Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On September 14, a Brazilian petrochemical company, agreed to pay its U.S. investors $10 million for concealing its role in a corruption scandal involving a Brazilian multinational corporation in the petroleum industry. The settlement resolves a 2015 lawsuit brought by U.S. investors against the petrochemical company, which alleged the company had misled investors into believing its operations were legitimate. The settlement follows the December 2016 guilty plea by the company and its affiliated construction firm to violating the Foreign Corrupt Practices Act. Together, the companies agreed to pay $3.5 billion in a combined global settlement with U.S., Brazilian, and Swiss authorities.
On September 15, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions based on June 23, 2017 updates to the Financial Action Task Force’s (FATF) list of jurisdictions identified as having “strategic deficiencies” in their anti-money laundering/combatting the financing of terrorism (AML/CFT) regimes. FinCEN urges financial institutions to consider this list when reviewing due diligence obligations and risk-based policies, procedures, and practices.
The current jurisdictions (as further described in the Improving Global AML/CFT Compliance: On-going Process) that have AML/CFT deficiencies for which they have developed an action plan are: Bosnia and Herzegovina; Ethiopia; Iraq; Syria; Uganda; Vanuatu; and Yemen. Notably, Afghanistan and Lao PDR have been removed from this list for making “significant technical progress in improving [their] AML/CFT regime[s] and . . . establish[ing] the legal and regulatory framework to meet [their] commitments in [their] action plan[s].” North Korea, officially known as the Democratic People’s Republic of Korea, and Iran remain the two jurisdictions subject to countermeasures and enhanced due diligence (or EDD) due to AML/CFT deficiencies.
OFAC Imposes Additional Iranian Sanctions, List Includes Entities Involved in DDoS Attacks Against U.S. Financial Institutions
On September 14, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced it was imposing sanctions on 11 entities and individuals for supporting designated Iranian actors or for conducting malicious cyberattacks, including engaging in a series of distributed denial of service (DDoS) attacks against approximately 46 U.S. financial institutions. As reported in an indictment delivered by a federal grand jury in the Southern District of New York (see March 24, 2016 DOJ press release), the DDoS attacks—allegedly conducted by seven Iranian individuals between December 2011 and mid-2013—denied customers access to online bank accounts and collectively cost the affected financial institutions “tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their [computer] servers.” During a DDoS attack, a “malicious actor” gains remote control of a server through the installation of malicious software. Once compromised, the “malicious actor” can collect hundreds or thousands of these compromised devices (collectively known as a “botnet”), and, once control is achieved, will “direct the computers or servers comprising the botnet to carry out computer network attack[s] and computer network exploitation activity.” Three of the seven sanctioned individuals worked for a company that was added to OFAC’s updated SDN list on September 14 and oversaw a network of compromised computers that powered DDoS attacks. The other four individuals operated a second DDoS botnet on behalf of a different company listed on OFAC’s non-SDN list. Both Iranian-based private computer security companies perform work on behalf of the Iranian Government, including Iran’s Islamic Revolutionary Guard Corps. Pursuant to E.O. 13694, U.S. persons are prohibited from dealing with the designated entities and individuals, and “foreign financial institutions that facilitate significant transactions for, or persons that provide material or certain other support to, the entities and individuals designated today risk exposure to sanctions that could sever their access to the U.S. financial system or block their property and interests in property under U.S. jurisdiction.”
In addition, pursuant to E.O. 13382, OFAC sanctioned an Iranian-based engineering company for engaging in activities related to Iran’s ballistic missile program, which include providing “ financial, material, technological, or other support for, or goods or services in support of, the [Islamic Revolutionary Guard Corps].” Two Ukrainian-based companies were also sanctioned pursuant to E.O. 13224 for assisting previously sanctioned Iranian and Iraqi airlines in obtaining U.S.-origin aircraft, as well as crew and services.
On August 29, the DOJ announced that it had unsealed a criminal complaint and FBI affidavit charging a retired U.S. Army colonel “for his alleged role in a foreign bribery and money laundering scheme in connection with a planned $84 million port development project in Haiti.” The DOJ alleges that he solicited bribes “from undercover [FBI] agents in Boston who posed as potential investors,” telling the agents “that he would funnel the payments to Haitian officials through a non-profit entity that he controlled . . . in order to secure government approval of the project.” The retired colonel allegedly received a $50,000 payment from the FBI, which he wired to his non-profit organization. While he ultimately used the payment for personal purposes, rather than his promised bribery, he allegedly “intended to seek additional money from the undercover agents to use for future bribe payments in connection with the port project.” The DOJ also alleges that FBI agents intercepted telephone calls where he “discussed bribing an aide to a senior Haitian official by giving him a job on the port development project after he left his position.”
