Deloitte Incident Highlights Compliance Risk for Lenders
In the recent past I have written about the fact that the business fall-out from regulatory problems is a compliance-related risk that should not be overlooked. Look no farther than what happened to Deloitte this past week.
On Tuesday it was announced that Deloitte was being barred from providing consulting services in New York because, at a client’s request, it removed certain language from a report to the New York State Department of Financial Services concerning the client's anti-money laundering practices. Importantly, this one-year ban (and $10 million fine) was assessed despite the fact that there was "no evidence the consultant helped the bank illegally launder money." Rather, the department found, "Deloitte failed to show autonomy and objectivity."
Beyond the loss of business and the fine, Deloitte's biggest problem lies ahead. Already banks are publicly stating that they will not work with the firm due to the fact it is "stained" by the incident, citing to "vendor management" concerns. What is important for lenders to realize is this did not involve the Consumer Financial Protection Bureau and did not relate to a violation of a consumer protection law. It also involved a large consultant with a lengthy history and international reputation. Nevertheless, business partners are not hesitating to look elsewhere for assistance. What does that mean (in terms of business risk) for a community bank or non-depository charged with violating a consumer protection law?