InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Luetkemeyer accuses DOJ of incomplete BSA/AML data
On February 1, Representative Blaine Luetkemeyer (R-MO) sent a letter to Attorney General Merrick Garland asking for an explanation as to why the DOJ has not complied with a provision in the 2021 National Defense Authorization Act (2021 NDAA), which requires the Department to report metrics on its use of Bank Secrecy Act (BSA) data to the Treasury Department. According to Luetkemeyer, section 6201 of the 2021 NDAA requires the DOJ to also report “on the use of data derived from financial institutions reporting under the [BSA]” in order to increase transparency on the usefulness of BSA data filed with FinCEN from financial institutions and ensure bad actors are not using the U.S. financial system to fund illicit activities.
Specifically, the DOJ is required by the 2021 NDAA to examine how often the reported data contains actionable information, the number of legal entities and individuals identified within the reported data, and information on investigations resulting from the reported data that are conducted by state and federal authorities, the letter said. Citing a Government Accountability Office report (which found that the DOJ’s report failed to “include new statistics on the use and impact of BSA reports, including the summary statistics required under the act”), Luetkemeyer claimed the lack of transparency “begs the question if the burdensome reporting is worthwhile” and prevents “FinCEN and Congress from determining the effectiveness of the U.S. anti-money laundering regime.” Luetkemeyer asked the DOJ for an explanation as to why it failed to provide the required information.
OFAC sanctions evasion network supporting Russia’s military-industrial complex
On February 1, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced it is imposing “full blocking sanctions against 22 individuals and entities across multiple countries related to a sanctions evasion network supporting Russia’s military-industrial complex.” The sanctions, taken pursuant to Executive Order 14024, are part of the United States’ strategy to target sanctions evasion efforts around the globe, shut down key backfilling channels, expose facilitators and enablers, and limit Russia’s access to revenue to fund its war against Ukraine. “Targeting proxies is one of many steps that Treasury and our coalition of partners have taken, and continue to take, to tighten sanctions enforcement against Russia’s defense sector, its benefactors, and its supporters,” Deputy Secretary of the Treasury Wally Adeyemo said. The sanctions are part of Treasury’s ongoing commitment to the Russian Elites, Proxies, and Oligarchs Task Force, which identifies, freezes, and seizes assets of sanctioned Russians around the world, and leverages information sharing between international partners as well as key data from the Financial Crimes Enforcement Network.
As a result of the sanctions, all property and interests in property belonging to the sanctioned persons that are in the U.S. or in the possession or control of U.S. persons are blocked and must be reported to OFAC. Further, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” U.S. persons are prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons, unless exempt or authorized by a general or specific OFAC license. Prohibitions “include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.”
Senators exploring bank’s dealings with collapsed crypto exchange
On January 30, Senators Elizabeth Warren (D-MA), John Kennedy (R-LA), and Roger Marshall (R-KS) sent a follow-up letter to a California-based bank asking for additional responses to questions related to the bank’s relationship with several cryptocurrency firms founded by the CEO of a now-collapsed crypto exchange. As previously covered by InfoBytes, the senators pressed the CEO for an explanation for why the bank failed to monitor for and report suspicious transactions to the Financial Crimes Enforcement Network, and asked for information about how deposits it was holding on behalf of the collapsed exchange and related firm were being handled. The senators stressed that the bank has a legal responsibility under the Bank Secrecy Act to maintain an effective anti-money laundering program that may have flagged suspicious activity.
In the letter, the senators accused the bank of evading their previous questions in its December response, writing that while the bank’s answers confirm the extent of its failure to monitor and report suspicious financial activity, it failed “to provide key information needed by Congress to understand why and how these failures occurred.” The bank’s “repeated reference to ‘confidential supervisory information’” as a justification for its refusal to provide the requested information “is simply not an acceptable rationale,” the senators said. They also noted that the bank’s recent advance from the Federal Home Loan Bank of San Francisco—intended “to ‘stave off a further run on deposits’”—has introduced additional crypto market risks into the traditional banking system, especially should the bank fail. The bank was asked to explain how it plans to use the $4.3 billion it received.
The senators further commented that additional findings have revealed that neither the Federal Reserve nor the bank’s independent auditors were able to identify the “extraordinary gaps” in the bank’s due diligence process. The senators asked the bank to provide responses to questions related to its risk management policies, as well as how many safety and soundness exams were conducted, and whether any of the bank’s executives were “held accountable” for the failures related to the collapsed exchange, among other things.
