In cryptic statement, FinCEN warns of leak, theft tied to SAR database, but whether a drip or a deluge, answer coming soon

The Skinny:

  • The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit (FIU), has issued a statement about several impending news reports about a breach related to its anti-money laundering (AML) filing database.
  • The arbiter of financial crime compliance defenses in the United States has warned that a number of unnamed news agencies are on the cusp of publishing a series of stories about a leak or theft tied to the financial sector’s most sensitive and sacrosanct filings: suspicious activity reports (SARs).
  • FinCEN holds millions upon millions of filings from banks tied to AML reporting rules tied to what banks consider potential indicators of illicit activity, typically more than $5,000, and direct or aggregated deposits of more than $10,000, called customer transaction reports (CTRs).
  • The unauthorized disclosure of SARs is a “crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports,” FinCEN said in the statement. 
  • The vague statement has become water cooler talk for the range of stakeholders in the fight against financial crime – current and former compliance officers, regulators and investigators – with many fearing the worst.
  • The biggest fear for banks, and FinCEN, is that this is a large-scale hack by organized crime or a foreign nation state or terabytes of data pilfered by an insider, similar to the Panama and Paradise Papers-related data dumps.
  • But banks, regulators and investigators all could be harmed by such a leak. 

By Brian Monroe
bmonroe@acfcs.org
September 4, 2020

The arbiter of financial crime compliance defenses in the United States has warned that a number of unnamed news agencies are on the cusp of publishing a series of stories about a leak or theft tied to the financial sector’s most sensitive and sacrosanct filings tied to potential fraud, money laundering and other crimes.

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit (FIU), has issued a statement this week about several impending news reports about a breach related to its anti-money laundering (AML) filing database.

While FinCEN did not confirm the leak, the agency did say the news reports will cover unlawful disclosure of suspicious activity reports (SARs).

FinCEN holds millions upon millions of filings from banks tied to AML reporting rules tied to what banks consider potential indicators of illicit activity, typically more than $5,000, and direct or aggregated deposits of more than $10,000, called currency transaction reports (CTRs).

FinCEN stated it “is aware that various media outlets intend to publish a series of articles based on unlawfully disclosed” SARs, as well as “other sensitive government documents, from several years ago.” 

While no one knows the how of the disclosure, the who could be in serious trouble.

The unauthorized disclosure of SARs is a “crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports,” FinCEN said in the statement. 

FinCEN has already referred matter to federal investigative agencies, including the U.S. Department of Justice and the U.S. Department of the Treasury’s Office of Inspector General.

To read the full statement, please click here

A large-scale SAR breach, and sense that confidentiality is broken, could bring it all crashing down

The vague statement has become water cooler talk for the range of stakeholders in the fight against financial crime – current and former compliance officers, regulators and investigators – with many fearing the worst.

The biggest fear for banks, and FinCEN, is that this is a large-scale hack by organized crime or a foreign nation state or terabytes of data pilfered by an insider, similar to the Panama and Paradise Papers-related data dumps.

But banks, regulators and investigators all could be harmed by such a leak.

“Highly classified data leakage means loss in revenue because now not only customers of SARs are knowing it, but customers friends, colleagues, and other third party [groups] knowing it,” said one commenter on social media.

“Being a regulator, this is highest level of compromise which will result in untrust of banks and hence filing of SARs would be impacted,” said the person, adding that for investigators, a breach by an insider or outside hacking group has the “potential to disrupt the legal framework, especially data confidentiality and customer trust!”

If banks don’t feel the filings will stay confidential, it could cause irreparable harm to the entire AML filing regime.

The “reliability of the whole system to protect [SAR] confidentiality…Now questionable…with a host of banking information on customers not proven yet in law as to any money laundering offences only deemed *suspicious*” could open “the doors to lawsuits by customers,” said a second fincrime compliance professional.

What is currently unknown is the context and size of the disclosure.

“Are they the ones that Deutsche Bank decided to actually file about the president and his failson-in-law? The ones Cy Vance’s grand jury is digging through while it waits—and waits and waits and waits—for Trump’s tax returns?” asked Dealbreaker.

FinCEN in the last two years has already had a high-profile case of SARs being leaked to the media.

In January, a senior Treasury Department official pleaded guilty to leaking confidential financial reports, after being charged with disclosing information related to Russia and the President’s associates.

Natalie Mayflower Sours Edwards, a senior adviser at FinCEN, entered a guilty plea to one count of conspiracy. She faces between zero and six months in prison as part of the deal.

In an 18-page criminal complaint, authorities detailed nearly a dozen stories published by news site, BuzzFeed, over the course of a year where Edwards served as a secret source.

She allegedly handed over specific details on individuals and related financial transactions, which potentially revealed monetary support for Russian meddling during the 2016 presidential campaign.

The apparent goal was to uncover concrete financial linkages between these Russian activities and associates of President Donald Trump, including now convicted felon Paul Manafort, his former campaign manager, Paul Gates, the Russian embassy, and others.

The FinCEN database: a tempting treat for jaded insiders, external hackers

It was no surprise someone — in this case Edwards — made the connection that if there were illicit details to be had in the Russia probe, they could be buried somewhere in the terabytes of data housed in FinCEN’s AML database. 

FinCEN is the main repository for this information.

Having so many filings in one place allows bureau analysts to engage in proactive investigations to uncover large-scale criminal trends.

FinCEN then shares those details with banks and other government agencies with purview over investigating and taking down criminal and terror networks and defending the nation against foreign and domestic threats.

The database is also a trusted resource for virtually every major federal investigative agency – and many state and local law enforcement offices.

Beyond FinCEN sharing the results of its own database analyses, federal and state investigators have remote access to the FinCEN database directly to query for details to form the foundation of a case or attempt to break new ground in current investigations related to companies, individuals, regions and more.

Moreover, while several government agents in recent years – typically those involved in national security – have been arrested and sentenced for improperly handling classified information, the FinCEN case is an anomaly.

For a FinCEN analyst to be sanctioned for mining the database to allegedly get dirt on political foes, then steal the data itself, possibly targeting even the current U.S. president, is exceedingly rare.

But for those in AML compliance and investigative circles, this situation – along with a few others – was always a “worst case scenario” waiting to happen.

The question: how secure is the AML database?

In conferences and conversations, whenever the subject of FinCEN, SARs and CTRs came up, one professional would invariably turn to another and say, “Wow, I wonder what would happen if some analyst or investigator had an agenda or axe to grind, and just decided to ping the database for themselves to find skeletons in the closet of a cross-party adversary, ex-boss or ex-wife.”

The response was always the same: whoever ever did something like that could, and likely would, find confidential information that could seriously tarnish the reputation of a captain of industry or political powerbroker.

The information in the FinCEN database is that powerful.

Beyond that, while a terrible breach of trust, the law and shaking of the confidential foundations the whole of the AML compliance world is built upon, illicit use of the data by a jaded employee is actually one of the milder of the nightmare scenarios that could befall FinCEN and its coveted database.

There is much, much worse.

Darknet market SARs or data destruction: You pick the nightmare

Here are two other situations FinCEN is doing its best to guard against: what would happen if a criminal hacker, through stealing the login credentials of a database user or abusing a software vulnerability, gained access to the database and downloaded all or some of the information?

They could then sell those details to the highest bidder among a cabal of illicit groups so that criminal groups could know what every bank has on them, and potentially every past or current government investigation – crippling who knows how many ongoing cases.

But even as bad as that could be, there is one involving FinCEN that would likely be considered the most feared of all: what if a hacker gained access to the database itself and rather than trying to steal or download it, introduced a virus or other insidious piece of malware that destroyed some or all of the data altogether. 

Such move would broadly hamstring many domestic and international, complex financial crime cases.

That’s because there are so many agencies around that world that rely on details in the FinCEN database to initiate and strengthen cases and pull together seemingly disparate sources of information to crack the diffuse, hidden trails of savvy organized criminal groups who are actively trying to mask their touchpoints with the formal financial system. 

*This post has been updated.

The New Military End Use and End User Regulations – Addressing the civil-military fusion nexus through finer slices of knowledge: Kharon Whitepaper analysis

The Skinny:

  • The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) amended the Export Administration Regulations (EAR) to tighten restrictions on certain exports to China, Russia, and Venezuela intended for military end use or military end users (MEU) effective June 29, 2020.
  • The new rule broadens the list of items covered by military end use licensing requirements and expands the definition of “military end use” to cover broader categories of activity.
  • The rule also establishes new restrictions on exports to military end users in China. Requirements for end use, and end users, have been in effect since 2014 for both Russia and Venezuela, but the restrictions on China, in place since 2007, only covered end use.
  • The new rule expands the definition of “military end use” (MEU) to include any item that “supports or contributes to the operation, installation, maintenance, repair, overhaul, refurbishing, ‘development,’ or ‘production’ of military items.”
  • Previous military end use restrictions only restricted items for the use, development, production of, or incorporation into military items. Any item that applies to a single element of the new definition of “use” triggers application of the new end-use rule.
  • The rule also adds products to the end use licensing requirements under the categories of materials processing, electronics, telecommunications, information security, sensors and lasers, and propulsion to the list of covered items.
  • In FAQs issued alongside the final rule, BIS used variations of two questions to determine if an end user is a military end user, including: Is the end user part of a military organization and does the end user develop, produce, maintain, or use military items?
  • If a firm is identified as a military end user, then exports, re-exports or transfer of any covered item to that user requires a license, even if the item is destined for civilian end use.
  • The update addresses trends in regions like China toward civil-military fusion, complicating compliance for banks and corporates alike.

By Kharon
Kharon.com
September 1, 2020

With minor edits and content additions by ACFCS VP of Content, Brian Monroe.

This is excerpted from Kharon’s recent publication The New Military End Use and End User Regulations:  A Guide for Identifying Risk. To get access to the full report, please click here

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) amended the Export Administration Regulations (EAR) to tighten restrictions on certain exports to China, Russia, and Venezuela intended for military end use or military end users (MEU) effective June 29, 2020.

The new rule broadens the list of items covered by military end use licensing requirements and expands the definition of “military end use” to cover broader categories of activity.

The rule also establishes new restrictions on exports to military end users in China. Requirements for end use, and end users, have been in effect since 2014 for both Russia and Venezuela, but the restrictions on China, in place since 2007, only covered end use.

