InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
$368 million penalty assessed against California branch for BSA/AML deficiencies
On February 7, the OCC and DOJ announced settlements with a Netherlands-based lender’s California branch, in which the branch pled guilty to one count of conspiracy to defraud the U.S. Government for impeding and obstructing a 2012 OCC examination when it concealed deficiencies in its Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs. According to the DOJ’s press release, the branch will pay over $368 million as a result of allowing “hundreds of millions of dollars in untraceable cash, sourced from Mexico and elsewhere, to be deposited into its rural bank branches” without conducting adequate BSA/AML review, and for conspiring with several former executives to hide information from OCC officials during the 2012 examination. Among other things, the plea agreement states that the branch “created and implemented a number of policies and procedures that prevented adequate investigations into suspicious customer activity,” which included (i) creating a “Verified List” of customers whose transactions needed no further review even if there was a change in the customer’s activity from when it was verified; and (ii) instructing BSA/AML staff to “aggressively increase the number of bank accounts on the Verified List.” Further, the branch admitted it failed to both monitor and conduct adequate investigations into these transactions and submit suspicious activity reports to the Financial Crimes Enforcement Network, as required by the BSA. Additionally, in an effort to conceal deficiencies in its BSA/AML program, the branch demoted or terminated two employees who risked “contradicting” the branch’s findings. Two months before the branch's guilty plea, a former executive entered into a deferred prosecution agreement for his role in the misconduct, and agreed to cooperate with the DOJ's continuing investigation.
As part of the plea agreement, the OCC announced it had terminated a December 2013 consent order entered into with the branch over its BSA/AML failures and stated, “the OCC has determined that the bank has implemented all of the corrective actions required by the 2013 consent order and has achieved compliance with the requirements set forth in that order.” On February 6, the branch agreed to pay $50 million civil money penalty to the OCC, which will be credited towards the overall amount assessed by the DOJ.
Senate Banking Committee: The impact of cryptocurrency in AML/BSA enforcement
On January 17, the Senate Committee on Banking, Housing, and Urban Affairs held a second hearing with witnesses from the Treasury and Justice departments to further address the need to modernize and reform the Bank Secrecy Act and anti-money laundering (BSA/AML) regime. The hearing, entitled “Combating Money Laundering and Other Forms of Illicit Finance: Administration Perspectives on Reforming and Strengthening BSA Enforcement,” follows a January 9 hearing before the same Committee on related issues (see previous InfoBytes coverage here). Committee Chairman Mike Crapo, R-Idaho, opened the hearing by stating the need to understand the government’s position on “strengthening enforcement and protecting the integrity of the U.S. financial system in a new technological era,” while also recognizing the challenges technology creates for law enforcement. A primary topic of interest to the Committee was “the rise of cryptocurrencies and their potential to facilitate sanctions evasion and perhaps, other crimes.”
The first witness, Treasury’s undersecretary for terrorism and financial crimes, Sigal Mandelker (testimony), noted that money laundering related to cryptocurrencies is “an area of high focus” for Treasury, and highlighted actions taken by Treasury’s Financial Crimes Enforcement Network (FinCEN), such as the release of guidance announcing that “virtual currency exchangers and administrators” are subject to regulations under the BSA. Regulated entities, Mandelker stated, are required to file suspicious activity reports (SARs) and are subject to FinCEN and IRS examinations and enforcement actions. Mandelker further commented that Treasury is “aggressively tackling” illicit financing entering the U.S. system and elsewhere, and stressed that other countries face consequences if they fail to have an AML/Combating the Financing of Terrorism regime that meets Treasury standards.
The second witness, DOJ acting deputy assistant attorney general M. Kendall Day (testimony), informed the Committee of the recent hiring of a digital currency counsel who is responsible for ensuring prosecutors are up-to-date on the latest money-laundering threats in the digital currency field. Day also commented on recent DOJ prosecutions in this space, and emphasized the need for enhanced information sharing for law enforcement, including the benefit of deriving information from SARs.
