Citi fined US$136 mil for failing to fix regulatory issues

The Federal Reserve said Wednesday that its penalty was for Citi violating an enforcement action from 2020.

Citigroup will pay almost US$136 million ($183.44 million) in fines to US bank regulators over issues related to data-quality management and risk controls. 

The Federal Reserve said Wednesday that its penalty was for Citi violating an enforcement action from 2020. The bank will pay US$61 million to the Fed and about US$75 million to the Office of the Comptroller of the Currency.

“Citigroup has made insufficient progress remediating its problems with data quality management and failed to implement compensating controls to manage its ongoing risk,” the central bank said in a statement. 

Citi didn’t admit to or deny the regulator’s allegations. The bank is “taking steps to correct the violations” and to come into compliance, the Fed said.

The fines underscore how chief executive officer Jane Fraser has a ways to go in turning around the fourth-largest US bank by assets, which has struggled with meager profitability and a lackluster share price.

Since taking the helm in 2021, she’s set out to streamline the lender by exiting international retail markets and implementing a restructuring that’s simplified the bank into five key businesses. 

Fraser said in a statement that it was making good progress in addressing regulators’ demands, but that it hadn’t been fast enough in data-quality management.

“As we’ve said from the beginning of this multiyear effort, we’re committed to spending what is necessary to address our consent orders,” Fraser said. “We’ve always said that progress wouldn’t be linear, and we have no doubt that we will be successful in getting our firm where it needs to be in terms of our transformation.”

The fines stem from back-to-back regulatory actions in October 2020. 

The OCC levied a US$400 million penalty for shortcomings with the bank’s risk management, data governance programs and internal controls. At the same time the Fed issued a cease-and-desist order directing the bank to correct certain compliance risk management, data quality and internal controls practices. 

The actions came months after Citi reported that it had sent US$900 million of its own money mistakenly to creditors of Revlon, leading to a lengthy court fight to get the money back. 

The bank later filed plans with regulators to fix weaknesses with its risk management and internal controls.