InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCEN rules on currency transaction reporting
On February 10, the Financial Crimes Enforcement Network (FinCEN) issued administrative ruling FIN-2020-R001 to clarify requirements for financial institutions’ reporting of currency transactions involving sole proprietorships and legal entities operating under a “doing business as” (DBA) name. The ruling replaces and rescinds two prior rulings (FIN-2006-R003 and FIN-2008-R001), and addresses reporting requirements when filing current Currency Transaction Report (CTR) FinCEN Form 112. In the ruling, FinCEN defines a sole proprietorship as “a business in which one person, operating in his or her own personal capacity, owns all of the business’s assets and is responsible for all of the business’s liabilities.” To remain consistent with the Bank Secrecy Act definition of a “person” (where a sole proprietorship is not separate from its individual owner), FinCEN instructs financial institutions to complete CTR FinCEN Form 112 for transactions involving a sole proprietorship with the individual owner’s name and information. The ruling also instructs institutions that additional entries may be required in instances where an individual owner operates a business under a DBA, or multiple DBAs. FinCEN also advises that when a CTR is prepared for a legal entity such as a partnership, incorporated business, or limited liability company, the form should contain, among other things, the entity’s home office or headquarters information. According to the ruling, “[w]hen multiple entity locations are involved in an aggregated CTR, a separate Part I section should be prepared for each location involved.”
FDIC releases November enforcement actions
On December 27, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in November. The 14 orders include “two consent orders; one civil money penalty; one order terminating consent order; one supervisory prompt corrective directive action; five section 19 orders (prohibiting persons who have been convicted of any criminal offense involving dishonesty, breach of trust, or money laundering from serving as institution-affiliated parties with respect to an insured depository institution); two removal and prohibition orders; and two orders terminating prompt supervisory corrective action directives.” In one action, the FDIC issued a consent order against an Illinois-based bank related to alleged weaknesses in its Bank Secrecy Act (BSA) compliance program. Among other things, the bank is ordered to (i) implement a revised, written BSA compliance program to address BSA and FinCEN regulation provisions, such as suspicious activity reporting, customer due diligence, and beneficial ownership; (ii) update its Customer Due Diligence Program to assure the reasonable detection of suspicious activity; (iii) implement a process for account transaction monitoring; (iv) retain qualified BSA management to ensure compliance with applicable laws and regulations; (v) implement a comprehensive BSA training program for appropriate personnel; (vi) address automated clearing house (ACH) activity and update policies and procedures to monitor credit risk associated with ACH transactions; and (vii) refrain from entering into any new lines of business prior to conducting appropriate due diligence.
OFAC announces sanctions against Russia-based organization for malware attacks on financial institutions
On December 5, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13694 against a Russia-based cybercriminal organization for allegedly developing and distributing malware that infected financial institutions and resulted in more than $100 million in theft. OFAC’s action targets 17 individuals and seven entities and is “intended to disrupt the massive phishing campaigns orchestrated by [the organization],” Treasury Secretary Steven T. Mnuchin stated. According to OFAC, the organization used the malware to infect computers and harvest login credentials from roughly 300 banks and financial institutions in over 40 countries, resulting in millions of dollars of damage to U.S. and international financial institutions and their customers. As a result of the sanctions, all property and interests in property of these persons subject to U.S. jurisdiction are blocked, along with “any entities 50 percent or more owned by one or more designated persons.” OFAC noted that its regulations “generally prohibit” U.S. persons from participating in transactions with designated persons, and warned that “foreign persons may be subject to secondary sanctions for knowingly facilitating a significant transaction or transactions with these designated persons.”
In a concurrent action announced the same day, the DOJ unsealed criminal charges—including those related to international computer hacking and bank fraud schemes—against two of the organization’s members. In addition, Treasury’s Financial Crimes Enforcement Network and the Cybersecurity and Infrastructure Security Agency released a report providing a technical analysis of the malware and related variants, emphasizing that because the malware continues to target the financial services sector, financial institutions should review and incorporate the report’s techniques, tactics, and procedures into existing network defense capabilities and planning.
