Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On February 14, the FDIC released its 2018 Annual Report, which includes, among other things, the audited financial statements of the Deposit Insurance Fund and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund. The report also provides an overview of key FDIC initiatives, performance results, and other aspects of FDIC operations, supervision developments, and regulatory enforcement. Highlights of the report include: (i) the FDIC’s efforts to adopt and issue proposed rules on key regulations under the Economic Growth, Regulatory Relief and Consumer Protection Act (EGRRCPA); (ii) efforts to strengthen cybersecurity oversight and help financial institutions mitigate cyber risk; (iii) supervision focus on Bank Secrecy Act/Anti-Money Laundering compliance; and (iv) financial institution letters providing regulatory relief to institutions affected by natural disasters. The report also highlights the FDIC’s monitoring of financial technology developments through its various research groups and committees to better understand how technological efforts may affect the financial market. Lastly, the report covers the agency’s efforts to encourage de novo bank applications, including the December 2018 request for information soliciting comments on the deposit insurance applications process (covered by InfoBytes here).
On January 22, the Financial Industry Regulatory Authority (FINRA) issued new guidance on areas member firms should consider when seeking to improve their compliance, supervisory, and risk management programs. The 2019 FINRA Risk Monitoring and Examination Priorities Letter (2019 Priorities Letter) examines both new priorities as well as areas of ongoing concern, including the adequacy of firms’ cybersecurity programs. FINRA notes, however, that the 2019 Priorities Letter does not repeat topics previously addressed in prior letters, and advises member firms that it will continue to review ongoing obligations for compliance. Topics FINRA plans to focus on in the coming year include:
- Firms’ use of regulatory technology to help compliance efforts become “more efficient, effective, and risk-based.” FINRA will work with firms to understand risks and concerns related to supervision and governance systems, third party vendor management, and safeguarding customer data;
- Supervision of digital assets, including coordinating with the SEC to review how firms determine whether a given digital asset is a security and whether firms are implementing adequate controls and supervisions related to digital assets, such as complying with anti-money laundering and Bank Secrecy Act rules and regulations;
- Assessment of firms’ compliance with FinCEN’s Customer Due Diligence rule, which requires firms to identify beneficial owners of legal entity customers (as previously covered by InfoBytes here); and
- Financial risks, including credit risks, funding and liquidity planning.
On January 11, the Georgia Department of Banking and Finance (Department) announced the issuance of a Final Order taken against a Florida-based money transmitter and two of its officers for allegedly failing to, among other things, timely file suspicious activity reports (SARs) or conduct required background checks on covered employees. Following a hearing, the Department issued the Final Order on January 9 to revoke the company’s money transmitter license and order the officers to cease and desist. According to the Order, the officers’ failure to timely file SARs related to four cancelled money transmission transactions violated Georgia’s Rules and Regulations 80-3-1-.03(3), which obligate money transmitters to “comply with the recordkeeping requirements, currency transaction reporting, and suspicious activity reporting set forth in the Bank Secrecy Act.” Moreover, the Department further asserted that the officers materially misrepresented why the filings were delayed, and therefore deemed the officers “incompetent or untrustworthy to engage in the money transmission business.”
On January 8, the Federal Reserve Board announced an enforcement action against a Texas bank for alleged weaknesses in its anti-money laundering risk management and compliance programs, including failure to comply with applicable rules and regulations, such as the Bank Secrecy Act. Under the terms of the order, the bank is required to (i) develop and implement a written plan to strengthen the board of directors’ oversight of Bank Secrecy Act/anti-money laundering (BSA/AML) compliance; (ii) submit an enhanced written compliance program that complies with BSA/AML requirements; (iii) ensure the bank provides effective training for all personnel related to BSA/AML compliance responsibilities; (iv) submit an enhanced, written customer due diligence plan; (v) submit a program to ensure compliant, timely, and accurate suspicious activity monitoring and reporting; (vi) retain an independent third party to ensure the effectiveness of the bank’s transaction monitoring system; and (vii) submit a written plan for independent testing of the bank’s compliance with all applicable BSA/AML requirements. A civil money penalty was not assessed against the bank.
On December 26, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), fining a broker-dealer $10 million for failing to establish and enforce an anti-money laundering (AML) program that complies with Bank Secrecy Act and implementing regulation requirements. According to FINRA, alleged failures in the firm’s automated AML surveillance system allowed transactions from countries with “high money laundering risk” to flow through the financial system from January 2011 through at least April 2016. Furthermore, the firm allegedly failed to (i) devote sufficient resources to reviewing suspicious transactions; (ii) adequately monitor customers’ penny stock trades and deposits for suspicious activities; and (iii) adequately monitor and conduct risk-based reviews of correspondent accounts of certain foreign financial institutions.
