Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Bank to pay $25 million to settle alleged misleading ESG claims

    Securities

    On September 25, the SEC announced two enforcement actions against a subsidiary (respondent) of a German multinational investment bank and financial services company, in which the respondent agreed to pay a total of $25 million in penalties arising from (i) purportedly misleading statements respondent made regarding its Environmental, Social, and Governance (ESG) program; and (ii) its failure to develop a mutual fund Anti-Money Laundering (AML) program. According to the order, respondent allegedly marketed itself to clients and investors as a leader in ESG that adhered to specific policies for integrating ESG considerations into its investments but failed to implement certain provisions of its global ESG integration policy. The order contains a number of statements that respondent made concerning its ESG program that the SEC found to be materially misleading.  For example, respondent allegedly represented through its ESG Policy that its research analysts were required to include financially material and reputation relevant ESG aspects into its valuation models, investment recommendations and research reports and consider material ESG aspects as part of their investment decision, but respondent’s internal analyses allegedly showed that research analysts have inconsistent levels of documented compliance with this requirement.  The SEC determined that respondent’s failure to implement certain policies and procedures violated multiple sections of the Advisers Act, including Section 206(2), “which prohibits an investment adviser, directly or indirectly, from engaging ‘in any transaction, practice, or course of business which operates as a fraud or deceit upon any client or prospective client.’”

    Through the ESG order, respondent has agreed to pay a $19 million civil penalty and to cease and desist from committing any further violations of the violated sections of the Advisors Act. The SEC also charged respondent with a separate Anti-Money Laundering order, for failure to comply with the Bank Secrecy Act and FinCen regulations. Respondent did not admit nor deny the SEC’s claims.

    Securities SEC Enforcement ESG Anti-Money Laundering Bank Secrecy Act FinCEN Settlement

  • OCC releases bank supervision operating plan for FY 2024

    On September 28, the OCC’s Committee on Bank Supervision released its bank supervision operating plan for fiscal year 2024. The plan outlines the agency’s supervision priorities and highlights several supervisory focus areas including: (i) asset and liability management; (ii) credit; (iii) allowances for credit losses; (iv) cybersecurity; (v) operations; (vi) digital ledger technology activities; (vii) change in management; (viii) payments; (ix) Bank Secrecy Act/AML compliance; (x) consumer compliance; (xi) Community Reinvestment Act; (xii) fair lending; and (xiii) climate-related financial risks.

    Two of the top areas of focus are asset and liability management and credit risk. In its operating plan the OCC says that “Examiners should determine whether banks are managing interest rate and liquidity risks through use of effective asset and liability risk management policies and practices, including stress testing across a sufficient range of scenarios, sensitivity analyses of key model assumptions and liquidity sources, and appropriate contingency planning.” With respect to credit risk, the OCC says that “Examiners should evaluate banks’ stress testing of adverse economic scenarios and potential implications to capital” and “focus on concentrations risk management, including for vulnerable commercial real estate and other higher-risk portfolios, risk rating accuracy, portfolios of highest growth, and new products.”

    The plan will be used by OCC staff to guide the development of supervisory strategies for individual national banks, federal savings associations, federal branches and agencies of foreign banking organizations, and certain identified third-party service providers subject to OCC examination.

    The OCC will provide updates about these priorities in its Semiannual Risk Perspective, as InfoBytes has previously covered here.

    Bank Regulatory Federal Issues OCC Supervision Digital Assets Fintech Privacy, Cyber Risk & Data Security UDAP UDAAP Bank Secrecy Act Anti-Money Laundering Climate-Related Financial Risks Fair Lending Third-Party Risk Management Risk Management

  • Fed announces enforcement action against Kansas bank for operational deficiencies

    On September 5, the Fed announced a cease and desist order (the “order”) against a Kansas bank holding company and its subsidiary bank (collectively, the “bank”) for having significant operational deficiencies, including deficiencies related to staffing, internal controls, credit risk management, lending and credit administration, capital, information technology and information security, books and records, regulatory reporting, liquidity and funds management, earnings, interest rate risk management, third-party risk management, and other deficiencies such as compliance with federal laws related to AML/BSA requirements.

    The order directs the bank to, among other things, (i) strengthen board oversight; (ii) engage a third party to conduct an assessment of the bank’s corporate governance and staffing; (iii) improve lending and credit administration policies and procedures; (iv) correct the identified information technology and information security deficiencies; (v) revise its allowance for credit losses methodology to comply with supervisory guidance; (vi) enhance interest rate risk management practices; (vii) improve internal controls; (viii) submit a written plan to maintain sufficient capital; (ix) enhance liquidity risk management; and (x) improve the bank’s earnings and overall condition. The order also directs the Bank to improve its BSA/AML compliance program and internal audit program, and to take all necessary steps to correct all violations of law or regulation and to ensure future compliance.

