N.Y. Regulator Lawsky Says Banks Need Money-Laundering Spot Checks
New York’s banking regulator floated a plan Wednesday to spot-check banks’ money laundering controls and hold executives accountable if they fail.
Benjamin Lawsky, superintendent of New York’s Department of Financial Services, made the remarks in a speech at Columbia Law School, where he argued for an active role for state regulators in policing American finance.
“A false sense of security bred by more than 60 years of relative financial stability and economic prosperity made regulators slow to respond to emerging risks,” he said, according to his prepared remarks. States “should not be afraid to speak up and act if we spot new risks emerging in the market.”
Lawsky also renewed his calls for banks to fortify their cyber defenses against an “Armageddon-type cyber event” targeting the U.S. financial system. He said banks should introduce multi-factor authentication systems, which require a second layer of security — such as asking users to enter a randomly generated password sent to a phone or e-mail account — to augment usernames and passwords.
Lawsky has stood out among regulators for an aggressive stance against banks since his agency was created in 2011. The ideas he voiced Wednesday weren’t given a timeline, however, and come as Lawsky has been the subject of speculation that he is preparing to leave the post.
Random audits of global banks’ internal filtering systems might be next, Lawsky said. The goal would be to check that banks’ anti-money laundering controls are working. He also said he is considering a new rule requiring senior bank executives to attest to the adequacy and effectiveness of those controls.
Lawsky said the requirement for executives to vouch for the quality of their banks’ controls is based on a provision of the Sarbanes-Oxley Act, which was designed to strengthen controls against accounting fraud.
“Money is the oxygen feeding the fire that is terrorism. Without moving massive amounts of money around the globe, international terrorism cannot thrive,” he said.
Regulators have largely relied on self-reporting by firms that discover that banned transactions have occurred, Lawsky said. “What regulators have not done is actively tested the effectiveness of the filtering systems banks are using. That needs to change,” he said.
Lawsky is the first head of DFS, which was formed by combining the state’s banking and insurance departments to oversee the country’s biggest concentration of global banks.
He established a reputation as an aggressive regulator in 2012, when he threatened to revoke the banking license of Standard Chartered Plc over allegations that the London bank broke U.S. sanctions laws. The bank settled with Lawsky’s agency, a state prosecutor and federal regulators.
Lawsky has declined to address reports that he’s planning to leave his job this year for the private sector. His spokesman has said that Lawsky “loves his job and is very busy doing it to the best of his ability each day.”
Related Articles:
- N.Y. Announces New, Targeted Cybersecurity Assessments for Insurers
- New York DFS Announces New Cybersecurity Assessment Process for Banks
- New York DFS Superintendent Lawsky Leaving After $3B in Fines Makes Mark
- New York’s Lawsky Says Punishing Individuals Is Essential to Deterrence
- Lawsky: Regulators’ Stance on Life Insurers’ Captives Leaves Gaping Problem