Thank you very much for your question.
I couldn't put a precise number on it, but I would think about enforcement and compliance in two respects. The first is enforcement and compliance costs borne by the government itself. The U.S. Department of the Treasury has an office called OFAC, the Office of Foreign Assets Control, which I alluded to, and it enforces financial sanctions. Roughly 200 people work in that office, so we can back from that into a rough estimation of the annual cost.
There are others involved in that enforcement action as well. There are oftentimes multiple overlapping jurisdiction on these cases, and because the banks are located in New York, by and large, the New York banking supervisor and the New York State Department of Financial Services is involved. The local state prosecutor in Manhattan is often involved. Also, the federal prosecutors are often involved because these involve violations of federal statutes.
In that instance, the $8.9-billion fine was a result of at least four or five different agencies: OFAC; the Department of Justice, which is the only entity that can bring federal criminal prosecutions; the state prosecutors; the New York state banking supervisor; and, I believe, the Federal Reserve. These are all folks who have multiple missions. It might be difficult to disaggregate with any degree of precision the amount of time, for example, they spent on that particular case.
Another way to think about the cost of compliance is the cost borne by the banks themselves. All of the banks subject to U.S. jurisdiction must—and have—built up very elaborate compliance architectures in order to ensure that they are behaving in a manner that is consistent with U.S. law and policy and their other legal obligations.
Take a bank like BNP Paribas, for example. They're subject to French and EU law because they're a French bank, and their activities that are subject to U.S. jurisdiction are subject to U.S. law as well. Presumably, the point generalizes across the many dozens of countries in which banks like that operate. Needless to say, their compliance architectures are very complicated. They have to adhere to local law wherever they operate and also to, for example, EU law, because they are an EU person.
It's difficult, sir, to give you a precise answer, but that's perhaps a way to begin thinking about the problem.