In shutdown, AML, terror agencies scrimp on guidance, regulations, GTOs, foreign info sharing
Sunday, January 13, 2019
Posted by: Brian Monroe
A tourist in Philadelphia takes a picture through a window of the closed building housing the Liberty Bell on January 8. Matt Rourke/AP. To read the full CNN, story, click here
During government shutdown, U.S. AML, terror agencies scrimp on new guidance, regulations, foreign, domestic info sharing, GTOs
By Brian Monroe
January 13, 2019
As the record partial government shutdown continues, eclipsing three weeks, the hampered operations are taking their toll on U.S. financial crime defenses, with agencies issuing fewer pieces of guidance, rules, regional risk assessments and halting responses to certain domestic and foreign information sharing requests, just to name a few.
Operations responsible for U.S. anti-money laundering (AML) investigations, data analyses and enforcement are working with a fraction of their normal staff counts, while other agencies focused on terrorists, rogue nations and transnational organized criminal groups will only be able to provide limited support for cybersecurity breakdowns and requests for help from private sector partners, like financial institutions.
Even in its pared down form, these agencies are continuing on domestic and international priorities set in 2018 and likely to be given even more momentum this year, including what funds are flowing into and through the U.S. through foreign correspondent accounts, and how the country is defending against more aggressive cyber-espionage incursions from Russia, China and North Korea.
The shutdown is the result of a tug-of-war between President Donald Trump and his insistence on building a nearly $6 billon wall between the U.S. and Mexico, a multi-party impasse resulting in the most extensive closure of federal agencies in the country’s history – and currently without a hard deadline on when it will end.
On the federal examiner end, the shutdown "will not directly affect the operations of the federal banking agencies because they are not subject to appropriations. The FDIC and OCC are independently funded via bank assessments. The Federal Reserve System is funded through its market activities, and the CFPB is directly funded by the Federal Reserve," according to the Conference of State Bank Supervisors.
In the case of the U.S. Financial Crimes Enforcement Network (FinCEN), the bureau charged with administrating the country’s AML framework, since Dec. 22, it has been juggling losing more than half of its staff, causing it to make tough decisions on what to keep going and what to cut, in government parlance “excepted” and “non-excepted” activities.
The details are spelled out in a “Lapse in Appropriation Plan,” delineating how FinCEN will operate with a skeleton crew.
During a lapse in appropriation, activities identified as excepted at FinCEN are “those where there is a reasonable and articulable connection between the function to be performed and the safety of human life or the protection of property, and some reasonable likelihood that either or both would be compromised in some significant degree by the delay in performance of the function in question.”
Overall, FinCEN stated that excepted activities also include “advancing national security through the conduct of foreign relations, address of foreign threats, or further related policy issues,” according to the lapse in appropriations document.
But it has to do that with a heavily trimmed staff.
FinCEN has “approximately 285 expected on-board, 15 detailee, and 220 contractors on-board,” according to the document. “Of the 285 employees, 130 are designated as excepted and approximately 155 are designated as non-excepted.”
FinCEN also stated certain AML enforcement actions will take longer to conclude, but that move should ensure continuity for receiving the millions of AML filings sent daily to the financial intelligence unit’s database related to potential illicit activity and transactions breaching the $10,000 threshold – along with ensuring no current or incoming data is damaged or lost.
These individuals “will provide financial intelligence support to law enforcement and intelligence communities, support priority civil enforcement action, address dissemination issues, ensure continuation of BSA filings, maintain computer operations to prevent loss of data, maintain telecommunications, and provide support to excepted functions.”
FinCEN government shutdown snapshot: What is, and isn’t, affected depends on excepted, those that will continue, and non-excepted duties, or those that will be forced to go on hiatus
· Responses to new routine foreign financial intelligence unit requests to exchange information in support of foreign law enforcement investigations;
· On-going efforts to issue regulations and guidance/outreach to industry;
· Longer term, non-time sensitive projects with respect to development of strategic policy;
· Routine, non-time sensitive BSA compliance investigations and enforcement actions; Development of geographic and industry assessments, comprehensive reference materials, and other strategic analysis efforts;
· Signing new data access memorandums of understanding (MOUs) or compliance information sharing MOUs with federal and state regulators;
· Hosting or participating in training, conferences and speaking engagements;
· Support of information technology (IT) requests not related to essential functions, including new IT development efforts and Capital Planning and Investment Control (CPIC) and other e-gov reporting; and
· Developing or revising standard operating procedures or work methods/strategies.
· Provide time-sensitive financial intelligence support to law enforcement and intelligence agencies for functions that are authorized to continue during a furlough, including BSA access, analysis and case support for ongoing criminal and counter-terrorism investigations, U.S. sanctions designation and 314 (a) requests for terrorism or money laundering investigations;
· Research foreign financial intelligence unit (FIU) spontaneous disclosures of information and time-sensitive case requests to maintain foreign relations essential to national security and to aid criminal investigations by domestic law enforcement;
· Continuation of processing BSA filings from the financial industry which are highly useful to law enforcement and national security investigations, including operation of the associated regulatory helpline and the financial institutions suspicious activity hotline;
· Support enforcement cases worked in parallel with law enforcement agencies performing functions that are authorized to continue or which are subject to a strict statute of limitations;
· Support the use of targeted financial measures under section 311 of the USA PATRIOT Act against foreign jurisdictions and entities in support of U.S. national security and foreign policy;
· Support BSA certification requests for use in law enforcement court proceedings that are authorized to continue;
· Operation and maintenance of computer operations to prevent loss of data; and maintain telecommunications, including help desk support, for excepted personnel and activities;
· Operation and maintenance of computer systems used by external stakeholders that continue operations during a furlough (BSA E-filing System, FinCEN’s system of record, FinCEN Query, Advanced Analytics, 314 (a), FIR, and Egmont Secure Web);
· Security monitoring and incident management of information technology resources;
· Engagement and support to National Security Staff and the Inter-agency on pressing national security policy and interpretation issues, including those pertaining to law enforcement and the state and federal regulatory community;
· Engagement within FinCEN and Treasury on pressing strategic policy issues that arise within the context of any continuing operation;
· Continuation of FinCEN’s BSA information collection activities due to expire in accordance with the Paperwork Reduction Act (e.g., the FinCEN Suspicious Activity Report, Form 111, and the FinCEN Currency Transaction Report, Form 112);
· Handling of budget matters related to the lapse in appropriations, the processing of critical personnel, payroll actions, employee notifications and substitutions, and acquisition issues.
Terror, intelligence stopgaps
At the U.S. Office of Terrorism and Financial Intelligence (TFI), which works on countering terror threats against the country and sharing critical details on a broad array of financial crime investigations, it also must attempt to prioritize and keep things running without missing the red flags of a potential terror event that could hurt U.S. citizens and foreign-based forces.
The agency also has a plan in place for government shutdowns, focusing on monitoring and addressing the highest level threats against the U.S., including capturing, communicating and coordinating critical information with top Treasury brass, and the military and intelligence communities and ensuring global sanctions regimes don’t fall by the wayside.
But, like FinCEN, TFI is being forced to limit also vital areas, including communicating with the financial sector on key threats and sharing those details with U.S. and foreign banking authorities, particularly analyzing AML data.
TFI Government shutdown snapshot: A focus on top terror threats, sanctions programs, with ‘limited’ analysis of AML SAR data, support for cyber breakdowns
The Office of Terrorism and Financial Intelligence (TFI) will continue to perform the following functions during a lapse of appropriations:
· Monitor and disseminate intelligence reporting on anticipated or actual events to Treasury leadership and other law enforcement, intelligence and military authorities; maintain SCI/collateral communication connectivity with NSC and intelligence community (Watch Officers excepted for protection of life and property)
· Administer the Specially Designated Nationals (SDN) list and enforce economic and trade sanctions as directed by the Secretary
· Implement and administer new sanctions on foreign countries or targeted individuals or entities through newly issued Executive Orders (EO) as directed by the Secretary
· Develop and provide policy recommendations in response to national security incidents as directed by the Secretary
· Participate in national security policy and intelligence forums responsible for development of response to any national security incident (e.g., NSC Counterterrorism Security Group) as directed by the Secretary
· Ensure continuity of key regulatory and enforcement actions to preclude exploitation by adversaries during national security event/emergency
· Limited communications with financial sector participants, including finance ministries and central bank authorities of foreign states, regarding threats and emergent conditions, as directed by the Secretary
· Limited IT support to service those positions excepted from furlough
· Limited handling of incoming inquiries (Hotline calls)
· Limited analytic support (Bank Secrecy Act data, intelligence information, and international financial intelligence unit information including Egmont Secure Web (ESW) case support) to federal law enforcement agencies
· Use of Section 314 (a) Patriot Act authority, which enables federal law enforcement agencies, through FinCEN, to reach out to financial institutions to locate accounts and transactions of persons that may be involved in illegal activity
· Operations funded by other than annual appropriations, including TEOAF
Deeper cuts could cost lives
The Office of Foreign Asset Control (OFAC), which works with FinCEN and TFI on U.S. sanctions programs, stated it will also be shouldering more duties with a smaller staff, but would continue to monitor top foreign policy objectives, most likely regions like Iran and North Korea, Venezuela, China and Turkey, due to its propinquity to terror threats, particularly ISIS.
In its appropriation’s document, FinCEN stated the smaller staff levels can’t be shrunk any further, or it could end up resulting in opening the door to terror and other attacks that will cost lives.
“Forgoing these critical functions may prevent law enforcement and intelligence agencies from receiving timely information related to potential terrorism or ongoing crimes which potentially compromises safety of life and property,” FinCEN stated.