Bank of America ($1,127,453,261); Wells Fargo ($765,823,531); and JPMorgan Chase ($753,250,131), all paid substantial sums to fund payment reductions to ‘underwater’ mortgage holders, and this was a recurring theme in OCC enforcement action. 3. The FDIC: the big bank bystander The Federal Deposit Insurance Corporation (FDIC), the final primary banking regulator, is left for last because of its relative unimportance when it comes to overseeing the largest banks, as a search of its enforcement actions for big bank defendants reveals. The FDIC, in spite of the fact that the large banks almost all have depositors, delegates supervision responsibility over national banks to the OCC, and banking holding companies to the Fed. Because large banks are usually organized as bank holding companies, are members of the Federal Reserve System, hold national charters, or all of the above, the FDIC has performed little oversight over the largest banks, with one exception. The FDIC offers deposit insurance to both state and federally charted banks, and every bank that has depositors needs that insurance before it can open. The agency’s supervision of banks is rooted in the goal of protecting the deposit insurance fund. To that end, the agency has an army of financial examiners; its total headcount in 2016 was 6096, a larger headcount than that offered by other regulators, and one, once again, focused on small, state-chartered banks.45 The agency has been a much less active enforcer against the largest banks than its peers—indeed only two enforcement actions by the financial regulator could be found between the passage of Dodd-Frank and the end of 2016. Specifically, the FDIC imposed a $425,000 civil monetary penalty against Barclays’ credit card unit for engaging in unfair practices in conjunction with its convenience check program and credit line decrease activities. It also banned a mid-level executive at Santander from participating in the affairs of the bank. Otherwise, its only activities regarding the world’s largest banks were to remark that it had removed them from its jurisdiction because they were no longer taking deposits in the United States. It made such announcements for HSBC’s Nevada branch and for the Bank of Tokyo and Mitsubishi UFJ Trust over the course of the years following the passage of Dodd-Frank, a reflection of the fact that foreign banks have begun to shy away from exposing themselves to US bank supervision after the financial crisis.46 This extraordinarily small record of enforcement against big banks compares to the high-water mark of 4,597 enforcement actions by the agency in 2011, and the lower-bound of 3,787 in 2016, far more than the Fed or the OCC brought in total.47 The FDIC, however, supervises thousands of small banks, rather than a few large ones (other than Truist, the country’s sixth largest bank, which was created by a 2019 merger of two southern regional lenders).48 4. Comparisons Scholars of regulation have wondered whether agencies are particularly likely to focus on the too-big-to-fail large banks. The aggregate data does not suggest so. The FDIC brought, on average, 4,280 enforcement actions per year between 2010 and 2016, and two (or five, if you count the notices of a lack of jurisdiction) of those were filed against big banks or their subsidiaries, or .01 per cent of the agency’s total actions during that period.49 The Fed and the OCC filed more, but the percentages are still quite uncompelling. The Fed’s 56 enforcement actions would be .01 per cent of the 40,832 enforcement actions filed during the period by the FDIC, and the OCC’s 70 proceedings amounted to 0.6 per cent of its enforcement actions.50 As a percentage of monetary penalties and other damages collected, the proceedings against the largest banks counted for more. Although the Fed filed more actions against international banks than did the OCC, jurisdictional reasons probably account for the difference. Otherwise, the look and feel of the enforcement actions between the two agencies was not dissimilar—the reason-giving and length of the enforcement action orders were similar, the agencies imposed about the same amount of penalties, and otherwise seemed to be operating on the same type of wavelength—perhaps unsurprising, given the effort by both regulators to follow the FFIEC paradigm, and the identical enforcement powers on offer to both. In the wake of the financial crisis, for big banks the main regulatory concern was that the safety and soundness regulators were increasingly pursing more and different sorts of enforcement action—sanctions that broadened the ambit of what could be included in safety and soundness, and that came with some big penalties. IV. REGULATORY RISK FROM SECONDARY REGULATORS Large banks do not face regulatory risk just from their banking regulators. Consumer protection and other regulators have imposed, of late, high-profile penalties against these institutions, and none more vigorously than the DOJ. It is not only the DOJ, however. The SEC has imposed centi-million-dollar fines against many large banks for their role in offering housing-related products to investors without adequately disclosing the risks posed by the investments in the wake of the financial crisis. The counter-terrorism units of the Treasury Department have imposed high-profile sanctions against banks for failing to set up adequate controls designed to catch money launderers. This section of the article reviews the punishments imposed by these secondary regulators. If they are more severe than the fare offered by the Fed and the OCC, this might suggest that primary regulators take a light touch with big banks, and possibly fuel the capture narrative sometimes made about banking regulators. There may be some basis for the narrative, although it is one driven by the overwhelming set of penalties imposed on the big banks by the DOJ. The Commodity Futures Trading Commission (CFTC) was a surprisingly important scourge of large banks in the wake of the financial crisis, probably because of a particular set of scandals involving rate rigging, over which it had jurisdiction. 1. The DOJ: the alpha leading the wolf pack a. Overview The DOJ is by far the most punishing enforcer of federal laws against big banks, and, at least when it comes to fines imposed, none of the others come close. Some observers have characterized this development as a criminalization of regulation—banks, it might seem, are now obligated to prioritize the things that the DOJ worries about—terrorism finance, sanctions avoidance, and criminal fraud—more than they have to worry about safety and soundness.51 And it is true that many DOJ sanctions are quirkily criminal—only the DOJ and the SEC worry about bribing foreign government officials, for example, and yet big banks have paid bigger fines for paying such bribes than they have for what might seem to be more central problems posed by, say, misleading accounting. In other ways, the DOJ’s big role is consistent with more ordinary policing of big banks because of the flexibility of the criminal wire fraud statute. It allows the Department to play a role in what might be thought of as ‘extra serious’ regulatory violations. Criminal consumer fraud often falls into this category. In all of these cases, the DOJ would often join other regulators—and quite often lead them—in sanctioning the same misconduct under a variety of different statutes administered by different agencies. It would often bring the same kind of cases—such as using Swiss banking laws to help clients evade taxes—against a number of banks, meaning that the first Swiss tax case brought against one big bank gave other big banks a reason to worry. There are some curiosities here. The DOJ is not dedicated to policing the financial markets, its leadership is not particularly financially-savvy—the Department is run by lawyers, most of whom have a criminal prosecution background—and it devotes most of its time to other kinds of crime, ranging from federal drug offences, to bank robberies, to terrorism. But, because of its white-collar crime responsibilities, as well as its jurisdiction over certain kinds of fraud, it plays an important, if not particularly consistent, role in policing misconduct at banks. Although it did not launch enforcement actions in comparable numbers to those launched by the primary banking regulators and the SEC, when it did impose sanctions, they tended to be dramatic ones. Because the DOJ files so many complaints, and settles so many of them, obtaining a comprehensive list of the Department’s efforts against big financial institutions could not rely on an examination of its enforcement actions alone. The Department’s press releases between the passage of Dodd-Frank and the end of 2016 were scrutinized to determine whether the DOJ was impressed enough with an action against a big bank to tell the public about it. The assumption was that every serious action would warrant a press release, and, although the releases were over-inclusive, that it would be unlikely that any enforcement action against a big bank involving a sanction of note would not be referred to in a press release. The Department has imposed approximately 80 per cent of the monetary penalties and settlements paid by big banks in the wake of the passage of Dodd-Frank. The DOJ’s 64 enforcement actions resulted in approximately $100 billion worth of sanctions imposed on big banks, almost always through settlement. Bank of America paid almost $30 billion to settle cases with the Department in the wake of the financial crisis, BNP Paribas paid over $18 billion, and JPMorgan paid almost $15 billion. For what it is worth, a t test suggests that enforcement by DOJ differs significantly from enforcement by banking regulators (the p value is 0.0007). Figure 1 Open in new tabDownload slide Figure 1 Open in new tabDownload slide The DOJ’s recent policies when it comes to policing big banks have come in for much debate. We usually see prosecutions in the wake of a financial crisis—sanctions meted out for the excesses of the last boom, often singling out particularly egregious cases of misconduct. The dotcom bust, for example, had its poster children in the Enron and WorldCom prosecutions.52 The Savings and Loan crisis has its Keating Five, along with thousands of thrift executives who went to jail.53 But almost none of this has happened in the wake of the financial crisis. There were no criminal prosecutions that resulted in actual jail time for employees of the largest banks, let alone their executives—and the statute of limitations for such actions was very much in play during the period.54 It is not clear why. It is difficult to win financial crisis cases because the crisis affected every institution in the financial sector, making it difficult to establish that any single individual or company did something distinctively rash that contributed to it.55 Another factor is probably a reluctance that might be attributed to the ‘Andersen Effect’, particularly given the recession affecting the economy. The firm Arthur Andersen collapsed after a DOJ indictment that was later vacated by the Supreme Court—too late to save the jobs of the thousands of Andersen employees who had nothing to do with auditing Enron.56 Former Attorney General Eric Holder, while speaking to the Senate Judiciary Committee in March 2013, also expressed concern ‘that if we do prosecute—if we do bring a criminal charge—it will have a negative impact on the national economy, perhaps even the world economy’.57 But this new unwillingness to prosecute individual bankers did not extend to imposing monetary and non-monetary sanctions on large banks. In that regard, the DOJ has really outdone its fellow federal government regulators. b. The DOJ’s enforcement powers The most important substantive criminal statute when it comes to regulating bank misconduct at the DOJ is the wire fraud statute.58 That statute criminalizes knowingly false statements made to obtain a thing of value from another person by use of any electronic device, including telephones, the Internet, and electronic mail. The breadth of the wire fraud statute makes it adaptable to all sorts of criminal activity, ranging from politics to multi-level marketing schemes to corporate misconduct. To justify its interventions, the DOJ can also look to its responsibilities to prevent companies from bribing foreign officials, to prevent companies from laundering money for terrorists or narcotraffickers, as well as its special responsibility to protect servicemembers from being exposed to financial misconduct. Instead of prosecuting large companies, the DOJ has elected to favour deferred prosecution agreements (DPAs) and non-prosecution agreements (NPAs).59 The DOJ has a set of frequently-revised factors and employs them to make determinations as to whether to charge a corporation or the individuals working for it with criminal wrongdoing. The so-called ‘Filip factors,’ named after a former government official, focus on the seriousness of the crime, the pervasiveness of the wrongdoing in the corporation, the history of similar misconduct, the firm’s willingness to cooperate with the prosecutors, and the existence and effectiveness of a compliance programme.60 The factors are not, perhaps, too surprising, but they do offer the government quite a bit of flexibility in deciding whether to prosecute, and incentivize firms to cooperate with the government once the decision to launch a prosecution has been made. During the period of study, the Department revised the Filip factors to focus on prosecuting individuals rather than corporations without, it must be said, an uptick in the prosecution of individual managers at big banks.61 To determine the fine to be assessed in a settlement with a bank, the DOJ is—at least somewhat—governed by the Federal Sentencing Guidelines published by the US Sentencing Commission, which outlines penalties based on the nature and cost of the crime, and the culpability of the individual or firm.62 Despite this relatively formulaic calculation, the DOJ retains significant discretion to assess a specific fine within the range set by the guidelines. However, in addition to fines, the DOJ can seek restitution and disgorgement, and fashion settlements accordingly. Restitution to the victims of the crime is only available when specified by statute, although ‘courts have taken an expansive view of their implied powers to provide equitable relief.’63 Disgorgement—the forfeiture of ill-gotten gains—may ‘be viewed as a supplemental penalty imposed if and when a defendant retains any gains after restitution has been imposed’.64 The law firm Gibson Dunn has estimated that approximately 68 per cent of DOJ enforcement actions of recent vintage against financial institutions proceed with fines alone (that is, without restitution or disgorgement), and only about 18 per cent of DOJ enforcement actions do not involve a fine at all.65 While these principles did not lead to the identification of individuals working for banks who would be subjected to liability during the period in study, Brandon Garrett has documented a rise of bank prosecutions after the financial crisis, though those prosecutions were often paired with DPAs and not with