The firm neither admitted nor denied the findings set forth in the AWC agreement, but agreed to address identified deficiencies in its programs. FINRA further noted that the firm “has taken extraordinary steps and devoted substantial resources since 2013 to expand and enhance its AML policies and procedures.”
On December 20, the U.S. Treasury Department issued the National Strategy for Combating Terrorist and Other Illicit Financing (the National Illicit Finance Strategy). Pursuant to Sections 261 and 262 of the Countering America’s Adversaries Through Sanctions Act of 2017 (CAATSA), the National Illicit Finance Strategy describes current U.S. government efforts to combat domestic and international illicit finance threats in the areas of terrorist financing, proliferation financing, and money laundering, and discusses potential risks, priorities and objectives, as well as areas for improvement. The document addresses the strengths of U.S. counter-illicit finance efforts, including the legal and regulatory framework, as well as efforts undertaken to improve the effectiveness of national safeguards currently in place due to changes in technology and emerging threats. Recent efforts include a working group formed earlier in December to explore ways to modernize the Bank Secrecy Act/Anti-Money Laundering regulatory regime and encourage banks and credit unions to explore innovative approaches such as artificial intelligence, digital identity technologies, and internal financial intelligence units to combat money laundering, terrorist financing, and other illicit financial threats when safeguarding the financial system (see previous InfoBytes coverage here).
On December 19, the United States Attorney for the Southern District of New York announced it filed charges against a Kansas-based broker-dealer for allegedly willfully failing to file a suspicious activity report (SAR) in connection with the illegal activities of one of its customers in violation of the Bank Secrecy Act (BSA). According to the announcement, this is the first criminal BSA action ever brought against a U.S. broker-dealer. The allegations are connected to the actions of the broker-dealer’s customer, who was the owner of a Kansas-based payday lending scheme that was ordered to pay a $1.3 billion judgment for making false and misleading representations about loan costs and payments in violation of the FTC Act (previously covered by InfoBytes here). The U.S. Attorney alleges the broker-dealer, among other things, failed to follow its customer identification procedures, disregarded “red flags that were known prior to [the customer] opening the accounts,” and continued to ignore additional red flags that arose over time. Additionally, the U.S. Attorney alleges the broker-dealer failed to monitor transactions using its anti-money laundering (AML) tool, which led to numerous suspicious transactions going undetected and unreported until long after the customer was convicted at trial for his actions in the scheme.
Along with the announcement of the filing, the U.S. Attorney’s Office further stated it had entered into a deferred prosecution agreement with the broker-dealer in which it agreed to accept responsibility for its conduct, pay a $400,000 penalty, and enhance its BSA/AML compliance program.
The SEC also settled with the broker-dealer for the failure to file the SARs. The settlement requires the broker-dealer to hire an independent consultant to review its AML and customer identification program and implement any recommended changes. The independent consultant will monitor for compliance with the recommendations for two years.
On December 4, the Financial Crimes Enforcement Network (FinCEN) issued Notice 2018-1 announcing a further extension of time for certain Report of Foreign Bank and Financial Accounts (FBAR) filings in light of FinCEN’s notice of proposed rulemaking (NPR) published March 10, 2016. (See previous InfoBytes coverage on the 2016 NPR here.) Specifically, one of the proposed amendments seeks to “expand and clarify the exemptions for certain U.S. persons with signature or other authority over foreign financial accounts,” but with no financial interest, as outlined in FinCEN Notice 2017-1 issued December 22, 2017. FinCEN noted that because the proposal has not been finalized, it is extending the filing due date to April 15, 2020 for individuals who previously qualified for a filing due date extension under Notice 2017-1. All other individuals must submit FBAR filings by April 15, 2019.
Agencies encourage financial institutions to explore innovative industry approaches to BSA/AML compliance
On December 3, the Financial Crimes Enforcement Network (FinCEN) released a joint statement along with federal banking agencies—the Federal Reserve Board, FDIC, NCUA, and OCC (together, the “agencies”)—to encourage banks and credit unions to explore innovative approaches such as artificial intelligence, digital identity technologies, and internal financial intelligence units to combat money laundering, terrorist financing, and other illicit financial threats when safeguarding the financial system. According to the agencies, private sector innovation and the adoption of new technologies can enhance the effectiveness and efficiency of Bank Secrecy Act/anti-money laundering (BSA/AML) compliance programs. Moreover, new innovations and technologies can also enhance transaction monitoring systems. Specifically, the agencies urged banks to test innovative programs to explore the use of artificial intelligence. However, the agencies emphasized that while feedback on innovative programs may be provided, the “pilot programs in and of themselves should not subject banks to supervisory criticism even if the pilot programs ultimately prove unsuccessful. Likewise, pilot programs that expose gaps in a BSA/AML compliance program will not necessarily result in supervisory action with respect to that program.” The joint statement further specifies that the agencies will be willing to grant exceptive relief from BSA regulatory requirements to facilitate pilot programs, “provided that banks maintain the overall effectiveness of their BSA/AML compliance programs.” However, banks that maintain effective compliance programs but choose not to innovate will not be penalized or criticized.
