Federal Reserve Orders United Texas Bank to Improve Crypto Risk Management

On Wednesday, September 4, 2024, the United States Federal Reserve announced that it had issued a cease-and-desist order to United Texas Bank, citing “significant deficiencies” in its risk management and anti-money laundering (AML) procedures, particularly regarding its cryptocurrency customers.

The order follows an examination conducted by the Federal Reserve Bank of Dallas, which revealed that the bank’s corporate governance and oversight by its board and senior management did not meet federal standards. Concerns were raised about the bank’s compliance program, which reportedly failed to align with the requirements of the Federal Reserve, the Bank Secrecy Act (BSA), and regulations from the U.S. Treasury Department.

According to the consent order dated August 29, the examination highlighted notable deficiencies in the bank’s handling of foreign correspondent banking and virtual currency clients. The findings indicated shortcomings in risk management and compliance with applicable laws and regulations related to anti-money laundering.

The Federal Reserve’s order mandates that United Texas Bank submit a written plan to enhance its board’s oversight of AML compliance within the next three months. This plan must include the allocation of adequate resources and ensure that personnel responsible for AML and sanctions regulations possess the necessary expertise and authority to report directly to the board. Additionally, the bank is required to develop a corporate governance plan to be submitted within two months.

The order also instructs the bank to revise its BSA/AML compliance program. This revision must include a comprehensive risk assessment that evaluates all of the bank’s products and services, customer types, geographic locations, and transaction volumes to appropriately identify inherent and residual risks. Among the cited deficiencies were inadequate risk management practices concerning cryptocurrency customers and foreign correspondent banking operations.

As part of the compliance improvements, the bank must implement a customer due diligence program. This program is expected to mandate the collection of documentation to verify customer identities, sources of wealth, and business activities, along with expected transaction volumes. The order specifies that this program should also include a methodology for assigning risk ratings to customers. Furthermore, the bank is instructed to revise its suspicious activity monitoring and reporting program.

The consent order notes that United Texas Bank has already initiated steps to improve its AML protocols and reduce its BSA/AML risk profile. The bank neither admitted nor denied any allegations of unsafe and unsound banking practices when it signed the consent order on August 29.