News & Press: ACFCS News

Financial Crime Wave – DOJ takes harsher stance on cooperation credit, SEC vs. ICOs, and more

Wednesday, December 5, 2018   (0 Comments)
Posted by: Brian Monroe
Share |

By Brian Monroe
bmonroe@acfcs.org

December 5, 2018

In this week’s Financial Crime Wave, the U.S. Department of Justice revises the prerequisites to get cooperation credit in corporate cases, with a focus on giving up complicit senior executives, the Securities Exchange Commission loses court fight to penalize virtual currency initial coin offering, Danske bank scandal could hurt country, and more.

Individual liability

DOJ charts revisions to policy granting leniency for corporate cooperation, takes harsher prosecutorial tone by requiring information on all complicit senior officials

Federal prosecutors will now take a harsher stance for allowing cooperation credit for corporate investigations and settlements by requiring that all – and not just some – senior executives involved are brought to light, a move that will add needed consistency in compliance negotiations but could make leniency more difficult to achieve in high-profile cases. In a November 29, 2018 speech, Deputy Attorney General Rod Rosenstein announced a softening of the US Department of Justice’s (DOJ) policy on giving credit for cooperation in corporate prosecutions.

As memorialized in the 2015 memo titled Individual Accountability for Corporate Wrongdoing (known as the “Yates Memorandum”), DOJ had followed an “all or nothing” policy that barred corporate defendants from receiving cooperation credit if they failed to provide information on all employees who were involved in criminal conduct. But that strict cooperation credit requirement has now given way to a regime that allows prosecutors to give credit even where companies provide information only on those employees who were “substantially involved in or responsible for the misconduct at issue” and “provide . . . all relevant facts relating to that misconduct.”

On the plus side, the attention on the actions of senior executives could allow financial institutions to do a more focused internal review at the upper echelons of bank, rather than wasting sparse investigative resources on attempting to uncover the involvement of all rank and file staffers. According to Rosenstein, DOJ’s aim is to have a policy that works in the real world of limited investigative resources. Rosenstein acknowledged in his speech that the prior policy was “not strictly enforced” in certain cases,4 echoing previous comments where he cited frustration among private sector attorneys at the inconsistent application of the cooperation requirements.

DOJ has adopted a similar approach on both criminal and civil matters, although the guidance on civil matters is explicit that companies must disclose any involvement of senior management or the board of directors or risk receiving no cooperation credit:6 the new policy “prohibits our attorneys from awarding any credit whatsoever to any corporation that conceals misconduct by members of senior management or the board of directors, or otherwise demonstrates a lack of good faith in its representations,” (via WilmerHale).

Securities/virtual currencies

In what could be a precedent-setting case, a federal court has ruled in favor of a crypto ICO, stating SEC couldn’t prove ICO was a security

Last week, the U.S. federal court ruled a case between the U.S. Securities and Exchange Commission (SEC) and a crypto initial coin offering (ICO) project called Blockvest in favor of the ICO project. Marco Santori, the president and chief legal officer at Blockchain, said: “The SEC brought an enforcement action against a company called Blockvest, alleging that Blockvest’s ICO was a securities offering. SEC asked the court for a preliminary injunction (an order freezing Blockvest’s assets, among other things) so it called a hearing on the evidence.” The SEC failed to justify that the ICO in question was actually a security and the court refused to acknowledge the token as a security solely based on the distribution method of the asset.

The unexpected decision of the federal court is not necessarily a loss for the SEC nor a huge victory for the cryptocurrency sector. As SEC chairman Jay Clayton said, most ICOs that investors in the market talk about are mostly considered securities under existing U.S. regulations. But, the outcome of the case established a precedent for the market and with some technicalities, some ICOs could potentially challenge the SEC in court and win a case if supported by sufficient evidence. The SEC and investors in ICOs could also become more cautious in filing a lawsuit against an ICO project, as the court requires the plaintiff to explicitly describe the nature of the asset as a security, unaffected by the method in which the asset was introduced to the market, (via CCN).

Sanctions/virtual currencies

North Korean hackers take aim at individual crypto investors as sanctions squeeze regime

North Korean hackers have taken to stealing cryptocurrency from individual investors as part of a new strategy by Pyongyang to blunt the impact of international sanctions. The targeting of individuals holding virtual currencies such as bitcoin marks a departure from its previous methods, which have targeted exchanges and financial institutions. Analysts say the shift shows Pyongyang is seeking a new source of income as it buckles under sanctions targeting its illicit nuclear weapons program. “Previously, hackers directly attacked exchanges,” Simon Choi, the founder of the cyber warfare research group IssueMakersLab, said. “They targeted staff at the exchanges, but now they are attacking cryptocurrency users directly.”

