Banking

Another Crooked Bank?

For the past three years, Wells Fargo has been pilloried for having created millions of bogus accounts to extract unauthorized fees from its customers. Now it seems Wells may not have been the only financial institution to engage in this type of fraud.

The Consumer Financial Protection Bureau, despite having been somewhat defanged by the Trump Administration, has just filed suit against Fifth Third Bank for similar behavior. Based in Cincinnati, Fifth Third is a large regional bank with branches in ten states and total assets of about $170 billion.

According to the CFPB’s complaint, the problem at Fifth Third arose when it, like Well Fargo, imposed overly aggressive cross-selling targets on its employees, causing them to create bogus accounts to meet those goals. These actions not only generated illicit fees, the complaint states, but also exposed customers to a higher risk of identity theft when, for example, online banking accounts were created without their knowledge. The issuance of unauthorized credit cards may have harmed customers’ credit scores.

The agency is asking a federal court to order Fifth Third to stop these practices and pay damages and penalties for its actions. The bank issued a press release denying the allegations and vowing to fight the lawsuit vigorously.

Although its “rap sheet” is a lot shorter than those of Wells Fargo and the other megabanks, Fifth Third has not been free from controversy. Violation Tracker’s tally on the company runs to more than $132 million in penalties.

One of the cases on the list was brought by the CFPB. In 2015 the agency announced that Fifth Third would pay $21.5 million to resolve two actions—one involving allegations of using racially discriminatory loan pricing and another involving deceptive marketing of credit card add-on products. The second case included allegations similar to those in the new case: telemarketers for the bank were alleged to have failed to tell cardholders that by agreeing to receive information about a product they would be enrolled and charged a fee.

Fifth Third’s largest past penalty was the $85 million it agreed to pay in 2015 to settle a case brought by the Justice Department and the Department of Housing and Urban Development concerning the bank’s improper origination of federally insured residential mortgage loans during the housing bubble.

In 2013 Fifth Third paid $6.5 million to settle an SEC case concerning the improper accounting of commercial real estate loans in the midst of the financial crisis. It has also paid out more than $8 million in wage theft lawsuits.

If the allegations against Fifth Third hold up, bank regulators and federal prosecutors will also have to determine whether the scheme occurred at other financial institutions. Megabanks such as JPMorgan Chase and Bank of America have run up billions of dollars in fines and settlements for many different kinds of misconduct. We need to know whether the creation of sham accounts should be added to the list.

Justice Deferred at Wells Fargo

In finally resolving its investigation of Wells Fargo for a brazen scheme to bilk customers through the creation of millions of sham fee-generating accounts, the Trump/Barr Justice Department employed some tough language but administered what amounted to a slap on the wrist.

DOJ issued a press release quoting Deputy Assistant Attorney General Michael Granston as saying that the settlement “holds Wells Fargo accountable for tolerating fraudulent conduct that is remarkable both for its duration and scope.” The release was accompanied by a 16-page summary of the bank’s abuses, including the adoption of “onerous sales goals and accompanying management pressure [that] led thousands of its employees to engage in: (1) unlawful conduct to attain sales through fraud, identity theft, and the falsification of bank records, and (2) unethical practices to sell products of no or low value to the customer, while believing that the customer did not actually need the account and was not going to use the account.”

The document states that senior Wells executives were well aware of the unlawful behavior yet continued to ratchet up the sales pressure on employees.

This recitation echoes the content of a 100-page notice issued earlier by Wells’ primary regulator, the Office of the Comptroller of the Currency. While the OCC imposed substantial financial penalties against several former executives of the bank, DOJ has not charged any individuals.

Justice imposed a $3 billion monetary penalty on Wells, which resolves criminal issues such as false bank records and identity theft as well as civil issues under the Financial Institutions Reform, Recovery and Enforcement Act and securities violations that may be brought by the SEC. That penalty is not insignificant but it will not be too much of a burden for a bank whose profits last year exceeded $19 billion.

