Anti-Money Laundering (AML)

May 11, 2018 Implementation Deadline Looms

Last year, we posted FinCEN’s Beneficial Ownership Rule: A Practical Guide to Being Prepared for Implementation regarding the Customer Due Diligence Requirements for Financial Institutions Rule (the “Beneficial Ownership Rule” or “Rule”) issued by the Financial Crime Enforcement Center (“FinCEN”). With the Rule’s May 11 implementation date only a few weeks away, and with FinCEN recently having published its new and long-awaited FAQs regarding the Rule (FAQs), we thought that the time was right for more practical tips and answers to questions surrounding the Rule. Continue Reading FinCEN’s Beneficial Ownership Rule: More Practical Tips and Answers to Frequently Asked Questions

Australia announced on April 11 that all digital currency exchanges operating in the country will be regulated by the Transaction Reports and Analysis Centre (“AUSTRAC”), the country’s financial intelligence agency.  A byproduct of the government’s Anti-Money Laundering (“AML”) and Counter Terrorism Financing (“CTF”) Act (on which we previously have blogged, both here and here), the new laws require all “digital currency exchange providers” with operations in Australia to register with AUSTRAC and, additionally, meet compliance and reporting obligations by May 14.

AUSTRAC’s new policing mandate represents a meaningful step in strengthening the country’s efforts under the AML/CTF Act, first enacted in 2006.  In brief, that law—now applicable to all digital currency exchanges operating in Australia—requires all regulated entities such as banks and money transfer operators to collect information to establish a customer’s identity, monitor transactions, and report activity that is suspicious or involves cash over $10,000 Australian dollars.  As summarized by AUSTRAC on its website, the AML/CTF Act:

. . . . places a number of obligations on reporting entities when they provide designated services, including:

Reporting entities determine how they meet their obligations based on their assessment of the risk of whether providing a designated service to a customer may facilitate money laundering or terrorism financing.  These requirements echo similar AML regulatory requirements in the United States that require digital currency exchangers and administrators to register with FinCEN as money services businesses, and with the various States as money transmitter businesses.  AUSTRAC also has issued a guide for digital currency exchange service businesses to prepare and implement their AML/CTF programs.  The guide sets forth a check list of tasks necessary to developing and maintaining an adequate AML/CTF program, including the completion of a risk assessment of the business, designing a training program, and creating procedures for responding to AUSTRAC feedback. Continue Reading Australia’s Financial Intelligence Agency Implements AML Regulation of Digital Currencies

And a Tale of Four Countries: Singapore Fines a U.K. Bank, and the U.S. Imposes a Consent Order on a Chinese Bank

Less than a week apart, two major financial institutions (“FIs”) have been hit with penalties for failing to implement adequate anti-money laundering (“AML”) protections. But the penalties imposed by the involved regulators are different.  In this post, we report on the enforcement actions recently lodged against Standard Chartered PLC and the Industrial & Commercial Bank of China Ltd. by the Monetary Authority of Singapore and the United States Federal Reserve, respectively.  We also consider the approaches of these two regulators to the banks and the differing outcomes of the enforcement actions.

Continue Reading A Tale of Two Enforcement Actions

Second Part in a Two-Part Series

The Tale of an AML BSA Exam Gone Wrong

As we have blogged, the Ninth Circuit Court of Appeals recently upheld the decision of the Board of Directors of the Federal Deposit Insurance Corporation (“FDIC”) to issue a cease and desist order against California Pacific Bank (the “Bank”) for the Bank’s alleged failure to comply with Bank Secrecy Act (“BSA”) regulations or have a sufficient plan and program in place to do so.

In our first post, we described how the Ninth Circuit rejected the Bank’s constitutional challenge to the relevant regulation, and accorded broad deference to the FDIC in its interpretations of its own regulations, expressed in the form of the Federal Financial Institutions Examination Council Manual (“FFIEC Manual”).  This post discusses the Court’s review of the Bank’s challenge under the Administrative Procedures Act to the FDIC’s factual findings of AML program failings.

