Metropolitan Commercial Bank has agreed to pay $30 million to the Federal Reserve Board and the New York State Department of Financial Services for failing to prevent what regulators called "massive fraud" in a prepaid card program during the pandemic.
Superintendent of Financial Services Adrienne A. Harris announced a settlement and consent order Thursday that resolves an investigation into $6.7 billion-asset Metropolitan, which is based in New York.
Metropolitan was the sponsoring bank of digital prepaid Visa cards offered by MovoCash, a Palo Alto, California-based provider of mobile payments that calls itself a neobank. More than $300 million in pandemic unemployment benefits were misdirected into the MovoCash accounts of fraudsters, according to the New York regulators.
The bank's 16-page consent order with New York regulators states that "unidentified, third-party fraud actors were able to misdirect hundreds of millions of dollars through MovoCash card accounts."
Metropolitan failed to maintain a compliant and effective anti-money laundering program and conducted its banking business in an unsafe and unsound manner, according to regulators. The New York State Department of Financial Services investigation found weak controls at Metropolitan.
Metropolitan "failed to prevent a massive, ongoing fraud in the MovoCash prepaid card program, allowing bad actors to abuse the financial system," Harris said in a press release. "During the pandemic, scammers used sophisticated tactics to take advantage of vulnerable New Yorkers at a time when institutions should have been most vigilant."
The New York state agency fined Metropolitan $15 million. It coordinated its investigation with the Federal Reserve Board and the Federal Reserve Bank of New York, which reached a
Mark DeFazio, Metropolitan's president and CEO, said in a statement that the bank terminated its relationship with MovoCash in 2020. As the sponsoring bank, Metropolitan was responsible for ensuring that the program complied with applicable laws, including maintaining an effective customer identification program.
MovoCash declined to comment for this article.
Metropolitan, which got into the crypto business
Last year, Bank of America
And in February, U.S. Bancorp disclosed that
In the Metropolitan case, New York regulators said that fraudsters opened MovoCash card accounts with fraudulently obtained personal identifying information and were able to steal direct deposit payroll payments as well as government unemployment benefits.
Though Metropolitan witnessed a surge of fraudulent MovoCash account openings after the passage of the Coronavirus Aid, Relief, and Economic Security Act, also known as the CARES Act, the bank failed to stop the fraud, NYSDFS said in its complaint. Metropolitan was aware of and acknowledged the ongoing fraud, but it failed to submit a report to the New York regulators immediately upon discovering the fraud, as is legally required.
"The bank's failure to act sooner helped facilitate more than $300 million in pandemic unemployment benefits to be misdirected to the MCB-sponsored MovoCash accounts of unidentified, third-party fraud actors," NYSDFS said.
As a result, Metropolitan now faces a laundry list of remediation and reporting requirements with its regulators, including stricter oversight of third-party program managers and improvements to its Bank Secrecy Act and anti-money-laundering programs.
In its cease-and-desist order, the Fed said that Metropolitan opened prepaid card accounts for illicit actors without having adequate procedures for verifying each applicant's true identity, in violation of customer identification rules of the Bank Secrecy Act. The Fed is requiring Metropolitan to improve its customer identification, customer due diligence and third-party risk management programs.
Metropolitan's
He thanked regulators for acknowledging "the actions and enhancements we voluntarily undertook" and complimented the bank's employees for trying to claw back money from fraudsters.
"The consent orders relate to a unique challenge that arose for a short period at the height of the COVID-19 pandemic," he said, adding that the bank "was committed to supporting the government's provision of stimulus funds and expanded unemployment insurance benefits to millions of Americans, particularly underserved consumers who did not have traditional bank accounts."
Metropolitan said the $30 million in fines are covered by provisions taken in prior periods.
