Free Consultations & We're Available 24/7
Contact Us
Financial and Banking Industry Investigations
Financial and Banking Industry Investigations
TD Bank just paid $1.8 billion to resolve Bank Secrecy Act and money laundering conspiracy violations – the largest penalty ever assessed against a depository institution in U.S. Treasury and FinCEN history. The bank “willfully failed to monitor trillions of dollars of transactions,” allowing hundreds of millions from drug trafficking networks to flow through undetected. DOJ’s settlement includes a four-year independent monitorship, enhanced compliance obligations, and admission that the bank’s AML program was deliberately inadequate. That’s not regulatory oversight – that’s federal prosecutors treating BSA compliance failures as criminal conspiracies.
Thanks for visiting Spodek Law Group, a second generation law firm managed by Todd Spodek with over 40 years of combined experience. We defend financial institutions, executives, and compliance officers facing DOJ, FinCEN, OCC, FDIC, and Federal Reserve investigations for Bank Secrecy Act violations, sanctions evasion, and money laundering. This article explains how federal banking investigations work in 2025, why BSA enforcement has shifted from regulatory compliance to criminal prosecution, and what to do when examiners find deficiencies that trigger referrals to law enforcement.
The Regulatory Framework That Became Criminal Liability
The Bank Secrecy Act requires financial institutions to assist government agencies in detecting and preventing money laundering. That means filing Suspicious Activity Reports (SARs) when transactions suggest criminal activity, implementing anti-money laundering programs, conducting customer due diligence, and maintaining transaction records accessible to law enforcement. Sounds like regulatory compliance – file reports, keep records, implement controls.
But BSA violations aren’t just civil penalties assessed by banking regulators. They’re federal crimes under 31 U.S.C. § 5322, carrying criminal fines and prison time for individuals. Willful violations – where institutions or executives knowingly fail to implement required AML controls – elevate civil compliance failures into felony prosecutions. DOJ’s Bank Integrity Unit has imposed over $25 billion in penalties since 2010, and those figures don’t include the collateral consequences: deferred prosecution agreements, multi-year monitorships, and compliance overhauls costing hundreds of millions beyond the fines.
Here’s the constitutional problem. BSA requires financial institutions to surveil their customers and report “suspicious” activity to FinCEN. What’s suspicious? Structuring transactions to avoid reporting thresholds. Rapid movement of funds through multiple accounts. Large cash deposits by businesses operating in cash-intensive industries. The statute doesn’t define suspicion with particularity – it delegates that determination to banks, which must make judgment calls about whether customers’ financial activity might involve money laundering.
Fourth Amendment jurisprudence requires government searches to be reasonable and particular. BSA conscripts private financial institutions into becoming agents of law enforcement surveillance, forcing them to make suspicion determinations and report customers to federal authorities without warrants, without probable cause, without any showing that the customers actually committed crimes. Courts have upheld this as an administrative search exception to the warrant requirement – but that exception keeps expanding to encompass more transactions, more reporting obligations, more invasive monitoring.
How Investigations Start: Examinations Become Referrals
Federal banking agencies – OCC for national banks, FDIC for state-chartered banks, Federal Reserve for bank holding companies – conduct periodic BSA/AML examinations. Examiners review transaction monitoring systems, SAR filing practices, customer due diligence procedures, and compliance training programs. When they find deficiencies, they issue findings ranging from “Matters Requiring Attention” to formal enforcement actions like consent orders.
But when deficiencies suggest willfulness – meaning the institution knew about compliance gaps and failed to remediate them – examiners refer cases to FinCEN and DOJ. That referral transforms regulatory examination into criminal investigation. Suddenly you’re not dealing with bank examiners discussing remediation plans. You’re dealing with federal prosecutors using the bank examination reports as probable cause for grand jury subpoenas, target letters, and eventually, deferred prosecution agreements or indictments.
TD Bank case demonstrates how this progression works. Examiners identified AML program deficiencies years before the $1.8 billion settlement. The bank received regulatory feedback, promised remediation, but failed to implement effective controls. Prosecutors argued that pattern showed willfulness – the bank knew it wasn’t monitoring transactions adequately, knew money laundering was occurring, and consciously chose not to invest in fixing the problem because doing so would be expensive.
Brink’s Global Services: February 2025 Enforcement
In February 2025, Brink’s Global Services faced DOJ and FinCEN enforcement for BSA violations. Brink’s entered a non-prosecution agreement (NPA) with DOJ – meaning prosecutors agreed not to indict, contingent on the company remediating its AML program, cooperating with authorities, and accepting monitorship. NPAs function as probation for corporations: admit wrongdoing, pay penalties, submit to oversight, and if you comply for the NPA’s term, criminal charges won’t be filed.
What did Brink’s do wrong? The enforcement actions don’t provide granular details – a deliberate feature of NPAs and DPAs. DOJ describes the violation categories (failure to file SARs, inadequate transaction monitoring, deficient customer due diligence) without specifying which customers’ transactions went unreported or what suspicious activity the company missed. That vagueness serves prosecutors’ interests: it demonstrates enforcement activity without revealing investigative methods or compromising ongoing cases involving the customers whose transactions Brink’s failed to report.
For financial institutions negotiating these settlements, the lack of specificity creates problems. You’re admitting to conduct prosecutors describe generally without knowing exactly which transactions were deemed suspicious or why your monitoring system failed to detect them. That information asymmetry weakens your negotiating position – you can’t effectively challenge the government’s characterization without knowing precisely what conduct is at issue.
