Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 3, FinCEN issued an Advance Notice of Proposed Rulemaking (ANPRM) soliciting comments on questions related to implementing a no-action letter process at the agency. The ANPRM is part of FinCEN’s implementation of the Anti-Money Laundering Act of 2020, which directed the agency to conduct an assessment of a no-action letter process concerning how anti-money laundering or countering the financing of terrorism laws may apply to specific conduct. The ANPRM follows FinCEN’s June 2021 report to Congress (covered by InfoBytes here), which concluded that the agency should undertake rulemaking to establish a process for issuing no-action letters that will supplement its current forms of regulatory guidance and relief. FinCEN noted in its announcement that the addition of a no-action letter process (“generally understood to be a form of enforcement discretion where an agency states by letter that it will not take an enforcement action against the submitting party for the specific conduct presented to the agency”) could overlap with and “affect other forms of regulatory guidance and relief that FinCEN already offers, including administrative rulings and exceptive or exemptive relief.” The agency is seeking public input on whether the process should be implemented and, if so, how the process should work. Included in the ANPRM are questions concerning, among other things, FinCEN jurisdiction (specifically “[w]hat is the value of establishing a FinCEN no-action letter process if other regulators with jurisdiction over the same entity do not issue a similar no-action letter”), whether there should be limitations on which factual circumstances could be considered, and whether the scope of a no-action letter should be limited so that requests may not be submitted during a Bank Secrecy Act examination. The ANPRM also asked questions related to changes in circumstances, revocations, denials and withdrawals, confidentiality and consultation concerns, and criteria for distinguishing no-action letters from administrative rulings or exceptive/exemptive relief.
Comments on the ANPRM are due August 5.
On April 28, FinCEN acting Director Himamauli Das informed the House Financial Services Committee during a hearing on the oversight of the agency that FinCEN is currently developing a second notice of proposed rulemaking (NPRM) this year proposing “regulations governing access to beneficial ownership information by law enforcement, national security agencies, financial institutions and others.” The NPRM will be published this year and follows a previous proposal to implement the beneficial ownership information reporting provisions of the Corporate Transparency Act (CTA), which addresses who must report beneficial ownership information, when to report it, and what information must be provided (covered by InfoBytes here). In his written testimony, Das stated the agency also plans to issue a third and final proposal revising the Customer Due Diligence (CDD) regulation for financial institutions “no later than one year after the effective date of the final reporting rule,” as required by the statute. “The CTA directs that the revisions should bring the CDD regulation into conformance with the beneficial ownership rules under the CTA and reduce unnecessary or duplicative requirements, among other things,” Das said. “We are considering all options as we develop the Access Rule NPRM, and look forward to receiving public comments on our proposal when it is issued.” Das also noted that FinCEN is currently developing the beneficial ownership database, which will allow users to search and access certain beneficial ownership information. However, Das warned that limited resources “have presented significant challenges to meeting the implementation requirements of [FinCEN’s] expanded mandate under the Anti-Money Laundering Act, including the CTA’s beneficial ownership requirements . . . we are missing deadlines, and we will likely continue to do so.”
On March 16, the OCC issued a final rule amending its suspicious activity report (SAR) regulations. The rule sets out a process for national banks and federal savings associations to request exemptions from the OCC’s SAR requirements. To request exemption under the final rule, national banks or federal savings associations, including federal branches and agencies of foreign banks, must submit a request in writing to the OCC. The agency “will consider whether the exemption is consistent with the purposes of the [Bank Secrecy Act] and with safe and sound banking and may consider any other appropriate factors.” Where required, institutions must separately seek an exemption from FinCEN, and the OCC intends to coordinate with FinCEN on such requests. The final rule will also allow “the OCC to facilitate changes required by the Anti-Money Laundering Act of 2020" and “will make it possible for the OCC to grant relief to national banks or federal savings associations that develop innovative solutions intended to meet Bank Secrecy Act requirements more efficiently and effectively.”
