Risk Queue
Posts
SEC $151 M Fine for JP Morgan; Google on AI Risk Management for Banking; AML Scrutiny Continues

SEC $151 M Fine for JP Morgan; Google on AI Risk Management for Banking; AML Scrutiny Continues

Naeem Qasim
November 01, 2024

Hello everyone! Welcome back to the Risk Queue. This week, JP Morgan takes a big hit on conduct risk, Google takes on AI Risk in Banking and the AML scrutiny continues at a major bank. Let’s jump in!

-Enjoy, Naeem, CEO & Founder - Risk On Q

PICKS:

Fines - JP Morgan conduct review
Regulators - AML risk review
AI - Google’s view on AI risk in Banking

Risk Headlines

SEC Fines JP Morgan $151 Million for Five Enforcement Actions - source Reuters.com

Key Points:

JPMorgan Chase faces a $151 million settlement with the SEC covering five distinct enforcement cases, primarily centered around disclosure inadequacies and conflicts of interest across wealth management. The most significant case involves $100 million related to "conduit" products, where disclosure issues about discretionary trading authority created customer risk exposure. While the bank's self-reporting on the ETF matter resulted in penalty avoidance, the breadth of issues across multiple business lines suggests a need for comprehensive review of disclosure practices and conflict management procedures, expect other Firms to receive similar reviews.

_________________________________

Banks’ Strategy of Extending Commercial Loans Found to Escalate Financial Risk - source costar.com

Key Points:

The banking sector faces a critical juncture with the New York Fed warning of increasing financial fragility due to widespread "extend-and-pretend" practices in commercial real estate lending. With a $1.26 trillion maturity wall peaking in 2027, combined with a 20% decline in property values and nearly 2,000 banks exceeding regulatory CRE exposure thresholds, the industry faces potential widespread defaults and consolidation, particularly among regional and smaller banks.

A.I. Risk / Technology Risk

Google & AIR Set Out Framework for AI Risk in Banking Sector - source fintechmagazine.com

Key Points:

The convergence of generative AI and banking presents a transformative opportunity worth £270B annually, but requires fundamental redesign of risk management frameworks. Google Cloud and AIR's framework highlights critical gaps in current governance structures and regulatory guidance, while emphasizing the urgent need for industry-wide collaboration.

_________________________________

Beyond the Hype - Adopting Generative AI in Banking with Deutsche Bank - source corporates.db.com

Key Points:

Generative AI presents a transformative opportunity for banks to enhance productivity and competitive advantage through improved compliance, client engagement, and risk management. A structured, three-stage implementation approach is recommended, starting with basic text analysis and progressing to more complex autonomous capabilities. Success depends on robust quality controls, risk management frameworks, and careful consideration of regulatory requirements, with particular attention to data quality and cybersecurity. Successful GenAI adoption in banking requires a methodical, risk-aware approach that balances innovation with robust controls.

Regulatory News - Fines, Losses, & Rules

Bank of America is the latest Bank to Face AML Scrutiny - source American Banker at yahoo.com

Key Points:

Bank of America faces heightened regulatory scrutiny over its AML compliance program, following a pattern seen with TD Bank and Wells Fargo's recent enforcement action. While the bank doesn't expect material financial impact, potential growth restrictions could affect expansion plans across consumer banking, payments, and trading. This regulatory focus, combined with the separate CFPB Zelle investigation, signals increasing regulatory attention on both traditional AML risks and emerging digital payment vulnerabilities.

_________________________________

OCC Acting Comptroller Discusses Frameworks to Identify Systemic Risk - source occ.gov

Key Points:

Acting Comptroller Hsu presents a sophisticated new framework for understanding systemic risk, categorizing threats as "known knowns" (like CRE), "known unknowns" (like cyber risks), and "unknown unknowns" (like quantum computing risks). His emphasis on balancing decisive action with careful analysis, illustrated through the Hellespont metaphor, suggests a shifting regulatory approach that will require banks to demonstrate both proactive risk management and thoughtful restraint.

Risk Data to Geek Out On

A Detailed Briefing of the SEC Examination Priorities for Fiscal Year 2025 - source sec.gov

Key Points:

Here is a deep dive into the SEC's Division of Examinations priorities for Fiscal Year 2025, which signal a fundamental shift toward comprehensive oversight of technological innovation while maintaining market stability.

Banks face immediate pressure to enhance their digital infrastructure, particularly around AI governance, cybersecurity, and T+1 settlement capabilities. The regulatory focus on operational resilience and third-party risk management may require significant investments in technology and risk management frameworks.

Fiduciary Duty and Compliance

Focus Area	Key Components	Examination Elements
Investment Advice	• High-cost products • Unconventional instruments	• Interest rate sensitivity • Illiquid assets
Dual Registrants	• Conflict assessment • Investment advice suitability	• Affiliated broker-dealer relationships • Potential conflicts
Compliance Programs	• Marketing • Valuation	• Trading practices • Portfolio management • Custody

Private Fund Scrutiny

Focus Area	Key Components	Examination Elements
Disclosures and Fiduciary Duty	• Practice alignment • Market volatility impact	• Interest rate fluctuations • Disclosure accuracy
Fees and Expenses	• Fee calculation accuracy • Allocation verification	• Fund-level review • Investment-level review
Conflicts of Interest	• Disclosure evaluation • Policy adequacy	• Debt usage • Investment allocations • Affiliated services
Rule Compliance	• Form PF amendments • Marketing rules	• Implementation review • Compliance verification

Regulation Best Interest and Form CRS

Focus Area	Key Components	Examination Elements
Recommendations	• Complex products • High-risk products	• Customer best interest • Suitability assessment
Conflicts of Interest	• Disclosure review • Mitigation practices	• Identification procedures • Elimination protocols
Form CRS	• Content assessment • Delivery verification	• Service descriptions • Fee transparency • Disciplinary history

Information Security and Operational Resiliency

Focus Area	Key Components	Examination Elements
Cybersecurity	• Policy review • Procedure assessment	• Governance practices • Incident response
Data Protection	• S-ID compliance • S-P compliance	• Customer records • Information safeguarding
T+1 Settlement	• Preparedness evaluation • Operational impact	• Implementation readiness • Process changes

Emerging Technologies and Crypto Assets

Focus Area	Key Components	Examination Elements
Digital Engagement	• Automated tools • AI implementation	• Trading algorithms • Investor profile alignment
Crypto Services	• Standards of conduct • Compliance practices	• Risk disclosures • Operational resilience

AML and Sanctions Compliance

Focus Area	Key Components	Examination Elements
AML Programs	• Business model tailoring • Risk assessment	• Program customization • Implementation effectiveness
Customer Identification	• Program evaluation • Beneficial ownership	• Entity verification • Documentation review
Reporting and Compliance	• SAR filing obligations • OFAC sanctions	• Monitoring systems • Compliance verification

_________________________________

Thank you for reading,

Naeem

p.s. If you find the Risk Queue newsletter helpful please subscribe and share it with a friend or colleagues, you can find it here!