FinCEN discusses digital identity threats
On January 25, FinCEN's acting Deputy Director, Jimmy Kirby, spoke before the Identity Policy Forum regarding digital identity threats, stating that FinCEN is “pragmatically focused” on protecting the U.S. financial system from illicit finance threats. According to Kirby, financial institutions must establish with confidence who their customers are on the front end and throughout the customer relationship. He noted that a failure or security compromise in any step of that process compromises the integrity of customer identity. Kirby also pointed out that security breaches have led to data hacks of centralized repositories of identity-related information, exposing personally identifiable information, and making those data sources less reliable, and that identity-related suspicious activity reports are increasing. Observing such threats, Kirby said that FinCEN designed the Identity Project to achieve three goals, to: (i) learn about financial institutions’ customer identification processes; (ii) quantify process breakdowns, vulnerabilities, and threats; and (iii) identify solutions, including digital identity. Kirby also discussed responsible innovation and emphasized the need to “foster development of infrastructure, information sharing, and standards that will safeguard the future of identity and the financial system.” Regarding expanding partnerships and feedback loops, Kirby said that the public sector must learn from each other, and that FinCEN is “also engaging with other domestic Federal agencies and regulators on digital identity, at FedID and throughout the year.”
FinCEN alert covers potential CRE investments by sanctioned Russians
On January 25, the Financial Crimes Enforcement Network (FinCEN) issued an alert to financial institutions on potential investments in the U.S. commercial real estate sector by sanctioned Russian elites, oligarchs, their family members, and the entities through which they act. The alert provides a list of possible red flags and typologies regarding attempted sanctions evasion in the commercial real estate sector and emphasizes financial institutions’ Bank Secrecy Act reporting obligations. The alert noted that banks frequently work with market participants who seek financing for commercial real estate projects, and that banks have customer due diligence obligations to verify the beneficial owners of legal entity customers. Specifically, the alert noted that “banks therefore may be in a position to identify and report suspicious activities associated with sanctioned Russian elites and their proxies including [politically exposed persons], among banks’ [commercial real estate]-related customers.” According to FinCEN, the recent alert builds on FinCEN’s March 2022 alert identifying real estate, luxury goods, and other high value assets involving sanctioned Russian and elites, and is the fourth alert issued by FinCEN on potential Russian illicit financial activity since Russia’s invasion of Ukraine in February 2022 (covered by InfoBytes here).
FinCEN prohibits engagement with virtual currency exchange connected to Russian finance
On January 18, the Financial Crimes Enforcement Network (FinCEN) issued its first order pursuant to section 9714(a) of the Combating Russian Money Laundering Act to identify a Hong Kong-registered global virtual currency exchange operating outside of the U.S. as a “primary money laundering concern” in connection with Russian illicit finance. FinCEN announced that the virtual currency exchange offers exchange and peer-to-peer services and “plays a critical role in laundering Convertible Virtual Currency (CVC) by facilitating illicit transactions for ransomware actors operating in Russia.” A FinCEN investigation revealed that the virtual currency exchange facilitated deposits and funds transfers to Russia-affiliated ransomware groups or affiliates, as well as transactions with Russia-connected darknet markets, one of which is currently sanctioned and subject to enforcement actions that have shuttered its operations. The investigation also found that the virtual currency exchange failed to meaningfully implement steps to identify and disrupt the illicit use and abuse of its services, and lacked adequate policies, procedures, or internal controls to combat money laundering and illicit finance.
Recognizing that the virtual currency exchange “poses a global threat by allowing Russian cybercriminals and ransomware actors to launder the proceeds of their theft,” FinCEN acting Director Himamauli Das emphasized that “[a]s criminals and criminal facilitators evolve, so too does our ability to disrupt these networks.” He warned that FinCEN will continue to leverage the full range of its authorities to prohibit these institutions from gaining access to and using the U.S. financial system to support Russian illicit finance. Effective February 1, covered financial institutions are prohibited from engaging in the transmittal of funds from or to the virtual currency exchange, or from or to any account or CVC address administered by or on behalf of the virtual currency exchange. Frequently asked questions on the action are available here.
Concurrently, the DOJ announced that the founder and majority owner of the virtual currency exchange was arrested for his alleged involvement in the transmission of illicit funds. Charged with conducting an unlicensed money transmitting business and processing more than $700 million of illicit funds, the DOJ said the individual allegedly “knowingly allowed [the virtual currency exchange] to become a perceived safe haven for funds used for and resulting from a variety of criminal activities,” and was aware that the virtual currency exchange’s accounts “were rife with illicit activity and that many of its users were registered under others’ identities.” While the virtual currency exchange claimed it did not accept users from the U.S., it allegedly conducted substantial business with U.S.-based customers and advised users that they could transfer funds from U.S. financial institutions.
Deputy Secretary of the Treasury Wally Adeyemo issued a statement following the announcement, noting that the action “is a unique step that has only been taken a handful of times in Treasury’s history for some of the most egregious money laundering cases, and is the first of its kind specifically under new authorities to combat Russian illicit finance.” He reiterated that the action “sends a clear message that we are prepared to take action against any financial institution—including virtual asset service providers—with lax controls against money laundering, terrorist financing, or other illicit finance.”
