Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FinCEN stresses importance of reliable digital interactions

    Federal Issues

    On September 7, speaking before the 2022 Federal Identity Forum & Exposition in Atlanta, Georgia, acting Deputy Director of FinCEN Jimmy Kirby addressed the importance digital identity plays in FinCEN’s mission as it relates to privacy and cybersecurity, particularly with respect to protecting the U.S. financial system from illicit finance. This includes helping financial institutions comply with various reporting requirements, such as filing suspicious activity reports and currency transaction reports and ensuring that recordkeeping requirements under the Customer Identification Program and Customer Due Diligence rules are met. While Kirby recognized that digital identity frameworks have the potential to “spur innovation in financial products and services across the legacy financial system, as well as digital assets and emerging central bank digital currencies,” he stressed it is vital that digital identity is handled correctly through the implementation of “identity solutions that preserve privacy and security, promote financial inclusion, and protect the integrity of the financial system.” Focusing on topics related to emerging threats and responsible innovation, Kirby emphasized the need for financial institutions to implement measures for knowing who their customers are, both on the front end and throughout the customer relationship, and to take steps to prevent identity theft and fraud. Kirby also discussed the importance of fostering responsible innovation and developing infrastructure, information sharing, and standards that mitigate the risks associated with digital identities.

    Federal Issues FinCEN Financial Crimes Fintech Digital Identity Anti-Money Laundering Combating the Financing of Terrorism Digital Assets

  • House Republican concerned about Treasury sanctions on virtual currency mixer

    Federal Issues

    On August 23, Representative Tom Emmer (R-MN) sent a letter to Treasury Secretary Janet Yellen raising privacy and due process concerns related to recent “first-of-their-kind” sanctions issued against a virtual currency mixer accused of allegedly laundering more than $7 billion in virtual currency, including more than $455 million stolen by a Democratic People’s Republic of Korea state-sponsored hacking group that is separately subject to U.S. sanctions (covered by InfoBytes here). The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) said the sanctions resulted from the company “having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a cyber-enabled activity originating from, or directed by persons located, in whole or in substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.” (Covered by InfoBytes here.)

    Emmer stressed, however, that adding the company to OFAC’s Specially Designated Nationals and Blocked Persons (SDN) List seemed to diverge from previous OFAC precedent since several of the company’s designated “smart contract addresses” do not appear to be a person, entity, or property, but rather are distributed technological tools that are not controlled by any entity or natural person. “OFAC has a long, commendable history of utilizing financial sanctions to enhance the national security of the United States,” the letter said. “Nonetheless, the sanctioning of neutral, open-source, decentralized technology presents a series of new questions, which impact not only our national security but the right to privacy of every American citizen.” Emmer referenced May 2019 guidance issued by FinCEN (covered by InfoBytes here), which he said drew “a distinction between ‘providers of anonymizing services’ (including ‘mixers’)” which are subject to Bank Secrecy Act obligations and “‘anonymizing software providers’” which are not. Emmer recognized that OFAC is not bound by FinCEN regulations, but said it is his understanding that the sanctioned company is “simply the anonymizing software deployed on the blockchain.”

    Emmer requested clarification from Treasury on several questions, including the factors OFAC considers when designating technology to the SDN List and how OFAC plans to “uphold the appeals process for the sanctioned addresses that have no ability to appeal the sanction to OFAC” because they “are smart contracts with no agency, corporate or personal, and as such cannot speak for themselves or those whose funds they hold.”

    Federal Issues Digital Assets Financial Crimes Department of Treasury Sanctions OFAC Of Interest to Non-US Persons Virtual Currency Cryptocurrency North Korea FinCEN U.S. House

  • Agencies release customer relationship and due diligence guidance

    On July 6, the FDIC, Federal Reserve Board, FinCEN, NCUA, and OCC issued a joint statement concerning banks’ risk-based approach for assessing customer relationships and conducting customer due diligence (CDD). Specifically, the joint statement reinforces the agencies’ “longstanding position that no customer type presents a single level of uniform risk or a particular risk profile related to money laundering (ML), terrorist financing (TF), or other illicit financial activity.” Banks are reminded that they must apply a risk-based approach to CDD and adopt appropriate risk-based procedures for conducting ongoing CDD when developing risk profiles of their customers. Because customer relationships present varying levels of ML, TF, and other illicit financial activity risks, the agencies advised banks to, among other things, (i) understand the nature and purpose of customer relationships; and (ii) “conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”

    Additionally, banks that comply with applicable Bank Secrecy Act/anti-money laundering (BSA/AML) legal and regulatory requirements and effectively manage and mitigate risks related to the unique characteristics of customer relationships, “are neither prohibited nor discouraged from providing banking services to customers of any specific class or type,” the agencies said, adding that “as a general matter” they will not direct banks to open, close, or maintain specific accounts as they “recognize that banks choose whether to enter into or maintain business relationships based on their business objectives and other relevant factors, such as the products and services sought by the customer, the geographic locations where the customer will conduct or transact business, and banks’ ability to manage risks effectively.” Banks are encouraged “to manage customer relationships and mitigate risks based on customer relationships, rather than decline to provide banking services to entire categories of customers.”

