News & Press: ACFCS News

Financial Crime Wave – Bank freezes $5 billion in Russian funds, Feds hit Venezuelan ring, and more

Sunday, August 26, 2018   (0 Comments)
Posted by: Brian Monroe
Share |

By Brian Monroe
August 26, 2018

In this week’s Financial Crime Wave, Credit Freeze freezes $5 billion related to Russian sanctions designations, U.S. investigators target millions in assets linked to alleged Venezuelan money-laundering ring, Wells Fargo comments on medical marijuana banking, and more.


Credit Suisse freezes $5 billion of Russian money due to U.S. sanctions as banks fear more draconian sanctions could be coming

One of Switzerland’s largest banks, Credit Suisse, has frozen roughly 5 billion Swiss francs ($5 billion) of money linked to Russia to avoid falling foul of U.S. sanctions, according to its accounts, further increasing pressure on Moscow. The move by Credit Suisse, which owned aircraft surrendered by Russian tycoon Oleg Deripaska and had lent money to Russian oligarch Viktor Vekselberg before the sanctions, underscores a widespread fear among banks of reprisals from Washington for working with targeted Russian individuals and entities. For Russia’s elite, such steps could close off an important avenue for finance as well as a safe haven for billions of rubles of their wealth.

Long popular with wealthy Russians for its combination of bank secrecy, political stability and glitzy ski resorts such as Zermatt and St. Moritz, Switzerland has become one of the most important destinations for money leaving Russia. Roughly $6.2 billion, or 14 percent of total Russian cross-border outflows, went to Switzerland in 2017 — almost three times as much as went to the United States, according to Russian central bank data. The latest round of sanctions was announced in April by U.S. Treasury Secretary Steven Mnuchin to penalize Russia for its annexation of Crimea, involvement in the war in Syria and “attempting to subvert Western democracies,” (via Reuters).

Will U.S. impede Nord pipeline due to related entities?

The U.S. is considering designations that could impede the completion of the construction of the Nord Stream-2 by introducing sanctions against companies involved in the construction, with officials currently weighing whether to introduce the measures against the pipe-rolling companies only or to extend them to the organizations including the banks, which are funding the project, (via Vector News).


Cyber crime gathers pace, whereas number of UK hacking prosecutions declines – RPC data show

The number of prosecutions concerning unauthorized access to computer material in the United Kingdom (UK) fell 18 percent year on year to 47 in 2017, according to RPC. Although risks related to cybercrime have become more acute nowadays, the number of hacking prosecutions in the UK has dropped, even as cyberattacks and other data incursions soared to nearly two million such crimes last year, according to City-headquartered professional services firm RPC. To put the numbers in some perspective, let’s note that data from the Office for National Statistics, indicate that there were an estimated 1.7 million cyber-related crimes in the UK in 2017.

RPC attributes the low levels of prosecutions in this area to the fact that the police do not have the resource to tackle the problem effectively as cybercrime has become widespread and more complex. Many of the hackers targeting the UK are based overseas, in areas like the Baltic states, Russia and China, which makes it far more difficult for the UK police to prosecute them. Encryption and routing through proxies are often used to mask hackers’ identity and location, adding to the complexity, issues cited in the country’s recent National Risk Assessment. This role of digital currencies is apparent in three criminal areas, the report said, including:

  • They often facilitate victim payments to cyber criminals. This includes malware attacks such as ransomware, and cybercrimes-as-an-extortion, in which victim ransom payments are predominantly requested to be paid in Bitcoin.
  • Digital currencies boost the growth of cybercrime-as-a-service. They constitute the primary method of payment for criminal-to-criminal payments and for the purchase of illicit tools or services sold online in the cybercriminal marketplace.
  • Digital currencies play a vital role in laundering the proceeds of cyber-dependent crime, directly facilitating cyber criminal financial flows, (via Finance Feeds).

Money laundering

Feds target millions in assets linked to alleged Venezuelan money-laundering ring 

Federal prosecutors have frozen hundreds of millions of dollars in South Florida luxury real estate and other assets linked to a network of Venezuelan business people and former government officials
charged with laundering more than $1 billion that U.S. authorities say was stolen from the country’s vast oil income. Among the targeted assets are at least 17 South Florida homes, condos and horse ranches ranging in total value from $22 million to $35 million, based on property assessments in public records and real estate market estimates.

They include a condo in the Porsche Design Tower in Sunny Isles, a residence on Hibiscus Island overlooking Biscayne Bay, four homes in the exclusive Cocoplum neighborhood of Coral Gables, and two ranches in the wealthy equestrian community of Wellington in Palm Beach County. Also facing federal forfeiture: More than $45 million that has already been seized by U.S. authorities in the past year, along with additional deposits at City National Bank of New Jersey and other financial institutions in the Bahamas, England and Switzerland, (via the Miami Herald).


Former Swiss bank exec pleads guilty to laundering PDVSA corruption funds

A former Swiss bank executive has pleaded guilty to his role in role in a billion-dollar funds cleansing network stolen from a Venezuelan state-owned oil company. The former managing director and vice chairman of a Swiss bank pleaded guilty Wednesday for his role in an international scheme to launder $1.2 billion embezzled from Venezuelan state-owned oil company Petróleos de Venezuela, S.A. (PDVSA), funds obtained from bribery and fraud and moved through South Florida real estate, false investments and foreign exchanges, (via DOJ).


Wells Fargo makes rare statement on banking medical marijuana businesses legal at state level, states must follow federal rules

Wells Fargo addresses accusations it dropped Florida account due to “politics” surrounding medical marijuana businesses. The bank stated the assertion was “completely false,” and that it has “no political position,” on the issue, which has put state rules at odds with federal regulations. Wells Fargo stated it must follow federal laws stating banks can’t deal with businesses selling illegal products or engaging in money laundering, (via Wells Fargo).


U.S. regulators expand access to longer, 18-month exam cycles, and the people rejoice

U.S. federal banking regulators have agreed to expand access to longer exam cycles for U.S. and foreign banks, with more operations now eligible for extended, 18-month exam cycles, rather than the standard annual exercise. The interim final rules state that regulators are agreeing to offer eligibility to institutions with assets less than $3 billion, rather than the prior asset threshold of less than $1 billion, (via the Fed).


Hong Kong regulator embraces new AML enforcement powers, penalizes bank on AML

HKMA fines Shanghai Commercial Bank more than $630,000 for AML lapses as regulator levies third penalty under new powers.  The Hong Kong Monetary Authority (HKMA) has fined Shanghai Commercial Bank Ltd HK$5 million ($636,967) and reprimanded it for breaching anti-money laundering (AML) and counter terrorist financing rules that the region strengthened in 2012, (via Reuters).


Following U.S., U.K., DPA regime a landmark change to Singaporean law, allowing settlement alternatives in corporate AML, corruption cases

A recent landmark change to Singapore’s criminal justice system providing for Deferred Prosecution Agreements (DPAs), or voluntary alternatives to adjudication, should increase corporate accountability for acts of bribery, corruption, and money laundering. DPAs provide a powerful enforcement tool for prosecutors seeking to hold accountable companies that commit crimes and to prevent unlawful conduct from reoccurring. Broadly stated, a DPA is an agreement between a prosecutor and a corporate offender, under which the corporate offender commits to meet certain conditions and take certain measures over a period of years in lieu of facing a prosecution for past offenses. These measures may include the payment of a monetary penalty, continued cooperation with the government’s investigation, instatement of a corporate monitor, and implementation of an enhanced compliance program.

DPAs create powerful incentives for compliance. If a corporate offender fails to fulfil the terms of the agreement to the government’s satisfaction, the company faces the looming threat of future prosecution. Although prosecutors have wide discretion to shape the agreements, DPAs can be subject to judicial approval and oversight. In the U.S., courts have a narrow role in the process, generally approving DPAs without substantial intervention.  By contrast, DPAs in the UK are subject to judicial involvement from an early stage. The U.S. and UK DPA frameworks differ in other material respects. For example, U.S. prosecutors have the authority to enter into DPAs for a wide range of offenses, while UK law constrains the use of DPAs to specific offenses. In an emerging trend, several countries have recently enacted, or have announced plans to enact, their own DPA frameworks. These countries include France, Australia, Canada, and, topically, Singapore, (via the Anti-Corruption Blog).

BEC attacks

Criminals are using romance scam victims to launder funds stolen in corporate BEC cyberattacks

Criminals and hacking groups are taking victims they have already stolen funds and are doubly taking advantage of them – in this case using them as patsies to launder funds stolen in data breaches and email compromise attacks. On the long list of cybersecurity threats facing corporate leaders, romance scams would at first glance hardly seem to crack the top 10. What could cons of lonely middle-aged singles have to do with the business email compromise (BEC) attacks increasingly targeting American corporations? Plenty, it turns out. Recent Justice Department enforcement actions and published research reports have illuminated the connection: Romance scam victims are turned into money mules – conduits for funds stolen from corporations and other victims.

Scamming people online is relatively easy. The harder part is getting money out of the U.S. and back to Nigeria, where many of the scammers are based. A corporate treasurer is likely to hesitate before wiring tens of thousands of dollars to an unknown person or company in Nigeria, even if asked to do so by the company’s CEO. A transfer request like this is also more likely to raise eyebrows at the company’s bank, but a “consulting company” with a U.S. bank account is more likely to slip through unquestioned. The romance scam victim, who has an established history of transferring money to Nigeria, is the “consulting company” receiving the funds and transferring them onward. Why would these victims agree to do this? In many cases, they remain under the scammer’s spell and are willing to do whatever they are asked to do. In other cases, they have become financially desperate or they are being blackmailed to force their ongoing cooperation, (via Forbes).


Authorities arrest Head of Bitconnect India as group known for big crypto dreams dissolves into scam allegations, recriminations

Authorities arrested alleged India Bitconnect head, Divyesh Darji, this week at an airport in Delhi as he arrived from Dubai. He and conspirators are accused of bilking millions of dollars (Rs 88,000 crore) from Indian investors seeking to find financial refuge during the government’s demonetization campaign. The sad and at times infuriating case of Bitconnect continues to unravel around the world.

Local media reported Darji’s outfit was registered in the United Kingdom but essentially operated from the Burj Khalifa tower in Dubai. The tallest structure in the world since its crowning in 2010, it mirrors proponents of the famed project and now widely recognized scam, big. Everything about Bitconnect was big: big promises, big returns, big gains, big conferences, and, alas, a very big fall, (via


Pressure increases on U.S. president after conviction, plea of former fixers

Trump dealt double blow as Manafort convicted on eight counts and Cohen pleads guilty, (via the Guardian).


Childe welfare agency punishes internal fraudsters taking benefits meant for disaster victims

The Florida agency that oversees the welfare of children in our state has confirmed to a news station to that more than 30 of its employees have lost or are losing their jobs as a result of an investigation into possible fraud related to improperly acquired benefits related to Hurricane Irma disaster relief, (via News4Jax).


Russia-based hackers getting more aggressive in attacking U.S. groups

Russian hackers targeting conservative groups in widening range of cyberattacks. As a result, Microsoft removed six internet domains registered by a Russian hacking group that sought to mimic legitimate websites, (via the WSJ).

Military graft

Fat Leonard scandal grows

Three new indictments in long running Fat Leonard government corruption scandal. In the latest round, federal authorities have charged a retired U.S. Navy captain and two senior enlisted men with taking bribes from a Singapore-based defense contractor now face up to 20 years in prison if convicted, (via the FCPA Blog).


China proving naysayers wrong, can do more than copy

Is China becoming a world leader in AI? Some say the answer is yes, (via INC).

Virtual currencies

A prolific Bitcoin dealer ‘blew a giant hole’ through the US AML compliance framework: report

A Mexico-based “prolific bitcoin dealer” has been indicted and held without bond in the US on a number of international money laundering charges. He used Bitfinex for his exchange needs after Coinbase closed his account. His “activities “blew a giant hole” through the legal framework of U.S. anti-money laundering laws, the Department of Justice wrote. The U.S. Department of Justice (DOJ) announced Friday that a bitcoin dealer, Jacob Burrell Campos, was indicted for international money laundering and is being held without bond. Assistant U.S. Attorney Robert Ciaffa said during Burrell’s bond hearing on August 17 that: Burrell “was a prolific bitcoin dealer who sold approximately $750,000 worth of bitcoin to hundreds of buyers throughout the United States. He conducted 971 separate transactions with over 900 individual customers, and accepted cash in person, through his bank accounts, and through Moneygram.”

Ciaffa told the court that Burrell operated as a “bitcoin exchanger” and his activities constituted a money transmitting business. He was therefore required to register with the Department of Treasury and comply with all anti-money laundering requirements including “reporting suspicious cash transactions.” However, Ciaffa claimed that Burrell accepted cash “with no questions asked,” adding that he “supplied hundreds of individuals with an easy outlet to avoid the anti-money laundering laws applicable to all financial institutions, including licensed and registered bitcoin exchanges,” for a 5% fee, (via

Commonwealth Bank settles $110 million blockchain bond

Commonwealth Bank and the World Bank have claimed the world's first bond to be created, allocated, transferred, and managed via blockchain. According to CBA, the “$AUD Kangaroo bond,” Blockchain Offered New Debt Instrument (bond-i), which uses a private Ethereum blockchain, was created, allocated, transferred, and managed through its life cycle solely using distributed ledger technology. The two-year bond raised AU$110 million, (via ZDnet).

Corporate transparency

Illegal fishing, harm to Amazon forest linked to tax havens: study

Scientists called on Monday for greater transparency over the use of tax havens by companies involved in activities that have harmed the world’s oceans and the Amazon rainforest, another illicit activity given life by the corrupt bastion of corporate opacity. In a study published in the journal Nature Ecology and Evolution, they said many firms involved in illegal fishing worldwide used tax havens to register their vessels, while investments in farming that has damaged the rainforest often flow via offshore accounts.

The study follows the 2015 leak of the Panama Papers, which showed how wealthy individuals and companies use offshore schemes to reduce their tax bills. Seventy percent of fishing vessels implicated in illegal, unreported and unregulated catches had been registered at some point in a tax haven, led by Belize and Panama, the scientists wrote in the journal. By contrast, they said, only about four percent of all the fishing vessels registered worldwide are flagged in tax havens, (via Reuters).

New York

Next month comes another deadline for New York’s new cyber rules, with five fresh requirements coming online

The third compliance deadline for New York’s sweeping new cybersecurity regulation is less than three weeks away. That means five new requirements must be in place by September 4, 2018. Here’s a brief overview of some of the compliance requirements:

Ø  Audit Trails: The audit trail requirement is two-fold, both based on the organization’s risk assessment. First, it requires covered organizations to maintain audit trails that “are designed to reconstruct material financial transactions sufficient to support normal operations and obligations of the Covered Entity.” Second, the regulation requires the maintenance of “audit trails designed to detect and respond to Cybersecurity Events.”

Ø  Application Security: Section 500.08(a) requires that an organization’s cybersecurity program include “written procedures, guidelines and standards designed to ensure the use of secure development practices for in-house developed applications utilized … and procedures for evaluating, assessing or testing the security of externally developed applications….” Again, the scope of this provision is based on the entity’s risk assessment.

Ø  Monitoring: Covered entities are also required to ‘implement risk-based policies, procedures and controls designed to monitor the activity of Authorized Users and “detect unauthorized access or use of, or tampering with” nonpublic information. That requirement is found in Section 500.14(a) of the regulation, (via JDSupra).


Finra offers guidance for engaging third parties for compliance, technology assistance

A look at Finra’s guidelines for the use of third-party service providers, using examples relating to technology governance, cybersecurity and anti-money laundering (AML) programs. These topics were included in the Finra 2018 Regulatory and Examination Priorities Letter and were chosen to highlight the role of outsourcing across various focus areas, (via Mondaq).


Weak AML, enforcement drawing criminals to Germany

With lax counter-crime laws and crippling bureaucracy hamstringing investigators, criminals are flocking to Germany believe they feel it’s a great place to launder money, (via Handelsblatt).

©2018 Association of Certified Financial Crime Specialists
All Rights Reserved