InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FinCEN hosts exchange on environmental crimes and related financial activity
On November 16, the Financial Crimes Enforcement Network (FinCEN) held a virtual “FinCEN Exchange” with representatives from financial institutions, other key industry stakeholders, and federal government agencies to discuss identifying and combating illicit financial flows related to environmental crimes and related money laundering. As previously covered by InfoBytes, FinCEN released the “FinCEN Exchange” program in 2017, which established regular briefings between FinCEN, law enforcement, and financial institutions to share high-priority information regarding potential national security threats and illicit financial transactions. Topics discussed at the recent FinCEN Exchange included, among other things: (i) illicit financial flows related to wildlife trafficking; (ii) illegal logging, fishing, and mining; (iii) waste and hazardous substances trafficking; and (vi) potential solutions for better understanding the associated illicit flows. According to FinCEN, the agency “is focusing on environmental crimes because of an upward trend in these activities and their related financial flows; their strong association with two of FinCEN’s national anti-money laundering and countering the financing of terrorism (AML/CFT) priorities, specifically corruption and transnational criminal organizations; and their contribution to the climate and biodiversity crises.”
FinCEN final rule updates reporting and recordkeeping requirements
On November 15, the Financial Crimes Enforcement Network (FinCEN) published a final rule in the Federal Register, which updates regulation 31 CFR 1010.370 to mirror statutory amendments to Section 5326 of the Bank Security Act (BSA). Specifically, Section 5326 has been amended three times (in 1992, 2001, and 2017) to expand the authority of the Secretary of the Department of the Treasury. The final rule updates the regulation to reflect the subsequent statutory amendments by, among other things, updating the authority of FinCEN to issue orders imposing additional reporting and recordkeeping requirements on financial institutions and nonfinancial trades or businesses in a geographic area. The final rule also notes that since the amendments promulgated by the rule conform the regulation to the statute and reflect no discretionary or substantive determination, no public comment was solicited; therefore, the final rule is effective immediately.
FinCEN hosts exchange on SAR reporting
On November 9, the Financial Crimes Enforcement Network (FinCEN) held a virtual “FinCEN Exchange” with members of the financial industry and law enforcement “to discuss FinCEN’s analysis of suspicious activity reporting (SAR) with a transactional nexus to Alabama, Florida, Georgia, Mississippi, and South Carolina.” As previously covered by InfoBytes, SAR Stats—formerly called By the Numbers—is an annual compilation of numerical data gathered from SARs filed by financial institutions using FinCEN’s new unified SAR form and e-filing process. According to FinCEN, analysis of certain Bank Secrecy Act filing statistics for SARs and an analysis of SAR filings related to recent FinCEN advisories were among the topics discussed. FinCEN also noted that this FinCEN Exchange “supports one of FinCEN’s highest priorities—to strengthen public-private partnerships to identify and mitigate threats in order to safeguard our national security and protect communities and citizens from harm.”
Treasury and DOJ announce sanctions and charges in ransomware attacks, FinCEN updates ransomware guidance
On November 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13694 as amended against two ransomware operators and a virtual currency exchange network. According to OFAC, the virtual currency exchange, and its associated support network, are being designated for allegedly facilitating financial transactions for ransomware actors. OFAC is also designating two individuals allegedly associated with perpetuating ransomware incidents against the U.S., and who are part of a cybercriminal group that has engaged in ransomware activities and has received over $200 million in ransom payments. As a result of the sanctions, “all property and interests in property of the designated targets that are subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them” and “any entities 50 percent or more owned by one or more designated persons are also blocked.” According to OFAC, the sanctions are a part of a set of actions focused on disrupting criminal ransomware actors and virtual currency exchanges that launder the proceeds of ransomware, which “advance the Biden Administration’s counter-ransomware efforts to disrupt ransomware infrastructure and actors and address abuse of the virtual currency ecosystem to launder ransom payments.” Additionally, the DOJ announced charges against the sanctioned individuals under OFACs designations, seizing approximately $6.1 million in alleged ransomware payments.
