Bank Secrecy Act (BSA)

Court Defers Heavily to the FDIC and the FFIEC Manual

First Part in a Two-Part Series

The Ninth Circuit Court of Appeals recently upheld the decision of the Board of Directors of the Federal Deposit Insurance Corporation (“FDIC”) to issue a cease and desist order against California Pacific Bank (the “Bank”) for the Bank’s alleged failure to comply with Bank Secrecy Act (“BSA”) regulations or have a sufficient plan and program in place to do so.

This decision, California Pacific Bank v. FDIC, provides a nearly step-by-step analysis of what is required of banks under the BSA and a vivid illustration of an Anti-Money Laundering (“AML”) program that did not pass muster in the eyes of a regulator.  It highlights the general rules that banks of all sizes, but particularly smaller community banks, must keep in mind concerning their compliance programs – size does not matter and you are on notice of what compliance entails.

Importantly, and before upholding the FDIC’s factual findings regarding the Bank’s violations, the Ninth Circuit first rejected the Bank’s claim that the regulation at issue (which required the Bank to implement an AML compliance program which complied with the “four pillars” of such a program) was unconstitutionally vague. Moreover, the Ninth Circuit found that the FDIC has broad discretion when interpreting this regulation, described by the Court as “ambiguous.”

This post will summarize the case and the key role played by the Federal Financial Institutions Examination Council Manual (“FFIEC Manual”) in both the Court’s rejection of the constitutional challenge and the broad deference which the Court accorded to the FDIC and its interpretation of its own regulations.  The second post will turn to the Bank’s alleged AML program failings and the Bank’s challenges to the FDIC’s many factual findings. Continue Reading Ninth Circuit Court of Appeals Rejects Constitutional Challenge to AML Compliance Program Regulation

As we previously have blogged, the Financial Crimes Enforcement Network (“FinCEN”) became one of the first regulators to wade into the regulation of cryptocurrency when it released interpretive guidance in March 2013 stating that an administrator or exchanger of virtual currency is a Money Services Business (“MSB”). As a MSB, and according to FinCEN, an administrator or exchanger of virtual currency therefore is a “financial institution” subject to the Bank Secrecy Act (“BSA”) and its various AML-related requirements, unless a limitation or exemption applies.  Accordingly, the Department of Justice has prosecuted operators of cryptocurrency exchanges for a failure to register with FinCEN as a MSB, and FinCEN has brought civil enforcement proceedings against such exchanges for alleged failures to maintain adequate AML programs and file required Suspicious Activity Reports (“SARS”), among other alleged BSA violations.

Recently, regulators of all stripes across the globe have been moving swiftly to regulate cryptocurrency in various ways (see herehere, here, here, here, here, here, here, and here). Indeed, the Securities and Exchange Commission (“SEC”) has been very vocal and aggressive in claiming that many if not all Initial Coin Offerings (“ICOs”) involving cryptocurrency represent securities subject to the jurisdiction and supervision of the SEC, and already has filed several enforcement proceedings involving ICOs. Moreover the SEC just yesterday issued a statement that it considers exchanges for cryptocurrency to also be subject to its jurisdiction. Likewise, the U.S. Commodity Futures Trading Commission (“CFTC”) has asserted that cryptocurrencies are commodities subject to its jurisdiction; this week, a federal court agreed with this assertion in a CFTC enforcement action.  The CFTC claims that its jurisdiction reaches beyond cryptocurrency derivative products to fraud and manipulation in the underlying cryptocurrency spot markets.

But there is a potential problem with all of these regulators simultaneously rushing in to assert their respective power over cryptocurrency businesses, and it is a tension that does not seem to have attracted much public attention to date. Specifically, BSA regulations pertaining to the definition of a MSB, at 31 C.F.R. § 1010.100(ff)(8)(ii), flatly state that a MSB does not include the following:

A person registered with, and functionally regulated or examined by, the SEC or the CFTC, or a foreign financial agency that engages in financial activities that, if conducted in the United States, would require the foreign financial agency to be registered with the SEC or CFTC[.]

