FinCEN Issues Advisory and Supplemental FAQs on Cyber-Events and Cyber-Enabled Crime

On October 25, FinCEN issued advisory bulletin FIN-2016-A005 reminding financial institutions of their Bank Secrecy Act (BSA) obligations to report certain cyber-events and cyber-enabled crime. The advisory highlights the importance of (i) reporting cyber-events and cyber-enabled crime through Suspicious Activity Reports (SARs); (ii) including cyber-related information such as IP addresses with timestamps, virtual-wallet information, device identifiers, and cyber-event information, in SAR reporting; (iii) collaborating with BSA/AML, cybersecurity, and other in-house units to facilitate “a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime”; and (iv) sharing cyber-related information – including specific malware signatures, IP addresses and device identifiers, and virtual currency addresses that seem anonymous – amongst financial institutions for the “purpose of identifying and, where appropriate, reporting money laundering or terrorist activities.” Importantly, the advisory distinguishes between mandatory SAR reporting of cyber-events, providing three specific examples, and voluntary reporting of cyber-events. Per the advisory, “[c]yber-events targeting financial institutions that could affect a transaction or series of transactions would be reportable as suspicious transactions because they are unauthorized, relevant to a possible violation of law or regulation, and regularly involve efforts to acquire funds through illegal activities.”

FinCEN simultaneously issued FAQs to supplement advisory bulletin FIN-2016-A005. The FAQs, which supersede 2001 FAQs regarding computer intrusion, provide answers to a set of nine questions. The FAQs address, among other things, (i) when cyber-related SAR reports should be filed; (ii) the type of information that should be included in cyber-related SARs; and (iii) cyber-event and cyber-enabled crime information sharing, pursuant to Section 314(b) of the USA PATRIOT Act, between financial institutions.


FinCEN Assesses Civil Money Penalty Against Nevada-Based Casino for AML/BSA Violations

On October 3, FinCEN assessed a $12 million civil money penalty against a Nevada-based casino for willfully violating the anti-money laundering (AML) provisions of the Bank Secrecy Act (BSA). Pursuant to the Statement of Facts, from March 2009 through September 28, 2015, the casino allegedly failed to (i) develop and implement an effective AML program reasonably designed to ensure compliance with the BSA; (ii) exercise due diligence in its monitoring of suspicious activity; and (iii) maintain sufficient AML compliance controls, procedures, training, and audits, which resulted in multiple filing and recordkeeping control violations. As part of the FinCEN’s Assessment and the Non-Prosecution Agreement filed by the U.S. Attorney’s Officers, the casino must (i) perform a series of required Remedial Measures to ensure compliance going forward; and (ii) conduct a look-back review to ensure that suspicious transactions and attempted transactions were appropriately reported for transactions that occurred between 2010 and 2013.


FinCEN Acting Director Comments on Recent Casino Actions and Culture of Compliance

On October 3, FinCEN Acting Director Jamal El-Hindi issued a statement regarding anti-money laundering and countering the financing of terrorism compliance. According to Acting Director El-Hindi, two recent actions against casinos represent failure to (i) adequately train staff at every level in the organization; and (ii) properly file – or file at all – Suspicious Activity Reports and Currency Transaction Reports. Still, Acting Director El-Hindi acknowledged that casinos in general have improved their AML compliance efforts. Acting Director El-Hindi stated that FinCEN will continue to work with casinos on their compliance efforts, and cautioned that “[a] good compliance culture is one where doing the right thing is rewarded, and where ‘looking the other way’ has consequences.”


Special Alert: OCC to Issue Guidance on “De-Risking” in Foreign Correspondent Banking Relationships

On September 28, 2016 OCC Comptroller Thomas J. Curry announced during a speech at the Association of Certified Anti-Money Laundering Specialists (ACAMS) conference that the OCC is developing guidance around “de-risking” in foreign correspondent banking relationships. Following the joint fact sheet published by the federal banking agencies and the Department of Treasury, Comptroller Curry said that it will issue “guidance that reiterates our risk management expectations for banks to establish and follow policies and procedures for regularly conducting risk evaluations of their foreign correspondent portfolios.” The guidance will describe “best practices” that the OCC has observed that banks can use when “re-evaluating their risks and making decisions about retaining or terminating foreign correspondent accounts.”

Click here to view the full Special Alert

* * *

Questions regarding the matters discussed in this Alert may be directed to any of our lawyers listed below, or to any other BuckleySandler attorney with whom you have consulted in the past.


DOJ Teams Up With OFAC to Bring Enforcement against Chinese Front Company

On September 26, the DOJ announced charges against a Chinese trading company and its executives for conspiracy to violate the International Emergency Economic Powers Act (IEEPA), and to defraud the United States; as well as for conspiracy to launder monetary instruments through U.S. financial institutions. The criminal complaint alleges that the company served as a third-party payer, using an illicit network of front companies, financial facilitators, and trade representatives to purchase sugar and fertilizer for a banking entity based in North Korea that OFAC had designated as a Specially Designated National (SDN) in 2009. The civil forfeiture complaint seeks forfeiture of funds spread out across 25 different bank accounts located in China and connected to the affairs of the company. In addition, OFAC imposed sanctions on the company, which is located near the North Korean border and openly worked with the SDN banking entity after 2009.