individual liability findings or guilty pleas.66 b. The DOJ’s enforcement practices Four kinds of misconduct dominated the relatively small number of settlements that the DOJ pursued during the period reviewed in this study. First, several banks paid fines related to misconduct in the packaging of various securities that were related to the financial crisis. Often these settlements were announced on the same day and involved a number of different financial institutions. Second, banks paid penalties for a variety of different forms of rate-rigging. LIBOR rigging is the most well-known example of price-fixing of this sort.67 But there were also investigations into foreign exchange rate ratings and the like. The third area of misconduct reached banks that had encouraged their clients to avoid taxes by parking money in Switzerland. In response, the DOJ set up a programme that encouraged banks to come forward with information about clients engaged in the sort of misconduct, whereby the banks could face a relatively mild penalty and avoid the spectre of criminal prosecution. Banks routinely took up this offer in the years following the financial crisis, leading to a number of settlements, often involving a few different banks, announced on the same day. Many of them were small Swiss institutions, but in some cases the big banks participated in the Swiss Tax Program as well.68 Fourth were sanctions-evading fines imposed in conjunction with the counter-terrorism regulators. These four sorts of prosecutions did not cover the waterfront, but were the largest part of it. The DOJ had some other specialties. There were also a series of small-dollar cases brought against big banks under the Servicemembers Civil Relief Act, a consumer protection measure designed to prevent predatory financiers from taking advantage of active service members. The overall amount of the settlements varied wildly. For financial crisis misconduct, Bank of America entered into a $16.65 billion settlement for financial fraud.69 Morgan Stanley agreed to pay $2.6 billion in connection with its sale of residential mortgage-backed securities.70 Wells Fargo paid $1.2 billion for its own improper mortgage lending practices; for Goldman Sachs it was over $5 billion, and for JPMorgan $13 billion.71 Moreover, when the DOJ pursued financial institutions for evading sanctions against either enemy foreign powers or designated terrorists or narco-traffickers, the fines could vary almost as much, if within a smaller range. Standard Chartered forfeited $227 million for illegal transactions with Iran, Sudan, Libya, and Burma.72 ING forfeited $619 million for engaging with Cuban and Iranian entities.73 HSBC paid $1.256 billion, and BNP Paribas paid $8.8 billion to the DOJ alone.74 It is worth considering whether, even if the agencies as a whole do not discriminate against foreign banks, the DOJ does. But the dollars paid to the Department in ‘total domestic’ versus ‘total foreign’ did not establish a significant difference between the domestic and foreign dollar amounts. The pie chart in Figure 2 show how the enforcement action penalties broke down by bank. Figure 2 Open in new tabDownload slide Figure 2 Open in new tabDownload slide The DOJ practiced viral enforcement. Wrongdoing at one institution often led to the discovery of similar sorts of wrongdoing at peer institutions and penalties that focused on one particular form of misconduct rather than on a relatively random set of instances of wrongdoing spread evenly across the largest financial institutions. The Swiss Tax Program exemplified this virality. The massive financial penalties that the DOJ has imposed on banks mean that the difference between enforcement actions by primary regulators against the big banks are smaller, and statistically significantly so, than those brought by secondary regulators. The average penalty imposed by a bank regulator during this period was $98 million; for non-bank regulators, big banks faced a $510 million average penalty per enforcement action. The differences were statistically significant at the 1 per cent level, with a p value of 0.0017 when all non-bank regulator penalties were taken into account, and a p value of 0.0007 when the bank regulators were compared only with the DOJ. 2. The SEC: a capital markets regulatory threat The Securities and Exchange Commission (SEC) enforces the nation’s securities laws and can be described as an anti-fraud and consumer protection agency.75 Never central to the regulation of financial institutions, the SEC had a disastrous time during the financial crisis supervising the capital adequacy standards of large investment banks, over which it then had jurisdiction, all of whom ran into trouble.76 The result was the elimination of the agency’s supervisory oversight.77 Nonetheless, the SEC proved to be a nuisance to financial institutions even without the power to police their capital adequacy. The agency secured large settlements with most of the largest banks active in the United States on the basis of inadequate financial crisis disclosures in an almost ceremonial way. Almost all large banks underwriting securities agreed to one of these settlements for one, and only one, tranche of housing-related securities they issued or underwrote during the wake of the financial crisis.78 More generally, the agency sanctions big banks frequently. The SEC settled 72 enforcement actions against big banks in the wake of the crisis, for a total of $3.2 billion in penalties. Many of those enforcement actions were against the broker-dealer employees who engaged in some form of fraud, if not to finance-related misconduct. a. The SEC’s enforcement powers As the Supreme Court noted, a fundamental purpose of the securities laws is ‘to substitute a philosophy of full disclosure for the philosophy of caveat emptor and thus to achieve a high standard of business ethics in the securities industry’.79 Part of that job has long involved policing the disclosures made by offerors or underwriters of securities, and because sophisticated banks are likely to both regularly offer securities and to underwrite them, they can often find themselves in the SEC’s cross-hairs.80 The SEC does not, however, have the power to conduct examinations of banks that serve as brokers or dealers, which, of course, dramatically distinguishes it from the banking regulators. Moreover, the SEC polices the securities markets differently than do the primary financial regulators. In bank supervision, the overarching goal is to ensure that banks are operated safely and soundly; the SEC has little interest in the safety and soundness of the entities it regulates, though it does impose margin requirements in some of the markets it oversees. The agency assumes, however, that many issuers, and even underwrites, will lose investors’ money. Instead, the paradigm is to facilitate accurate disclosure, in order to ensure that investors are informed about the risks of potential investments. As for remedies, the SEC enjoys a panoply of options. The agency can pursue remedies in either court or through administrative proceedings. Like other financial regulators, it has the power to issue cease-and-desist orders against defendants who violate securities laws. It can de-register firms or individuals registered with the agency, making it illegal for them to participate in the securities markets. For two specific remedies, the agency may file suit in court; a federal judge may issue an order pursuant to Section 21(d)(2) of the Securities Exchange Act, prohibiting a person from serving as an officer or director of a public company.81 The agency can seek to have a judge require forfeiture of incentive-based or stock-based compensation following a restatement of financial statements under Section 304 of Sarbanes-Oxley.82 Finally, the agency can impose substantial fines. The SEC’s ability to enter civil monetary penalties was, until the passage of Dodd-Frank, limited to registered persons or firms, but now reach anyone who violates the securities laws.83 Monetary penalties remain relatively small: up to $160,000 for individuals and $775,000 for corporations for each violation of the laws (the maximum number is adjusted for inflation), although the penalties can be imposed for each violation of the securities laws, a multiplier that can matter.84 In addition to the civil penalties, the statute provides that in any proceeding in which the SEC can impose a penalty, the Commission can also ‘enter an order requiring accounting and disgorgement’.85 Disgorgement can be punishingly large.86 The agency defines disgorgement as ‘the repayment of illegally gained profits (or avoided losses) for distribution to harmed investors whenever feasible’.87 In addition to making victims whole, it is intended to deprive a wrongdoer of ill-gotten gains.88 It views disgorgement as a critical deterrent to violations of the securities laws.89 The Supreme Court, however, has evinced some concerns about the amount of disgorgement possible, and although it recently reaffirmed the SEC’s ability to seek the remedy, it cut back on how far back disgorgement could reach.90 To this end, the SEC need only show that the amount sought is a ‘reasonable approximation of profits causally connected to the violation’.91 An order for disgorgement creates a personal liability for the defendant just as a civil penalty would, and the defendant must pay the disgorgement amount regardless of whether the defendant retained the proceeds of the violation.92 Moreover, the remedy reaches more than ill-gotten gains made through illegal trades. The SEC deems disgorgement to include salary earned during violation of the securities laws.93 It can even include the disgorgement of a benefit received by someone else.94 The SEC collects significantly more in disgorgement than it does in civil penalties. In fiscal year 2014, for example, the SEC collected $1.378 billion in penalties.95 But during this same period, the SEC collected more than twice as much in disgorgement of illegal profits: approximately $2.788 billion.96 Dodd-Frank increased the size of civil penalties available in the administrative forum, although these are still quite small.97 More importantly, it authorized the agency to seek to impose such penalties against anyone in violation of the securities laws, rather than only before entities and individuals registered with the SEC.98 And while the statutory penalties are small (though significant to individual respondents), the law provides that the SEC may seek disgorgement in any proceeding where it seeks a civil penalty.99 b. The SEC’s enforcement practices The SEC brought 72 actions against the largest banks during the period studied, a number slightly larger than that brought by the Fed and OCC. Two of the four most likely recipients of SEC enforcement actions were Swiss: there were 11 such actions against Credit Suisse, 14 against UBS, and 16 against Morgan Stanley. In all, 11 of the 30 SIFIs were the targets of SEC enforcement actions, including three European banks. These enforcement actions were drawn from NYU’s SEED database and then reviewed by hand. The most common form of proceeding went after the broker-dealer arms of the big banks, accounting for 22 of the total, while 14 enforcement actions were initiated against the banks’ investment advising practices. Interestingly, and driven by the SEC’s conclusion that there was widespread collusion and rate fixing in the municipal bond offering market, as well as its disapproval of the bank’s practice in selling municipal debt packaged as auction rate securities (the agency concluded that banks had misrepresented that the interest rate paid by the securities could vary dramatically at the next auction), 13 of the actions were driven by municipal bond offerings problems.100 Eleven cases targeted securities offered by the banks, most of which concerned the offerings of housing-related products to investors. The total amount of fines imposed by the agency amounted to $3,194,934,570, while the average fine weighed in at just under $63 million. Some were notably large. There was a $275 million fine imposed against Morgan Stanley for mistakes made during a securities offering, and a $196,511,014 fine against Credit Suisse for violating limits on the ability to provide cross-border brokerage and investment adviser services to US clients.101 Citigroup paid $285 million to settle a case about misleading investors about the collateralized debt obligation that went south during the financial crisis.102 The largest fine—$382,400,000—was paid by State Street for misleading clients by applying hidden mark-ups to foreign currency exchange trades.103 The other large custodial bank in the United States, Bank of New York Mellon, also paid a $163,022,207 settlement for the same sort of conduct.104 The SEC pursued big banks in a number of different ways after the passage of Dodd-Frank. The most common type of very large fine arrived at by the Commission and the financial institutions it pursued involved deceptive practices surrounding mortgage-backed securities packaged by the banks and sold to investors before the financial crisis. Morgan Stanley paid one of these fines, as did Citigroup and Bank of America. In other cases, the minor fines were related to the broker-dealer arms of these banks. UBS was fined $56,400 for its role in selling a small number of Puerto Rican bonds, for example.105 RBS was fined $120,000 for violating beneficial ownership reporting requirements.106 It is not clear what exactly constitutes merely a slap on the wrist, but the largest banks settled 23 matters with the SEC for $10 million or less, or 29 per cent of the enforcement actions brought against them during this period. 