Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FinCEN director discusses approach to virtual currency and emerging technology

    Financial Crimes

    On August 9, FinCEN Director Kenneth A. Blanco delivered remarks at the 2018 Chicago-Kent Block (Legal) Tech Conference to discuss, among other things, the agency’s approach to virtual currency and its efforts to protect financial institutions from being exploited for illicit financing purposes as new financial technologies evolve and are adopted. Blanco commented that while innovation provides customers with greater access to financial services, it can also create opportunities for criminals or serve as a vehicle for fraud. Blanco discussed several areas of focus, such as (i) the regulation of virtual currency and initial coin offerings (ICOs), along with coordinated policy development and regulatory approaches done in conjunction with the SEC and CFTC; (ii) examination and supervision efforts designed to “proactively mitigate potential illicit finance risks associated with virtual currency”; (iii) anti-money laundering/countering the financing of terrorism (AML/CFT) regulatory compliance expectations for companies involved in ICOs or virtual currency transmissions; (iv) enforcement actions taken against companies that fail to implement effective programs; (v) the rise and importance of virtual currency suspicious activity report filings which help the agency identify and investigate illicit activity; and (vi) the development of an information sharing virtual currency-focused FinCEN Exchange program. Blanco emphasized that “individuals and entities engaged in the business of accepting and transmitting physical currency or convertible virtual currency from one person to another or to another location are money transmitters subject to the requirements” of the Bank Secrecy Act.

    Financial Crimes FinCEN Bank Secrecy Act Virtual Currency Anti-Money Laundering Combating the Financing of Terrorism SARs SEC CFTC Fintech Initial Coin Offerings

    Share page with AddThis
  • FFIEC releases customer due diligence and beneficial ownership examination procedures

    Financial Crimes

    On May 11, the Federal Financial Institutions Examination Council released updated examination procedures for FinCEN’s final rule, “Customer Due Diligence Requirements for Financial Institutions” (CDD rule). Compliance with the CDD rule became mandatory on  May 11. The updated customer due diligence exam procedures were developed in close collaboration with FinCEN and replace those in the current Bank Secrecy Act/Anti-Money Laundering Examination Manual. Additionally, a new set of exam procedures address the CDD rule’s beneficial ownership requirements.

    According to an OCC bulletin released the same day, the examination procedures reflect federal and state banking agencies’ “ongoing commitment to examine financial institutions for compliance with the Bank Secrecy Act . . . in accordance with uniform standards and principles.”

    See here for continuing InfoBytes coverage of the CDD rule.

    Financial Crimes FFIEC CDD Rule OCC FinCEN Beneficial Ownership

    Share page with AddThis
  • FinCEN recognizes law enforcement agencies for use of BSA reporting

    Financial Crimes

    On May 8, FinCEN announced its third annual Law Enforcement Awards to law enforcement agencies that use Bank Secrecy Act data provided by financial institutions in their criminal investigations. The program seeks to recognize law enforcement agencies that made effective use of financial institution reporting to obtain a successful prosecution, and to demonstrate to the financial industry the value of its reporting to law enforcement. The following agencies were recognized:

