Last week, the Office of the Comptroller of the Currency (“OCC”) released its semiannual risk report (“Report”) highlighting credit, operational, and compliance risks to the federal banking system. The Report focuses on issues that pose threats to those financial institutions regulated by the OCC and is intended to be used as a resource to by those financial institutions to address the key concerns identified by the OCC. Specifically, the OCC places cybersecurity and Anti-Money Laundering (“AML”) among the top concerns highlighted in the Report. The Report further observes that the total number of enforcement actions by the OCC against banks — instituted for any kind of alleged violations — have declined steadily after peaking in 2009. Continue Reading OCC Report: Cybersecurity and Money Laundering Threats are the Key Risks Facing Banks
We are really pleased to announce that Ballard Spahr has launched CyberAdviser, a new blog focused on the latest news and developments in privacy and cybersecurity law.
It will offer insights into the latest governance and compliance matters, investigations, civil and criminal litigation, regulatory and legislative developments, industry trends, emerging technologies, and other cyber issues that may be just a click away. CyberAdviser is produced by the members of our Privacy and Data Security Group—a nationwide team of more than 50 attorneys who provide a wide range of legal services to help clients identify, manage, and mitigate cyber risk.
CyberAdviser will serve as an excellent counterpart to the issues we discuss in Money Laundering Watch. To demonstrate the (increasingly) frequent overlap between AML and privacy and cybersecurity issues, our colleague Kim Phan is posting today in both blogs about a new report issued by the Office of the Comptroller of the Currency regarding the cybersecurity and money laundering threats currently facing banks.
As digital currency continues to evolve, it continues to pose unfolding compliance, regulatory and criminal law challenges. We will present two webinars on this topic in September, in which we will discuss issues posed under the Bank Secrecy Act and the money laundering and federal securities laws, among other issues.
The first webinar, “Current Trends in Criminal Law: The Mechanics of Virtual Currency, from Legitimate Use to Misuse,” will be presented through Lawline, on September 7 at 11:30 am ET.
The second webinar, “Eye on Virtual Currency and Blockchain Technology,” will be presented through Ballard Spahr LLP, on September 19 at 12:00 pm ET. Our colleague Odia Kagan also will participate in this free webinar, which also will discuss some of the data privacy issues posed by digital currency.
We hope that you join us. You may review the webinars and register through the links provided above. The innovative blockchain technology that is at the heart of digital currency likely will be embraced increasingly by more “traditional” financial institutions, so these issues have broad relevance.
If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.
As digital currency becomes more ubiquitous, state and federal regulators across the United States, as well as regulators in many other countries, are examining how existing regulatory structures need to be adapted to account for unique aspects of digital currency. News from both India and Australia reflect different approaches to the ever-evolving world of digital currency and potential money laundering risks associated with that currency. As we previously have blogged, U.S. enforcement personnel aggressively have asserted jurisdiction over international digital currency operations. As we will discuss, it appears that digital currency businesses will find themselves having to comply with a kaleidoscope of various Anti-Money Laundering (“AML”) regulatory regimes across the globe. Continue Reading As Digital Currency Spreads, So Does its Global Regulation: India and Australia Enter the Fray
On July 26, FinCEN, in coordination with the U.S. Attorney’s Office for the Northern District of California (“NDCA USAO”), assessed a $110,003,314 civil money penalty against BTC-e a/k/a Canton Business Corporation (“BTC-e”) for willfully violating the Bank Secrecy Act (“BSA”), and a $12 million penalty against Alexander Vinnik, a Russian national who is one of the alleged operators of BTC-e, for his role in the violations. FinCEN’s press release indicates that this is the first enforcement action it has taken against a foreign-located money services business (“MSB”) doing business in the United States. As we previously have blogged, FinCEN released interpretive guidance in March 2013 stating that an administrator or exchanger of virtual currency is an MSB under the BSA unless a limitation or exemption applies.
In a parallel criminal investigation, Vinnik was arrested and detained in Greece and charged in a 21-count superseding indictment brought by the NDCA USAO and DOJ’s Computer Crime and Intellectual Property Section. The superseding indictment alleges that Vinnik and BTC-e operated an unlicensed MSB doing business in the U.S., in violation of 18 U.S.C. § 1960, and committed money laundering, in violation of 18 U.S.C. §§ 1956 and 1957, by facilitating virtual currency transactions involving various crimes, including computer hacking, identity theft, tax refund fraud schemes, public corruption, and drug trafficking. The superseding indictment also provides some clues to the fate of the collapsed virtual currency exchange Mt. Gox, once reportedly the largest such exchange in the world. Continue Reading FinCEN Takes First Action Against Foreign-Located MSB—“The Virtual Currency Exchange of Choice for Criminals”—For Willfully Violating U.S. AML Laws
We were pleased to contribute an article to the May 2017 issue of Business Crimes Bulletin titled “The Growing Convergence of Cyber-Related Crime and Suspicious Activity Reporting.” Regulators and law enforcement are taking proactive steps to further leverage anti-money laundering monitoring and reporting tools in their battle with cyber attacks and cyber crimes. In-house legal and compliance teams need to be fully versed in the latest Financial Crimes Enforcement Network (FinCEN) and bank regulatory guidance on cyber-related crimes and have the right professionals available to assist them with these matters.
