Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On May 27, the DOJ announced it had entered into a three-year deferred prosecution agreement with a Swiss bank charged with conspiring to commit money laundering, in which the bank agreed to pay more than $79 million after admitting that it “conspired to launder over $36 million in bribes through the United States to soccer officials” in exchange for broadcasting rights to international soccer matches. According to the DOJ, between February 2013 and May 2015, the bank, through a former bank relationship manager (who pleaded guilty in June 2017 for his role in the scheme and was sentenced last November), conspired with sports marketing executives to launder at least $36 million in bribes through the U.S. in order to “conceal the true nature of the payments and promote the fraud.” During this period, the DOJ claimed the bank’s anti-money laundering (AML) controls “failed to detect or prevent money laundering transactions related to the bribery schemes,” and that had the former bank relationship manager’s supervisors or compliance personnel conducted meaningful due diligence they would have been alerted to “multiple, significant red flags, including facially false contracts, payments to third parties at the direction of a [soccer federation] official, and services purportedly rendered by shell corporations—all of which would have alerted the [b]ank to the bribery, money laundering or other illegal activity.” The DOJ further noted that the bank admitted it was aware that the former bank relationship manager’s clients’ accounts were associated with international soccer—an area “generally understood to involve high corruption risks”—but still directed these accounts to be fast tracked in the hopes of obtaining lucrative business.
The terms outlined in the deferred prosecution agreement are based on several factors, the DOJ stated, including the bank’s prior criminal history and the fact that the bank failed to voluntarily disclose the conduct and played a critical rule in the scheme for more than two years. The DOJ further noted that the bank did not receive any cooperation credit because it made misleading representations about relevant facts in the case, which hindered the investigation, and failed to provide all evidence pertaining to the involvement of senior management. However, the bank did receive some credit for making significant efforts to remediate its compliance program and spent $112 million on a three-year AML initiative designed to upgrade all accounts held by the bank, not just high-risk accounts. Under the terms of the agreement, the bank will pay a fine of roughly $43.3 million and forfeit approximately $36.4 million.
On May 12, the SEC announced a settlement with a broker-dealer for allegedly violating the Securities and Exchange Act by failing to consistently implement its anti-money laundering (AML) program and file Suspicious Activity Reports (SARs) despite knowing individuals were attempting to gain unauthorized access to retirement accounts. According to the SEC’s order, from September 2015 through October 2018, the broker-dealer allegedly knew that individuals were attempting to gain access, or had gained access, to plan participants’ retirement accounts through the use of improperly obtained personal identifying information. The SEC alleged that, despite this knowledge, the broker-dealer failed to file approximately 130 SARs in cases where it had detected the suspicious activity and, in the roughly 297 SARs that it did file, failed to include certain required information linked to the bad actors, such as URL addresses, IP addresses, and other electronic identifying information. The order requires the broker-dealer, who has neither admitted nor denied the SEC’s allegations, to cease and desist from future violations and pay a $1.5 million penalty. The SEC acknowledged the broker-dealer’s significant cooperation in the investigation and subsequent remedial efforts.
On April 28, the DOJ announced the arrest of a dual Russian-Swedish national on criminal charges related to his alleged operation of a bitcoin money laundering service on the darknet. The DOJ referred to the individual’s money-laundering service as the “longest-running cryptocurrency ‘mixer,’” stating that it moved over 1.2 million bitcoin valued at approximately $335 million at the time of transactions over the course of 10 years. According to the DOJ, the majority of the cryptocurrency came from darknet marketplaces tied to illegal narcotics, computer fraud, and abuse activities. The individual is charged with (i) money laundering; (ii) operating an unlicensed money transmitting business; and (iii) money transmission without obtaining a license in the District of Columbia.