The rule states that the changes “will require increased diligence with respect to the evaluation of end users in China, particularly in view of China’s widespread civil-military integration.”

As part of China’s emphasis on modernizing its military, the country has implemented a strategy of “military-civil fusion” to tap into China’s civilian economy for the benefit of its defense industry, obscuring the distinction between civilian and military end users.

Such integration of military and civilian goals “makes it more difficult for industry to know or determine … the end use and end users of items” they seek to transfer, the rule states.

To view the update itself, click here.

To view a Frequently Asked Questions (FAQ) document, consisting of 32 queries and responses, including issues tied to subsidiaries, like a military hospital needing a license, or historically EAR-controlled items earmarked for civil aviation, click here.

In all, this latest expansion of restrictions adds fresh complexity for corporates, financial institutions, manufacturers, import-export firms and intermediaries for regions already considered jurisdictional flashpoints for the United States.

BIS updates tied to jurisdictions that are a frequent target of U.S. fear, fury

The U.S. and China have been in an escalating trade war for months, even as the global coronavirus pandemic has crimped the throughput of global trade, estimated to plummet by more than 30 percent this year, according to the World Trade Organization.  

More recently, in July the U.S. Treasury’s Office of Foreign Assets Control (OFAC) – the country’s chief sanctions architect – targeted current and former Chinese government officials for alleged human rights abuses.

The tensions between the two world powers foamed and frothed to a boil at the tail end of July, when the U.S. ordered the Chinese consulate in Houston closed due to fears of pilfered trade secrets, and China responded in kind with a consulate closure of its own.

That thorny issue is a common refrain with federal investigative agencies stating that China’s theft of American technology and intellectual property is the nation’s “biggest law enforcement threat,” and an expensive one, estimated at more than half a trillion dollars lost, according to media reports.  

As for Russia, America’s arch nemesis for decades, the country in recent years has been subjected to a widening array of sanctions tied to human rights abuses, corruption, organized crime, cyberattacks, election interference, proliferation of weapons of mass distraction and destruction and helped other countries evade sanctions – like North Korea and Venezuela.

The graft-gilt region has an entire sanctions regime, the Global Magnitsky Sanctions, created as a response to the treatment of Sergei Magnitsky, an attorney who died in Russian custody after bringing a corruption and tax scam in the hundreds of millions of dollars to light.

The Global Magnitsky anti-corruption sanctions – super charged by the Trump Administration – are “unique among anti-corruption laws in that they: (1) directly penalize foreign officials, (2) assert U.S. jurisdiction globally, and (3) define corruption very broadly,” according to legal watchdogs.

For more than a decade, the United States has issued a plethora of sanctions against Venezuela in response to activities of the Venezuelan government and Venezuelan individuals, including designations tied to alleged corruption, human rights abuses, terrorism, drug trafficking and more.

The finial came last month in the form of an executive order blocking  the property and interests of the Maduro government in the United States and within the control of U.S. persons, according to the Congressional Research Service.  

As of August 20, 2020, the Treasury Department has “imposed sanctions on more than 150 Venezuelan or Venezuelan connected individuals, and the State Department has revoked the visas of more than 1,000 individuals and their families.”

The Trump Administration also has imposed sanctions on Venezuela’s state oil company (Petróleos de Venezuela, S.A., or PdVSA), government, and central bank, according to CRS.

In 2020, Treasury has sanctioned two subsidiaries of the Russian state-controlled Rosneft Oil Company for facilitating Venezuelan oil exports and four shipping companies for transporting Venezuelan oil, the report stated. 

BIS may not walk as loudly as OFAC, but carries a big stick – in terms of penalty, listing powers

While BIS may not get the same ink in the press as OFAC – with penalties against banks soaring to nearly $9 billion – the agency has the same goals to promote “U.S. national security and support U.S. foreign policy interests,” according to its latest annual report.

In FY 2019, BIS “intensified its efforts to implement policies and engage in enforcement activities that address strategic national security threats, including threats related to Iran’s attempts to obtain U.S. technology and commodities, China’s military-civil fusion efforts, and Chinese corporations’ activities that were contrary to U.S. national security or foreign policy interests,” according to the annual report.

BIS also has a stout stick when it comes to penalty powers.

Violations of the EAR may be subject to both criminal and administrative penalties.

Under the Export Control Reform Act of 2018 (ECRA), criminal penalties can include up to 20 years of imprisonment and up to $1 million in fines per violation, or both. 

Administrative monetary penalties can reach up to $300,000 per violation or twice the value of the transaction, whichever is greater.

Violators may also be subject to the denial of their export privileges as further described below.

A denial of export privileges prohibits a person from participating in any way in any transaction subject to the EAR.

Furthermore, it is unlawful for other businesses and individuals to participate in any way in an export transaction subject to the EAR with a denied person.

That means they could also get on the “Entity List,” which identifies foreign businesses, universities, or individuals that are prohibited from receiving some or all items subject to the EAR unless getting a license first due to concerns tied to weapons proliferation, terrorism and national security.  

FY 2019 was an “active year for BIS’s utilization of the Entity List,” with the agency adding 154 entities – and at the top of the list: Huawei Technologies Co., Ltd. (Huawei) for involvement in activities contrary to U.S. national security or foreign policy interests.

Knowledge is power to foster compliance – but can it foresee, forestall a ‘future occurrence?’

The latest update by BIS tied to military end use items is also required reading for corporates and financial institutions as it revisits and reinforces the always nebulous and subjective “knowledge” portion of compliance in this area, engaging in finer slices of awareness, similar to how banks must engage in ever more granular risk divination.

The update puts more pressure on the depth and accuracy of due diligence and ensuring that operations trading with these regions ask the right questions to determine what form of knowledge, or lack thereof, is at play.

How many types of knowledge can there be you ask? Take a gander: specific, general, positive, substantial, certain, awareness and everyone’s favorite – a high probability of its existence or future occurrence.

So forget hiring a compliance officer – just bring a wizard on staff with a crystal ball.

One question in the FAQs brings this point into stark relief.

Q9: If I have knowledge that a parent organization of my end user, or one of my end user’s subordinate entities, is involved in “military end uses,” does that mean I have knowledge that the entity I sell to is a “military end user,” even if I have no specific knowledge that the end user is involved in manufacturing items for “military end uses?”

A: A license is required if your end user is involved in “military end uses.”

You must exercise due diligence to determine whether the parent or subordinate entity’s military activities is relevant to the specific end user’s activities and that knowledge should be taken into account along with information regarding the specific end user.

Under the EAR, “knowledge” includes not only positive knowledge that the circumstances exist or are substantially certain to occur, but also an awareness of a high probability of its existence or future occurrence. Such awareness is inferred from evidence of the conscious disregard of facts known to a person and is also inferred from a person’s willful avoidance of facts.

Military End User Restrictions

Identifying exposure to military end users can be challenging where an end user is a subsidiary or affiliate that sits within a corporate structure with multiple tiers of ownership that obfuscate the connections of a company to the military, as well as in situations where trade intermediaries are involved in indirectly acquiring goods and technology for military end users.  

In FAQs issued alongside the final rule, BIS used variations of two questions to determine if an end user is a military end user:

  • Is the end user part of a military organization, as determined by the end user’s relation to the country’s national armed services?
  • Does the end user develop, produce, maintain, or use military items?

BIS specifically applied this test to questions regarding the determination of military end user status using military hospitals, military-related universities, and subordinate agencies of defense ministries as examples, but the test can presumably be applied against other entities to determine if it is a military end user.

Military end users include a country’s national armed services, such as the army, navy, air force, as well as the national guard, national police, and government intelligence and reconnaissance organizations, and other military end users, according to the regulations.

Other military end users cover state owned enterprises, defined by BIS as “entities over which their national governments can or do exercise significant direction or control of the SOE’s operations through supervision, financing subsidization, or ownership, including significant minority ownership,” according to the frequently asked questions (FAQ).

If a firm is identified as a military end user, then exports, re-exports or transfer of any covered item to that user requires a license, even if the item is destined for civilian end use.

Procurement Agents and Distribution Partners 

Distribution partners, wholesalers, and other trade intermediaries that do business with U.S. manufacturers can present MEU challenges when these actors do not disclose the end users or use of the technology.

Intermediaries that do not receive and ultimately use military items may not qualify as military end users.

However, in situations where intermediaries have knowledge that an item is ultimately destined for a military end user or for military end use, the transaction in question would fall under end user licensing requirements.

Understanding Ownership Chains and Activities That Support Military End Uses

In situations where an end user is a parent or subsidiary of an entity engaged in military end uses, BIS urges industry to exercise due diligence to determine whether the parent or subordinate relationship is relevant to the end user’s activities.

Even if it is determined that a subsidiary of a military end user does not engage in any activities with the parent or subordinate entity, if the entity develops, produces, maintains, or uses any military items, the firm is considered to be a military end user. 

Regional Report: Canada has done ‘amazing things’ to fight crime through public-private partnerships, but still hampered by stringent privacy rules, lack of AML safe harbors

The Skinny:

  • In recent years, Canada has done “amazing things” in the arena of stronger information sharing between regulators, banks and law enforcement to target some of the most insidious financial crimes of our times, including human trafficking, which became a global model to help other regions.
  • But some professionals say the region is still hampered by stringent privacy rules and a lack of formalized compliance safe harbors, similar to those in the United States, enshrined in Patriot Act Sections 314 (a) and 314(b).
  • Those provisions in the seminal act allow law enforcement to query, and share information with banks, and banks to share information with each other on suspected instances of money laundering and terrorist financing.
  • Those are just some of the takeaways from the “Canada Focus – FinCrime Trends and Case Studies,” session, a panel from ACFCS Fincrime Virtual Week, hosted by the Toronto Chapter.
  • More than 5,600 attendees, speakers and thought leaders registered for the Association of Certified Financial Crime Specialists’ (ACFCS) first-ever fully online conference, which addressed the overarching themes of Disruption, Innovation and Resiliency.
  • The event covered five days of learning between Aug. 3 and Aug. 7 with dozens of sessions and speakers, including top federal regulators, investigative agencies and thought leaders from the banking, consulting, insurance, crypto currency and other financial services sectors.
  • Overall, the event highlighted the vital importance of collaboration, between banks, law enforcement and regulators, including illuminating the opacity of impenetrable beneficial ownership structures and finding ways to ensure criminals can’t hide behind shell companies, legal entities or evade investigators through virtual worlds.

