On February 20, in remarks to the Florida International Bankers Association Anti-Money Laundering Conference, FinCEN Director Jennifer Shasky Calvery reviewed FinCEN’s key initiatives over the past year and outlined priorities going forward. She discussed FinCEN’s efforts with regard to virtual currency risks and stated that it is important for financial institutions that deal in virtual currency to put effective AML/CFT controls in place. She noted that it is also important for all stakeholders to keep virtual currency concerns in perspective given the relatively small size of the market. FinCEN is growing increasingly concerned with third party money launderers who layer transactions, create or use shell or shelf corporations, use political influence to facilitate financial activity, or engage in other schemes to infiltrate financial institutions and circumvent AML controls. FinCEN intends to pursue such actors regardless of where they are located. Director Shasky Calvery also reiterated concerns about securities firms that offer services similar to banks, and promised continued focus on threats posed by trade-based money laundering. With regard to its policy initiatives, FinCEN intends to engage stakeholders in a discussion of “balancing the policy motivations behind data privacy and secrecy laws in different jurisdictions with the need for an appropriate level of transparency to combat money laundering and terrorist financing.” The Director noted that this issue is particularly critical in the area of correspondent banking.
Comptroller Curry Addresses Senior Management’s AML Compliance Responsibilities, Criticizes “De-Risking”
On March 17, Comptroller of the Currency Thomas Curry reaffirmed his agency’s views with regard to BSA/AML compliance and the responsibilities of senior bank managers and boards of directors. Mr. Curry asserted that BSA infractions “can almost always be traced back to decisions and actions of the institution’s Board and senior management” and that the deficiencies underlying those infractions tend to involve failures in four areas: (i) the culture of compliance at the organization; (ii) the resources committed to BSA compliance; (iii) the strength of information technology and monitoring process; and (iv) the quality of risk management. Mr. Curry reported a recent positive trend, particularly at OCC-regulated large banks, which have increased spending and added BSA/AML compliance staff. He stated that such actions are one aspect of banks’ efforts to align “good compliance practices and the bank’s system of compensation and incentives.” The Comptroller criticized a separate trend of “de-risking”, in which banks avoid or end relationships with types of businesses deemed too risky. He warned that any business can be used for illicit purposes and “de-risking” is not a shortcut to circumvent a bank’s obligation to evaluate risk on an individual basis. He encouraged banks not to avoid high-risk businesses, but rather to apply stronger risk management and controls as necessary.
On February 20, FinCEN finalized a rule that will require Fannie Mae, Freddie Mac, and the Federal Home Loan Banks (the GSEs) to develop AML programs and to file SARs directly with FinCEN. Under the current system, the GSEs file fraud reports with the FHFA, which then files SARs with FinCEN when warranted under FinCEN’s reporting standards. The new regulations are substantially similar to the version proposed in November 2011, and are intended to streamline the reporting process and provide more timely access to data about potential fraud. The AML provisions of the new regulations implement the BSA’s four minimum requirements: (i) the development of internal policies, procedures, and controls; (ii) the designation of a compliance officer; (iii) an ongoing employee training program; and (iv) an independent audit function to test programs. The SAR regulation requires reporting of suspicious activity in accordance with standards and procedures contained in all of FinCEN’s SAR regulations. In addition, under the streamlined system, the GSEs and their directors, officers, and employees will qualify for the BSA’s “safe harbor” provisions, which are intended to encourage covered institutions to report suspicious activities without fear of liability. The final rule does not require the GSEs to comply with any other BSA reporting or recordkeeping regulations, such as currency transaction reporting. The rule takes effect 60 days after publication in the Federal Register and the GSEs will have 180 days from publication to comply.
On February 14, FinCEN issued guidance to clarify BSA expectations for financial institutions seeking to provide services to marijuana-related businesses in states that have legalized certain marijuana-related activity. The guidance was issued in coordination with the DOJ, which provided updated guidance to all U.S. Attorneys. The FinCEN guidance reiterates the general principle that the decision to open, close, or refuse any particular account or relationship should be made by each financial institution based on its particular business objectives, an evaluation of the risks associated with offering a particular product or service, its ability to conduct thorough customer due diligence, and its capacity to manage those risks effectively. The guidance details the necessary elements of a customer due diligence program, including consideration of whether a marijuana-related business implicates one of the priorities in the DOJ memorandum or violates state law. FinCEN notes that the obligation to file a SAR is unaffected by any state law that legalizes marijuana-related activity and restates the SAR triggers. The guidance identifies the types of SARs applicable to marijuana-related businesses and describes the conditions under which each type should be filed.
