Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On November 22, FinCEN and the IRS issued an alert to financial institutions regarding Covid-19 Employee Retention Credit (ERC)-related fraud schemes. Authorized by the CARES Act, the ERC is a tax credit aimed at incentivizing businesses to retain employees on payroll during the Covid-19 pandemic, through which fraud and scams have been carried out, FinCEN explained. The alert offers insights into typologies linked to ERC fraud and scams, emphasizes specific warning signs to aid financial institutions in detecting and reporting suspicious activities, and reinforces these institutions' obligations to report under the Bank Secrecy Act (BSA).
According to the alert, “[d]uring the 2023 tax season, the IRS noted various scammers appeared throughout the [U.S.] using the false pretense of being tax credit experts to convince businesses to file for the ERC.” Third-party ERC promoters misled taxpayers about eligibility, aiming to profit from filing ERC claims without verifying qualifications, FinCEN added. As a result, the alert mentioned that victims risk claim denial or repayment, while scammers profit regardless of the claim's outcome, involving both willing and unaware businesses in these schemes. FinCEN added that businesses must meet specific ERC requirements, and those who received PPP loans cannot use the same wages counted in the PPP loan for the ERC application. Despite this, some may file amended tax returns misrepresenting their eligibility for the ERC by falsifying staff wages or claiming their operations were partially or fully suspended during the pandemic. FinCEN listed “red flags” indicative of ERC fraud that financial institutions should be cognizant of, including, among others, (i) a business account that receives multiple ERC check deposits over several days; (ii) small business accounts that receive ERC check deposits disproportionate to their size, employee count, and transaction volume; and (iii) a new account for an established business that only receives ERC deposits, suggesting possible identity theft using the business as a front for fraudulent claims. The alert also reminds financial institutions of their obligation to file suspicious activity reports and to keep a copy of the reports for five years from the date of the filing.
On October 19, FinCEN announced a notice of proposed rulemaking (NPRM) that identifies international Convertible Virtual Currency mixing (CVC) as a primary money laundering concern. In its NPRM, FinCEN highlighted the prevalence of illicit actors, including Hamas and Palestinian Islamic Jihad, who use CVC mixing to fund their illegal activity, and how increased transparency can combat their efforts. According to FinCEN, CVC mixing is used to conceal the source, destination, or amount involved in transactions. The proposed rule would require covered financial institutions to collect records of, and report suspicious CVC mixing transactions, as defined, to FinCEN within 30 days of initial detection. The proposed rule would not require covered financial institutions to source additional report information from the transactional counterparty, adding that the information required for the report is similar to information already collected by financial institutions. FinCEN also noted this is its first ever use of its authority under Section 311 of the USA PATRIOT Act.
FinCEN invites comments for the proposed rule, including responses to questions addressing the impact of the proposed rule, definitions, reporting, and recordkeeping. Comments must be received by January 22, 2024, and they can be submitted via instructions found in the announcement.
FinCEN final rule designates Iran a primary money laundering concern; new Treasury and State department mechanism to make humanitarian trade more transparent
On October 25, the U.S. Treasury Department announced the issuance of a final rule by the Financial Crimes Enforcement Network (FinCEN) to impose a fifth special measure against Iran as a jurisdiction of primary money laundering concern under Section 311 of the USA Patriot Act. The final rule prohibits U.S. financial institutions from opening or maintaining a correspondent account on behalf of an Iranian financial institution, and also prohibits U.S. financial institutions from processing transactions involving Iranian financial institutions. The final rule takes effect ten days after publication in the Federal Register.
FinCEN stated that its action is based on Iran’s abuse of the international financial system, including providing support for terrorist groups such as Hizballah and HAMAS, and builds upon Treasury’s Office of Foreign Assets Control’s (OFAC) September designation of Iran’s central bank for providing financial support to the Islamic Revolutionary Guards Corps, its Qods Force, and Hizballah (previous InfoBytes coverage here). Additionally, FinCEN determined that the Iranian regime continues to engage in deceptive financial practices through the use of front companies and shell companies, among other things, to facilitate military purchases. These actions, FinCEN noted, are “further compounded by Iran’s continued failure to adequately address its AML/CFT deficiencies, as identified by the Financial Action Task Force,” which recently re-imposed countermeasures and enhanced due diligence strategies on Iran and “called on its members and urged all jurisdictions to advise their financial institutions to apply enhanced due diligence with respect to business relationships and transactions with natural and legal persons from Iran.” (Previous InfoBytes coverage here.)
