InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Special Alert: Banks no longer required to file SARs for hemp-related businesses
Federal and state banking regulators confirmed in a December 3 joint statement that banks are no longer required to file a suspicious activity report on customers solely because they are “engaged in the growth or cultivation of hemp in accordance with applicable laws and regulations.”
* * *
Click here to read the full special alert.
For questions about the alert and related issues, please visit our Bank Secrecy Act/Anti-Money Laundering practice page, or contact a Buckley attorney with whom you have worked in the past.FHFA advises GSEs on fraud reporting
On September 18, the FHFA issued Advisory Bulletin AB 2019-04, which provides guidance to Fannie Mae and Freddie Mac (GSEs) on fraud reporting requirements pursuant to 12 C.F.R. Part 1233 (FHFA Regulation). The Bulletin states that the GSEs are required to notify designees of the Director of the FHFA through the secure methods established by the FHFA within one calendar day from when the GSE discovers fraud or possible fraud that may have a “significant impact” on the GSE. The Bulletin defines “significant impact” as an event that “may create substantial financial or operational risk for the Enterprise, whether from a single event/incident or because it is systemic.” Moreover, the GSEs are required to submit a monthly fraud status report to the FHFA containing instances where they have (i) filed a suspicious activity report (SAR) with the Treasury Department or the Financial Crimes Enforcement Network; or (ii) discovered that the Enterprise purchased or sold a fraudulent loan or financial instrument, or suspects a possible fraud related to the purchase or sale of any loan or financial instrument, and the Enterprise has not filed a SAR. Additionally the GSEs are required to submit quarterly reports summarizing information concerning the GSE fraud risk management environments. The Bulletin is effective January 1, 2020.
FinCEN director discusses gaming industry AML compliance
On August 13, Financial Crimes Enforcement Network (FinCEN) Director Kenneth Blanco delivered remarks at the 12th Annual Las Vegas Anti-Money Laundering Conference stressing the need for compliance within the gaming industry, particularly as new technologies emerge such as mobile gaming and the use of convertible virtual currencies (CVC) increases. With the U.S. Supreme Court issuing a decision in May holding that states can legalize sports gambling (previously covered by InfoBytes here), Blanco stated that casinos need to consider ways to integrate their sports betting programs—including mobile sports betting apps—into their existing anti-money laundering programs. These measures must include establishing and implementing procedures for detecting and reporting suspicious activities, Blanco noted, reminding the audience of FinCEN’s FAQs designed to assist financial institutions when reporting cyber indicators and cyber-enabled financial crime.
Blanco also discussed FinCEN’s work with respect to cybersecurity and virtual payments, noting, among other things, that both online and physical casinos that accept CVC need to consider how they review transactions to determine the source of the currency and recognize indicators of suspicious activity. Blanco referred casinos to consolidated guidance issued by FinCEN in May (previously covered by InfoBytes here), and expressed a concern that “CVC-related SAR filings by casinos have not been as robust as expected since the May CVC guidance and advisory were published.” He further stressed the importance of information-sharing between casinos, and highlighted that sharing SARs can contribute to the identification of suspicious transactions as well as Bank Secrecy Act compliance responsibilities.
CFPB updates advisory on elder financial exploitation
On July 17, the CFPB issued an updated advisory to financial institutions with information on the financial exploitation of older Americans and recommendations on how to prevent and respond to such exploitation. The update urges financial institutions to report to the appropriate authorities whenever they suspect that an older adult is the target or victim of financial exploitation, and recommends that they also file Suspicious Activity Reports (SARs) with the Financial Crimes Enforcement Network (FinCEN). The update builds on an advisory that was previously released by the Bureau in March 2016 (covered by InfoBytes here), which included recommended best practices to help prevent and respond to elder financial exploitation, such as (i) establish protocols for ensuring staff compliance with the Electronic Fund Transfer Act; (ii) train staff to detect the warning signs of financial exploitation and respond appropriately to suspicious events; and (iii) maintain fraud detection systems that provide analyses of the types of products and account activity associated with elder financial exploitation. With the release of the update, Director Kraninger noted that, “[t]he Bureau stands ready to work with federal, state and local authorities and financial institutions to protect older adults from abusive financial practices that rob them of their financial security.”
As previously covered by InfoBytes, in February, the CFPB’s Office of Financial Protection for Older Americans, released a report studying the financial abuse reported in SARs, discussing key facts and trends revealed after the Bureau analyzed 180,000 elder exploitation SARs filed with the FinCEN from 2013 to 2017. Key findings of the report included, (i) SARs filings on elder financial abuse quadrupled from 2013 to 2017, with 63,500 SARs reporting the abuse in 2017; (ii) the average amount of loss to an elder was $34,200, while the average amount of loss to a filer was $16,700; and (iii) more than half of the SARs involved a money transfer.