Moreover, the impact of the criminal portion of the case was diminished by the inclusion of a deferred prosecution agreement rather than the filing of any actual charges. This overused gimmick (like its evil twin, the non-prosecution agreement) allows DOJ to give the impression it is being tough with corporate bad actors while actually failing to do so.

In its press release on the Wells case, DOJ tries to justify the use of the DPA by noting factors such as the bank’s cooperation with the investigation. Yet it also cites “prior settlements in a series of regulatory and civil actions.”

How are the bank’s prior bad acts, which according to Violation Tracker have resulted in more than $17 billion in penalties, an argument for leniency? If anything, they militate against the use of DPA, which was originally meant to provide an incentive for a company caught up in a single case of misconduct to return to the straight and narrow.

Wells Fargo, in fact, was the recipient, via its acquisition Wachovia, of a previous DPA in 2010 for anti-money-laundering deficiencies as well as a 2011 non-prosecution agreement in connection with municipal bond bid-rigging. Those deals do not appear to have much of a beneficial effect on the ethical climate at the bank.

Allowing Wells to once again evade true criminal responsibility is sending the wrong signal to a corporation whose conduct was so pernicious, both in cheating its customers and in coercing lower-level employees to participate in the massive fraud.

Behavior like this calls out for tougher penalties. In 2018 the Federal Reserve took a step in that direction by barring Wells from growing any larger until it cleaned up its business practices. The agency also announced that the bank had been pressured to replace four members of its board of directors.

Meanwhile, the Justice Department continues to rely on prosecutorial approaches that have done little to stem the ongoing wave of corporate criminality.

The Belated Crackdown on Wells Fargo

It took three years but a leading federal bank regulator has finally gotten tough with probably the most lawless large financial institution in the country.

The Office of the Comptroller of the Currency, an arm of the Treasury Department, recently took action against the former chief executive of Wells Fargo in connection with the scandal in which the bank pressured employees to create bogus accounts that extracted millions of dollars in fees from unsuspecting customers.

Many observers were surprised that the OCC, not known for aggressive action, fined John Stumpf $17.5 million – the largest penalty it has ever imposed on an individual – and banned him for life from the banking industry. The agency also penalized two other former senior officials at Wells Fargo and charged five others. Among those five is Carrie Tolstedt, the former head of retail banking at Wells, against whom the OCC is seeking a penalty of $25 million, substantially more than what Stumpf agreed to pay.

OCC’s belated severity may have something to do with the fact that the agency’s posture toward Wells is the subject of a pending investigation by the Treasury inspector general. That inquiry will likely address the failure of the agency to pursue complaints it had received about abusive practices at Wells long before the sham-account scandal erupted in 2016. The agency admitted this lapse in an unflattering report about its conduct released in 2017.

Along with the announcement of its charges against Tolstedt and the others, the OCC released a 100-page Notice which reads like an indictment. It argues that for more than a decade the bank maintained a business model that pressured employees to engage in “serious misconduct” by imposing “intentionally unreasonable sales goals” and “fostered an atmosphere that perpetuated improper and illegal conduct.”

The document relates in detail how that pressure worked to the detriment both of the customers who were being defrauded and the bank’s lower level employees. Those employees were turned into accomplices in a corrupt scheme described by the document as “immense” in magnitude.

Also contained in the document are indications that Wells managers were seeking to cover up the wrongdoing. They pretended to monitor improper conduct by lower-level employees but were far from aggressive in that effort. The document notes that the bank’s Head of Corporate Investigations testified before the OCC that there was nearly a 100% chance an employee’s boss would know if she failed to meet her sales goals, but the chances were very small that an employee would be caught for issuing an unauthorized product or service. Those employees clearly got the message that if they wanted to keep their jobs they had to go along with the scheme.

Unfortunately, the document is part of a civil proceeding when it should really be part of a criminal case against Wells and those who were running it. The shocking misconduct outlined by the OCC belongs in an indictment brought under the Racketeer Influenced and Corrupt Organizations Act.

There are reports that the Justice Department is pursuing a criminal investigation of Wells, but it is hard to be confident that Bill Barr’s DOJ will do the right thing.