Concurrent with the imposition of the fifth special measure, Treasury and the U.S. Department of State announced a new mechanism to increase the transparency of humanitarian trade with Iran that will establish processes for participating foreign governments and financial institutions when conducting enhanced due diligence designed to mitigate the higher risks associated with Iran-related transactions. OFAC’s guidance outlines due diligence and reporting requirements for participating entities, and stipulates that “[p]rovided that foreign financial institutions commit to implement stringent enhanced due diligence steps, the framework will enable them to seek written confirmation from Treasury that the proposed financial channel will not be exposed to U.S. sanctions.”
On August 28, the Financial Crimes Enforcement Network (FinCEN) announced a new division intended to investigate global money laundering threats. The Global Investigations Division (GID)—led by Matthew Stiglitz, a former senior official in the Department of Justice’s Criminal Division—will target activities such as weapons of mass destruction proliferation, rogue state actors, transnational organized crime, and narcotics trafficking. According to FinCEN, GID will utilize the agency’s Bank Secrecy Act authorities, including Section 311 of the USA PATRIOT Act, to combat both domestic and international illicit terrorist finance and money laundering threats.
D.C. Circuit: Maintaining a U.S. correspondent account can subject a foreign bank's records located abroad to USA PATRIOT Act subpoenas; Chinese banks subject to subpoenas in case claiming sanctions evasion
On August 6, the U.S. Court of Appeals for the D.C. Circuit affirmed a district court ruling that ordered three Chinese banks to comply with subpoenas seeking customer records stemming from a DOJ investigation into a now-defunct Chinese company’s evasion of North Korean sanctions, or face contempt fines each of $50,000 per day. According to the DOJ, the banks allegedly facilitated transactions for the Chinese company that may have operated as a front for the North Korean government in violation of U.S. sanctions. In 2017, the DOJ obtained grand jury subpoenas seeking records related to U.S. correspondent banking transactions of the defunct company from two of the banks with U.S. branches, and served the third bank, which did not have U.S. branches, with a Patriot Act subpoena. After the banks refused to comply with the subpoenas, the district court granted the DOJ’s motion to compel.
On appeal, the D.C. Circuit concluded that the district court had personal jurisdiction to enforce the subpoenas. The appellate court held that the two banks with U.S. branches consented to jurisdiction when they opened those branches because they had executed agreements with the Federal Reserve which required compliance with relevant provisions of federal law. For the bank without U.S. branches, the D.C. Circuit determined that “it had sufficient contact with the [U.S.] as a whole and the subpoena sufficiently related to that contact so as to support the court’s personal jurisdiction.” The court also held that the foreign records sought from the bank without U.S. branches were within the scope of the PATRIOT Act subpoena, noting that the PATRIOT Act authorized the DOJ to issue a “subpoena to any foreign bank that maintains a correspondent account in the [U.S.] and request records related to such correspondent account, including records maintained outside of the [U.S.] relating to the deposit of funds into the foreign bank.” The appellate court also affirmed the district court’s decision to hold the banks in contempt, dismissing the banks’ argument that this move was improper because they had done all they could to obtain approval from the Chinese government to produce the subpoenaed records.
On October 25, FinCEN issued advisory bulletin FIN-2016-A005 reminding financial institutions of their Bank Secrecy Act (BSA) obligations to report certain cyber-events and cyber-enabled crime. The advisory highlights the importance of (i) reporting cyber-events and cyber-enabled crime through Suspicious Activity Reports (SARs); (ii) including cyber-related information such as IP addresses with timestamps, virtual-wallet information, device identifiers, and cyber-event information, in SAR reporting; (iii) collaborating with BSA/AML, cybersecurity, and other in-house units to facilitate “a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime”; and (iv) sharing cyber-related information – including specific malware signatures, IP addresses and device identifiers, and virtual currency addresses that seem anonymous – amongst financial institutions for the “purpose of identifying and, where appropriate, reporting money laundering or terrorist activities.” Importantly, the advisory distinguishes between mandatory SAR reporting of cyber-events, providing three specific examples, and voluntary reporting of cyber-events. Per the advisory, “[c]yber-events targeting financial institutions that could affect a transaction or series of transactions would be reportable as suspicious transactions because they are unauthorized, relevant to a possible violation of law or regulation, and regularly involve efforts to acquire funds through illegal activities.”
