InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
California DBO issues cannabis banking guidance
On October 3, the California Department of Business Oversight (DBO) issued guidance for state-chartered financial institutions that serve cannabis-related businesses. The guidance, which is intended to help financial institutions manage risks appropriately, addresses cannabis program governance and compliance with the Bank Secrecy Act (BSA), as well as cannabis banking guidance issued in 2014 by the Financial Crimes Enforcement Network (FinCEN). As previously covered by InfoBytes, FinCEN’s guidance—which includes federal law enforcement priorities still in effect that were taken from a now-rescinded DOJ memo—details the necessary elements of a customer due diligence program, ongoing monitoring and suspicious activity report filing requirements, and priorities and potential red flags. Notably, the DBO states that while it will not bring regulatory actions against state-chartered financial institutions “solely for establishing a banking relationship with licensed cannabis businesses,” it expects all financial institutions to comply with FinCEN’s BSA expectations and guidance to make appropriate risk assessments. The DBO also referred bank examiners to its September Cannabis Job Aid, which is intended to assist with the examination of financial institutions that may be banking cannabis-related businesses.
FinCEN deputy director discusses innovation, non-bank supervision, and “culture of compliance”
On September 11, Financial Crimes Enforcement Network (FinCEN) Deputy Director Jamal El-Hindi delivered remarks at the 2019 Money Transmitter Regulators Association’s annual conference. El Hindi’s remarks focused on innovation and reform pertaining to the Bank Secrecy Act (BSA), supervision in the non-bank financial institution sector and coordination with state supervisors, and “the importance of a strong culture of compliance and what it means in a national and global security context.” According to El-Hindi, the BSA/anti-money laundering system “is good; but it can always be improved,” including through innovations that can “help better detect and safeguard against illicit activity.” El-Hindi reiterated FinCEN’s policy statement from December 2018, which encouraged innovation in the banking sector. (Previously covered by InfoBytes here.)
El-Hindi also highlighted recent discussions related to the role artificial intelligence can play in reducing false positives to assist human analysis, and the potential for blockchain technology to enhance transparency through the understanding of customer identity or transaction profiles. He noted that these themes and others emerged from FinCEN’s recent “Innovation Hours Program,” which encourages fintech companies, regtech companies, and financial institutions to present to FinCEN new and innovative products and services for potential use in the financial sector. The program’s upcoming September meeting will focus on innovations in “know your customer” compliance, BSA reporting, and core inter-bank payment and messaging systems associated with industry anti-money laundering/combating the financing of terrorism efforts. Additionally, El-Hindi noted that FinCEN’s enhanced supervision of nonbank financial institutions involves “actively prioritizing and engaging in,” among other activities, (i) conducting examinations of “specialized, rapidly evolving” financial services providers (e.g., virtual currency exchangers and administrators); (ii) identifying sector data to support FinCEN's analytic endeavors; and (iii) developing a stronger framework for risk assessments of the nonbank financial sector “from both the compliance and illicit activity standpoints.” El-Hindi closed his remarks by encouraging FinCEN and other regulators to discuss with foreign counterparts “the concept of a culture of compliance in the United States and what underpins it, and explore with our counterparts concepts that could underpin a culture of compliance in their own jurisdictions.”
FinCEN division will investigate global money-laundering threats
On August 28, the Financial Crimes Enforcement Network (FinCEN) announced a new division intended to investigate global money laundering threats. The Global Investigations Division (GID)—led by Matthew Stiglitz, a former senior official in the Department of Justice’s Criminal Division—will target activities such as weapons of mass destruction proliferation, rogue state actors, transnational organized crime, and narcotics trafficking. According to FinCEN, GID will utilize the agency’s Bank Secrecy Act authorities, including Section 311 of the USA PATRIOT Act, to combat both domestic and international illicit terrorist finance and money laundering threats.
FinCEN director discusses gaming industry AML compliance
On August 13, Financial Crimes Enforcement Network (FinCEN) Director Kenneth Blanco delivered remarks at the 12th Annual Las Vegas Anti-Money Laundering Conference stressing the need for compliance within the gaming industry, particularly as new technologies emerge such as mobile gaming and the use of convertible virtual currencies (CVC) increases. With the U.S. Supreme Court issuing a decision in May holding that states can legalize sports gambling (previously covered by InfoBytes here), Blanco stated that casinos need to consider ways to integrate their sports betting programs—including mobile sports betting apps—into their existing anti-money laundering programs. These measures must include establishing and implementing procedures for detecting and reporting suspicious activities, Blanco noted, reminding the audience of FinCEN’s FAQs designed to assist financial institutions when reporting cyber indicators and cyber-enabled financial crime.
Blanco also discussed FinCEN’s work with respect to cybersecurity and virtual payments, noting, among other things, that both online and physical casinos that accept CVC need to consider how they review transactions to determine the source of the currency and recognize indicators of suspicious activity. Blanco referred casinos to consolidated guidance issued by FinCEN in May (previously covered by InfoBytes here), and expressed a concern that “CVC-related SAR filings by casinos have not been as robust as expected since the May CVC guidance and advisory were published.” He further stressed the importance of information-sharing between casinos, and highlighted that sharing SARs can contribute to the identification of suspicious transactions as well as Bank Secrecy Act compliance responsibilities.