FinCEN updates Bank Secrecy Act FAQs
Recently, the Financial Crimes Enforcement Network (FinCEN) updated its “Answers to Frequently Asked Bank Secrecy Act (BSA) Questions.” The December update provided the following, among other things: (i) “depository institutions are not required to file a Designation of Exempt Person form . . . with respect to the transfer of currency to or from any of the 12 Federal Reserve Banks” (in accordance with amended 31 CFR 1020.315); (ii) guidelines for filing the Designation of Exempt Person form; and (iii) guidance concerning the types of identifying information financial institutions should obtain when a federal, state or local government official engages in a transaction over a certain amount in an official capacity. FinCEN stated that “the answers are not meant to be comprehensive, apply to all factual situations, or to replace or supersede the BSA regulations.”
FinCEN Launches New Exchange to Enhance Information Sharing
On December 4, the Financial Crimes Enforcement Network (FinCEN) announced the release of the “FinCEN Exchange” program, which establishes regular briefings between FinCEN, law enforcement, and financial institutions to share high-priority information regarding potential national security threats and illicit financial transactions. Although private sector participation in the program is voluntary, FinCEN encourages involvement because the briefings may help financial institutions better identify risks and incorporate appropriate information into Suspicious Activity Reports (SARs). In addition, FinCen’s receipt of information will support its efforts to combat financial crimes, including money laundering.
The CDD Rule became effective on July 11, 2016, and member firms must comply by May 11, 2018. FINRA advises members firms to consult the CDD Rule, along with FinCEN's related FAQs, to ensure AML program compliance.
FinCEN Issues $8 Million Penalty to California Club Card for Willful Violation of Anti-Money Laundering Controls
On November 17, the Financial Crimes Enforcement Network (FinCEN) announced that it had assessed an $8 million civil money penalty against a California card club company for “willfully violating” the Bank Secrecy Act (BSA) from 2009 to 2017. According to FinCEN, the company failed to establish and maintain an operational anti-money laundering program and failed to detect and timely report many suspicious transactions. FinCEN asserts that during the eight-year period, the company failed to file any Suspicious Activity Reports regarding loan sharking and other criminal activities being conducted through the company that were the subject of a 2011 state and federal law enforcement raid. Additionally, the company allegedly failed to implement sufficient internal controls to monitor risks associated with gaming practices that allowed customers to co-mingle and pool bets with anonymity.
The penalty assessment does not reflect consent by the company, and the company may elect to contest the penalty by not paying within the allotted time period.
FINRA Provides Additional Guidance on AML Obligations
On November 21, the Financial Industry Regulatory Authority (FINRA) published additional guidance regarding member firms’ obligations under FINRA Rule 3310, which requires adoption of an anti-money laundering (AML) program. The guidance provided in Regulatory Notice 17-40 follows the Financial Crime Enforcement Network’s (FinCEN) 2016 adoption of a final rule on customer due diligence requirements for financial institutions (CDD Rule). Under the CDD Rule, member firms must now comply with a “fifth pillar,” which requires them to “identify and verify the identity of the beneficial owners of all legal entity customers” at the time when a new account is opened, subject to certain exclusions and exemptions. Additionally, the “fifth pillar” requires member firms to understand the nature and purpose of customer relationships, conduct ongoing monitoring to report suspicious activities and transactions, and maintain and update customer information “on a risk basis.”
The “fifth pillar” supplements the previously established Bank Secrecy Act AML program requirements, coined the “four pillars,” which require member firms to (i) establish policies and procedures to “achieve compliance”; (ii) conduct independent compliance testing; (iii) designate responsible individuals to implement and monitor AML compliance; and (iv) provide ongoing training.
The CDD Rule became effective on July 11, 2016, and member firms must comply by May 11, 2018. FINRA advises members firms to consult the CDD Rule, along with FinCEN's related FAQs, to ensure AML program compliance.
SEC Reaches $3.5 Million Settlement With Broker-Dealer Over Failure to File Suspicious Activity Reports
On November 13, the SEC announced it has reached a settlement in an administrative proceeding against a broker-dealer firm for allegedly willful violations of Section 17(a) of the Securities and Exchange Act, including the firm’s failure to file, or timely file, at least 50 Suspicious Activity Reports (SARs) with the Financial Crime Enforcement Network (FinCEN) from approximately March 2012 through June 2013. As the SEC Order notes, Bank Secrecy Act regulations require a broker-dealer to file a SAR if it knows, suspects or has reason to suspect that a transaction of a certain minimum or aggregated amount involved funds derived from illegal activity or if the transaction was conducted to disguise funds derived from illegal activities. Other factors requiring a broker-dealer to file a SAR include the absence of any business or apparent lawful purpose for the transaction or if the transaction is to facilitate criminal activity.