How can certain cryptocurrency businesses be subject to the claimed jurisdictions of FinCEN as well as the recent regulatory newcomers to this area, the SEC and the CFTC? Continue Reading FinCEN Letter to U.S. Senate Committee on Finance Purports to Thread Needle of Potentially Competing Jurisdictions by Regulators over Cryptocurrencies

Second Post in a Two-Part Series

As we blogged earlier this week, Congress is considering a new draft bill, the Counter Terrorism and Illicit Finance Act (“CTIFA”), in committee in the Senate.  The CTIFA proposes the most substantial overhaul to the Bank Secrecy Act (“BSA”) since the PATRIOT Act.

We previously discussed CTIFA’s proposed requirement for legal entities to submit to FinCEN a list their beneficial owners (“BOs”) and the creation of a central directory of these BOs. Today, we discuss CTIFA’s many other major proposed revisions to the BSA. These include:

  • Raising the minimum monetary thresholds for filing Currency Transaction Reports (“CTRs”) and Suspicious Activity Reports (“SARs”), and requiring a review of how those filing requirements could be streamlined;
  • Expanding the prohibition against disclosing SAR-related information to third parties, including in private litigation;
  • Codifying absolute civil immunity for SAR filing;
  • Expanding the scope of voluntary information sharing among financial institutions;
  • Allowing FinCEN to issue no-action letters; and
  • A grab-bag of other proposals, including a safe harbor for AML-related technological innovation; requiring a review of whether FinCEN should assume a greater role in AML/BSA examinations of financial institutions; requiring a review of the costs to the private sector for AML/BSA compliance; and requiring an annual report to the Secretary of the Treasury (“the Secretary”) regarding the usefulness of BSA reporting to law enforcement.

Continue Reading Congress Contemplates Broad AML/BSA Reform

Congress is considering a new draft bill, the Counter Terrorism and Illicit Finance Act (“CTIFA”), currently in committee in the Senate.  The CTIFA proposes the most substantial overhaul to the Bank Secrecy Act (“BSA”) since the PATRIOT Act.

This post is the first entry in a two-post series discussing the CTIFA. Here, we summarize recent Senate hearings on the bill and AML reform, which suggest that the CTIFA enjoys political momentum. We also discuss what is arguably the most dramatic change proposed by the CTIFA: requiring legal entities to submit to FinCEN of a list their beneficial owners (“BOs”) – a requirement backed up by civil and criminal penalties for non-compliance — and the creation of a directory of these BOs, which would be accessible to local and international law enforcement and financial institutions. This proposal in part seeks to ease the burdens faced by financial institutions in complying with FinCEN’s Customer Due Diligence (“CDD”) regulation, which takes effect on May 11, 2018 and requires financial institutions to determine BO for legal entities.

In our next post, we will discuss CTIFA’s many other proposed revisions to the BSA. These include: expanding the scope of voluntary information sharing among financial institutions; raising the minimum monetary thresholds for filing Currency Transaction Reports (“CTRs”) and Suspicious Activity Reports (“SARs”); expanding the prohibition against disclosing SAR-related information to third parties, including in private litigation; codifying absolute immunity for SAR filing; allowing FinCEN to issue no-action letters; creating a safe harbor for AML-related technological innovation; requiring a review of whether FinCEN should assume a greater role in AML/BSA exams of financial institutions; and requiring an annual report regarding the usefulness of BSA reporting to law enforcement. Continue Reading Congress Proposes National Directory of Beneficial Owners of Legal Entities

Last week, the Office of the Comptroller of the Currency (“OCC”) released its semiannual risk report (“Report”) highlighting credit, operational, and compliance risks to the federal banking system.  The Report focuses on issues that pose threats to those financial institutions regulated by the OCC and is intended to be used as a resource to by those financial institutions to address the key concerns identified by the OCC.  Specifically, the OCC places cybersecurity and Anti-Money Laundering (“AML”) among the top concerns highlighted in the Report.  The Report further observes that the total number of enforcement actions by the OCC against banks — instituted for any kind of alleged violations — have declined steadily after peaking in 2009. Continue Reading OCC Report: Cybersecurity and Money Laundering Threats are the Key Risks Facing Banks