    The joint statement is applicable to all customer types referenced in the Federal Financial Institutions Examination Council (FFIEC) BSA/AML Examination Manual, as well as to those not specifically addressed in the manual. These include “independent automated teller machine owners or operators, nonresident aliens and foreign individuals, charities and nonprofit organizations, professional service providers, cash intensive businesses, nonbank financial institutions, and customers the bank considers politically exposed persons.” The agencies reiterated that the joint statement does not alter existing BSA/AML legal or regulatory requirements, nor does it establish new supervisory expectations. Moreover, the FFIEC BSA/AML Examination Manual does not establish requirements for banks, nor should the inclusion of sections on specific customer types be interpreted as a signal that certain customer types present uniformly higher risk.

    Bank Regulatory Financial Crimes Federal Issues Agency Rule-Making & Guidance Federal Reserve FDIC OCC NCUA FinCEN Risk Management Customer Due Diligence Terrorist Financing Illicit Finance FFIEC Of Interest to Non-US Persons

  • OFAC sanctions nearly 100 Russian targets; prohibits Russian gold imports

    Financial Crimes

    On June 28, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Orders (E.O.) 14024 and 14065 against 70 entities—many of which, according to OFAC, “are critical to the Russian Federation’s defense industrial base, including State Corporation Rostec, the cornerstone of Russia’s defense, industrial, technology, and manufacturing sector.” Twenty-nine Russian individuals were also designated. “We once again reaffirm our commitment to working alongside our partners and allies to impose additional severe sanctions in response to Russia’s war against Ukraine,” Treasury Secretary Janet L. Yellen said. OFAC’s designations occurred in tandem with actions taken by the U.S. State Department, which include sanctions against an additional 45 entities and 29 individuals as well as visa restrictions against “officials believed to have threatened or violated Ukraine’s sovereignty, territorial integrity, or political independence.” Additionally, OFAC immediately prohibited the importation of Russian gold into the U.S. (unless licensed or otherwise authorized by OFAC). As a result of the sanctions, all property and interests in property belonging to the designated persons in the U.S. are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” OFAC noted that U.S. persons are prohibited from participating in transactions with the sanctioned persons unless authorized by a general or specific license.

    A joint alert issued by FinCEN and the U.S. Department of Commerce’s Bureau of Industry and Security also urged financial institutions to remain vigilant against Russian and Belarusian export control evasion and to take a “risk-based approach” for identifying potentially suspicious activity, such as end-use certificates, export documents, or letters of credit-based trade financing. “Financial institutions and the private sector continue to play a key role in disrupting Russia’s efforts to acquire critical goods and technology to support its war-making efforts,” OFAC stated in its announcement.

    On the same day, OFAC issued several new Russia-related general licenses (GL): (i) GL 39 authorizes the wind down of transactions ordinarily incident and necessary involving State Corporation Rostec that are normally prohibited by E.O. 14024; (ii) GL 40 authorizes “all transactions ordinarily incident and necessary to the provision, exportation, or reexportation of goods, technology, or services to ensure the safety of civil aviation involving one or more of” certain blocked entities; (iii) GL 41 authorizes certain transactions related to agricultural equipment that are normally prohibited by the Russian Harmful Foreign Activities Sanctions Regulations; (iv) GL 42 authorizes certain transactions with the Federal Security Services; and (v) GL 43 authorizes the divestment or transfer of debt or equity of, and wind down of derivative contracts involving the Public Joint Stock Company Severstal or Nord Gold PLC.

    OFAC also published a Determination Pursuant to Section 1(a)(i) of Executive Order 14068 concerning prohibitions related to the importation of Russian gold and issued one new and one amended frequently asked question.

    The Russian Elites, Proxies, and Oligarchs (REPO) Task Force also issued a joint statement summarizing actions taken by REPO members against sanctioned Russians. The efforts have led to more than $30 billion worth of sanctioned Russians’ assets being blocked or frozen and has heavily restricted sanctioned Russians’ access to the international financial system.

