American Express National Bank has been slapped with a $15 million civil penalty for governance and oversight failures related to a third-party affiliate and for regulatory violations relating to certain efforts to retain small business customers, the OCC announced.
According to the OCC’s consent order, between 2015 to 2017, “as part of large-scale efforts to retain small business customers,” American Express allegedly engaged in the following practices:
- Failed to properly govern and oversee the efforts of a third-party affiliate used to retain such customers, including the third-party affiliate’s call monitoring and documentation processes and its tracking and monitoring of customer complaints;
- Failed to gather employer identification numbers for certain of such customers and properly maintain records regarding compliance with the Customer Identification Program (CIP) regulations; and
- Failed to properly maintain records related to its effort to retain such customers and, later, produce them in response to OCC requests.
Due to these failures, the OCC found that American Express “violated CIP regulations and recklessly engaged in unsafe or unsound practices,” and that “such violations and practices were part of a pattern of misconduct.”
American Express neither admitted nor denied the OCC’s findings. 
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.