Earlier this month, an Atlantic City-based casino was fined $10 million for violating the BSA – more specifically, for failing to (i) create and implement an adequate anti-money laundering program; (ii) establish an effective system of internal controls; and (iii) adequately file currency transaction reports or maintain other required records. Many of the violations that occurred in 2010 through 2012 were previously identified by regulators and brought to the attention of the casino. The federal government will not collect the $10 million civil penalty, but will receive an unsecured claim in the casino’s bankruptcy, pending approval from the bankruptcy judge.
On February 25, New York DFS Superintendent Benjamin Lawsky delivered remarks at Columbia Law School focusing on how state bank regulators can better supervise financial institutions in a post-financial crisis era. In his remarks, Lawsky stated that “real deterrence” to future misconduct “means a focus not just on corporate accountability, but on individual accountability” at the senior executive level. Lawsky also highlighted measures that DFS is considering to prevent money laundering including conducting random audits of regulated firms’ “transaction monitoring and filtering systems” and making senior executives attest to the adequacy of the systems. Lastly, Lawsky outlined several cybersecurity initiatives and considerations that would require third-party vendors to have cybersecurity protections and regulations in place that would mandate the use of “multi-factor authentication” systems for DFS regulated firms.
BuckleySandler hosted a webinar, Individual Liability: Financial Crimes Professionals in the Spotlight, on January 22, 2015 as part of its ongoing FinCrimes Webinar Series. Panelists included Polly Greenberg, Chief, Major Economic Crimes Bureau at the New York County District Attorney’s Office, Richard Small, Senior Vice President for Enterprise-Wide AML, Anti-Corruption and International Regulatory Compliance at American Express, and Michael Zeldin, Special Counsel at BuckleySandler. The following is a summary of the guided conversation moderated by Jamie Parkinson, Partner at BuckleySandler, and key take-aways you can implement in your company.
Best Practice Tips and Take-Aways:
- Be completely transparent with senior management and your board of directors when escalating issues and concerns. Document your requests for program enhancements and management responses.
- Assure yourself that your team is up to the task at hand, adequately resourced and knows that they can escalate anything that concerns them to compliance and/or senior management/the Board.
- When considering the quality of your compliance program, be sure that your program is tested internally by your compliance function, tested again by your organization’s internal audit team, and in addition is examined every few years by external counsel/consultant.
- If confronted with management unwillingness to commit adequate headcount and resources necessary to the compliance program, serious consideration has to be given to resigning and/or reporting these deficiencies.
On January 27, FinCEN fined a New York securities broker-dealer firm $20 million for violating the BSA. According to the press release, the firm failed to (i) establish an adequate anti-money laundering program; (ii) conduct proper due diligence on a foreign correspondent account; and (iii) comply with Section 311 of the USA Patriot Act. These failures resulted in customers engaging in suspicious trading, including prohibited third-party activity and illegal penny stock trading, without it being detected or reported. The firm must pay $10 million of the $20 million penalty to the US Department of the Treasury. The remaining $10 million will be paid to the SEC to settle a parallel enforcement action.
On January 21, the Australian Transaction Reports and Analysis Centre (AUSTRAC) announced a $122,400 penalty (Australian dollars) against a large financial services company for failing to register six affiliate businesses as remittance services providers. AUSTRAC serves as Australia’s regulator of anti-money laundering and counter-terrorism financing activities. AUSTRAC noted the company’s voluntary disclosure was taken into consideration when determining its enforcement approach.
Recently, FinCEN announced a $1 million civil money penalty against the former Chief Compliance Officer (CCO) of a large financial services company for allegedly violating the Bank Secrecy Act (BSA) and its implementing regulations. In its complaint, FinCEN alleges that the CCO, from 2003 through 2008, failed to implement and maintain an effective AML program and file timely Suspicious Activity Reports as required by the BSA. As a result, the company’s money transfer system was used to carry out fraudulent activities causing customers to incur substantial losses. In addition to the penalty, FinCEN is seeking to prohibit the former CCO from participating, directly or indirectly, in the affairs of any financial institution.
BuckleySandler hosted a webinar, Dealing with PEPs: AML & Corruption Risks, on December 18, 2014 as part of its ongoing FinCrimes Webinar Series. Panelists included Mary Butler, Deputy Chief, International Unit, at the Asset Forfeiture & Money Laundering Section, Criminal Division at the U.S. Department of Justice; Paul Dougherty, Managing Director of the anti-money laundering program for the United States and Canada at Bank of America; and Noreen Fierro, Vice President and Chief Compliance Officer of the Group Insurance Division of Prudential Financial. The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways you can implement in your company.
Key Tips and Take-Aways:
- Make sure that the organization has appropriate procedures in place to identify Politically Exposed Persons (PEPs) and that those procedures appropriately explain how a PEP is defined by the institution.
- Understand the different global standards for PEP compliance and, where appropriate, have country-specific policies and procedures to manage onboarding and monitoring.
- Encourage cooperation among the different financial crime compliance disciplines within your institution to assist in identifying and monitoring PEPs.
On December 24, a Maryland-based bank entered into an FDIC consent order involving alleged deficiencies in its BSA/AML compliance program. The consent order requires that the bank’s board of directors increase its oversight of the bank’s BSA compliance program. In addition, under the consent order, the bank must (i) appoint a qualified BSA officer and (ii) conduct a retrospective review of currency transaction reports beginning in May 2013 until the effective date of the consent order to determine whether transactions were properly identified and reported.