    • Suspicious Activity Report Review Task Force Category – Internal Revenue Service-Criminal Investigation (IRS-CI). Based on a review of financial data showing a pattern of unusual cash withdrawals by one subject from a single financial institution, IRS-CI uncovered a criminal conspiracy to defraud the estate of a deceased individual of over $2 million. IRS-CI executed warrants and recovered over $500,000 and over $2 million in restitution was ordered to be returned to the true heir of the estate.
    • Transnational Organized Crime/Third Party Money Launderers Category – Drug Enforcement Administration (DEA). Using FinCEN’s data and investigative tools, the DEA helped dismantle two Southern California and Tijuana-based money laundering schemes. Arrest warrants were issued for 27 individuals and officials were able to seize millions of dollars in cash, real estate, and vehicles.
    • Transnational Security Threats Category – FBI. Utilizing FinCEN resources, an FBI investigation, conducted in coordination with the Office of Foreign Assets Control (OFAC), resulted in the blocking of $7 million in transactions used to provide access to the U.S. financial system on behalf of North Korean entities, a $20 million monetary penalty, and the addition of several entities to OFAC’s Designated Nationals and Blocked Persons List (SDN list).
    • Cyber Threats Category – Internal Revenue Service-Criminal Investigation (IRS-CI). IRS-CI untangled a money laundering scheme that had generated over $17 million in proceeds through wire transfers from multiple foreign-based accounts. IRS-CI search warrants led to the forfeiture of $10 million in fraudulent proceeds and three subjects pled guilty to conspiracy to commit fraud and related activity in connection with computers, with a fourth found guilty of wire fraud and money laundering.
    • Significant Fraud Category – Immigration and Customs Enforcement – Homeland Security Investigations (HSI). HSI led an investigation that identified a complex money laundering conspiracy in which operators at an India-based call center and U.S.-based facilitators worked together to launder $300 million. Twenty-four subjects in the United States were arrested across eight states, all of whom were convicted of conspiracy, money laundering, and various fraud crimes. 
    • Third-Party Money Launderers Category – Internal Revenue Service – Criminal Investigation (IRS-CI). IRS-CI led a multi-agency effort to combat Mexican kleptocracy. Using FinCEN resources and a high volume of financial data, an investigation resulted in seizure of over $800 million in assets and subjects being charged with various financial crimes, such as money laundering, bank fraud, wire fraud, loan fraud, and racketeering.
    • State and Local Law EnforcementNassau County Policy Department. Nassau County Police launched an investigation after becoming aware of a high volume of cash deposits in a subject’s account. In coordination with the DEA, Nassau County Police determined the activity was a trade-based money laundering scheme designed to launder the proceeds of illegal narcotics transactions. The investigation resulted in fines totaling $8.5 million.

    Financial Crimes FinCEN Bank Secrecy Act Anti-Money Laundering

    Share page with AddThis
  • FinCEN and California card club agree to a reduced penalty for AML violations

    Financial Crimes

    On May 3, the Financial Crimes Enforcement Network (FinCEN) and a California card club agreed to a $5 million penalty for Bank Secrecy Act (BSA) and anti-money laundering (AML) violations from 2009 to 2017. In November 2017, FinCEN assessed the company $8 million in civil money penalties but has now agreed to suspend $3 million pending compliance with certain requirements in the consent order. As previously covered by InfoBytes, FinCEN alleges the company failed to file certain Suspicious Activity Reports (SARs) regarding loan sharking and other criminal activities being conducted through the company and failed to implement sufficient internal controls to monitor risks associated with gaming practices that allowed customers to co-mingle and pool bets with anonymity. The order requires the company to, among other things, adopt an AML program and hire a qualified independent consultant to review its effectiveness and retain a compliance officer to ensure compliance with BSA requirements.

    Financial Crimes Bank Secrecy Act Anti-Money Laundering Enforcement SARs FinCEN

    Share page with AddThis
  • House Financial Services Committee holds hearing on FinCEN’s CDD rule

    Federal Issues

    On April 27, the House Financial Services Committee’s Subcommittee on Financial Institutions and Consumer Credit held a hearing entitled “Implementation of FinCEN's Customer Due Diligence Rule—Financial Institution Perspective” to discuss challenges facing financial institutions when complying with FinCEN’s Customer Due Diligence Rule (CDD Rule). As previously covered in InfoBytes, the CDD Rule takes effect May 11, and imposes standardized customer due diligence (CDD) requirements under the Bank Secrecy Act (BSA) for covered financial institutions, including the identification and verification of the beneficial owners of legal entity customers. The hearing’s four witnesses expressed certain concerns regarding the effects of implementation on financial institutions, as well as the timing of additional guidance released April 3 in the form of frequently asked questions.

