Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FinCEN fines trust company $1.5 million for BSA violations

    Financial Crimes

    On April 26, FinCEN announced its first enforcement action against a trust company, in which it assessed a $1.5 million civil money penalty against a South Dakota-chartered trust company for willful violations of the Bank Secrecy Act (BSA) and its implementing regulations. According to the consent order, the trust company admitted that it willfully failed to timely and accurately report hundreds of transactions to FinCEN involving suspicious activity by its customers, including transactions with connections to a trade-based money-laundering scheme and several securities fraud schemes. The agency cited the trust company’s “severely underdeveloped” process for identifying and reporting potentially suspicious activity as part of “an overall failure to build a culture of compliance.”

    According to FinCEN acting Director Himamauli Das, the trust company “had virtually no process to identify and report suspicious transactions, resulting in it processing over $4 billion in international wires with essentially no controls.” FinCEN said that the trust company should have realized that a large volume of activity from high-risk customers played a role in the closure of numerous correspondent accounts it maintained at other financial institutions, and pointed out that the trust company only began closing accounts flagged during an audit after several forced closures of its own accounts by other financial institutions and after receiving law enforcement inquiries about the accounts referred by the audit. However, at the time, the trust company made no effort to file suspicious activity reports (SARs), FinCEN found, claiming that the trust company processed hundreds of suspicious transactions worth tens of millions of dollars for risky customers that, among other things, appeared to operate in unrelated business sectors. FinCEN added that “personnel with [anti-money laundering (AML)] responsibilities have acknowledged not fully understanding federal SAR filing requirements and that they may have missed important information about some of their riskiest clients as the result of maintaining other, non-AML responsibilities.”

    The consent order requires the trust company to hire an independent consultant to review its AML program and transactions from all referenced accounts, as well as any other accounts the trust company maintained for customer referrals, and conduct a SAR lookback review. The trust company is also required to implement recommendations made by the independent consultant and file SARs for any flagged covered transactions. FinCEN recognized the close collaboration and assistance provided by the DOJ and the FBI on this matter.

    Financial Crimes Of Interest to Non-US Persons FinCEN Enforcement Bank Secrecy Act DOJ FBI SARs

  • OFAC sanctions Russian military technology procurement network

    Financial Crimes

    On October 19, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 14024 against a Russian military technology procurement network for allegedly procuring military and sensitive dual-use technologies from U.S. manufacturers and supplying them to Russian end-users. The individual and his two companies are designated as part of a joint action with the DOJ and FBI and highlights the U.S. government’s on-going “efforts to hinder Russia’s ability to wage its war of aggression in Ukraine, including by holding accountable those who support Russia’s military by disrupting its illicit defense and technology procurement networks around the world.” The action builds upon an October 14 alert issued by OFAC and the Department of Commerce’s Bureau of Industry and Security and the Department of State, which details the impact of international sanctions and export controls (covered by InfoBytes here). The alert followed the convergence of top officials representing ministries of finance and other government agencies from 33 countries who met to discuss the effects of international sanctions and export controls on Russia’s military-industrial complex and critical defense supply chains. 

    As a result of the sanctions, all property and interests in property belonging to the sanctioned persons that are in the U.S. or in the possession or control of U.S. persons are blocked and must be reported to OFAC. Further, “any entities that are owned, directly or indirectly, 50 percent or more in the aggregate by one or more of such persons are also blocked.” U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license.

    The same day, the DOJ (with the support of the Department’s Task Force KleptoCapture) unsealed indictments against nearly a dozen individuals and several entities, including the sanctioned Russian national and his two companies, accused of scheming to export military technologies to Russia.

    Financial Crimes Federal Issues Of Interest to Non-US Persons OFAC Department of Treasury OFAC Sanctions OFAC Designations SDN List DOJ Russia Ukraine Ukraine Invasion FBI Department of Commerce

  • OFAC sanctions Iranians for attempting to influence 2020 U.S. presidential election

    Financial Crimes

    On November 18, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13848 against six Iranian individuals and one Iranian entity for allegedly attempting to influence the 2020 U.S. presidential election. According to OFAC, “state-sponsored Iranian cyber actors executed an online operation to intimidate and influence American voters, and to undermine voter confidence and sow discord” by obtaining or attempting to obtain U.S. voter information, sending threatening and intimidating emails to voters, crafting and disseminating “disinformation pertaining to the election and election security,” and illicitly accessing “content management accounts of several online U.S. media entities, which resulted in their ability to edit and create fraudulent content.” As a result, all property and interests in property of the sanctioned persons subject to U.S. jurisdiction are blocked, as well as any entities owned 50 percent or more by such persons. U.S. persons are also generally prohibited from entering into transactions with the sanctioned persons. Additionally, OFAC warned that “financial institutions and other persons that engage in certain transactions or activities with the sanctioned entity and individuals may expose themselves to sanctions or be subject to an enforcement action.”

