InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCEN issues warning on elder financial exploitation
On June 15, FinCEN issued an advisory alerting financial institutions about the increase of elder financial exploitation (EFE). EFE involves the illegal or improper use of an older adult’s funds, among other things, and is often perpetrated either through theft or scams. According to the advisory, financial institutions filed 72,000 suspicious activity reports in 2021 related to EFE—an increase of 10,000 reports from 2020. The advisory provides updated typologies since FinCEN issued its first advisory on the issue in 2011, and highlights behavioral and financial red flags to aid financial institutions with identifying, preventing, and reporting suspected EFE. The announcement also refers to the risk-based approach to compliance under the Bank Secrecy Act, which provides that “[f]inancial institutions should perform additional due diligence where appropriate and remain alert to any suspicious activity that could indicate that their customers are perpetrators, facilitators, or victims of EFE.”
FinCEN issues ANPRM on no-action letter process
On June 3, FinCEN issued an Advance Notice of Proposed Rulemaking (ANPRM) soliciting comments on questions related to implementing a no-action letter process at the agency. The ANPRM is part of FinCEN’s implementation of the Anti-Money Laundering Act of 2020, which directed the agency to conduct an assessment of a no-action letter process concerning how anti-money laundering or countering the financing of terrorism laws may apply to specific conduct. The ANPRM follows FinCEN’s June 2021 report to Congress (covered by InfoBytes here), which concluded that the agency should undertake rulemaking to establish a process for issuing no-action letters that will supplement its current forms of regulatory guidance and relief. FinCEN noted in its announcement that the addition of a no-action letter process (“generally understood to be a form of enforcement discretion where an agency states by letter that it will not take an enforcement action against the submitting party for the specific conduct presented to the agency”) could overlap with and “affect other forms of regulatory guidance and relief that FinCEN already offers, including administrative rulings and exceptive or exemptive relief.” The agency is seeking public input on whether the process should be implemented and, if so, how the process should work. Included in the ANPRM are questions concerning, among other things, FinCEN jurisdiction (specifically “[w]hat is the value of establishing a FinCEN no-action letter process if other regulators with jurisdiction over the same entity do not issue a similar no-action letter”), whether there should be limitations on which factual circumstances could be considered, and whether the scope of a no-action letter should be limited so that requests may not be submitted during a Bank Secrecy Act examination. The ANPRM also asked questions related to changes in circumstances, revocations, denials and withdrawals, confidentiality and consultation concerns, and criteria for distinguishing no-action letters from administrative rulings or exceptive/exemptive relief.
Comments on the ANPRM are due August 5.
FinCEN fines company for willfully failing to comply with GTO
On April 1, FinCEN announced its first enforcement action for failing to comply with the reporting and recordkeeping requirements of a Geographic Targeting Order (GTO). The 2014 GTO in question was designed to combat what FinCEN and the Department of Justice viewed as widespread trade-based money laundering in the Los Angeles Fashion District, in which businesses accepted bulk cash from Mexican drug trafficking organizations as part the black market peso exchange. The GTO required that a wide range of non-financial businesses within the Los Angeles Fashion District, including perfume stores, travel agencies, and electronics stores, report and keep records related to whether they “received currency in excess of $3,000 in one transaction or two or more related transactions in a 24-hour period.” FinCEN imposed a $275,000 penalty on a perfume company in the Los Angeles Fashion District for failure to report more than 114 covered transactions worth more than $2.3 million. According to FinCEN, these failures were first identified in a 2015 examination by the IRS. Later attempts made by the company to submit reports for the 114 transactions were declared “substantially incomplete,” as the reports, among other things, failed to include customer information or any indication that the cash payments were made on behalf of another person or business. The IRS rejected the reports and referred the matter to FinCEN, who conducted an investigation and determined that the company failed to comply with the reporting and recordkeeping requirements until long after it became aware of the GTO.
The $275,000 civil money penalty was assessed based on a number of factors, including the company’s allegedly willful violations of the Bank Secrecy Act and the nature and seriousness of the violations, including the extent of possible public harm and the amounts involved. FinCEN noted that “[w]hile there is no direct evidence indicating that the unreported transactions involved illegal activity or the proceeds of illegal activity, the company’s failures were significant and led to the loss of valuable financial intelligence that could assist law enforcement efforts against significant money laundering activity on behalf of international drug trafficking organizations.” FinCEN also stated that the company’s actions impacted the agency’s mission to safeguard the financial system and target specific illicit financial threats, and that the company’s systemic failure to take any action in response to the GTO enabled them to continue.
