U.S.-based financial services company, Citibank has recently faced scrutiny from The Office of the Comptroller of the Currency for deficits in its risk management and internal controls processes. According to the agency, there were some longstanding and serious deficiencies, and unsafe practices in Citibank's overall data governance and risk management.
The regulators have fined the bank for US$400 million, stating that the OCC took these actions as a result of the Citibank’s incompetency to build effective risk management & data governance programs as well as internal controls.
The penalty comes in tandem with a related enforcement action by the Federal Reserve Board against Citibank's parent firm, Citigroup. The board issued a cease and desist order that requires Citigroup to improve its risk management practices, specifically in data quality management, risk management, and internal controls.
Responding to these allegations, Citi said that it is fully committed to addressing these concerns raised by the regulators. The firm explained that it has significant ongoing remediation projects underway that would strengthen their infrastructure, internal control and governance.
In addition to this, they plan to invest more than $1 billion in 2020 in its risk management and controls efforts, and has employed a chief administrative officer to integrate management of the program and ensure its completion.
Sources cite that Citi's board will have to submit a plan within 120 days on how it will oversee the required improvements, including holding senior management responsible for executing remediation plans and ensuring that incentive pay of senior managers is aligned with risk management incentives.
Apart from this, the bank is required to do a gap analysis of the changes required to its internal controls systems and enterprise-wide risk management framework in three areas, namely liquidity risk management, capital planning, and compliance risk management.
The order also touts the need for improving Citi's compliance risk management program and data quality management practices.
Source Credit: https://edition.cnn.com/2020/10/07/investing/citigroup-fine-risk-management/index.html