FCPA sting operations are relatively rare. An infamous FCPA sting operation involving Africa resulted in charges for 22 defendants, but it concluded unsuccessfully in 2012 after a series of acquittals and hung juries caused the DOJ to dismiss the remaining indictments.
In a September 4 speech, Serious Fraud Office (SFO) Director David Green urged the SFO to lead anti-corruption enforcement efforts against UK-connected companies, warning that “if we take our foot off the pedal . . . , others will fill the void.” Green noted that the DOJ “is not shy about enforcing the [FCPA] against foreign companies,” and emphasized that seven of the top ten highest-dollar FCPA cases since 2008 were brought against non-American companies. Green said that “it is surely right that the UK should lead enforcement in relation to UK companies or companies with strong connections here,” because it not only “demonstrates our commitment to the level playing field,” but it also “ensures that hefty financial penalties go to UK public coffers rather than elsewhere.”
On September 7, the U.S. Government Accountability Office (GAO) issued a report, Anti-Money Laundering: U.S. Efforts to Combat Narcotics-Related Money Laundering in the Western Hemisphere, detailing activities by the Treasury and State Departments to combat these illicit activities. In conducting the study, GAO reviewed laws, regulations, and budget data, and also conducted interviews with experts and U.S. officials, in order to examine anti-money laundering activities over the period of fiscal years 2011 through 2015. GAO also made site visits to Colombia, Mexico, and Panama, identified as “jurisdictions of primary concern for money laundering” by the State Department. Among other things, the report noted that “State and Treasury allocated about $63 million to support AML-related capacity-building and technical assistance” to fund training and equipment for financial intelligence units employed to detect illicit financial transactions in these countries. The report further provides that many entities are required to report suspicious activities to the Treasury’s Financial Crimes Enforcement Network, which was established to collect, analyze, and disseminate “financial intelligence information to combat money laundering.”
FinCEN Releases Advisory Alert for Financial Institutions, OFAC Issues Sanctions Against South Sudanese Government Officials
On September 6, the Treasury Department issued a press release announcing multiple actions taken in response to the “continued deterioration of the humanitarian situation in South Sudan.” Under Secretary for Terrorism and Financial Intelligence, Sigal Mandelker, stated, “These actions send a clear message to those enriching themselves at the expense of the South Sudanese people that we will not let them exploit the U.S. financial system to move and hide the proceeds of their corruption and malign behavior.”
Financial Crimes Enforcement Network (FinCEN). FinCEN issued an advisory (FIN-2017-A004) to financial institutions to address concerns that certain South Sudanese senior political figures may potentially move assets using the U.S. financial system. FinCEN projects that since 2013—when a new political conflict began in Sudan—certain senior political officials from both the government and opposition parties have “engaged in and profited from corrupt practices.” The advisory provides due diligence guidance for U.S. financial institutions, issues a reminder regarding suspicious activity report filing obligations, and warns financial institutions to “assess the risk for laundering of the proceeds of public corruption associated with specific particular customers and transactions.”
Office of Foreign Assets Control (OFAC). Pursuant to Executive Order 13664, which blocks the property of certain persons with respect to South Sudan and authorizes sanctions against persons who threaten the peace, security, or stability of South Sudan, OFAC issued sanctions against three government officials and three entities owned by one of the sanctioned individuals. The identified individuals’ actions include, among other things, (i) “actions or policies that threaten the peace, security, and stability of South Sudan”; (ii) “actions or policies that have the purpose or effect of expanding or extending the conflict in South Sudan or obstructing reconciliation or peace talks or processes”; and (iii) “obstruction of the activities of international peacekeeping, diplomatic, or humanitarian missions in South Sudan, or of the delivery or distribution of, or access to, humanitarian assistance.” The sanctions prohibit any U.S. individual from dealing with the designated entities and individuals, and further states that “all of these individuals’ and entities’ assets within U.S. jurisdiction are blocked.” Additionally, individuals designated under Executive Order 13664 are banned from entry into the U.S.