Federal banking agencies and FinCEN issue statement on risk-focused BSA/AML examinations
On July 22, the Federal Reserve Board, FDIC, NCUA, and the OCC along with the Financial Crimes Enforcement Network (FinCEN), released a joint statement to improve transparency of their risk-focused approach to Bank Secrecy Act/anti-money laundering (BSA/AML) supervision. The statement outlines common practices for assessing a bank’s risk profile, including (i) leveraging available information, including internal BSA/AML risk assessments, independent audits, and results from previous examinations; (ii) contacting banks between examinations or before finalizing the scope of an examination; and (iii) considering the bank’s ability to identify, measure, monitor, and control risks. Examiners will use the information from the risk assessments to scope and plan the examination, as well as to evaluate the adequacy of the bank’s BSA/AML compliance program. The statement notes that the extent of examination activities needed to evaluate a bank’s BSA/AML compliance program, “generally depends on a bank’s risk profile and the quality of its risk management processes.”
FinCEN addresses efforts to counter business email compromise schemes
On July 16, the Financial Crimes Enforcement Network (FinCEN) discussed efforts designed to restrict and impede business email compromise (BEC) scammers and other illicit actors who profit from email compromise fraud schemes. BEC schemes, FinCEN reports, generally involve “criminal attempts to compromise the email accounts of victims to send fraudulent payment instructions to financial institutions or business associates in order to misappropriate funds or to assist in financial fraud.” An updated advisory provides current operational definitions and general trends in BEC schemes, information concerning the targeting of non-business entities and data by these types of schemes, and risks associated with the targeting of vulnerable business processes. The advisory also discusses opportunities for information sharing between financial institutions concerning subjects and accounts affiliated with BEC schemes in the interest of identifying risks of fraudulent transactions and money laundering. An in-depth strategic Financial Trend Analysis of Bank Secrecy Act (BSA) data explores industries targeted by BEC scammers as well as employed methodologies, and highlights BSA information collected by regulated financial institutions. Suspicious activity report highlights reveal a nearly tripling of attempted BEC thefts—from $110 million per month in 2016 to $301 million per month in 2018 on average. FinCEN’s release also discusses its Rapid Response Program as well as international information sharing initiatives addressing BEC schemes and associated fraudulently-induced transactions.
FinCEN announces innovation hours program
On May 24, the Financial Crimes Enforcement Network (FinCEN) announced a new program that will provide opportunities for fintech/regulatory technology companies and financial institutions to showcase new and emerging innovative approaches for combating money laundering and terrorist financing and to demonstrate how other financial institutions could use similar technologies. The FinCEN Innovation Hours Program will accept meetings once per month, with primary consideration given to entities that are already operational. According to FinCEN, the program is part of a broader initiative introduced last year (previously covered by InfoBytes here and here) that encourages banks and credit unions to explore innovative approaches such as artificial intelligence, digital identity technologies, and internal financial intelligence units to combat illicit financial threats, as well as collaborative arrangements to share resources and enhance the effectiveness and efficiency of Bank Secrecy Act/anti-money laundering compliance programs.
Agency officials urge Congress to create central repository to combat money laundering
On May 21, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Combating Illicit Financing By Anonymous Shell Companies Through the Collection of Beneficial Ownership Information.” The Committee heard from the same panel of witnesses who testified in November on the need for modernization of the Bank Secrecy Act/Anti-Money Laundering regime. (Covered by InfoBytes here.) Committee Chairman Mike Crapo opened the hearing by stressing the need to discuss ways in which beneficial ownership information collected in an effort to deter money laundering and terrorist financing through anonymous shell companies can be made more useful. Panelists from the Financial Crimes Enforcement Network, the FBI, and Office of the Comptroller of the Currency all emphasized the importance of creating a regime in which beneficial ownership is collected at the corporate formation stage and, for foreign entities, upon the time of registration with U.S. states to conduct business or upon establishing an account with a U.S. financial institution.
FinCEN issues new guidance on virtual currency regulatory framework
On May 9, the Financial Crimes Enforcement Network (FinCEN) issued new guidance designed to consolidate and clarify current FinCEN regulations, guidance, and administrative rulings related to money transmissions involving virtual currency. FinCEN noted that the guidance, “Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies (CVC),” serves to “remind persons subject to the Bank Secrecy Act (BSA) how FinCEN regulations relating to money services businesses (MSBs) apply to certain business models involving money transmission denominated in value that substitutes for currency, specifically, convertible virtual currencies (CVCs).” The guidance does not create any new expectations but instead “applies the same interpretive criteria to other common business models involving CVC.” These business models include peer-to-peer exchangers, CVC wallets, CVC money transmission services through electronic terminals (CVC kiosks), decentralized (or distributed) applications (DApp), anonymity-enhanced CVC transactions, CVC payment processors, and internet casinos. Finally, the guidance also specifies specific business models that may be exempt from the definition of a money transmitter. The same day, FinCEN also issued an “Advisory on Illicit Activity Involving Convertible Virtual Currency” to highlight threats posed by the criminal exploitation of CVCs for money laundering, sanctions evasion, and other illicit financing purposes, and to provide identification and reporting guidance for financial institutions.
FinCEN issues first ever penalty against peer-to-peer virtual currency exchanger
On April 18, the Financial Crimes Enforcement Network (FinCEN) announced a civil money penalty against a California-based individual operating as peer-to-peer exchanger for willful violations of Bank Secrecy Act (BSA) money service business (MSB) requirements. According to FinCEN, the exchanger engaged in activities such as (i) advertising his intentions to purchase and sell bitcoin; and (ii) completing transactions using in-person cash payments, currency sent or received in the mail, or wire transfers through the use of a depository institution. These activities, FinCEN claimed, qualified him as a virtual currency exchanger, MSB, and a financial institution under the BSA. As such, the exchanger was required to register as a MSB with FinCEN, establish and implement an effective written anti-money laundering program, detect and file suspicious activity reports, and report currency transactions, which he failed to do. The order requires the exchanger to pay a $35,350 civil money penalty and permanently prohibits him from engaging in any activity that would qualify him as a MSB.