The U.S. Treasury Department’s Office of the Comptroller of the Currency (OCC) announced Wednesday that it’s penalizing Citibank for its “longstanding failure to establish effective risk management and data governance programs and internal controls.”
The agency added that it will require the bank to take “comprehensive corrective actions” in the areas found to have deficiencies before it can make any significant acquisitions.
In addition to the fine, Citigroup -- Citibank’s parent company -- is facing a separate but related enforcement action by the Federal Reserve Board. The Fed said it also found "significant ongoing deficiencies" in the bank’s risk-management programs. The Federal Reserve Board has given Citigroup 120 days to submit a report detailing how it will fix the shortcomings identified.
In a statement, Citi said it is "fully committed" to addressing the concerns laid out by regulators. The company plans to invest more than $1 billion this year in its risk management and controls efforts.
“Citi has significant remediation projects underway to strengthen our controls, infrastructure and governance,” the bank said in a statement. “While we have made progress in each of these areas, we recognize that substantial improvement is still required.”