3. The CFTC: many cases, smaller fines The interesting thing about the record of the CFTC in the wake of the financial crisis is that it has been an active regulator of the most sophisticated financial institutions on a par with all of its counterparts with the exception of the DOJ. The CFTC filed 62 enforcement actions against the largest banks in the wake of Dodd Frank, matching the most aggressive of the other financial regulatory agencies. The $4.7 billion in fines it collected also matched that of the primary federal banking regulators and actually exceeded those imposed by the SEC. In doing so, one of the smallest regulators by headcount, and most narrow regulators by remit, established itself as a peer of its federal counterparts. The explanation is largely based on its conclusion that structured derivatives packaged by the largest banks had often contained inadequate disclosures, and wreaked serious havoc. It accordingly initiated enforcement actions in which the most sophisticated financial institutions that packaged these derivative packages entered into settlements for parts of their banking businesses that had rarely posed enforcement risks in the past. a. The CFTC’s enforcement powers Passed in the flurry of market reforms that followed the Great Depression, the legislation that eventually became the Commodity Exchange Act of 1936 (CEA) was intended to discourage speculation on commodity exchanges.107 The CEA, as amended, required all futures contracts to be traded on a regulated exchange with clearing mechanisms. Federal regulation of commodities trading began in earnest in 1974 with the passage of the Commodity Futures Trading Commission Act (CFTC Act).108 The CFTC Act created a new independent agency, the Commodity Futures Trading Commission (CFTC), with exclusive jurisdiction over commodity futures and options—a bifurcation almost unique to the United States between the securities markets regulator and the commodities markets regulator. The CFTC Act expanded the CEA’s definition of ‘commodity’ to include not just corn and wheat futures, but ‘all other goods and articles…and all services, rights, and interests in which contracts for future delivery are presently or in the future dealt in’.109 This amendment allowed exchange trading of futures contracts on virtually any underlying asset, including financial instruments. It also effectively banned off-exchange trading of those instruments. The CFTC was given the same sort of anti-fraud powers that the SEC was given, and the same ability to fund itself through fees from market participants.110 It also has similar powers to supervise investment advisers licensed to sell futures and swaps. And, though it took a while, the CFTC was given the power in Dodd-Frank to regulate the large part of the derivatives markets that did not involve trading in security-based swaps, which were left to the SEC.111 But the CFTC has always been much smaller than its securities-regulating counterpart, which has complicated its enforcement capabilities.112 b. The CFTC’s enforcement practices The CFTC is often thought of as an agency that handles individualized disputes between commodities brokers and their clients. And, to be sure, many of the cases it brought in the wake of the financial crisis concerned minor misconduct by brokers who happen to be affiliated with the biggest banks. The agency imposed six figure (which is low compared to its peers) penalties on Citibank and Bank of America for violations of its rules on position limits, which are designed to ensure that market makers are adequately hedged if a particular trade goes bad.113 It penalized a number of individual managers employed by the big banks during the same period, again with individualized sanctions that often included bars from brokering imposed on the employee, and a modest fine for the bank. In this way, the agency’s fines for its enforcement actions might be seen as asymmetric, given that a few outliers impose penalties that run into the hundreds of millions of dollars, while most of the enforcement actions impose fines that are below one million dollars and often focused on an individual employee in a large financial institution who had committed some variant of commodities fraud. While the agency filed the same number of enforcement actions against big banks and their employees in the wake of the financial crisis, the aggregate amount of fines imposed was half that of the bank regulators, and one eighth of the financial penalties imposed by the DOJ. The bigger penalties related to financial misconduct during and after the financial crisis, and often occurred within a short period of time. Over a week in November 2014, HSBC settled for $275 million, UBS settled a case for $290 million, and RBS settled for $290 million as well.114 In April and May 2015, Deutsche Bank settled a case for $800 million, Barclays settled one for $400 million and another on the same day for $115 million.115 The sense is of enforcement officials trying to close a number of outstanding matters at once, and the theme is one of a regulator acting against big banks engaged in fixing various rates underlying financial contracts. The CFTC went after UBS for manipulating a number of different benchmark rates,116 the 2014 settlements were based on manipulating foreign exchange benchmarks,117 and Deutsche Bank also was penalized for benchmark manipulation in 2015.118 All told, the CFTC enforced in a similar ballpark to the SEC, the OCC, and the Fed in numbers of enforcement actions, if not quite in total fines imposed. The little agency, as it turned out, posed a risk to financial firms, and the basis of enforcement for most of these financial institutions was based on a market-making business that was a small part of their portfolio, rather than something related to the bread-and-butter of banking—taking deposits and making loans. 4. The CFPB: a bark but not a bite The Consumer Financial Protection Bureau (CFPB) was created by Dodd-Frank in 2010 and is accordingly the youngest federal financial regulator. Fiercely opposed by the banking industry, the CFPB has not yet become—at least if enforcement matters against big banks are taken into account—that industry’s most dangerous adversary. It concluded 11 settlements with large banks between 2013 and 2016 (it brought no such actions against big banks before 2013); fewer than the other regulators of financial institutions. Its penalties assessed were dwarfed by those imposed by other secondary regulators like the SEC or the DOJ. In total, it awarded $1,228,095,000 in damages during the period, about 1 per cent of the total of financial penalties and settlements large banks paid. a. The CFPB’s enforcement powers The CFPB’s enforcement pattern poses different risks to the biggest banks—it covers different conduct than do the other regulators, and pursues cases of consumer protection, rather than fraud perpetrated on investors, risky practices, or criminal conduct. The agency draws this consumer protection mission from a panoply of statutes, including the Community Reinvestment Act, the Fair Trade Act, and a relatively unusual power created within Dodd-Frank itself.119 Most generally, the Bureau may sue ‘to impose a civil penalty or to seek all appropriate legal and equitable relief, including a permanent or temporary injunction’ against any financial institution who violates a federal consumer law.120 To enforce this mandate, it has primary, but shared, jurisdiction over large insured banks,121 secondary authority over smaller institutions,122 and shared authority with the Federal Trade Commission over institutions that do not receive deposits.123 It has been given some obligations under Title X of Dodd-Frank, which created the institution, and has taken over from the Fed the responsibility to administer the Community Reinvestment Act, which obligates banks to make loans in the geographic areas where they take deposits.124 Its enforcement measures against large banks has been driven by its power to prohibit unfair, deceptive or abusive acts or practices in the financial industry.125 Unfair and deceptive acts have been long defined at common law as something that government agencies can regulate and bring actions to prohibit.126 The fact that the CFPB also has the power to regulate ‘abusive’ financial practices, which has no common law precedent, has given it a quantum of flexibility in choosing its targets in the financial industry when deciding which to regulate.127 The scope of CFPB’s jurisdiction over banks varies depending on the size of an institution’s assets.128 For banks with more than $10 billion in assets, CFPB is now the primary regulator for consumer compliance, but safety and soundness regulation continues to be performed by the bank regulator. For those below the $10 billion threshold, the CFPB may make rules with which those banks must comply, but enforcement is left to the bank’s safety and soundness regulator—a limitation that does not matter for our study, as all the world’s largest banks hold much more than $10 billion in assets.129 Thus far, the agency’s targets have generally not included the largest and most systemically significant banks. To go slightly out of the sample, of the 210 enforcement actions taken by the CFPB before 2018, 18 have been lodged against big banks. The CFPB’s mandate puts it, at least in theory, at odds with the safety and soundness banking regulators. To put it most cynically, banks which are earning returns by abusing their clients are banks with a steady stream of income that makes them unlikely to fail and likely to be able to absorb shocks. In fact, the agency was created because of concern that the Fed and the OCC’s interest in safety and soundness made them relatively uninterested in consumer protection.130 This conflict should not be overstated, but it is interesting that the CFPB has not been an important part of the wolf pack phenomenon. The Fed and OCC could conclude that a bank engaged in abusive practices when it comes to its customers is a bank with inadequate supervision or controls in place. In other words, they could have joined a CFPB enforcement measure in the way that they joined wolf packs led by the DOJ, but they did not. b. The CFPB’s enforcement practices If the creation of the agency was meant to unleash a consumer protection regulator against the largest banks, it is fair to say that the CFPB has been cautious, at least compared to the number and amount of fines and actions brought by the other financial regulators. The CFPB was a moderately active enforcer against the largest banks, based on a review of all the enforcement actions taken since its founding. Against those firms, it filed 18 actions between its creation and the end of 2016. Some of those actions were parallel proceedings, meaning that multiple complaints settled on the same day. The Bureau most sanctioned Wells Fargo, bringing seven proceedings against it or its employees. It brought four cases against JPMorgan Chase, two against Bank of America, one against Santander, and two against an affiliate of the Royal Bank of Scotland. Many of its actions against these banks involved corporate policies that threatened to unfairly disadvantage consumers. In response, the agency often sought a change in practices, rather than a high dollar fine. The result was that firms would commit to changing their oversight and guidance, and promise to report to the agency, without, in many cases, paying a civil monetary or disgorgement penalty. For example, in one 2015 case, the CFPB sanctioned both Wells Fargo, a Wells Fargo employee, and JPMorgan Chase, who employed bankers who did deals with the Wells Fargo employee, for engaging in a scheme to exchange marketing services for referrals of settlement service businesses in connection with consumer home mortgage transactions, in violation of a real estate settlement procedures statute designed to protect consumers.131 The remedy involved not money, but a promise of better oversight. It sanctioned RBS, for example, for deceptive deposit processing practices in 2015.132 In 2016, Wells Fargo was sanctioned for unfair practices in payment allocation, payment aggregation, and late fee assessments, and for unfair practices in marketing.133 Bank of America was sanctioned for unfair practices in the credit protection services it offers clients in default.134 In some cases, the Bureau did impose fines, but against the largest banks, those fines were much less substantial than the fines impose by other regulators. For example, Santander was fined $10 million for its overdraft fee policies in 2015, while RBS agreed to devote $11 million to compensate customers affected by the illegal deposit processing practices of its Pennsylvania affiliate.135 In general, the CFPB was most likely to fine large banks for unfair, deceptive, or abusive practices, which is the most standard of its bases for regulation. It rarely imposed a monitor or some other form of third-party verification—practices that banks dislike because of the expense and the prospect that the third party verifier may identify some other basis for enforcement in the future. 5. Anti-terrorism financial regulators: the hands-off enforcers The final secondary financial regulators of note include the anti-terrorism and the anti-money laundering components of the Department of the Treasury. These offices have been charged with ensuring that banks are not financing foreign adversaries, or criminal or terrorist enterprises, and that they are doing their duty to track such enterprises before they can offer funding to those who would do harm to the United States and its interests. This requires banks to conduct extensive know your customer (KYC) due diligence and to make sure that large deposits or withdrawals are not permitted without some tracking.136 This enforcement process requires banks to file suspicious activity reports and currency transaction reports.137 It has been a real constraint in the way that banks do business, but it is designed not to reach or affect the average customer. Instead, the purpose of the Office of Foreign Assets Control (OFAC) and the Financial Crimes Enforcement Network (FinCEN) is to collect information and create blacklists that limit the ability of nefarious would-be banking clients from using the financial system to realize their schemes.138 These offices are increasingly important financial regulators, which are making a geopolitical impact. They oversee the sanctions on Russian oligarchs deemed to be close enough to President Vladimir Putin to possibly deter Russia from too much adventuring in other former republics of the Soviet Union.139 Their work was central to the American strategy to isolate Iran for its nuclear weapons programme; by most accounts the United States effectively isolated the country from the global financial markets.140 Nonetheless their impact on big banks, at least when acting alone, has been muted. OFAC and FinCEN often turn over cases to the DOJ for criminal prosecution. Big banks settle those cases quickly, and, as we have seen, frequently very expensively. But they occasionally—12 times between the passage of Dodd-Frank and the end of 2016—enter into their own settlements with big banks, as their announcements of enforcement actions reveals. a. OFAC’s powers and practices The Office of Foreign Assets Control (OFAC), housed in the Treasury Department, administers sanctions against individuals and companies that violate economic sanctions on business with foreign countries, and is part of the Office of Terrorism and Financial Intelligence.141 OFAC publicizes its notable settlements, and because it can be assumed that any settlement with the big bank would end up on this list, we use it to identify cases of interest.142 Considered in isolation, the interesting thing about OFAC settlements with big banks is that they are global—OFAC has never entered an agreement with a bank twice since the financial crisis, and its agreements tend to cover a large number of violations, often over unrelated failures to police transactions with beneficiaries in enemy countries like Cuba, the Sudan, and Iran. American companies can be fined when they do business with people or companies in countries that are under sanction, but OFAC also has a substantial extraterritorial effect as well, particularly for firms that facilitate the evasion of sanctions and that make use of the dollar markets to do so—which includes almost any financial institution. Fines vary widely and can be quite steep. OFAC issues enforcement actions against banks as well as other types of companies, like pharmaceutical companies, medical technology companies, or seed exporters.143 The agency does not announce many enforcement actions per year, but