The California Pacific opinion provides a significant piece of guidance for banks questioning the adequacy of its BSA compliance program: consult and abide the FFIEC Manual.  Furthermore, it demonstrates that no shortcuts are permitted when it comes to establishing and maintaining a BSA compliance program.  The BSA and the FDIC’s regulations contain firm guidelines and the FFIEC Manual puts banks of all sizes on notice of what compliance is expected of them.  The independence of both the AML compliance officer and of testing; adequate risk assessments of customer accounts; and the correction of prior regulator findings of AML deficiencies are key. Continue Reading Ninth Circuit Court of Appeals Outlines BSA Compliance Obligations and How One Small Bank Failed to Meet Them

As we previously have blogged, the Financial Crimes Enforcement Network (“FinCEN”) became one of the first regulators to wade into the regulation of cryptocurrency when it released interpretive guidance in March 2013 stating that an administrator or exchanger of virtual currency is a Money Services Business (“MSB”). As a MSB, and according to FinCEN, an administrator or exchanger of virtual currency therefore is a “financial institution” subject to the Bank Secrecy Act (“BSA”) and its various AML-related requirements, unless a limitation or exemption applies.  Accordingly, the Department of Justice has prosecuted operators of cryptocurrency exchanges for a failure to register with FinCEN as a MSB, and FinCEN has brought civil enforcement proceedings against such exchanges for alleged failures to maintain adequate AML programs and file required Suspicious Activity Reports (“SARS”), among other alleged BSA violations.

Recently, regulators of all stripes across the globe have been moving swiftly to regulate cryptocurrency in various ways (see herehere, here, here, here, here, here, here, and here). Indeed, the Securities and Exchange Commission (“SEC”) has been very vocal and aggressive in claiming that many if not all Initial Coin Offerings (“ICOs”) involving cryptocurrency represent securities subject to the jurisdiction and supervision of the SEC, and already has filed several enforcement proceedings involving ICOs. Moreover the SEC just yesterday issued a statement that it considers exchanges for cryptocurrency to also be subject to its jurisdiction. Likewise, the U.S. Commodity Futures Trading Commission (“CFTC”) has asserted that cryptocurrencies are commodities subject to its jurisdiction; this week, a federal court agreed with this assertion in a CFTC enforcement action.  The CFTC claims that its jurisdiction reaches beyond cryptocurrency derivative products to fraud and manipulation in the underlying cryptocurrency spot markets.

But there is a potential problem with all of these regulators simultaneously rushing in to assert their respective power over cryptocurrency businesses, and it is a tension that does not seem to have attracted much public attention to date. Specifically, BSA regulations pertaining to the definition of a MSB, at 31 C.F.R. § 1010.100(ff)(8)(ii), flatly state that a MSB does not include the following:

A person registered with, and functionally regulated or examined by, the SEC or the CFTC, or a foreign financial agency that engages in financial activities that, if conducted in the United States, would require the foreign financial agency to be registered with the SEC or CFTC[.]

How can certain cryptocurrency businesses be subject to the claimed jurisdictions of FinCEN as well as the recent regulatory newcomers to this area, the SEC and the CFTC? Continue Reading FinCEN Letter to U.S. Senate Committee on Finance Purports to Thread Needle of Potentially Competing Jurisdictions by Regulators over Cryptocurrencies

On February 23, the Financial Action Task Force (“FATF”) signaled that the inter-governmental body “will step up its efforts in monitoring the use of cryptocurrencies in money laundering.”  While the 37-member international body remains without an official policy for implementation, the pronouncement nonetheless demonstrates the heightened Anti-Money Laundering (“AML”) concern from regulators across the globe concerning illicit uses of cryptocurrency.