On April 16, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), which resulted in a $250,000 fine against a New York-based trading firm for allegedly failing to establish an anti-money laundering (AML) compliance program and a tailored Customer Identification Program (CIP) over a four-year period, which permitted potentially suspicious trading out of accounts based in China and other foreign countries. As a result, the firm allegedly failed to detect red flags concerning potentially suspicious activity and failed to investigate or report the activity in a timely manner. According to FINRA, the firm’s failure to set up a “reasonable” AML program and a tailored CIP between September 2016 and September 2020 resulted in the failure to “detect, investigate, and respond” to red flags in four related accounts, including suspicious activity related to: (i) possible trading of low-priced securities and other activity connected to the foreign accounts; (ii) transactions that lacked business sense or apparent investment strategy; (iii) a customer account that had “unexplained or sudden extensive wire activity, especially in accounts that had little or no previous activity”; and (iv) a customer account, which showed an unexplained high level of account activity with very low levels of securities transactions. FINRA stated that although the “firm’s written procedures required the use and review of exception reports to assist with the identification of red flags for suspicious trading and suspicious money movements, they did not identify any exception reports that the firm would use and did not describe how supervisors should use them.” The firm neither admitted nor denied the findings set forth in the AWC letter.
On April 14, the DOJ unsealed an indictment charging two defendants with allegedly failing to maintain anti-money laundering (AML) controls, failing to file suspicious activity reports (SARs) with the Department of Treasury, and owning and operating an unlicensed, unregistered money transmitting business in violation of the Bank Secrecy Act (BSA). According to the DOJ, the defendants allegedly conducted high-risk transactions through their unlicensed money transmitting and money service business via a New York credit union, “caus[ing] the transfer of more than $1 billion in high-risk transactions, including hundreds of millions of dollars originating from foreign jurisdictions.” The DOJ alleged that while the defendants represented to financial institutions that they were aware of the risks associated with the high-risk business and would conduct the required, appropriate BSA/AML oversight, one of the defendants “willfully failed to implement and maintain the requisite [AML] programs or conduct oversight required to detect, identify, and report suspicious transactions.” The defendants have been charged with failure to maintain an AML program, failure to file SARs, and operating an unlicensed money transmitting business. The indictment seeks forfeiture of any property constituting, or derived from, proceeds obtained directly or indirectly as a result of the alleged offenses.
On April 12, the Financial Industry Regulatory Authority (FINRA) entered into a Letter of Acceptance, Waiver, and Consent (AWC), fining a New York-based member firm for allegedly failing to implement a reasonable anti-money laundering (AML) program for transactions involving low-priced securities. The firm also allegedly failed to establish a due diligence program for monitoring and investigating “potentially suspicious transactions.” According to FINRA, the firm and its principal failed to, among other things, (i) take reasonable steps to establish and implement an AML program tailored to the firm’s new business line (and particularly the deposit and liquidation of microcap stocks), resulting in the firm’s failure to identify or investigate potentially suspicious transactions; and (ii) provide meaningful guidance regarding how the principal was to identify or review red flags specific to the customer account business. In addition, FINRA allegedly found that the principal “repeatedly” permitted deposits and re-sales of microcap securities despite missing documentation. As a result, the firm and its principal violated FINRA Rules 3310(a) (Anti-Money Laundering Compliance Program), 3110(a) (Supervision) and 2010 (Standards of Commercial Honor and Principles of Trade).
On April 9, the Federal Reserve Board, FDIC, and OCC, in consultation with FinCEN and the NCUA, issued a joint statement on the use of risk management principles outlined in the agencies’ “Supervisory Guidance on Model Risk Management” (known as the “model risk management guidance” or MRMG) as it relates to financial institutions’ compliance with Bank Secrecy Act/anti-money laundering (BSA/AML) rules. While the joint statement is “intended to clarify how the MRMG may be a useful resource to guide a bank’s [model risk management] framework, whether formal or informal, and assist with BSA/AML compliance,” the agencies emphasized that the MRMG is nonbinding and does not alter existing BSA/AML legal or regulatory requirements or establish new supervisory expectations. In conjunction with the release of the joint statement, the agencies also issued a request for information (RFI) on the extent to which the principles discussed in the MRMG support compliance by financial institutions with BSA/AML and Office of Foreign Assets Control requirements. The agencies seek comments and information to better understand bank practices in these specific areas and to determine whether additional explanation or clarification may be helpful in increasing transparency, effectiveness, or efficiency. Comments on the RFI are due within 60 days of publication in the Federal Register.
On April 1, FinCEN issued an advanced notice of proposed rulemaking (ANPRM) seeking comments on a range of issues related to the implementation of the beneficial ownership information requirements under the Corporate Transparency Act (CTA). As previously covered by InfoBytes, the CTA is included within the Anti-Money Laundering Act of 2021, which was enacted in January as part of the National Defense Authorization Act for Fiscal Year 2021. Among other things, the ANPRM requests comments on reporting procedures and standards for entities to submit information to FinCEN about their beneficial owners, as well as input on FinCEN’s implementation of related CTA provisions “that govern FinCEN’s maintenance and disclosure of beneficial ownership information subject to appropriate protocols.” According to FinCEN, the CTA amended the Bank Secrecy Act “to require corporations, limited liability companies, and similar entities to report certain information about their beneficial owners (the individual natural persons who ultimately own or control the companies).” The CTA also requires FinCEN to develop a secure, non-public database to house collected beneficial ownership information, and authorizes FinCEN to disclose beneficial ownership information to several categories of recipients, including federal law enforcement. Moreover, FinCEN is required to revise existing financial institution customer due diligence regulations concerning beneficial ownership to incorporate the new direct reporting of beneficial ownership information.
Comments on the ANPRM should be submitted by May 5.
On March 24 and 25, EU and U.S. participants, including officials from the Treasury Department, Federal Reserve Board, CFTC, FDIC, SEC, and OCC, participated in the U.S.-EU Joint Financial Regulatory Forum to discuss topics of mutual interest, including those related to (i) “next steps” for Covid-19 recovery and for mitigating financial stability risks; (ii) “sustainable finance”; (iii) banking and insurance multilateral and bilateral engagement; (iv) capital market regulatory and supervisory cooperation; (v) regulatory and supervisory developments pertaining to financial innovation, including the importance of promoting ongoing “responsible innovation and international supervisory cooperation”; and (vi) anti-money laundering and countering the financing of terrorism (AML/CFT) issues, including “the potential for enhanced cooperation to combat money laundering and terrorist financing bilaterally and in the framework of [the Financial Action Task Force].” Participants also discussed possible responses to climate-related financial risks, as well as “the progress in their respective legislative and supervisory efforts to ensure a smooth transition away from LIBOR.”
In March, the Financial Action Task Force (FATF) updated pre-existing guidance on its risk-based approach to virtual assets (VAs) and virtual asset service providers (VASPs). The draft updated guidance revises guidance originally released June 2019, wherein FATF members agreed to regulate and supervise virtual asset financial activities and related service providers (covered by InfoBytes here) and place anti-money laundering and countering the financing of terrorism (AML/CFT) obligations on VAs and VASPs. According to FATF, the revisions “aim to maintain a level playing field for VASPs, based on the financial services they provide in line with existing standards applicable to financial institutions and other AML/CFT-obliged entities, as well as minimizing the opportunity for regulatory arbitrage between sectors and countries.” The revisions provide updated guidance in six main areas intended to:
- Clarify VA and VASP definitions to make it clear that these definitions are expansive and that “there should not be a case where a relevant financial asset is not covered by the FATF Standards (either as a VA or as a traditional financial asset)”;
- Provide guidance on how FATF Standards apply to so-called stablecoins;
- Provide further guidance on risks and potential risk mitigants for peer-to-peer transactions;
- Provide updated guidance on VASP licensing and registration requirements;
- Provide additional guidance for public and private sectors on the implementation of the “travel rule”; and
- Include principles of information sharing and cooperation among VASP supervisors.
FATF intends to consult private sector stakeholders before finalizing the revisions, and is separately considering implementing revised FATF Standards on VAs and VASPs—as well as whether further updates are necessary—through a second 12-month review.