CFPB studies elder financial abuse reported in SARs
On February 27, the CFPB’s Office of Financial Protection for Older Americans released Suspicious Activity Reports on Elder Financial Exploitation: Issues and Trends, which discusses key facts and trends revealed after the Bureau analyzed 180,000 elder exploitation Suspicious Activity Reports (SARs) filed with Financial Crimes Enforcement Network from 2013 to 2017. Key highlights from the report include:
- SARs filings on elder financial abuse quadrupled from 2013 to 2017, with 63,500 SARs reporting the abuse in 2017.
- Nearly 80 percent of the SAR filings involved a financial loss to an elder or to the filing institution. The average amount of loss to an elder was $34,200, while the average amount of loss to a filer was $16,700.
- Financial losses were greater when the elder knew the suspect, with an average loss of $50,000 when the elder knew the suspect compared to $17,000 with a stranger.
- More than half of the SARs involved a money transfer.
- Less than one-third of elder abuse SARs acknowledge that the financial institution reported the activity to a local, state, or federal authority.
Kansas company agrees to $400,000 forfeiture in first U.S. BSA action against a broker-dealer
On December 19, the United States Attorney for the Southern District of New York announced it filed charges against a Kansas-based broker-dealer for allegedly willfully failing to file a suspicious activity report (SAR) in connection with the illegal activities of one of its customers in violation of the Bank Secrecy Act (BSA). According to the announcement, this is the first criminal BSA action ever brought against a U.S. broker-dealer. The allegations are connected to the actions of the broker-dealer’s customer, who was the owner of a Kansas-based payday lending scheme that was ordered to pay a $1.3 billion judgment for making false and misleading representations about loan costs and payments in violation of the FTC Act (previously covered by InfoBytes here). The U.S. Attorney alleges the broker-dealer, among other things, failed to follow its customer identification procedures, disregarded “red flags that were known prior to [the customer] opening the accounts,” and continued to ignore additional red flags that arose over time. Additionally, the U.S. Attorney alleges the broker-dealer failed to monitor transactions using its anti-money laundering (AML) tool, which led to numerous suspicious transactions going undetected and unreported until long after the customer was convicted at trial for his actions in the scheme.
Along with the announcement of the filing, the U.S. Attorney’s Office further stated it had entered into a deferred prosecution agreement with the broker-dealer in which it agreed to accept responsibility for its conduct, pay a $400,000 penalty, and enhance its BSA/AML compliance program.
The SEC also settled with the broker-dealer for the failure to file the SARs. The settlement requires the broker-dealer to hire an independent consultant to review its AML and customer identification program and implement any recommended changes. The independent consultant will monitor for compliance with the recommendations for two years.
Global broker-dealer assessed $14.5 million penalty for anti-money laundering compliance failures
On December 17, the Financial Industry Regulatory Authority (FINRA), the Financial Crimes Enforcement Network (FinCEN), and the SEC announced separate settlements (see here, here, and here) with a global broker-dealer following investigations into the firm’s anti-money laundering (AML) programs. According to FINRA, the broker-dealer and its affiliated securities firm allegedly failed to establish and implement AML processes reasonably designed to detect and report potentially high-risk transactions, including foreign currency wire transfers to and from countries known to be at high risk for money laundering, as well as penny stock transactions processed through the use of an omnibus account on behalf of undisclosed customers. FINRA alleged that from January 2004 to April 2017, the broker-dealer “processed thousands of foreign currency wires for billions of dollars, without sufficient oversight.”
In a separate investigation conducted by FinCEN in conjunction with FINRA and the SEC, the broker-dealer reached a settlement over allegations that it failed to, among other things, (i) develop and implement a risk-based AML program that “adequately addressed the risks associated with accounts that included both traditional brokerage and banking-like services”; (ii) implement policies and procedures, which would ensure the detection and reporting of suspicious activity through all accounts, particularly for those accounts with little to no securities training; (iii) “implement an adequate due diligence program for foreign correspondent accounts”; and (iv) provide sufficient staffing, leading to a backlog of alerts and decreased ability to file suspicious activity reports (SARs).