FinCEN offers suspicious activity reporting guidance for human smuggling along U.S.- Mexico border
On January 13, the Financial Crimes Enforcement Network (FinCEN) issued an alert advising financial institutions on how to detect and report suspicious financial activity that may be related to human smuggling along the southwest border of the United States. Highlighting that human smuggling is one of the eight Anti-Money Laundering and Countering the Financing of Terrorism National Priorities identified by FinCEN, the agency pointed out that human smuggling along the southwest border generates an estimated $2 billion to $6 billion in yearly revenue for illicit actors. The alert, which builds on FinCEN’s 2020 and 2014 human smuggling and human trafficking advisories (covered by InfoBytes here and here), provides trends, typologies, and red flag indicators to help financial institutions better identify and file suspicious activity reports potentially related to such activity. “Financial institutions need to know that their vigilance and prompt Bank Secrecy Act reporting matters—it aids investigations tied to human smuggling and transnational organized crime, and can ultimately save lives,” FinCEN Acting Director Himamauli Das said in the announcement.
FinCEN solicits feedback on beneficial ownership reporting requirements
On January 17, the Financial Crimes Enforcement Network (FinCEN) published two notices and requests for comment in the Federal Register related to the reporting process the agency intends to use to collect beneficial ownership data pursuant to the Beneficial Ownership Information Reporting Requirements final rule (published last September and covered by InfoBytes here). Under the final rule, most corporations, limited liability companies, and other entities created in or registered to do business in the U.S. will be required to report information about their beneficial owners to FinCEN. The first notice and request for comments invites interested parties to provide feedback on the application that will be used to collect information from individuals who seek to obtain an optional FinCEN identifier. The second notice and request for comments requests feedback on a report that certain entities will be required to file with FinCEN. The electronically filed report will identify the reporting entity’s beneficial owners, and—in certain cases—the individual who “directly filed the document with specified governmental authorities that created the entity or registered it to do business, as well as the individual who was primarily responsible for directing or controlling such filing, if more than one individual was involved in the filing of the document.” Comments on both notices are due by March 20.
FinCEN data reveals Russian oligarchs’ financial activity
On December 22, the Financial Crimes Enforcement Network (FinCEN) issued a Financial Trend Analysis on the financial activity of Russian oligarchs. In the analysis, FinCEN examined Bank Secrecy Act (BSA) reports from March 2022 to October 2022 involving Russian oligarchs, high-ranking officials, and sanctioned individuals. FinCEN identified 454 reports detailing suspicious activity and reported that some of the trends in the data by Russian oligarchs included: (i) the movement of funds around the start of the invasion of Ukraine in February 2022; (ii) the purchase of high-value goods or property in 2022; and (iii) based on the movement of funds from accounts in Russia to other countries, an indication of potential changes in longstanding oligarch-linked financial flows related to U.S. properties and companies. FinCEN noted that 78 percent of the 454 BSA reports were filed by U.S.-based depository institutions. Other types of financial institutions—such as holding companies or financial technology companies—submitted roughly 19 percent of reports, mainly on suspicious electronic funds transfers or wire transfers and suspicions concerning the source of funds.
FinCEN issues proposed beneficial ownership information access and safeguards rulemaking
On December 15, FinCEN issued a notice of proposed rulemaking (NPRM) to implement provisions of the Corporate Transparency Act (CTA) that govern the access to and protection of beneficial ownership information. (See also FinCEN fact sheet here.) The NPRM follows a final rule issued by FinCEN at the end of September (effective January 1, 2024), which establishes a beneficial ownership information reporting requirement (Reporting Rule) and requires most corporations, limited liability companies, and other entities created in or registered to do business in the U.S. to report information about their beneficial owners to FinCEN. (Covered by InfoBytes here.)
In accordance with CTA requirements related to beneficial ownership information access and safeguard provisions, FinCEN’s NPRM proposes regulations for establishing who may request beneficial ownership information, how the information must be secured, and non-compliance penalties. Specifically, the proposal would limit the disclosure of beneficial information to “[f]ederal agencies engaged in national security, intelligence, or law enforcement activities; state, local, and Tribal law enforcement agencies with court authorization; financial institutions with customer due diligence requirements and regulators supervising them for compliance with such requirements; foreign law enforcement agencies, prosecutors, judges, and other agencies that meet specific criteria; and Treasury officers and employees under certain circumstances.” The proposal would also require authorized recipients to maintain security and confidentiality protocols that align with the scope of access and use provisions.
Among other things, the NPRM addresses aspects of the secure, non-public beneficial ownership database that is currently in development, and specifies when and how reporting companies may report FinCEN identifiers tied to entities. Under the proposal, foreign requesters would be required to make their requests for beneficial ownership information through intermediary federal agencies, and financial institutions would only be allowed to request this information from FinCEN for purposes of complying with customer due diligence (CDD) requirements and only after receiving consent from the reporting company to which the information pertains.
Comments on the NPRM are due by February 14, 2023. FinCEN explained that this is the second of three rulemakings planned to implement the CTA. The third rulemaking, which will revise FinCEN’s CDD rule, will occur no later than one year after the effective date of the Reporting Rule.