Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Senators exploring bank’s dealings with collapsed crypto exchange

    Federal Issues

    On January 30, Senators Elizabeth Warren (D-MA), John Kennedy (R-LA), and Roger Marshall (R-KS) sent a follow-up letter to a California-based bank asking for additional responses to questions related to the bank’s relationship with several cryptocurrency firms founded by the CEO of a now-collapsed crypto exchange. As previously covered by InfoBytes, the senators pressed the CEO for an explanation for why the bank failed to monitor for and report suspicious transactions to the Financial Crimes Enforcement Network, and asked for information about how deposits it was holding on behalf of the collapsed exchange and related firm were being handled. The senators stressed that the bank has a legal responsibility under the Bank Secrecy Act to maintain an effective anti-money laundering program that may have flagged suspicious activity.

    In the letter, the senators accused the bank of evading their previous questions in its December response, writing that while the bank’s answers confirm the extent of its failure to monitor and report suspicious financial activity, it failed “to provide key information needed by Congress to understand why and how these failures occurred.” The bank’s “repeated reference to ‘confidential supervisory information’” as a justification for its refusal to provide the requested information “is simply not an acceptable rationale,” the senators said. They also noted that the bank’s recent advance from the Federal Home Loan Bank of San Francisco—intended “to ‘stave off a further run on deposits’”—has introduced additional crypto market risks into the traditional banking system, especially should the bank fail. The bank was asked to explain how it plans to use the $4.3 billion it received.

    The senators further commented that additional findings have revealed that neither the Federal Reserve nor the bank’s independent auditors were able to identify the “extraordinary gaps” in the bank’s due diligence process. The senators asked the bank to provide responses to questions related to its risk management policies, as well as how many safety and soundness exams were conducted, and whether any of the bank’s executives were “held accountable” for the failures related to the collapsed exchange, among other things.

    Federal Issues Digital Assets U.S. Senate Cryptocurrency Risk Management Bank Secrecy Act Anti-Money Laundering FinCEN Financial Crimes

  • FinCEN alert covers potential CRE investments by sanctioned Russians

    Financial Crimes

    On January 25, the Financial Crimes Enforcement Network (FinCEN) issued an alert to financial institutions on potential investments in the U.S. commercial real estate sector by sanctioned Russian elites, oligarchs, their family members, and the entities through which they act. The alert provides a list of possible red flags and typologies regarding attempted sanctions evasion in the commercial real estate sector and emphasizes financial institutions’ Bank Secrecy Act reporting obligations. The alert noted that banks frequently work with market participants who seek financing for commercial real estate projects, and that banks have customer due diligence obligations to verify the beneficial owners of legal entity customers. Specifically, the alert noted that “banks therefore may be in a position to identify and report suspicious activities associated with sanctioned Russian elites and their proxies including [politically exposed persons], among banks’ [commercial real estate]-related customers.” According to FinCEN, the recent alert builds on FinCEN’s March 2022 alert identifying real estate, luxury goods, and other high value assets involving sanctioned Russian and elites, and is the fourth alert issued by FinCEN on potential Russian illicit financial activity since Russia’s invasion of Ukraine in February 2022 (covered by InfoBytes here).

    Financial Crimes Of Interest to Non-US Persons FinCEN Russia Real Estate Bank Secrecy Act OFAC Sanctions OFAC Designations Customer Due Diligence Beneficial Ownership SARs Illicit Finance

  • FinCEN offers suspicious activity reporting guidance for human smuggling along U.S.- Mexico border

    Financial Crimes

    On January 13, the Financial Crimes Enforcement Network (FinCEN) issued an alert advising financial institutions on how to detect and report suspicious financial activity that may be related to human smuggling along the southwest border of the United States. Highlighting that human smuggling is one of the eight Anti-Money Laundering and Countering the Financing of Terrorism National Priorities identified by FinCEN, the agency pointed out that human smuggling along the southwest border generates an estimated $2 billion to $6 billion in yearly revenue for illicit actors. The alert, which builds on FinCEN’s 2020 and 2014 human smuggling and human trafficking advisories (covered by InfoBytes here and here), provides trends, typologies, and red flag indicators to help financial institutions better identify and file suspicious activity reports potentially related to such activity. “Financial institutions need to know that their vigilance and prompt Bank Secrecy Act reporting matters—it aids investigations tied to human smuggling and transnational organized crime, and can ultimately save lives,” FinCEN Acting Director Himamauli Das said in the announcement.