A Boom Decade for Corporate Misconduct

Business journalists are looking back with amazement at the stock market’s track record over the past decade. Yet the 2010s were also a boom period for corporate crime and misconduct.

In Violation Tracker my colleagues and I have documented more than 240,000 cases for that period representing $442 billion in fines and settlements—more than twice the $161 billion total for the previous decade. (The numbers are not adjusted for inflation.)

The cases from the 2010s include 574 with a penalty of $100 million or more, 147 with a penalty of $500 million or more, and 67 with a penalty of $1 billion or more.

The top tier of these mega-cases is dominated by four corporations. BP is linked to the largest single case on the list—the $20.8 billion settlement with the federal government and five states to resolve civil claims stemming from the massive 2010 Deepwater Horizon oil spill in the Gulf of Mexico. BP paid out numerous other mega-penalties and smaller ones to put its total for the decade at nearly $28 billion.

The second biggest single penalty during the decade was Bank of America’s $16.65 billion settlement with the Justice Department in 2014 to resolve claims relating to fraud in the period leading up to the financial crisis, including such behavior on the part of Merrill Lynch and Countrywide Financial, which BofA acquired during that crisis. BofA also had plenty of other penalties during the decade—including two in excess of $10 billion—bringing its total for that period to an eye-popping $62 billion.

The third of the penalty leaders is Volkswagen, which in 2016 reached a $14.7 billion settlement with the federal government and the state of California to resolve allegations relating to systematic cheating on diesel pollution emission testing through the use of defeat devices. VW paid out several other multi-billion penalties related to the cheating and racked up a penalty total of more than $23 billion for the decade.

Rounding out the list of companies with individual penalties in excess of $10 billion is JPMorgan Chase, which in 2013 reached a $13 billion settlement to resolve federal and state claims relating to the sale of toxic mortgage-backed securities by the bank itself and by its acquisitions Bear Stearns and Washington Mutual. JPMorgan also had several other penalties of $1 billion or more, along with smaller ones, that pushed its penalty total for the decade to more than $29 billion.

Other big domestic banks had a substantial share of mega-penalties. These include Citigroup, with a $7 billion toxic securities settlement in 2014 (and a penalty total of $16 billion for the decade) and Wells Fargo, with a similar $5.3 billion settlement in 2012 (and a penalty total of $15 billion stemming from issues such as the creation of bogus accounts to generate illicit fees).

The decade also saw a slew of mega-cases involving foreign banks such as BNP Paribas, Deutsche Bank, Royal Bank of Scotland and Credit Suisse for offense such as violations of economic sanctions and their own toxic securities abuses.

Financial services companies of all kinds dominated the mega-penalty list, accounting for 41 of the 67 billion-dollar cases. Also worthy of mention are the pharmaceutical companies, including settlements by GlaxoSmithKline for $3 billion and Johnson & Johnson for $2.2 billion, both for marketing drugs for purposes not approved as safe by the Food and Drug Administration. That industry will end up paying much more when the pending multistate opioid litigation is resolved.

The list could continue. Suffice it to say that the decade’s major cases made it clear that corporate misconduct perseveres through good times and bad.

The 2019 Corporate Rap Sheet

While the news has lately focused on political high crimes and misdemeanors, 2019 has also seen plenty of corporate crimes and violations. Continuing the pattern of the past few years, diligent prosecutors and career agency officials have pursued their mission to combat business misconduct even as the Trump Administration tries to erode the regulatory system. The following is a selection of significant cases resolved during the year.

Online Privacy Violations: Facebook agreed to pay $5 billion and to modify its corporate governance to resolve a Federal Trade Commission case alleging that the company violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information.

Opioid Marketing Abuses: The British company Reckitt Benckiser agreed to pay more than $1.3 billion to resolve criminal and civil allegations that it engaged in an illicit scheme to increase prescriptions for an opioid addiction treatment called Suboxone.

Wildfire Complicity: Pacific Gas & Electric reached a $1 billion settlement with a group of localities in California to resolve a lawsuit concerning the company’s responsibility for damage caused by major wildfires in 2015, 2017 and 2018. PG&E later agreed to a related $1.7 billion settlement with state regulators.

