The Office of the Comptroller of the Currency and the Federal Reserve fined Citigroup and its subsidiary, Citibank, $136 million for violating the risk management remediation benchmarks set by a 2020 enforcement action. The OCC fined Citibank $75 million and the Fed fined the bank $61 million.
The penalties resulted from the Citi’s failure to resolve its “longstanding” risk management, data governance and internal controls deficiencies at the bank. The OCC said Wednesday that Citi failed “to meet remediation milestones and make sufficient and sustainable progress towards compliance with the 2020 order,” adding that it has amended the order“to ensure Citibank prioritizes the remediation work, including through the allocation of sufficient resources.”
In 2020, the OCC stated that Citi’s risk management policies and internal safeguards had been insufficient for a bank of its size and complexity for several years. The agency also criticized the bank’s senior leadership for providing “inadequate” oversight to ensure these issues were promptly addressed.
The OCC identified shortcomings in Citi’s infrastructure for risk control, data management, and compliance, noting that these flaws had, in some instances, “contributed to violations of law and regulations.” In the two years leading up to the 2020 enforcement action, the OCC fined Citi tens of millions of dollars for issues related to fair lending, flood insurance, and foreclosure holdings.
Citi CEO Jane Fraser said in a statement that there are areas where Citi hasn’t made progress quickly enough, despite progress in other areas such as simplifying the firm and addressing the consent orders. Fraser added that Citi has “intensified” its focus on data quality management over the last several months.
“We will get these areas where they need to be, as we have done in other areas of the transformation. As we’ve said from the beginning of this multi-year effort, we’re committed to spending what is necessary to address our consent orders, as our agreement with the OCC demonstrates,” Fraser said.
Federal Reserve Finds Citi’s Remedial Efforts To Be Inadequate
The Federal Reserve revealed that its assessment of Citi’s compliance program resulted in the discovery of “significant ongoing deficiencies … with respect to various areas of risk management and internal controls, including for data quality management and regulatory reporting, compliance risk management, capital planning and liquidity risk management.”