    Bank Regulatory Federal Issues Enforcement Cease and Desist Bank Secrecy Act Anti-Money Laundering Kansas

  • Senators ask Treasury, White House for answers on North Korea’s crypo-crime funding

    Financial Crimes

    On August 4, Senators Elizabeth Warren (D-MA), Tim Kaine (D-VA), and Chris Van Hollen (D-MD) sent a letter to the White House National Security Advisor and the Treasury Department’s Under Secretary for Terrorism and Financial Intelligence regarding their concerns over North Korea’s use of cyberattacks and cryptocurrency theft to skirt international sanctions and embargos. The letter urges the Treasury to provide details on its plan to stop North Korea from using digital assets to evade sanctions and continue with the development of nuclear weapons and ballistic missiles. The senators noted that a UN report found that in 2016, “North Korea exhibited a ‘clear shift’ to attacking cryptocurrency exchanges for the purposes of ‘generating financial revenue’” that is difficult to trace and subject to less government oversight. The letter highlights the effects of the cyberattacks, including how they have generated about $2 billion, which is then used to fund the North Korean military.  The extent of the cybercrime and cryptocurrency thefts show its use is “key” to the regime’s survival, and notes that the regime has a workforce of thousands of IT workers who operate out of many different countries. The senators asked for a response to their five questions by August 16.

    Financial Crimes Fintech Cryptocurrency Digital Assets Bank Secrecy Act North Korea Department of Treasury

  • FFIEC updates BSA/AML examination manual

    Agency Rule-Making & Guidance

    On August 2, the Federal Financial Institutions Examination Council (FFIEC) updated its Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual, which provides examiners with instructions for assessing a bank or credit union’s BSA/AML compliance program and adherence to BSA regulatory requirements. The revisions include updates to the following sections:

    The FFIEC noted that the “updates should not be interpreted as new instructions or as a new or increased focus on certain areas,” but rather are intended to “provide information and considerations related to certain customers that may indicate the need for bank policies, procedures, and processes to address potential money laundering, terrorist financing, and other illicit financial activity risks.” In addition, the Manual itself does not establish requirements for financial institutions, which are found in applicable statutes and regulations but rather reinforce the agency’s risk-focused approach to BSA/AML examinations.

    Agency Rule-Making & Guidance FDIC Federal Reserve OCC FFIEC NCUA Bank Secrecy Act Financial Crimes Bank Regulatory Anti-Money Laundering

  • OCC releases recent enforcement actions

    On July 20, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Among the enforcement actions is a formal agreement with a California-based bank to update its BSA/AML compliance program. According to the agreement, the OCC identified deficiencies and violations relating to the bank’s compliance with BSA/AML laws and regulations. Among other things, the bank agreed to establish a compliance committee and revise its adherence to appropriate policies and procedures for collecting customer due diligence “when opening new accounts, when renewing or modifying existing accounts for customers, and when the [b]ank obtains event-driven information indicating that it needs to obtain updated customer due diligence information.” The bank also agreed to institute an “enhanced written risk-based program of internal controls and processes” to ensure an appropriate review of BSA/AML suspicious activity.

    Bank Regulatory Federal Issues OCC Enforcement Compliance Bank Secrecy Act Anti-Money Laundering Customer Due Diligence

  • CFTC shuts down illegal trading platform

    Courts

    The U.S. District Court for the Northern District of California recently granted the CFTC’s motion for default judgment in an action accusing a decentralized autonomous organization of violating the Commodity Exchange Act (CEA) by operating an illegal trading platform and unlawfully acting as a futures commission merchant. (See also CFTC press release here.) The CFTC maintained that the organization’s platform and its blockchain-based software “protocol” enables users to engage in retail commodity transactions but does not provide protections or other requirements mandated under the statute. In addition to unlawfully offering leveraged and margined retail commodity transactions outside of a registered exchange, the organization is charged with failing to comply with Bank Secrecy Act obligations applicable to future commission merchants, including implementing a customer information program or conducting know your customer procedures. The default judgment requires the organization to shutter its website and remove its content from the internet, and orders permanent trading and registration bans. The organization also must pay a $643,542 civil money penalty and is enjoined from future violations of the CEA.

    Courts Digital Assets Cryptocurrency CFTC Commodity Exchange Act Blockchain Enforcement Bank Secrecy Act

  • FinCEN highlights use of BSA reporting data

    Financial Crimes

    On April 25, FinCEN released its year-in-review for FY 2022. The annual summary provided insights into the agency’s efforts to support law enforcement and national security agencies, as well as statistics from Bank Secrecy Act (BSA) filings. FinCEN reported that BSA data was used to advance several law enforcement missions, including in 36.3 percent of active complex financial crimes investigations, 27.5 percent of active public corruption investigations, and 20.6 percent of active international terrorism investigations. Additionally, FinCEN noted that in FY 2022 there were over 7,600 Section 314(b)-registered financial institutions. Section 314(b) of the USA PATRIOT Act allows registered entities to share information about financial activity with one another to help entities of all sizes identify and report suspicious activity. FinCEN further reported that 92 percent of domestic law enforcement agencies that query BSA data “find the resulting financial intelligence valuable to the detection and deterrence of illicit activity.”

