The Consumer Finance Protection Board (CFPB) fine agreed to by Wells Fargo of $100 million is the largest in the agency’s short history. (Another $85 million was tacked on by paying $35 million to the Office of the Comptroller of the Currency and $50 million to the City and County of Los Angeles.) The total fine of $185 million were assessed based upon the bank’s conduct of opening over 2 million phantom bank and credit card accounts, usually without customers’ knowledge.

The stunningly newsworthy item was the incentives put in place by the bank’s management to open these accounts, with no controls in place to ascertain their validity. It was almost as if management was telling its employees to go ahead and break the law, as long as we make money, you will not receive any employment discipline, such as termination. However, the bank was caught and fired the allegedly 5000 culpable employees.

Of a somewhat disconcerting note was the lack of any enforcement action against senior management. The employee base was only following the incentive structure set out by management. Moreover, if a company is going to set such an aggressive sales target, it must have internal controls in place to ascertain the sales goals were hit only in compliance with applicable laws banking laws but also with company internal controls.

The Wells Fargo CFPB enforcement action drives home that it is mandatory that senior management set an appropriate tone that illegal actions and even short cuts will not be tolerated. Much like Enron had before it collapsed into ignominy, Wells Fargo has a strong Code of Conduct. Yet this Code did not stop some 2 percent of the entire workforce from engaging in conduct which led to their collective employment termination.

But more than only setting an appropriate tone at the top, management must put internal controls in place to prevent and detect fraud and other illegal activity. If it fails to do so, there will be no check on employee behavior. Even in the world of banking, the Ronald Reagan intonation to “trust but verify” holds true.

Continue the conversation at Compliance Week Europe: 7-8 November at the Crowne Plaza Brussels. Join us as we look at changes in global anti-corruption regulations, slave labor risks in your supply chain, and how to detect fraud, to name just a few topics. Learn more

Topics