On February 4, the U.S. Treasury Department published a study examining the high-value art market’s money laundering and terrorist financing risks to the U.S. financial system. The study also identified efforts U.S. government agencies, regulators, and other market participants should explore to mitigate the laundering of illicit proceeds through this industry. Treasury’s Study of the Facilitation of Money Laundering and Terror Finance Through the Trade in Works of Art found that while there is some evidence of money laundering risk in the high-value art market, there was limited evidence of a nexus between terrorist financing risk and high-value art (which the study theorizes is in part due “to a disconnect between the high-value art market and the physical geographies where terrorist groups are most active”). Participants most vulnerable to money laundering in the art market, the study noted, are financial services companies that offer art-collateralized loans but that are not subject to comprehensive anti-money laundering/countering the financing of terrorism (AML/CFT) requirements. Banks that facilitate payments between customers and art market institutions also present unique money laundering risks, the study found, while asset-based lending can disguise the original source of funds and provide liquidity to criminals. The study further cautioned that entities with large annual sales turnover present higher money laundering risks, and stressed that the emerging digital art market (including non-fungible tokens or NFTs) “may present new risks, depending on the structure and market incentives of certain activity in this sector of the market.”
To address the identified risks, the study recommended the following: (i) supporting “private sector information-sharing programs to encourage transparency among art market participants”; (ii) “updating guidance and training for law enforcement, customs enforcement, and asset recovery agencies”; (iii) using recordkeeping and reporting authorities to support information collection and money laundering activity analyses; and (iv) “applying comprehensive AML/CFT requirements to certain art market participants.” Treasury noted that it will consider “how these measures could mitigate identified money laundering risk, the potential burden on smaller art market participants, privacy considerations, as well as progress on addressing systemic AML/CFT issues, such as the abuse of shell companies.”
On January 24, FinCEN issued a Notice of Proposed Rulemaking (NPRM) to establish a limited-duration pilot program for financial institutions to share suspicious activity reports (SARs), pursuant to Section 6212 of the Anti-Money Laundering Act of 2020. The pilot program would allow financial institutions with SAR reporting obligations to share SARs and related information (subject to certain restrictions) with their foreign branches, subsidiaries, and affiliates for the purpose of combating illicit finance risks. The NPRM would expand guidance that previously only permitted SARs to be shared internally with foreign head offices, controlling companies (domestic or foreign), and domestic affiliates, and seeks input on the expected costs and benefits, technical challenges, merits of quarterly reporting, and SAR confidentiality protections. According to FinCEN, the pilot program is intended to provide feedback as the agency considers longer-term approaches towards SAR sharing with foreign affiliates. Comments are due March 28.
On December 14, the Financial Crimes Enforcement Network (FinCEN) issued a request for information (RFI) in the Federal Register seeking comments from regulated entities; state, local, and Tribal governments; law enforcement; regulators; and other consumers of Bank Secrecy Act (BSA) data, on ways to redevelop the anti-money laundering and countering the financing of terrorism (AML/CFT) regime in the U.S. According to the announcement, FinCEN intends to collect comments regarding ways to modernize risk-based AML/CFT regulations and guidance so that they protect U.S. national security in a cost-effective and efficient manner. Additionally, the RFI “supports FinCEN’s efforts to conduct a formal review of BSA regulations and related guidance, which is required by Section 6216 of the Anti-Money Laundering Act of 2020.”
As previously covered by InfoBytes, the Anti-Money Laundering Act of 2020 made numerous changes to the BSA, including amendments to the definition of “financial institution” to include a “person engaged in the trade of antiquities, including an advisor, consultant, or any other person who engages as a business in the solicitation or the sale of antiquities.” According to FinCEN, this “review will help FinCEN ensure that BSA regulations and guidance continue to safeguard the U.S. financial system from threats to national security posed by various forms of financial crime, and that BSA reporting and recordkeeping requirements continue to be highly useful in countering financial crime.” This review will also permit the agency “to identify regulations and guidance that are outdated, redundant, or otherwise do not promote a risk-based AML/CFT compliance regime for financial institutions, or that do not conform with U.S. commitments to meet international AML/CFT standards.” The findings of the review will be reported to Congress, and will include administrative and legislative recommendations. Comments are due by February 14, 2022.
