French ACPR fines Crédit Agricole €1.5M for transaction monitoring failures.
The French regulator Autorite de controle prudentiel et de resolution (ACPR) has fined global lender Crédit Agricole €1.5 million after discovering that its transaction monitoring systems were built on a "incomplete set of scenarios."
The ACPR stated in a statement that the inspection mission employed the artificial intelligence application LUCIA during an on-site assessment of CRCAM Languedoc, which allowed controllers to process vast amounts of data.
540 gigabits (GB) of data, representing 750 million customer payment transactions from January 2018 to June 2020, were transferred as part of this inspection.
But according to the ACPR, "the use of this LUCIA tool was only revealed following a request from the establishment, an email prior to this request having only mentioned an ‘exploratory approach’ and LUCIA then being presented only as a prototype."
The organization continued by saying that the establishment "was not informed in good time of the use of almost all the data by LUCIA for control, and where appropriate, disciplinary purposes."
A system that "makes it possible to identify atypical transactions in order to carry out, if necessary, their closer examination or a declaration of suspicion to Tracfin" is essential, according to the ACPR.
Nevertheless, the Commission believed that this failure was "all the more open to criticism since the applicable provisions are old and have been explained for a long time,” as well as its belonging to the Crédit Agricole Group, “significant human, technical and financial resources."
The ACPR remarked that these failings "could not characterise a deficiency in the knowledge of the customer system" despite the fact that it believed that multiple specific violations of its responsibilities under KYC, including their income and assets, had been proved.
A "few faults" in the enhanced examination or declaration to Tracfin were also recognized by the ACPR.
By fLEXI tEAM