Business

Citigroup to pay $400 million fine over risk management, compliance lapses

Citibank has agreed to pay a $400 million fine and overhaul its internal risk management, data protection and compliance controls to settle enforcement actions by the Federal Reserve Board and Office of the Comptroller of the Currency (OCC), the two regulators announced Wednesday.

The Fed and OCC took action against Citigroup for failing to address oversight gaps at the massive bank despite several violations of federal laws and bank regulations, the agencies said in separate consent orders.

Citigroup has agreed to pay $400 million to the U.S. Treasury to settle charges brought by the OCC and will seek the regulators’ approval before making major acquisitions. The bank also agreed to take “broad and comprehensive corrective actions to improve risk management, data governance, and internal controls.”

The Fed also imposed a cease and desist order on Citigroup, the bank’s holding company, ordering it to submit plans for how it will hold executives and senior leadership accountable for oversight lapses, align executive compensation with effective risk management, and improve reporting of compliance issues to senior leaders. Citigroup must also outline how it will improve data quality and internal checks on potential illegal conduct within the bank.

The Fed and OCC’s actions come less than a month after Citigroup announced that Michael Corbat, its chief executive since 2012, will retire in February. He is set to be replaced by Jane Fraser, president and chief executive of global consumer banking, who will be the first woman to helm a major U.S. bank.