By Brian Monroe
bmonroe@acfcs.org
August 25, 2020

In recent years, Canada has done “amazing things” in the arena of stronger information sharing between regulators, banks and law enforcement to target some of the most insidious financial crimes of our times.

Spearheaded by banks including BMO, HSBC, CIBC, RBC and Scotiabank, these groups have partnered with the Country’s financial intelligence unit to use data and investigator ingenuity to understand, report on and take down illicit networks.

The combined public-private sector might of these institutions and the government have come together under a single banner, to marshal their forces against money laundering, romance scams and other frauds, child exploitation and human trafficking – which became a global model to help other regions ally, align and attack criminals.

But some professionals say the region is still hampered by stringent privacy rules and a lack of formalized compliance safe harbors, similar to those in the United States, enshrined in Patriot Act Sections 314 (a) and 314(b).

Those provisions, created after the September 11, 2001 terrorist attacks in New York and Washington, D.C., allow law enforcement to query, and share information with banks, and banks to share information with each other on suspected instances of money laundering and terrorist financing.

Those are just some of the takeaways from the “Canada Focus – FinCrime Trends and Case Studies,” session, a panel from ACFCS Fincrime Virtual Week, hosted by the Toronto Chapter.

More than 5,600 attendees, speakers and thought leaders registered for the Association of Certified Financial Crime Specialists’ (ACFCS) first-ever fully online conference, which addressed the overarching themes of Disruption, Innovation and Resiliency.

The event covered five days of learning between Aug. 3 and Aug. 7 with dozens of sessions and speakers, including top federal regulators, investigative agencies and thought leaders from the banking, consulting, insurance, crypto currency and other financial services sectors.

Overall, the event highlighted the vital importance of collaboration, between banks, law enforcement and regulators, the need to illuminate the opacity of impenetrable beneficial ownership structures and the risks of shell companies, legal entities and crypto currencies. 

PPPs – how all the stakeholders in the fight can see the bigger picture

Since 2016, Canada’s Financial Transactions and Reports Analysis Centre (Fintrac), the country’s financial intelligence unit (FIU), has forged innovative public-private partnerships (PPPs) with many of the largest banking groups in the region.

This has helped regulators, investigators and banks better understand the nuanced financial trails of crimes including human trafficking, money laundering, romance scams and other frauds and currently, child sexual exploitation.

The PPPs have been so successful, Fintrac’s strategy to counter human trafficking, for instance, has become a “global model,” where the regulator has traveled around the world to bolster capacity in this area, a framework that can improve effectiveness and immediate outcomes without the pitfalls or time delays of passing and implementing new regulations.  

“Banks decided the subject,” of the PPP, which in recent years has included human trafficking, fraud and other crimes, said Michael Boole, the Manager of the Financial Intelligence Sector for AML/ATF at Fintrac, during the panel discussion.

The efforts have been extremely successful, domestically and internationally.

The PPPs have resulted in a “thousands of percent increase in the volumes of [suspicious transaction reports (STRs)] to this day,” he said, adding that Fintrac has “gone around the world to discuss this” model, which can improve reporting, investigations and help take down larger criminal networks with “no legislative changes needed.”

But even as these moves have cumulatively resulted in more and better STRs tied to these crimes in Canada, some longtime compliance professionals in the Great White North believe so much more could be done.

Why?

Banks have to balance their desire to better use their data and help law enforcement with a very real fear of violating recently-strengthened privacy rules – with failures resulting in penalties of more than $100,000 or more. 

PPPs have resulted in a “thousands of percent increase in the volumes of [suspicious transaction reports (STRs)] to this day." -
Michael Boole, Fintrac
Designer

Canada FATF Mutual Evaluation Report 2016 Snapshot: Strong laws, but gaps in terms of casinos, gatekeepers and law enforcement effectiveness

Here is a snapshot of some of the strengths and weaknesses of Canada’s financial crime compliance regime, from the 2016 Financial Action Task Force (FATF) mutual evaluation.

The group, the world’s chief AML watchdog, lauded the country for its powerful laws, but noted gaps in high risk areas, including gatekeepers, such as lawyers, non-bank groups, for instance real estate, and wanted better results for law enforcement investigations.

  • Strong framework to fight ML/TF with comprehensive set of laws/regulations
  • Financial entities understand obligations, but there is a lack of awareness among DNFBPs, and in particular real estate agents
  • Significant loophole – legal counsels, legal firms not subject to AML/ATF legislation
  • Other gaps in high-risk areas: online casinos, open loop prepaid cards, white label ATMs
  • Law enforcement results are not commensurate with risk. LEAs generally suffer from insufficient resources and expertise to pursue complex ML cases
  • Legal persons and arrangements are at a high risk of mis-use, and that risk is not mitigated; BO information is difficult to verify
  • Federal FIU (FINTRAC) is not authorized to obtain additional information related to suspicions of ML/TF

Canada AML regime as white as snow?

During the Canada panel, the country’s overall financial crime and compliance successes, and failures, were laid bare.

In particular Canada has been the subject of internal and external analyses, including top reviews by global watchdog bodies and several regional reports from British Columbia looking at money laundering through casinos, underground banking and real estate.

The reports, dubbed cumulatively as “Snow Washing,” have “really exposed Canada’s money laundering problems as of late,” said Bob Kapur, an independent AML/ATF consultant with more than 20 years of experience, including as the Deputy Chief AML Officer at a Big Five Canadian bank, during the Canada panel.

As well, the spotlight on British Columbia also “highlighted weaknesses in the ability to know and understand beneficial owners,” he said.  

One report highlighted that many, as much as “80 percent of the top tier properties in terms of price were owned by numbered companies, investment holding companies or quasi-anonymous trusts.”

The starkness of those figures was not lost on FATF. 

The FATF report was “generally good,” Kapur said. “We have done some amazing things to advance the fight against financial crime through public private partnerships, the triple Ps.”

“But we did have some significant loopholes identified,” he said, including the lack of “enscopement” of lawyers and certain areas of the legal sector in terms of formal AML duties.

The report, however, even while lauding the ability of Fintrac to engage in these partnerships and create “operational alerts” to help banks be privy to broad trends, patterns and the key red flags of certain crimes, noted that the regulator also has limits to its power. 

To wit, in many cases Fintrac can’t even follow up with reporting entities for more details on certain filings tied to named subjects due to constraints by the country’s privacy laws.

Banks also “can’t share private to private,” Kapur said, adding that many top minds and banking groups have lobbied for Canada to adopt U.S.-style sharing provisions, such as Patriot Act Sections 314(a) and 314(b).

Part and parcel of this is not just the power for law enforcement to query and share information with banks, and banks to share information with each other, but broad safe harbors saying that if banks share information on suspected money laundering and terrorist financing cases – and the prevailing mentality is that includes the underlying specified unlawful activities – the banks are protected from civil and other suits. 

In quest to share data, banks also must remember to protect it

The theme of PPP was also a focal point of the Canada session, but also the panel addressed the counterpoint of sharing data – the need to protect it and potential unwanted regulatory scrutiny and even penalties that could arise if failings occur.

Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), what many refer to as Canada’s answer to the European Union’s Global Data Protection Rule (GDPR), got significantly more teeth in November 2018 tied to data protection requirements for industry to implement a system to report breaches to the government and potentially affected individuals.

What does this mean for bank anti-money laundering (AML) teams?

Banks can not only get in trouble if data captured for AML risk assessment purposes gets stolen in a data breach by outside attackers, they can also fall afoul of privacy rules if this data is improperly shared with outside entities, such as other banks, even if the purpose is ostensibly for the greater good.

Even with a tightrope to balance in Canada, there are a bevy of practical, tangible benefits for regions that engage in strong PPPs, domestically and internationally, according to a report released Monday by the Royal United Services Institute on the Future of Financial Intelligence Sharing (FFIS).

Here are a few points for collaboration:

  • Provide regularly convened dynamic public–private dialogue on financial crime threats, based on shared and agreed objectives and priorities.
  • Act within the law by making use of available information-sharing legislation, based on a shared public–private understanding of the legal gateways and boundaries of sharing information;
  • Can enable, to some degree, private–private sharing of information
  • Can boost knowledge between certain regulated entities, including examiners and investigators;

PPPs can help address one or more of the following issues:

  • Sharing of tactical information, including the identities of entities of concern, to enhance ongoing investigations.
  • Collaborative knowledge management processes to build understanding of threats and risks 
  • For example through the co-development of typologies (sometimes referred to as ‘alerts’) and the development and testing of indicators, to improve reporting from the private sector.

Practical takeaways from Canadian PPPs – better controlling the narrative

Finally, from a Canadian context, the advent of public-private partnerships designed at identifying and reporting on specific types of criminal activity have introduced welcome additions to the narrative section of suspicious transaction reports, according to thought leaders working on a forthcoming ACFCS Canadian STR Almanac.

Starting with Project Protect, the public-private model has expanded out from identifying indicators of human trafficking (#PROJECT PROTECT), to other types of crime such as romance fraud (Project CHAMELEON or #CHAMELEON), opioid and fentanyl trafficking (#PROJECT GUARDIAN or #FENTANYL).

Including the hashtag of the type of crime the suspicious activity or transaction is associated with facilitates Fintrac’s disclosure process, ensuring the STR is identified accordingly, and routed to the appropriate individuals.

This example is relevant to a Canadian context, but this is an important example of additional types of information that should be included in the narrative section of an STR or SAR, as they apply to one’s local jurisdiction.

Ironically, Canada does have a section in its criminal code allowing banks to reach out directly to law enforcement, but many banks are reticent to do so.

Under Section 462.47, the code states that, “a person is justified in disclosing to a peace officer or the Attorney General any facts on the basis of which that person reasonably suspects that any property is proceeds of crime or that any person has committed or is about to commit a designated offence.”

So if that section allows such sharing, that begs the question: are banks using it? Not really.

Section 462.47 is “used, but used very sparingly, especially amongst the big banks,” Kapur said. “From a reporting entity perspective, that can be done and is done in some situations. If the bank is the victim of a major loss, or a significant fraud, we might report that directly to law enforcement.”

But why are institutions and even law enforcement so worried about being direct partners?

Both sides fret that “not going through the Fintrac route could jeopardize any information given,” he said. 