Cyber-related crimes increasingly are making headlines across the globe as cyber attacks and other cyber incidents grow in intensity, volume and sophistication against government, political and business targets. The motives of attackers are as varied as their methods, but there is clearly an increasing number of attacks and other illegal activity motivated by financial gain against businesses, including financial institutions. Recent regulatory developments reveal that that illegal cyber activity has become more relevant to the fight against money laundering and terrorist financing as well.
Click here to read the full article.
If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.
Reprinted with permission from the May 2017 issue of Business Crimes Bulletin.
© 2017 ALM Media Properties, LLC. Further duplication without permission is prohibited. All rights reserved.
Employers increasingly face the difficult scenario of employees who misappropriate company data in the pursuit of whistleblower claims alleging misconduct by the employer. Such cases can present a complex mix of regulatory, cybersecurity, and employment issues. These issues were front and center in a recent whistleblower case pitting a bank against its former internal auditor, who engaged in computer-facilitated misappropriation of the bank’s confidential information allegedly to support whistleblower conduct.
The U.S. District Court for the Southern District of California recently declined to summarily adjudicate whether the employee’s confidentiality agreement precluded any whistleblower affirmative defense based on the employee’s alleged violation of computer fraud, contract, and tort laws. The whistleblower laws in question included the Bank Secrecy Act, Sarbanes-Oxley, Dodd-Frank, and the California Labor Code.
In Erhart v. Bofi Holding, plaintiff Charles Matthew Erhart filed a whistleblower complaint against his employer, Bank of the Internet (BofI), alleging BofI retaliated against him for reporting unlawful conduct to the government. BofI, in turn, filed a complaint, alleging that Erhart breached his employee confidentiality agreement by misappropriating confidential data relating to his employer and its clients and disseminating that data to the government, family members, and the national press.
Erhart illustrates the complex and practical problems faced by employers dealing with employees who engage in conduct that would otherwise constitute computer fraud, intellectual property theft, breaches of employment-related agreements and policies, and related tort claims under the mantle of “whistleblower.” A key issue in the case was whether Erhart would be entitled to pursue his retaliation claims before a jury or would be precluded from doing so as a matter of law given his computer-facilitated theft of confidential information. Continue Reading Bank Whistleblower Suits Highlight Limits of Employee Confidentiality Agreements
Despite the staggering $8 billion figure estimated to be spent on global compliance in 2017, U.S.-based rules regarding Anti-Money Laundering (“AML”) and Combating the Financing of Terrorism (“CFT”) remain anchored in their 1970s design. Contrary to the generally slow pace of Congressional action, new technologies may reshape the global financial system (“GFS”) and with it, the ability to detect and disrupt money laundering schemes and terrorist plots. Chief among these is blockchain, a peer-to-peer technology first implemented as the backbone of the virtual currency Bitcoin. Continue Reading Combating Money Laundering and Terrorist Financing with a Distributed Ledger
The founders of Panamanian law firm Mossack Fonseca were arrested on Saturday, following their indictment on money-laundering charges allegedly tied to the ever-widening Petrobas corruption scandal in Brazil.
Kenia Porcell, the country’s Attorney General, tweeted news of the two men’s arrest: “Raid of offices of law firm that created limited liability companies in Brazil linked to #LavaJato #PanamaPapers.”
The New York State Department of Financial Services (“DFS”) has issued its fifth BitLicense to date, continuing a marked effort to bring legitimacy and controls to the virtual currency (“VC”) industry, whose advantages in lowering costs and creating efficiencies have been marred with concerns of nefarious use.
Founded in 2012, Coinbase, Inc. operates as a digital currency exchange and is perched at the top of well-funded startups in the VC industry. Its BitLicense signifies an important milestone in the company’s nearly two-year, multi-state licensing strategy. In the same vein, the fact that a VC market-leader has sought after and is now approved to do business in New York is an equally important occasion for the BitLicense program itself. Continue Reading Coinbase the Latest to Obtain New York BitLicense