When deciding whether to accept the firm’s settlement offer, the SEC considered voluntary remedial efforts undertaken by the firm, including the fact that the firm retained a third-party anti-money laundering (AML) compliance company to conduct a review of some of the firm’s SAR investigations. Under the terms of the settlement, the firm voluntarily agreed to, among other things, conduct a review of its AML policies and procedures for the identification, evaluation and reporting of suspicious activity related to firm accounts; and provide additional training to staff responsible for conducting investigations and filing SARs. Additionally, the firm was assessed a civil money penalty of $3.5 million.
FinCEN Announces Final Rule Restricting North Korea’s Access to U.S. Financial System; Issues Advisory Regarding North Korean Strategies
On November 2, the Financial Crimes Enforcement Network (FinCEN) issued a final rule (Rule) under Section 311 of the USA PATRIOT ACT, which prohibits U.S. financial institutions from processing transactions for foreign correspondent accounts involving a Chinese bank (Bank) that was suspected of facilitating illicit North Korean financial activity and laundering funds to finance North Korea’s nuclear and ballistic missile programs. U.S. financial institutions are also instructed to apply enhanced due diligence to foreign correspondent accounts to prevent them from being used to process transactions involving the Bank. The Rule is effective 30 days after its publication in the Federal Register.
In tandem with the issuance of the Rule, FinCEN issued an advisory (FIN-2017-A008) to warn U.S. financial institutions about strategies used by North Korean enterprises as a means to gain access to international financial systems, including (i) the use of a network of global financial representatives; (ii) trade-based payment schemes; (iii) front and shell companies; (iv) surge activity cycles; and (v) financial institutions that operate in areas bordering North Korea. The advisory’s regulatory guidance is designed to assist financial institutions in identifying and reporting suspicious activity by North Korea and its financial institutions. The guidance follows a September 26 announcement by the Treasury Department’s Office of Foreign Assets Control that imposed additional sanctions on North Korean banks and individuals connected to global North Korean financial networks. (See previous InfoBytes coverage here.)
FinCEN Assesses Penalties Against Texas Bank for AML Violations
On November 1, the Financial Crimes Enforcement Network (FinCEN) announced that it had assessed a $2 million civil money penalty against a Texas bank for “willfully violating” the Bank Secrecy Act (BSA). According to FinCEN, the bank failed to comply with the specific due diligence requirements for correspondent banking relationships as required by section 312 of the USA PATRIOT ACT. In particular, FinCEN found that the bank failed to ask appropriate due diligence questions in connection with the foreign bank account relationship and did not verify the accuracy of responses to questions it did pose. FinCEN further found that the bank did not appropriately establish specific customer risk profiles and assign proper risk ratings, resulting in a failure to identify, review, and escalate potential anti-money laundering (AML) violations.
In 2015, the bank previously resolved alleged BSA/AML deficiencies identified by the OCC and agreed to pay a $1 million civil money penalty. The bank’s payment of the $1 million OCC penalty is credited to the FinCEN penalty. FinCEN also acknowledged the considerable resources the bank invested in its BSA compliance operations and customer due diligence processes.
FinCEN Warns of Fraudulent Disaster Relief Schemes
On October 31, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions to warn of the potential for fraudulent activity related to recent disaster relief efforts. The advisory cautions financial institutions to pay particularly close attention to benefits fraud, charities fraud, and cyber-related fraud. Accordingly, it lists several red flags to assist in spotting these fraudulent schemes, including, among others:
- The cashing or depositing of multiple emergency assistance checks by the same individual;
- The payee organization having a name similar to, but not identical to, a well-known or reputable charity; or
- The use of money transfer services to receive donations.
The advisory also reminds financial institutions to file a Suspicious Activity Report (SAR) if there is reason to believe any fraudulent activity may be taking place.
Find more InfoBytes disaster relief coverage here.