From 2008 to 2015, with that software provided by Wells Fargo and its predecessor Wachovia Bank, to a foreign bank located in Europe processed trade finance transactions that violated sanctions against Iran, Syria, and Sudan.

Wachovia Bank, at the direction of a mid-level manager, customized the trade insourcing software for general use by the European bank, knowing that it would include engaging in trade-finance transactions with sanctioned jurisdictions and persons.

Wells Fargo failed to identify or stop the European bank’s use of the software platform for trade-finance transactions involving sanctioned jurisdictions and persons for seven years, despite potential concerns raised internally at Wells Fargo on multiple occasions.

Even in 2014, an internal audit report found that the insourcing business line needed corrective action because agreements with various clients/ vendors were negotiated individually, which resulted in inconsistencies. However, Wells Fargo’s internal audit team did not specifically review the Hosted Eximbills platform business because the audit team relied on the relevant business line’s self assessment that the software platform was not high risk.