Citigroup has reassigned chief operating officer Anand Selva, reducing his oversight of data compliance following the bank’s imposition of $136 million in fines for failing to resolve persistent issues in risk management and data governance.
According to a report by the Financial Times, which quoted sources familiar with the situation, Selva will now share data compliance responsibilities with Tim Ryan, a former accountant and top PwC partner who joined Citi in June.
This decision follows a history of compliance failures at Citi, dating back to 2020 when the Office of the Comptroller of the Currency (OCC) issued a cease and desist order and imposed a $400 million penalty for significant shortcomings in enterprise-wide risk management, compliance efforts, data governance, and internal controls.
At that time, Citi attributed these issues to outdated software from the 1990s, which led to a $1 billion wire transfer error that triggered the OCC investigation. In May, the bank faced an additional fine of £62 million for not detecting a $1.4 billion trading mistake that briefly affected European markets.
The most recent $136 million penalty, imposed in June, stemmed from the erroneous reporting of tens of billions of dollars in loans to regulators. Despite hiring thousands of new employees, the bank has repeatedly failed to meet requirements and has shown minimal sustainable progress in overcoming ongoing data governance challenges.
Selva’s reassignment marks the third time in three years that a senior executive at Citi has been tasked with resolving the bank’s data issues. Additionally, Citi is currently involved in a lawsuit filed by a former employee who claims she was dismissed for refusing to provide regulators with false information. The lawsuit alleges that COO Selva instructed her to withhold “critical information” from the OCC regarding Citi’s data governance metrics in an effort to prevent the bank from appearing unfavorable. These metrics are related to the 2020 OCC consent order, which mandated improvements in the bank’s risk management and data governance practices.