On January 30, in remarks to SIFMA’s AML and Financial Crimes Conference, FinCEN Director Jennifer Shasky Calvery stressed the importance of establishing a “culture of compliance” at financial institutions to support effective AML safeguards. The Director’s comments reinforce similar remarks made in recent months by both the Deputy U.S. Attorney General and Comptroller Curry. And like Comptroller Curry, Ms. Shasky Calvery highlighted the need for better information sharing not only within institutions but between institutions. FinCEN agrees with industry feedback that the agency needs to improve its own ability to share information. Also part of a broader theme among enforcement authorities, the Director explained that financial institutions should take responsibility when their actions violate the BSA, not only by admitting to the facts alleged by FinCEN but also by acknowledging a violation of the law. She highlighted specific risks in the securities sector including those related to the use of cash, and explained that securities firms that provide bank-like services need to consider the vulnerabilities associated with engaging in such services and must ensure that their compliance programs are commensurate with those risks.
On January 27, during a speech to certified AML compliance specialists, the U.S. Attorney for the Southern District of New York, Preet Bharara, stressed BSA/AML enforcement as a top priority for his office. Mr. Bharara focused on three issues: (i) the importance of holding institutions accountable for misconduct; (ii) the need for law enforcement to stay ahead of rapidly changing markets and technologies; and (iii) organizational changes within his office to bring the needed resources to bear. With regard to enforcement against institutions, the U.S. Attorney rebutted arguments that prosecutors should focus on individuals and described the full spectrum of tools available to hold institutions accountable—ranging from pursuing criminal prosecutions to seeking monetary fines and restitution through civil actions. He stressed the need to employ the full range of tools against institutions, especially in the AML context where many of the anti-money laundering laws and BSA provisions are specifically directed at institutions. The U.S. Attorney also announced that his office’s Criminal Division’s Asset Forfeiture Unit will be renamed the Money Laundering and Asset Forfeiture Unit to reflect his office’s commitment to dedicate more physical and human resources to addressing money laundering crimes and BSA violations.
On January 27, the U.S. Attorney for the Southern District of New York announced the unsealing of criminal charges against an underground Bitcoin exchanger and the CEO of a Bitcoin exchange company registered as a money services business for allegedly engaging in a scheme to sell over $1 million in Bitcoins to users of “Silk Road,” the website that is said to have enabled its users to buy and sell illegal drugs anonymously and beyond the reach of law enforcement. Each defendant is charged with conspiring to commit money laundering and operating an unlicensed money transmitting business. The CEO of the exchange company is also charged with willfully failing to file any suspicious activity report regarding the exchanger’s illegal transactions, in violation of the Bank Secrecy Act. The U.S. Attorney stated that the charges demonstrate his office’s intention and ability to “aggressively pursue those who would coopt new forms of currency for illicit purposes.” The complaint alleges that over a nearly two-year period, the exchanger ran an underground Bitcoin exchange on the Silk Road website, selling Bitcoins to users seeking to buy illegal drugs on the site. Upon receiving orders for Bitcoins from Silk Road users, he allegedly filled the orders through a company based in New York, which was designed to charge customers for exchanging cash for Bitcoins anonymously. The exchanger allegedly obtained Bitcoins with the company’s assistance, and then sold the Bitcoins to Silk Road users at a markup. The exchange company CEO, who was also its Compliance Officer, allegedly was aware that Silk Road was a drug-trafficking website, and also knew that the exchanger was operating a Bitcoin exchange service for Silk Road users. The government alleges that the CEO knowingly facilitated the exchanger’s business, personally processed orders, gave discounts on high-volume transactions, and failed to file a single suspicious activity report.