“With the US, the UN and others imposing sanctions on the North Korean economy, North Korea is in a difficult position economically, and cryptography has come to be seen as a good opportunity.” Kwon Seok-chul, CEO of South Korean cybersecurity firm Cuvepia, said his company had detected more than 30 cases since April in which suspected North Korean hackers had preyed on people holding cryptocurrency. “They are just simple wallet users investing in cryptocurrency,” said Kwon, adding that some cases had probably gone undetected and that the true number may be well over 100, (via SCMP).

Enforcement

Does the excessive fines clause apply to civil forfeiture actions filed at the state level

On November 28, 2018, the Supreme Court heard oral argument in Timbs v. Indiana, a case in which the Court will decide whether the Excessive Fines Clause of the Eighth Amendment applies to the states in civil asset forfeiture cases. This article summarizes the facts of the case, the constitutional issue raised, the arguments of counsel, and collateral issues regarding the application of the Excessive Fines Clause that were raised by individual justices in the course of the argument.

At issue is the potential abuses by federal, state and local law enforcement agencies that have, in some cases, used civil asset forfeiture powers to take money and property from individuals before an investigation and never give it back – even if they are later found innocent of any crime, (via Asset Forfeiture Law).

Financial transparency

Tax transparency watchdog urges Israel to step up moves against money laundering

After global index puts Israel in top third of most financially secretive countries, NGO calls for more public scrutiny and regulations to stop rich from hiding their assets, (via the Times of Israel).

Money laundering

Money laundering could affect financial stability, Danish central bank warns

A money laundering scandal at Danske Bank involving billions of euros of suspicious flows is serious enough to potentially affect the country’s financial stability, the central bank warned on Friday, a rare statement revealing how lax compliance processes at even one large bank in a region can have disastrous, countrywide consequences.  Denmark’s state prosecutor filed preliminary charges on Wednesday against Danske Bank, Denmark’s largest lender with a balance sheet 1-1/2 times Danish gross domestic product, for alleged violations of the country’s anti-money laundering act in relation to its Estonian branch.

In a report published on Friday the central bank said money laundering issues at a single bank could spread to the entire financial sector. Danske Bank in September disclosed payments totaling 200 billion euros ($227 billion) through its Estonian branch, many of which the bank said were suspicious. It is being investigated by authorities in Denmark, Estonia and the United States and could face sizeable fines, (via Reuters). To see the charges and a bank statement, click here.

Former bank owner sentenced for massive money laundering scheme 

A former owner of Banco Peravia bank in the Dominican Republic was sentenced to three years in prison last week for his role in a billion-dollar money laundering scheme involving currency exchange, (via DOJ).

Risk management  

Data, behavioral science gain momentum as compliance, risk tools, says global survey

Some innovative companies are fueling a trend by hiring behavioral scientists to assist their risk management functions, while many others are considering adding behavioral science expertise to their organizations, according to a new study by the law firm Ropes & Gray. The global survey of 300 senior executives finds that adopting a data-driven approach to compliance and risk management increases the need for behavioral science skills, as companies strive to better understand what the data is telling them in terms of employee risk factors and how behavior is influenced.

More than half of those surveyed (55 percent) were aware of benefits to using behavioral science to inform risk management, audit, and compliance, and a significant majority of those (84 percent) say they believe it would be helpful or very helpful in helping them identify and manage their risks going forward. Other major findings of the survey include:

  • 61 percent said clear guidance regarding laws and regulations is one of their top considerations when helping employees understand compliance.
  • 57 percent cited culture of a country or region as a major obstacle to the implementation an effective compliance framework.
  • 83 percent use informal background checks conducted internally to carry out third-party diligence, (via Henry Engler).

Compliance

In latest OCC risk perspective, AML risks remain ‘elevated’ as banks juggle multiple rising regulatory focal points, attempt to ferret out crypto criminals

The largest and most complex banks in the United States still face “elevated” financial crime compliance risks as they must more adroitly juggle resources to appease regulators also seeking to ensure better overall protection to consumers while at the same time countering soaring criminal crypto vulnerabilities, according to a just-released regulatory update. Those are just some of the takeaways from the U.S. Treasury’s Comptroller of the Currency’s (OCC) Semiannual Risk Perspective covering the Fall period.

The risk perspective, as it has done in several prior missives, notes that AML risk continues to be “elevated” due to a bevy of reasons, including:

·         Compliance risk remains elevated as banks seek to manage money-laundering risks in a complex, dynamic operating and regulatory environment. In addition, the adoption of new technologies and other innovations and implementing changes to policies and procedures to comply with amended consumer protection requirements are challenging banks’ compliance risk management processes.

·         It is important for management at banks of all sizes and business models to consider innovation and emerging industry trends in their strategic planning processes. Strategic planning should include a discussion of the evolving needs and preferences of existing and potential future bank customers.

·         Failure to appropriately consider innovation and the responsible adoption of technology could pose strategic risk to some banks. Consumer compliance, Bank Secrecy Act/ anti-money laundering (BSA/AML), third-party, and operational risk should be closely monitored depending on the partnerships, products, and technologies adopted by the bank.

·         Complex and dynamic activity is not only in the form of traditional products and services but now may also relate to increases in virtual currency and crypto assets, which may create vulnerabilities that criminals can exploit for money laundering, terrorist financing, and other criminal enterprises.

·         The majority of BSA/AML-related deficiencies identified by the OCC stem from issues related to customer due diligence/enhanced due diligence, customer risk identification, and processes related to suspicious activity monitoring and reporting, (via the OCC).

Russia investigation

Democrats are prepping to take control of the House Intelligence Committee and in preparation, they are hiring money-laundering and forensic accounting experts who will examine President Trump’s potential monetary ties to Russia, (via the Hill Reporter).

Finra offers insight, strategies to better secure virtual value vaults

As part of its series on the emerging world of digital assets, the U.S. securities’ sector’s chief self-regulatory body, the Financial Industry Regulatory Authority (Finra), tackles key strategies to better store and secure crypto currencies – currently a top target for a wide array of criminal, hacker and rogue nation state groups. Additional articles explore Initial Coin Offerings, digital tokens, the virtual currency regulatory landscape and tips to avoid fraud and scams in this area, (via Finra).

Investigations

Deutsche Bank headquarters raided in money laundering investigation tied to Panama Papers

German police spent two days last week searching the bank's HQ and five other offices in Frankfurt, part of a probe into whether the bank facilitated suspicious transactions tied to customers in offshore tax havens. German prosecutors alleged that two unnamed employees of Deutsche Bank helped clients launder funds and conceal potentially illicit activity, to the tune of hundreds of millions of euros. Investigators reportedly searched the offices of the bank's board of directors on Friday November 30th, after about 170 agents took part in Thursday's action.

The case was prompted by information contained in the Panama Papers, the massive trove of documents that was leaked from law firm Mossack Fonseca in 2016. That data dump and subsequent analysis and reporting by journalists ensnared politicians and has already led to enforcement actions targeted at other financial institutions.

Deutsche Bank has faced a series of investigations and is no stranger to enforcement actions in recent years, paying about $700 million in AML penalties in 2017. The scale of this most recent investigation suggests more trouble to come. One notable issue is the time period in which the wrongdoing allegedly took place - German prosecutors have stated they are examining conduct that took place from 2013 to 2018, at a time when the bank was already under regulatory pressure to improve its compliance controls (via the New York Times).

Cybersecurity

Marriott reveals theft of information from 500 million customers in years-long data breach

The hotel giant released a statement on Nov. 30th that said nearly half a billion customers who made reservations at their Starwood properties had their data compromised, in an attack that apparently dated back to 2014. According to Marriott, the attack potentially exposed personally identifying information and passport numbers of an estimated 327 million guests, and the company couldn't rule out that payment card data was also stolen. The company's internal investigation is ongoing.

Attackers reportedly encrypted the data stolen on Marriott's servers to avoid detection, which is complicating efforts to investigate. The attack is one of several on major international hotel chains that have come to light in recent years, suggesting that cybercriminals are finding tempting targets in the hospitality industry (via KrebsOnSecurity).

TNOCs

Latin American organized crime turns to China to launder money

Recent cases have shown that drug trafficking organizations in Latin American are utilizing Chinese financial institutions to launder funds, and experts see growing coordination between Chinese gangs and criminal groups in the LatAm region. In 2017, The US Drug Enforcement Administration warned in its annual assessment that criminal outfits in Mexico, Venezuela, the Dominican Republic and Colombia were using Chinese organized crime as facilitators to move funds through institutions in China. More recently, US authorities brought a case against 18 members of a Mexican drug cartel earlier this year who laundered funds through Chinese banks.

Closer economic ties between China and some Latin American countries have helped foster this criminal collaboration. Historically, Chinese institutions have also struggled with effective AML controls, leading US state and federal agencies to bring sizable penalties against the Industrial and Commercial Bank of China, Agricultural Bank of China, and others in the past three years. (via Dialogo-Americas).

Regtech

The Financial Crimes Enforcement Network (FinCEN) and its regulatory partners this week issued a joint statement encouraging banks and credit unions to take innovative approaches to combating money laundering, terrorist financing, and other illicit financial threats, while at the same time also exhorting examiners to not ding banks for trying something new. 

The communique was direct on that issue in particular: "The joint statement notes that innovative pilot programs in and of themselves should not subject banks to supervisory criticism, even if the pilot programs ultimately prove unsuccessful. Likewise, pilot programs that expose gaps in a BSA/AML compliance program will not necessarily result in supervisory action with respect to that program.

"The joint statement also notes that the agencies are open to engaging with banks to discuss pilot programs for innovative BSA/AML approaches. As banks pursue innovative change, early engagement can promote a better understanding of these approaches by the agencies, as well as provide a means to discuss expectations regarding compliance and risk management," (via FinCEN).


©2018 Association of Certified Financial Crime Specialists
All Rights Reserved