    Financial Crimes Of Interest to Non-US Persons FinCEN Bank Secrecy Act Enforcement

  • FinCEN fines trust company $1.5 million for BSA violations

    Financial Crimes

    On April 26, FinCEN announced its first enforcement action against a trust company, in which it assessed a $1.5 million civil money penalty against a South Dakota-chartered trust company for willful violations of the Bank Secrecy Act (BSA) and its implementing regulations. According to the consent order, the trust company admitted that it willfully failed to timely and accurately report hundreds of transactions to FinCEN involving suspicious activity by its customers, including transactions with connections to a trade-based money-laundering scheme and several securities fraud schemes. The agency cited the trust company’s “severely underdeveloped” process for identifying and reporting potentially suspicious activity as part of “an overall failure to build a culture of compliance.”

    According to FinCEN acting Director Himamauli Das, the trust company “had virtually no process to identify and report suspicious transactions, resulting in it processing over $4 billion in international wires with essentially no controls.” FinCEN said that the trust company should have realized that a large volume of activity from high-risk customers played a role in the closure of numerous correspondent accounts it maintained at other financial institutions, and pointed out that the trust company only began closing accounts flagged during an audit after several forced closures of its own accounts by other financial institutions and after receiving law enforcement inquiries about the accounts referred by the audit. However, at the time, the trust company made no effort to file suspicious activity reports (SARs), FinCEN found, claiming that the trust company processed hundreds of suspicious transactions worth tens of millions of dollars for risky customers that, among other things, appeared to operate in unrelated business sectors. FinCEN added that “personnel with [anti-money laundering (AML)] responsibilities have acknowledged not fully understanding federal SAR filing requirements and that they may have missed important information about some of their riskiest clients as the result of maintaining other, non-AML responsibilities.”

    The consent order requires the trust company to hire an independent consultant to review its AML program and transactions from all referenced accounts, as well as any other accounts the trust company maintained for customer referrals, and conduct a SAR lookback review. The trust company is also required to implement recommendations made by the independent consultant and file SARs for any flagged covered transactions. FinCEN recognized the close collaboration and assistance provided by the DOJ and the FBI on this matter.

    Financial Crimes Of Interest to Non-US Persons FinCEN Enforcement Bank Secrecy Act DOJ FBI SARs

  • Treasury recommends stronger DeFi supervision

    Financial Crimes

    On April 6, the U.S. Treasury Department published a report on illicit finance risks in the decentralized finance (DeFi) sector, building upon Treasury’s other risk assessments, and continuing the work outlined in Executive Order 14067, Ensuring Responsible Development of Digital Assets (covered by InfoBytes here).

    Written by Treasury’s Office of Terrorist Financing and Financial Crimes, in consultation with numerous federal agencies, the Illicit Finance Risk Assessment of Decentralized Finance is the first report of its kind in the world. The report explained that, while there is no generally accepted definition of DeFi, the term has broadly referred to virtual asset protocols and services that allow for automated peer-to-peer transactions through the use of blockchain technology. Used by a host of illicit actors to transfer and launder funds, the report found that “the most significant current illicit finance risk in this domain is from DeFi services that are not compliant with existing AML/CFT [anti-money laundering and countering the financing of terrorism] obligations.” These obligations include establishing effective AML programs, assessing illicit finance risks, and reporting suspicious activity, the report said.

    The report made several recommendations for strengthening AML/CFT supervision and regulation of DeFi services, such as “closing any identified gaps in the [Bank Secrecy Act (BSA)] to the extent that they allow certain DeFi services to fall outside the scope of the BSA’s definition of financial institutions.” The report also recommended, “when relevant,” the “enforcement of virtual asset activities, including DeFi services, to increase compliance by virtual asset firms with BSA obligations,” and suggested continued research and engagement with the private sector on this subject.

    In addition, the report pointed to a lack of implementation of international AML/CFT standards by foreign countries, “which enables illicit actors to use DeFi services with impunity in jurisdictions that lack AML/CFT requirements,” and commented that “poor cybersecurity practices by DeFi services, which enable theft and fraud of consumer assets, also present risks for national security, consumers, and the virtual asset industry.” To address these concerns, the report recommended “stepping up engagements with foreign partners to push for stronger implementation of international AML/CFT standards and advocating for improved cybersecurity practices by virtual asset firms to mitigate these vulnerabilities.” The report seeks input from the public sector to inform next steps.

    Financial Crimes Agency Rule-Making & Guidance Of Interest to Non-US Persons Department of Treasury Anti-Money Laundering Combating the Financing of Terrorism Illicit Finance Decentralized Finance Supervision Bank Secrecy Act Digital Assets Fintech

Pages

Upcoming Events