According to the SEC's investigation, from at least 2011 to 2013, the broker-dealer allegedly failed to file SARs as required by the Bank Secrecy Act’s reporting requirements and Section 17(a) of the Securities Exchange Act of 1934. Among other things, the SEC also claimed that the broker-dealer (i) provided customers with other services, such as cross-border wires, internal transfers between accounts and check writing, which increased its susceptibility to risks of money laundering and other types of associated illicit financial activity; and (ii) “did not properly review suspicious transactions flagged by its internal monitoring systems and failed to detect suspicious transactions involving the movement of funds between certain accounts in suspicious long-term patterns.”
After factoring in remedial actions, the broker-dealer has been assessed total civil money penalties of $14.5 million, including a $500,000 fine against the securities firm.
FDIC releases October enforcement actions, includes BSA and TILA violations
On November 30, the FDIC announced a list of administrative enforcement actions taken against banks and individuals in October. Included among the actions is an order to pay a civil money penalty of $9,600 issued against a Louisiana-based bank for alleged violations of the Flood Disaster Protection Act in connection with alleged failures to obtain flood insurance coverage on loans at or before origination or renewal.
Consent orders were also issued against three separate banks related to alleged weaknesses in their Bank Secrecy Act (BSA) and/or BSA/anti-money laundering (BSA/AML) compliance programs. (See orders here, here, and here.) Among other things, the banks are ordered to: (i) implement comprehensive written BSA/AML compliance programs, which include revising BSA risk assessment policies, developing a system of BSA internal controls, and enhancing suspicious activity monitoring and reporting and customer due diligence procedures; (ii) conduct independent testing; and (iii) implement effective BSA training programs. The FDIC further requires the Florida and New Jersey-based banks to conduct suspicious activity reporting look-back reviews.
In addition, a Kentucky-based bank was ordered to pay a civil money of $300,000 for allegedly violating TILA by “failing to clearly and conspicuously disclose required information related to the [b]ank’s Elastic line of credit product” and Section 5 of the FTC ACT by “using a processing order for certain deposit account transactions contrary to the processing orders disclosed in the [b]ank’s deposit account disclosures.”
There are no administrative hearings scheduled for December 2018. The FDIC database containing all 17 enforcement decisions and orders may be accessed here.
OCC announces enforcement action against bank for previously identified BSA/AML compliance deficiencies
On October 23, the OCC issued a consent order assessing a civil money penalty (CMP) against a national bank for deficiencies in the bank’s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program. The deficiencies allegedly resulted in violations of the BSA compliance program and suspicious activity reporting (SAR) rules that led to the issuance of a 2015 consent order, violations of the 2015 order, and additional violations of the SAR rule and wire transfer “travel rule.” According to the 2018 order, the bank allegedly, among other things, (i) failed to “timely achieve compliance” with the 2015 order; (ii) failed to file the required additional SARs; and (iii) initiated wire transfer transactions containing inadequate or incomplete information.
Under the terms of the 2018 order, the bank agreed to pay a $100 million CMP. The order notes that the bank has undertaken corrective actions to remedy the identified BSA/AML-related deficiencies and enhance its BSA/AML compliance program.
FATF updates standards to prevent misuse of virtual assets; reviews progress on jurisdictions with AML/CFT deficiencies
On October 19, the Financial Action Task Force (FATF) issued a statement urging all countries to take measures to prevent virtual assets and cryptocurrencies from being used to finance crime and terrorism. FATF updated The FATF Recommendations to add new definitions for “virtual assets” and “virtual asset service providers” and to clarify how the recommendations apply to financial activities involving virtual assets and cryptocurrencies. FATF also stated that virtual asset service providers are subject to Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulations, which require conducting customer due diligence, such as ongoing monitoring, record-keeping, and suspicious transaction reporting, and commented that virtual asset service providers should be licensed or registered and will be subject to compliance monitoring. However, FATF noted that its recommendations “require monitoring or supervision only for purposes of AML/CFT, and do not imply that virtual asset service providers are (or should be) subject to stability or consumer/investor protection safeguards.”
The same day, FATF announced that several countries made “high-level political commitment[s]” to address AML/CFT strategic deficiencies through action plans developed to strengthen compliance with FATF standards. These jurisdictions are the Bahamas, Botswana, Ethiopia, Ghana, Pakistan, Serbia, Sri Lanka, Syria, Trinidad and Tobago, Tunisia, and Yemen. FATF also issued a public statement calling for continued counter-measures against the Democratic People's Republic of Korea due to significant AML/CFT deficiencies and the threats posed to the integrity of the international financial system, and enhanced due diligence measures with respect to Iran. However, FATF will continue its suspension of counter-measures due to Iran’s political commitment to address its strategic AML/CFT deficiencies.