International Economic Sanctions: Britain’s Standard Chartered Bank agreed to pay a total of more than $900 million in settlements with the U.S. Justice Department, the Treasury Department, the Federal Reserve, the New York Department of Financial Services and the Manhattan District Attorney’s Office concerning alleged violations of economic sanctions in its dealing with Iranian entities.

Emissions Cheating: Fiat Chrysler agreed to pay a civil penalty of $305 million and spend around $200 million more on recalls and repairs to resolve allegations that it installed software on more than 100,000 vehicles to facilitate cheating on emissions control testing.

Foreign Bribery: Walmart agreed to pay $137 million to the Justice Department and $144 million to the Securities and Exchange Commission to resolve alleged violations of the Foreign Corrupt Practices Act in Brazil, China, India and Mexico.

False Claims Act Violations: Walgreens agreed to pay the federal government and the states $269 million to resolve allegations that it improperly billed Medicare, Medicaid, and other federal healthcare programs for hundreds of thousands of insulin pens it knowingly dispensed to program beneficiaries who did not need them.

Price-fixing: StarKist Co. was sentenced to pay a criminal fine of $100 million, the statutory maximum, for its role in a conspiracy to fix prices for canned tuna sold in the United States. StarKist was also sentenced to a 13-month term of probation.

Employment Discrimination: Google’s parent company Alphabet agreed to pay $11 million to settle a class action lawsuit alleging that it engaged in age discrimination in its hiring process.

Investor Protection Violation: State Street Bank and Trust Company agreed to pay over $88 million to the SEC to settle allegations of overcharging mutual funds and other registered investment company clients for expenses related to the firm’s custody of client assets.

Illegal Kickbacks: Mallinckrodt agreed to pay $15 million to resolve claims that Questcor Pharmaceuticals, which it acquired, paid illegal kickbacks to doctors, in the form of lavish dinners and entertainment, to induce them to write prescriptions for the company’s drug H.P. Acthar Gel.

Worker Misclassification: Uber Technologies agreed to pay $20 million to settle a lawsuit alleging that it misclassified drivers as independent contractors to avoid complying with labor protection standards.

Accounting Fraud: KPMG agreed to pay $50 million to the SEC to settle allegations of altering past audit work after receiving stolen information about inspections of the firm that would be conducted by the Public Company Accounting Oversight Board. The SEC also found that numerous KPMG audit professionals cheated on internal training exams by improperly sharing answers and manipulating test results.

Trade Violations: A subsidiary of Univar Inc. agreed to pay the United States $62 million to settle allegations that it violated customs regulations when it imported saccharin that was manufactured in China and transshipped through Taiwan to evade a 329 percent antidumping duty.

Consumer Protection Violation: As part of the settlement of allegations that it engaged in unfair and deceptive practices in connection with a 2017 data breach, Equifax agreed to provide $425 million in consumer relief and pay a $100 million civil penalty to the Consumer Financial Protection Bureau. It also paid $175 million to the states.

Ocean Dumping: Princess Cruise Lines and its parent Carnival Cruises were ordered to pay a $20 million criminal penalty after admitting to violating the terms of their probation in connection with a previous case relating to illegal ocean dumping of oil-contaminated waste.

Additional details on these cases can be found in Violation Tracker, which now contains 397,000 civil and criminal cases with total penalties of $604 billion.

Note: I have just completed a thorough update of the Dirt Diggers Digest Guide to Strategic Corporate Research. I’ve added dozens of new sources (and fixed many outdated links) in all four of the guide’s parts: Key Sources of Company Information; Exploring A Company’s Essential Relationships; Analyzing A Company’s Accountability Record; and Industry-Specific Sources.

Putting Strings on Bank Mergers

The U.S. financial system has survived a decade without another meltdown like that caused by the proliferation of toxic securities in the late 2000s. The credit belongs to tougher regulation, not to a moral conversion on the part of the large banks. Those institutions still exhibit significant ethical deficits even as they grow larger.

