FINANCIAL CRIME WAVE – OCC HITS CITI WITH $70 MILLION PENALTY, ABA SUPPORTS NEW AML BILL, AND MORE

In this week’s Financial Crime Wave, The U.S. Treasury’s Office of the Comptroller of the Currency hits Citibank with a $70 million penalty on compliance failings tied to past enforcement action, banking groups lend broad support draft anti-money laundering bill, new cyber bugs could affect nearly every device with a computer chip, and more.

Regulations

U.S. needs to ‘rethink’ AML rules, tactics to uncover illicit financial flows: Senator Warren

Democratic Senator Elizabeth Warren said on Tuesday the United States needed to review outdated laws for combating money laundering which are creating an undue compliance burden for small and community banks. During a Congressional hearing on Tuesday, Warren said she supported more stringent company ownership disclosure requirements and changing the threshold for reporting suspicious transactions in order to make life easier for small lenders and law enforcement. “Money laundering is a massive problem … so everything we can do to crack down on that is good and that’s what we should be doing,” the Massachusetts lawmaker told the Senate Banking Committee. “But it seems to me we need to rethink a lot of our money laundering laws some of which … were written back in the 1970s and are badly out of date.”

The Committee hearing was the first of two to be held on U.S. anti-money-laundering laws (AML), most of which were written in the 1970s and are out of step with the current financial landscape. Much of the burden for identifying the proceeds of crimes such as tax evasion and human trafficking falls on the banking industry, which is required to monitor financial flows and produce millions of reports flagging suspicious transactions to the authorities, (via Reuters).

ABA, large financial groups extend broad support to draft AML modernization bill

The American Bankers Association (ABA), the Clearing House Association and many other influential banking groups stated they are in support of the draft “Counter Terrorism and Illicit Finance Act,” cosponsored by Reps. Steve Pearce (R-N.M.) and Blaine Luetkemeyer (R-Mo.), just the latest in a number of fresh legislative proposals to update what many perceive as antiquated anti-money laundering (AML) laws to prepare for new threats, like terrorists, virtual value and cyber hackers. The bill targets anonymously owned shell companies by establishing a beneficial ownership reporting requirement on closely held, non-public legal entities.

Importantly, the bill would also provide financial institutions with access to reported information to assist them with their customer due diligence compliance efforts. The draft bill appropriately coordinates the definition of beneficial ownership with FinCEN’s rule. The groups stated that they are hoping the bill, if enacted, will help reduce the anticipated burden of complying with the requirements of the FinCEN CDD rule. Financial institutions should be able to rely on the information reported by businesses to FinCEN, which would, in turn, reduce the reporting burden on those businesses, (via the American Bankers Association). To see a hearing on the bill and tactics to strengthen AML laws that took place on Tuesday, please click here.

Corruption

So where does $422 million Keppel FCPA fine fall in panoply of corruption penalties? No. 7, says FCPA Blog

The DOJ penalty of $422 million against Offshore & Marine Ltd. and its U.S. subsidiary for paying bribes in Brazil ranks it as the seventh biggest FCPA resolution ever, according to the FCPA Blog. The DPA said half the penalty is payable in Brazil under a settlement with the Ministério Público Federal. A quarter of the penalty is payable in Singapore under a settlement with the Attorney General’s Chambers.

The Keppel FCPA resolution is structured similar to Telia Company’sresolution in September with the DOJ and SEC. In that case, the total penalties specified in the DOJ’s deferred prosecution agreement and the SEC’s administrative order added up to $965 million. Telia’s DPA, like Keppel’s, said the total criminal penalty would be offset by penalties paid to Dutch and Swedish authorities, (via the FCPA Blog).

Gatekeepers

U.S. attorney wanted for money laundering, allegedly helping high-profile PEPs, DTOs move dirty cash in Belize

U.S. federal prosecutors have sent a request to extradite a Belizean attorney wanted for money laundering charges and being part of a cabal of legal professionals and bankers helping influential politically-exposed persons (PEPs) and narco drug trafficking organizations (DTOs) move illicit funds, according to Breaking Belize News.

The attorney, Andrew Bennett, 46, was a partner in the law firm of Glenn D Godfrey and Company. According to court documents, Bennett was caught in a special operation which targeted big players in the banking sector. In 2013, a confidential informant in Belize told agents that political figures and high profile bankers were running money laundering operations for drug trafficking organizations through two international banks in Belize, (via the BBN).

Cybersecurity

Fear the Meltdown and Spectre security bugs affecting nearly every device with a computer chip

Security researchers released official documentation — complete with nicknames and logos —  of two major flaws found in nearly all modern central processing units, or CPUs. It’s not a physical problem with the CPUs themselves, or a plain software bug you might find in an application like Word or Chrome. It’s in between, at the level of the processors’ “architectures,” the way all the millions of transistors and logic units work together to carry out instructions. In modern architectures, there are inviolable spaces where data passes through in raw, unencrypted form, such as inside the kernel, the most central software unit in the architecture, or in system memory carefully set aside from other applications. This data has powerful protections to prevent it from being interfered with or even observed by other processes and applications.

Meltdown and Spectre are two techniques researchers have discovered that circumvent those protections, exposing nearly any data the computer processes, such as passwords, proprietary information, or encrypted communications. Meltdown affects Intel processors, and works by breaking through the barrier that prevents applications from accessing arbitrary locations in kernel memory. Spectre affects Intel, AMD, and ARM processors, broadening its reach to include mobile phones, embedded devices, and pretty much anything with a chip in it, (via Tech Crunch).

In 2018, more big data breaches ahead

A look at some cybersecurity predictions for 2018, including more large-scale data breaches, more battles about data protection versus data sharing to stop criminals in Europe, Ireland, (via Lawfare Blog).

Will AI defeat cyber hackers?

Analyzing the pros and cons of automated artificial intelligence to identify and defend against cyberattacks, (via Techgenix).

Companies still struggling with cyber defenses

Key findings from PwC’s global information security survey, noting that while most of the companies queried are bolstering cyber protections, many are still struggling to create defenses against current threats, (via PwC).

Enforcement

OCC hits Citi with $70 million AML penalty for failing to comply with 2012 consent order

The Office of the Comptroller of the Currency (OCC) hit Citibank, one of the country’s largest banks, with a $70 million civil money penalty for failing to comply with the agency’s 2012 consent order related to anti-money laundering (AML) deficiencies. In its 2012 order, the OCC cited the bank for a broad array of AML violations tied to enacting policies in its compliance program, failing to file suspicious activity reports, and weaknesses in controls related to correspondent banking.

In its penalty, the regulator stated that Citibank failed to take enough corrective actions to be in compliance with the prior order. In May, the U.S. Department of Justice hit a Citi subsidiary, Banamex, with a nearly $100 million penalty around lax transaction monitoring, missed SARs, and correspondent banking problems. That was on the heels of a $140 million penalty in 2015 by state and federal regulators for similar failures, (via the OCC).

Could Trump be tough on AML?

Pro-business Trump might be an AML enforcement tough guy, say pundits, (via Market Watch).

Marijuana

Under AG Sessions, DOJ breaks from Cole memo, says feds can now go after legal marijuana firms

The U.S. Department of Justice (DOJ) has broken with an Obama-era policy to not arrest, forfeit and prosecute firms selling marijuana where it is legal at the state level, called the “Cole memo.” In the new memo last week issued by Attorney General Jeff Sessions, he announced a “return to the rule of law and the rescission of previous guidance documents.” Since the passage of the Controlled Substances Act (CSA) in 1970, Congress has generally prohibited the cultivation, distribution, and possession of marijuana, according to the latest memo.

Now, Sessions is directing all U.S. Attorneys to enforce the laws enacted by Congress and to follow well-established principles when pursuing prosecutions related to marijuana activities. This return to the rule of law is also a return of trust and local control to federal prosecutors who know where and how to deploy Justice Department resources most effectively to reduce violent crime, stem the tide of the drug crisis, and dismantle criminal gangs, Sessions wrote. The memo goes against growing momentum where states like California have legalized recreational marijuana and dozens of others have legalized medical marijuana, (via DOJ).

Sessions breaks with Obama on marijuana, memo takes away state protections

After new AG Sessions nulls Obama-era Cole memo allowing states to dictate marijuana policies, will that finally spur Congress to settle the issue with federal legislation? Some believe the answer could be yes, (via Above the Law).

Sanctions

A look at one of the biggest sanctions busting schemes in recent memory, helped by a dirty Turkish banker

Yesterday, Turkish banker Mehmet Hakan Atilla was found guilty in a Manhattan courtroom for a range of financial crimes. His dramatic trial revealed that tens of billions in dollars and gold moved from Turkey to Iran through a complex network of businesses, banks, and front companies. But investigators also wanted to find out about Reza Zarrab. A dual Iranian-Turkish national, Zarrab was the swashbuckling gold trader who had helped Iran evade sanctions with the help of Turkish banks in 2013 and 2014, yielding Iran an estimated $13 billion at the height of the efforts to thwart Tehran’s nuclear ambitions.

A leaked report by prosecutors in Istanbul in March 2014 suggested that Zarrab spearheaded a second sanctions-busting scheme involving fake invoices for billions more in fictitious humanitarian shipments to Iran that were processed through Turkish banks, (via The Atlantic).

Virtual currencies

What are ‘fully verified’ crypto-exchange accounts and why are people selling them?

Over the past few months, cryptocurrency exchanges across the globe have been swamped with new customers looking to trade or acquire digital assets. Trading platforms have been having a hard time keeping up with the new registrants. Users are complaining that identity verifications are now required and take weeks to process, while some exchanges are not accepting new customers at all. This has led to rise of individuals selling “fully verified” accounts for a variety of popular digital currency platforms. Just recently news.Bitcoin.com reported on how some exchanges like Bittrex, and Cex.io have temporarily stopped accepting new customers due to the heavy influx of registrants these days.

Further, we reported on how one of the leading trading platforms, Binance, disabled new user accounts a few days ago. Meanwhile, in December Poloniex announced it required legacy accounts to verify their identity or the accounts would be closed. All of these issues has led to significant verification delays, and people finding it more difficult to trade cryptocurrencies. However, some individuals are selling “fully verified” cryptocurrency exchange accounts for bitcoin and other digital assets, (via Bitcoin.com).

Money laundering

AML in a nutshell

A brief history of U.S. money laundering, (via the Claims Journal).