Recent October 2025 SAR Guidance
On October 8, 2025, OCC, FinCEN, Federal Reserve, FDIC, and NCUA jointly issued FAQ guidance on Suspicious Activity Reporting. The guidance addresses when institutions must file SARs, what information must be included, and how to handle situations where multiple institutions are involved in potentially suspicious transactions.
Why does updated SAR guidance matter? Because it reflects evolving enforcement priorities. When regulators clarify what constitutes adequate SAR filing, they’re signaling what deficiencies they’ll scrutinize in future examinations. The October 2025 guidance emphasizes that institutions must file SARs when they detect “red flags” of potential money laundering – even if they can’t determine with certainty that criminal activity occurred.
That standard is dangerously low. Financial institutions must report suspicions, not proof. But what separates legitimate business transactions from “red flags” often involves judgment calls about customers’ business models, transaction patterns, and explanations for unusual activity. File too many SARs, you’re wasting FinCEN’s resources and potentially harming customers whose lawful business practices get flagged. File too few, you’re facing BSA violations and potential criminal liability for failing to detect suspicious activity.
The guidance also clarifies that institutions can’t simply rely on automated transaction monitoring systems. Compliance officers must review alerts generated by those systems, investigate potential suspicious activity, and make independent determinations about whether SAR filing is warranted. That human judgment requirement means individuals – not just institutions – face exposure when SARs aren’t filed for transactions that prosecutors later determine were obviously suspicious.
$25 Billion in Penalties Since 2010
DOJ’s Bank Integrity Unit has imposed over $25 billion in total penalties since its creation in 2010. Those figures include criminal fines, civil penalties, forfeiture, and restitution across cases involving BSA violations, money laundering, sanctions evasion, and fraud. The unit targets not just major banks but credit unions, money services businesses, casinos, and any financial institution subject to BSA requirements.
Two recent casino settlements demonstrate the reach. DOJ settled investigations into alleged money laundering and BSA violations at two casinos, imposing $7.45 million in combined fines and mandating compliance upgrades. Casinos face unique AML challenges – large cash transactions are normal business operations, customer due diligence is complicated by patron privacy expectations, and detecting structured transactions requires sophisticated monitoring when customers use chips, cash, and electronic transfers interchangeably.
But the same BSA requirements apply. Casinos must file Currency Transaction Reports for cash transactions exceeding $10,000, identify and report suspicious activity, and implement risk-based AML programs. When they fail, prosecutors treat those failures as willful violations enabling money laundering – even if the casino didn’t knowingly facilitate criminal proceeds.
Defending Financial Institutions Under Investigation
When federal prosecutors or regulators launch investigations, most financial institutions focus on cooperation: disclosing examination findings, remediating compliance deficiencies, and negotiating settlements. That’s often appropriate – fighting BSA enforcement creates reputational risk, threatens regulatory relationships, and rarely succeeds given the deference courts grant to agency expertise.
But cooperation isn’t capitulation. Strategic defense involves several elements. First, challenging the characterization of violations as “willful.” The difference between negligent compliance failures and willful violations is the difference between civil penalties and criminal prosecution. If your institution had AML controls in place that failed due to system limitations or resource constraints – not because management consciously decided compliance was optional – that’s negligence, not willfulness.
Second, limiting individual liability. Corporate settlements often require institutions to identify individuals responsible for compliance failures. DOJ expects banks to conduct internal investigations, interview employees, and produce evidence that might incriminate compliance officers or executives. That creates conflicts between institutional and individual defense counsel. We represent individuals separately from institutions precisely because their interests diverge when prosecutors demand scapegoats as part of corporate settlements.
Third, negotiating reasonable monitorship terms. Multi-year monitorships impose independent overseers who review compliance operations, approve policy changes, and report to DOJ or regulators. Monitors have access to everything – internal communications, board materials, compliance decisions. They’re effectively embedding government oversight inside the institution for years. Negotiating the monitor’s scope, authority, and reporting obligations determines whether monitorship is manageable or crippling.
Fourth, preserving attorney-client privilege during internal investigations. When institutions conduct internal investigations to assess BSA compliance, those investigations generate attorney work product and privileged communications. But prosecutors often demand waiver of privilege as a condition of cooperation credit. Selective waiver – producing some privileged materials while protecting others – rarely survives court challenges. You’re either privileged or you’re not.
At Spodek Law Group, we’ve defended financial institutions facing examinations that revealed systemic AML deficiencies, represented compliance officers targeted by DOJ for allegedly willful failures to file SARs, and negotiated settlements that avoided criminal prosecution while limiting monitorship duration and scope. Todd Spodek has represented clients where prosecutors argued that compliance failures demonstrated criminal intent, and we’ve secured outcomes recognizing that resource limitations and competing priorities explain many BSA violations – without criminal culpability.
Constitutional principles demand that criminal liability requires mens rea – guilty mind. BSA violations increasingly get prosecuted without meaningful inquiry into whether institutions or individuals actually intended to facilitate money laundering, or whether they simply failed to meet impossible compliance expectations in a regulatory environment that keeps expanding reporting obligations without corresponding guidance about what’s required. Vigorous defense requires forcing prosecutors to prove willfulness, not just negligence disguised as deliberate indifference. We’re available 24/7.