That’s why new legislation on bank mergers being introduced by Sen. Elizabeth Warren and Illinois Rep. Chuy Garcia makes sense. The Bank Merger Review Modernization Act would require regulatory agencies to apply more rigorous standards when deciding whether to approve proposed deals.

Those standards would include a quantitative risk metric, consideration of the impact on market concentration for specific banking products, Community Reinvestment Act ratings and approval by the Consumer Financial Protection Bureau.

Those measures are all fine, but I would also suggest that regulators be required to consider the full track record of each party when it comes to compliance with a broad range of laws regulations.

I say this having compiled a large quantity of documentation of bank misconduct in my work on Violation Tracker. I am continuously amazed at the number and variety of cases in which banks have been involved as well as the eye-popping penalties they have paid to buy their way out of legal jeopardy.

The Violation Tracker penalty total for the financial services industry now stands at $305 billion (since 2000), and that number will increase by about $8 billion next week when we post an update that for the first time will include cases brought by the New York State Department of Financial Services and the Manhattan District Attorney’s Office.

Those agencies have brought several dozen major cases against large banks, especially foreign-based ones, for violations of international economic sanctions, money-laundering regulations and rules regarding the manipulation of foreign exchange markets.

Warren and Garcia express specific concern about the combination of SunTrust and BB&T, which are merging to form a new “Too Big to Fail” bank they are naming Truist.

There is good reason for the banks to shed their old identities. According to Violation Tracker, SunTrust has racked up more than $1.5 billion in penalties. These include a 2014 case in which the Consumer Financial Protection Bureau, the Department of Housing and Urban Development, and the attorneys general of 49 states and the District of Columbia required the company to address mortgage servicing misconduct by providing $500 million in loss-mitigation relief to underwater borrowers. It also required SunTrust to pay $40 million to approximately 48,000 consumers who lost their homes to foreclosure. At the same time, SunTrust had to pay $418 million to resolve a related case brought by the Justice Department for originating and underwriting loans that violated its obligations as a participant in the Federal Housing Administration insurance program.

As if that was not enough, SunTrust had to pay another $320 million as part of the resolution of a DOJ criminal case alleging that it misled numerous mortgage servicing customers who sought mortgage relief through the federal Home Affordable Modification Program.

BB&T has paid more than $130 million in penalties, most of which came from a 2016 case in which it agreed to pay $83 million to the Justice Department to resolve allegations that it violated the False Claims Act by knowingly originating and underwriting mortgage loans insured by the Federal Housing Administration that did not meet applicable requirements.

Why, one might ask, should corporations with such blemished records be allowed to merge and become the country’s sixth largest bank, whose combined resources will allow it to capture additional market share? It might be worth exploring whether, in addition to the kind of safeguards being proposed by Warren and Garcia, banks with a substantial record of misconduct could be barred from participating in mergers, or at least be required to take additional steps to make amends to the customers and communities they have harmed.

One Less Wheeler Dealer

It’s unfortunate that 18,000 people will lose their jobs in the process, but it is good news that Deutsche Bank is leaving the investment banking business. The world is better off with one less wheeling and dealing financial player that has repeatedly flouted all kinds of laws and regulations.

That tarnished record dates back to the late 1990s, when Deutsche Bank acquired New York-based Bankers Trust, which was testing the limits of what a commercial bank could do while getting embroiled in a series of scandals.

Just a few months after the acquisition was announced, Bankers Trust pleaded guilty to criminal charges that its employees had diverted $19 million in unclaimed checks and other credits owed to customers over to the bank’s own books to enhance its financial results. The bank paid a $60 million fine to the federal government and another $3.5 million to New York State.

Deutsche Bank was also having its own legal problems during this period. In 1998 its offices were raided by German criminal investigators looking for evidence that the bank helped wealthy customers engage in tax evasion. In 2004 investors who purchased what turned out to be abusive tax shelters from DB sued the company in U.S. federal court, alleging that they had been misled (the dispute was later settled for an undisclosed amount). That litigation as well as a U.S. Senate investigation brought to light extensive documentation of DB’s role in tax avoidance.

