Citi has been fined $135.6 million by US regulators for insufficient progress in addressing risk management and data governance issues. The Office of the Comptroller of the Currency (OCC) fined Citi $75 million and amended its previous cease and desist order, while the Federal Reserve Board added a $60.6 million fine for violations of a 2020 enforcement action.

Originally, in 2020, the OCC fined Citi $400 million for failing to improve risk management, compliance, data governance, and internal controls, following unsafe banking practices. The bank had previous orders in 2013 and 2015 to enhance anti-money-laundering compliance and foreign exchange controls.

Despite some progress, the OCC noted Citi's failure to meet remediation milestones. Acting Comptroller Michael Hsu emphasized that while Citi's board has made efforts, significant data-related weaknesses persist, necessitating further corrective actions.