FinCEN recentlty announced entry of a $2 million assessment against Lone Star National Bank, a private bank operating out of Texas, for the bank’s allegedly willful violations of the Bank Secrecy Act (“BSA”) and inadequate Anti-Money Laundering (“AML”) monitoring programs.  The primary violations relate to Lone Star’s alleged failure to comply with due diligence requirements imposed by Section 312 of the USA PATRIOT Act in establishing and conducting its correspondent banking relationship with a Mexican bank.  As a result of Lone Star’s insufficient due diligence and AML program, the Mexican bank was “allowed to move hundreds of millions of U.S. dollars in suspicious cash shipments through the U.S. financial system in less than two years.”  The FinCEN’s announcement warns that this “action underscores the dangers that institutions face when taking on international correspondence activities without properly equipping themselves” to manage the enhanced obligations that arise with such relationships.

This new FinCEN assessment underscores the continued regulatory interest in the AML risks presented by correspondent banking relationships. We therefore first will provide a brief overview of correspondent banking relationships and the enhanced regulatory attention often paid to them. Armed with this context, we then will analyze the findings and lessons learned from the Lone Star assessment, including the value touted by FinCEN of Lone Star’s efforts to cooperate with its own investigation. Further, this new assessment suggests that the U.S. government does not always present a consistent voice regarding correspondent banking relationships: although the U.S. Treasury has tried to encourage financial institutions in general to not “de-risk” and thereby terminate correspondent banking relationships, we see that enforcement agencies continue to penalize institutions in individual cases for not mitigating sufficiently the risks of correspondent banking. Continue Reading FinCEN Fines Texas Bank $2M for Alleged Failure to Vet and Monitor Mexican Correspondent Banking Relationship – But Touts Bank’s Cooperation

Second in a Three-Part Series of Blog Posts

As we recently blogged, the Royal United Services Institute (“RUSI”) for Defence and Security Studies — a U.K. think tank – has released a study:  The Role of Financial Information-Sharing Partnerships in the Disruption of Crime (the “Study”).  The Study focuses on international efforts — including efforts by the United States — regarding the reporting of suspicious transactions revealing criminal activity such as money laundering and terrorist financing.  The Study critiques current approaches to Anti-Money Laundering (“AML”) reporting, and suggests improvements, primarily in the form of enhanced information sharing among financial institutions and governments.

In our first blog post in this series, we described some of the criticisms set forth by the Study regarding the general effectiveness of suspicious activity reporting, which the Study described as often presenting little or no “operational value to active law enforcement investigations.” In this second blog post pertaining to the Study, we will discuss the current landscape of AML information sharing in the United States — which is governed by Section 314 of the Patriot Act, and which is an important component of many financial institutions’ ability to fulfill successfully their AML obligations. In the third and final blog post pertaining to the Study, we will circle back to the Study and examine its findings and proposals for an enhanced process of information sharing by financial institutions and governments in order to better fight money laundering and terrorism. Continue Reading AML Information Sharing in the U.S. – Section 314 of the Patriot Act

Second of a Two-Part Blog: Anti-Money Laundering Programs Coming to the Legal Profession?

Yesterday, we began our discussion of the proposed Corporate Transparency Act of 2017 (the “Act”), and observed that, if passed, the Act would represent another chapter in the domestic and global campaign to increase transparency in financial transactions through information gathering by private parties and expanded requirements for Anti-Money Laundering (“AML”) reporting. Today, we summarize the details of this complex legislation, focusing in particular on two significant ways in which the Act would amend the Bank Secrecy Act (“BSA”):

  • Requiring regulations to establish minimum standards for State procedures regarding the formation of legal entities such as corporations and limited liability companies (“LLCs”) and the identification of the beneficial owners of such entities when they are formed.
  • Adding “formation agents” – i.e., those who assist in the creation of legal entities – to the BSA’s definition of a “financial institution” which is subject to the BSA’s reporting and AML obligations. This new definition potentially applies to a broad swath of businesses and individuals previously not regulated directly by the BSA, including certain attorneys.

Continue Reading Expanded Beneficial Ownership Reporting and AML Duties Under the Corporate Transparency Act