    In prepared remarks, Executive Director of The Financial Accounting and Corporate Transparency (FACT) Coalition, Gary Kalman, commented that the CDD Rule, which calls for additional AML requirements, is a “positive step forward but falls short of what is needed to protect the integrity of [the] financial system”—particularly in terms of what defines a “beneficial owner.” Greg Baer, President of The Clearing House Association, expressed concerns that the CDD Rule (i) requires financial institutions to verify beneficial owners for each account that is opened, instead of verifying on a per-customer basis; and (ii) does not explicitly state in its preamble that FinCEN possesses sole authority to set CDD standards, which may present opportunities for examiners to make ad hoc interpretations.

    Additionally, Executive Vice President of the International Bank of Commerce Dalia Martinez, observed, among other things, that compliance with the CDD Rule is costly and burdensome, and that banks have not been provided with the tools or guidance to determine whether the information provided by legal entity customers is accurate when verifying beneficial owners. The “gray areas” within the CDD Rule, Martinez noted, present challenges for compliance. A fourth witness, Carlton Green, a partner at Crowell & Morning, expressed concerns with the relationship between FinCEN and the federal functional regulators, stating that because FinCEN has delegated examination authority to these regulators, there is a chance regulators will “create and enforce their own interpretations of or additions to BSA rules” that may “diverge from FinCEN’s priorities.”

    Federal Issues House Financial Services Committee FinCEN Customer Due Diligence Financial Crimes CDD Rule

    Share page with AddThis
  • FINRA revises anti-money laundering template for small firms

    Agency Rule-Making & Guidance

    On April 4, the Financial Industry Regulatory Authority (FINRA) released a revised template to assist FINRA-registered small firms in developing and implementing risk-based anti-money laundering (AML) programs as required by the Bank Secrecy Act and FINRA Rule 3310. Changes to the template reflect FinCEN’s final rule concerning customer due diligence requirements for covered financial institutions (CDD rule), which goes into effect May 11. (See previous InfoBytes coverage on the CDD rule here.) The CDD rule requires covered financial institutions, including FINRA-registered firms, to identify the beneficial owners of legal entity customers who open new accounts.

    Agency Rule-Making & Guidance FINRA FinCEN Anti-Money Laundering Customer Due Diligence Department of Treasury Bank Secrecy Act Financial Crimes CDD Rule

    Share page with AddThis
  • Buckley Sandler Insights: FinCEN updates FAQs regarding customer due diligence requirements for financial institutions

    Agency Rule-Making & Guidance

    On April 3, FinCEN released an update to its FAQs in advance of the upcoming Customer Due Diligence Requirements for Financial Institutions final rule (issued in 2016 and amended last September for various technical corrections) that goes into effect May 11. As previously covered in InfoBytes, the final rule imposes standardized customer due diligence (CDD) requirements under the Bank Secrecy Act for covered financial institutions and requires financial institutions to identify and verify beneficial owners of legal entity customers, subject to certain exclusions and exemptions. The supplemental FAQs (see InfoBytes coverage on an earlier set of FAQs issued in 2016) assist covered financial institutions in understanding the scope of their CDD requirements, as well as the CDD rule’s impact on broader anti-money laundering (AML) program obligations, and cover a broad range of interpretations including the following:

    • Question 1 specifies covered financial institutions will satisfy the requirements to identify and verify beneficial owners of legal entity customers by collecting and verifying the identity of individuals who directly or indirectly own 25 percent or more of the equity interests in a legal entity customer, as well as “one individual who has managerial control of a legal entity customer.” However, they may choose to implement stricter written internal policies and procedures and expand their information collection to include more than one individual with managerial control or persons owning a lower percentage of equity interests.
    • Question 3 clarifies that covered financial institutions may reasonably rely on a legal entity customer to provide the identities of individuals who satisfy the definition of beneficial ownership, whether indirectly or directly, and “need not independently investigate the legal entity customer’s ownership structure.”
    • Question 7 states that for existing customers, a covered financial institution may rely on information in its possession subject to its Customer Identification Program (CIP) to fulfill the beneficial ownership identification and verification requirements, “provided the existing information is up-to-date, accurate, and the legal entity customer’s representative certifies or confirms (verbally or in writing) the accuracy of the pre-existing CIP information.”
    • Question 10 states that if a legal entity customer opens multiple accounts, the covered financial institution may rely on information obtained from a previously issued certification form (or equivalent), provided the legal entity customer certifies or confirms—verbally or in writing—that such information is up-to-date and accurate at the time each subsequent account is opened. Records of such certification or confirmation must also be maintained.
    • Question 12 confirms that covered financial institutions seeking to renew a loan or roll over a certificate of deposit must treat these as new accounts and require their legal entities customers to certify or confirm beneficial owners, “even if the legal entity is an existing customer.”
    • Question 18 stipulates that covered financial institutions are not required to identify and verify the identity of beneficial owners that own 25 percent or more of the equity interests of a pooled investment vehicle, whether or not such vehicle is managed by a “financial institution,” due to the typical fluctuation of ownership. However, Question 18 notes that covered financial entities must collect beneficial ownership information for an individual who has significant control or management over the vehicle as required under the control prong to comply with the CDD rule.
    • Question 19 concerns trusts overseen by multiple trustees and states that in circumstances where a trust owns 25 percent or more of the equity interests of a legal entity customer, covered financial institutions are required, at a minimum, to collect beneficial ownership information on a single trustee but may choose to identify additional co-trustees based on risk assessment or a risk profile.
    • Question 21 specifies that a covered financial institution may rely on information provided by a legal entity customer to determine eligibility for exclusion from the definition of a legal entity customer, provided the financial institution has no knowledge of facts that would reasonably call into question the reliability of such information. Covered financial institutions should also ensure that their risk-based written policies and procedures address and specify the type of information to be used when reasonably determining exclusion eligibility. 
    • Question 28 stipulates which non-U.S. governmental entities qualify for exclusion from the definition of a legal entity customer. It specifies that state-owned enterprises that engage in profit-seeking activities, such as sovereign wealth funds, airlines, and oil companies, are not excluded from the definition of a legal entity.
    • Questions 29-31 provide guidance on account level beneficial owner exceptions related to (i) point of sale products for certain low-risk retail credit accounts; and (ii) certain equipment finance and lease accounts with low money laundering risks. Question 31 also stipulates that an equipment lease and purchase exemption would apply in circumstances where a customer leases necessary equipment directly from a covered financial institution.
    • Questions 32-33 provide guidance on circumstances where beneficial ownership information should be aggregated for purposes of complying with Currency Transaction Report (CTR) requirements, and state that “absent indications that the businesses are not operating independently . . . , financial institutions should not aggregate transactions involving those businesses with those of each other or with those of the common owner for CTR filing.” Furthermore, covered financial institutions are generally not required to list beneficial owners on a CTR.
    • Question 35 specifies what information covered financial institutions should collect and consider as part of on-going CDD when developing customer risk profiles. Specifically, covered financial institutions should develop an understanding of the “nature and purpose of a customer relationship,” and review information obtained at the opening of an account such as type of customer, account, service, or product.

    Agency Rule-Making & Guidance FinCEN Bank Secrecy Act Anti-Money Laundering Customer Due Diligence Department of Treasury CDD Rule Beneficial Ownership

    Share page with AddThis
  • GAO studies effect of Southwest border banks "derisking" due to BSA/AML concerns

    Financial Crimes

    On February 26, the Government Accountability Office (GAO) released a report, which describes Bank Secrecy Act/anti-money laundering (BSA/AML) compliance challenges facing Southwest border banks, examines the impact “derisking” has had on banking services in this region, and evaluates responses by regulators to “derisking” concerns. “Derisking” is defined by GAO as “the practice of banks limiting certain services or ending their relationships with customers to, among other things, avoid perceived regulatory concerns about facilitating money laundering.” According to GAO, because the region has a high volume of cash and cross-border transactions, as well as a large number of foreign accountholders, banks are required to engage in more intensive and frequent monitoring and investigating to comply with BSA/AML requirements. Due to some Southwest border residents and businesses reporting challenges when trying to access banking services in the region, GAO was asked to undertake a review to determine if the access problems were due to “derisking” and branch closures.