The same day, FinCEN issued an advisory, which updated and replaced its October 1, 2020 Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments (covered by InfoBytes here). The updated advisory is in response to the recent increase in ransomware attacks against critical U.S. infrastructure. The updated advisory also reflects information released by FinCEN in its Financial Trend Analysis Report, which discusses ransomware trends and includes information on current trends and typologies of ransomware and associated payments as well as recent examples of ransomware incidents. Additionally, the updated advisory describes financial red flag indicators of ransomware-related illicit activity to assist financial institutions in identifying and reporting suspicious transactions related to ransomware payments, consistent with obligations under the Bank Secrecy Act.
FinCEN renews GTOs covering 12 metropolitan areas
On October 29, the Financial Crimes Enforcement Network (FinCEN) reissued the renewal of its Geographic Targeting Orders (GTOs). The GTOs require U.S. title insurance companies to identify the natural persons behind shell companies that pay “all cash” (i.e., the transaction does not involve external financing) for residential real estate in the 12 major metropolitan areas covered by the orders. The renewed GTOs are identical to the April 2021 GTOs (covered by InfoBytes here). The purchase amount threshold for the beneficial ownership reporting requirement remains set at $300,000 for residential real estate purchased in the covered areas. The renewed GTOs take effect November 1 and end April 29, 2022, and cover certain counties within the following areas: Boston, Chicago, Dallas-Fort Worth, Honolulu, Las Vegas, Los Angeles, Miami, New York City, San Antonio, San Diego, San Francisco, and Seattle.
FinCEN FAQs regarding GTOs are available here.
FATF updates statements concerning jurisdictions with AML/CFT/CPF deficiencies
On October 26, the Financial Crimes Enforcement Network (FinCEN) announced updates to the Financial Action Task Force (FATF) statements concerning jurisdictions with strategic anti-money laundering, countering the financing of terrorism, and combating weapons of mass destruction proliferation financing (AML/CFT/CPF) deficiencies. Specifically, to ensure compliance with international standards, the FAFT updated the following two statements: (i) Jurisdictions under Increased Monitoring, which identifies jurisdictions with strategic deficiencies in their AML/CFT/CPF regimes that have committed to, or are actively working with, the FATF to address those deficiencies in accordance with an agreed upon timeline and; (ii) High-Risk Jurisdictions Subject to a Call for Action, which identifies jurisdictions with significant strategic deficiencies in their AML/CFT/CPF regimes and instructs FATF members to apply enhanced due diligence, and in the most serious cases, apply counter-measures to protect the international financial system from such risks. Notably, Jordan, Mali, and Turkey have been added to the Jurisdictions under Increased Monitoring, while Botswana and Mauritius have been removed from the list. Among other things, through the announcement, FinCEN further instructed financial institutions to comply with U.S. prohibitions against the opening or maintaining of any correspondent accounts, whether directly or indirectly, for North Korean or Iranian financial institutions, which are already prohibited under existing U.S. sanctions and FinCEN regulations. As previously covered by InfoBytes, FinCEN last announced updates to the FATF statements in July.
FinCEN grants limited relief to casinos
On October 19, the Financial Crimes Enforcement Network (FinCEN) issued a notice that grants limited exceptive relief to casinos from some customer identity verification requirements regarding online gaming. Casinos are not subject to Customer Identification Program (CIP) regulations, which results in casinos not having the ability to rely upon non-documentary verification of a customer’s identity. As previously covered by InfoBytes, in 2020, FinCEN issued an interagency order granting an exemption from the requirements of the CIP rules for insurance premium finance loans extended by banks to all customers. According to the recent notice, a casino can use suitable non-documentary methods to verify online customers’ identification and “[t]he suitability or non-suitability of any particular method should be evaluated based on risk.” The notice also notes that a casino’s anti-money laundering program requires describing when the casino will verify identity by documentary methods, non-documentary methods, or a combination of both. This exceptive relief is effective October 19.