FinCEN report: SARs help prevent elder financial exploitation
On December 4, FinCEN announced the release of a Financial Trend Analysis titled, “Elders Face Increased Financial Threat from Domestic and Foreign Actors.” In compiling the report, FinCEN reviewed Bank Secrecy Act (BSA) elder financial exploitation suspicious activity reports (SARs) from 2013 to 2019 to detect patterns and trends. Among other things, the study found that (i) elder financial exploitation filings nearly tripled during the study period, from around 2,000 per month in 2013 to nearly 7,500 in 2019, the majority of which were filed by money services businesses (MSBs) and depository institutions; (ii) while the amount of SARs filed by MSBs ebbed and flowed from 2013 to 2019, those of depository institutions steadily increased; (iii) MSBs filed nearly 80 percent of all SARs describing financial scams, while securities and futures firms filed just over 70 percent of all SARs describing theft; (iv) financial theft from elders is most frequently perpetrated by family members or caregivers; (v) SARs indicated that the most common scams included lottery, person-in-need, and romance scams, the majority of which saw elder victims transferring funds through MSBs; and (vi) money transfer scam SARs were most commonly filed by MSBs who transferred money to a receiver located outside the U.S.
Special Alert: Banks no longer required to file SARs for hemp-related businesses
Federal and state banking regulators confirmed in a December 3 joint statement that banks are no longer required to file a suspicious activity report on customers solely because they are “engaged in the growth or cultivation of hemp in accordance with applicable laws and regulations.”
* * *
Click here to read the full special alert.
For questions about the alert and related issues, please visit our Bank Secrecy Act/Anti-Money Laundering practice page, or contact a Buckley attorney with whom you have worked in the past.FinCEN director discusses CVC compliance requirements
On November 15, Financial Crimes Enforcement Network (FinCEN) Director Kenneth Blanco delivered remarks at the Chainalysis Blockchain Symposium to discuss, among other things, the agency’s focus on convertible virtual currency (CVC) and remind attendees—particularly financial institutions—of their compliance obligations. Specifically, Blanco emphasized that FinCEN applies a “technology-neutral regulatory framework to any activity that provides the same functionality at the same level of risk, regardless of its label.” As such, money transmissions denominated in CVC, Blanco stated, are money transmissions. Blanco discussed guidance issued by FinCEN in May (previously covered by InfoBytes here) that reminded persons subject to the Bank Secrecy Act (BSA) how FinCEN regulations relating to money services businesses apply to certain business models involving money transmissions denominated in CVC. Blanco also highlighted the agency’s recent collaboration with the CFTC and the SEC to issue joint guidance on digital asset compliance obligations. (Previous InfoBytes coverage here.) Highlights of Blanco’s remarks include (i) suspicious activity reporting related to CVC has increased, including “filings from exchanges identifying potential unregistered, foreign-located money services businesses”; (ii) compliance with the “Funds Travel Rule” is mandatory and applies to CVC; (iii) for anti-money laundering/combating the funding of terrorism purposes, accepting and transmitting activity denominated in stablecoins falls within FinCEN's definition of “money transmission services” under the BSA; and (iv) administrators of stablecoins must register as money services businesses with FinCEN.
FinCEN renews GTOs covering 12 metropolitan areas; legal entities that are U.S. publicly-traded companies not required to report
On November 8, the Financial Crimes Enforcement Network (FinCEN) announced the renewal of its Geographic Targeting Order (GTO), which requires U.S. title insurance companies to identify the natural persons behind shell companies that pay “all cash” (i.e., the transaction does not involve external financing) for residential real estate in 12 major metropolitan areas. While the purchase amount threshold for the beneficial ownership reporting requirement remains set at $300,000 for residential real estate purchased in the 12 covered areas, FinCEN modified the renewed GTO to note that it “will not require reporting for purchases made by legal entities that are U.S. publicly-traded companies. Real estate purchases by such entities are identifiable through other business filings.”
The renewed GTO takes effect November 12 and covers certain counties within the following areas: Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle.
FinCEN FAQs regarding GTOs are available here.
FinCEN final rule designates Iran a primary money laundering concern; new Treasury and State department mechanism to make humanitarian trade more transparent
On October 25, the U.S. Treasury Department announced the issuance of a final rule by the Financial Crimes Enforcement Network (FinCEN) to impose a fifth special measure against Iran as a jurisdiction of primary money laundering concern under Section 311 of the USA Patriot Act. The final rule prohibits U.S. financial institutions from opening or maintaining a correspondent account on behalf of an Iranian financial institution, and also prohibits U.S. financial institutions from processing transactions involving Iranian financial institutions. The final rule takes effect ten days after publication in the Federal Register.
