Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Buckley Special Alert
The U.S. Department of the Treasury’s Office of Foreign Assets Control last week issued a framework for OFAC Compliance Commitments, which, for the first time, outlines OFAC’s views on essential elements of a risk-based sanctions compliance program in a single document that can serve as a roadmap for organizations as they structure and evaluate these programs. The framework should be considered carefully by U.S. organizations with any significant foreign dealings, and foreign organizations that conduct business with the United States or that utilize U.S. goods, services, or financial systems.
The framework also makes clear that OFAC intends to target individual employees who are culpable for violations. That emphasis follows an action from earlier this year, where OFAC sanctioned an individual it deemed responsible for circumventing his employer’s compliance protocols.
* * *
Click here to read the full special alert.
If you have questions about the OFAC’s new guidance or related issues, please visit our Bank Secrecy Act/Anti-Money Laundering & Sanctions practice page or contact a Buckley attorney with whom you have worked in the past.
On May 2, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $871,837 settlement with a New York global shipping and logistics company, as well as its subsidiaries and affiliates, for five alleged violations of the Weapons of Mass Destruction Proliferators Sanctions Regulations. The settlement resolves potential civil liability for the company’s alleged processing of five electronic funds transfers pertaining to payments associated with blocked vessels identified on OFAC’s Specially Designated Nationals List.
In arriving at the settlement amount, OFAC considered various aggravating factors, such as (i) the alleged violations constitute an egregious case and were not voluntarily self-disclosed; (ii) the company recklessly disregarded its obligations to comply with U.S. economic and trade sanctions; (iii) managers were aware of, and participated in, the conduct leading to the alleged violations; and (iv) the company is a global, commercially sophisticated company operating in a high-risk industry.
OFAC also considered numerous mitigating factors, including that the company has not received a penalty or finding of a violation in the five years prior to the transactions at issue, and the company cooperated with OFAC during the investigation and has undertaken remedial efforts to minimize the risk of similar violations from occurring in the future.
On May 2, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced the publication of A Framework for OFAC Compliance Commitments to provide guidance on the essential components of a risk-based sanctions compliance program (SCP) for organizations subject to U.S. jurisdiction, along with foreign entities that conduct business in or with the U.S. or U.S. persons, or use U.S.-origin goods or services. The framework highlights five essential compliance components that should be incorporated into an effective SCP: (i) senior management commitment; (ii) risk assessment “identifying potential OFAC issues” likely to be encountered; (iii) internal controls; (iv) testing and auditing; and (v) training. The framework notes that should an entity be subject to a civil monetary penalty (CMP), the Office of Compliance and Enforcement will determine, as appropriate, what other elements should be added to the entity’s SCP. In additional, OFAC states it will “consider favorably” entities that are able to demonstrate the existence of an effective SCP at the time of an apparent violation, which may mitigate a CMP and contribute towards the determination as to whether the violations are “deemed ‘egregious.’”
On April 26, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced regulations effective April 29 implementing Executive Order (E.O.) 13848. As previously covered by InfoBytes, E.O. 13848 was issued last September to authorize sanctions against foreign persons found to have engaged in, assisted, or otherwise supported foreign interference in U.S. elections. OFAC stated it intends to supplement the final rule with further regulations, “which may include additional interpretive and definitional guidance, general licenses, and statements of licensing policy.”
On April 30, the OCC released a proposed Innovative Pilot Program (and accompanying program FAQs), which is designed to support responsible innovation in the U.S. federal banking system by allowing eligible entities to test novel products, services, or processes that could present significant benefits to consumers, businesses, financial institutions, and communities. Under the program, the OCC would provide eligible entities with regulatory input, through tools such as interpretive letters during the development and implementation of proposed innovative activities. Any proposal the agency determines to have potentially predatory, unfair, or deceptive features; poses undue risk to consumers; or poses undue safety and soundness risk to an institution would be deemed as inconsistent with existing law and policy and not permitted in the program. Highlights of the proposed program include:
- Eligibility. OCC-supervised financial institutions may participate in the program independently or when partnered with a third-party entity to offer an innovative activity. Third-party entities, not supervised by the OCC, may not independently participate. Additionally, eligible entities seeking to participate in the program must establish an uncertainty (“perceived to be a barrier to development and implementation”) that justifies the need for the OCC’s involvement during development or implementation of the innovative product or service and must also show how the innovative activity has the potential to benefit the needs of consumers, businesses, and or communities.
- Parameters. The OCC anticipates participation in the program to last between three and 24 months, but the duration of each pilot will be on a case-by-case basis. The program may include the use of interpretive letters, supervisory feedback, and technical assistance, as well as potential determinations of legal permissibility before a live test. Notably, the program will not provide any statutory or regulatory waivers, and all participants must continue to comply with applicable laws and regulations.
- Evaluation Process. The four-step application process includes (i) a preliminary discussion with the OCC about the proposed pilot; (ii) submission of a tailored expression of interest (EOI) to the OCC’s Office of Innovation or assigned supervisory office; (iii) evaluation of the EOI by the OCC; and (iv) acceptance or declination of the request. If a proposal is accepted, the testing phase will begin and the entity will be required to submit periodic information and reports, including key performance indicators, issues identified, and any steps taken to address the issues.