    Financial Crimes Of Interest to Non-US Persons Department of Treasury OFAC OFAC Designations OFAC Sanctions Russia Ukraine Ukraine Invasion Department of State FinCEN Department of Commerce

  • FinCEN issues statement on independent ATM customer due diligence

    Financial Crimes

    On June 22, FinCEN issued a statement providing clarity to banks on the application of a risk-based approach to conducting customer due diligence (CDD) on independent Automated Teller Machine (ATM) owners or operators, consistent with FinCEN’s 2016 CDD Rule. As previously covered by InfoBytes, FinCEN issued a final rule imposing standardized CDD requirements for banks, broker-dealers, mutual funds, futures commission’s merchants, and brokers in commodities in May 2016. The rule established that covered institutions must identify any natural person that owns, directly or indirectly, 25 percent or more of a legal entity customer or that exercises control over the entity. The rule also established ongoing monitoring for reporting suspicious transactions and, on a risk basis, updating customer information. The recently released statement explained that the level of money laundering and terrorism financing risk varies with these customers, and that they do not automatically present a higher level of risk. FinCEN pointed to certain customer information that may be useful for banks in making determinations on the risk profile of independent ATM owner or operator customers, including, among other things: (i) organizational structure and management; (ii) operating policies, procedures, and internal controls; (iii) currency servicing arrangements; (iv) source of funds if a bank account is not used to replenish the ATM; and (v) description of expected and actual ATM activity levels.

    Financial Crimes Agency Rule-Making & Guidance FinCEN Customer Due Diligence ATM Terrorist Financing

  • FinCEN issues statements on its lists of jurisdictions with AML/CFT/CPF deficiencies

    Financial Crimes

    On June 23, FinCEN announced that the Financial Action Task Force (FATF) issued public statements updating its lists of jurisdictions with strategic deficiencies in anti-money laundering (AML), countering the financing of terrorism (CFT), and countering the financing of proliferation of weapons of mass destructions (CPF). FATF’s statements include (i) Jurisdictions under Increased Monitoring, “which publicly identifies jurisdictions with strategic deficiencies in their AML/CFT/CPF regimes that have committed to, or are actively working with, the FATF to address those deficiencies in accordance with an agreed upon timeline,” and (ii) High-Risk Jurisdictions Subject to a Call for Action, “which publicly identifies jurisdictions with significant strategic deficiencies in their AML/CFT/CPF regimes and calls on all FATF members to apply enhanced due diligence, and, in the most serious cases, apply counter-measures to protect the international financial system from the money laundering, terrorist financing, and proliferation financing risks emanating from the identified countries.” FinCEN’s announcement also informs members that FATF removed Malta from its list of Jurisdictions under Increased Monitoring and added Gibraltar, and that its list of High-Risk Jurisdictions Subject to a Call for Action continues to subject Iran and the Democratic People’s Republic of Korea to the FATF’s countermeasures.

    Financial Crimes Anti-Money Laundering Combating the Financing of Terrorism Combating Weapons of Mass Destruction Proliferation Financing FATF FinCEN Of Interest to Non-US Persons

  • FinCEN issues warning on elder financial exploitation

    Federal Issues

    On June 15, FinCEN issued an advisory alerting financial institutions about the increase of elder financial exploitation (EFE). EFE involves the illegal or improper use of an older adult’s funds, among other things, and is often perpetrated either through theft or scams. According to the advisory, financial institutions filed 72,000 suspicious activity reports in 2021 related to EFE—an increase of 10,000 reports from 2020. The advisory provides updated typologies since FinCEN issued its first advisory on the issue in 2011, and highlights behavioral and financial red flags to aid financial institutions with identifying, preventing, and reporting suspected EFE. The announcement also refers to the risk-based approach to compliance under the Bank Secrecy Act, which provides that “[f]inancial institutions should perform additional due diligence where appropriate and remain alert to any suspicious activity that could indicate that their customers are perpetrators, facilitators, or victims of EFE.”