On August 24, the New York Department of Financial Services (NYDFS) announced that it had assessed a nearly $630 million fine against a global bank (Bank) and its New York branch as part of a consent order addressing allegations that the Bank failed to fix “serious” and “persistent” failures in its Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs. NYDFS claimed in its Notice of Hearing and Statement of Charges (Notice) that these failures “indicate a fundamental lack of understanding of the need for a vigorous compliance infrastructure, and the dangerous absence of attention by [the Bank’s] senior management for the state of compliance at the [Bank’s] New York branch.” NYDFS will move for the penalty at a hearing scheduled for September 27, 2017. According to an order issued that same day, NYDFS expanded its investigation into the alleged misconduct to cover the period between October 1, 2013 through September 30, 2014, and April 1, 2015 through July 31, 2017. Specifically, the violations cited in the Notice include the following:
- 855 “batch-waived” transaction alerts that were improperly “cleared by [New York] Branch staff without review or rationale for the failure to review the alerts” and without written approval of the batch waive process by head office or local management;
- control deficiencies concerning the Bank’s relationship with a Saudi Arabian bank with reported ties to Al Qaeda and the financing of terrorism—transactions with the Saudi Arabian bank comprised approximately 24 percent of the total number of transactions conducted through the New York branch;
- more than 13,000 transactions failed to identify essential information such as originator and beneficiary identities; and
- more than 4,000 transactions were excluded from screening after being included on the Bank’s “good guy list” comprised of customers “who purportedly have been screened and identified as very low risk,” although the investigation identified several parties that had been either “improperly included” or met criteria which warranted screening.
The Bank issued a press release following the announcement, stating its plans to “vigorously contest [the penalty] . . . as being unjustified, capricious, unreasonable, not supported by facts or law and as being time barred.” The Bank claimed it has undergone “sincere and extensive remediation measures” to improve its compliance efforts since NYDFS issued an order in 2015 calling for oversight and improvements to its BSA/AML processes. The Bank expressed its intention to surrender its foreign bank branch license for the New York branch and NYDFS has issued an order to effectuate the surrender by September 23, 2017.
On August 29, the Wall Street Journal reported that a California-based ride sharing company is facing scrutiny from the DOJ, which has taken preliminary steps to investigate potential FCPA violations at the company. The company has expanded into more than 70 countries. A company spokesman confirmed the DOJ’s inquiry. The Wall Street Journal report stated that it was unclear whether DOJ would open a formal investigation.
On August 24, President Trump announced the issuance of new sanctions against Venezuela. Executive Order 13808 “Imposing Additional Sanctions with Respect to the Situation in Venezuela,” adds additional restrictions to those declared in Executive Order 13692. The sanctions prohibit transactions related to the following:
- “new debt with a maturity of greater than 90 days” in conjunction with the Venezuelan state-owned oil and natural gas company (state-owned company);
- “new debt with a maturity of greater than 30 days, or new equity, of the Government of Venezuela, other than debt” in conjunction with the state-owned company;
- “bonds issued by the Government of Venezuela prior to the effective date of this order”;
- “dividend payments or other distributions of profits to the Government of Venezuela from any entity owned or controlled, directly or indirectly, by the Government of Venezuela;
- “[t]he purchase, directly or indirectly, by a [U.S.] person or within the [U.S.], of securities from the Government of Venezuela, other than securities qualifying as new debt with a maturity of less than or equal to 90 days [for state-owned company debt] or 30 days [for other Government of Venezuela debt].”
On August 25, OFAC also issued four General Licenses containing additional provisions: (i) General License 1 imposes a wind-down period through September 24, 2017 for contracts and other agreements that were effective prior to the Executive Order's effective date; (ii) General License 2 authorizes certain transactions involving a specifically listed holding company; (iii) General License 3 authorizes dealings in certain specified Government of Venezuela-related bonds that would otherwise be prohibited; and (iv) General License 4 allows new debt transactions related to “the provision of financing for, and other dealings in new debt related to the exportation or reexportation, from the [U.S.] or by a U.S. person . . . of agricultural commodities, medicine, medical devices, or replacement parts and components for medical devices,” provided compliance with the outlined requirements and limitations. OFAC also published answers to several related frequently asked questions concerning the additional sanctions.
- Brandy A. Hood to discuss "Ongoing challenges of TRID compliance" at the Mortgage Bankers Association Live: Legal Issues and Regulatory Compliance Conference
- Daniel R. Alonso to discuss "Resisting temptation in a crisis: How to make sure ethics and compliance don't get diluted under financial strain" at a New York City Bar Association webcast
- Daniel P. Stipano to discuss "BSA for BSA seasoned officers" at an NAFCU webinar
- Jon David D. Langlois to discuss "LIBOR transition: Preparations for legal professionals" at a Mortgage Bankers Association webinar
- Garylene D. Javier to discuss "Navigating workplace culture in 2020" at the DC Bar Conference