On December 7, FinCEN issued a notice of proposed rulemaking (NPRM) implementing the beneficial ownership information reporting provisions of the Corporate Transparency Act (CTA). As previously covered by InfoBytes, the CTA is included within the Anti-Money Laundering Act of 2021, which was enacted in January as part of the National Defense Authorization Act for Fiscal Year 2021. The proposed rule implements the reporting requirements under the CTA and “reflects FinCEN’s careful consideration of public comments received in response to its April advance notice of proposed rulemaking on the same topic.” (Covered by InfoBytes here.) Among other things, the NPRM addresses who must report beneficial ownership information, when to report it, and what information they must provide. According to FinCEN, gathering “this information and providing access to law enforcement, financial institutions, and other authorized users will diminish the ability of malign actors to hide, move, and enjoy the proceeds of illicit activities.” Treasury Deputy Secretary Wally Adeyemo released a statement noting that Treasury, through the public comments gathered from the NPRM, intends to “develop a regulatory approach that will safeguard the integrity of our markets and root out corruption in American real estate.” The comment period ends 60 days after publication in the Federal Register.
On October 15, the U.S. Treasury Department announced additional steps to help the virtual currency industry combat ransomware and prevent exploitation by illicit actors. The guidance builds upon recent “whole-of-government” actions focused on confronting “criminal networks and virtual currency exchanges responsible for laundering ransoms, encouraging improved cyber security across the private sector, and increasing incident and ransomware payment reporting to U.S. government agencies, including both Treasury and law enforcement.” (Covered by InfoBytes here.) The newest industry-specific guidance—part of the Biden administration’s efforts to counter ransomware threats—outlines sanctions compliance best practices tailored to the unique risks associated with this space. According to Treasury, there is a “need for a collaborative approach to counter ransomware attacks, including public-private partnerships and close relationships with international partners.”
The same day, the Financial Crimes Enforcement Network (FinCEN) released new data analyzing ransomware trends in Bank Secrecy Act reporting filed between January 2021 and June 2021. The report follows FinCEN’s government-wide priorities for anti-money laundering and countering the financing of terrorism priorities released in July (covered by InfoBytes here). Issued pursuant to the Anti-Money Laundering Act of 2020, the report flags “ransomware as a particularly acute cybercrime concern,” and states that in the first half of 2021, FinCEN identified $590 million in ransomware-related suspicious activity reports (SARs)—an amount exceeding the entirety of the value report in 2020 ($416 million). If this trends continues, FinCEN warns that ransomware-related SARs submitted in 2021 will have a higher transaction value than similar SARs filed in the previous 10 years combined. FinCEN attributes this uptick in activity to several factors, including an increasing overall prevalence of ransomware-related incidents, improved detection and incident reporting, and an increased awareness of reporting obligations and willingness to report by financial institutions.
In conjunction with the “growing prevalence of virtual currency as a payment method,” Treasury’s Office of Foreign Assets Control (OFAC) issued sanctions compliance guidance for companies in the virtual currency industry, including technology companies, exchangers, administrators, miners, wallet providers, and financial institutions. OFAC warned that “sanctions compliance obligations apply equally to transactions involving virtual currencies and those involving traditional fiat currencies,” and that participants “are responsible for ensuring that they do not engage, directly or indirectly, in transactions prohibited by OFAC sanctions, such as dealings with blocked persons or property, or engaging in prohibited trade- or investment-related transactions.” Among other things, the guidance will assist participants on ways to evaluate risks and build a risk-based sanctions compliance program. OFAC also updated related FAQs 559 and 646.