    Federal Issues Financial Crimes FinCEN Elder Financial Exploitation SARs Bank Secrecy Act

  • U.S., UK collaborate on privacy-enhancing tech prize challenges

    Privacy, Cyber Risk & Data Security

    On June 13, the White House announced that the U.S. and UK governments are developing privacy-enhancing technology prize challenges to help address cross-border money laundering. The White House highlighted that the estimated $2 trillion of cross-border money laundering which happens annually could be better detected if improvements were made to information sharing and collaborative analytic efforts. However, research shows that this process “is hindered by the legal, technical and ethical challenges involved in jointly analyzing sensitive information,” the White House said. Privacy-enhancing technologies (PETs) could play a transformative role in addressing the global challenges of financial crime, the White House explained, noting that PETs can allow “machine learning models to be trained on high quality datasets collaboratively among organizations, without the data leaving safe environments.” Moreover, “[s]uch technologies have the potential to help facilitate privacy-preserving financial information sharing and analytics,” thus “allowing suspicious types of behavior to be identified without compromising the privacy of individuals, or requiring the transfer of data between institutions or across borders.” 

    Opening this summer, the challenges (developed between the White House Office of Science and Technology Policy, the U.S. National Institute of Standards and Technology, the U.S. National Science Foundation, the UK’s Center for Data Ethics and Innovation, and Innovate UK) will allow innovators to develop state-of-the-art privacy-preserving federated learning solutions to help combat barriers to the wider use of these technologies without the uncertainty of potential regulatory implications. Innovators will engage with the U.K.’s Financial Conduct Authority and Information Commissioner’s Office and the Financial Crimes Enforcement Network. Acting FinCEN Director Himamauli Das announced that the agency “is pleased to support this important initiative to advance the development of a building block for protecting the U.S. financial system from illicit finance.” 

    Privacy/Cyber Risk & Data Security Financial Crimes Biden UK Of Interest to Non-US Persons FinCEN Anti-Money Laundering

  • FinCEN issues ANPRM on no-action letter process

    Financial Crimes

    On June 3, FinCEN issued an Advance Notice of Proposed Rulemaking (ANPRM) soliciting comments on questions related to implementing a no-action letter process at the agency. The ANPRM is part of FinCEN’s implementation of the Anti-Money Laundering Act of 2020, which directed the agency to conduct an assessment of a no-action letter process concerning how anti-money laundering or countering the financing of terrorism laws may apply to specific conduct. The ANPRM follows FinCEN’s June 2021 report to Congress (covered by InfoBytes here), which concluded that the agency should undertake rulemaking to establish a process for issuing no-action letters that will supplement its current forms of regulatory guidance and relief. FinCEN noted in its announcement that the addition of a no-action letter process (“generally understood to be a form of enforcement discretion where an agency states by letter that it will not take an enforcement action against the submitting party for the specific conduct presented to the agency”) could overlap with and “affect other forms of regulatory guidance and relief that FinCEN already offers, including administrative rulings and exceptive or exemptive relief.” The agency is seeking public input on whether the process should be implemented and, if so, how the process should work. Included in the ANPRM are questions concerning, among other things, FinCEN jurisdiction (specifically “[w]hat is the value of establishing a FinCEN no-action letter process if other regulators with jurisdiction over the same entity do not issue a similar no-action letter”), whether there should be limitations on which factual circumstances could be considered, and whether the scope of a no-action letter should be limited so that requests may not be submitted during a Bank Secrecy Act examination. The ANPRM also asked questions related to changes in circumstances, revocations, denials and withdrawals, confidentiality and consultation concerns, and criteria for distinguishing no-action letters from administrative rulings or exceptive/exemptive relief.

    Comments on the ANPRM are due August 5.

    Financial Crimes Agency Rule-Making & Guidance Of Interest to Non-US Persons FinCEN No Action Letter Anti-Money Laundering Act of 2020 Anti-Money Laundering Combating the Financing of Terrorism Bank Secrecy Act

  • FinCEN renews GTOs covering 12 metropolitan areas

    Financial Crimes

    On April 29, FinCEN reissued the renewal of its Geographic Targeting Orders (GTOs). The GTOs require U.S. title insurance companies to identify the natural persons behind shell companies that pay “all cash” (i.e., the transaction does not involve external financing) for residential real estate in the 12 major metropolitan areas covered by the orders. The renewed GTOs are identical to the October 2021 GTOs (covered by InfoBytes here). The purchase amount threshold for the beneficial ownership reporting requirement remains set at $300,000 for residential real estate purchased in the covered areas. The renewed GTOs take effect April 30 and end October 26, and cover certain counties within the following areas: Boston, Chicago, Dallas-Fort Worth, Honolulu, Las Vegas, Los Angeles, Miami, New York City, San Antonio, San Diego, San Francisco, and Seattle.

    FinCEN FAQs regarding GTOs are available here.

    Financial Crimes FinCEN Of Interest to Non-US Persons Anti-Money Laundering GTO

Pages

Upcoming Events