    Among other things, the report found that (i) the average number of suspicious activity reports filed in the region was two and a half times the number for high-risk counties outside the region; (ii) 80 percent of banks in the region terminated accounts due to risks related to BSA/AML; (iii) 80 percent limited or did not offer accounts to certain businesses considered high risk for money laundering and terrorist financing because those customers drew heightened BSA/AML regulatory oversight; and (iv) money-laundering risks were a more important driver of branch closures in the region than elsewhere. GAO discovered that BSA/AML regulatory concerns may be a factor in banks’ decisions to engage in “derisking” in the region, and that “the actions taken to address derisking by the federal bank regulators and FinCEN and the retrospective reviews conducted on BSA/AML regulations have not fully considered or addressed these effects.” The account terminations and limitations, along with branch closures in the region, have raised concerns that the closures have “affected key businesses and local economies and . . . economic growth.”

    GAO recommended that FinCEN, FDIC, Federal Reserve Board, and the OCC (the agencies) conduct a comprehensive review of their BSA/AML regulatory framework to assess how banks’ regulatory concerns may be affecting their decisions to provide banking services. It also recommended that the agencies jointly conduct a retrospective review of BSA/AML regulations and their implementation and revise BSA regulations as necessary to “ensure that BSA/AML regulatory objectives are being met in the most efficient and least burdensome way.”

    Financial Crimes GAO Bank Secrecy Act Anti-Money Laundering FinCEN SARs

    Share page with AddThis
  • Agencies assess $613 million in total penalties against national bank and its parent for BSA/AML deficiencies

    Financial Crimes

    On February 15, a national bank and its parent corporation were assessed $613 million in total penalties by the OCC, DOJ, Federal Reserve, and Financial Crimes Enforcement Network (FinCEN) as part of a deferred prosecution agreement over Bank Secrecy Act (BSA) and anti-money laundering (AML) compliance program deficiencies. According to the announcement by the DOJ, the agency’s settlements cover a range of alleged AML deficiencies back to 2009, including an alleged effort not to disclose known Suspicious Activity Report (SAR) deficiencies to the OCC. Additionally, the DOJ cited the bank for failing to timely file SARs related to the banking activity of a customer who used the bank to launder proceeds from a fraudulent payday lending scheme, when the bank was allegedly on notice of the activity (previously covered by InfoBytes here).

    The $613 million in penalties include: a $453 million forfeiture as part of the deferred prosecution agreement with the DOJ; a $75 civil money penalty from the OCC; a $15 million civil money penalty from the Federal Reserve; and a $70 million civil money penalty from FinCEN.

    Financial Crimes Bank Secrecy Act Anti-Money Laundering OCC Federal Reserve FinCEN DOJ

    Share page with AddThis
  • FinCEN issues requests for comments on renewal of BSA currency transaction and suspicious activity reporting requirements

    Financial Crimes

    On February 9, the Financial Crimes Enforcement Network (FinCEN) issued two notices and requests for comments in the Federal Register seeking renewals without change of currently approved Bank Secrecy Act (BSA) regulatory requirements for covered financial institutions. The first notice concerns the continuance of currency transaction reporting requirements, and the second notice addresses suspicious activity reporting requirements. Comments must be received by April 10.

    See here for additional BSA InfoBytes coverage.

    Financial Crimes FinCEN Bank Secrecy Act SARs Federal Register

    Share page with AddThis