Metropolitan Commercial Bank has been fined $14.5mn by the US Federal Reserve Board (FRB) over falling short in its process when it comes to KYC.
The FRB, declared that the New York-based Metropolitan Commercial Bank has been exhibiting ‘deficient’ third-party risk management practices in relation to prepaid card issuing.
As per the indictment, the prepaid card account service was launched by the bank back in 2020 which has since been used by illicit actors to collect “illegally-obtained state unemployment insurance benefits” – an outcome of the bank’s violations regarding customer identification rules of the Bank Secrecy Act.
Bad actors were able to open prepaid card accounts through a third-party program manager, bypassing the protections in place for verifying applicants’ identity, the indictment further read.
As a result, the Board has required Metropolitan to improve its third-party risk management programs, customer due diligence and identification procedures.
The FRB’s decision has been taken parallel to actions currently in motion by the New York Department of Financial Services – the state supervisor of Metropolitan – with the combined penalties issued by both organisations totalling around $30mn (£24.6mn).