Back when the story of how Wachovia helped drug cartels launder money was breaking in 2010, reports said that cartels had also used Citi to launder their money.

A Mexican judge on Jan. 22 accused the owners of six centros cambiarios, or money changers, in Culiacan and Tijuana of laundering drug funds through their accounts at the Mexican units of Banco Santander SA, Citigroup Inc. and HSBC, according to court documents filed in the case.

Citigroup, HSBC and Santander, which is the largest Spanish bank by assets, weren’t accused of any wrongdoing. The three banks say Mexican law bars them from commenting on the case, adding that they each carefully enforce anti-money-laundering programs.

HSBC has stopped accepting dollar deposits in Mexico, and Citigroup no longer allows non-customers to change dollars there. Citigroup detected suspicious activity in the Tijuana accounts, reported it to regulators and closed the accounts, Citigroup spokesman Paulo Carreno says.

At the time, it seemed that Citi had reported the attempted money laundering as required by US bank secrecy laws.

I guess they didn’t report everything they were supposed to. The Office of the Comptroller and the Currency, Citi’s regulator, just announced a cease and desist order covering inadequacies in Citi’s anti-money laundering compliance.

(3) Some of the critical deficiencies in the elements of the Bank’s BSA/AML compliance program include the following:
(a) The Bank has internal control weaknesses including the incomplete identification of high risk customers in multiple areas of the bank, inability to assess and monitor client relationships on a bank-wide basis, inadequate scope of periodic reviews of customers, weaknesses in the scope and documentation of the validation and optimization process applied to the automated transaction monitoring system, and inadequate customer due diligence;
(b) The Bank failed to adequately conduct customer due diligence and enhanced due diligence on its foreign correspondent customers, its retail banking customers, and its international personal banking customers and did not properly obtain and analyze information to ascertain the risk and expected activity of particular customers;
(c) The Bank self-reported to the OCC that from 2006 through 2010, the Bank failed to adequately monitor its remote deposit capture/international cash letter instrument processing in connection with foreign correspondent banking;
(d) As a result of that inadequate monitoring, the Bank failed to file timely SARs involving remote deposit capture/international cash letter activity in its foreign correspondent banking business; and
(e) The Bank’s independent BSA/AML audit function failed to identify systemic deficiencies found by the OCC during the examination process. [my emphasis]

Note that among other things, Citi took this opportunity to ‘fess up to not adequately monitoring the use of cash letters (see this article for a description of how cash letters are used in money laundering) in the 2006-2010 period. You know? The period when Citi was reeling because it had invested too deeply in shitpile?

Now maybe in the near future, Treasury will release a similar notice telling us whether all this negligence on Citi’s part only could have–or actually did–help some nefarious types launder money. But for now, OCC’s not telling. Nor is OCC fining Citi (which they would normally do if Citi violates this consent order–banks, you see, get do-overs when they fuck up).

But while you’re contemplating what kind of money laundering Citi might have enabled, remember what our own government does to other countries’ banks that enable money laundering.

I’ll have several things to say about Jo Becker’s story on the big Hezbollah money laundering ring. For the moment, I’m most interested in how Treasury Department authorities uncovered the ring: by first declaring Lebanese Canadian Bank a money launderer, providing reason to break it up. When an affiliate of Société Générale agreed to buy the bank, they also agreed to scrub its money laundering accounts. To do so, it specifically had someone beyond the Big Four accounting firm that had “overlooked” the accounts in the past scrub the books, including bringing in John Ashcroft.

As part of its own agreement with Treasury officials, Lebanon’s Central Bank set up a process to scrub the books. But compliance officers at S.G.B.L.’s French partner, Société Générale, were skeptical of the Central Bank’s choice of investigators. One of them, the local affiliate of the international auditing firm Deloitte, had presumably missed the drug-related accounts the first time around, when it served as the Lebanese Canadian Bank’s outside auditor.

And, according to people knowledgeable about Lebanese banking, the central bank’s on-the-ground representative had been recommended to that post by Hezbollah.

As an extra step, to reassure wary international banks, the chairman of S.G.B.L.,  Antoun Sehnaoui, commissioned a parallel audit, with the help of Société Générale’s chief money-laundering compliance officer. And to make sure that his bank did not run afoul of Treasury officials by inadvertently taking on dirty assets, he also hired a consultant intimately familiar with the Patriot Act provision used to take the bank down: John Ashcroft, the former attorney general whose Justice Department wrote the law.

And then it investigated (presumably using pattern analysis) each and every account at the bank.

Initially, the auditors looked only at records for the past year. As they began combing through thousands of accounts, they looked for customers with known links to Hezbollah. They also looked for telltale patterns: repeated deposits of vast amounts of cash, huge wire transfers broken into smaller transactions and transfers between companies in such wildly incongruous lines of business that they made sense only as fronts to camouflage the true origin of the funds.

Each type of red flag was assigned a point value. An account with 1 or 2 points on a scale to 10 was likely to survive. One with 8 or 9 cried out for further scrutiny. Ultimately, the auditors were left with nearly 200 accounts that appeared to add up to a giant money-laundering operation, with Hezbollah smack in the middle, according to American officials. Complex webs of transactions featured the same companies over and over again, most of them owned by Shiite businessmen, many known Hezbollah supporters. Some have since been identified as Hezbollah fronts.

So effectively, they took a bank known to ignore money laundering controls and took it apart, piece by piece, to see all the money laundering it had sheltered.

Treasury required that the Lebanese Canadian Bank not only sell itself off, but in the process scrub each and every account at the bank for evidence of money laundering.

Mind you, Treasury is unlikely to do that, and not just because this is a US bank, not a foreign bank. It also won’t do that because Citi has already been deemed TBTF in the last month, after it failed its stress tests. So rather than dismantling it (and figuring out what money laundering Citi permitted to stay afloat), OCC will just make Citi promise not to do t again.