Federal bank regulators recently ordered Community Federal Savings Bank, based in Queens, New York, to revamp its anti-money-laundering (AML) program due to systemic failures in its internal controls. The bank, which supports digital financial services such as Wise’s U.S. dollar accounts and Crypto.com’s prepaid card, has been criticized for its inability to manage compliance risks associated with its rapid growth in payment processing.
The Office of the Comptroller of the Currency (OCC) disclosed the enforcement action, signifying serious concerns over the bank’s customer due diligence processes, suspicious-activity monitoring, independent compliance testing, and overall Bank Secrecy Act (BSA) adherence. As of December 31, 2025, Community Federal owned approximately $866 million in assets, with total deposits reaching about $753 million.
This is not the first time the OCC has taken action against Community Federal. The bank was previously required to establish a strategic compliance plan to mitigate BSA and AML risks following a 2020 order. However, the recent findings indicate that despite significant transaction volumes, the bank’s risk management did not keep pace, undermining its compliance capabilities.
Key issues highlighted include the bank’s automated system for flagging suspicious transactions, which reportedly auto-closed a large percentage of alerts. The OCC noted that the system’s filters were inadequately aligned with the bank’s actual risk exposure, particularly concerning international transactions involving foreign financial institutions. In addition, the bank’s understanding of its customers’ business operations and transaction purposes was insufficient, leading to lapses in identifying whether it held correspondent accounts requiring enhanced due diligence under the USA PATRIOT Act.
The order mandates that Community Federal appoint a compliance committee comprised mainly of independent directors within 15 days and submit an action plan within 90 days detailing its remediation steps. Furthermore, the bank must hire two external consultants: one to conduct a comprehensive review of its AML program and another to assess historical suspicious-activity monitoring. The outcome of this review could necessitate the filing of new suspicious-activity reports for previously flagged but unreported activities.
Despite the order’s stringent requirements, it does not impose any civil penalties or restrictions on the bank’s growth or its ability to onboard new fintech partners. The bank expressed its commitment to addressing the issues promptly and emphasized its ongoing efforts to enhance its compliance infrastructure.
While the OCC’s findings signify critical shortcomings in Community Federal’s operations, they echo broader trends within the banking industry, particularly among institutions with fintech partnerships. Similar enforcement actions have been taken against other banks for compliance failures related to their relationships with digital asset service providers.
As regulatory scrutiny intensifies, the bank is hopeful of resolving the matters swiftly and continuing its partnerships with various fintechs in a compliant manner.