for the 10 settlements with large banks announced in the wake of the financial crisis, it appears that the agency went through a purple patch between June 2012 and October 2015; eight of the total were included then.144 For example, consider OFAC enforcement action against Bank of America in 2014.145 Bank of America agreed to remit $16,562,700 to settle potential civil liability for 213 violations of narcotics and reporting regulations.146 Specifically, Bank of America processed transactions for Specially Designated Nationals and Blocked Persons and Specially Designated Narcotics Traffickers.147 OFAC also determined that 79 of the transactions that Bank of America processed were egregious violations, because the bank was aware of the deficiencies in their OFAC screening tool, but did not report or remedy the problem.148 Mitigation was also extended because Bank of America took substantial remedial action by correcting the deficiency that led to the violations; rescreened its customer database; upgraded its OFAC screening tool and re-trained its OFAC compliance personnel; and conducted an internal investigation of the conduct that resulted in the violations.149 Likely because of the significant remedial action, the agreement did not include any mandatory measures that Bank of America had to take, aside from paying the fine. b. FinCEN’s powers and practices The Financial Crimes Enforcement Network (FinCEN), also housed within the Treasury Department as a free-standing bureau, works to prevent money laundering and to promote national security in the banking system.150 FinCEN enforces the Bank Secrecy Act (BSA), as amended by the USA PATRIOT Act, and may bring enforcement actions for violations of the reporting, recordkeeping, and other requirements of the BSA.151 FinCEN does not issue many enforcement actions (usually under 10 per year), and the targets of the regulator’s ire are varied, if all financial—casinos, payments processors, and credit cards have all been sanctioned in the last decade.152 Between the passage of Dodd-Frank and the end of 2016, FinCEN brought two enforcement actions against G-SIFIs.153 This modest enforcement record should not obscure the fact that FinCEN, like OFAC, often provides the predicate for criminal cases brought by the DOJ that can lead to serious sanctions. For its own part, FinCEN announces rare but expensive settlements. In 2014, FinCEN settled an enforcement action with JPMorgan.154 JPMorgan agreed to pay a $461 million civil penalty for failing to detect and report suspicious transactions in connection with Bernie Madoff’s investment scheme.155 Aside from paying the penalty and admitting to the violations, JP Morgan was not required to take any other remedial actions or enter into a DPA. In 2012, FinCEN settled with HSBC over a raft of failures to comply with the BSA, ranging from inadequate monitoring of clients and correspondent banks, to insufficient due diligence, to a failure to file suspicious activity reports on transactions where such reports were required.156 The penalty was stiff—$500 million all told—in addition to entry into a DPA with the DOJ, and the look and feel was similar to other DOJ AML/BSA settlements, in that the government expected the bank, once it had identified a few problems, to root out all its other issues and enter into a global settlement. V. THEMES OF ENFORCEMENT AGAINST BIG BANKS Banks tend to wrap up much of their misconduct in a single settlement—a ‘one and done’ practice. Their regulatory risk comes from across the financial regulatory firmament. One can nonetheless identify some themes in enforcement. 1. Going big a. Outliers Perhaps it is unsurprising, but it is worth emphasizing that of all the enforcement actions collected, banks face the most risk from the ‘big’ ones. In many cases, the agencies either include no financial penalty in the enforcement action or only a modest one. A lot of the action when it comes to penalties comes from the big fines. For example, the $500 million to $10 billion to per penalty range accounts for only 9 per cent of the actions against domestic big banks, but 57 per cent of the total amount that banks paid to their government regulator. This is another way of saying that enforcement actions were somewhat asymmetric—many of them involved small penalties and presumably could be handled by banks as ordinary costs of doing business, while some really affected the bottom line balance sheets of the banks.157 Another way to look at this is to consider box plots, which show how far the outlier penalties veered from the middle 50 per cent. See Figure 3. Figure 3 Open in new tabDownload slide Figure 3 Open in new tabDownload slide b. Setting records Many of these big enforcement actions also, of course, gathered headlines and other forms of attention. During the aftermath of the financial crisis, agencies regularly broke the record that they had previously set for the maximum penalty paid by any single institution for any single enforcement action. The SEC, for example, regularly announced that it was doing this. And all of this was nothing compared the criminal prosecutions. All told, the DOJ was a real outlier when it came to financial penalties for big financial institutions. A simple count of the number of enforcement actions and the dollars imposed is instructive. The DOJ matched its regulatory counterparts in actions brought, but it dwarfed them in sanctions sought. The Department’s overwhelming superiority can be seen by the more egalitarian vision practised by the following chart. See Figures 4 and 5. Figure 4 Open in new tabDownload slide Figure 4 Open in new tabDownload slide Figure 5 Open in new tabDownload slide Figure 5 Open in new tabDownload slide 2. Hunting in packs and going viral Big banks have increasingly faced sanctions from regulators working in packs, often led by the Fed, which takes a broad view of what counts in ensuring that the banks it regulates are safe and sound, and which is pairs its big fines with extensive reporting requirements. The DOJ’s financial dominance, at least when it comes to penalties, is something on which we have remarked, but it is worth remembering. Of course, the largest banks have to spend a lot of time worrying about the supervision of their primary regulator. But when it comes to formal enforcement actions—and such actions are the only way to fine a bank—the DOJ’s settlements dwarf the rest. But the Fed is not alone in working with other regulators. DOJ settlements often were paired with settlements with the SEC, state banking regulators or prosecutors, and others. When ING settled allegations that it had, among other things, laundered money for Cuba, it paid a $309.5 million fine to DOJ and a $309.5 million fine to the Manhattan District Attorney.158 HSBC’s failure to prevent money laundering led to a dizzying array of fines: $1.256 billion and a DPA with the DOJ (which satisfied a $375 million penalty sought by FinCEN), $500 million to the OCC, which also satisfied an OFAC penalty, and $165 million to the Federal Reserve.159 In Foreign Corrupt Practices Act (FCPA) cases, the SEC and the DOJ will often both pile on, too, as both agencies have jurisdiction over foreign corrupt practices—for the SEC, this is because part of the statute concerns the maintenance of books and records in a way that accurately account for the payments made to foreign governments by publicly traded companies.160 At least two agencies announced enforcement actions on the same date 36 times between the passage of Dodd Frank and the end of 2016. On 20 May 2015, for example, Barclays was fined $400 million and $115 million (two separate cases) by CFTC and $650 million by the DOJ for foreign exchange benchmark fixing—a conspiracy it entered into with a number of other banks. On the same day, JP Morgan was fined $550 million by the DOJ and $342 million by the Fed for the same misconduct, UBS was fined $203 million by the DOJ and $342 million by the Fed, and RBS was fined $395 million by the DOJ and $274 million by the Fed. For violating the American sanctions regime, on 11 December 2012, HSBC was fined $375 million by OFAC, $1.256 billion by the DOJ, and $165 million by the Fed. One day earlier, Standard Chartered was fined $132 million by OFAC, $227 million by the DOJ, $200 million and $0 by CFTC (two separate cases), and $100 million and $0 by the Fed (two separate cases). The list could go on. On 21 August 2014, Bank of America settled with the DOJ for $16.65 billion and $20 million with the SEC for its role in misrepresenting the contents of various residential mortgage backed securities. In most of those, the agencies extracted penalties, although twice both enforcement actions did not require payments but rather a change in the conduct of the defendant bank. The total amount of penalties imposed in these multiagency enforcement actions came to $44.6 billion, which is 35 per cent of the $125.7 billion in total penalties imposed on big banks during this period. The stacked bar chart in Figure 6 identifies the penalties imposed. Figure 6 Open in new tabDownload slide Figure 6 Open in new tabDownload slide The ‘hunting in packs’ phenomenon has resulted in complaints from the defence bar, and those complaints appear to have found some sort of an audience within the Department itself. In a November 2017 speech, Deputy Attorney General Rob Rosenstein announced a policy (to take effect in May 2018) in which the DOJ would coordinate with other enforcement agencies in order to ‘help avoid duplicative and unwarranted payments’.161 The memo signals a renewed commitment to coordination, and the law firm Gibson Dunn thinks that it has observed the effects of the memo in the Department’s 2018 settlements.162 For example, in 2014, the Fed imposed a $508 million penalty against BNP Paribas, its largest ever penalty, also on safety and soundness grounds. It also required an audit and a review of the French bank’s internal controls. The Fed’s fine comprised only part of the $8.97 billion in penalties assessed in total by American regulators for the same conduct. For the broad foreign exchange benchmark manipulation scheme, the CFTC, the DOJ, and foreign regulators have imposed fines along with the Fed. Six different regulators were involved in the fines surrounding BNP Paribas’s sanctions evasion programme. BNP Paribas’s experience illustrates the way that financial regulators increasingly hunted in packs, and imposed large fines for the violations of different laws for the same sort of misconduct. This prospect of risk from multiple regulators is a phenomenon that must increasingly occupy the attention of the largest banks; it shows how even limited enforcement can be threatening because of the number of fines imposed by different of American regulators in any one case. In addition, enforcement against big banks will often take programmatic forms. In this article, this is characterized as viral enforcement, because often a regulator will make a particular kind of case against one bank and, either contemporaneously or in succession, build a similar case against other financial institutions. The DOJ had two particularly narrow examples of this—big banks were particularly likely to settle disputes over the advice they had given to clients of Swiss banks that looked to the government like how-to guides for tax evasion, and a number of banks were penalized for the way they treated members of the military. But other regulators also exhibited viral enforcement. The SEC brought one fifth of its enforcement actions based on misconduct in the sleepy municipal bond market. Both the Fed and the OCC, for understandable reasons, sanctioned banks that serviced mortgages over the way they had treated their customers, and developed a well-funded relief programme, paid for by the banks, to ameliorate the misconduct. This sort of virality is probably a good way to think about all agencies (in contrast, wolf packs are probably only a good way to think to about regulators with overlapping jurisdictions, which, as we have seen, is a feature of financial regulation). Enforcement will sometimes prioritize cases that agency leadership wants to prioritize, but often agencies will return to the same well, and pursue what worked against one firm in an industry against that firm’s peers. There are advantages to viral enforcement—done comprehensively, it offers a measure of consistency. But it also means that there is an element of randomness at work in the enforcement practices of regulators, who will sometimes hit on a particular sort of misconduct, with employees of those regulators building a team and even a career on pursuing it elsewhere. 3. Foreign banks: treated somewhat equally Foreign banks have often complained of particularly rough treatment by American regulators, and they have some reason to do so—but without, in the end, a very compelling case. Conditional on the number of American assets held, foreign banks pay more penalties to American regulators than do American banks, but the differences are only directional, and not significant, at least per paired sample t-tests. In all, foreign banks paid approximately $38 billion in penalties, while domestic banks paid approximately $96 billion over the same period. America’s four largest banks paid the most penalties as a percentage of the total value of their American assets, more than any of the other banks. As Table 1 shows, with admittedly modest controls in place, American-headquartered institutions were more likely to pay a higher percentage of their assets in penalties than were foreign institutions. Penalties and enforcement actions per bank, controlling for market share Table 1 Penalties and enforcement actions per bank, controlling for market share |$\includegraphics{\bwartpath fjab005t1}$| |$\includegraphics{\bwartpath fjab005t1}$| Open in new tab Table 1 Penalties and enforcement actions per bank, controlling for market share |$\includegraphics{\bwartpath fjab005t1}$| |$\includegraphics{\bwartpath fjab005t1}$| Open in new tab It is true that some agencies ‘skewed foreign’. The Fed sanctioned foreign institutions more than did the OCC—but that is a function of the Fed’s relatively clear jurisdictional authority over offshore banks with onshore businesses, or at least this appears to be the case. The DOJ also did not particularly discriminate against foreign financial institutions. Again, simple t tests did not suggest that foreign banks received different treatment at a statistically significant degree than did their large domestic counterparties. American banking regulation has no shortage of controversies, but at least in this area, the claim that it is being used as a trade barrier or political tool against foreign institutions has not yet been proven. One of the drivers of international cooperation in regulation—a real issue—has been concern on the part of banks that there be a level playing field.163 The idea is that foreign banks should not be discriminated against in favour of domestic banks by the government. Suspicions about this discrimination are ubiquitous, but it is a relief to see that, at least in banking, it is not clear that the arms of government are protecting their domestic constituents. VI. CONCLUSION I conclude