OCC raps MUFG Union Bank for risk management deficiencies

By Jaclyn Jaeger2021-09-21T16:39:00+01:00

No comments

The Office of the Comptroller of the Currency (OCC) on Monday issued MUFG Union Bank a cease-and-desist order for “unsafe or unsound practices regarding technology and operational risk management.”

The order alleges MUFG is not in compliance with Federal Reserve guidelines on information security standards. In an accompanying press release, the OCC stated it will pursue enforcement against MUFG if the deficiencies identified are not remediated in a timely manner.

Key requirements: MUFG’s board has until Oct. 20 to appoint a three-member compliance committee primarily comprised of directors who are not affiliated with the bank in any capacity, the order states. The bank must develop a written action plan that details the remedial actions necessary to address the deficiencies noted by the OCC.

MUFG must outline how it intends to improve:

Reporting to the board and senior management on the bank’s technology and operations risk;
Technology risk assessment processes, internal controls, and staffing deficiencies;
Policies, procedures, processes, and internal controls within its technology and operations environments; and
Data management and reporting practices to ensure accurate risk, regulatory, and other reporting.

In its order, the OCC noted MUFG “has begun corrective action and has committed resources to remediate the deficiencies.”

Board responsibilities: The consent order further imposes responsibilities upon the board of MUFG, including that it:

Authorize, direct, and adopt corrective actions on behalf of the bank as may be necessary to perform the obligations and undertakings imposed by the order;
Ensure the bank has sufficient processes, management, personnel, control systems, and corporate and risk governance to implement and adhere to all provisions of the order;
Require management and personnel have sufficient training and authority to execute their duties and responsibilities pertaining to or resulting from the order and hold them accountable for executing their duties and responsibilities; and
Require appropriate, adequate, and timely reporting to the board by management of corrective actions and address any noncompliance with those corrective actions in a timely and appropriate manner.

Of note: U.S. Bancorp on Tuesday announced it has entered into a definitive agreement to acquire MUFG’s core regional banking franchise from Mitsubishi UFJ Financial Group. In the announcement, U.S. Bank acknowledged the consent order, noting it “evaluated and incorporated these regulatory concerns into all aspects of the deal process, including due diligence, integration planning and valuation.

“The company believes it can successfully remediate the issues applicable to MUFG Union Bank in connection with the transaction, and that the order will not restrict U.S. Bancorp’s ability to operate and grow its business as planned.”

The transaction, subject to regulatory approval, is expected to close in the first half of 2022.

Jaclyn JaegerJaclyn Jaeger is an editor with Compliance Week and has written on a wide variety of topics, including ethics and compliance, risk management, legal, enforcement, technology, and more.

Topics

No comments

Article
Biden’s pick to head OCC favors tighter regulation of FinTech
2021-09-24T20:02:00Z
President Joe Biden’s nominee for Comptroller of the Currency, Cornell law professor Saule Omarova, continues a Democratic pattern of choosing potential regulators who believe in stricter control of the markets.
Article
Credit Suisse reaches $475M global resolution in corruption case
2021-10-19T22:04:00Z
Credit Suisse Group and U.K. subsidiary Credit Suisse Securities (Europe) reached an approximately $475 million global settlement with U.S. and U.K. authorities for the bank’s role in a long-running tainted loan corruption scheme.
Article
Options Technology appoints chief risk officer
2021-10-19T17:32:00Z
Managed trading infrastructure provider Options Technology announced the appointment of Marlena Efstratopoulou as chief risk officer.

No comments yet

You're not signed in.

Only registered users can comment on this article.

More Regulatory Enforcement

Article
CEO of Navy contractor charged with bribery
2021-10-19T16:13:00Z
Frank Rafaraci, CEO of Malta-based ship maintenance company Multinational Logistics Services, has voluntarily returned to the United States to face a criminal charge for his alleged role in a bribery scheme.
Article
GDPR enforcement roundup: Austrian Post facing new record fine
2021-10-18T16:56:00Z
The Austrian Post is once again appealing what would be a record GDPR fine in the country after successfully defending itself in the first instance. Other recent decisions under the law provide further enforcement trends.
Article
CFTC fines stablecoin Tether $41M for misleading investors
2021-10-15T20:11:00Z
Cryptocurrency firm Tether will pay $41 million to settle CFTC charges that it misled investors when it claimed its stablecoins were 100 percent backed by fiat currencies like the U.S. dollar and the euro.

Learn from the latest headlines and protect your company today

OCC raps MUFG Union Bank for risk management deficiencies

Topics

Related articles

Biden’s pick to head OCC favors tighter regulation of FinTech

Credit Suisse reaches $475M global resolution in corruption case

Options Technology appoints chief risk officer

No comments yet

Only registered users can comment on this article.

More Regulatory Enforcement

CEO of Navy contractor charged with bribery

GDPR enforcement roundup: Austrian Post facing new record fine

CFTC fines stablecoin Tether $41M for misleading investors