    The sanctions are part of a collective effort with the U.S. Department of State and the FBI. Concurrent with the designations, the DOJ unsealed an indictment against two of the sanctioned individuals. The DOJ charged the Iranian nationals with (i) conspiracy to commit computer fraud and abuse, voter intimidation, and transmission of interstate threats, (ii) voter intimidation, and (iii) transmission of interstate threats. One of the individuals was additionally charged with unauthorized computer intrusion and computer fraud. 

    Financial Crimes Of Interest to Non-US Persons OFAC Department of Treasury OFAC Sanctions OFAC Designations Iran DOJ Indictment Department of State FBI SDN List

  • FBI warns of increased mobile banking cyber threats

    Federal Issues

    On June 10, the Federal Bureau of Investigation issued a Public Service Announcement (PSA) cautioning mobile banking application users to remain vigilant of cyber activity. Specifically, the PSA indicated, with a more than 50 percent increase in mobile web application usage since the start of the year, that cyber actors may attempt to steal login credentials through the introduction of trojans embedded in other software and the deployment of fake banking applications, designed to trick consumers into entering their credentials. The PSA provides three recommendations for all mobile banking application users and organization: (i) use strong passwords (at least eight characters); (ii) use multifactor authentication and not share multifactor PINs; and (iii) contact the financial institution if a banking application appears suspicious. Finally, the PSA reminds consumers that financial institutions will not ask for login credentials over the phone.

    Federal Issues Privacy/Cyber Risk & Data Security Covid-19 Mobile Banking FBI

  • Agency officials urge Congress to create central repository to combat money laundering

    Federal Issues

    On May 21, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Combating Illicit Financing By Anonymous Shell Companies Through the Collection of Beneficial Ownership Information.” The Committee heard from the same panel of witnesses who testified in November on the need for modernization of the Bank Secrecy Act/Anti-Money Laundering regime. (Covered by InfoBytes here.) Committee Chairman Mike Crapo opened the hearing by stressing the need to discuss ways in which beneficial ownership information collected in an effort to deter money laundering and terrorist financing through anonymous shell companies can be made more useful. Panelists from the Financial Crimes Enforcement Network, the FBI, and Office of the Comptroller of the Currency all emphasized the importance of creating a regime in which beneficial ownership is collected at the corporate formation stage and, for foreign entities, upon the time of registration with U.S. states to conduct business or upon establishing an account with a U.S. financial institution.

    Federal Issues Senate Banking Committee FinCEN Beneficial Ownership Financial Crimes Department of Treasury OCC FBI Of Interest to Non-US Persons Anti-Money Laundering Combating the Financing of Terrorism CDD Rule Hearing

  • NASAA to Convene Roundtable on Cybersecurity Developments

    Privacy, Cyber Risk & Data Security

    On May 31, the North American Securities Administrators Association (NASAA) announced it will hold a cybersecurity roundtable for industry experts to discuss latest developments as well as strategies for investment advisers and broker-dealers to protect personal client information. In addition to convening representatives from state securities agencies and the financial services industry, roundtable discussions will also feature representatives from the FBI, Treasury, and the SEC. The event will take place June 23 from 9 a.m. to 3:30 p.m. in Washington, DC. Registration information can be accessed here.

    Privacy/Cyber Risk & Data Security Securities FBI Department of Treasury SEC

  • FBI Issues PSA on Social Engineering Scams

    Privacy, Cyber Risk & Data Security

    On May 4, the FBI’s Internet Crime Complaint Center released a public service announcement (I-050417-PSA) citing losses to U.S. businesses of nearly $1.6 billion due to social engineering wire transfer and other payment scams between October 2013 and December 2016, with approximately one fifth of the losses coming in the last seven months of 2016. The FBI defines the crime as Business E-mail Compromise (BEC), a sophisticated scam targeting businesses that regularly perform wire transfer payments and/or work with foreign suppliers, and often specifically involves E-mail Account Compromise (EAC) of individuals that perform wire transfer payments. Victims range from small businesses to large corporations and deal in a wide variety of goods and services. According to the FBI, the five main BEC/EAC scam scenarios are: (i) a business working with a longstanding or trusted foreign supplier, where a perpetrator may impersonate the supplier and seek a change in payment instructions by e-mail, phone or fax; (ii) a high-level business executive whose e-mail account is compromised receiving or initiating a request for a wire transfer; (iii) a third party business contact receiving fraudulent correspondence, such as requests for invoice payment, through a compromised email account; (iv) impersonation of a business executive or attorney; and (v) data theft. The FBI also cites 2016 trends including a 480 percent increase in complaints filed by title companies targeted by scammers as part of a real estate transaction, a 50 percent increase in complaints filed by businesses working with dedicated foreign suppliers, and a large increase in W-2 and PII phishing occurring during the 2016 tax season.

    Privacy/Cyber Risk & Data Security FBI

Upcoming Events