On January 7, the U.S. Attorney for the Southern District of New York, the OCC, and FinCEN announced the resolution of criminal and civil BSA/AML violations by a major financial institution in connection with the bank’s relationship with Bernard L. Madoff Investment Securities and Madoff Securities’ Ponzi scheme. The bank entered into a deferred prosecution agreement (DPA) to resolve two felony violations of the Bank Secrecy Act: (i) that the bank failed to enact adequate policies, procedures, and controls to ensure that information about the bank’s clients obtained through other lines of business – or outside the United States – was shared with compliance and AML personnel; and (ii) that the bank violated the BSA by failing to file a Suspicious Activity Report on Madoff Securities in October 2008. According to the U.S. Attorney, pursuant to the DPA the bank (i) agreed to waive indictment and to the filing of a Criminal Information; (ii) acknowledged responsibility for its conduct by, among other things, stipulating to the accuracy of a detailed Statement of Facts; (iii) agreed to pay a $1.7 billion non-tax deductible penalty in the form of a civil forfeiture (the largest ever financial penalty imposed by the DOJ for BSA violations); and (iv) agreed to various cooperation obligations and to continue reforming its BSA/AML compliance programs and procedures. In a separate action, the OCC levied a $350 million civil money penalty to resolve parallel BSA/AML allegations included in a January 2013 cease and desist order. Finally, the bank consented to a FinCEN assessment pursuant to which it must pay an additional $461 million.
On December 3, FinCEN and the Federal Reserve Board issued a final rule to amend the definitions of “funds transfer” and “transmittal of funds” under regulations implementing the Bank Secrecy Act. The agencies finalized the rule as proposed. The changes are intended to maintain the scope of the definitions following recent related amendments to the Electronic Fund Transfer Act, so as to avoid certain currently covered transactions being excluded from BSA requirements. The changes take effect January 3, 2014.
On November 18, at an American Bar Association/American Bankers Association conference on the Bank Secrecy Act/Anti-Money Laundering (BSA/AML), Deputy Attorney General (Deputy AG) James Cole challenged financial institutions’ compliance efforts and outlined the DOJ’s financial crimes enforcement approach. Noting that compliance within financial institutions is of particular concern to the DOJ, based in part on recent cases of “serious criminal conduct by bank employees,” the nation’s second highest ranking law enforcement official detailed DOJ’s approach to investigating and deciding in what manner to pursue potential violations. The Deputy AG included among his examples of serious misconduct recent BSA/AML, RMBS, mortgage False Claims Act, and LIBOR cases. He explained that the DOJ is particularly concerned about incentives that encourage excessive risk taking, and stated that “too many bank employees and supervisors value coming as close to the line as possible, or even crossing the line, as being ‘competitive’ or ‘aggressive.’” Read more…
On November 17, the Comptroller of the Currency, Thomas Curry, delivered remarks at the American Bar Association/American Bankers Association BSA/AML conference in which he identified common BSA/AML compliance risks and failures, and identified steps industry participants and regulators should take to improve compliance. The Comptroller explained that successful BSA/AML compliance is dependent not only on “the strength of the institution’s technology and monitoring processes, and the effectiveness of its risk management,” but also on strong corporate governance processes and management’s willingness to commit adequate resources. Comptroller Curry called on banks to commit sufficient resources and take a “holistic approach” toward BSA/AML compliance, for example, by dispersing accountability throughout the organization instead of concentrating compliance in a single unit. Noting that this is particularly important in the M&A context, the Comptroller stated that it is vital that due diligence go beyond a target’s credit portfolio to include a review of the target’s BSA/AML program. In addition to lack of compliance resources, the Comptroller identified as risk trends: (i) poor management of international activities—foreign correspondent banking, cross-border funds transfers, bulk cash repatriation, and embassy banking; (ii) third-party relationships and payment processors; and (iii) emerging payment technologies, including virtual currencies. He stressed the importance of information sharing among institutions and between institutions and their regulators, and called for (i) legislation that would encourage the filing of SARs by strengthening the statutory safe harbor from civil liability for filing financial institutions, (ii) broadening the Patriot Act safe harbor for institutions that share information with each other about potential crimes and suspicious transactions, and (iii) exploring ways government can provide more robust and granular information about money laundering schemes and typologies to institutions in a more timely way.