“FinCEN’s enforcement action puts nonfinancial trades and businesses on notice that they must comply with Geographic Targeting Orders,” FinCEN’s acting Director Himamauli Das stated. “This action also illustrates FinCEN’s long-standing efforts to partner with other government agencies to combat money laundering schemes designed to launder the proceeds of criminal activity through nonfinancial trades and businesses in the United States.”
FinCEN’s interactive SAR stats now include 2021 data
On March 28, FinCEN announced that its Interactive SAR Stats webpage now includes Filing Trend Data by industry updated through December 31, 2021. As previously covered by InfoBytes, SAR Stats—formerly called By the Numbers—is an annual compilation of numerical data gathered from the Suspicious Activity Reports (SARs) filed by financial institutions using FinCEN’s new unified SAR form and e-filing process. Interactive SAR Stats provide users the opportunity to find FinCEN’s trend data for aggregated counts of defined suspicious activities that financial institutions file with FinCEN as required by the Bank Secrecy Act.
Bank fined $140 million for BSA/AML compliance failures
On March 17, FinCEN announced a $140 million civil money penalty against a federal savings bank for violating the Bank Secrecy Act (BSA) and its implementing regulations from at least January 2016 through April 2021 by allegedly failing to implement and maintain an effective, reasonably designed anti-money laundering (AML) program. According to FinCEN, the bank “also admitted that it willfully failed to accurately and timely report thousands of suspicious transactions to FinCEN involving suspicious financial activity by its customers, including customers using personal accounts for apparent criminal activity.” The consent order further noted that in 2017, the OCC informed the bank that its AML program failed to meet all the requirements of the agency’s regulations. The bank agreed to overhaul its AML program but, according to the order, the bank has not yet met all of the terms of its commitments to address the deficiencies. FinCEN emphasized that the bank’s violations resulted “in millions of dollars in suspicious transactions flowing through the U.S. financial system without appropriate reporting,” and stressed “that growth and compliance must be paired, and AML program deficiencies, especially deficiencies identified by federal regulators, must be promptly and effectively addressed.”
The same day, the OCC announced a $60 million penalty against the bank for related violations resulting from the separate but coordinated investigation with FinCEN. Among other things, the consent order identified several deficiencies related to inadequate internal controls and risk management practices, suspicious activity identification, staffing, training, and third-party risk management. FinCEN’s announcement noted that “[a]s many of the facts and circumstances underlying the OCC’s civil penalty also form the basis of FinCEN’s Consent Order, FinCEN agreed to credit the $60 million civil penalty imposed by the OCC,” adding that, combined, the bank “will pay a total of $140 million to the U.S. Treasury for its violations, with $80 million representing FinCEN’s penalty and $60 million representing the OCC’s penalty.”
OCC issues final rule for granting exemptions to SAR requirements
On March 16, the OCC issued a final rule amending its suspicious activity report (SAR) regulations. The rule sets out a process for national banks and federal savings associations to request exemptions from the OCC’s SAR requirements. To request exemption under the final rule, national banks or federal savings associations, including federal branches and agencies of foreign banks, must submit a request in writing to the OCC. The agency “will consider whether the exemption is consistent with the purposes of the [Bank Secrecy Act] and with safe and sound banking and may consider any other appropriate factors.” Where required, institutions must separately seek an exemption from FinCEN, and the OCC intends to coordinate with FinCEN on such requests. The final rule will also allow “the OCC to facilitate changes required by the Anti-Money Laundering Act of 2020" and “will make it possible for the OCC to grant relief to national banks or federal savings associations that develop innovative solutions intended to meet Bank Secrecy Act requirements more efficiently and effectively.”
FinCEN warns financial institutions about Russian sanctions evasion
On March 7, FinCEN issued an alert advising financial institutions to be vigilant against potential attempts to evade sanctions levied against Russian individuals, banks, and other entities in response to the situation in Ukraine. FinCEN provided several examples of red flag indicators that could help identify attempted sanctions evasions, including actions by state actors and oligarchs, and reminded financial institutions of their Bank Secrecy Act (BSA) reporting obligations.
The alert stressed that all financial institutions, including those with visibility into convertible virtual currency (CVC) flows identify and promptly report associated suspicious activity, and conduct appropriate, risk-based customer due diligence or enhanced due diligence as required. This includes CVC exchangers and administrators within or outside of Russia (which are generally considered to be money services businesses under the BSA) that retain at least some access to the international financial system. FinCEN noted that “[w]hile large scale sanctions evasion using [CVC] by a government such as the Russian Federation is not necessarily practicable, CVC exchangers and administrators and other financial institutions may observe attempted or completed transactions tied to CVC wallets or other CVC activity associated with sanctioned Russian, Belarusian, and other affiliated persons.”
Financial institutions are instructed to specifically watch for (i) transactions initiated from IP addresses located in Russia, Belarus, FATF-identified jurisdictions with anti-money laundering/countering the financing of terrorism/counter-proliferation deficiencies, or other sanctioned jurisdictions; (ii) transactions connected to CVC addresses listed on OFAC’s Specially Designated Nationals and Blocked Persons List; and (iii) customers’ use of a CVC exchanger or foreign-located money service businesses in high-risk jurisdictions, including those with inadequate “know-your-customer” or customer due diligence measures. FinCEN also warned financial institutions of the dangers posed by Russian-related ransomware campaigns and encouraged financial institutions to refer to FinCEN and OFAC resources to help detect, prevent, and report potential suspicious activity.
Find continuing InfoBytes coverage on the U.S. sanctions response to Russia’s invasion of Ukraine here.
FinCEN explores possibility of creating regulatory sandboxes
On January 13, the acting Director of FinCEN Him Das spoke at the Financial Crimes Enforcement Conference to discuss the transformation of the anti-money laundering/counter-terrorist financing regulatory regime as it relates to new threats, new innovations, and new partnerships. Das highlighted recent FinCEN rulemaking initiatives, including a proposed rule issued last December (covered by InfoBytes here) to implement the beneficial ownership information reporting provisions of the Corporate Transparency Act. In particular, the proposed rule would require many U.S. and foreign companies to report their true beneficial owners to FinCEN and update that information when those beneficial owners change. Das explained that FinCEN is examining how a proposed beneficial ownership database would interplay with the Customer Due Diligence Rule, and stated the agency will share more information in the coming months. Das also discussed an Advance Notice of Proposed Rulemaking (covered by InfoBytes here), which sought comments on potential requirements under the Bank Secrecy Act to address vulnerabilities in the U.S. real estate market to money laundering and other illicit activity.
With respect to new innovation, Das noted that while FinCEN is exploring the idea of creating regulatory sandboxes to test new methods of transaction monitoring using artificial intelligence, the agency needs feedback from institutions on the potential use and risks of the program. Das also discussed other potential innovative ideas, including, among other things, “new approaches to customer risk rating and institutional risk assessment, digital identity tools and utilities, and automating the adjudication and filing of [suspicious activity reports] related to certain types of activity.”
FinCEN requests comments on renewal of the OMB control number
On January 11, FinCEN issued a notice in the Federal Register soliciting comments on the renewal of the Office of Management and Budget (OMB) control number assigned to the regulation requiring reports of transactions with foreign financial agencies (FFAs). According to the notice, the regulation in the Bank Secrecy Act authorizes the Treasury Secretary “to promulgate regulations requiring specified financial institutions to file reports with [FinCEN] of certain transactions with designated [FFAs].” Although no changes are proposed to the information collection itself, the notice gives stakeholders an opportunity to comment on existing regulatory requirements and related burden estimates under the Paperwork Reduction Act (PRA). The notice also proposes for review and comment a methodology to expand the scope of future estimates for purposes of the PRA to account for cost and time when a financial institution must also report on multiple prior (“backward-looking”) and future (“forward-looking”) transactions with a designated FFA, thus “intending to be more granular in the estimates of resources expended to comply with these regulatory requirements.” Comments must be received by March 14, 2022.
FinCEN issues final rule replacing obsolete BSA civil penalty regulations
On December 23, the Financial Crimes Enforcement Network (FinCEN) published a final rule amending the Bank Secrecy Act civil penalty regulations concerning requirements for reporting foreign financial accounts and transactions with foreign financial agencies. Specifically, the final rule removes civil penalty language that was made obsolete by the American Jobs Creation Act of 2004’s enactment of statutory revisions to the computation of a civil money penalty, which included provisions for increasing the maximum penalty for willful violations. The final rule took effect immediately.