In the 2000s, DB was penalized repeatedly by financial regulators, including a 2004 settlement with the Securities and Exchange Commission in which it had to pay $87.5 million to settle charges of conflicts of interest between its investment banking and its research operations, and a $208 million settlement with federal and state agencies in 2006 to settle charges of market timing violations.

In 2009 the SEC announced that DB would provide $1.3 billion in liquidity to investors that the agency had alleged were misled by the bank about the risks associated with auction rate securities.

In 2010 the U.S. Attorney for the Southern District of New York announced that DB would pay $553 million and admit to criminal wrongdoing to resolve charges that it participated in transactions that promoted fraudulent tax shelters and generated billions of dollars in U.S. tax losses.

In 2011, the Federal Housing Finance Agency sued DB and other firms for abuses in the sale of mortgage-backed securities to Fannie Mae and Freddie Mac (the case was settled for $1.9 billion in late 2013).

In 2012 the Southern District of New York announced that DB would pay $202 million to settle charges that its MortgageIT unit had repeatedly made false certifications to the Federal Housing Administration about the quality of mortgages to qualify them for FHA insurance coverage.

In 2013 DB agreed to pay a $1.5 million fine to the Federal Energy Regulatory Commission to settle charges that it had manipulated energy markets in California in 2010.

In 2013 Massachusetts fined Deutsche Bank $17.5 million for failing to inform investors of conflicts of interest during the sale of collateralized debt obligations. That same year, DB was fined $983 million by the European Commission for manipulation of the LIBOR interest rate index. (Later, in 2015, it had to agree to pay $2.5 billion to settle LIBOR allegations brought by U.S. and UK regulators.)

In 2015 the SEC announced that DB would pay $55 million to settle allegations that it overstated the value of its derivatives portfolio during the height of the financial meltdown. Later that year, DB agreed to pay $200 million to New York State regulators and $58 million to the Federal Reserve to settle allegations that it violated U.S. economic sanctions against countries such as Iran.

In January 2017 the bank reached a $7.2 billion settlement of a Justice Department case involving the sale of toxic mortgage securities during the financial crisis. That same month, it was fined $425 million by New York State regulators to settle allegations that it helped Russian investors launder as much as $10 billion through its branches in Moscow, New York and London.

In March 2017 Deutsche Bank subsidiary DB Group Services (UK) Limited was ordered by the U.S. Justice Department to pay a $150 million criminal fine in connection with LIBOR manipulation. The following month, the Federal Reserve fined DB $136 million for interest rate manipulation and $19 million for failing to maintain an adequate Volcker rule compliance program. Shortly thereafter, the Fed imposed another fine, $41 million, for anti-money-laundering deficiencies. In October 2017 DB paid $220 million to settle multistate litigation relating to LIBOR.

In 2018 DB paid a total of $100 million to the Commodity Futures Trading Commission–$70 million for interest-rate manipulation and $30 million for manipulation of metals futures contracts.

As a result of all these and other cases, Deutsche Bank ranks seventh among parent companies in Violation Tracker, with more than $12 billion in total penalties.

Not all these cases arose out of DB’s investment banking business. Its commercial banking operation, which will continue, was responsible for keeping the Trump Organization afloat when other banks shunned the shaky company. And it has just come to light that DB provided loans to the notorious Jeffrey Epstein.

Deutsche Bank’s history of controversies may not be over.

Mistreating Customers and Workers

For a long time, the corporation that stood out as America’s worst employer was Walmart, given its reputation for shortchanging workers on pay, engaging in discriminatory practices and ruthlessly fighting union organizing drives. Today, Amazon.com seems to be trying to take over that title, at least for its blue-collar workforce.

Yet when we look at the corporations that have been paying the most penalties for workplace abuses, there is another contender for the top, or really the bottom, spot among U.S. employers: Bank of America. In Big Business Bias, a report just published by the Corporate Research Project of Good Jobs First, we found that BofA has paid more in damages, settlements and fines in workplace discrimination and harassment cases than any other large for-profit corporation.

