FINRA Fines Citigroup for Failing to Detect Fraud

Thursday, August 11, 2011



The Financial Industry Regulatory Authority (FINRA) announced today that it has fined Citigroup Global Markets, Inc. $500,000 for failing to supervise Tamara Moon, a former registered sales assistant at the firm's branch office in Palo Alto, California.

Over an 8 year period, Moon misappropriated $749,978 from 22 customers, falsified account records and engaged in unauthorized trades in customer accounts.  

Moon took advantage of Citigroup's supervisory lapses at the branch and targeted elderly, ill or otherwise vulnerable customers whom she believed were unable to monitor their accounts.

Moon's victims included elderly widows, a senior with Parkinson's disease and her own father. FINRA previously barred Moon for her actions and is continuing to investigate other individuals involved in the supervision of Moon.

FINRA found that Citigroup failed to detect or investigate a series of "red flags" that upon further inquiry should have alerted the firm to Moon's improper use of customer funds. The red flags included exception reports highlighting conflicting information in new account applications and customer account records reflecting suspicious transfers of funds between unrelated accounts.

Citigroup also failed to implement reasonable systems and controls regarding the supervisory review of customer accounts, thus enabling Moon to falsify new account applications and other records.

Brad Bennett, Executive Vice President and Chief of Enforcement said, "Tamara Moon used her knowledge of Citigroup's lax supervisory practices at the branch to take advantage of some of the firm's most vulnerable customers, including the elderly. Citigroup had reason to know what she was doing and could have stopped her."

In one incident, Moon misappropriated nearly $80,000 from an elderly widow's account. An exception report highlighted two address discrepancies in the customer's account documents where the street address did not correspond to the city and zip code provided for the address and the telephone prefix did not match the zip code of the address.

Moon, who had entered the account information, attempted to explain to Citigroup that the discrepancies arose because the client had moved to Arizona, an explanation that did not seem reasonable. Nonetheless, Citigroup accepted Moon's explanation without further inquiry, thus enabling Moon to continue her misappropriation of customer funds.

Citigroup also failed to detect suspicious activity involving transfers and disbursements in the accounts Moon used to misappropriate customer funds.  

In another instance, Moon created an account in the name of a deceased customer even after Citigroup had been notified that the customer was deceased. Moon then created a fraudulent account in the name of the deceased customer's widow.

Moon transferred $10,440 from the deceased customer's fraudulent account to the widow's fraudulent account. A few weeks later, Moon had checks issued for $5,000 and $2,500 from the fraudulent account set up in the widow's name to Moon's personal bank account.

In a separate incident, Moon transferred $150,000 from an account held by a customer to a fraudulent account Moon created in her father's name. Two days later, Moon transferred $90,000 from the fraudulent account in her father's name to an account Moon controlled.

Citigroup's review of customer account records was deficient and prevented the firm from detecting red flags concerning Moon's misconduct.

In concluding these settlements, the firm neither admitted nor denied the charges, but consented to the entry of FINRA's findings.


Possibly Related Articles:
fraud scams Compliance Regulation Banking Headlines FINRA Citigroup
Post Rating I Like this!
Chris Rich Ms. Moon’s exploitation of the ill and elderly is deplorable and Citibank did the right thing by admitting they failed to properly supervise her actions. Is $500,000 enough of a fine and what about the accounts belonging to the victims? Citibank should have gone a step further to publicly outline actions to prevent this from happening again. Regulatory oversight is needed however, in this case, I feel the implementation (fine) does not restore what was lost financially not to mention the trust that was broken with other customers as a result.

Chris Rich
Product Manager
NetWrix Corporation
NetWrix is #1 for Change Auditing: Simple, Lightweight, Affordable
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.