Skip to content
Financial Fraud

EagleBank Bank Secrecy Act Agreement: DOJ Says Bank Allowed Check-Kiting Scheme

No paywall
3 sources
1,843 words
Pass

Listen
Markets Desk voice
Ready when you are.



Status, July 1 source check: source-cleared for a BadPD government-accountability and financial-fraud ledger. The controlling current sources are DOJ’s June 30, 2026 Office of Public Affairs release and DOJ’s signed non-prosecution agreement and statement of facts for EagleBank and parent company Eagle Bancorp Inc.

This is a corporate-resolution record, not a conviction article. DOJ says EagleBank entered a non-prosecution agreement, admitted conduct in the attached statement of facts, and agreed to pay more than $9.7 million to resolve a Bank Secrecy Act investigation. The article below keeps the labels split between DOJ-announced facts, admitted agreement facts, and records still needed to prove payment and remediation.

What DOJ Says EagleBank Agreed To Pay

DOJ says EagleBank agreed to pay a $9,057,821.62 fine and $736,515 in forfeiture. The forfeiture amount is tied to overdraft fees that DOJ says EagleBank obtained from accounts involved in a check-kiting scheme. The combined resolution is just under $9.8 million, and DOJ describes it as a Bank Secrecy Act resolution rather than a customer-service dispute or ordinary overdraft matter.

The signed agreement states the resolution is a non-prosecution agreement for EagleBank. It also states that the bank did not self-report the misconduct to DOJ and therefore did not receive voluntary-disclosure credit. That detail matters because self-reporting, cooperation, remediation, and compliance design are the core public-interest questions in corporate-crime settlements.

The agreement says EagleBank and Eagle Bancorp must cooperate with the government, disclose credible evidence of federal criminal-law violations during the term, and report on remediation and implementation of compliance measures. It gives the agreement a one-year term and requires a compliance report one month before the term ends.

The Check-Kiting Scheme DOJ Describes

DOJ says EagleBank admitted that between 2010 and 2021 it willfully failed to establish an anti-money-laundering and countering-the-financing-of-terrorism program in violation of the Bank Secrecy Act. In one instance, DOJ says the bank allowed two customers, a son and father, to operate a check-kiting scheme for more than a decade through EagleBank accounts.

Check kiting is a fraud pattern built around timing. An accountholder writes a check for more money than is actually available, deposits it at another bank, and exploits the delay before the second bank learns the first account lacked sufficient funds. If the scheme keeps moving in circles, the apparent balance can look temporarily real while losses build behind the scenes.

DOJ says the father in the scheme was a friend and business partner of EagleBank’s former chairman and CEO, who resigned in 2019. DOJ also says senior bank executives repeatedly overrode compliance-personnel efforts to close the accounts and stop the conduct. According to DOJ, EagleBank’s facilitation resulted in a loss of almost $6.3 million to another financial institution.

Why The Compliance Override Allegation Is The Core Story

BadPD is not treating this as a narrow story about one bad customer. The source documents point to an internal-control problem. The signed statement of facts describes suspicious-activity reports, closure recommendations, overdraft exceptions, internal concern about kiting, and continued account activity. The public issue is whether a bank’s compliance system can be overridden when a customer relationship is valuable or connected.

That is why the Bank Secrecy Act frame matters. Banks are supposed to identify and report suspicious activity, maintain effective AML controls, and protect the financial system from fraud and laundering. Compliance personnel can spot risk, but their work only matters if leadership documents decisions, respects closure recommendations, and stops suspicious conduct instead of preserving favored accounts.

The signed PDF says EagleBank had taken remedial measures by the time of the agreement. Remediation is important, but a claim of remediation is not the end of the ledger. The follow-through record should show what changed, when it changed, how regulators assessed it, and whether the controls are now designed to stop similar exceptions before another bank or customer absorbs the loss.

Confirmed, Admitted, And Pending

Confirmed by DOJ’s June 30, 2026 release

  • EagleBank and Eagle Bancorp entered a non-prosecution agreement with DOJ.
  • The resolution concerns DOJ’s investigation into violations of the Bank Secrecy Act.
  • DOJ says EagleBank agreed to pay a $9,057,821.62 fine and $736,515 in forfeiture.
  • DOJ says the forfeiture is tied to overdraft fees from accounts involved in the check-kiting scheme.
  • DOJ says the FBI investigated the case.
  • DOJ says the case was handled by the Criminal Division’s Bank Integrity Unit and the U.S. Attorney’s Office for the Middle District of Pennsylvania.

Admitted in the signed agreement and statement of facts

  • The agreement says EagleBank admitted, accepted, and acknowledged responsibility for the conduct in the statement of facts.
  • The agreement states EagleBank did not receive voluntary-disclosure credit because it did not inform DOJ of the misconduct.
  • DOJ’s source materials say EagleBank admitted that between 2010 and 2021 it willfully failed to establish an AML/CFT program in violation of the Bank Secrecy Act.
  • The statement of facts describes suspicious-activity reports, closure recommendations, overdraft exceptions, and repeated continuation of the account relationship.
  • The agreement requires cooperation and compliance reporting during the one-year term.

