FinCEN Issues Guidance on Sharing Suspicious Activity Reports with U.S. Parents and Affiliates of Casinos

On January 4, the Financial Crimes Enforcement Network (FinCEN) issued guidance to “confirm that, under the Bank Secrecy Act (BSA) and its implementing regulations, a casino that has filed a Suspicious Activity Report (SAR) may share the SAR, or any information that would reveal the existence of the SAR, with each office or other place of business located within the United States of either the casino itself or a parent or affiliate of the casino.” As explained in the guidance, FinCEN expects that the anti-money laundering efforts of the casino’s affiliates could be enhanced by virtue of their access to a clearer and more comprehensive picture of the activities the casino has identified as suspicious. The guidance also specified that casinos may not share SARs or information that would reveal the existence of a SAR with non-U.S. offices or affiliates, individuals or entities within the casino’s corporate famile that perform functions unrelated to gaming, a financial institution without an independent SAR obligation, or unaffialited money services businesses located within the casino. Finally, the guidance specified that a domestic affiliate that receives a SAR or revealing information from a casino may not further share that SAR with an affiliate of its own.

LinkedInFacebookTwitterGoogle+Share

FinCEN Penalizes New York Credit Union for Failure to Manage High-Risk International Financial Activity

On December 14, the Financial Crimes Enforcement Network (FinCEN) announced that it had assessed a $500,000 civil money penalty against a federally-chartered, low-income designated, community development credit union, for “significant violations” of anti-money laundering regulations. According to FinCEN, the credit union had historically maintained an AML program designed to address risks stemming from its designated field of membership in New York, NY. However, in 2011, the credit union began providing banking services to many wholesale, commercial money services business, some of which were located in high risk jurisdictions or engaged in high risk activities, without taking steps to update its AML program. As a result, the credit union was unable to detect and report suspicious activity and was left particularly vulnerable to money laundering.

LinkedInFacebookTwitterGoogle+Share

FinCEN Issues Advisory and Supplemental FAQs on Cyber-Events and Cyber-Enabled Crime

On October 25, FinCEN issued advisory bulletin FIN-2016-A005 reminding financial institutions of their Bank Secrecy Act (BSA) obligations to report certain cyber-events and cyber-enabled crime. The advisory highlights the importance of (i) reporting cyber-events and cyber-enabled crime through Suspicious Activity Reports (SARs); (ii) including cyber-related information such as IP addresses with timestamps, virtual-wallet information, device identifiers, and cyber-event information, in SAR reporting; (iii) collaborating with BSA/AML, cybersecurity, and other in-house units to facilitate “a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime”; and (iv) sharing cyber-related information – including specific malware signatures, IP addresses and device identifiers, and virtual currency addresses that seem anonymous – amongst financial institutions for the “purpose of identifying and, where appropriate, reporting money laundering or terrorist activities.” Importantly, the advisory distinguishes between mandatory SAR reporting of cyber-events, providing three specific examples, and voluntary reporting of cyber-events. Per the advisory, “[c]yber-events targeting financial institutions that could affect a transaction or series of transactions would be reportable as suspicious transactions because they are unauthorized, relevant to a possible violation of law or regulation, and regularly involve efforts to acquire funds through illegal activities.”

FinCEN simultaneously issued FAQs to supplement advisory bulletin FIN-2016-A005. The FAQs, which supersede 2001 FAQs regarding computer intrusion, provide answers to a set of nine questions. The FAQs address, among other things, (i) when cyber-related SAR reports should be filed; (ii) the type of information that should be included in cyber-related SARs; and (iii) cyber-event and cyber-enabled crime information sharing, pursuant to Section 314(b) of the USA PATRIOT Act, between financial institutions.

LinkedInFacebookTwitterGoogle+Share

FinCEN Assesses Civil Money Penalty Against Nevada-Based Casino for AML/BSA Violations

On October 3, FinCEN assessed a $12 million civil money penalty against a Nevada-based casino for willfully violating the anti-money laundering (AML) provisions of the Bank Secrecy Act (BSA). Pursuant to the Statement of Facts, from March 2009 through September 28, 2015, the casino allegedly failed to (i) develop and implement an effective AML program reasonably designed to ensure compliance with the BSA; (ii) exercise due diligence in its monitoring of suspicious activity; and (iii) maintain sufficient AML compliance controls, procedures, training, and audits, which resulted in multiple filing and recordkeeping control violations. As part of the FinCEN’s Assessment and the Non-Prosecution Agreement filed by the U.S. Attorney’s Officers, the casino must (i) perform a series of required Remedial Measures to ensure compliance going forward; and (ii) conduct a look-back review to ensure that suspicious transactions and attempted transactions were appropriately reported for transactions that occurred between 2010 and 2013.

LinkedInFacebookTwitterGoogle+Share

FinCEN Acting Director Comments on Recent Casino Actions and Culture of Compliance

On October 3, FinCEN Acting Director Jamal El-Hindi issued a statement regarding anti-money laundering and countering the financing of terrorism compliance. According to Acting Director El-Hindi, two recent actions against casinos represent failure to (i) adequately train staff at every level in the organization; and (ii) properly file – or file at all – Suspicious Activity Reports and Currency Transaction Reports. Still, Acting Director El-Hindi acknowledged that casinos in general have improved their AML compliance efforts. Acting Director El-Hindi stated that FinCEN will continue to work with casinos on their compliance efforts, and cautioned that “[a] good compliance culture is one where doing the right thing is rewarded, and where ‘looking the other way’ has consequences.”

LinkedInFacebookTwitterGoogle+Share