Notably, the FATF’s pronouncement comes on the heels of recent enforcement-related measures taken in various countries.  As we previously have blogged, the European Parliament and its executive arm, the European Council, recently agreed to an amendment to the Fourth Anti-Money Laundering Directive to include measures targeting exchange platforms for virtual currencies, such as Bitcoin, as well as prepaid cards.  More recently, France’s top financial markets regulator issued a statement that online trading platforms for cryptocurrency derivatives fall under the European Union’s central legislation regulating financial markets.  In the U.K., the Parliament’s Treasury Committee announced on February 22 that it has launched a probe to examine both the impact of cryptocurrencies on financial institutions and how best to police the new technology.  Meanwhile, South Korea’s ban on anonymous trading of cryptocurrencies—part of the country’s new policies which represent the first AML guidelines for cryptocurrencies among the nations of the FATF—took effect on January 30. Continue Reading Global Regulators to Maintain AML Pressure on the Cryptocurrency Industry

Yesterday, the SEC Office of Compliance Inspections and Examinations (OCIE) announced its 2018 examination priorities, released in order to “improve compliance, prevent fraud, monitor risk, and inform policy.”  OCIE announced five priorities, with Anti-Money Laundering (“AML”) programs being one of them.  This emphasis on AML is consistent with the SEC’s increasing willingness to bring enforcement actions relating to AML and the Bank Secrecy Act (“BSA”).  As we also discuss, here and in our sister blog, CyberAdviser, another priority announced by OCIE is cybersecurity, an issue which increasingly overlaps with AML issues. Continue Reading SEC Targets AML as Exam Priority

Second Post in a Two-Part Series

As we blogged earlier this week, Congress is considering a new draft bill, the Counter Terrorism and Illicit Finance Act (“CTIFA”), in committee in the Senate.  The CTIFA proposes the most substantial overhaul to the Bank Secrecy Act (“BSA”) since the PATRIOT Act.

We previously discussed CTIFA’s proposed requirement for legal entities to submit to FinCEN a list their beneficial owners (“BOs”) and the creation of a central directory of these BOs. Today, we discuss CTIFA’s many other major proposed revisions to the BSA. These include:

  • Raising the minimum monetary thresholds for filing Currency Transaction Reports (“CTRs”) and Suspicious Activity Reports (“SARs”), and requiring a review of how those filing requirements could be streamlined;
  • Expanding the prohibition against disclosing SAR-related information to third parties, including in private litigation;
  • Codifying absolute civil immunity for SAR filing;
  • Expanding the scope of voluntary information sharing among financial institutions;
  • Allowing FinCEN to issue no-action letters; and
  • A grab-bag of other proposals, including a safe harbor for AML-related technological innovation; requiring a review of whether FinCEN should assume a greater role in AML/BSA examinations of financial institutions; requiring a review of the costs to the private sector for AML/BSA compliance; and requiring an annual report to the Secretary of the Treasury (“the Secretary”) regarding the usefulness of BSA reporting to law enforcement.

Continue Reading Congress Contemplates Broad AML/BSA Reform

Last week, the Office of the Comptroller of the Currency (“OCC”) released its semiannual risk report (“Report”) highlighting credit, operational, and compliance risks to the federal banking system.  The Report focuses on issues that pose threats to those financial institutions regulated by the OCC and is intended to be used as a resource to by those financial institutions to address the key concerns identified by the OCC.  Specifically, the OCC places cybersecurity and Anti-Money Laundering (“AML”) among the top concerns highlighted in the Report.  The Report further observes that the total number of enforcement actions by the OCC against banks — instituted for any kind of alleged violations — have declined steadily after peaking in 2009. Continue Reading OCC Report: Cybersecurity and Money Laundering Threats are the Key Risks Facing Banks

Mexico City’s downtown and Palacio de Bellas Artes building at twilight

Last week, the Financial Action Task Force (“FATF”) issued a report concluding that Mexico needs to “step up efforts in pursuing money launderers.” The report, which summarized the FATF’s findings from its on-site assessment in early 2017, identified three particularly weak areas in Mexico’s AML regime:  preventative measures; investigation and prosecution; and confiscation.  This post summarizes the report’s findings, and observes that Mexico is not the only nation needing to “step up” its efforts.  Further, given the strong financial and geographic ties between Mexico and the U.S., the AML challenges of Mexico can be the challenges of the U.S. Continue Reading Mexico’s AML Regime Evaluated by the FATF: Systemic Improvement, but Suspicious Transaction Reporting and Law Enforcement Efforts Continue to Struggle