This week, two Senate Committees—Homeland Security and Governmental Affairs and Banking, Housing and Urban Affairs—held hearings to hear from regulators and other stakeholders about how virtual currencies fit within the existing regulatory framework, and to assess whether there is a need to alter that framework in response to potential risks presented by emerging virtual currency technologies. The hearings followed an inquiry initiated by Senate Homeland Security leaders over the summer. Senators who participated in the hearings did not indicate any desire to move quickly to establish new federal regulations to address potential risks presented by innovation in virtual currencies. Rather, the lawmakers generally expressed a desire not to inhibit continued innovation, while supporting market participants who want to play by the rules and protecting the market from those who do not. In both hearings, FinCEN Director Jennifer Shasky Calvery described her agency’s ability to address the BSA/AML and terrorism financing risks presented by virtual currencies by employing FinCEN’s existing statutory authority and regulatory tools. Similarly, during the Senate Banking hearing, the Conference of State Bank Supervisors expressed confidence in the ability of state regulators to address consumer protection and other risks posed by virtual currencies through the existing state regulatory framework and processes. Still, committee members raised broader questions about the how to define or categorize virtual currencies (e.g. as a currency versus as a security) and the impact of such a classification on a range of other issues including monetary policy and tax administration. The breadth of the issues, which may need to be addressed by a range of government actors, formed the basis of Senate Homeland Security Committee Chairman Tom Carper’s (D-DE) call for a “whole government” approach to virtual currency.
On November 5, the DOJ announced that a New York check cashing company and its owner pleaded guilty to violating the Bank Secrecy Act in connection with more than $19 million in check-cashing transactions by willfully failing to maintain an effective anti-money laundering program. The plea agreement requires the company to forfeit over $3 million and the owner to pay nearly $1 million in restitution for related tax violations; neither party has yet been sentenced. The DOJ alleges that over a two-year period the company cashed checks written on accounts of shell corporations. The shell corporations and the corresponding bank accounts on which the checks were written were established in the names of foreign nationals, many of whom were no longer in the United States. The check cashing company and its owner allegedly failed to obtain any identification documents or information from the individuals presenting the checks, filed false currency transaction reports (CTRs) that stated the checks were cashed by the foreign nationals who set up the shell corporations, and in certain CTRs, failed to indicate the full amount of cash provided to the individuals. Related charges remain pending against additional defendants. These cases are being prosecuted by, among others, the DOJ’s Money Laundering and Bank Integrity Unit, which investigates and prosecutes complex, multi-district and international criminal cases involving financial institutions and individuals who violate the money laundering statutes, the Bank Secrecy Act and other related statutes.
On October 31, the Federal Reserve Board released a BSA/AML enforcement action against a Pakistani bank and its New York branch. The Written Agreement addresses examiners’ findings of alleged compliance and risk management deficiencies in the branch’s international remittance services. The agreement requires the bank and branch to, among other things, (i) retain an independent consultant to conduct a compliance review, and (ii) implement enhanced BSA/AML compliance and SAR programs. The agreement also requires interim transaction monitoring procedures and a third-party review of the branch’s international remittance transaction activity over a six-month period.
On October 17, the Federal Reserve Board released a cease and desist order against a foreign bank and its New York branch over alleged BSA/AML compliance failures. After entering into a Written Agreement in June 2012 that required the branch to improve compliance with BSA/AML in connection with the branch’s bulk cash transactions business line, the Federal Reserve Bank of New York conducted an examination to assess the effectiveness of the branch’s BSA/AML compliance program in other business lines. This examination identified an alleged failure of the branch to maintain an adequate risk-based compliance program to mitigate the BSA/AML risks associated with the branch’s foreign correspondent accounts. The order requires the bank and the branch to (i) retain an independent consultant to assess, and prepare a compliance report on, the branch’s compliance with the BSA/AML requirements, (ii) submit an enhanced BSA/AML compliance program, (iii) submit an enhanced customer due diligence program and an enhanced suspicious activity reporting program, and (iv) retain an independent consultant to conduct a suspicious activity review of U.S. dollar transactions cleared over a six month period in 2012. In addition, the bank’s board and the branch management must jointly submit a written management oversight plan.