Agencies announce new measures to combat ransomware
On October 15, the U.S. Treasury Department announced additional steps to help the virtual currency industry combat ransomware and prevent exploitation by illicit actors. The guidance builds upon recent “whole-of-government” actions focused on confronting “criminal networks and virtual currency exchanges responsible for laundering ransoms, encouraging improved cyber security across the private sector, and increasing incident and ransomware payment reporting to U.S. government agencies, including both Treasury and law enforcement.” (Covered by InfoBytes here.) The newest industry-specific guidance—part of the Biden administration’s efforts to counter ransomware threats—outlines sanctions compliance best practices tailored to the unique risks associated with this space. According to Treasury, there is a “need for a collaborative approach to counter ransomware attacks, including public-private partnerships and close relationships with international partners.”
The same day, the Financial Crimes Enforcement Network (FinCEN) released new data analyzing ransomware trends in Bank Secrecy Act reporting filed between January 2021 and June 2021. The report follows FinCEN’s government-wide priorities for anti-money laundering and countering the financing of terrorism priorities released in July (covered by InfoBytes here). Issued pursuant to the Anti-Money Laundering Act of 2020, the report flags “ransomware as a particularly acute cybercrime concern,” and states that in the first half of 2021, FinCEN identified $590 million in ransomware-related suspicious activity reports (SARs)—an amount exceeding the entirety of the value report in 2020 ($416 million). If this trends continues, FinCEN warns that ransomware-related SARs submitted in 2021 will have a higher transaction value than similar SARs filed in the previous 10 years combined. FinCEN attributes this uptick in activity to several factors, including an increasing overall prevalence of ransomware-related incidents, improved detection and incident reporting, and an increased awareness of reporting obligations and willingness to report by financial institutions.
In conjunction with the “growing prevalence of virtual currency as a payment method,” Treasury’s Office of Foreign Assets Control (OFAC) issued sanctions compliance guidance for companies in the virtual currency industry, including technology companies, exchangers, administrators, miners, wallet providers, and financial institutions. OFAC warned that “sanctions compliance obligations apply equally to transactions involving virtual currencies and those involving traditional fiat currencies,” and that participants “are responsible for ensuring that they do not engage, directly or indirectly, in transactions prohibited by OFAC sanctions, such as dealings with blocked persons or property, or engaging in prohibited trade- or investment-related transactions.” Among other things, the guidance will assist participants on ways to evaluate risks and build a risk-based sanctions compliance program. OFAC also updated related FAQs 559 and 646.
FINRA advises firms to incorporate FinCEN’s AML/CFT priorities
On October 8, the Financial Industry Regulatory Authority (FINRA) encouraged member firms to consider ways to incorporate recently issued anti-money laundering and countering the financing of terrorism priorities (AML/CFT Priorities) into their risk-based compliance programs. As previously covered by InfoBytes, the Financial Crimes Enforcement Network’s (FinCEN) AML/CFT Priorities—issued pursuant to the Anti-Money Laundering Act of 2020—highlighted key threat trends and provided informational resources to help covered institutions manage their risks and meet their obligations under laws and regulations designed to combat money laundering and counter terrorist financing.
FINRA reminded member firms that FINRA Rule 3310 requires the development and implementation of a written AML program to achieve compliance with the Bank Secrecy Act (BSA). While FinCEN’s issuance of the AML/CFT Priorities “does not trigger an immediate change in the BSA requirements or supervisory expectations for member firms,” FINRA advised member firms to evaluate how they plan to incorporate these priorities into their risk-based AML programs. Among other things, FINRA advised member firms to: (i) review red flags based on potential risks presented by their business activities, size, geographic location, and types of accounts and transactions; and (ii) consider potential technical changes, including those used to monitor and investigate suspicious activity.
OFAC sanctions Mexican nationals
On October 6, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to the Foreign Narcotics Kingpin Designation Act against four individuals who are allegedly senior members of a Mexican-based drug cartel, which is said to be responsible for trafficking deadly drugs into the U.S. As a result of the sanctions, all property and interests in property subject to U.S. jurisdiction that belong to the sanctioned persons must be blocked and reported to OFAC. U.S. persons are also generally prohibited from engaging in any dealings involving the property or interests in property of blocked or designated persons. OFAC further notes that the designations against the individuals were made in collaboration with the Drug Enforcement Administration and Mexico’s Financial Intelligence Unit.