On September 23, the Financial Crimes Enforcement Network (FinCEN) issued an Advance Notice of Proposed Rulemaking (ANPRM) to solicit public comments on implementing Section 6110 of the Anti-Money Laundering Act of 2020 (Act) regarding the trade in antiquities. FinCEN noted that this is the first of several regulatory actions that the agency intends to undertake to implement Section 6110. As previously covered by InfoBytes, the Act made numerous changes to the Bank Secrecy Act (BSA), including amendments to the definition of “financial institution” to include a “person engaged in the trade of antiquities, including an advisor, consultant, or any other person who engages as a business in the solicitation or the sale of antiquities.” FinCEN explained that crimes related to the trade in antiquities may include money laundering and sanctions violations, and may also be exploited by terrorist financiers seeking to evade detection when laundering illicit funds through the U.S. financial system. In March, FinCEN issued an advisory notice (covered by InfoBytes here) alerting financial institutions with existing BSA obligations about illicit activity associated with trade in antiquities and art. According to FinCEN, the ANPRM “is an important step in strengthening U.S. national security by protecting the U.S. financial system from money launderers and terrorist financiers that seek to exploit the antiquities trade.”
In developing the ANPRM, FinCEN coordinated with the FBI, the Attorney General, and Homeland Security Investigations to consider several factors, including “the degree to which the regulations should focus on high-value trade in antiquities, and on the need to identify the actual purchasers of such antiquities, in addition to the agents or intermediaries acting for or on behalf of such purchasers,” whether thresholds should apply when determining persons to regulate, and what exemptions, if any, should apply to the regulations. The ANPRM seeks comments regarding, among other things: (i) “the potential for money laundering, financing of terrorism, and other illicit financial activity in the antiquities industry”; (ii) “the existence of any safeguards in the industry to guard against this potential”; (iii) “the effect that compliance with BSA requirements could have on the antiquities industry”; (iv) “what additional steps may be necessary to protect the industry from abuse by money launderers and other malign actors”; and (v) “which actors within the antiquities trade should be subject to BSA requirements.” Comments are due October 25.
On July 15, the Financial Crimes Enforcement Network (FinCEN) announced it will host a “FinCEN Exchange” in August with representatives from financial institutions, other key industry stakeholders, and federal government agencies to discuss continuing concerns regarding ransomware. According to FinCEN, the exchange builds upon FinCEN’s November 2020 event regarding ransomware and “will assist its government and private sector partners to inform next steps to address ransomware and focus resources to mitigate the threat.” FinCEN also notes that ransomware attacks are a growing concern and efforts to detect and report ransomware payments are “vital to prevent and deter ransomware attacks.” Recent efforts by FinCEN to do just that include issuing two advisories in October 2020 to aid U.S. individuals and businesses in combating ransomware scams and attacks (covered by InfoBytes here) and issuing the first government-wide priorities for anti-money laundering and countering the financing of terrorism policy pursuant to the Anti-Money Laundering Act of 2020 in June (covered by InfoBytes here).
- Kathryn L. Ryan to host the affiliate members meeting at AARMR’s 2022 Annual Regulatory Conference & Training
- Kathryn L. Ryan and Jedd R. Bellman to discuss “Risk and compliance management: Are you covered?” at a Mortgage Bankers Association webinar
- Melissa Klimkiewicz and Daniel A. Bellovin to discuss “Things to know about flood insurance” at a NAFCU webinar
- Hank Asbill to discuss “Ethical issues at sentencing” at the 31st Annual National Seminar on Federal Sentencing
- Max Bonici will moderate a panel on “Enforcement risk and other regulatory and compliance issues related to crypto and digital assets” at the American Bar Association’s 2022 Annual Meeting
- John R. Coleman to provide a “CFPB Update” at MBA’s 2022 Regulatory Compliance Conference
- Amanda R. Lawrence to discuss “The shifting data privacy and data protection landscape” at MBA’s 2022 Regulatory Compliance Conference
- Benjamin W. Hutten to discuss “Fundamentals of financial crime compliance” at the Practicing Law Institute
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar