Most Read ACFCS Articles of the Year: From the FinCEN Files to the Nordic and Baltic AML scandals, pandemic-fueled fraudsters and more

The Skinny:

  • As ACFCS has highlighted in multiple webinars and virtual events – the association’s first ever fully online conferences – illicit threat actors haven’t come up with new fraudulent and hack schemes, just new themes, wrapped in a way to ruin the present, just in time for the holidays.
  • Government agencies, regulators and law enforcement were also not immune from having to adapt to investigating and examining from afar – nor did they escape being hacked themselves.
  • The culprit? Forces within and without, by creative and aggressive outside forces or jaded insiders pilfering some of the most sacred and sacrosanct filings forming the foundation of anti-money laundering (AML) regime: suspicious activity reports (SARs).
  • So it’s no surprise that the top articles of the year at ACFCS cover many of these topics.
  • Some snapshots: The FinCEN files, the Baltic and Nordic money laundering scandals, guidance on when paycheck protection programs clash with AML rules, how the pandemic is hampering compliance and fueling crimes, like human trafficking, and more.
  • Enjoy this trip down memory lane as we highlight the most read stories of the year.

By Brian Monroe
bmonroe@acfcs.org
December 18, 2020 

There are so many reasons for everyone to want to close the door on 2020.

Pick your poison – deadly pandemic, domestic and international lockdowns, constricting economies, full sectors imploding causing millions to be out of work – and don’t forget the global toilet paper shortage. You feel charmed in just finding Charmin.  

The pandemic has caused terrible loss of life – a once in a generation event – after its explosion from Wuhan, China less than a year ago to the rest of the world: nearly 80 million cases of the novel coronavirus and more than 1.7 million deaths, according to Worldometers.

The fear, uncertainty and desperation caused by the endemic pandemic was also a perfect opportunity for callous fraudsters, hackers and criminal groups to engage in new diseased virtual fusillades.

The result: no respite from viruses in the real and digital worlds, including a surge in cyber-enabled fraud, ransomware attacks that have callously even locked down hospitals and scams around purported snake oil cures, unemployment and paycheck protection loans and, more recently, eblasts of tainted links tied to coveted vaccines.

As ACFCS has highlighted in multiple webinars and virtual events – the association’s first ever fully online conferences – illicit threat actors haven’t come up with new fraudulent and hack schemes, just new themes, wrapped in a way to ruin the present, just in time for the holidays.

Government agencies, regulators and law enforcement were also not immune from having to adapt to investigating and examining from afar – nor did they escape being hacked themselves, by creative and aggressive outside forces or jaded insiders pilfering some of the most sacred and sacrosanct filings forming the foundation of anti-money laundering (AML) regime: suspicious activity reports (SARs).

So it’s no surprise that the top articles of the year at ACFCS cover many of these topics, including analyses of what turned out to be a damaging data leak at the U.S. Treasury, compliance enforcement trends, the Baltic and Nordic money laundering scandals, guidance on when paycheck protection programs clash with AML rules, how the pandemic is hampering compliance and fueling crimes, like human trafficking, and more.

Enjoy this trip down memory lane as we highlight the most read stories of the year.   

Compliance/Cybersecurity/Insiders

In cryptic statement, FinCEN warns of leak, theft tied to SAR database, but whether a drip or a deluge, answer coming soon

It was a September to remember – and not in a good way – for the arbiter of the nation’s financial crime compliance defenses.

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit (FIU), in that month issued a statement about several impending news reports about a breach related to its AML filing database.

To read the full story, click here.

The bureau warned that a number of unnamed news agencies were on the cusp of publishing a series of stories about a leak or theft tied to the financial sector’s most sensitive and sacrosanct filings tied to potential fraud, money laundering and other crimes.

While FinCEN did not confirm the leak, the agency did say the news reports would cover unlawful disclosure of suspicious activity reports (SARs).

FinCEN holds millions upon millions of filings from banks tied to AML reporting rules tied to what banks consider potential indicators of illicit activity, typically more than $5,000, and direct or aggregated deposits of more than $10,000, called currency transaction reports (CTRs).

FinCEN stated it “is aware that various media outlets intend to publish a series of articles based on unlawfully disclosed” SARs, as well as “other sensitive government documents, from several years ago.” 

Just weeks later, the world found out the answer: it was a deluge that became known as the “FinCEN Files,” by the International Consortium of Investigative Journalists. But more on that in another of our top stories of the year. 

Compliance/Enforcement

Fincrime Briefing: AML fines in 2019 breach $8 billion, Treasury official pleads guilty to leaking, 2020 crypto compliance outlook, and more

More than $8 billion in AML fines handed out in 2019, with USA and UK leading the charge: analysis

In this piece, ACFCS highlighted some key fincrime compliance enforcement trends, always a popular topic as what regulators and investigators are highlighting as failures in other institutions can foreshadow future focal points and create a roadmap of what is expected by revealing what not to do.

In this January piece, Encompass carried out an analysis of AML-related penalties handed down between 1 January and 31 December 2019, revealing that, barring a massive $9 billion penalty in 2014, last year could have been a record at nearly double the overall actions and total penalty figure of the prior year.

To read the full story, click here.

Key observations:

  • 58 AML penalties handed down globally in 2019, totaling $8.14bn
  • This is double the amount, and nearly double the value, of penalties handed out in 2018, when 29 fines of $4.27bn were imposed
  • Regulators in the USA were most active, handing out 25 penalties totaling $2.29bn
  • UK followed with 12 fines totaling $388.4m
  • Largest monetary fine was $5.1bn and originated from France
  • Average monetary fine for 2019 was $145.33m
  • 2019 was record year, in terms of number of penalties handed out (58), ahead of 2016 (47)
  • Under half of penalties given out in 2019 were to banks (28 of 58), compared to two-thirds in 2018 (20 of 29)
  • Penalties handed down by regulators across multiple jurisdictions beyond the USA and UK: these were Belgium, Bermuda, France, Germany, Hong Kong, India, Ireland, Latvia, Lithuania, the Netherlands, Norway and Tanzania

The biggest year: 2014 still holds the record for the highest total value of fines at $10.89bn, but this includes an anomalously large penalty of $8.9bn. If this were to be removed, 2019 would take the lead.

Since 2015, annual AML penalty figures have been steadily rising each year. Multi-million dollar fines have been commonplace for a while, but we are now seeing more penalties of one billion dollars or over, with two in 2019 alone. 

Historically, the majority of these fines have been given to banks, but this year the proportion was less than half, demonstrating that money laundering is now recognized as a general business issue, not just one that is specific to financial services.

The news roundup also detailed the fate of the FinCEN leaker who we will give more details on very soon! Read on. 

Fraud

Scammers could be pilfering $26 billion in fraudulent coronavirus pandemic unemployment claims: Labor Department Inspector General

In this June piece, readers learned that a key component of the government’s more than $2 trillion CARES Act, an extra $600 a week in pandemic unemployment assistance, could be going to fraudsters – instead of deserving and desperate individuals who are out of work.

How much?

The Department of Labor’s Inspector General in a “conservative” estimate stated at the time that some $26 billion could end up being pocketed by fraudsters, a galling figure with more than 44 million Americans filing jobless claims, and many not yet receiving help at the state or federal level yet.

To read the full story, click here.

Even with banks already struggling to review the billions of dollars doled out as part of the more than $650 billion Paycheck Protection Program (PPP) – a core tenet of the CARES Act that allows companies to morph a bank loan into a grant if they can keep or rehire workers – they face another avenue for fraud.

An issue for AML officers to consider from the regulatory perspective: Do you have any customers, individuals, not businesses, who are receiving a state unemployment benefit?

This could look like, maybe $275 a week, the state benefit, and the $600 a week federal pandemic assistance? That is fine. But if these accounts are also depositing cash or getting ACH payments and wires from other sources, that could be fraudulent.

Even worse, if bank AML teams notice an account getting multiple of these payments each week – meaning a fraudster has stolen the identities of victims, individuals who may be out of work themselves and hanging on by a financial thread.

Compliance/Enforcement/Individual liability

Ousted Danske Bank CEO faces nearly $400 million lawsuit tied to historic money laundering scandal

In this February story, readers learned that the ousted chief executive of Danske Bank A/S, Thomas Borgen, had been personally targeted in an investor lawsuit arguing he withheld information about potential money laundering that subsequently destroyed the lender’s market value.

Deminor, a Brussels-based law firm, said at the time it had filed a legal complaint against Borgen on behalf of 155 institutional investors seeking damages of 358 million euros ($387 million).

To read the full story, click here.

The case was the latest in a string of legal proceedings against Denmark’s biggest bank, after it failed to properly screen about 200 billion euros in non-resident flows through its Estonian operations, much of which was subsequently deemed suspicious.

Prosecutors in Europe and the U.S. stated at the time they were looking into the case, and the bank could be facing hefty fines – figures that later came to fruition.

Danske’s market value had halved since the beginning of 2018, leaving investors furious. Borgen, 55, was fired in late 2018 and has since had preliminary criminal charges brought against him by police in Denmark.

Some compliance takeaways:

These moves by investors are not uncommon for high-profile AML failures, but were almost a guarantee involving banks tied to the Danske scandal, and of course Danske itself – the epicenter of the scandal, when the stock prices of the institutions plummeted after news became public.

But the fact that the suits are now targeting top executives give even more ammunition to AML compliance teams to sway the C-suite and even the board for more resources to bolster fincrime defenses or address uncovered issues quickly and completely.

These lawsuits are yet another reason that banks need to have strong financial crime compliance teams, lest they may face the same fate from irate regulators, investigators – and fuming and furious investors. 

But there is a next possible phase to these lawsuits that could cause more fracturing, concern and consternation in the ranks of compliance professionals. 

Will these lawsuits ever decide to target top AML officers or even the Chief Compliance Officer function? This is not a giant logical leap from top bank execs to top compliance execs.

Investigations/Human Trafficking

Special ATII Contributor Report: COVID-19 and Human Trafficking – Exacerbating Modern Slavery with a Global Health Pandemic

Here is a snapshot of this powerful contributed piece published in May from the Anti-Human Trafficking Intelligence Initiative:

The relentless march of the COVID-19 pandemic has affected human trafficking and human smuggling groups in different ways – causing one arena to dry up and another to surge.

For some human trafficking operations, they have seen profits fall as communities, states and even full countries lock down and “shelter in place,” so that means fewer customers for sex workers, in seedy motels or massage parlors.

Conversely, some human smuggling operations have seen demand for their services skyrocket as foreign nationals in already impoverished regions reach their breaking point and risk everything to illegally enter the U.S. or EU.

To read the full story, click here.

Overall, however, the severe economic downturn resulting from so many industries grinding to a halt has put millions out of work, making them easy prey for fork-tongued traffickers looking to reap new victims.

However, even without the influence of formal trafficking groups, some desperate individuals may themselves decide that with no one hiring and unemployment a paltry substitute or unavailable, they will become sex workers as a last resort.

These criminal trafficking trends also can leave a bevy of digital footprints for financial crime compliance professionals to follow, potentially uncovering the fiscal underpinnings of larger organized criminal groups and even saving victims.

Compliance/Enforcement/Cybersecurity/Insiders

Leak of thousands of FinCEN SARs reveals large international banks still struggling on AML, serving illicit gatekeepers, corrupt powerbrokers, terror groups: ICIJ report

Remember that warning FinCEN put out in September? This is what they were worried about.

Here is a snippet of what was one of the biggest stories of the year in the field of AML:

The highly-anticipated leak of sensitive, suspicious filings by the U.S. Treasury’s top counter-crime compliance body has turned into a deluge, a watershed moment for investigative journalism, but a dark damnation of the banking sector’s cumulative efforts to stop the illicit, the corrupt and the chaos bringers.

The International Consortium of Investigative Journalists (ICIJ) – the same group behind the Panama Papers, Paradise Papers and other seminal reports – Sunday broke its latest piece, reportedly revealing that the biggest banks in the United States, United Kingdom, Europe and other regions moved trillions of dollars for a criminal cabal of all stripes.

The media reports were based on thousands of leaked suspicious activity reports (SARs) filed by banks and other financial firms as part of their AML compliance program requirements with the U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN).

To read the full story, click here.

The stories by the ICIJ, Buzzfeed and other partner media groups also represent their most direct condemnation against the cumulative efforts of the current frontline vanguard of the fight against financial crime: the anti-money laundering (AML) compliance teams working at large global banks.

In all, ICIJ stated the cache of “documents identify more than $2 trillion in transactions between 1999 and 2017 that were flagged by financial institutions’ internal compliance officers as possible money laundering or other criminal activity — including $514 billion at JPMorgan and $1.3 trillion at Deutsche Bank.”

The records “show that five global banks — JPMorgan, HSBC, Standard Chartered Bank, Deutsche Bank and Bank of New York Mellon — kept profiting from powerful and dangerous players.”

Moreover, these high-risk engagements seemingly continued even after many of these banks paid hundreds of millions – and even billions of dollars – in fines for broad and longstanding AML and sanctions failures and continued as internal compliance teams raised a litany of concerns about loudly waving red flags, the ICIJ wrote.

FinCEN in the last two years has already had a high-profile case of SARs being leaked to the media.

In January, a senior Treasury Department official pleaded guilty to leaking confidential financial reports, after being charged with disclosing information related to Russia and the President’s associates.

Natalie Mayflower Sours Edwards, a senior adviser at FinCEN, entered a guilty plea to one count of conspiracy. She faces between zero and six months in prison as part of the deal.

In an 18-page criminal complaint, authorities detailed nearly a dozen stories published by news site, BuzzFeed, over the course of a year where Edwards served as a secret source.

She allegedly handed over specific details on individuals and related financial transactions, which potentially revealed monetary support for Russian meddling during the 2016 presidential campaign.

She originally stated she viewed herself as a whistleblower and even believed her actions would be protected.

The apparent goal was to uncover concrete financial linkages between these Russian activities and associates of President Donald Trump, including now convicted felon Paul Manafort, his former campaign manager, Paul Gates, the Russian embassy, and others.