    Financial Crimes Of Interest to Non-US Persons FinCEN Bank Secrecy Act SARs

  • FinCEN data reveals Russian oligarchs’ financial activity

    Financial Crimes

    On December 22, the Financial Crimes Enforcement Network (FinCEN) issued a Financial Trend Analysis on the financial activity of Russian oligarchs. In the analysis, FinCEN examined Bank Secrecy Act (BSA) reports from March 2022 to October 2022 involving Russian oligarchs, high-ranking officials, and sanctioned individuals. FinCEN identified 454 reports detailing suspicious activity and reported that some of the trends in the data by Russian oligarchs included: (i) the movement of funds around the start of the invasion of Ukraine in February 2022; (ii) the purchase of high-value goods or property in 2022; and (iii) based on the movement of funds from accounts in Russia to other countries, an indication of potential changes in longstanding oligarch-linked financial flows related to U.S. properties and companies. FinCEN noted that 78 percent of the 454 BSA reports were filed by U.S.-based depository institutions. Other types of financial institutions—such as holding companies or financial technology companies—submitted roughly 19 percent of reports, mainly on suspicious electronic funds transfers or wire transfers and suspicions concerning the source of funds.

    Financial Crimes Of Interest to Non-US Persons Department of Treasury FinCEN Ukraine Ukraine Invasion Bank Secrecy Act SARs Russia Wire Transfers

  • FinCEN further extends FBAR filing deadline for certain individuals

    Financial Crimes

    On December 9, the Financial Crimes Enforcement Network (FinCEN) issued Notice 2022-1 to further extend the time for certain Report of Foreign Bank and Financial Accounts (FBAR) filings in light of the agency’s March 2016 notice of proposed rulemaking, which proposed to revise the Bank Secrecy Act’s implementing regulations regarding FBARs. (See previous InfoBytes coverage on the 2016 NPR here.) Specifically, one of the proposed amendments seeks to “expand and clarify the exemptions for certain U.S. persons with signature or other authority over foreign financial accounts,” but with no financial interest, as outlined in FinCEN Notice 2021-1 issued December 9, 2021. FinCEN noted that because the proposal has not been finalized, it is further extending the filing due date to April 15, 2024, for individuals who previously qualified for a filing due date extension under Notice 2021-1. All other individuals must submit FBAR filings by April 15, 2023.

    Financial Crimes Federal Issues Of Interest to Non-US Persons FinCEN FBAR Bank Secrecy Act

  • Senators request information from California bank on its relationship with collapsed crypto exchange

    Federal Issues

    On December 5, Senators Elizabeth Warren (D-MA), John Kennedy (R-LA), and Roger Marshall (R-KS) asked the CEO of a California-based bank for information regarding its relationship with several cryptocurrency firms founded by the CEO of a now-collapsed crypto exchange. In their letter, the senators pressed the CEO for an explanation for why the bank failed to monitor for and report suspicious transactions to the Financial Crimes Enforcement Network, and asked for information about how deposits it was holding on behalf of the collapsed exchange and related firm were being handled. The senators stressed that the bank has a legal responsibility under the Bank Secrecy Act to maintain an effective anti-money laundering program that may have flagged suspicious activity. “Your bank's involvement in the transfer of [the collapsed exchange’s] customer funds to [the related firm] reveals what appears to be an egregious failure of your bank’s responsibility to monitor for and report suspicious financial activity carried out by its clients,” the letter said. The senators asked the bank to respond to a series of questions by December 19.

    Federal Issues U.S. Senate Digital Assets Cryptocurrency Bank Secrecy Act Financial Crimes FinCEN

  • FinCEN reports significant increase in ransomware-related BSA filings in 2021

    Financial Crimes

    On November 1, FinCEN reported that ransomware continues to pose a significant threat to U.S. infrastructure, businesses, and the public, with ransomware-related Bank Secrecy Act (BSA) filings in 2021 accounting for nearly $1.2 billion. Issued pursuant to the Anti-Money Laundering Act of 2020, FinCEN’s Financial Trend Analysis examines ransomware activities for calendar year 2021, with a particular focus on ransomware trends in BSA data from July-December 2021. According to FinCEN, reported ransomware-related incidents have substantially increased from 2020, with roughly 75 percent of these incidents reported during the second half of 2021 emanating from or connected to actors in Russia. Highlights from the report include: (i) the number and total U.S. dollar value for ransomware-related incidents during 2021 far exceeds data for any previous year, with FinCEN reporting a 188 percent increase from 2020 to 2021 (possibly reflecting either an increase of ransomware-related incidents or improved reporting and detection); (ii) an average of 132 and a median of 136 ransomware-related incidents per month were reported during the review period (Treasury’s October 2021 measures to combat ransomware — covered by InfoBytes here — and potentially associated reporting obligations may have contributed to the overall rise in 2021 filings, FinCEN noted); and (iii) of the 793 ransomware-related incidents reported during the second half of 2021, 594 (roughly 75 percent) pertained to Russia-related variants.

