Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On July 1, the Financial Crimes Enforcement Network (FinCEN) announced updates to the Financial Action Task Force (FATF) statements concerning jurisdictions with strategic anti-money laundering, countering the financing of terrorism, and combating weapons of mass destruction proliferation financing (AML/CFT/CPF) deficiencies. Specifically, to ensure compliance with international standards, the FAFT updated the following two statements: (i) High-Risk Jurisdictions Subject to a Call for Action, which identifies jurisdictions with significant strategic deficiencies in their AML/CFT/CPF regimes and instructs FATF members to apply enhanced due diligence, and in the most serious cases, apply counter-measures to protect the international financial system from such risks; and (ii) Jurisdictions under Increased Monitoring, which “publicly identifies jurisdictions with strategic deficiencies in their AML/CFT/CPF regimes that have committed to, or are actively working with, the FATF to address those deficiencies in accordance with an agreed upon timeline.” Notably, Haiti, Malta, the Philippines, and South Sudan have been added to the Jurisdictions under Increased Monitoring, while Ghana has been removed from the list. Among other things, through the announcement, FinCEN further instructs financial institutions to comply with U.S. prohibitions against the opening or maintaining of any correspondent accounts, whether directly or indirectly, for North Korean or Iranian financial institutions, which are already prohibited under existing U.S. sanctions and FinCEN regulations.
On June 25, the U.S. Treasury Department announced that the Financial Action Task Force (FATF) concluded its fourth plenary meeting, in which it “advanced its core work on virtual assets, proliferation finance, digital transformation, and peer member assessments.” Among other things, FATF finalized and adopted guidance on proliferation financing risk and mitigation. FATF also completed a second 12-month review on how well jurisdictions and the private sector have implemented anti-money laundering/combating the financing of terrorism (AML/CFT) obligations on virtual assets and virtual assets service providers (VASPs). FATF found that jurisdictions and the VASP sector continue to make progress implementing the revised standards, but that “weak or non-existent AML/CFT implementation in many countries remains a key source of risk.” Additionally, FATF completed a report examining the financing of racially or ethnically motivated violent extremists, completed a report on money laundering risks arising from conservation crimes, and adopted mutual evaluation reports on Japan and South Africa that provide assessments of both countries’ “AML/CFT and counter-proliferation financing legal frameworks as well as the measures in place to implement these frameworks effectively.”
In March, the Financial Action Task Force (FATF) updated pre-existing guidance on its risk-based approach to virtual assets (VAs) and virtual asset service providers (VASPs). The draft updated guidance revises guidance originally released June 2019, wherein FATF members agreed to regulate and supervise virtual asset financial activities and related service providers (covered by InfoBytes here) and place anti-money laundering and countering the financing of terrorism (AML/CFT) obligations on VAs and VASPs. According to FATF, the revisions “aim to maintain a level playing field for VASPs, based on the financial services they provide in line with existing standards applicable to financial institutions and other AML/CFT-obliged entities, as well as minimizing the opportunity for regulatory arbitrage between sectors and countries.” The revisions provide updated guidance in six main areas intended to:
- Clarify VA and VASP definitions to make it clear that these definitions are expansive and that “there should not be a case where a relevant financial asset is not covered by the FATF Standards (either as a VA or as a traditional financial asset)”;
- Provide guidance on how FATF Standards apply to so-called stablecoins;
- Provide further guidance on risks and potential risk mitigants for peer-to-peer transactions;
- Provide updated guidance on VASP licensing and registration requirements;
- Provide additional guidance for public and private sectors on the implementation of the “travel rule”; and
- Include principles of information sharing and cooperation among VASP supervisors.
FATF intends to consult private sector stakeholders before finalizing the revisions, and is separately considering implementing revised FATF Standards on VAs and VASPs—as well as whether further updates are necessary—through a second 12-month review.
On March 11, the Financial Crimes Enforcement Network (FinCEN) issued an advisory identifying updates to the Financial Action Task Force’s (FATF) list of jurisdictions with strategic anti-money laundering and combating the financing of terrorism (AML/CFT) and counter-proliferation financing deficiencies. The advisory notes that in response to the Covid-19 pandemic, FATF “prioritized its review by focusing on jurisdictions with expired or expiring action plan deadlines,” and provided jurisdictions identified under “increased monitoring” the option to provide a status report. FinCEN’s advisory reminds members that its February 2020 statement High-Risk Jurisdictions Subject to a Call for Action remains in effect and urges “all jurisdictions to impose countermeasures on Iran and the Democratic People’s Republic of Korea (DPRK) to protect the international financial system from significant strategic deficiencies in their AML/CFT regimes.” The advisory also notes that last month FATF updated its Jurisdictions under Increased Monitoring document, adding Burkina Faso, Cayman Islands, Morocco, and Senegal. Further, the advisory provides AML program risk assessment considerations and suspicious activity report filing guidance.
On February 25, the U.S. Treasury Department announced that the Financial Action Task Force (FATF) concluded another plenary meeting, in which it “advanced its work on several important issues, including finalizing a non-public report on terrorist financing and agreeing to seek public comment on updated guidance documents on virtual assets and proliferation finance.” Among other things, FAFT finalized three non-public reports outlining best practices for investigating and prosecuting terrorist financing for FATF member states, as well as an internal ISIS/Al Qaeda financing update and internal guidance designed “to assist investigative authorities trace financial flows between illicit arms traffickers and terrorists.” FATF also approved new guidance (to be published early March) intended to clarify and improve the adoption of risk-based supervision, which outlines ways supervisors should apply risk-based approaches to their activities, highlights common implementation challenges to risk-based supervision, and provides examples of effective strategies. Additionally, FAFT noted it has agreed to seek public consultation on amendments to its 2019 guidance concerning anti-money laundering/countering the financing of terrorism obligations concerning virtual assets and virtual asset service providers, and expects to release final updated guidance this summer. FATF also stated it intends to issue new guidance this summer on ways countries and the private sector can understand and mitigate proliferation financing threats, vulnerabilities, and risks.
On November 6, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to inform financial institutions of updates to the Financial Action Task Force (FATF)-identified jurisdictions with “strategic deficiencies” in their anti-money laundering and combating the financing of terrorism (AML/CFT) and counter-proliferation financing deficiencies. The advisory notes that in response to the Covid-19 pandemic, FATF gave identified-jurisdictions the option to report their progress at the October 2020 meetings or defer reporting, leaving their February statements in place. Additionally, the advisory reminds members that its February 2020 statement High-Risk Jurisdictions Subject to a Call for Action remains in effect and urges “all jurisdictions to impose countermeasures on Iran and the Democratic People’s Republic of Korea (DPRK) to protect the international financial system from significant strategic deficiencies in their AML/CFT regimes.” The advisory also notes that FATF updated its Jurisdictions under Increased Monitoring document, removing Iceland and Mongolia. The advisory also outlines AML program risk assessment considerations, as well as suspicious activity report filing guidance.
On October 23, the U.S. Department of Treasury announced that the Financial Action Task Force (FATF) concluded its plenary meeting, in which it adopted new standards on proliferation financing. Specifically, FATF adopted amendments to Recommendation 1 and its Interpretive Note that require countries and the private sector to assess and mitigate risks related to “the potential breach, non-implementation or evasion of United Nations (UN) targeted financial sanctions related to proliferation financing.” Treasury notes that the enhanced standards will arm financial institutions and other covered entities with targeted information that can be used to detect shell companies and other entities acting on behalf of designated persons.”
Additionally, FATF noted it will continue its work to identify and assess how cybercriminals are exploiting the Covid-19 pandemic, including the increase in counterfeiting and fraud related to stimulus measures. Lastly, among other things, Treasury notes that FATF adopted a new report on Trade Based Money Laundering (TBML), which has yet to be published, but reportedly “aims to assist both the public and private sectors to better identify and disrupt TBML activity using a risk-based approach.”
On October 13, the member nations of the G7 issued a joint statement stressing their commitment to working with the financial services sector to address and mitigate ransomware attacks. The statement highlights the recent increase in ransomware attacks over the last few years and notes that the scale, sophistication, and frequency has intensified as attackers “demand payments primarily in virtual assets to facilitate money laundering.” These ransom payments, the G7 warns, “can incentivize further malicious cyber activity; benefit malign actors and fund illicit activities; and present a risk of money laundering, terrorist financing, and proliferation financing, and other illicit financial activity.” The G7 reminds financial institutions that paying ransom is subject to anti-money laundering/combating the financing of terrorism (AML/CFT) laws and regulations, and warns non-financial services companies that providing certain services, such as money transfers, may subject them to the same obligations. The G7 further urges entities to follow international obligations for reporting ransom payments as suspicious activity and to take measures to prevent sanctions evasions. Moreover, the G7 recommends that entities implement standards set by the Financial Action Task Force to reduce criminals’ access to and use of financial services and digital assets, and emphasizes the importance of implementing effective programs to “hold and exchange information about the originators and beneficiaries of virtual asset transfers.” The G7 plans to share information related to ransomware threats, explore opportunities for coordinated targeted financial sanctions, and encourage a global implementation of AML/CFT obligations on virtual assets and virtual asset service providers.
On July 14, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to inform financial institutions of updates to the Financial Action Task Force (FATF)-identified jurisdictions with “strategic deficiencies” in their anti-money laundering and combating the financing of terrorism (AML/CFT) and counter-proliferation financing deficiencies. FATF notes that in response to measures taken by countries in response to the Covid-19 pandemic, it has temporarily paused reviewing most counties with strategic deficiencies. The advisory reminds members that its February 2020 statement High-Risk Jurisdictions Subject to a Call for Action remains in effect and urges “all jurisdictions to impose countermeasures on Iran and the Democratic People’s Republic of Korea (DPRK) to protect the international financial system from significant strategic deficiencies in their AML/CFT regimes.” The advisory also emphasizes that financial institutions should consider the Jurisdictions under Increased Monitoring document and consult the list of identified countries when reviewing due diligence obligations and risk-based policies, procedures, and practices. The advisory also outlines AML program risk assessment considerations, as well as suspicious activity report filing guidance.
On May 4, the Financial Action Task Force (FATF) released a report identifying challenges, good practices, and policy responses to new money laundering and financing threats arising from the Covid-19 pandemic. The report notes that the global response to the Covid-19 pandemic is limiting the ability of the government and public sector to implement oversight of anti-money laundering and countering the financing of terrorism (AML/CFT) obligations. Among other things, FATF noted that Covid-19 threats and corresponding vulnerabilities could result in the following: (i) increased misuse of online financial services and virtual assets to move illicit funds; (ii) the bypassing of customer due diligence measures; and (iii) the misuse and misappropriation of domestic and international financial aid. Additionally, FATF noted that the increased use of online platforms for social interaction, consumer shopping, and banking measures may also lead to increased fraud by criminal actors, such as impersonation of officials, counterfeiting essential goods, and fundraising for fake charities. To address these concerns, FATF emphasized that domestic coordination assessing the impact of Covid-19 on AML/CFT risks, the use of a risk-based approach to customer due diligence, and strengthened communication with the private sector may help support the implementation of measures to manage the new risks and vulnerabilities.
- Jedd R. Bellman to provide an “Attorney exemption/medical debt update” at the North American Collection Agency Regulatory Association annual conference
- Kathryn L. Ryan to discuss “What should crypto regulation look like: Legislation, regulation and consumer issues” at WCL's First Annual Virtual Currency Law Institute
- Elizabeth E. McGinn to discuss “How to mitigate and manage third-party risks: Leveraging tools and best practices” at The Knowledge Group’s webcast
- Elizabeth E. McGinn, Benjamin W. Hutten, and James C. Chou to discuss “The evolving regulatory landscape: Third-party and cyber risk management” at the 2022 mWISE Conference
- Sherry-Maria Safchuk to discuss “For your eyes only: Privacy updates for 2022-2023” at CCFL’s Annual Consumer Financial Services Conference
- James T. Parkinson to present a “Global anti-corruption update” at IBA’s annual conference