On December 18, FINRA announced a joint $1.5 million penalty against two broker-dealers for anti-money laundering failures. According to anti-money laundering compliance program requirements, broker-dealers opening new accounts must identify each customer through an established written Customer Identification Program (CIP). FINRA alleges that the broker-dealers had a deficient CIP system, which over nine years resulted in the failure to conduct customer identity verification for nearly 220,000 new accounts. The firms neither admitted nor denied FINRA’s charges, but agreed to the entry of the agency’s findings.
On December 18, Superintendent Lawsky delivered remarks regarding New York’s revised proposal for regulating virtual currency companies. The new proposal stems from the original July 17 proposal and includes certain revisions previously alluded to on October 17. Lawsky noted that the revisions will provide flexibility to virtual currency startups, while simultaneously allowing the New York Department of Financial Services to remain committed to protecting consumers. Most notably, the revised regulation “will offer a two-year transitional BitLicense, which may be issued to those firms who are unable to satisfy all of the requirements of a full license, and will be tailored to startups and small businesses.” According to Lawsky, while the companies will still have to abide by anti-money laundering and consumer protection requirements, the revisions are intended to “strike an appropriate balance between permitting innovation to proceed, while at the same time strongly protecting consumers and helping root out illicit activity.”
On December 2, the FFIEC announced the release of its revised BSA/AML examination manual. The updated revisions address supervisory expectations and include regulatory changes since the manual’s last publication in 2010. Significantly modified sections of the examination include (i) Suspicious Activity Reporting, (ii) Currency Transaction Reporting, (iii) Foreign Bank and Financial Accounts Reporting, and (iv) Third-Party Payment Processors. The manual is available on the FFIEC BSA/AML InfoBase.
On November 25, FinCEN fined a small Florida-based credit union $300,000 in civil monetary penalties for violating the Bank Secrecy Act (BSA). From 2009 through 2014, FinCEN charged that, among other deficiencies within its anti-money laundering program, the credit union lacked proper internal controls and failed to designate a BSA compliance officer to monitor suspicious transactions. The credit union admitted that it violated Section 314(a) of the USA PATRIOT ACT, which requires financial institutions to search their records of accounts and transactions of individuals who may be involved in money laundering or terrorist financing activities. The credit union, with assets of $4 million and five employees, contracted with a third party vendor to provide services and subaccounts to 56 money services businesses located in Central America, Middle East, and Mexico. FinCEN stated that 90% of the credit union’s annual revenue was generated from these accounts.
On October 27, FinCEN issued two administrative rulings to companies seeking guidance on whether they must register as MSBs and be subject to the required reporting, recordkeeping, and monitoring obligations. In its first letter, a company queried whether its plans to set up a virtual currency trading and booking platform, similar to a traditional securities or commodities exchange, would make it subject to FinCEN regulations. FinCEN responded that the proposed virtual trading platform would be classified as an MSB. As a result, the company would have to register as an MSB as defined under the BSA. In its second ruling, a company asked whether a bitcoin payment system would be subject to the agency’s regulations. The payment system would accept customers’ credit card payments and transfer the payments to merchants in the form of bitcoin. FinCEN ruled that if the company sets up the payment system, the company would be classified as a money transmitter, and subject to BSA regulations, because “it engages as a business in accepting and converting the customers’ real currency into virtual currency for transmission to the merchant.”
On October 8, the Treasury released a statement regarding its continued efforts to support the legitimate use of money transmitters by fostering financial inclusion and financial transparency, while simultaneously addressing its vulnerabilities of money laundering and terrorist financing. Highlighting its progress in the last 15 years, the statement notes that “record volumes of remittances are being transmitted through legitimate and transparent channels.” Looking forward, the treasury will improve upon its efforts to increase banking access for money transmitters by (i) making its expectations for banks clearer; (ii) improving AML/CFT controls and compliance; (iii) heightening AMC/CFT oversight; and (iv) reaching out to financial institutions and their customers. Finally, the Treasury is working with federal banking agencies to ensure that not all money transmitters are treated as high risk by banking institutions. Ensuring that these efforts are both domestic and international, the Treasury is working with the United Kingdom, the World Bank, and G-20.
BuckleySandler hosted a webinar entitled “FinCEN’s Proposed Rule Amending Customer Due Diligence Obligations,” on September 18, 2014, as part of the ongoing FinCrimes Webinar Series. Panelists included James Cummans, Vice President of BSA/AML Operations at TCF Bank; Jacqueline Seeman, Managing Director and Global Head of KYC at Citigroup, Inc.; Sarah K. Runge, Director, Office of Strategic Policy at the U.S. Department of Treasury; and, Amy Davine Kim, Counsel at BuckleySandler LLP. The following is a summary of the guided conversation moderated by Jamie Parkinson, partner at BuckleySandler, and key take-aways to prepare for comments to the proposed rule and implementation of the new rule, once final, at your financial institution.
Key Tips and Take-Aways:
- Assess and prepare your organization’s financial and personnel resources to make sure that the appropriate resources are in place to comply with the proposed rule once it is finalized. Certain technical aspects of implementation may be complicated depending on the financial institutions’ existing processes.
- Boards of Directors should participate in and be informed of the process.
- Institutions that are exempt from the rule, including money services businesses (“MSBs”), should also consider how this rule would affect their operations. FinCEN has announced that this is an incremental rule making, meaning the rule could extend to additional entities in the future.
- Covered financial institutions should consider the implications and compliance issues associated with the proposed rule and actively engage in the comment period. It is clear that FinCEN took certain industry concerns into account from the earlier Advance Notice of Proposed Rulemaking (“ANPRM”), so any potential issues should again be raised.