The OCC will maintain the confidentiality of proprietary information, including the identity of any participating entities. Comments on the proposal must be submitted by June 14.
On April 25, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced a $75,375 settlement with a New Jersey corporation for two alleged violations of the Ukraine Related Sanctions Regulations. The settlement resolves potential civil liability for the company’s alleged issuance of two separate invoices for software licensing and software support services to an entity previously identified on OFAC’s Sectoral Sanctions Identification List. According to OFAC, the designated entity’s attempts to remit payment were rejected by financial institutions after it was determined that the transaction was prohibited. However, the corporation—which allegedly failed to have in place a sanctions compliance program and failed to “recognize that the delayed collection of payment was prohibited”—explored possible options to collect the payment and did not seek guidance or authorization from OFAC.
On April 25, the Federal Reserve Board announced an enforcement action against a Japanese bank for alleged weaknesses in its New York branch’s anti-money laundering risk management and compliance programs, including a failure to comply with applicable rules and regulations, including the Bank Secrecy Act. Under the terms of the order, the bank is required to, among other things, (i) develop and implement a written plan to strengthen the board of directors’ oversight of Bank Secrecy Act/anti-money laundering (BSA/AML) compliance and Office of Foreign Assets Control (OFAC) regulations; (ii) submit an enhanced written compliance program that complies with BSA/AML requirements; (iii) submit an enhanced, written customer due diligence plan; (iv) submit a written program to ensure compliant, timely, and accurate suspicious activity monitoring and reporting; (v) submit a written plan to enhance OFAC regulation compliance; and (vi) submit a written plan for independent testing of the bank’s compliance with all applicable BSA/AML requirements. A civil money penalty was not assessed against the bank or the branch. This is the latest in a long string of BSA/AML and OFAC-related regulatory enforcement actions against the U.S. operations of foreign banking organizations. Intense regulatory scrutiny of such institutions’ BSA/AML and OFAC risk management appears to continue unabated.
On April 24, the Financial Industry Regulatory Authority (FINRA) announced the formation of a new office, the Office of Financial Innovation, that will act as a central point of coordination for issues related to financial innovation by FINRA members. The new office, which is an outgrowth of FINRA’s Innovation Outreach Initiative (previously covered by InfoBytes here), will collaborate with various FINRA teams as well as regulators, investors, and other stakeholders to encourage the use of fintech in a way that strengthens market integrity and protects investors. The new office also will incorporate FINRA’s existing Office of Emerging Regulatory Issues, which focuses on analyzing new and emerging risks and trends related to the securities market.
On April 18, the Financial Crimes Enforcement Network (FinCEN) announced a civil money penalty against a California-based individual operating as peer-to-peer exchanger for willful violations of Bank Secrecy Act (BSA) money service business (MSB) requirements. According to FinCEN, the exchanger engaged in activities such as (i) advertising his intentions to purchase and sell bitcoin; and (ii) completing transactions using in-person cash payments, currency sent or received in the mail, or wire transfers through the use of a depository institution. These activities, FinCEN claimed, qualified him as a virtual currency exchanger, MSB, and a financial institution under the BSA. As such, the exchanger was required to register as a MSB with FinCEN, establish and implement an effective written anti-money laundering program, detect and file suspicious activity reports, and report currency transactions, which he failed to do. The order requires the exchanger to pay a $35,350 civil money penalty and permanently prohibits him from engaging in any activity that would qualify him as a MSB.
Treasury sanctions Venezuela’s central bank and official connected to Maduro regime; sanctions Nicaraguan bank and official
On April 17, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against Venezuela’s central bank, along with an individual determined to be a current or former official of the Government of Venezuela, for providing support to former President Maduro’s regime. OFAC stated that the U.S. “has taken steps to ensure that regular debit and credit card transactions can proceed and personal remittances and humanitarian assistance continue unabated and are able to reach those” affected by the humanitarian crisis in Venezuela. Financial Crimes Enforcement Network advisories FIN-2017-A006, FIN-2017-A003, and FIN-2018-A003 provide additional information concerning the efforts of Venezuelan government agencies and individuals to use the U.S. financial system and real estate market to launder corrupt proceeds, as well as human rights abuses connected to foreign political figures and their financial facilitators.
Additionally the same day, OFAC designated the Nicaraguan president’s son along with a Nicaraguan bank for actions supporting the Ortega regime. According to OFAC, the bank has, among other things, provided material, technical, and financial support to the previously sanctioned vice president, as well as money laundering assistance to the regime. OFAC also cited to the president’s son’s involvement with foreign investors to provide “preferential access to the Nicaraguan economy.” As a result, all property and interests in property of the sanctioned entities and individuals, and of any entities owned 50 percent or more by them subject to U.S. jurisdiction, are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from entering into transactions with the sanctioned entities and individuals.
- Daniel P. Stipano to discuss "Regulatory changes: Proposed AML regulatory changes, marijuana banking and hemp/CBD" at the ACAMS Carolinas Chapter AML and OFAC Symposium-Technology and Hot Topics
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Buckley Webcast: Flirting with alternatives — Opportunities and challenges created by alternative data, modeling, and technology
- Daniel P. Stipano and Moorari K. Shah to discuss "Vendor management: What is the NCUA looking for?" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Daniel P. Stipano to discuss "Reporting requirements for credit unions: CTRs and SARs" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference