Last Month Today: After DOJ statements, CEO, CCO liability for AML failings on the rise, regulators, investigators scrutinizing ESG issues more closely, EU weighing adding NFTs to crypto compliance package and more

The Skinny:

  • In this monthly wrap-up, we take a look at some key federal investigative and regulatory trends, including renewed and rising fears of compliance chief individual liability in egregious failures and equally tense and terse settlements – enforcement actions that someone must be accountable for shepherding. 
  • We also offer industry coverage by ACFCS staffers, from videos to multimedia pieces, covering tips to better uncover shadowy Russian entities, including those interlinked with soaring sanctions tied to the Russia-Ukraine war, fresh career tips and analysis of three letters quickly becoming a major compliance headache: ESG.
  • The issue: authorities are finding some companies are misstating their formal and fiscal commitments to environment, social and governance initiatives, misleading investors and the public at large. The issue has become so expansive, it has even brought a new term to the fincrime and fraud fray: “greenwashing.”

Last Month Today is a new series from ACFCS to bring professionals a wrap-up of news, knowledge, industry updates and views important to you.

By Brian Monroe
bmonroe@acfcs.org 
June 3, 2022

In this monthly wrap-up, we take a look at some key federal investigative and regulatory trends, including renewed and rising fears of compliance chief individual liability in egregious failures and equally tense and terse settlements – enforcement actions that someone must be accountable for shepherding. 

We also offer industry coverage by ACFCS staffers, from videos to multimedia pieces, covering tips to better uncover shadowy Russian entities, including those interlinked with soaring sanctions tied to the Russia-Ukraine war, fresh career tips and analysis of three letters quickly becoming a major compliance headache: ESG.

What do they stand for and why are they rising in importance?

Environment, Social and Governance initiatives have burst onto the scene with the public, investors and corporates caring more about social justice, sustainable initiatives and companies not giving organized criminal groups easy entre into the international financial system.

But authorities are finding some companies are misstating their formal and fiscal commitments to such initiatives, misleading investors and the public at large.

The issue has become so widespread and pervasive, it has even brought a new term to the fincrime and fraud fray: “greenwashing.”

The takeaway for fincrime compliance teams – including anti-money laundering (AML), fraud and sanctions fighters – is that ESG is more tightly intertwined with compliance as the C in that word falls under the G of governance.

A major failing in your countercrime compliance program could come tethered with regulators or authorities scrutinizing the G and the ES.

Looking at the inverse of that dynamic, fumbles and stumbles in the ES could bring unwanted probes of the G – and ultimately C of your broader compliance controls. 

ACFCS coverage

Sanctions: Using OSINT in Russian tax IDs to connect companies, criminals

The Inside Track: When working to comply with rising Russian sanctions, uncover opacity-enabled oligarchs, use tax IDs to connect cronies, companies

The Russian Invasion of Ukraine and leveling of new sanctions has required everyone in the financial industry to improve their due diligence efforts regarding firms in Russia and Ukraine.

With Russian political powerbrokers and billionaire fat cats looking for every trick in the book to evade sanctions, that puts intense pressure on banks and businesses to uncover current or past connections.

But how?

One way is by getting to know Russia’s taxpayer identification number system because every entity – corporate and corporeal – must have one, according to Thomas Mangine, the Money Laundering Reporting Officer (MLRO) for the Bank of Montreal.

To read the full story, click here.

The View from the Top: Sanctions Response 2022 – A Guide to Leveraging Your Own Data to Mitigate Risks Following the Russian Invasion of Ukraine

Longtime fincrime compliance thought leader Rob Loh, Senior Director at Huron, offers a deep and detailed analysis of key tactics financial institutions and corporates more broadly can use to gauge how blacklisted groups and entities on sanctions lists have touched their operations.

In short: By examining current data on past interactions with Russian and related entities – some that were not designated by any jurisdiction at the time – institutions can craft bespoke, tailored and multi-dimensional risk profiles charting legal, regulatory and reputational exposure points.

Sanctions compliance, a challenge in the best of times, has become a more vexing issue for financial institutions and businesses with designations nearly tripling in just a few months – and rising weekly.

To read the full story, click here.

Emerging Risks Interview Series: Environmental, Social, and Governance Risk: The New Risk Frontier?

In ACFCS’s Emerging Risks series, we sit down with Thomas Mangine, Money Laundering Reporting Officer (MLRO) for the Bank of Montreal, to explore how Environmental, Social, and Governance risk (ESG) is helping financial institutions examine their levels of risk in a new way.

Tom provides his expertise on how ESG emerged, which institutions are implementing it, and how it may evolve over time.

To read the full story, click here.

Fincrime Career Tips and Tricks: What are the keys to compliance career success? Be inquisitive, ubiquitous, hardworking, and above all, have unshakeable honesty, integrity

In this initiative, ACFCS is engaging the fincrime compliance community for wisdom and practical insights on how to enter and rise in a fulfilling but demanding and everchanging field.

For this tip, we travel to Bangladesh, to see through the eyes of a seasoned central banker with more than a decade of experience examining banks for financial crime compliance controls, with additional scrutiny of foreign exchange operations.

For Mustafa Najmus, it was a brush with corruption in college that makes him bristle to this day at the grimy grip of graft.

He knows all too well that influence peddling and bribery can hamstring all areas of fighting financial crime, a perennial challenge for a region once known as one of the most corrupt countries in the world.

To read the full story, click here

Compliance

DOJ Wants Companies to Let Compliance Chiefs Do the Talking

The Justice Department’s Criminal Division leader had a warning for companies negotiating resolutions with federal prosecutors: If your compliance chiefs don’t speak up, it might reflect poorly.

That is the message from Criminal Division Assistant Attorney General Kenneth Polite during a speech at a recent Washington compliance conference.

Polite, who was previously a federal prosecutor and an energy company’s chief compliance officer, shared a telling example of a recent DOJ sitdown with a company’s outside counsel, general counsel, and compliance leader.

During the presentation, a DOJ representative directed a question at the CCO, but the general counsel answered instead.

“That single act gave me all the information that I needed,” he said in. “That one act demonstrated that—literally and figuratively—that chief compliance officer had no voice in that organization.”

To read the full story, click here.

Enforcement

US Treasury issues first-ever sanctions against a cryptocurrency mixer

The department has issued its first sanctions against a Bitcoin mixer, Blender.io, for allegedly and “indiscriminately” helping North Korea launder over $20.5 million in crypto from the $620 million Axie Infinity heist and other crimes.

Cryptocurrency mixers are sometimes used to help online criminals launder their stolen money by hiding its true origins, and the US Treasury is now ready to clamp down on them when hostile governments are involved.

To read the full story, click here.

How long did Rabobank know about major AML lapses?

Rabobank management allegedly knew about money laundering for years

What’s the story: Rabobank has allegedly been aware for the past eight years that its approach to money laundering was inadequate.

An internal audit in 2014 failed most of the bank’s local offices for poorly screening money laundering risks, years before the bank came clean publicly, NRC reports.

Didn’t the bank already get penalized for AML failings?

Technically, yes.

Although the bank announced in early 2019 that it had been fined by Dutch central bank DNB for insufficiently screening thousands of customers, reporting by NRC reveals the problem went back much further in time.

The 2014 audit prompted intense discussions between Rabobank’s head and regulator DNB.

DNB announced in November 2021 that it had started a criminal procedure against Rabobank.

How did the bank respond?

In response, Rabobank announced early this year that it would allocate an additional 249 million euros to improve its anti-money laundering policy.

To read the full story, click here

Resource: Big name law firms tag team to analyze AML in the U.S.

International Comparative Legal Analysis: What will happen with AML in 2022

What is it: This weighty tome by many of the biggest and most respected law firms, and related high-profile legal minds, does a deep dive on AML focal points and challenges for 2022.

How can this resource help me?

The lengthy and detailed report offers help to fincrime compliance teams at all levels of institutional knowledge and resources and experience levels.

It offers a section-by-section analysis of the U.S. AMLA, a transformative piece of legislation upending the field and coming into force in tranches this year.

The attorneys offer perspectives on what the new standard of “effectiveness” entails from the legal, regulatory and operational perspectives.

To read the full report, click here

EU: Digital asset focus

European Union plans to add NFTs to its crypto regulatory laws

What happened: The European Union is considering adopting fincrime compliance and related regulatory rules to the burgeoning virtual asset industry. The EU might be announcing the flexibility of its laws in MiCA, a regulatory scheme that has been in the negotiation stage since 2020.

The EU would be adapting its laws due to the strong crypto adoption that the continent is experiencing. Countries in Europe have changed their view towards crypto after Bitcoin, as its most significant market cap token, hit an ATH above $67,000.

Isn’t the EU already working on a big crypto compliance package?

The MiCA plan, the acronym for Markets in Crypto Assets, is based on decentralized currencies, stable tokens such as the EUR or USDT, and to see what problems it will give the traditional financial economy.

The members of the European Union would be creating laws that would go against money laundering and virtual fraud. NFT trading and DeFi projects are reported to be out from MiCA plans.

However, given the rise in adoptions of non-fungible tokens through virtual auctions in Europe, the European Union is considering extending its laws to the emerging market.

Coindesk indicates that the EU could require NFT creators to register in MiCA. On the other hand, the EU could create strict laws against Bitcoin mining due to the high electricity consumption.

To read the full story, click here

Cybersecurity: Ransomware rapscallions are at it again!

Ransomware hackers sidestep U.S. sanctions with a new trick: Rebranding

What happened: Ransomware hackers sanctioned by the United States have learned to rebrand, a strategy to sidestep blockers, dupe victims and get their money.

The bigger picture: It’s the most recent development in the U.S. vs. cybercriminals, sanctions vs. sanctions evaders in a multi-billion-dollar showdown.

Why are you highlighting this now?

A new study found Russian cybercriminal gang, Evil Corp, changed tactics almost immediately after a U.S. Treasury advisory.

The gang was already under sanctions when the department announced it was responsible for a strain of ransomware software called WastedLocker.

The result: Like an evil villain, they redoubled their efforts, rebounded and rebranded.

Why should compliance teams care?

Many reasons, including:

Countercrime teams need to know the latest permutations and naming conventions tied to ransomware groups, hackers, schemers and scammers.

To protect customers, banks also need to know how the fraudsters are operating to stop money from leaving the bank.

Similarly, AML teams looking at transactions need to think backwards, and imagine how these funding flows could be stealing from customers and enriching foreign hacking groups, and reporting those findings back to the fraud team.

To read the full story, click here

ESG: Regulators, investigators cracking down on environment, social, governance claims

Deutsche Bank raided by authorities over ESG ‘greenwashing’ claims: ‘We’ve found evidence that that could support allegations of prospectus fraud’

What happened: German law enforcement officials raided the offices of Deutsche Bank on suspicion of the fraudulent advertising of sustainable investment funds at its DWS unit.

What do they believe the bank did wrong?

There are several pieces to the puzzle, including:

  • Investment strategies: The investigation revolves around allegations hat the retail money management business engaged in “greenwashing.”
  • What’s greenwashing: When environmental, social and governance (ESG) investments are sold under false claims.
  • How did this come out: A former DWS manager leveled the accusations.

The bigger picture: The raid deals yet another setback to CEO Christian Sewing’s attempts to move on from years of corruption scandals.

To read the full story, click here