FinCEN simultaneously issued FAQs to supplement advisory bulletin FIN-2016-A005. The FAQs, which supersede 2001 FAQs regarding computer intrusion, provide answers to a set of nine questions. The FAQs address, among other things, (i) when cyber-related SAR reports should be filed; (ii) the type of information that should be included in cyber-related SARs; and (iii) cyber-event and cyber-enabled crime information sharing, pursuant to Section 314(b) of the USA PATRIOT Act, between financial institutions.
On September 21, the U.S. District Court for the District of Columbia stayed enforcement of FinCEN’s second attempt to cut off a Tanzania-based bank’s access to the U.S. banking system. The dispute originated from FinCEN’s attempt to prohibit domestic financial institutions from opening or maintaining correspondent accounts on behalf of the foreign bank under the authority of Section 311 of the USA PATRIOT ACT, which authorizes FinCEN take special measures against banks of primary money laundering concern. FinCEN first promulgated a final rule imposing the prohibition in July 2015, which was enjoined by the court in August, 2015. FinCEN agreed to a voluntary remand to correct deficiencies in its rulemaking process, such as providing the bank access to declassified information and considering the use of less drastic measures to address its concerns. In March 2016, FinCEN promulgated a revised final rule in which it indicated that the bank’s AML compliance remained inadequate and that the bank continued to engage in “illicit financial activity.” Upon a second review, the court again found that FinCEN had failed to adequately disclose declassified information to the bank prior to releasing the revised final rule, and did not properly respond to other of the bank’s concerns. In addition, the court was not satisfied that FinCEN had made the required consultations with other executive-branch agencies as required by statute.
On March 31, FinCEN published a final rule imposing the fifth special measure against FBME Bank Ltd. (FBME). Pursuant Section 311 of the USA PATRIOT Act, the fifth special measure prohibits U.S. financial institutions from opening or maintaining a correspondent account for, or on behalf of, FBME. As previously covered in InfoBytes, on July 29, 2015, FinCEN published a similar final rule, which did not take effect as, one day before its effective date, a U.S. district court granted FBME’s motion for a preliminary injunction to stop the rule from taking effect. In November 2015, FinCEN subsequently re-opened its comment period for the final rule, soliciting additional comments “particularly with respect to the unclassified, non-protected documents that support the rulemaking and whether any alternatives to the prohibition of the opening or maintaining of correspondent accounts with FBME would effectively mitigate the risk to domestic financial institutions.” According to FinCEN, its recently issued final rule will “guard against the international money laundering and terrorist financing risks that FBME poses to the U.S. financial system.” The Final Rule is effective July 29, 2016.
On February 19, FinCEN withdrew three findings and proposed rulemakings under Section 311 of the USA PATRIOT Act. FinCEN determined that the three entities subject to the proposed rulemakings “no longer pose a money laundering threat to the U.S. financial system.” FinCEN withdrew its findings and proposed rulemakings against (i) a Costa Rica-based financial institution; (ii) a Belarus-based financial institution; and (iii) an Andorra-based financial institution. Regarding the Costa Rica-based institution, FinCEN noted that the DOJ “seized [its] accounts and Internet domain names and charged seven of its principals and employees with money laundering;” the institution stopped functioning after such actions were taken. According to FinCEN, the Belarus-based entity, along with its successor, no longer operates as a foreign financial institution and does not operate in a way that poses a threat to the U.S. financial system. Finally, concerning the third entity, FinCEN noted that Andorran authorities assumed control of the management and operations of the entity, arrested its chief executive officer on money laundering charges, and “are in the final stages of implementing a resolution plan that is isolating the assets, liabilities, and clients of [the entity] that raise money laundering concerns.”
On November 27, FinCEN published in the Federal Register a Notice to re-open the comment period for its previously issued Final Rule imposing the fifth special measure against FBME Bank Ltd. (FBME). On August 27, the day before the Rule was scheduled to take effect, the United States Court for the District of Columbia Court granted FBME’s motion for a preliminary injunction and enjoined the Final Rule from taking effect. On November 6, the Court granted the Government’s motion for voluntary remand to allow for further rulemaking proceedings. FinCEN’s most recent Federal Register Notice to re-open the comment period for the Final Rule solicits additional comments “particularly with respect to the unclassified, non-protected documents that support the rulemaking and whether any alternatives to the prohibition of the opening or maintaining of correspondent accounts with FBME would effectively mitigate the risk to domestic financial institutions.” Comments are due by January 26, 2016.