this article not with a laundry list of recommendations designed to match each of the phenomena teased from the actual enforcement practices of agencies, but with one modest suggestion. Prescriptively, one could imagine wolf packs being addressed by multi-agency coordinating committees. Normatively, there might be room for a meditation on the fairness of viral enforcement programs. I will instead focus on an administrative option: prosecutors could commit to consultations with safety and soundness regulators before pursuing indictments. One reason I limit my recommendations to a consultation option is because of the difficulties of drawing normative conclusions from a descriptive account of bank enforcement. Are these regulators regulating at the ‘right’ level? We cannot know for sure because we do not know how many cases they could have brought, but did not, or how much undiscovered misconduct is happening in big banks. The problem of unobserved data is particularly acute when it comes to evaluating the quality of the government’s oversight of large financial institutions by looking only at publicized enforcement actions. Supervision involves a vast array of informal, as well as formal, sanctions. Few of these informal actions are made public, and so an analysis of the formal enforcement actions against large banks gives only a partial picture of the quality and intensity of their oversight by the Fed and the OCC. But with these cautions in place, I would join those who worry about white collar overcriminalization.164 That overcriminalization has not, for large banks, resulted in barbarously long sentences for individual defendants.165 But criminal prosecution has become the focus of the overwhelming majority of fines and penalties paid by financial institutions. A general counsel of a large bank worried about regulatory risk as expressed by dollars paid to the government is going to spend much more time on non-core regulatory compliance priorities like anti-money laundering, sanctions compliance, and foreign corrupt practices, than on safety and soundness and consumer protections. That focus would be suboptimal. Pierre Verdier has argued that prosecutors are the most important focus of governmental sanctions of financial institutions, and if he is right about that, then the balance of regulatory oversight has gone wrong.166 Because the DOJ’s enforcement priorities are focused on national security and criminal law matters, the temptation to draft banks into never-ending wars on terror, and campaigns against rogue nations, must be strong. It is not clear, however, that fining large banks for being insufficiently attentive to this mission is good policy, or that it has created the right mix of incentives for financial institutions. At the very least, there are reasons to be cautious of handing so much power over any regulated industry to administratively unaccountable prosecutors. Rachel Barkow has bewailed the unreviewed flexibility the prosecutors enjoy when arranging pleas.167 Rick Bierschbach and Stephanos Bibas have also decried the outsized discretion in criminal law charging.168 It is possible that banks find criminal prosecutions to be a painful sideshow and focus on, as their primary regulators ask, remaining resilient to shocks—this article can only demonstrate that when it comes to penalties, it is the DOJ that dwarfs all comers. But it is also possible—and perhaps even likely—that the risk of prosecution distracts banks, as well as regulators, from safety and soundness. That would make safety and soundness a less important part of the compliance agendas of large banks. But safety and soundness is the point of banking regulation—it is only because banks are potentially dangerous that we regulate them the way we do, with intrusive inspections arranged by powerful and independent agencies, layered on capital rules and stress tests designed to insulate the banks from shocks. One way to address this mismatch in financial regulation would be to establish a norm of consultation by criminal prosecutors with financial regulators before criminal indictments are filed, or settlements pursued. A consultation requirement need not mean that financial regulators would become the gatekeepers of criminal misconduct at banks, with a veto power over indictments. Nor does consultation mean that financial regulators would have to build cases before action from prosecutors could be taken. Criminal prosecutors and Treasury could build the anti-money laundering cases that they want to bring. But at the point at which they are ready to bring them, a consultation would offer some context—a sense that they are not the most important regulatory facts in the life of a big bank, but rather are supplementary regulators. Consultation is not perfect, to be sure. Banks incur expenses responding to investigations and developing internal controls—which indeed may be where much of the compliance action takes place—and so might devote disproportionate compliance resources to national security and anti-money laundering even with a regime of consultation-before-indictment. We can live in hope that something like this consultation requirement has already been established, but the enforcement record does not reveal it. The DOJ, the Fed and the OCC could publish a memorandum of understanding publicizing this consultation requirement, and this consultation mandate would improve big bank enforcement. A. APPENDIX Enforcement actions per bank Table A1 Enforcement actions per bank . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America 1 1 9 4 8 0 24 1 0 48 Bank of China 0 0 0 1 0 0 1 0 0 2 Bank of New York Mellon 0 2 0 1 2 0 0 0 0 5 Barclays 0 10 3 3 3 1 0 1 0 21 BNP Paribas 0 1 4 2 0 0 0 1 0 8 China Construction Bank Corporation 0 0 0 1 0 0 0 0 0 1 Citigroup 2 3 5 5 7 0 0 0 0 22 Credit Agricole 0 0 2 0 0 0 0 1 0 3 Credit Suisse 0 1 2 3 7 0 0 0 0 13 Deutsche Bank 0 3 2 1 3 0 0 0 0 9 Goldman Sachs 0 3 1 5 0 0 0 0 0 9 HSBC 0 1 3 6 1 1 13 1 1 27 ING 0 8 1 0 0 0 0 1 0 10 JP Morgan Chase 3 8 9 9 8 0 6 1 1 45 Mitsubishi 0 0 0 0 1 2 0 0 0 3 Mizuho 0 1 0 0 1 0 0 0 0 2 Morgan Stanley 0 7 3 2 7 0 0 0 0 19 RBS 0 2 3 3 2 0 0 1 0 11 Santander 1 0 1 2 0 1 6 0 0 11 Societe Generale 0 1 1 0 1 0 0 0 0 3 Standard Chartered 0 2 2 2 0 0 0 1 0 7 State Street 0 0 1 0 2 0 0 0 0 3 UBS 0 2 3 2 13 0 0 1 0 21 Wells Fargo 4 6 9 4 6 0 20 0 0 49 Totals 11 62 64 56 72 5 70 10 2 352 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America 1 1 9 4 8 0 24 1 0 48 Bank of China 0 0 0 1 0 0 1 0 0 2 Bank of New York Mellon 0 2 0 1 2 0 0 0 0 5 Barclays 0 10 3 3 3 1 0 1 0 21 BNP Paribas 0 1 4 2 0 0 0 1 0 8 China Construction Bank Corporation 0 0 0 1 0 0 0 0 0 1 Citigroup 2 3 5 5 7 0 0 0 0 22 Credit Agricole 0 0 2 0 0 0 0 1 0 3 Credit Suisse 0 1 2 3 7 0 0 0 0 13 Deutsche Bank 0 3 2 1 3 0 0 0 0 9 Goldman Sachs 0 3 1 5 0 0 0 0 0 9 HSBC 0 1 3 6 1 1 13 1 1 27 ING 0 8 1 0 0 0 0 1 0 10 JP Morgan Chase 3 8 9 9 8 0 6 1 1 45 Mitsubishi 0 0 0 0 1 2 0 0 0 3 Mizuho 0 1 0 0 1 0 0 0 0 2 Morgan Stanley 0 7 3 2 7 0 0 0 0 19 RBS 0 2 3 3 2 0 0 1 0 11 Santander 1 0 1 2 0 1 6 0 0 11 Societe Generale 0 1 1 0 1 0 0 0 0 3 Standard Chartered 0 2 2 2 0 0 0 1 0 7 State Street 0 0 1 0 2 0 0 0 0 3 UBS 0 2 3 2 13 0 0 1 0 21 Wells Fargo 4 6 9 4 6 0 20 0 0 49 Totals 11 62 64 56 72 5 70 10 2 352 Open in new tab Table A1 Enforcement actions per bank . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America 1 1 9 4 8 0 24 1 0 48 Bank of China 0 0 0 1 0 0 1 0 0 2 Bank of New York Mellon 0 2 0 1 2 0 0 0 0 5 Barclays 0 10 3 3 3 1 0 1 0 21 BNP Paribas 0 1 4 2 0 0 0 1 0 8 China Construction Bank Corporation 0 0 0 1 0 0 0 0 0 1 Citigroup 2 3 5 5 7 0 0 0 0 22 Credit Agricole 0 0 2 0 0 0 0 1 0 3 Credit Suisse 0 1 2 3 7 0 0 0 0 13 Deutsche Bank 0 3 2 1 3 0 0 0 0 9 Goldman Sachs 0 3 1 5 0 0 0 0 0 9 HSBC 0 1 3 6 1 1 13 1 1 27 ING 0 8 1 0 0 0 0 1 0 10 JP Morgan Chase 3 8 9 9 8 0 6 1 1 45 Mitsubishi 0 0 0 0 1 2 0 0 0 3 Mizuho 0 1 0 0 1 0 0 0 0 2 Morgan Stanley 0 7 3 2 7 0 0 0 0 19 RBS 0 2 3 3 2 0 0 1 0 11 Santander 1 0 1 2 0 1 6 0 0 11 Societe Generale 0 1 1 0 1 0 0 0 0 3 Standard Chartered 0 2 2 2 0 0 0 1 0 7 State Street 0 0 1 0 2 0 0 0 0 3 UBS 0 2 3 2 13 0 0 1 0 21 Wells Fargo 4 6 9 4 6 0 20 0 0 49 Totals 11 62 64 56 72 5 70 10 2 352 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America 1 1 9 4 8 0 24 1 0 48 Bank of China 0 0 0 1 0 0 1 0 0 2 Bank of New York Mellon 0 2 0 1 2 0 0 0 0 5 Barclays 0 10 3 3 3 1 0 1 0 21 BNP Paribas 0 1 4 2 0 0 0 1 0 8 China Construction Bank Corporation 0 0 0 1 0 0 0 0 0 1 Citigroup 2 3 5 5 7 0 0 0 0 22 Credit Agricole 0 0 2 0 0 0 0 1 0 3 Credit Suisse 0 1 2 3 7 0 0 0 0 13 Deutsche Bank 0 3 2 1 3 0 0 0 0 9 Goldman Sachs 0 3 1 5 0 0 0 0 0 9 HSBC 0 1 3 6 1 1 13 1 1 27 ING 0 8 1 0 0 0 0 1 0 10 JP Morgan Chase 3 8 9 9 8 0 6 1 1 45 Mitsubishi 0 0 0 0 1 2 0 0 0 3 Mizuho 0 1 0 0 1 0 0 0 0 2 Morgan Stanley 0 7 3 2 7 0 0 0 0 19 RBS 0 2 3 3 2 0 0 1 0 11 Santander 1 0 1 2 0 1 6 0 0 11 Societe Generale 0 1 1 0 1 0 0 0 0 3 Standard Chartered 0 2 2 2 0 0 0 1 0 7 State Street 0 0 1 0 2 0 0 0 0 3 UBS 0 2 3 2 13 0 0 1 0 21 Wells Fargo 4 6 9 4 6 0 20 0 0 49 Totals 11 62 64 56 72 5 70 10 2 352 Open in new tab Penalties paid per bank Table A2 Penalties paid per bank . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America $235,000,000 $1,200,000 $29,724,586,323 $300,450,707 $296,610,810 $0 $1,610,900,009 $16,562,700 $0 $32,185,310,549 Bank of China $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Bank of New York Mellon $0 $665,968,174 $0 $6,000,000 $177,822,207 $0 $0 $0 $0 $849,790,381 Barclays $0 $773,336,174 $959,000,000 $342,000,000 $50,500,000 $425,000 $0 $176,000,000 $0 $2,301,261,174 BNP Paribas $0 $140,000 $18,086,983,000 $508,000,000 $0 $0 $0 $963,619,900 $0 $19,558,742,900 China Construction Bank Corporation $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Citigroup $788,000,000 $175,875,000 $11,655,882,624 $364,000,000 $577,500,001 $0 $0 $0 $0 $13,561,257,625 Credit Agricole $0 $0 $411,211,000 $0 $0 $0 $0 $329,593,585 $0 $740,804,585 Credit Suisse $0 $665,000 $3,736,500,000 $100,000,000 $449,323,937 $0 $0 $0 $0 $4,286,488,937 Deutsche Bank $0 $803,060,000 $806,000,000 $58,000,000 $83,000,000 $0 $0 $0 $0 $1,750,060,000 Goldman Sachs $0 $122,000,000 $5,060,000,000 $171,637,500 $0 $0 $0 $0 $0 $5,353,637,500 HSBC $0 $275,000,000 $1,726,434,500 $545,901,413 $12,538,736 $0 $659,950,707 $375,000,000 $500,000,000 $4,094,825,356 ING $0 $54,095,064 $309,500,000 $0 $0 $0 $0 $619,000,000 $0 $982,595,064 JP Morgan Chase $100,000,000 $47,193,457 $14,395,895,667 $3,037,382,841 $551,739,559 $0 $1,980,450,340 $88,300,000 $461,000,000 $20,661,961,864 Mitsubishi $0 $0 $0 $0 $20,000 $0 $0 $0 $0 $20,000 Mizuho $0 $175,000 $0 $0 $127,517,330 $0 $0 $0 $0 $127,692,330 Morgan Stanley $0 $8,300,982 $2,607,300,000 $97,000,000 $297,500,000 $0 $0 $0 $0 $3,010,100,982 RBS $0 $615,000,000 $695,000,000 $324,000,000 $153,874,774 $0 $0 $33,122,307 $0 $1,820,997,081 Santander $1,000,000 $0 $9,350,000 $0 $0 $0 $25,486,180 $0 $0 $35,836,180 Societe Generale $0 $450,000 $1,363,000 $0 $1,011,093 $0 $0 $0 $0 $2,824,093 Standard Chartered $0 $200,000,000 $233,337,000 $100,000,000 $0 $0 $0 $132,000,000 $0 $665,337,000 State Street $0 $0 $155,000,000 $0 $179,369,417 $0 $0 $0 $0 $334,369,417 UBS $0 $990,000,000 $863,000,000 $342,000,000 $219,235,134 $0 $0 $1,700,100 $0 $2,415,935,234 Wells Fargo $104,095,000 $4,622,987 $8,545,645,154 $172,000,000 $17,371,572 $0 $2,147,659,194 $0 $0 $10,991,393,907 Totals $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America $235,000,000 $1,200,000 $29,724,586,323 $300,450,707 $296,610,810 $0 $1,610,900,009 $16,562,700 $0 $32,185,310,549 Bank of China $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Bank of New York Mellon $0 $665,968,174 $0 $6,000,000 $177,822,207 $0 $0 $0 $0 $849,790,381 Barclays $0 $773,336,174 $959,000,000 $342,000,000 $50,500,000 $425,000 $0 $176,000,000 $0 $2,301,261,174 BNP Paribas $0 $140,000 $18,086,983,000 $508,000,000 $0 $0 $0 $963,619,900 $0 $19,558,742,900 China Construction Bank Corporation $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Citigroup $788,000,000 $175,875,000 $11,655,882,624 $364,000,000 $577,500,001 $0 $0 $0 $0 $13,561,257,625 Credit Agricole $0 $0 $411,211,000 $0 $0 $0 $0 $329,593,585 $0 $740,804,585 Credit Suisse $0 $665,000 $3,736,500,000 $100,000,000 $449,323,937 $0 $0 $0 $0 $4,286,488,937 Deutsche Bank $0 $803,060,000 $806,000,000 $58,000,000 $83,000,000 $0 $0 $0 $0 $1,750,060,000 Goldman Sachs $0 $122,000,000 $5,060,000,000 $171,637,500 $0 $0 $0 $0 $0 $5,353,637,500 HSBC $0 $275,000,000 $1,726,434,500 $545,901,413 $12,538,736 $0 $659,950,707 $375,000,000 $500,000,000 $4,094,825,356 ING $0 $54,095,064 $309,500,000 $0 $0 $0 $0 $619,000,000 $0 $982,595,064 JP Morgan Chase $100,000,000 $47,193,457 $14,395,895,667 $3,037,382,841 $551,739,559 $0 $1,980,450,340 $88,300,000 $461,000,000 $20,661,961,864 Mitsubishi $0 $0 $0 $0 $20,000 $0 $0 $0 $0 $20,000 Mizuho $0 $175,000 $0 $0 $127,517,330 $0 $0 $0 $0 $127,692,330 Morgan Stanley $0 $8,300,982 $2,607,300,000 $97,000,000 $297,500,000 $0 $0 $0 $0 $3,010,100,982 RBS $0 $615,000,000 $695,000,000 $324,000,000 $153,874,774 $0 $0 $33,122,307 $0 $1,820,997,081 Santander $1,000,000 $0 $9,350,000 $0 $0 $0 $25,486,180 $0 $0 $35,836,180 Societe Generale $0 $450,000 $1,363,000 $0 $1,011,093 $0 $0 $0 $0 $2,824,093 Standard Chartered $0 $200,000,000 $233,337,000 $100,000,000 $0 $0 $0 $132,000,000 $0 $665,337,000 State Street $0 $0 $155,000,000 $0 $179,369,417 $0 $0 $0 $0 $334,369,417 UBS $0 $990,000,000 $863,000,000 $342,000,000 $219,235,134 $0 $0 $1,700,100 $0 $2,415,935,234 Wells Fargo $104,095,000 $4,622,987 $8,545,645,154 $172,000,000 $17,371,572 $0 $2,147,659,194 $0 $0 $10,991,393,907 Totals $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 Open in new tab Table A2 Penalties paid per bank . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America $235,000,000 $1,200,000 $29,724,586,323 $300,450,707 $296,610,810 $0 $1,610,900,009 $16,562,700 $0 $32,185,310,549 Bank of China $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Bank of New York Mellon $0 $665,968,174 $0 $6,000,000 $177,822,207 $0 $0 $0 $0 $849,790,381 Barclays $0 $773,336,174 $959,000,000 $342,000,000 $50,500,000 $425,000 $0 $176,000,000 $0 $2,301,261,174 BNP Paribas $0 $140,000 $18,086,983,000 $508,000,000 $0 $0 $0 $963,619,900 $0 $19,558,742,900 China Construction Bank Corporation $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Citigroup $788,000,000 $175,875,000 $11,655,882,624 $364,000,000 $577,500,001 $0 $0 $0 $0 $13,561,257,625 Credit Agricole $0 $0 $411,211,000 $0 $0 $0 $0 $329,593,585 $0 $740,804,585 Credit Suisse $0 $665,000 $3,736,500,000 $100,000,000 $449,323,937 $0 $0 $0 $0 $4,286,488,937 Deutsche Bank $0 $803,060,000 $806,000,000 $58,000,000 $83,000,000 $0 $0 $0 $0 $1,750,060,000 Goldman Sachs $0 $122,000,000 $5,060,000,000 $171,637,500 $0 $0 $0 $0 $0 $5,353,637,500 HSBC $0 $275,000,000 $1,726,434,500 $545,901,413 $12,538,736 $0 $659,950,707 $375,000,000 $500,000,000 $4,094,825,356 ING $0 $54,095,064 $309,500,000 $0 $0 $0 $0 $619,000,000 $0 $982,595,064 JP Morgan Chase $100,000,000 $47,193,457 $14,395,895,667 $3,037,382,841 $551,739,559 $0 $1,980,450,340 $88,300,000 $461,000,000 $20,661,961,864 Mitsubishi $0 $0 $0 $0 $20,000 $0 $0 $0 $0 $20,000 Mizuho $0 $175,000 $0 $0 $127,517,330 $0 $0 $0 $0 $127,692,330 Morgan Stanley $0 $8,300,982 $2,607,300,000 $97,000,000 $297,500,000 $0 $0 $0 $0 $3,010,100,982 RBS $0 $615,000,000 $695,000,000 $324,000,000 $153,874,774 $0 $0 $33,122,307 $0 $1,820,997,081 Santander $1,000,000 $0 $9,350,000 $0 $0 $0 $25,486,180 $0 $0 $35,836,180 Societe Generale $0 $450,000 $1,363,000 $0 $1,011,093 $0 $0 $0 $0 $2,824,093 Standard Chartered $0 $200,000,000 $233,337,000 $100,000,000 $0 $0 $0 $132,000,000 $0 $665,337,000 State Street $0 $0 $155,000,000 $0 $179,369,417 $0 $0 $0 $0 $334,369,417 UBS $0 $990,000,000 $863,000,000 $342,000,000 $219,235,134 $0 $0 $1,700,100 $0 $2,415,935,234 Wells Fargo $104,095,000 $4,622,987 $8,545,645,154 $172,000,000 $17,371,572 $0 $2,147,659,194 $0 $0 $10,991,393,907 Totals $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Bank of America $235,000,000 $1,200,000 $29,724,586,323 $300,450,707 $296,610,810 $0 $1,610,900,009 $16,562,700 $0 $32,185,310,549 Bank of China $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Bank of New York Mellon $0 $665,968,174 $0 $6,000,000 $177,822,207 $0 $0 $0 $0 $849,790,381 Barclays $0 $773,336,174 $959,000,000 $342,000,000 $50,500,000 $425,000 $0 $176,000,000 $0 $2,301,261,174 BNP Paribas $0 $140,000 $18,086,983,000 $508,000,000 $0 $0 $0 $963,619,900 $0 $19,558,742,900 China Construction Bank Corporation $0 $0 $0 $0 $0 $0 $0 $0 $0 $0 Citigroup $788,000,000 $175,875,000 $11,655,882,624 $364,000,000 $577,500,001 $0 $0 $0 $0 $13,561,257,625 Credit Agricole $0 $0 $411,211,000 $0 $0 $0 $0 $329,593,585 $0 $740,804,585 Credit Suisse $0 $665,000 $3,736,500,000 $100,000,000 $449,323,937 $0 $0 $0 $0 $4,286,488,937 Deutsche Bank $0 $803,060,000 $806,000,000 $58,000,000 $83,000,000 $0 $0 $0 $0 $1,750,060,000 Goldman Sachs $0 $122,000,000 $5,060,000,000 $171,637,500 $0 $0 $0 $0 $0 $5,353,637,500 HSBC $0 $275,000,000 $1,726,434,500 $545,901,413 $12,538,736 $0 $659,950,707 $375,000,000 $500,000,000 $4,094,825,356 ING $0 $54,095,064 $309,500,000 $0 $0 $0 $0 $619,000,000 $0 $982,595,064 JP Morgan Chase $100,000,000 $47,193,457 $14,395,895,667 $3,037,382,841 $551,739,559 $0 $1,980,450,340 $88,300,000 $461,000,000 $20,661,961,864 Mitsubishi $0 $0 $0 $0 $20,000 $0 $0 $0 $0 $20,000 Mizuho $0 $175,000 $0 $0 $127,517,330 $0 $0 $0 $0 $127,692,330 Morgan Stanley $0 $8,300,982 $2,607,300,000 $97,000,000 $297,500,000 $0 $0 $0 $0 $3,010,100,982 RBS $0 $615,000,000 $695,000,000 $324,000,000 $153,874,774 $0 $0 $33,122,307 $0 $1,820,997,081 Santander $1,000,000 $0 $9,350,000 $0 $0 $0 $25,486,180 $0 $0 $35,836,180 Societe Generale $0 $450,000 $1,363,000 $0 $1,011,093 $0 $0 $0 $0 $2,824,093 Standard Chartered $0 $200,000,000 $233,337,000 $100,000,000 $0 $0 $0 $132,000,000 $0 $665,337,000 State Street $0 $0 $155,000,000 $0 $179,369,417 $0 $0 $0 $0 $334,369,417 UBS $0 $990,000,000 $863,000,000 $342,000,000 $219,235,134 $0 $0 $1,700,100 $0 $2,415,935,234 Wells Fargo $104,095,000 $4,622,987 $8,545,645,154 $172,000,000 $17,371,572 $0 $2,147,659,194 $0 $0 $10,991,393,907 Totals $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 Open in new tab Penalties paid by foreign vs domestic banks Table A3 Penalties paid by foreign vs domestic banks . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Foreign $1,000,000 $3,711,921,238 $27,837,678,500 $2,319,901,413 $1,097,021,004 $425,000 $685,436,887 $2,630,035,892 $500,000,000 $38,783,419,933 Domestic $1,227,095,000 $1,025,160,600 $72,144,309,768 $4,148,471,048 $2,097,913,566 $0 $5,739,009,543 $104,862,700 $461,000,000 $86,947,822,225 Total $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Foreign $1,000,000 $3,711,921,238 $27,837,678,500 $2,319,901,413 $1,097,021,004 $425,000 $685,436,887 $2,630,035,892 $500,000,000 $38,783,419,933 Domestic $1,227,095,000 $1,025,160,600 $72,144,309,768 $4,148,471,048 $2,097,913,566 $0 $5,739,009,543 $104,862,700 $461,000,000 $86,947,822,225 Total $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 Open in new tab Table A3 Penalties paid by foreign vs domestic banks . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Foreign $1,000,000 $3,711,921,238 $27,837,678,500 $2,319,901,413 $1,097,021,004 $425,000 $685,436,887 $2,630,035,892 $500,000,000 $38,783,419,933 Domestic $1,227,095,000 $1,025,160,600 $72,144,309,768 $4,148,471,048 $2,097,913,566 $0 $5,739,009,543 $104,862,700 $461,000,000 $86,947,822,225 Total $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 . CFPB . CFTC . DOJ . FED . SEC SEED . FDIC . OCC . OFAC . FINCEN . Totals . Foreign $1,000,000 $3,711,921,238 $27,837,678,500 $2,319,901,413 $1,097,021,004 $425,000 $685,436,887 $2,630,035,892 $500,000,000 $38,783,419,933 Domestic $1,227,095,000 $1,025,160,600 $72,144,309,768 $4,148,471,048 $2,097,913,566 $0 $5,739,009,543 $104,862,700 $461,000,000 $86,947,822,225 Total $1,228,095,000 $4,737,081,838 $99,981,988,268 $6,468,372,461 $3,194,934,570 $425,000 $6,424,446,430 $2,734,898,592 $961,000,000 $125,731,242,158 Open in new tab Footnotes 1 Thirty-five per cent of the fines imposed on big banks were announced by multiple regulators on the same day, attesting to the frequency of wolf pack enforcement, often led by the DOJ. The Trump Administration, apparently concerned that the ‘many regulators, same conduct’ approach could lead to over-enforcement, took some process-based steps to modify it. 2 Technically, the systemically important banks considered in this study have been labelled ‘G-SIBs’—a subcategory of SIFIs, a much more mellifluous term, but also one that reflects the fact that some non-American banks are engaged in a wide array of financial services. 3 FDIC Compliance Manual (June 2009) II-8.1’; see also OCC PPM 5310-3 at 8-9 (9 September 2011) (discussing the criteria for initiating an informal action at the OCC). 4 Governor Elizabeth A Duke, Enforcement of Financial Consumer Protection Laws; before the Committee on Financial Services, U.S. House of Representatives, Washington, D.C.—March 20, 2009, Bk Compl Gd 6301404 (‘To ensure that banks with performance deficiencies give appropriate attention to supervisory concerns, we may require them to enter into nonpublic enforcement actions, such as memoranda of understanding. When necessary, we use formal, public enforcement actions, such as Written Agreements, Cease and Desist Orders, or civil money penalties.’). 5 Congress recently reduced the safety and soundness burdens on banks with less than $50 billion in assets (and on some with less than $250 billion in assets), purportedly for the reason, in the Economic Growth, Regulatory Relief, and Consumer Protection Act. See <https://www.congress.gov/bill/115th-congress/senate-bill/2155>; <https://www.nytimes.com/2018/05/22/business/congress-passes-dodd-frank-rollback-for-smaller-banks.html>. 6 As Adam Levitin has explained, ‘A firm is T[oo] B[ig] T[o] F[ail] if it poses systemic risk, that is, if there is a perception that its failure might trigger socially unacceptable macroeconomic consequences.’ Adam J Levitin, ‘In Defense of Bailouts’ (2011) 99 Geo LJ 435, 452; see also Mark J Roe, ‘Structural Corporate Degradation Due to Too-Big-to-Fail Finance’ (2014) 162 U Pa L Rev 1419, 1444 (‘if a big financial firm collapses, the government will typically bail the firm out’). 7 The current chair of the Federal Reserve seems to think that the effort has been a successful one. ‘Fed Chair Nominee Powell Sees No Too-Big-To-Fail Banks’ Reuters (28 November 2017) <https://www.reuters.com/article/usa-fed-powell-banks/update-1-fed-chair-nominee-powell-sees-no-too-big-to-fail-banks-idUSL1N1NY1KY> (‘Generally speaking I think the financial system is quite strong,’ Powell said in his confirmation hearing. Asked if there are any US banks that are still too big to fail in America, he responded, ‘I would say no to that.’). 8 See, eg, David Zaring, The Globalized Governance of Finance (Cambridge University Press 2020) (discussing the way that the global regime of financial regulation—and, especially, capital regulation—works). 9 See, eg, Hon Jed Rakoff, ‘The Financial Crisis: Why Have No High-Level Executives Been Prosecuted?’ (9 January 2014) <https://www.nybooks.com/articles/2014/01/09/financial-crisis-why-no-executive-prosecutions/>; John C Coffee, Jr, ‘SEC Enforcement: What has gone wrong?’ The CLS Blue Sky Blog (2 January 2013) <http://clsbluesky.law.columbia.edu/2013/01/02/sec-enforcement-what-has-gone-wrong/> (characterizing enforcement actions as ‘issuing modest parking tickets for major frauds’). 10 Julie Andersen Hill, ‘Bank Capital Regulation by Enforcement: An Empirical Study’ (2012) 87 Ind LJ 645. 11 Jesse Eisenger, The Chickenshit Club: Why the Justice Department Fails to Prosecute Executives (Simon & Schuster 2017). See also Jed S Rakoff, ‘The Financial Crisis: Why Have No High-Level Executives Been Prosecuted’ NY Rev Books (9 January 2014) <https://www.nybooks.com/articles/2014/01/09/financial-crisis-why-no-executive-prosecutions/;> Malcolm M Feeley, ‘How to Think about Criminal Court Reform’ (2018) 98 BU L Rev 673, 730. 12 For a discussion, see David Zaring, ‘Against Being Against the Revolving Door’ (2013) U Ill L Rev 507, 520; Ross MacDonald, ‘Setting Examples, Not Settling: Toward a New SEC Enforcement Paradigm’ (2012) 91 Tex L Rev 419, 421 (noting that one financial regulator ‘settles cases at a higher rate than private parties’). 13 See Camden Fine, ‘So Long as Big Banks Can’t Fail, Small Banks Need TAG’ Am Banker (24 February 2012), <http://www.americanbanker.com/bankthink/so-long-as-big-banks-can-not-fail-small-banks-need-tag-1046929-1.html>. For a discussion of Fine’s arguments—and a disagreement, see H Rodgin Cohen, ‘Preventing the Fire Next Time: Too Big to Fail’ (2012) 90 Tex L Rev 1717, 1743. 14 See, eg, Jeffrey N Gordon and Wolf-Georg Ringe, ‘Bank Resolution in the European Banking Union: A Transatlantic Perspective on What It Would Take’ (2015), 115 Colum L Rev 1343 (describing the worry over leniency to national champions); Li-Wen Lin and Curtis J Milhaupt, ‘We Are the (National) Champions: Understanding the Mechanisms of State Capitalism in China’ (2013) 65 Stan L Rev 697, 756 (2013) (describing the same concern in China). 15 Jill E Fisch, ‘Constructive Ambiguity and Judicial Development of Insider Trading’ (2018) 71 SMU L Rev 749, 758. 16 Stephen J Choi, and Kevin E Davis, Foreign Affairs and Enforcement of the Foreign Corrupt Practices Act NYU Law and Economics Research Paper No 12-15; NYU School of Law, Public Law Research Paper No 12-35 (30 December 2013), available at SSRN: <https://ssrn.com/abstract=2116487> or <http://dx.doi.org/10.2139/ssrn.2116487>. 17 Rachel Brewster, ‘Enforcing the FCPA: International Resonance and Domestic Strategy’ (2017) 103 Va L Rev 1611, 1618. 18 Rebecca L Perlman and Alan O Sykes, ‘The Political Economy of the Foreign Corrupt Practices Act: An Exploratory Analysis’ (2017) 9 J Legal Analysis 153, 156. See also Mariana Pargendler, The Grip of Nationalism on Corporate Law European Corp Governance Inst, Working Paper No 437 (2019) 8 <https://ssrn.com/abstract=3144451>. 19 See Pierre-Hugues Verdier, Global Banks on Trial: U.S. Prosecutions and the Remaking of International Finance (Oxford University Press 2020). 20 12 USC §1818. 21 Federal financial regulators can, but almost never do, freeze the assets of financial institutions, preventing any person from ‘withdrawing, transferring, removing, dissipating, or disposing of any funds, assets or other property’ via a temporary restraining order. 12 USC § 1818(i)(4). 22 OCC PPM 5310-3 at 4 (9 September 2011). 23 See <https://www.federalreserve.gov/releases/lbr/current/default.htm>. 24 Michelle Davis, ‘The U.S. Secretly Halted JPMorgan’s Growth for Years’ Bloomberg (26 October 2018) <https://www.bloomberg.com/news/articles/2018-10-26/jpmorgan-s-secret-punishment-u-s-halted-its-growth-for-years?srnd=premium>. 25 12 USC 1818(u). 26 To implement these factors, the banking agencies have adopted the Federal Financial Institutions Examination Council’s (FFIEC) Interagency Policy Regarding the Assessment of Civil Money Penalties by the Federal Financial Institutions Regulatory Agencies, which sets forth 13 factors to consider in assessing monetary penalties, consistent with the four statutory factors. The 13 factors for assessing CMPs to institutions include: (1) Intent, (2) Continuation after notification, (3) Concealment, (4) Financial gain or other benefit as a result of the violation, (4) Loss or risk of loss to the bank, (5) Impact or harm other than financial loss to the bank, (6) Loss or harm to consumers or the public (consumer law or the Bank Secrecy Act violations), (7) Previous concern or administrative action for similar violation, (8) History of violation and tendency to engage in violations, (9) Duration and frequency of violations before notification, (10) Effectiveness of internal controls and compliance program, (11) Good faith before notification, (12) Full cooperation after notification, and (13) Restitution, if applicable. 27 Bank holding companies became necessary when banks were limited by area restrictions to one state or one locality; banks created holding companies to extend their national reach. Congress then gave the Fed the power to regulate these groups. For a discussion see Saule T Omarova and Margaret E Tahyar, ‘That Which We Call A Bank: Revisiting the History of Bank Holding Company Regulation in the United States’ (2011) 31 Rev Banking and Fin L 113, 124 (‘Soon after 1956, the main focus of BHC regulation gradually began shifting away from its original emphasis on prevention of undue concentration of commercial bank credit toward the issue of separation of banking and commerce.’). 28 As Saule Omarova and Meg Tahyar have explained, ‘banks could form or reincorporate themselves as holding companies and hold separately incorporated banks in different states to engage in interstate banking, without running afoul of the then-ubiquitous interstate banking restrictions’. Saule T Omarova and Margaret E Tahyar, ‘That Which We Call a Bank: Revisiting the History of Bank Holding Company Regulations in the United States’ (2012) 32 Rev Banking and Fin L 113, 121. 29 Dain C Donelson and David Zaring, ‘Requiem for A Regulator: The Office of Thrift Supervision’s Performance During the Financial Crisis’ (2011) 89 NC L Rev 1777, 1778–79 (‘Some thought that this failure could be ascribed to design flaws in the American financial regulatory system, which features multiple regulators, some charged with very similar tasks. These regulators competed with one another to attract financial institutions and the supervisory fees they generate to their various regulatory aegises.’). 30 For an overview, see Peter S Smedresman Andreas, ‘Eurodollars, Multinational Banks, and National Laws’ (1989) 64 NYU L Rev 733, 739 (1989). 31 Press Release, Board of Governors of the Federal Reserve (18 February 2014) <https://www.federalreserve.gov/newsevents/press/bcreg/20140218a.htm>. 32 The enforcement actions may be found at <https://www.federalreserve.gov/apps/enforcementactions>. 33 Ibid. 34 See ibid. 35 See ibid. 36 Ibid. 37 CA 08–1: Communication of Examination/Inspection Findings—Frb—Consumer Affairs Letters—2008, Bk Compl Gd 6304109. 38 Ibid. Even though the power to issue MRAs comes from authority all financial regulators share—Section 8 of the Federal Deposit Insurance Act, 12 USC 1818(a)—the OCC appears to define MRAs slightly differently than does the Fed. For a discussion, see Greg Baer and Jeremy Newell, ‘The MRA is the Core of Supervision, but Common Standards and Practices are MIA’ Bank Pol’y Inst (8 February 2018) <https://bpi.com/the-mra-is-the-core-of-supervision-but-common-standards-and-practices-are-mia/>. 39 12 CFR § 263.62. 40 Such an ongoing relationship is not shared by the DOJ, as we will see in section IV.1. 41 13 Stat 99. 42 The regulator assesses fees by three tiers depending upon the seriousness of the violation. 12 CFR 19.240. 43 Office of the Comptroller of the Currency, Policies and Procedures Manual: Civil Money Penalties (13 November 2018). 44 Moreover, the OCC has greater leeway in assessing monetary penalties for the most serious forms of misconduct. Its penalty matrixes are only considered guidance and ‘do not reduce the [civil monetary penalty] process to a mathematical equation and are not a substitute for sound supervisory judgment. In some cases…it may be appropriate to depart from the matrices to reach a fair and equitable result that achieves the agency’s supervisory objectives.’ Office of the Comptroller of the Currency, Policies and Procedures Manual: Civil Money Penalties (13 November 2018). 45 <https://www.fdic.gov/about/strategic/report/2016annualreport/section7-02.html>. 46 In particular, foreign banks that have continued to do business in the US have failed certain bank-specific tests of crisis resiliency, but American banks have not, worrying some that a double standard has been applied. In June 2016, the Fed announced ‘that…Germany’s Deutsche Bank and Spain’s Santander had failed an annual stress test, citing weaknesses in their capital planning and risk management’. AFP, ‘Deutsche Bank, Santander Fail US Fed Stress Test’ Daily Mail (29 June 2016) <http://www.dailymail.co.uk/wires/afp/article-3666756/Deutsche-Bank-Santander-fail-US-Fed-stress-test.html>. This was Santander’s third consecutive year failing the Fed’s stress test, and Deutsche Bank’s second. Ibid. To be sure, however, foreign banks are not subject to tests as intensive as those performed on US banks—at least not yet. Nathaniel Popper and Michael Corkery, ‘Nearly All U.S. Banks Pass Fed’s Stress Test’ NY Times (29 June 2016) <http://www.nytimes.com/2016/06/30/business/dealbook/nearly-all-us-banks-pass-feds-stress-test.html?_r=0>. 47 See <https://www.fdic.gov/about/strategic/report/2017annualreport/ar17appendix.pdf>. 48 The large regional banks SunTrust and BB&T merged in 2019 to create the country’s sixth largest bank, indicated that they would prefer to remain regulated by the FDIC upon the consummation of the arrangement. SunTrust, ‘Merger of Equals Between BB&T and SunTrust Will Create Truist’ (12 June 2019) (indicating the intention to seek supervision by the merged bank with the FDIC). 49 All told, the FDIC announced 29,980 enforcement actions during this period. See <https://www.fdic.gov/about/strategic/report/2017annualreport/ar17appendix.pdf>. 50 Deloitte Center for Financial Services, Enforcement Actions in the Banking Industry: Trends and Lessons Learned <https://www2.deloitte.com/content/dam/insights/us/articles/bank-enforcement-actions-trends-in-banking-industry/DUP1372_EnforcementActionsBanking_120815.pdf> at 5. 51 See, eg, Pierre-Hugues Verdier, Global Banks on Trial: U.S. Prosecutions and the Remaking of International Finance (Oxford University Press 2020). 52 See Ken Belson, ‘Ex-Chief of WorldCom Convicted of Fraud Charges’ NY Times (15 March 2005) <http://www.nytimes.com/2005/03/15/business/15cnd-ebbers.html?_r=0> (reporting on the sentencing of Worldcom’s former CEO); John R Emshwiller and others, ‘Lay, Skilling Are Convicted of Fraud’ Wall St J (26 May 2006) at A1 (describing the Enron verdict). 53 See Richard L Berke, ‘Ethics Unit Singles Out Cranston, Chides 4 Others in S. & L. Inquiry’ NY Times (28 February 1991) at A1, available at <http://www.nytimes.com/1991/02/28/us/ethics-unit-singles-out-cranston-chides-4-others-in-s-l-inquiry.html> (‘Senator Alan Cranston engaged in “an impermissible pattern of conduct” that might warrant disciplinary action by the full Senate.’). 54 David Zaring, Litigating the Financial Crisis, Va L Rev at 132–33. 55 Marian Wang, ‘Why No Financial Crisis Prosecutions? Ex-Justice Official Says It’s Just Too Hard’ ProPublica (6 December 2011) <http://www.propublica.org/article/why-no-financial-crisis-prosecutions-official-says-its-just-too-hard>. 56 Arthur Andersen LLP v United States, 544 US 696, 705–06 (2005) (reversing the Fifth Circuit’s affirmance of the Arthur Andersen conviction and holding that ordering destruction of documents could not be considered ‘knowing corruption’ within the meaning of the federal statute in question unless the party imparting the order to destroy documents had the requisite knowledge that his conduct was illegal). 57 Andrew Ross Sorkin, ‘Realities Behind Prosecuting Big Banks’ NY Times Dealbook (11 March 2013) <http://dealbook.nytimes.com/2013/03/11/big-banks-go-wrong-but-pay-a-little-price/>. 58 The statute is so broadly written—it covers any fraud that involved a phone or electronic communication—that the Supreme Court has started to cut back on it, in, for example Kelly v United States, 590 US—(7 May 2020). 59 See, eg, Erik Paulsen, Imposing Limits on Prosecutorial Discretion in Corporate Prosecution Agreements, 82 NYU L Rev 1434, 1436 (2007) (‘The use of [DPAs] exploded after the demise of the corporate accounting giant Arthur Andersen. When Andersen collapsed after its indictment, federal prosecutors realized that prosecution alone could destroy even the most established of companies.’). 60 The factors may be found in the USAM 9.28.1300. 61 Ibid 9.29.300. 62 The guidelines may be found at <https://www.ussc.gov/guidelines>. Under the Guidelines, the Department begins by determining a base fine, which is the larger of: (1) a schedule set forth in the guidelines, (2) the pecuniary gain to the bank; or (3) the pecuniary loss caused by the bank, to the extent it was caused intentionally, knowingly, or recklessly. That initial number is subject to a multiplier, which is determined by a ‘culpability score’, starting at five and then is increased or decreased based on factors such as ‘involvement in or tolerance of criminal activity’ and whether the organization had an effective compliance and ethics programme in place. This number is subject to a number of adjustments, resulting in a range of fines. United States Sentencing Commission, Guidelines Manual 2018 <https://www.ussc.gov/sites/default/files/pdf/guidelines-manual/2018/GLMFull.pdf>. 63 See, eg, FTC v WV Universal Mgmt, LLC, 877 F 3d 1234, 1239 (11th Cir 2017) (quoting FTC v General Merch Corp, 87 F 3d 466, 468 (11th Cir 1996)) (noting that even though the Federal Trade Commission Act did not expressly provide for monetary equitable relief, Congress’s ‘unqualified grant of statutory authority to issue an injunction…carries with it the full range of equitable remedies’). 64 Ibid. 65 This reflects the time period from 2008 to 2018, and does not include resolutions where the DOJ did not assess a penalty but instead deemed the financial institution's payment to other regulators sufficient to satisfy any monetary penalty. Gibson Dunn, Developments in the Defense of Financial Institutions—Calculating the Financial Exposure (17 January 2019) <https://www.gibsondunn.com/developments-in-the-defense-of-financial-institutions-calculating-the-financial-exposure/#_ftnref74>. 66 See Brandon L Garrett, ‘The Rise of Bank Prosecutions’ Yale LJ Forum (23 May 2016) <https://www.yalelawjournal.org/forum/the-rise-of-bank-prosecutions> at n 5. 67 For the DOJ’s press releases announcing some of the LIBOR settlements, see Department of Justice, ‘Barclays Bank PLC Admits Misconduct Related to Submissions for the London Interbank Offered Rate and the Euro Interbank Offered Rate and Agrees to Pay $160 Million Penalty’ (27 June 2012) <https://www.justice.gov/opa/pr/barclays-bank-plc-admits-misconduct-related-submissions-london-interbank-offered-rate-and>; ‘Deutsche Bank’s London Subsidiary Agrees to Plead Guilty in Connection with Long-Running Manipulation of LIBOR’ (23 April 2015) <https://www.justice.gov/opa/pr/deutsche-banks-london-subsidiary-agrees-plead-guilty-connection-long-running-manipulation>. 68 DOJ, ‘Justice Department Announces Final Swiss Bank Program Category 2 Resolution with HSZH Verwaltungs AG’ (27 January 2016) <https://www.justice.gov/opa/pr/justice-department-announces-final-swiss-bank-program-category-2-resolution-hszh-verwaltungs>. 69 The enforcement action may be found at <https://www.westlaw.com/Document/I441eb94d294a11e498db8b09b4f043e0/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=201&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 70 The enforcement action may be found at <https://1.next.westlaw.com/Document/I39e7be98d15211e598dc8b09b4f043e0/View/FullText.html?navigationPath=Search%2Fv1%2Fresults%2Fnavigation%2Fi0ad740160000016486d4ea6cf254adb0%3FNav%3DADMINDECISION%26fragmentIdentifier%3DI39e7be98d15211e598dc8b09b4f043e0%26startIndex%3D1%26contextData%3D%2528sc.Search%2529%26transitionType%3DSearchItem&listSource=Search&listPageSource=55453a75d3b998f14a3f96a31f4d00d8&list=ADMINDECISION&rank=1&sessionScopeId=65fd2400ce765955d8e0cfe92f3e60cba826f9f6259196376d68d2e154ba4a99&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Search%29>. 71 The enforcement actions may be found at <https://www.westlaw.com/Document/I8f35d2f043d511e28578f7ccc38dcbee/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=279&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>; <https://www.westlaw.com/Document/I0199dd3b006b11e698dc8b09b4f043e0/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=49&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>; <https://www.westlaw.com/Document/I80b7ab34514511e38578f7ccc38dcbee/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=251&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 72 The enforcement action may be found at <https://www.westlaw.com/Document/Idaaa9410430711e28578f7ccc38dcbee/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=282&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 73 The enforcement action may be found at <https://www.westlaw.com/Document/Ica019cadb53611e18b05fdf15589d8e8/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=312&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 74 The enforcement actions may be found at <https://www.westlaw.com/Document/I8f35d2f043d511e28578f7ccc38dcbee/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=279&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>; <https://www.westlaw.com/Document/I8e84767607e811e498db8b09b4f043e0/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=216&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 75 Donald C Langevoort, Selling Hope, Selling Risk: Corporations, Wall Street, and the Dilemmas of Investor Protection (Oxford 2016) 140–41 (noting that the SEC has traditionally not focused on regulating for the purpose of limiting systemic risk). 76 Lehman Brothers, of course, collapsed entirely after protestations that it had adequate capital one week before its collapse. 77 For a discussion of what went wrong see SEC Office of Inspector General, SEC’s Oversight of Bear Stearns and Related Entities—The Consolidated Supervised Entity Program, Report No 446-A (25 September 2008) <https://www.sec.gov/about/oig/audit/2008/446-a.pdf>—the fact that one investment bank was compliant with SEC supervisory requirements when it collapsed raises ‘serious questions about whether the capital requirement amounts were adequate’); Ben Protess, ‘“Flawed” SEC Program Failed to Rein in Investment Banks’ ProPublica (1 October 2008) <https://www.propublica.org/article/flawed-sec-program-failed-to-rein-in-investment-banks-101> (‘The Securities and Exchange Commission last week abolished the special regulatory program that it applied to Wall Street's largest investment banks.’). 78 David Zaring, `Litigating the Financial Crisis,' 100 Va. L. Rev. 1405, 1413 (2014). 79 ‘We have recognized time and again, a “fundamental purpose” of the various Securities Acts, “was to substitute a philosophy of full disclosure for the philosophy of caveat emptor and thus to achieve a high standard of business ethics in the securities industry.”’ Basic Inc v Levinson, 485 US 224, 234, 108 S Ct 978, 985, 99 L Ed 2d 194 (1988). 80 15 US Code §§ 78c, 78j, 78o. As Thomas Hazen has explained, ‘[a] bank can “push out” its securities activities to an SEC regulated subsidiary and retain activities in the banking enterprise’. Thomas Hazen, Broker-Dealer Registration—Banks and Subsidiaries of Banks, 5 Law Sec Reg § 14:55. Latest edition seems to be the 7th edition, published in 2016. 81 15 USC § 78u(d)(2) (2012) (‘[T]he court may prohibit, conditionally or unconditionally, and permanently or for such period of time as it shall determine, any person…from acting as an officer or director of any issuer that has a class of securities registered…’). 82 Sarbanes-Oxley Act of 2002, Pub L No 107-104, § 304(a), 116 Stat 745, 778 (codified at 15 USC § 7243(a) (2012)). For a discussion of this so-called clawback power by an SEC official, see generally Rachael E Schwartz, ‘The Clawback Provision of Sarbanes-Oxley: An Underutilized Incentive to Keep the Corporate House Clean’ (2008) 64 Bus Law 1. 83 Securities Enforcement Remedies and Penny Stock Reform Act of 1990, Pub L No 101-429, § 101, 104 Stat 931, 934 (1990) (codified at 15 USC § 77t(d) (2012)) (limiting enforcement to registered entities and associated persons); Dodd-Frank Wall Street Reform and Consumer Protection Act, Pub L No 111-203, § 929P, 124 Stat 1376, 1862 (1990) (codified in scattered sections of 15 USC) (allowing the SEC to seek civil penalties in administrative proceedings against non-registered persons and entities). 84 17 CFR § 201.1005 tbl V. 85 15 USC § 78u-2(e). 86 While the 1990 statute explicitly gave the SEC the power to seek disgorgement in the federal forum, the SEC has long sought disgorgement as an equitable remedy in enforcement actions in federal court. See, eg, Russell G Ryan, ‘The Equity Façade of SEC Disgorgement’ (2013) 4 Harv Bus L Rev Online 1, 2–3, 2 n 12, <https://www.hblr.org/2013/11/the-equity-facade-of-sec-disgorgement/> [https://perma.cc/TG3D-6PD5] (‘In practice, …the SEC rarely uses administrative proceedings to pursue contested disgorgement claims, preferring instead to file and litigate such claims in federal court.’). 87 US Securities and Exchange Commission, Agency Financial Report: Fiscal Year 2014, at 66 n 9 (2014), <https://www.sec.gov/about/secpar/secafr2014.pdf> [<https://perma.cc/DD7S-FRLK>]. 88 SEC v Teo, 746 F 3d 90, 105 (3d Cir 2014); see also SEC v Contorinis, 743 F 3d 296, 301 (2d Cir 2014) (‘Disgorgement is an equitable remedy, imposed to ‘forc[e] a defendant to give up the amount by which he was unjustly enriched.’ (alteration in original) (quoting FTC v Bronson Partners, 654 F 3d 359, 372 (2d Cir 2011))). 89 SEC v Cavanagh, 445 F 3d 105, 117 (2d Cir 2006) (‘In a securities enforcement action, as in other contexts, “disgorgement” is not available primarily to compensate victims. Instead, disgorgement has been used by the SEC and courts to prevent wrongdoers from unjustly enriching themselves through violations, which has the effect of deterring subsequent fraud.’ (footnote omitted)). 90 Kokesh v SEC, 581 US ___ (2017) (subjecting disgorgement to statute of limitations); Liu v SEC, 591 US ___ (23 June 2020) (affirming right of SEC to obtain disgorgement); see also National Defense Authorization Act of 2021 (extending disgorgement to 10 years). 91 SEC v First City Fin Corp, 890 F 2d 1215, 1231 (DC Cir 1989). 92 SEC v. Whittemore, 659 F.3d 1 (D.C. Cir. 2011) (‘[A] disgorgement order pertains to a sum equal to the amount wrongfully obtained, rather than a requirement to replevy a specific asset, and establishes a personal liability, which the defendant must satisfy regardless [of] whether he retains the selfsame proceeds of his wrongdoing.’ (second alteration in original) (internal quotations omitted)). 93 See Richard F Albert, ‘Punishment Without Cause: Disgorgement and Forfeiture of Salary and Pensions’ Forbes Insider (2 April 2014), <http://www.forbes.com/sites/insider/2014/04/02/punishment-without-cause-disgorgement-and-forfeiture-of-salary-and-pensions/> [<https://perma.cc/R7KJ-N8B3>] (noting that the SEC frequently seeks to disgorge all salary and bonuses earned during the period of alleged violations of securities laws). While the limitation of causal connection is easy to satisfy, and courts give the SEC wide latitude, it is not entirely toothless. See, eg, SEC v Razmilovic, 738 F 3d 14, 33 (2d Cir 2013) (ordering disgorgement of bonuses and severance but not of underlying salary that was ‘not dependent on the company’s performance’ and therefore unrelated to the violation). 94 Urska Velikonja, ‘Public Compensation for Private Harm: Evidence from the SEC’s Fair Fund Distributions’ (2015) 67 Stan L Rev 331, 340 n 50. 95 These figures include both orders from SEC cease-and-desist proceedings, as well as enforcement actions in federal court. US Securities and Exchange Commission, Select SEC and Market Data: Fiscal 2014, at 2 tbl 1 (2014), <http://www.sec.gov/about/secstats2014.pdf> [<https://perma.cc/UQ6G-Z2Z4>]. 96 Ibid. 97 15 USC § 77h-1(g) (2012) (allowing imposition of civil penalties but capping the maximum penalty available at $150,000 for a natural person or $725,000 for a corporation). These penalties represent a 50 per cent increase over the penalties applicable to broker-dealers prior to Dodd-Frank. 98 15 USC § 77h-1(g). 99 Ibid. § 77h-1(e). 100 For a discussion, see Steven M Davidoff and David Zaring, ‘Regulation by Deal: The Government’s Response to the Financial Crisis’ (2009) 61 Admin L Rev 463, 541 (‘The premise behind the auction-rate-securities investigations was that these banks had promised investors that they could sell certain long-term securities at weekly auctions, making the securities quite liquid. But when the credit markets began to tighten in early 2008, the auctions failed, and banks refused to purchase the securities in lieu of a buyer.’) 101 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/210/262>. 102 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/202/101>. 103 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/882/564>. 104 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/810/3927>. 105 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/421/146>. 106 The enforcement action may be found at <https://research.seed.law.nyu.edu/Search/ActionDetail/228/278>. 107 See CFTC, History of the CFTC <https://www.cftc.gov/About/HistoryoftheCFTC/history_precftc.html>. For the Supreme Court’s version of the history, see Merrill Lynch, Pierce, Fenner & Smith, Inc v Curran, 456 US 353, 357-66 (1982). 108 See CFTC, History of the CFTC <https://www.cftc.gov/About/HistoryoftheCFTC/history_1970s.html>. 109 7 USC 1 § 1a(9), <https://www.law.cornell.edu/uscode/text/7/1a>. 110 For the most recent fee schedule, see CFTC, Fees for Reviews of the Rule Enforcement Programs of Designated Contract Markets and Registered Futures Associations, 83 Fed Reg 29546 (23 June 2018) <https://www.govinfo.gov/content/pkg/FR-2018-06-25/pdf/2018-13511.pdf>. 111 For an overview of the rules the agency promulgated upon receiving this authority, see CFTC Office of Public Affairs, ‘Final Rules and Interpretations i) Further Defining “Swap,” “Security-Based Swap,” and “Security-Based Swap Agreement”; ii) Regarding “Mixed Swaps”; and iii) Governing Books and Records for “Security-Based Swap Agreements”’ <https://cftc.gov/sites/default/files/idc/groups/public/@newsroom/documents/file/fd_factsheet_final.pdf>. 112 Peter J Henning, ‘C.F.T.C. Is Set to Get Tougher on Fraud’ NY Times DealBook (1 November 2010) <https://dealbook.nytimes.com/2010/11/01/c-f-t-c-is-set-to-get-tougher-on-fraud/> (‘The Commodity Futures Trading Commission has generally been viewed as a regulatory agency with a small bark and even less bite’ and must protect its turf from encroachment by the SEC). 113 Alexandra Alper, ‘Citi to Pay Penalty for Position Limits Violation: CFTC’ Reuters (21 September 2012) <https://www.reuters.com/article/us-cftc-citigroup/citi-to-pay-penalty-for-position-limits-violation-cftc-idUSBRE88K16320120921>. 114 The enforcement actions may be found at <https://cftc.gov/PressRoom/PressReleases/7056-14. 115 The enforcement actions may be found at <https://www.cftc.gov/PressRoom/PressReleases/7159-15>; <https://www.cftc.gov/PressRoom/PressReleases/7181-15>; <https://www.cftc.gov/PressRoom/PressReleases/7180-15>. 116 <https://www.cftc.gov/PressRoom/PressReleases/pr6472-12>. 117 <https://www.cftc.gov/PressRoom/PressReleases/pr7056-14>. 118 <https://www.cftc.gov/PressRoom/PressReleases/7159-15> 119 For a discussion, see Catherine M Sharkey, ‘Agency Coordination in Consumer Protection’, 2013 U Chi Legal F 329, 351 (2013) (discussing the agency’s consumer protection mission). 120 12 USC § 5564. 121 Ibid §1025. 122 Ibid §1026. 123 Michael S. Barr, Howell E. Jackson, Margaret E. Tahyar. Financial Regulation: Law and Policy (Foundation Press 2018). 124 For a discussion, see Lower E Side People’s Fed. Credit Union v Trump, 289 F Supp 3d 568, 580 (SDNY 2018). 125 The CFPB has explained how it views its authority in CFPB, ‘Unfair, Deceptive, or Abusive Acts or Practices’ <https://files.consumerfinance.gov/f/documents/102012_cfpb_unfair-deceptive-abusive-acts-practices-udaaps_procedures.pdf>; for an enforcement action applying this standard, see, eg, In the Matter of Santander Consumer USA, Inc <https://www.consumerfinance.gov/policy-compliance/enforcement/actions/santander-consumer-usa-inc/>. The Supreme Court characterized these powers as strong in Seila Law LLC v Consumer Financial Protection Bureau, 591 US ____ (2020). 126 Jason Scott Johnston, ‘Do Product Bans Help Consumers? Questioning the Economic Foundations of Dodd-Frank Mortgage Regulation’ (2016) 23 Geo Mason L Rev 617, 639 (discussing the precedent for unfair and deceptive practices). 127 Adam J Levitin, ‘Hydraulic Regulation: Regulating Credit Markets Upstream’ (1999) 26 Yale J Reg 143, 155 (‘The plethora of agencies, each given a small piece of the consumer-protection field to police along with other duties, has the effect of making consumer protection an orphan in the banking regulation system. Because consumer protection is everybody’s responsibility, but each agency is responsible for a very limited piece of the system, it becomes nobody’s responsibility.’). 128 Congressional Research Service, Introduction to Financial Services: The Bureau of Consumer Financial Protection (CFPB) (8 January 2019). 129 Ibid. 130 For a discussion, see Adam J Levitin, ‘The Consumer Financial Protection Bureau: An Introduction’ (2013) 32 Rev Banking and Fin L 321, 337. 131 The CFTC glossed this matter at CFPB, ‘CFPB Takes Action Against Wells Fargo and JPMorgan for Illegal Mortgage Kickbacks’ <https://www.consumerfinance.gov/about-us/newsroom/cfpb-takes-action-against-wells-fargo-and-jpmorgan-chase-for-illegal-mortgage-kickbacks/>. 132 Enforcement Action against RBS Citizens Bank (2015) <https://www.consumerfinance.gov/enforcement/actions/citizens-financial-group/>. 133 Enforcement Action against Wells Fargo (2016) <https://www.consumerfinance.gov/policy-compliance/enforcement/actions/wells-fargo-bank-n/>. 134 Enforcement Action against Bank of America (2014) <https://www.consumerfinance.gov/policy-compliance/enforcement/actions/bank-america-fia-card-services/>. 135 Enforcement Action against Santander (2016) <https://www.consumerfinance.gov/policy-compliance/enforcement/actions/santander-bank-n/>; Enforcement Action against RBS (2015) <https://www.consumerfinance.gov/enforcement/actions/citizens-financial-group/>. 136 FinCEN’s explanation of the requirements may be found at FinCEN, ‘The USA Patriot Act’ <https://www.fincen.gov/resources/statutes-regulations/usa-patriot-act. 137 For the requirements as currently set, see 31 CFR §§ 501.101-501.901 <https://www.ecfr.gov/cgi-bin/text-idx?SID=4ed28aff321d97007276a7736cae032e&c=ecfr&tpl=/ecfrbrowse/Title31/31cfrv3_02.tpl>; FinCEN, ‘The USA Patriot Act’ <https://www.fincen.gov/resources/statutes-regulations/usa-patriot-act>. 138 <https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx> 139 US Treasury Department, Press Release, ‘Treasury Designates Russian Oligarchs, Officials, and Entities in Response to Worldwide Malign Activity’ (6 April 2018) <https://home.treasury.gov/news/press-releases/sm0338>. 140 The full list of the entities and individuals covered by the Department’s Iran Sanctions may be found at <https://www.treasury.gov/resource-center/faqs/sanctions/pages/faq_iran.aspx>; Mengqi Sun and Ian Talley, ‘New Sanctions Power Could Squeeze Remaining Iranian Trade Channels’ Wall St J (10 January 2020) <https://www.wsj.com/articles/new-sanctions-power-could-squeeze-remaining-iranian-trade-channels-11578701068>. 141 Office of Foreign Assets Control, Department of the Treasury, ‘Frequently Asked Questions’ <https://www.treasury.gov/resource-center/faqs/Sanctions/Pages/faq_general.aspx#basic. 142 See ibid. 143 Office of Foreign Assets Control, Department of the Treasury, ‘Civil Penalties and Enforcement Information’ <https://www.treasury.gov/resource-center/sanctions/CivPen/Pages/civpen-index2.aspx>. 144 Enforcement Action against Barclays Bank (2016) <https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20160208_barclays.pdf>; ‘Enforcement Action against UBS’ (2015) <https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20150827_ubs.pdf>. 145 Office of Foreign Assets Control, Department of the Treasury, ‘Enforcement Action against Bank of America’ (2014) <https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20140724_bofa.pdf>. 146 Ibid. 147 Ibid. 148 Ibid. 149 Ibid. 150 Financial Crimes Enforcement Network, Department of the Treasury, ‘What We Do’ <https://www.fincen.gov/what-we-do>. 151 Financial Crimes Enforcement Network, Department of the Treasury, ‘Enforcement Actions’ <https://www.fincen.gov/news-room/enforcement-actions>. 152 Ibid. 153 Ibid. 154 Financial Crimes Enforcement Network, Department of the Treasury, ‘Enforcement Action against JP Morgan Chase Bank’ (2014) <https://www.fincen.gov/sites/default/files/enforcement_action/JPMorgan_ASSESSMENT_01072014.pdf>. 155 Ibid. 156 Financial Crimes Enforcement Network, Department of the Treasury, ‘Settlement with HSBC’ (2012) <https://www.fincen.gov/sites/default/files/enforcement_action/HSBC_ASSESSMENT.pdf>. 157 Because of the adverse incentives because of the adverse incentives that would be created if agencies were allowed to hold onto their monetary penalties, in almost every case, those penalties are remitted to the Treasury Department. 158 The enforcement action may be found at <https://www.westlaw.com/Document/Ica019cadb53611e18b05fdf15589d8e8/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=312&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 159 The enforcement action may be found at <https://www.westlaw.com/Document/I8f35d2f043d511e28578f7ccc38dcbee/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=279&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0>. 160 The enforcement action may be found at <https://www.westlaw.com/Document/Ibf4fab608f8411e18b05fdf15589d8e8/View/FullText.html?listSource=Search&list=ADMINDECISION&rank=319&sessionScopeId=4849b1e6ac161861aca0a833d1378e8953ea8d79344bd0815f5ba25a7aa1c2aa&originationContext=Search%20Result&transitionType=SearchItem&contextData=%28sc.Default%29&VR=3.0&RS=cblt1.0h>. 161 Rod Rosenstein, Deputy Attorney General, ‘Deputy Attorney General Rosenstein Delivers Remarks at the Clearing House’s 2017 Annual Conference’ (8 November 2017) <https://www.justice.gov/opa/speech/deputy-attorney-general-rosenstein-delivers-remarks-clearing-house-s-2017-annual>. 162 Gibson Dunn, ‘Developments in the Defense of Financial Institutions—Calculating the Financial Exposure’ (17 January 2019) <https://www.gibsondunn.com/developments-in-the-defense-of-financial-institutions-calculating-the-financial-exposure/#_ftnref74>. 163 See generally David Zaring, The Globalized Governance of Finance (Cambridge University Press 2020). 164 See, eg, Stephanos Bibas, ‘Prosecutorial Regulation Versus Prosecutorial Accountability’ (2009) 157 U Pa L Rev 959, 960 (‘No government official in America has as much unreviewable power and discretion as the prosecutor.’); Miriam Hechler Baer, ‘Governing Corporate Compliance’ (2009) 50 BC L Rev 949, 1019; Douglas Husak, Overcriminalization (Oxford University Press 2008) 9–10. 165 Benjamin Levin, ‘Imagining the Progressive Prosecutor’ (2021) 105 Minn L Rev 1415, 1417 (‘Generally speaking, the progressive prosecutor is presumed to be one powerful antidote to mass incarceration or the problematic institutions of the penal state.’). 166 Pierre Verdier, Global Banks on Trial: U.S. Prosecutions and the Remaking of International Finance (Oxford University Press 2020). 167 Rachel E Barkow, ‘Institutional Design and the Policing of Prosecutors: Lessons from Administrative Law’ (2009) 61 Stan L Rev 869, 887. 168 Richard A Bierschbach and Stephanos Bibas, ‘Notice-and-Comment Sentencing’ (2012) 97 Minn L Rev 1, 13–16. Author notes David Zaring, Professor of Legal Studies, The Wharton School, 3730 Walnut Street #600, Philadelphia, PA 19104, USA. Email: zaring@wharton.upenn.eduThanks to Peter Conti-Brown, José Gabilondo, Paul Heaton, Holger Spamann, and Pierre Verdier, and for comments received at presentations at BYU, George Washington, the Law and Society Association annual meeting, National University of Singapore, Tulane, and Wharton. Thanks also to Jennifer Corcoran, Ipek Guney, Lani Matsumiya, and Michelle Mohr for research assistance, and finally to the Quattrone Center for research support. © The Author(s) 2021. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com This article is published and distributed under the terms of the Oxford University Press, Standard Journals Publication Model (https://academic.oup.com/journals/pages/open_access/funder_policies/chorus/standard_publication_model)
TI - Enforcement against the Biggest Banks
JF - Journal of Financial Regulation
DO - 10.1093/jfr/fjab005
DA - 2021-05-21
UR - https://www.deepdyve.com/lp/oxford-university-press/enforcement-against-the-biggest-banks-iD2PA07Ly8
SP - 1
EP - 1
VL - Advance Article
IS - 
DP - DeepDyve
ER -