Records still needed

  • Proof that the $9,057,821.62 fine and $736,515 forfeiture were paid.
  • The compliance report due one month before the end of the one-year agreement term.
  • Federal regulator examination or remediation-status records, if regulators permit disclosure.
  • Any separate public action involving individual officers, managers, employees, customers, or counterpart institutions.
  • Any victim, restitution, insurance, civil, or shareholder records tied to the nearly $6.3 million loss DOJ describes.

Why A Non-Prosecution Agreement Still Belongs On The Public Ledger

A non-prosecution agreement can be appropriate when a company cooperates, pays penalties, remediates, and accepts obligations. It can also become a quiet way for serious institutional conduct to disappear into a payment headline. The public should be able to see the difference. That requires more than a press release. It requires the agreement, statement of facts, payment proof, compliance deadlines, and a follow-up check when the term ends.

For a bank, the stakes are higher than reputation. Banks sit between customers, counterparties, regulators, law enforcement, and the wider payment system. If a bank lets a check-kiting scheme continue while another institution absorbs losses, the damage is not just private. It undermines trust in controls that are supposed to protect the financial system from fraud.

This is also a fairness issue for honest bank employees. Compliance officers and security personnel can identify patterns, document suspicious activity, and recommend account closure. If senior executives can override those warnings without a durable record and a defensible rationale, then compliance becomes theater. The public-interest question is whether the post-agreement controls prevent that.

The Red Flags In The Source Record

The signed statement of facts describes earlier suspicious-activity reporting and account-closure recommendations. It also describes an arrangement involving deposit tickets used to cover overdrafts, a warning from another bank, and checks paid despite insufficient funds. Those are not obscure signals. They are the kind of red flags a functioning AML and fraud-control program is supposed to escalate and resolve.

The statement of facts says a report recommended that a suspicious activity report be filed and that management approval be obtained to close the transactions account. It also says the bank filed a suspicious activity report on kiting activity in April 2014, conducted a 90-day review, and still did not close the relevant account relationship at that point.

BadPD is not naming the account holders as criminally convicted people here because this source set is the EagleBank corporate-resolution record. If separate court records show charges, pleas, convictions, civil judgments, bankruptcy claims, or recoveries involving named individuals or entities, those records should be handled in a separate, precisely labeled update.

What Readers Should Take From The Bank Secrecy Act Angle

The Bank Secrecy Act is often discussed as a technical compliance regime, but its public purpose is plain: stop financial institutions from becoming useful infrastructure for fraud, laundering, and other criminal conduct. A bank can have policies on paper and still fail if decision-makers protect exceptions for favored clients.

The source record here is useful because it separates three layers. First, there is suspicious customer activity. Second, there is internal knowledge and documentation. Third, there is management response. The public-accountability issue lives mostly in the third layer. A bank cannot control every attempted fraud by a customer, but it can control whether it acts when its own records keep showing the same pattern.

That is why the compliance report should not be treated as a private paperwork exercise. DOJ says the report may include confidential information and is intended to remain non-public unless otherwise agreed or required. That may be lawful and sometimes necessary, but it also means the public may not see the most important proof of remediation. Regulators and prosecutors should therefore be specific in any future public update about whether required controls were actually implemented.

What Not To Infer

This article does not say EagleBank was convicted of a crime. It does not say every EagleBank employee knew about or approved the conduct. It does not say every regional bank, community bank, or overdraft customer is suspect. It does not say the compliance report will be public. It says DOJ announced a non-prosecution agreement, attached a signed statement of facts, and described admitted conduct that raises public accountability questions.

It also does not treat the agreed payment as proof that all losses are repaired. A fine goes to the United States. Forfeiture can remove proceeds. Neither automatically proves full recovery by every affected institution, shareholder, customer, insurer, or other party. The almost $6.3 million loss DOJ describes should be tracked through separate recovery records if they become available.

Records To Watch Next

The first follow-up is payment proof. A public ledger should confirm whether the fine and forfeiture were paid within the required time and whether the government recorded any offsets or modifications. The second follow-up is compliance certification. EagleBank and Eagle Bancorp must report on remediation before the one-year term ends, and the public should know whether DOJ considers the company compliant at the end of the agreement.

The third follow-up is regulatory visibility. The agreement says compliance reporting may include federal regulator examination status only if regulators permit the bank to share that information with DOJ. That is a narrow but important point. If regulators identify gaps or require remediation, the public may need a separate public enforcement record to understand whether the financial system risk was actually fixed.

The fourth follow-up is individual accountability. Corporate resolutions can leave open whether any officers, managers, employees, or customers face separate consequences. BadPD will not assume individual guilt from a corporate agreement, but it will track public records if separate named actions emerge.

Source Ledger

Featured image is symbolic editorial artwork created for BadPD. It is not DOJ, FBI, EagleBank, Eagle Bancorp, bank-customer, check, transaction, employee, officer, regulator, or evidence photography.

Tips + Corrections

Send receipts for the desk to research

Send corrections, missing records, police-accountability tips, good-cop public-service receipts, government/court/war leads, recall alerts, or property-tax help resources. Tips are leads only until BadPD verifies records.

What helps
Links, dates, agency names, docket numbers, bodycam IDs, recall numbers, forms, and official pages.
How we treat it
Every tip is a lead, not a fact. The desk checks records before publishing.
Advertising
Use advertising inquiry when you want clearly labeled sponsor space or available ad placements on BadPD.