FinCEN stated that its action is based on Iran’s abuse of the international financial system, including providing support for terrorist groups such as Hizballah and HAMAS, and builds upon Treasury’s Office of Foreign Assets Control’s (OFAC) September designation of Iran’s central bank for providing financial support to the Islamic Revolutionary Guards Corps, its Qods Force, and Hizballah (previous InfoBytes coverage here). Additionally, FinCEN determined that the Iranian regime continues to engage in deceptive financial practices through the use of front companies and shell companies, among other things, to facilitate military purchases. These actions, FinCEN noted, are “further compounded by Iran’s continued failure to adequately address its AML/CFT deficiencies, as identified by the Financial Action Task Force,” which recently re-imposed countermeasures and enhanced due diligence strategies on Iran and “called on its members and urged all jurisdictions to advise their financial institutions to apply enhanced due diligence with respect to business relationships and transactions with natural and legal persons from Iran.” (Previous InfoBytes coverage here.)
Concurrent with the imposition of the fifth special measure, Treasury and the U.S. Department of State announced a new mechanism to increase the transparency of humanitarian trade with Iran that will establish processes for participating foreign governments and financial institutions when conducting enhanced due diligence designed to mitigate the higher risks associated with Iran-related transactions. OFAC’s guidance outlines due diligence and reporting requirements for participating entities, and stipulates that “[p]rovided that foreign financial institutions commit to implement stringent enhanced due diligence steps, the framework will enable them to seek written confirmation from Treasury that the proposed financial channel will not be exposed to U.S. sanctions.”
House passes AML/Bank Secrecy Act modernization bill
On October 22, the U.S. House passed the Corporate Transparency Act of 2019 (H.R. 2513) by a vote of 249-173. The bill, which now heads to the Senate, would, among other things, update anti-money laundering (AML) rules, and direct the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) to collect and retain beneficial ownership information for corporations and limited liability companies for law enforcement agencies to access. Additionally, H.R. 2513 would update and revise the existing AML/Bank Secrecy Act framework to facilitate information sharing between law enforcement and regulators to prevent illicit activity such as terrorist financing and money laundering. The White House issued a statement of administration policy after the bill’s passage to commend the measure, emphasizing, however, that additional steps must be taken to improve H.R. 2513 as it moves along the legislative process: “These include aligning the definition of ‘beneficial owner’ to the [FinCEN’s] Customer Due Diligence Final Rule, protecting small businesses from unduly burdensome disclosure requirements, and providing for adequate access controls with respect to the information gathered under this bill’s new disclosure regime.”
Agencies issue BSA compliance reminder on digital assets
On October 11, the SEC, Commodity Futures Trading Commission (CFTC), and Financial Crimes Enforcement Network (FinCEN) issued a joint statement to remind persons who engage in digital asset activities or handle cryptocurrency transactions of their anti-money laundering and countering the financing of terrorism (AML/CFT) obligations under the Bank Secrecy Act (BSA). According to the agencies, AML/CFT obligations apply to entities defined as “financial institutions” under the Bank Secrecy Act, which include “futures commission merchants and introducing brokers obligated to register with the CFTC, money services businesses (MSB) as defined by FinCEN, and broker-dealers and mutual funds obligated to register with the SEC.” The obligations include, among other things, (i) establishing and implementing an effective AML program; and (ii) complying with recordkeeping and reporting requirements such as suspicious activity reporting (SARs).
The agencies note that persons who engage in digital asset-related activities may have AML/CFT obligations regardless of the “label or terminology used to describe a digital asset or a person engaging in or providing financial activities or services involving a digital asset.” According to the agencies, the facts and circumstances underlying the asset or service, “including its economic reality and use,” is what determines how the asset is categorized, the applicable regulatory treatment, and whether the persons involved are financial institution under the BSA.
Additionally, FinCEN reminded financial institutions of its supervisory and enforcement authority to “ensure the effectiveness of the AML/CFT regime,” emphasizing that persons who provide money transmission services are MSBs subject to FinCEN regulation. FinCEN also referred to its May 2019 interpretive guidance, which consolidated and clarified current FinCEN regulations, guidance, and administrative rulings related to money transmissions involving virtual currency. (Previous InfoBytes coverage here.)