According to Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker, “[a]s money launderers and other illicit actors constantly evolve their tactics, we want the compliance community to likewise adapt their efforts to counter these threats,” pointing to the recent use of innovative technologies to identify and report illicit financial activity related to both Iran and North Korea.
As previously covered by InfoBytes, earlier in October the agencies provided guidance on resource sharing between banks and credit unions in order to more efficiently and effectively manage their BSA/AML obligations.
On November 30, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in October. Included among the actions is an order to pay a civil money penalty of $9,600 issued against a Louisiana-based bank for alleged violations of the Flood Disaster Protection Act in connection with alleged failures to obtain flood insurance coverage on loans at or before origination or renewal.
Consent orders were also issued against three separate banks related to alleged weaknesses in their Bank Secrecy Act (BSA) and/or BSA/anti-money laundering (BSA/AML) compliance programs. (See orders here, here, and here.) Among other things, the banks are ordered to: (i) implement comprehensive written BSA/AML compliance programs, which include revising BSA risk assessment policies, developing a system of BSA internal controls, and enhancing suspicious activity monitoring and reporting and customer due diligence procedures; (ii) conduct independent testing; and (iii) implement effective BSA training programs. The FDIC further requires the Florida and New Jersey-based banks to conduct suspicious activity reporting look-back reviews.
In addition, a Kentucky-based bank was ordered to pay a civil money of $300,000 for allegedly violating TILA by “failing to clearly and conspicuously disclose required information related to the [b]ank’s Elastic line of credit product” and Section 5 of the FTC ACT by “using a processing order for certain deposit account transactions contrary to the processing orders disclosed in the [b]ank’s deposit account disclosures.”
There are no administrative hearings scheduled for December 2018. The FDIC database containing all 17 enforcement decisions and orders may be accessed here.
- Daniel P. Stipano to discuss "Dynamic customer due diligence and beneficial ownership from KYC to ongoing CDD and the new rule implementation" at the Puerto Rican Symposium of Anti-Money Laundering
- Michelle L. Rogers to discuss "Preparing for servicing exams in the current regulatory environment" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Jon David D. Langlois to discuss "Regulatory risks of convenience fees" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- APPROVED Webcast: NMLS Annual Conference & Ombudsman Meeting: Review and recap
- Brandy A. Hood to discuss "Keeping your head above water in flood insurance compliance" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Melissa Klimkiewicz to discuss "Servicing super session" at the Mortgage Bankers Association National Mortgage Servicing Conference & Expo
- Jessica L. Pollet to discuss "Law & compliance speedsmarts" at the American Financial Services Association Law & Compliance Symposium
- Daniel P. Stipano to discuss "Lessons learned from recent high profile enforcement actions" at the Florida International Bankers Association AML Compliance Conference
- Moorari K. Shah to provide "Regulatory update – California and beyond" at the National Equipment Finance Association Summit
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Spring Regulatory Compliance School
- Aaron C. Mahler to discuss "Regulation B/fair lending" at the National Association of Federally-Insured Credit Unions Spring Regulatory Compliance School
- Heidi M. Bauer to discuss "'So you want to form a joint venture' — Licensing strategies for successful JVs" at RESPRO26
- Jonice Gray Tucker to to discuss "DC policy: Everything but the kitchen sink" at CBA Live
- Jonice Gray Tucker to discuss "Small business & regulation: How fair lending has evolved & where are we heading?" at CBA Live
- Daniel P. Stipano to discuss "Lessons learned from ABLV and other major cases involving inadequate compliance oversight" at the ACAMS International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "A year in the life of the CDD final rule: A first anniversary assessment" at the ACAMS International AML & Financial Crime Conference
- Moorari K. Shah to discuss "State regulatory and disclosures" at the Equipment Leasing and Finance Association Legal Forum
- Hank Asbill to discuss "Creative character evidence in criminal and civil trials" at the Litigation Counsel of America Spring Conference & Celebration of Fellows
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program