In Grand Theft Paycheck, a report we published last year on wage theft, BofA ranked third (after Walmart and FedEx) in total penalties paid in private wage and hour lawsuits and cases brought by the U.S. Labor Department.

BofA’s position in these tallies is to a significant extent the result of cases brought against its subsidiary Merrill Lynch, which the federal government pressured it to acquire during the financial meltdown in 2008. Merrill accounts for 95 percent of the $210 million in penalties BofA has paid in discrimination cases and more than one-quarter of the $381 million paid in wage theft cases.

Merrill brought with it problems beyond questionable personnel practices. In 1998 it had to pay $400 million to settle charges that it helped push Orange County, California into bankruptcy with reckless investment advice. In 2002 it agreed to pay $100 million to settle charges that its analysts skewed their advice to promote the firm’s investment banking business (plus another $100 million the following year). In 2003 it paid $80 million to settle allegations relating to dealings with Enron.

This track record was similar to that of BofA before the merger. For example, in 1998 the bank paid $187 million to settle allegations that in its role as bond trustee for the California state government it misappropriated funds, overcharged for services and destroyed evidence of its misdeeds. BofA later paid to settle lawsuits concerning its dealings with Enron ($69 million) and another corporate criminal, WorldCom ($460 million).

In the wake of the financial crisis, BofA had to enter into several multi-billion-dollar settlements concerning the sale of toxic securities and various mortgage abuses. It is for all these reasons that BofA tops the Violation Tracker ranking of the most penalized parent companies, with payouts of more than $58 billion.

BofA is not unique in this respect. Another major bank is also one of the ten most penalized corporations overall as well as high on the lists of those with the most penalties related to workplace discrimination and wage theft. That bank is Wells Fargo, which ranks sixth on the Violation Tracker list with over $14 billion in penalties, ninth in the discrimination tally with $68 million and fourth in the wage theft tally with $205 million.

Wells Fargo, of course, is notorious for creating millions of bogus accounts to generate illicit fees and other deceptive practices. Last year, the Federal Reserve took the unprecedented step of barring the bank from growing any larger until it cleaned up its act. The agency also announced that the bank had been pressured to replace four members of its board of directors.

Bank of America and Wells Fargo demonstrate all too clearly that mistreatment of customers can go hand-in-hand with mistreatment of workers.

The Other Rogue Banks

The slow but steady weakening of bank regulation is continuing. Responding to legislation passed by Congress earlier this year, the Federal Reserve just voted to propose new rules for a group of banks that are large but not gigantic. Congress had called for a review of banks with assets between $100 billion and $250 billion but the Fed proposals would affect some larger ones as well. In all, 16 banks would enjoy loosened restraints.

Much of the commentary on banks focuses on mega-institutions such as Bank of America, JPMorgan Chase, Citigroup and Wells Fargo. These corporations have certainly done the most harm to the economy and whose demise would have the most dire consequences.

Yet the next tier of banks have their own track record of misconduct that argues against relaxed oversight. Some of these offenses relate directly to financial risk while others do not, but they all point to the need for more regulation rather than less. Here are examples taken from Violation Tracker.

U.S. Bancorp (total penalties in Violation Tracker: $1.2 billion): paid $453 million this year to settle Justice Department allegations that it had insufficient protections against money laundering and failed to file suspicious activity reports.

PNC Financial (total penalties: $472 million): in 2003 one of its subsidiaries paid $115 million to settle criminal charges of conspiring to violate securities laws (the deal included a deferred prosecution agreement).

Capital One (total penalties: $228 million): in 2012 one of its subsidiaries paid $165 million to settle Consumer Financial Protection Bureau (CFPB) allegations that it deployed deceptive marketing tactics in its credit card business.

Charles Schwab (total penalties: $125 million): in 2011 it paid $118 million to settle SEC allegations that it made misleading statements to clients about one of its funds.

BB&T (total penalties: $93 million): in 2016 it paid $83 million to settle Justice Department allegations it knowingly originated mortgage loans insured by the Federal Housing Administration that did not meet applicable requirements.

SunTrust (total penalties: $1.5 billion): in 2014 it settled a case brought by the CFPB, the Department of Justice, the Department of Housing and Urban Development, and attorneys general in 49 states and the District of Columbia alleging that it engaged in systemic mortgage servicing misconduct, including robo-signing and illegal foreclosure practices. The settlement required SunTrust to provide $500 million in loss-mitigation relief to underwater borrowers and pay $40 million to approximately 48,000 consumers who lost their homes to foreclosure.

American Express (total penalties: $350 million): in 2017 it paid $96 million to settle CFPB allegations of having discriminated against customers in Puerto Rico and other U.S. territories by charging higher credit card rates than in the 50 states.

Ally Financial (total penalties: $668 million): in 2012 it paid $207 million to settle Federal Reserve allegations of mortgage servicing violations.

The list goes on for the remainder of the 16 banks: Citizens Financial (total penalties: $137 million), Fifth Third Bancorp ($121 million), KeyCorp ($19 million), Regions Financial ($170 million), M&T Bank ($119 million), Huntington Bancshares ($14 million) and Discover Financial Services ($232 million).

It’s interesting that the only institution on the list with a small penalty total ($203,000) is Northern Trust, which caters to corporations and wealthy individuals rather than the general public. If all the banks similar records, then perhaps some measure of deregulation might be warranted.

Yet as long as the large banks are as ethically challenged as the giant ones, they should continue to face strict oversight.

The Persistence of Bank Misconduct

Ten years ago this month, the financial crisis erupted, and within a matter of weeks the banking landscape was transformed. Merrill Lynch was taken over by Bank of America. Lehman Brothers collapsed. AIG had to be bailed out by the federal government. Goldman Sachs and Morgan Stanley, the last two independent investment houses, were forced to become bank holding companies subject to stricter regulation. JPMorgan Chase took over Washington Mutual. Congress was compelled to create the $700 billion Troubled Asset Relief Program.

What were the consequences of the widespread misconduct that caused the meltdown? Lehman turned out to be the only major institution to suffer the fate of liquidation. No top executives at any banks faced personal criminal or civil charges. The federal government sold off its holdings in the companies that were bailed out.

The most significant penalty was financial. According to data collected for Violation Tracker, banks were hit with a total of $89 billion in penalties relating to the issuance and sale of the toxic securities at the center of the crisis. More than $40 billion in penalties were imposed in related mortgage abuse cases.

While by some measures these penalties are significant, they are far less than the amount of harm the banks caused to the economy and the financial well-being of homeowners, workers and others. What is even more frustrating is that the billions in payments seem to have failed in their main purpose: discouraging banks from engaging in similar bad acts in the future.

We don’t have to wait to see if this is true. Even while they were still resolving cases stemming from the financial crisis, large banks were starting to engage in more wrongdoing.

Exhibit A is Wells Fargo, which is now more notorious for its behavior subsequent to the meltdown. It will forever be known as the bank that created millions of bogus accounts to generate illicit fees from its customers. Earlier this year, Wells was fined a total of $1 billion by the Officer of the Comptroller of the Currency and the Consumer Financial Protection Bureau. That came after the Federal Reserve took the unprecedented step of barring the bank from growing any larger until it cleaned up its business practices.

Bank of America has also been accused of harming its customers. In 2014 the CFPB ordered the bank to provide $727 million in relief to credit card holders charged for deceptive add-on services. BofA’s Merrill Lynch unit has in recent years been fined repeatedly by regulators for a variety of improper practices. In June, for example, the SEC penalized Merrill $42 million for falsely telling brokerage customers that it had executed millions of orders internally when it had actually farmed them out to other firms.

Citigroup faced its own allegations of illegal credit card practices, and in 2015 it was ordered by the CFPB to provide $700 million in relief to customers. This year, in an unusually aggressive enforcement action by the Trump-controlled CFPB, Citi was ordered to pay $335 million in restitution to 1.75 million credit card customers for failing to properly adjust interest rates.

These abuses may not jeopardize the entire economy like those of the early 2000s, but they show that the big banks remain ethically challenged.