Citigroup has been fined for deficiencies in enterprise-wide risk management, data governance, and internal controls
New York-based Citigroup has been fined $400m by the US regulators for significant ongoing deficiencies across several areas of its risk management.
The regulators have identified deficiencies in the areas of data quality management and regulatory reporting, compliance risk management, capital planning and liquidity risk management.
The US Federal Reserve had previously identified enterprise-wide risk management and controls deficiencies in the financial services firm.
In 2013, it found deficiencies in Citigroup’s anti-money laundering compliance programme and, in 2015, deficiencies were identified in its compliance and control infrastructure related to its foreign exchange programme and designated market activities.
The Federal Reserve said that Citigroup failed to properly remediate the longstanding deficiencies.
In a statement, the bank said: “We are disappointed that we have fallen short of our regulators’ expectations, and we are fully committed to thoroughly addressing the issues identified in the Consent Orders.
“Citi has significant remediation projects underway to strengthen our controls, infrastructure and governance.
“These projects are each multi-year and have received significant investment. However, while we have made progress in each of these areas, we recognize that substantial improvement is still required to meet the standards we have set for ourselves and that our regulators expect of us.”
Citigroup ordered to submit written plan describing the action plan within 120 days
The Office of the Comptroller of the Currency (OCC) said that the penalty is based on the bank’s unsafe or unsound banking practices.
Citigroup has been asked to submit a written plan within 120 days, describing the measures that it will take to execute its oversight of the matters identified by the regulators.
In November last year, the Prudential Regulation Authority (PRA) imposed a fine of £43.9m ($56.4m), on Citibank’s UK operations, for failing to accurately report regulatory returns between June 2014 and December last year.