    The same day, Deputy Secretary of the Treasury Wally Adeyemo hosted participants from 36 countries during the second International Counter Ransomware Initiative Summit where attendees examined the challenges presented by ransomware and discussed the U.S.’s whole-of-government approach for responding to serious threats posed by bad actors.

    Financial Crimes Of Interest to Non-US Persons FinCEN Privacy, Cyber Risk & Data Security Ransomware Department of Treasury Bank Secrecy Act Anti-Money Laundering Act of 2020 Anti-Money Laundering Russia

  • OFAC, FinCEN take action against virtual currency exchange

    Financial Crimes

    On October 11, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), together with the Financial Crimes Enforcement Network (FinCEN), announced two settlements for more than $24 million and $29 million, respectively, with a Washington state-based virtual currency exchange. According to OFAC’s announcement, this is the agency’s largest virtual currency enforcement action to date, and represent the first parallel actions taken by FinCEN and OFAC in this space.

    OFAC settlement. OFAC’s web notice stated that between March 28, 2014 and December 31, 2017, the exchange operated 1,730 accounts that processed 116,421 virtual currency-related transactions totaling roughly $263,451,600.13, in apparent violation of OFAC sanctions against Cuba, Ukraine, Iran, Sudan, and Syria. Specifically, due to alleged deficiencies in the exchange’s sanctions compliance procedures, the exchange failed to prevent persons located in the sanctioned jurisdictions from using its platform to engage in more than $263,000,000 worth of virtual currency-related transactions. OFAC claimed that while the IP addresses and physical address information collected on each customer at onboarding should have given the exchange reason to know that the persons were located in jurisdictions subject to sanctions, the exchange did not “screen customers or transactions for a nexus to sanctioned jurisdictions.” Rather, the exchange only screened transactions for hits against lists including OFAC’s List of Specially Designated Nationals and Blocked Persons. In arriving at the settlement amount of $24,280,829.20, OFAC considered various aggravating factors, including that the exchange did not exercise due caution or care for its sanctions compliance obligations and conveyed economic benefit to persons located in jurisdictions subject to OFAC sanctions, thus causing harm to the integrity of multiple sanctions programs. OFAC also considered various mitigating factors, including that the exchange provided substantial cooperation throughout the investigation, most of the transactions were for a relatively small amount and represented a small percentage when compared to the exchange’s annual volume of transactions, and the exchange has undertaken remedial measures intended to minimize the risk of recurrence of similar conduct.

    FinCEN settlement. According to FinCEN’s press release, an investigation found that from February 2014 through December 2018, the exchange failed to maintain an effective AML program, resulting in its inability to appropriately address risks associated with its products and services, including anonymity-enhanced cryptocurrencies. The exchange also failed to effectively monitor transactions on its trading platform, and relied “on as few as two employees with minimal anti-money laundering training and experience to manually review all of the transactions for suspicious activity, which at times were over 20,000 per day.” FinCEN claimed that the exchange conducted more than 116,000 transactions valued at over $260 million with persons located in jurisdictions subject to OFAC sanctions, including those operating in Iran, Cuba, Sudan, Syria, and the Crimea region of Ukraine, and failed to file suspicious activity reports (SARs) between February 2014 and May 2017. The exchange also “failed to file SARs on a significant number of transactions involving sanctioned jurisdictions, including the processing of over 200 transactions that involved $140,000 worth of virtual assets—nearly 100 times larger than the average withdrawal or deposit on the Bittrex platform—and 22 transactions involving over $1 million worth of virtual assets,” FinCEN said in its announcement. Under the terms of the consent order, the exchange—which admitted to willfully violating the Bank Secrecy Act (BSA) and its implementing regulations—will pay a $29,280,829.20 civil money penalty. FinCEN stated it will credit the $24,280,829.20 the exchange has agreed to pay for the OFAC violations.

    During remarks delivered at the Association of Certified Anti-Money Laundering Specialists, Under Secretary for Terrorism and Financial Intelligence Brian Nelson discussed, among other topics, Treasury’s efforts to counter illicit finance. Nelson highlighted the aforementioned settlements, stressing that failing to comply with BSA/AML requirements and SARs filing obligations “are not something that companies focused on growth can simply put off to a later day.” He also emphasized that Treasury will continue to strengthen ties with interagency partners and international counterparts to identify and pursue potential violations.

    Financial Crimes Of Interest to Non-US Persons OFAC Department of Treasury OFAC Sanctions OFAC Designations Enforcement FinCEN Digital Assets Anti-Money Laundering Virtual Currency Cuba Ukraine Iran Sudan Syria SARs Compliance Fintech

  • House Republican concerned about Treasury sanctions on virtual currency mixer

    Federal Issues

    On August 23, Representative Tom Emmer (R-MN) sent a letter to Treasury Secretary Janet Yellen raising privacy and due process concerns related to recent “first-of-their-kind” sanctions issued against a virtual currency mixer accused of allegedly laundering more than $7 billion in virtual currency, including more than $455 million stolen by a Democratic People’s Republic of Korea state-sponsored hacking group that is separately subject to U.S. sanctions (covered by InfoBytes here). The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) said the sanctions resulted from the company “having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a cyber-enabled activity originating from, or directed by persons located, in whole or in substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.” (Covered by InfoBytes here.)

    Emmer stressed, however, that adding the company to OFAC’s Specially Designated Nationals and Blocked Persons (SDN) List seemed to diverge from previous OFAC precedent since several of the company’s designated “smart contract addresses” do not appear to be a person, entity, or property, but rather are distributed technological tools that are not controlled by any entity or natural person. “OFAC has a long, commendable history of utilizing financial sanctions to enhance the national security of the United States,” the letter said. “Nonetheless, the sanctioning of neutral, open-source, decentralized technology presents a series of new questions, which impact not only our national security but the right to privacy of every American citizen.” Emmer referenced May 2019 guidance issued by FinCEN (covered by InfoBytes here), which he said drew “a distinction between ‘providers of anonymizing services’ (including ‘mixers’)” which are subject to Bank Secrecy Act obligations and “‘anonymizing software providers’” which are not. Emmer recognized that OFAC is not bound by FinCEN regulations, but said it is his understanding that the sanctioned company is “simply the anonymizing software deployed on the blockchain.”

    Emmer requested clarification from Treasury on several questions, including the factors OFAC considers when designating technology to the SDN List and how OFAC plans to “uphold the appeals process for the sanctioned addresses that have no ability to appeal the sanction to OFAC” because they “are smart contracts with no agency, corporate or personal, and as such cannot speak for themselves or those whose funds they hold.”

    Federal Issues Digital Assets Financial Crimes Department of Treasury Sanctions OFAC Of Interest to Non-US Persons Virtual Currency Cryptocurrency North Korea FinCEN U.S. House

  • Agencies release customer relationship and due diligence guidance

    On July 6, the FDIC, Federal Reserve Board, FinCEN, NCUA, and OCC issued a joint statement concerning banks’ risk-based approach for assessing customer relationships and conducting customer due diligence (CDD). Specifically, the joint statement reinforces the agencies’ “longstanding position that no customer type presents a single level of uniform risk or a particular risk profile related to money laundering (ML), terrorist financing (TF), or other illicit financial activity.” Banks are reminded that they must apply a risk-based approach to CDD and adopt appropriate risk-based procedures for conducting ongoing CDD when developing risk profiles of their customers. Because customer relationships present varying levels of ML, TF, and other illicit financial activity risks, the agencies advised banks to, among other things, (i) understand the nature and purpose of customer relationships; and (ii) “conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”

    Additionally, banks that comply with applicable Bank Secrecy Act/anti-money laundering (BSA/AML) legal and regulatory requirements and effectively manage and mitigate risks related to the unique characteristics of customer relationships, “are neither prohibited nor discouraged from providing banking services to customers of any specific class or type,” the agencies said, adding that “as a general matter” they will not direct banks to open, close, or maintain specific accounts as they “recognize that banks choose whether to enter into or maintain business relationships based on their business objectives and other relevant factors, such as the products and services sought by the customer, the geographic locations where the customer will conduct or transact business, and banks’ ability to manage risks effectively.” Banks are encouraged “to manage customer relationships and mitigate risks based on customer relationships, rather than decline to provide banking services to entire categories of customers.”

    The joint statement is applicable to all customer types referenced in the Federal Financial Institutions Examination Council (FFIEC) BSA/AML Examination Manual, as well as to those not specifically addressed in the manual. These include “independent automated teller machine owners or operators, nonresident aliens and foreign individuals, charities and nonprofit organizations, professional service providers, cash intensive businesses, nonbank financial institutions, and customers the bank considers politically exposed persons.” The agencies reiterated that the joint statement does not alter existing BSA/AML legal or regulatory requirements, nor does it establish new supervisory expectations. Moreover, the FFIEC BSA/AML Examination Manual does not establish requirements for banks, nor should the inclusion of sections on specific customer types be interpreted as a signal that certain customer types present uniformly higher risk.

    Bank Regulatory Financial Crimes Federal Issues Agency Rule-Making & Guidance Federal Reserve FDIC OCC NCUA FinCEN Risk Management Customer Due Diligence Terrorist Financing Illicit Finance FFIEC Of Interest to Non-US Persons

Pages

Upcoming Events