InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCEN deputy director discusses innovation, non-bank supervision, and “culture of compliance”
On September 11, Financial Crimes Enforcement Network (FinCEN) Deputy Director Jamal El-Hindi delivered remarks at the 2019 Money Transmitter Regulators Association’s annual conference. El Hindi’s remarks focused on innovation and reform pertaining to the Bank Secrecy Act (BSA), supervision in the non-bank financial institution sector and coordination with state supervisors, and “the importance of a strong culture of compliance and what it means in a national and global security context.” According to El-Hindi, the BSA/anti-money laundering system “is good; but it can always be improved,” including through innovations that can “help better detect and safeguard against illicit activity.” El-Hindi reiterated FinCEN’s policy statement from December 2018, which encouraged innovation in the banking sector. (Previously covered by InfoBytes here.)
El-Hindi also highlighted recent discussions related to the role artificial intelligence can play in reducing false positives to assist human analysis, and the potential for blockchain technology to enhance transparency through the understanding of customer identity or transaction profiles. He noted that these themes and others emerged from FinCEN’s recent “Innovation Hours Program,” which encourages fintech companies, regtech companies, and financial institutions to present to FinCEN new and innovative products and services for potential use in the financial sector. The program’s upcoming September meeting will focus on innovations in “know your customer” compliance, BSA reporting, and core inter-bank payment and messaging systems associated with industry anti-money laundering/combating the financing of terrorism efforts. Additionally, El-Hindi noted that FinCEN’s enhanced supervision of nonbank financial institutions involves “actively prioritizing and engaging in,” among other activities, (i) conducting examinations of “specialized, rapidly evolving” financial services providers (e.g., virtual currency exchangers and administrators); (ii) identifying sector data to support FinCEN's analytic endeavors; and (iii) developing a stronger framework for risk assessments of the nonbank financial sector “from both the compliance and illicit activity standpoints.” El-Hindi closed his remarks by encouraging FinCEN and other regulators to discuss with foreign counterparts “the concept of a culture of compliance in the United States and what underpins it, and explore with our counterparts concepts that could underpin a culture of compliance in their own jurisdictions.”
FDIC enforcement actions include flood insurance, BSA violations
On August 30, the FDIC announced its release of a list of administrative enforcement actions taken against banks and individuals in July. The list reflects that the FDIC issued fourteen orders and one notice of charges, which include “four stipulated consent orders; four terminations of consent orders; four Section 19 orders; one stipulated civil money penalty order; one stipulated removal and prohibition order; and one notice of charges and hearing.”
Among other actions, the FDIC assessed a civil money penalty (CMP) against a Louisiana-based bank for alleged violations of the Flood Disaster Protection Act, including, among other things, (i) failing to obtain flood insurance coverage on loans at the time of origination, increase, renewal, or extension; or (ii) failing to maintain flood insurance coverage for the term of a loan secured by property located or to be located in a special flood hazard area.
The FDIC also entered into consent orders with an Oklahoma-based bank and a West Virginia-based bank relating to alleged weaknesses in their Bank Secrecy Act compliance programs.
FinCEN division will investigate global money-laundering threats
On August 28, the Financial Crimes Enforcement Network (FinCEN) announced a new division intended to investigate global money laundering threats. The Global Investigations Division (GID)—led by Matthew Stiglitz, a former senior official in the Department of Justice’s Criminal Division—will target activities such as weapons of mass destruction proliferation, rogue state actors, transnational organized crime, and narcotics trafficking. According to FinCEN, GID will utilize the agency’s Bank Secrecy Act authorities, including Section 311 of the USA PATRIOT Act, to combat both domestic and international illicit terrorist finance and money laundering threats.
NCUA allows credit unions to serve hemp businesses
On August 19, the NCUA released interim guidance allowing federally insured credit unions to service hemp businesses. The guidance notes that, as of December 20, hemp is no longer a controlled substance at the federal level—the Agriculture Improvement Act of 2018 (2018 Farm Bill) removed hemp from Schedule I of the Controlled Substances Act. However, hemp may not be produced lawfully under federal law, beyond a 2014 pilot program, until the USDA promulgates regulations and guidelines to implement the hemp production provisions of the 2018 Farm Bill. The guidance instructs credit unions to be aware of federal, state, and tribal laws and regulations that apply to any hemp-related businesses they may service and to have Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) compliance programs equal to the level of complexity and risks involved. The guidance emphasizes that lending to lawfully operating hemp-related businesses is permissible, but that the lending must be done in accordance with NCUA’s regulations for lending, and appropriate underwriting standards must be considered. NCUA notes that the guidance will be updated once the USDA regulations are finalized.
FinCEN director discusses gaming industry AML compliance
On August 13, Financial Crimes Enforcement Network (FinCEN) Director Kenneth Blanco delivered remarks at the 12th Annual Las Vegas Anti-Money Laundering Conference stressing the need for compliance within the gaming industry, particularly as new technologies emerge such as mobile gaming and the use of convertible virtual currencies (CVC) increases. With the U.S. Supreme Court issuing a decision in May holding that states can legalize sports gambling (previously covered by InfoBytes here), Blanco stated that casinos need to consider ways to integrate their sports betting programs—including mobile sports betting apps—into their existing anti-money laundering programs. These measures must include establishing and implementing procedures for detecting and reporting suspicious activities, Blanco noted, reminding the audience of FinCEN’s FAQs designed to assist financial institutions when reporting cyber indicators and cyber-enabled financial crime.
Blanco also discussed FinCEN’s work with respect to cybersecurity and virtual payments, noting, among other things, that both online and physical casinos that accept CVC need to consider how they review transactions to determine the source of the currency and recognize indicators of suspicious activity. Blanco referred casinos to consolidated guidance issued by FinCEN in May (previously covered by InfoBytes here), and expressed a concern that “CVC-related SAR filings by casinos have not been as robust as expected since the May CVC guidance and advisory were published.” He further stressed the importance of information-sharing between casinos, and highlighted that sharing SARs can contribute to the identification of suspicious transactions as well as Bank Secrecy Act compliance responsibilities.
FDIC Chairman stresses innovation in banking
On August 2, FDIC Chairman Jelena McWilliams spoke before the Financial Conduct Authority’s 2019 Global AML and Financial Crime TechSprint in Washington, D.C. on the importance of promoting innovation within the banking industry and ramping up efforts to help banks embrace new technologies. McWilliams noted that she is “impatient for transformation,” especially in areas that would assist banks—particularly community banks—in eliminating regulatory uncertainty, adopting new technologies, managing risks, or partnering with fintech startups to improve regulatory compliance in areas such as Bank Secrecy Act/anti-money laundering rules. McWilliams discussed the FDIC’s new office of innovation (FDiTech), which was created to support these goals. In particular, McWilliams indicated that the FDIC would support collaboration with developers, institutions, and regulators to pilot new products and services, with the goal of publishing the results of these pilots to facilitate understanding of what worked, what did not, and methods of improvement going forward. According to McWilliams, “[b]y promoting these developments and encouraging our FDIC-supervised institutions to voluntarily adopt a more advanced technological footing, we can help foster the transformation of the community banking sector. In turn, the institutions we supervise can reach greater efficiency with products and services that are more attractive to consumers.”
OCC releases June enforcement actions
On July 18, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include personal cease-and-desist orders, civil money penalties, formal agreements, prompt corrective action directives, removal and prohibition orders, and terminations of existing enforcement actions. Included in the list is a formal agreement issued against a Texas-based bank on June 20 for alleged unsafe or unsound practices related to, among other things, compliance risk management and violations of laws and regulations concerning the Flood Disaster Protection Act (FDPA), Bank Secrecy Act, TILA, RESPA, and the Expedited Funds Availability Act. Among other things, the agreement requires the bank to (i) appoint a compliance committee responsible for submitting a written progress report detailing specific corrective actions; (ii) ensure that it has “sufficient and competent management”; (iii) prepare a risk-based consumer compliance program, which must include revised policies and procedures related to the Servicemembers’ Civil Relief Act, TILA-RESPA Integrated Disclosure rule, and the FDPA; and (iv) take measures to “ensure that current and satisfactory credit and proper collateral information is maintained on all loans.”
Federal banking agencies and FinCEN issue statement on risk-focused BSA/AML examinations
On July 22, the Federal Reserve Board, FDIC, NCUA, and the OCC along with the Financial Crimes Enforcement Network (FinCEN), released a joint statement to improve transparency of their risk-focused approach to Bank Secrecy Act/anti-money laundering (BSA/AML) supervision. The statement outlines common practices for assessing a bank’s risk profile, including (i) leveraging available information, including internal BSA/AML risk assessments, independent audits, and results from previous examinations; (ii) contacting banks between examinations or before finalizing the scope of an examination; and (iii) considering the bank’s ability to identify, measure, monitor, and control risks. Examiners will use the information from the risk assessments to scope and plan the examination, as well as to evaluate the adequacy of the bank’s BSA/AML compliance program. The statement notes that the extent of examination activities needed to evaluate a bank’s BSA/AML compliance program, “generally depends on a bank’s risk profile and the quality of its risk management processes.”
Japanese bank pays $33 million to settle NYDFS claims of weak BSA/AML controls
On June 24, the New York Department of Financial Services (NYDFS), together with the New York Attorney General, announced a $33 million settlement with a Japanese bank resolving allegations the bank’s internal controls—specifically, its anti-money laundering (AML), Bank Secrecy Act (BSA), and Office of Foreign Assets Control (OFAC) sanctions compliance programs—at its New York Branch were “systematically deficient” between November 2014 and November 2018. This allegedly resulted in violations of state and federal laws and regulations, as well as two previous NYDFS consent orders from 2013 and 2014. The settlement resolves an action that was commenced by the bank against NYDFS in connection with a 2017 application with the OCC to convert its state-licensed branches in New York, Illinois, and California and its state-licensed agency offices in Texas to federally licensed branches and agency offices. The action sought to block a NYDFS order that would keep the bank under its supervisory purview notwithstanding the OCC’s granting of the federal charter. The settlement indicates that neither NYDFS, NYAG, or the bank admit any wrongdoing, but have agreed to dismiss all outstanding claims, upon the bank’s monetary payment. The settlement states that NYDFS releases the bank of any further obligations related to the previous consent orders and notes that it “will not attempt to exercise any visitorial power or other supervisory, regulatory, or enforcement authority over [the bank] or its branches or agencies.”
FDIC fines banks for flood insurance, BSA violations
On May 31, the FDIC announced its release of a list of administrative enforcement actions taken against banks and individuals in April. The list reflects that the FDIC issued 17 orders, which includes “two consent orders; three terminations of consent orders; five Section 19 orders; three removal and prohibition orders; and four orders to pay civil money penalty.” Among other actions, the FDIC assessed civil money penalties against three separate banks (see here, here, and here) for alleged violations of the Flood Disaster Protection Act, including failing to (i) obtain flood insurance coverage on loans at or before origination; (ii) maintain, increase, extend, renew, or provide written notification to borrowers concerning flood insurance coverage on loans secured by collateral located in special flood hazard areas; (iii) follow force-placement flood insurance procedures; or (iv) provide borrowers with notice of the availability of federal disaster relief assistance within a reasonable timeframe.
The FDIC also assessed a civil money penalty against a New York-based bank related to alleged violations of the Bank Secrecy Act.