Banks in some cases worry about sharing information directly with law enforcement due to privacy concerns and a fear that "not going through the Fintrac route could jeopardize any information given."
- Bob Kapur, indepenent AML expert, former compliance officer
Designer

Regional Report: In face of massive EU AML scandals, prosecutors, regulators, banks looking to bolster information sharing, accountability, liability

The Skinny:

  • In this regional report focusing on Europe, the ACFCS Netherlands Chapter looks at some of the EU AML scandals and issues in and out of banks that can make compliance difficult.
  • The takeaways come from the “Fintech and FinCrime in Europe” session, a panel from ACFCS Fincrime Virtual Week, the association’s first-ever fully online fincrime compliance conference.  
  • More than 5,600 attendees, speakers and thought leaders registered for the event, which addressed the overarching themes of Disruption, Innovation and Resiliency. In the panel focused on compliance and regulatory trends in the EU, speakers highlighted several key trends, including:
  • Regulators and prosecutors in Europe are trying to more aggressively tie egregious fraud and financial crime compliance failures to senior management and directors outside of compliance, including business line revenue agents, just as new financial crime compliance rules take hold.
  • In response, some banking groups have started to collapse silos in and outside the bank, banding together across institutions to share information on customers – including potentially risky and fraudulent individuals and entities – and interweave anti-money laundering (AML), fraud and cyber teams to better tackle crimes in a holistic, convergent manner.

By Brian Monroe
bmonroe@acfcs.org
August 18, 2020 

Regulators and prosecutors in Europe are trying to more aggressively tie egregious fraud and financial crime compliance failures to senior management and directors outside of compliance, including business line revenue agents, just as new financial crime compliance rules take hold.

In response, some banking groups have started to collapse silos in and outside the bank, banding together across institutions to share information on customers – including potentially risky and fraudulent individuals and entities – and interweave anti-money laundering (AML), fraud and cyber teams to better tackle crimes in a holistic, convergent manner.

Those are just some of the takeaways from the “Fintech and FinCrime in Europe” session, a panel from ACFCS Fincrime Virtual Week.

More than 5,600 attendees, speakers and thought leaders registered for the Association of Certified Financial Crime Specialists’ (ACFCS) first-ever fully online conference, which addressed the overarching themes of Disruption, Innovation and Resiliency.

The event covered five days of learning between Aug. 3 and Aug. 7 with dozens of sessions and speakers, including top federal regulators, investigative agencies and thought leaders from the banking, consulting, insurance, crypto currency and other financial services sectors.

Overall, the event highlighted the vital importance of collaboration, between banks, law enforcement and regulators, including illuminating the opacity of impenetrable beneficial ownership structures and finding a way to provide such information to institutions subject to anti-money laundering (AML) rules, transparency watchdogs and journalists.

During the “Fintech and FinCrime” panel, speakers spearheaded by the Dutch Chapter of ACFCS covered many of the stumbling blocks banks encounter individually and also looked at the overarching trends to counter large-scale money laundering networks across the bloc and Nordic and Baltic regions – the epicenter of the current fincrime scandals.

In recent EU AML scandals, penalties the rising specter of individual liability

One new wrinkle in recent months is the rising specter of individual liability for compliance professionals, senior management and even the board.

“What is new on the executive level is that someone has to be responsible for the implementation of the AML directive,” said Lotte van Meerten, a compliance manager with Van Lanschot Kempen Wealth Management.

In recent events, including high-profile fraud and AML failures, including Wirecard and the hefty fine at ING Groep last year for nearly $1 billion, authorities are trying to work in individual liability in major actions, something that should not be lost on compliance professionals in Europe.

Prosecutors are “trying to keep someone responsible for the events that happened in the company,” she said. “If you are a director or CEO of a company you must be aware of what is happening in your company and what goes wrong in your company. It’s not just the responsibility of the business and the compliance” teams.

The challenges for banks tackled by the Fincrime Virtual Week panel in terms of creating programs, at the top of the list to be in compliance with just-updated EU AML rules, are manifold, and include:

  • Silos in Financial Crime investigations
  • Integrating data sources
  • Covering all the FinCrime risks
  • Covering all the steps in the process
  • Not looking at multiple data sources simultaneously
  • Different monitoring tools for different risks
  • No or little alignment and handover between various lines of defense
  • Different systems for different steps in the process
  • No integral, aggregated risk view as a result

The push for making changes in all of these areas is clearly a response to the ever-widening and still-rumbling Danske Bank scandal.

The scandal has seen Denmark’s largest lender facing a plethora of probes, investigations, accusations and recriminations in several countries for its monitoring, reporting and handling of some 200 billion euros, or more than $224 billion, in potentially suspicious transactions tied to Russia between 2007 and 2015.

The scandal has sacked some top leaders at banks in Denmark and Sweden, snared Deutsche Bank and even cast regulators in the regions in harsh lights, even as these financial watchdogs work to levy statement-making penalties against the institutions involved. 

Not surprisingly, the EU Commission and Parliament have voiced concerns and put forth formal measures to create a pan-bloc AML enforcement body that would put member state regulators, not just banks, in the hot seat for compliance failures. 

After series of EU scandals, Dutch banks team up to share data, algorithms

Not surprisingly, if more regulators are getting together to see the bigger picture across boundaries and banking groups, banks themselves are concluding they better do it first and find any larger vulnerabilities before examiners are at the door.

The panel also touched on the importance of sharing data, not just between banks and law enforcement, and vice versa, but for banks to swim their information on customers together – to highlight who is low risk and who isn’t.

Several of the largest Dutch banking groups are choosing not to go Dutch when fighting financial crime on the heels of massive European money laundering scandals that have snaked suspicion and scrutiny to regions like Amsterdam and the Netherlands. 

Financial services giants including ING Groep NV, Rabobank and ABN Amro Bank NV – all banks in recent years that have been hit by U.S. or home country financial crime compliance penalties – are working toward a joint venture to share information.

In all, the institutions would share data about transactions occurring across multiple banks and jurisdictions in an effort to better identify the telltale signs of illicit activity and broader ties to larger interconnected organized criminal groups. 

The name of the facility will be Transaction Monitoring Netherlands (TMNL), with overarching stewardship coming from the Dutch Banking Association (NVB). 

“In the next six months the banks will study whether this is feasible given the technical and legal challenges involved,” NVB said in a statement when the effort was announced last year, adding that other banks could join the data pooling initiative at a later stage.

NVB estimated that 16 billion euros in funds tainted by criminals is circulating in the Netherlands, most of which is connected to the illicit drugs trade, a “serious social problem.”  

“The banks see it as an important public duty to help solve this problem,” NVB Chair Chris Buijink said in a statement. “They want to rid their systems of criminality and are investing heavily in” in compliance, technology and monitoring systems to that end. 

In the new transaction monitoring facility plans, banks would be more aggressively cooperating with the Financial Intelligence Unit (FIU), the Public Prosecution Service, FIOD and for example ministries. 

Last year, under AML obligations, the banks reported 68,000 unusual transactions to the FIU, with an estimated 15,000 of these transactions described by the FIU analysts as suspicious. The five banks involved handle 9.8 billion payment transactions every year, amounting to 27 million transactions every day.

The fight against money laundering and the financing of terrorism is a major priority for the banks. 

Apart from the banks taking responsibility themselves, effectively dealing with money laundering requires a national (chain) approach. 

Dutch shared KYC facility mirrors efforts, safe harbors in U.S. AML defenses

While there will no doubt be technical, legal and privacy challenges aplenty in this Dutch endeavor, it holds great potential to improve the efficiency and effectiveness of financial crime compliance and investigations in the regions involved. 

Many large U.S. and international banks are already engaging in similar efforts, over the past decade swimming the data on customers and transactions together with indicia of fraud, money laundering and other financial crimes as an “association of banks” under the broad safe harbor of Patriot Act Section 314(b). 

The efforts have made it more difficult for a criminal engaging in illicit activity at one bank to simply walk across the street to another institution and start doing the same things there.

Dutch banks have a tough road ahead to mirror similar improvements, but the transaction monitoring sharing facility could be a powerful first start.

Even so, the panel noted that the breaking down of silos and sharing of data across banks could all be for naught if Europe doesn’t address what to many has become the biggest financial crime vulnerability in the world: impenetrable beneficial ownership structures.

As part of updates to EU AML rules, banks must capture details on the ultimate beneficial owner of a corporates, in some cases down to the 25 percent and even 10 percent levels, and get that information to a central repository in the member state.

The Netherlands was even chastised by the EU for tarrying on this initiative as it comes with both technical, logistic and resource challenges for countries. These countries then face the unenviable task of ensuring the beneficial ownership data stays updated – and to penalize firms attempting to game the system.

The effort to capture all of this beneficial ownership information, however, faces the prospect of being siloed itself: the information captured at the country level must then also be linked together in a massive database, one that many hope will be accessible to banks, the public and outside watchdog groups.

“It is not just silos within banks that are being taken down, but silos between banks are being taken down,” said Tames Rietdijk, the CEO of BusinessForensics, referring to the shared KYC facility and other efforts to capture and share data across Europe.

ACFCS Fincrime Virtual Week Takeaways Part One: More convergence, collaboration needed by banks, regulators, investigators to counter pandemic-fueled fraud, cyber-enabled attacks

The Skinny:

  • More than 5,600 financial crime compliance professionals registered for the Association of Certified Financial Crime Specialists’ (ACFCS) first-ever fully online conference – Fincrime Virtual Week.
  • The five-day event had the overarching themes of “Disruption, Innovation and Resiliency” with 30-plus sessions and dozens of speakers, including top federal regulators, investigative agencies and thought leaders from the banking, consulting, insurance, crypto and other financial services sectors.
  • The event highlighted the vital importance of collaboration, between banks, law enforcement and regulators, including illuminating the opacity of impenetrable beneficial ownership structures.
  • As well, even as counter-fraud teams have noticed a surge in scammers trying to defraud customers during the pandemic and move funds into virtual coins, crypto investigative firms have responded with a more powerful analytical arsenal that in one high-profile case helped track down a foreign hacking group in just weeks.
  • One of the best surprises of the conference was the creativity of professionals in a more amusing form of visual data analytics – drawings, pictures and full-fledged pieces of art to capture not just the key themes of Fincrime Virtual Week, but the engaged and ebullient spirit of speakers and attendees.

By Brian Monroe
bmonroe@acfcs.org
August 12, 2020 

More than 5,600 financial crime compliance professionals registered for the Association of Certified Financial Crime Specialists’ (ACFCS) first-ever fully online conference – Fincrime Virtual Week – addressing the overarching themes of Disruption, Innovation and Resiliency.

The event covered five days of learning between Aug. 3 and Aug. 7 with 30-plus sessions and more than three dozen speakers, including top federal regulators, investigative agencies and thought leaders from the banking, consulting, insurance, crypto currency and other financial services sectors.

Overall, the event highlighted the vital importance of collaboration, between banks, law enforcement and regulators, including illuminating the opacity of impenetrable beneficial ownership structures and finding a way to provide such information to institutions subject to anti-money laundering (AML) rules, transparency watchdogs and journalists.

As well, even as compliance and counter-fraud teams have noticed a surge in scammers, spammers and hackers trying to defraud customers as a result of the coronavirus pandemic and move those funds into seemingly anonymous virtual coins, crypto investigative firms have responded with a more powerful analytical arsenal that in one high-profile case helped track down a foreign hacking group in just weeks.

Panelists also noted that the worlds of brick-and-mortar banking and crypto currency have grown ever so closely together, with recent statements by federal and state regulators giving tacit approval for banks to have custody of virtual value, just as they would funds or securities.

These statements coincide with these agencies being more willing to publicly say which crypto exchanges that they have more business continuity and compliance confidence, potentially resulting in a tectonic shift in the perception of the crypto world as a rollicking roller coaster of imaginary Internet money into simply just another store of value.

One of the most surprising takeaways of the event is that even with the most loudly buzzing buzzwords promising to solve the ever-present enigma of fincrime compliance – artificial intelligence, automation, machine learning, lowering false positives and raising efficiency and effectiveness – these tempting technologies are just tools.

They are nothing without being paired with a savvy, well-trained and experienced human decision-maker.

While ACFCS went into this event with the themes of disruption, innovation and resiliency and wanting to teach and share knowledge, we ended up learning important lessons as well.

The biggest theme we walked away with was the theme of community and looking out for each other.

In ways large and small professionals from across the financial crime and compliance spectrum, whether new to the field or longtime respected experts, connected, collaborated and shared war stories for the best reason of all: to help each other.

The groups, from the U.S., Europe, Canada, India, the Netherlands and other regions, shared practical, elbow grease tactics to help overcome many of the largest hurdles professionals encounter today – including one of the main reasons programs don’t move forward, inured in the inertia of good enough.

One of the best surprises of the conference was the creativity of professionals in a more amusing form of visual data analytics – drawings, pictures and full-fledged pieces of art to capture not just the key themes of Fincrime Virtual Week, but the engaged and ebullient spirit of speakers and attendees.  

Here are some snapshots and key takeaways from speakers, attendees and panels of the event:

  • Oppose ownership opacity: The U.S., and the rest of the world, must do more to crack open beneficial ownership bastions and cripple illicit networks.
  • Adjustments, enforcement retrenchments: Banks, and regulators, have had to adjust to the pandemic with fewer exams and more focused COVID-based risk assessments. In many cases, examiners can’t visit banks to do onsite exams, so overall enforcement actions, including for AML failures, have fallen precipitously.
  • Mind your Ps, Qs and Fs (for fraud): Banks, corporates and their customers are also dealing with an explosion of fraud tied to COVID-19, including Paycheck Protection Program (PPP) loans, along with tainted email queries tied to personal protective equipment (PPE) and stimulus loans and purported snake oil cures from fraudsters trying to get banks and people to click on diseased links.
  • Sharing is more than caring, it’s necessary: The importance of stronger public and private partnerships between banks and law enforcement. In some cases, banks should literally have the names and cell phone numbers of local and federal investigators in their region.
  • From frontline to phalanx: Speakers also touched on the need to extend expansive, broad spectrum financial crime compliance training, including on the red flags of human trafficking, to front line and business line employees, turning AML from a reactive, forensic exercise to a proactive ally of law enforcement and phalanx against financial crime.
  • Socially distanced digital identities: One compliance professional noted also that the pandemic had one positive: accelerating bank migration and acceptance of digital documentation because customers are locked down and must practice social distancing.
  • All work and no play – oh yes, we played alright: ACFCS staff, attendees, thought leaders and one of the winners of a certification scholarship for professionals in human trafficking held court at a rousing reception that included games, giveaways and art on the fly.

Day one: Facing a changed world together

The day started with some inspiring words from ACFCS President Joseph Yerant, noting that the “most challenging times bring us the most valuable lessons.”

The first session helmed by Jim Richards, the former top AML Officer at Wells Fargo and Scott Rembrandt, Deputy Assistant Secretary for Strategic Policy (TFFC), U.S. Department of the Treasury, tackled the issues of beneficial ownership and analyzed the perceived gulf between the timely, relevant intelligence required by investigators and the way it should be gathered, according to regulators.

The general takeaway: the filings produced by banks are not going into a black hole, but are in fact the foundation of many investigations across law enforcement and further ongoing inquiries by domestic and foreign investigators.

As well, several top government agencies, including the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) are in engaged in a broad initiative to better quantify the contributions and intelligence value of the millions of filings by banks and other financial institutions.

That is welcome news as these efforts to produce millions of suspicious activity report (SAR) and customer transaction report (CTR) filings annually cost the industry billions upon billions of dollars in terms of human capital, investigative technologies and resources to appease examiners.

FinCrime After COVID-19 – Navigating the New Normal

In the second session Monday, the panel included an “All Star” group across the public and private sectors, including:

  • Sonia Desai, Head of International Compliance, Charles Schwab
  • John Tobon, Supervisory Special Agent, Homeland Security Investigations
  • Jim Vivenzio, Senior Counsel, BSA/AML, OCC
  • Patty O’Connor, President, Compliance Strategy Group (CSG)

The group noted a bevy of trends, such as:

The explosion of shell companies by criminal groups and them trying to further muddy the money trail by moving funds from fraud and cyber hacks through virtual currencies.

The challenge of compliance: Everything is taking longer, in some cases double, triple or more to ensure a “culture of compliance” permeates employees at all levels.

To better protect customers, some banks are even creating counter-fraud resources to not just share with compliance, but extend these to customers to prevent them from being taken advantage of by more aggressive scammers and spammers attempting to get access to funds and data.

Day Two: Cryptocurrency, compliance trends and blockchain investigative techniques

Key takeaways:

Panelists from many of the top crypto exchange and investigations firms engaged in a a dissection and anatomy of the recent Twitter hack that saw scammers take control of the accounts of Bill Gates, Barrack Obama and others.

The hack resulted in these individuals falsely saying that if individuals sent them thousands of dollars in Bitcoin, they would send back double.

What was remarkable for many attendees was that the case was solved and hackers involved tracked down in a surprisingly short time: 16 days, due chiefly to the transparency and immutability of the blockchain and gumshoe tactics of crypto sleuthing firms.

When it comes to Bitcoin analysis and divining transaction trends, analysts have been successful at clustering based on co-spending techniques.

They also detailed some of the fundamentals of tracing cryptocurrency, including linking a seemingly random string of numbers and letters, the hash tied to Bitcoin blockchain transactions, to the flesh-and-blood individuals and shell companies behind them – even when obvious names and ties are nebulous at best.

Day two included a standout panel taking a voyage into virtual worlds: “Digital Assets, Cryptocrime and Compliance – Trends and Case Studies.”

The world of digital assets has shifted dramatically in recent years, with growing crypto business models, institutional adoption and interest from financial institutions.

Even so, criminal risks in crypto still persist and can’t be ignored, from darknet market transactions to sanctions evasion.

The session explored the current state of crypto risk and offered practical advice to financial institutions in the real and digital worlds wondering what comes next.

  • Jeff Horowitz, Chief Compliance Officer, Coinbase
  • Jonathan Levin, Co-Founder, Chainalysis
  • Lana Schwartzmann, Chief Compliance Officer, Paxful
  • The panel’s insight also captured the attention of journalists at Cointelegraph in a story you can read here.

With crypto exchanges, investigators and crypto analytics firms coming together to uncover the culprits of the Twitter hack in just 16 days, Lana Schwartzmann, chief compliance officer for Paxful, said it was “quite amazing how different this is from what we’d see in the traditional fiat world. You’d never have this resolved so quickly.”

Coinbase’s chief compliance officer Jeff Horowitz, agreed and noted that when it came to the Twitter hack, the conversation quickly changed from crypto being a lawless virtual borderlands to industry and investigator ally.

“The story quickly changed to ‘how is crypto partnering with law enforcement to track this issue?’”

The panel also highlighted that with a change in the conversation around crypto, it also leads to a shift in the perception of risk and an overall rise in institutional comfort and interest, according to Cointelegraph.

Horowitz continued to describe major improvements to conversations about regulation and crypto over the course of “maybe the past one to two years,” according to the report.

Jonathan Levin, a co-founder of Chainalysis, a firm that helped track the Bitcoin in the Twitter hack to 17-year-old Graham Clark, compared the estimate of $10 million laundered in Bitcoin each day to the total amount moving on the blockchain, which is miniscule. 

“There’s more than a billion dollars moved on the bitcoin blockchain per week, so this is still a very small amount of value compared to what is being moved on the blockchain.”

Institutions, said Levin, are very engaged in weighing how to onboard crypto, but noted that “This is not a when or an if, this is a how.”

An audience poll during the panel found lack of regulatory guidance to be the primary barrier to financial institutions working with crypto.

When an entire sector is risky, how do you know when to re-risk, de-risk or simply deploy more monitoring resources?

The question of fincrime compliance risk ranking – a core component of any AML program and typically data-driven and resource-intensive exercise that sensitizes the transaction monitoring system – in what many already consider a high-risk sector, crypto, can be a challenge.

So how does a crypto analytics firm broadly gauge virtual asset entity and transaction risks?

Here is a snapshot from Peter James, Training Specialist, Chainalysis, during the “Cryptocurrency Fundamentals and Investigative Techniques Workshop.”

Low risk:

  • Exchanges
  • Hosted Wallets
  • Merchant services
  • Mining Pools

Medium:

  • Crypto ATMs
  • Gambling
  • Mixers

High:

  • Darknet Markets
  • Scams
  • Hacks
  • Stolen funds
  • Ransomware

Severe:

  • Terrorist financing
  • Sanctions
  • Child exploitation

ACFCS Fincrime Virtual Week Conference Day Two Finial: A snapshot from our Crypto and Coffee chat

On July 23, 2020, the Office of the Comptroller of the Currency (OCC) released an Interpretive Letter #1170 confirming that custody of cryptocurrency and crypto-assets are really an extension of traditional banking services, similar to how banks hold fiat currency, securities and even physical items in safe deposit boxes.

Therefore, a bank holding the keys on behalf of customers that correspond to their crypto funds would be considered permissible activities for national banks and federal savings associations from the perspective of regulators.

Banks could even help offer stronger cyber defenses against recent exchange hacks.

That letter is a “big deal and could be a turning point for a lot more banks to get into the space,” said Joe Ciccolo, head of crypto compliance consulting firm BitAML, and a speaker during the mid-day “Crypto and Coffee” session on Day Two of ACFCS Fincrime Virtual Week.

The OCC letter “could be a wakeup call for banks that shunned Bitcoin or haven’t had that serious conversation with their compliance department and board.”

ACFCS Financial Crime Virtual offerings
The OCC letter “could be a wakeup call for banks that shunned Bitcoin or haven’t had that serious conversation with their compliance department and board.”
Joe Ciccolo
- Joe Ciccolo, head of crypto compliance consulting firm BitAML 
Designer

UK banking group reveals top ten Covid-19 frauds, including impersonating government agencies, dating app romance scams

The Skinny:

  • The United Kingdom’s top financial services sector lobbying body, U.K. Finance, has released what it considers the top 10 scams attempting to take advantage of the coronavirus pandemic, including impersonating government finance and health agencies, teasing stimulus relief funds and even infiltrating dating apps.
  • The influential group stated that institutions have noticed a marked uptick in fraud groups attempting to get at customers through emails, texts, phone calls and more, putting more pressure on bank counter-fraud and anti-money laundering teams.  
  • In many instances, scammers are trying to use the fear and uncertainty around the pandemic as leverage – in some cases offering fake resources or avenues for personal protective equipment, or, for those out of work, access to desperately needed stimulus funds.
  • The warnings echo the frenzied messages of other government regulatory, investigative and watchdog groups, including the U.S. Treasury’s Financial Crimes Enforcement Network, which has also released several statements and advisories on how organized criminal groups, hackers and low level opportunists and trying to sow chaos in the real and virtual worlds.

By Brian Monroe
bmonroe@acfcs.org
July 30, 2020 

The United Kingdom’s top lobbying body for the financial sector revealed today what it considers the top 10 scams attempting to take advantage of the coronavirus pandemic, including impersonating government finance and health agencies, teasing stimulus relief funds and even infiltrating dating apps.

United Kingdom (UK) Finance – the leading industry body for financial services in the UK, representing more than 250 firms providing finance, banking, markets and payments-related services in or from the UK – stated that institutions have noticed a marked uptick in fraud groups attempting to get at customers through emails, texts, phone calls and more.  

In many instances, scammers are trying to use the fear and uncertainty around the pandemic as leverage – in some cases offering fake resources or avenues for personal protective equipment, or, for those out of work, access to desperately needed stimulus funds.

“Using the coronavirus pandemic as an opportunity, fraudsters are using sophisticated methods to callously exploit people, with many concerned about their financial situation and the state of the economy,” according to UK Finance.

Some scams manipulate innocent victims, urging people to invest and “take advantage of the financial downturn.”

These criminal groups, cognizant that people are stuck at home, watching Netflix and other streaming apps, are also “impersonating well-known subscription services to get people to part with their cash and personal information.”

Stealing debit and credit card details, and draining a bank account, is only one prong of the larger battle plan. Personal data can in some cases be even more valuable than what is in a person’s bank account.

Why? While you might have $500 in your savings and a credit card with a limit of $10,000 – a nice overall haul for a scammer – they can get a lot more, and do a lot worse, and leave you footing the bill.

With enough information, a fraudster could file for your tax return, change your information with the government and start receiving your pandemic-fattened unemployment check, take out a loan with your credit for $50,000 or $100,000.

Then they disappear and credits come after you.  

Criminals are even “posing as representatives from the UK National Health Service NHS Test and Trace service in an effort to trick people into giving away their personal details.

How to spot a pandemic scam: inconsistencies, payment urgency

UK Finance also offered some overarching tips to better spot a Covid-19 scam, including if:

  • The website address is inconsistent with that of the legitimate organisation
  • The phone call, text or emails asks for financial information such as PIN, passwords
  • You receive a call or email out of the blue with an urgent request for your personal or financial information, or to make an immediate payment
  • You’re offered a heavily discounted or considerably cheaper product compared to the original price
  • There are spelling and grammar mistakes, or inconsistencies in the story you’re given

Moreover, as part of a broader campaign to arm individuals from getting exploited at the outset, the group has condensed several powerful counter-fraud concepts into a simple, approachable and eminently shareable three-word directive: Stop, challenge and protect.

  • Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
  • Challenge: Could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • Protect: Contact your bank immediately if you think you’ve fallen for a scam and report it to Action Fraud.

Are you a financial crime compliance professional? Worried about fraud schemes and scams? ACFCS has you covered:

Special ACFCS Video Financial Crimecast: NICE Actimize’s Stephen Taylor discusses pandemic transaction trends, potential of AI, power of consortium-based analytics

Scammers could be pilfering $26 billion in fraudulent coronavirus pandemic unemployment claims: Labor Department Inspector General

FinCEN highlights key red flags for coronavirus pandemic medical scams, cyber-enabled frauds, including fake tests, phantom deliveries

Pandemic has hampered AML supervision, international investigations, cooperation, could help criminals evade CDD: FATF

ACFCS COVID-19 Pandemic Coverage: As fraud complaints soar, FTC offers tips, new resource in ‘Scam Bingo’ game

The pandemic scammer hit list: You really don’t want to be part of this top 10

The ten scams to be on the lookout for and how to spot them:

Covid-19 financial support scams

  1. Criminals have sent fake government emails designed to look like they are from government departments offering grants of up to £7,500. The emails contain links which steal personal and financial information from victims.
  1. Fraudsters have also been sending scam emails which offer access to ‘Covid-19 relief funds’ encouraging victims to fill in a form with their personal information.
  1. Criminals have been targeting people with official-looking emails offering a ‘council tax reduction’. These emails, which use government branding, contain links which lead to a fake government website which is used to access personal and financial information.
  1. Fraudsters are also preying on benefit recipients, offering to help apply for Universal Credit, while taking some of the payment as an advance for their “services”.

Health scams

  1. One of the most shocking scams that has appeared during the pandemic has involved using the NHS Test and Trace service. Criminals are preying on an anxious public by sending phishing emails and links claiming that the recipient has been in contact with someone diagnosed with Covid-19. These lead to fake websites that are used to steal personal and financial information or infect devices with malware.
  1. Victims are also being targeted by fake adverts for Covid-related products such as hand sanitizer and face masks which do not exist.

Lockdown scams

  1. Criminals are sending fake emails and texts claiming to be from TV Licensing, telling people they are eligible for six months of free TV license because of the coronavirus pandemic. Victims are told there has been a problem with their direct debit and are asked to click on a link that takes them to a fake website used to steal personal and financial information.
  1. Amid a rise in the use of online TV subscription services during the lockdown, customers have been targeted by criminals sending convincing emails asking them to update their payment details by clicking on a link which is then used to steal credit card information.
  1. Fraudsters are also exploiting those using online dating websites by creating fake profiles on social media sites used to manipulate victims into handing over their money. Often criminals will use the identities of real people to strike up relationships with their targets.
  1. Criminals are using social media websites to advertise fake investment opportunities, encouraging victims to “take advantage of the financial downturn”. Bitcoin platforms are using emails and adverts on social media platforms to encourage unsuspecting victims to put money into fake investment companies using fake websites.

During this pandemic “we have seen criminals using sophisticated methods to callously exploit people’s financial concerns, impersonating trusted organizations like the NHS or HMRC, to trick them into giving away their money or information,” said Katy Worobec, Managing Director of Economic Crime at UK Finance.

“The banking and finance industry is tackling fraud on every front, investing millions in advance technology to protect customers and working closely with the government and law enforcement to stop the criminal gangs responsible and neutralize the threat.”

In U.S., top AML agency also warns of rising fraud, cyberattack risks

More criminals, scammers and fraudsters trying to pilfer anything they can in the real and virtual worlds is not limited to the U.K.

The Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit (FIU) and administrator of anti-money laundering (AML) rules, has stated in multiple warnings in recent months that bank counter-crime teams will be tested anew on all fronts.

The agency also stated that haste and urgency should be paramount for financial institutions related to the coronavirus as fraudsters and cyber hacking groups have increased their attacks against banks, corporates and individuals.

In response, FinCEN has expanded its “Rapid Response” group and is more aggressively reviewing tips, suspicious activity reports (SARs) in its AML database and working more closely with domestic and foreign law enforcement agencies to recover pilfered funds – in one case alone recouping $300 million.

When it comes to various cyber-fueled fusillades, such as business email compromise (BEC) attacks – an attack vector soaring in popularity in recent years and even more potent in the chaos of a global pandemic – FinCEN has successfully assisted in the recovery of approximately $900 million with the assistance of 64 countries.

But to recapture funds stolen from a bank, corporate or person, the bureau has an incredibly short window – something that financial institution fraud, AML and investigations teams must be aware.

While FinCEN does not ensure recovery of BEC stolen funds, FinCEN has “achieved greater success in recovering funds when victims or financial institutions report BEC-unauthorized and fraudulently induced wire transfers to law enforcement within 24 hours.”

In latest advisory on pandemic fraud trends, FinCEN puts senior management, tellers on notice

In a just released advisory, FinCEN is also putting more pressure on the overall fincrime compliance defenses at financial institutions.

The advisory is notable for financial crime compliance teams and beyond as FinCEN stated the red flags should be shared in and outside of AML, to the upper echelons of the chief executive and chief compliance officer, to cyber defenders and even frontline staff, including bank tellers and customer service agents.

This advisory is just the latest in series coming from FinCEN attempting to illumine bank fraud and AML teams, regulators and law enforcement to broader pandemic-themed criminal proclivities.

In a series of missives in recent months, FinCEN has highlighted key trends across banks, AML suspicious activity report (SAR) filings and active law enforcement cases evincing possible COVID-19-related medical scams, including:

  • fraudulent cures, tests, vaccines, and services;
  • non-delivery scams; and
  • price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.

Examples of fraudulent medical services include claims related to “purported vaccines or cures for COVID-19, claims related to products that purportedly disinfect homes or buildings, and the distribution of fraudulent or unauthorized at-home COVID-19 tests.”

Some of these scams may be perpetrated by illicit actors “who recently formed unregistered or unlicensed medical supply companies,” according to FinCEN, a critical clue for AML teams and a quick way to winnow out scammers: see how long the business has been around and scrutinize incorporation documents.  

To read FinCEN’s “Advisory on Medical Scams Related to the Coronavirus Disease 2019,” click here.

To read FinCEN’s “Notice Related to the Coronavirus Disease 2019,” click here.

How best to uncover a pandemic-fueled fraudster? History will uncover the mystery

Financial indicators of these scams may include:

  • History of fraud: U.S. authorities, such as the Federal Trade Commission (FTC), the Food and Drug Administration (FDA), or the DOJ, have identified the company, merchant, or business owners as selling fraudulent products.
  • Web of lies: A web-based search or review of advertisements indicates that a merchant is selling at-home COVID-19 tests, vaccines, treatments, or cures.
  • Make it personal: The customer engages in transactions to or through personal accounts related to the sale of medical supplies, which could indicate that the selling merchant is an unregistered or unlicensed business or is conducting fraudulent medical-related transactions.
  • What’s in a name: The financial institution’s customer has a website with one or more indicia of suspicion, including a name/web address similar to real and well-known companies, a limited internet presence, a location outside of the United States, and/or the ability to purchase pharmaceuticals without a prescription when one is usually required.
  • Image control: The product’s branding images found in an online marketplace appear to be slightly different from the legitimate product’s images, which may indicate a counterfeit product.
  • The price is right: The merchant is advertising the sale of highly sought-after goods related to the COVID-19 pandemic and response at either deeply discounted or highly inflated prices.
  • Card sharks: The merchant is requesting payments that are unusual for the type of transaction or unusual for the industry’s pattern of behavior. For example, instead of a credit card payment, the merchant requires a pre-paid card, the use of a money services business, convertible virtual currency, or that the buyer send funds via an electronic funds transfer to a high-risk jurisdiction.
  • Miscreant merchants: Financial institutions might detect patterns of high chargebacks and return rates in their customer’s accounts. These patterns can be indicative of merchant fraud in general.

FinCEN Director Ken Blanco also noted that it’s not just banks that should be more aggressively watching out for the warnings signs of pandemic fraud, and related flow of illicit finances – but more criminals are choosing to monetize their illicit hauls through virtual currency exchanges.

“FinCEN has observed that cybercriminals predominantly launder their proceeds and purchase the tools to conduct their malicious activities via virtual currency,” he said at a recent industry event.

“Your institutions have the opportunity, and obligation, to help identify these illicit criminal networks in your suspicious activity reporting to FinCEN, so that FinCEN can aggregate and analyze this information to identify red flags, permitting industry to spot risks.”

Special contributor report: Golden passports, gilded gatekeepers and oily oligarchs – Key takeaways for anti-financial crime professionals from the UK ISC report on Russia

The Skinny:

  • In this special contributor piece, longtime fincrime compliance thought leader Dev Odedra tackles a new report by a top government intelligence body on the overarching risks Russia poses to the United Kingdom.
  • While not focusing singularly on financial crime, the report by the United Kingdom’s Intelligence and Security Committee (UK ISC) published this week includes a plethora of takeaways for anti-money laundering (AML) professionals.
  • The report highlights counter-crime risks unique to the U.K., and other countries, including the pitfalls of when jurisdictions offer citizenship for a price, dubbed “golden visas” or “golden passports.”
  • While a country may legitimately have a need for foreign capital, these arrangements can all too often open the door for money launderers and corrupt political powerbrokers to legitimize wealth.
  • Part and parcel of this effort are the armies of gatekeepers – including lawyers, accountants, professional services firms and others – who not just help hide this wealth behind offshore shell companies with opaque ownership structures in secrecy jurisdictions, they also throw up legal barriers to uncovering its illicit origins.
  • That is exactly what happened when the UK’s top investigative agency tried to unsheathe its Unexplained Wealth Order (UWO) regime. Investigators targeted real estate that appeared not to make sense tied to a wealthy Kazakh family – and lost.
  • Further throwing salt on the wound, the courts issued a monetary judgement against the National Crime Agency (NCA), eating up much of the resources meant to go after bad guys, blunting the power of a much-ballyhooed new weapon in the fight against financial crime. 

By Dev Odedra
Independent AML expert, director, Minerva Stratagem Consulting
July 22, 2020

With minor editing and content additions by ACFCS VP of Content, Brian Monroe

A new report by a top government intelligence body tackles the overarching risks Russia poses to the United Kingdom, including the pitfalls of jurisdictions offering citizenship for a price, dubbed “golden visas” or “golden passports,” and the offensive and defensive capacities of gatekeepers as “professional enablers.”   

While not focusing singularly on financial crime, the report by the United Kingdom’s Intelligence and Security Committee (UK ISC) published on Tuesday, July 21, 2020[1], and simply titled “Russia,” should be required reading for those in risk management and compliance within financial institutions.

Why? The illicit finance elements and methodologies in the report give cause for consideration as they could be applicable to any country and not necessarily exclusive to Russia and UK. 

Illicit finance: the risks of citizenship by investment or ‘golden passports’

The report found that the UK became a favorable destination for oligarchs and their wealth, particularly due to the appeal of UK’s investor visa scheme along with ‘light touch’ regulation along with London’s strong capital and housing marketing offering sound investment opportunities.” 

Whilst both regulation and visa requirements have been tightened in the UK today, issues concerning regulation, as well as exploitation of visa schemes, also called “golden passports,” are not unique to the UK.

In these arrangements, an individual can gain citizenship by spending or investing a certain amount in a given country.

Historically, some countries, while potentially legitimately seeking foreign capital to fill empty government coffers, have inadvertently drawn risky powerful individuals, who then move questionable funds to the jurisdiction and away from the prying eyes, or international sharing agreements, of the home country.   

Only this month, the Court of Justice of the European Union ordered Romania and Ireland to pay[1] €3 million and €2 million respectively for failing to transpose in full requirements under the EU Fourth Anti-Money Laundering Directive (4AMLD), something that is more robust than the previous light touch regulation referred to in the report. 

Previous research in 2018 by Global Witness and Transparency International found a lack of transparency, insufficient due diligence and weak governance in Europe’s golden visa schemes[2]

More recent criticism early in 2020 by Global Witness pointed to Cyprus, Malta and Portugal, which it claimed continued to operate vulnerable visa schemes[3].

Politics and finance: The interplay of foreign power, money and influence peddling

The position that the UK found itself in meant it allowed a mechanism through which illicit funds could be laundered, what the report refers to as the London “laundromat.” 

Beneficiaries such as “PR firms, charities, political interests, academia and cultural institutions” all contributed to “reputation laundering” as a result.

The report includes a focus on foreign political interference.

While this type of influence-peddling is typically hidden behind opaque shell companies in jurisdictions with weak transparency standards, financial crime compliance professionals should note that a report by Transparency International in 2018[1] analyzed how corrupt and repressive regimes sought influence and legitimacy through engagement with UK Parliamentarians, including donations. 

The Transparency International report focused on three countries; Azerbaijan, Russia and Bahrain

It found an apparent lack of due diligence undertaken on who UK parliamentarians engaged with and the access/services provided to groups and individuals connected with high-level corruption or human rights abuses abroad.

The ISC report also found that several members of the foreign elite, who are closely linked to the state, were found to have been involved with charitable and/or political organizations in the UK, having donated to political parties. 

This subject may be of particular interest for those in risk management and compliance functions in financial institutions. 

Whilst politically-exposed person (PEP) assessments look into the Source of Wealth and backgrounds of politically exposed clients, when completing such checks it may be worth considering if there are any activities/relationships which may fall outside of the standard radar range of regular checks.

An issue to consider if you are in a compliance, risk management, know-your-customer (KYC) customer due diligence (CDD), enhanced due diligence (EDD), risk assessment (RA) or related roles is this unfortunate reality: PEPs may have illicit connections that are beyond the usual family members and business associates but as the findings suggest, may still pose risks.

Professional enablers: The nebulous gateways of gatekeepers

Significant foreign funds into a country often involve enablers on both ends of the transaction, such as lawyers, accountants and estate agents, all which play a part in facilitating finance and investment. 

In the case of the UK, the arrival of funds resulted in a growth in the enabler industry, which played a part, wittingly or unwittingly, in the extension of foreign influence in the UK. 

The report also highlights the importance of due diligence.

In one particularly egregious example, the report stated that a large private security industry had developed catering for the elite and “on occasion helped launder money through offshore shell companies and fabricate due diligencereports, while lawyers provide litigation support.”

Tools, resources and challenges: In UK, a call to unsheathe, sharpen new weapon

The ISC report also notes that the National Crime Agency’s (NCA) efforts have also focused on investigation of UK-based professional enablers in the financial and property sectors in order to challenge perceptions – and address criticisms and gaps in the country’s overall counter-crime framework, many say – that the UK is a haven for illicit funds. 

One such new shiny weapon in the UK’s arsenal to help reveal instances of corruption,  money laundering and fraud, arriving in recent years with great fanfare, has thus far remained sheathed – blunted by legal challenges and embarrassing, costly defeats.  

Unexplained Wealth Orders (UWO), which came into force in 2018 through the Criminal Finances Act 2017, were called into question recently when the NCA failed in its attempts to impose them on property linked to a wealthy Kazakh family[2]

The report concedes that the extent to which funds can be invested and reinvested calls into question the efficacy of the UWO’s, particularly as the targets of them have long-established and what may now appear to be apparently legitimate financial interests in the UK.

Whilst these new powers under the Criminal Finances Act 2017 theoretically provide the NCA with more tools to tackle financial crime, in practicality the successful execution of them can prove to be challenging, as the recent case demonstrates. 

The types of individuals the UWO’s have targeted have the financial means to ensure their lawyers, in this case playing the role of professional enablers, can challenge them. 

This is in stark contrast to the resources of the NCA, or lack thereof. Why is this such a high hurdle? Because the accused launderer or corrupt oligarch may have deeper pockets than the NCA.

The financial award against the NCA in the case against the Kazakh family came at a cost of £1.5m, more than a third of the £4.3 million budget of the NCAs international anti-corruption unit, according to media reports.

This appears to be evidenced in the report as it notes the practical issues around the use of UWO’s, where the NCA explain:

We are, bluntly, concerned about the impact on our budget, because these are wealthy  people with access to the best lawyers and the case that we have had a finding on…has been through every bit of court in the land, and Ive got a very good legal team based within the National Crime Agency but they had a lot of resources dedicated out.”

Although the report suggested that the Security Minister was optimistic about their use in the future and is quoted as saying that intelligence had suggested individuals had approached financial advisors on how to get funds out of the UK, the NCA remained cautious.

The Director-General of the NCA is quoted in the report, noting that: “…unexplained wealth does have to be unexplained and, unfortunately…Russians have been investing for a long period of time…you can track back and you can see how they will make a case in court that their wealth is not unexplained, it is very clearly explained.”

A glimpse of the future: Governments need to close loopholes, disable enablers

Although the focus of the report was not necessarily on financial crime, it does leave anti-financial crime professionals with several points for consideration.

Some issues for countries and financial crime compliance professionals to scrutinize:

  • Close the loopholes: Regulatory loopholes that still may exist, opening the door for exploitation.
  • Politically power brokers: The ability to effectively assess risks where there is a crossover of politics and finance.
  • Disable the enablers: Risks that remain with professional enablers, a powerful group that can include lawyers, accountants, professionals services firms and others.
  • Don’t KO the UWO: Challenges that may exist despite continued efforts and tools at the disposal of law enforcement. One example of this, as we mentioned, would be the UK UWO. The UK NCA shouldn’t just pick up it toys and go home after getting bloody and bruised on the playground. The agency should learn from its failures, deepen its investigations, sharpen its suspected UWO cases and get back in the fight.   

In closing, to add to these considerations, anti-financial crime professionals should also consider other continued and emerging threats. 

Whilst the report does cover cyber threats, it does not specifically focus on financial risks related to cybercrime. 

A cautionary case for anti-financial crime professionals was that of 12 individuals indicted in mid-2019, which touched upon both political interference and cybercrime. The U.S. Department of Justice announced[1] that the agency had charged a bevy of individuals in relation to crimes that were intended to interfere with the 2016 U.S. presidential election.

The indictment details that to avoid detection, the defendants used false identities combined with a network of computers located around the world and the United States.  They paid for them with cryptocurrency through mining bitcoin and “other means” intended to obscure the origin of the funds.

Their funding structure was said to have supported efforts to buy key accounts, servers, and domains e.g. the same bitcoin mining operation that funded the registration payment for a website also funded the servers and domains used in a spear-phishing campaign.

About the author

Dev Odedra is an independent anti-money laundering and financial crime expert. 

He has more than a decade of experience in managing financial crime risk in the retail, corporate and investment banking
sectors. 

His expertise covers investigations, advisory and controls implementation and improvement. 

Dev is also a prolific author and gathers and analyzes many of the biggest financial crime compliance news stories on social media to help the community keep abreast of key criminal, regulatory and program trends. 

Want to chat with Dev? Feel free to connect with him here

ACFCS Member Spotlight: Ability to quickly react, adapt to shifting typologies, proactively empower banks, investigators, critical to countering soaring scourge of human trafficking, says ATII head Aaron Kahler

The Skinny:

  • In this ACFCS Member Spotlight, a longtime compliance professional and thought leader shares his journey over the past 15 years from fighting fraud as an intern to spearheading the creation of a non-profit to fight human trafficking.
  • August 2020 will be the one-year anniversary that Aaron Kahler became the Founder and Chief Executive Officer of the Anti-Human Trafficking Intelligence Initiative (ATII). 
  • ATII is a 501(c)(3) tax exempt non-profit organization combating global human trafficking by leveraging corporate social responsibilities directly through advocacy awareness, intelligence integration, technology advancement and strategic data collaboration.  
  • The group is designed to be a hub helping to better knit together the at-times disparate groups of public and private entities divining the red flags of human trafficking.
  • With a background in financial crime investigations, compliance and consulting, Kahler is helping the various groups see the bigger picture, from customer actions and transactional tells in bank monitoring systems to the law enforcement agencies on the ground putting all the pieces together to identify and crush larger domestic and international trafficking networks. 
  • Kahler’s mission to fight human slavery in all of its forms, while not an easy goal, is a worthy one. Human trafficking is one of the most profitable crimes in the world, generating some $150 billion annually. There are estimated to be more than 40 million victims of human trafficking globally.

By Brian Monroe
bmonroe@acfcs.org
July 16, 2020 

For Aaron Kahler, the spark that caused him to devote his life to fighting one of the world’s most sinister and soaring crimes, human trafficking, started early in his career with internships fighting fraudsters and protecting consumers – a common theme that would foreshadow a mission to safeguard other vulnerable groups.

While he didn’t know it at the time, Kahler’s stints more than 15 years ago with the New York State Office of the Attorney General and MasterCard as a fraud investigator – helping individuals taken advantage of by unscrupulous corporates and individuals – would set him on a path to create a non-profit devoted to counter human trafficking and human slavery.

August 2020 will be the one-year anniversary that Kahler became the Founder and Chief Executive Officer of the Anti-Human Trafficking Intelligence Initiative (ATII). 

ATII is a 501(c)(3) tax exempt non-profit organization combating global human trafficking by leveraging corporate social responsibilities directly through advocacy awareness, intelligence integration, technology advancement and strategic data collaboration.  

The group is designed to be a hub helping to better knit together the at-times disparate groups of public and private entities divining the red flags of human trafficking.

With a background in financial crime investigations, compliance and consulting, Kahler is helping the various public and private sector groups see the bigger picture, from customer actions and transactional tells and the law enforcement agencies on the ground putting all the pieces together to identify and crush larger domestic and international trafficking networks. 

As a point of context, human trafficking is a global problem generating billions of dollars annually, a horrific figure indeed, but one that has forced these illicit groups to interact with the financial system – a dynamic that allows specially trained anti-money laundering (AML) teams a chance to identify, interdict and report those instances of human slavery. 

Human trafficking is one of the most profitable crimes in the world, generating some $150 billion annually. There are estimated to be more than 40 million victims of human trafficking globally.

The issue of human trafficking and its connections to financial institutions – and what those nuanced and undulating red flags may look like – is also on the minds of top regulatory and investigative watchdogs. 

Over the past decade, groups like the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) and the Paris-based Financial Action Task Force (FATF) have released guidance pieces to better help financial institutions understand when human traffickers might be attempting to move sullied funds through their institution.  

ATII will build on the analyses from FinCEN, FATF and others and combine their conclusions with insight from banks, law enforcement and other counter-trafficking groups in a bid to filter down to the latest schemes used by human trafficker operations to launder their ill-gotten proceeds. 

Some examples include delving into and dissecting current flashpoint issues such as trafficking groups weaving together transactions in crypto coins and anonymous prepaid cards before transacting with banks.

Their tacit aim in such a tactic: making financial institution identification of human trafficking trends all the more difficult, which is why there is such a fincrime compliance industry push for more information sharing between the AML teams at brick-and-mortar operations and their counterparts at virtual coin exchange vaults. 

Not surprisingly, one of the most important skills for those working to fight human trafficking is the ability to react, adapt and overcome, to what criminal groups are doing, what investigators say they are seeing and what regulators want as a compliance response, Kahler said.

“The financial crimes field, related typologies and governing regulations are changing regularly and having the ability to adapt both proactively and reactively is at the forefront of necessary abilities needed in the industry,” he said.  

Another underrated characteristic in the financial crimes space that is necessary for true success in the field: creativity – and a relentless desire to grow, voraciously capture knowledge and share that as widely and broadly as possible to help others.

“I encourage practitioners to dig deeper in whatever aspects of their career they are passionate about (i.e., writing, speaking, problem solving, building programs, investigation) and use it as a platform to express their professional creativity,” Kahler told ACFCS.

He added that taking a holistic, convergent approach to compliance, learning and training can help professionals go more quickly from learning to doing.

Achieving the Certified Financial Crime Specialist (CFCS) credential can bolster and “solidify your existing experience in the field with a specialized designation in financial crimes, which will make you more effective and knowledgeable while setting you apart from others in your field who have not made the commitment to invest further in themselves.”

One of Kahler’s favorite quotes, though, evinces the duality that every financial crime compliance professional must ascribe: the ability to have a singular focus on a problem, but also demonstrate the capacity to be flexible enough to inculcate new ideas and strategies to counter the enemy of narrowminded thinking.

“I fear not the man who has practiced 10,000 kicks once, but I fear the man who has practiced one kick 10,000 times.” – Bruce Lee.

“Although this is not advice I received directly, it is absolutely a quote I apply across the board in both a professional and personal capacity as an individual passionate about a number of different activities (i.e., Brazilian jiu jitsu, scuba & free diving),” Kahler said.  

The quote emphasizes the importance of a high level of focused practice and proficiency. 

“Early on in my career I was given the opportunity within financial services consulting to work with a number of different groups practicing a variety of disciplines, but stayed focused on AML and Financial Crimes, honing this craft and advancing my career path,” he said.  

Today he still sees tremendous value in this quote within the early years of developing a craft (professional or personal), but with a caveat: one should use focused practice and proficiency early on as a strategy to grow, but ultimately evolve to understand the fluidity and adaptability of the focused strategy.

“This will prevent a narrow perspective and further enable growth in their professional or personal path,” Kahler said. “In other words, understand the strategy is part of your base as a practitioner of your craft and evolve the application of said craft outside the original use case.”  

With focus, drive, determination and passion, some risks – such as starting your own non-profit with high hurdles and lofty goals – can also have unexpected rewards.

“Launching ATII has been the most creative, rewarding and fascinating endeavor I have ever taken on both personally and professionally,” Kahler said.

To visit ATII’s website, please click here or to start a dialogue on LinkedIn, please click here

Kahler was kind enough to share some of his insight in our latest ACFCS Member Spotlight:

What do you do in your current role?

I am the Founder and Chief Executive Officer of the Anti-Human Trafficking Intelligence Initiative (ATII). 

We are a 501(c)(3) tax exempt non-profit organization combating global human trafficking by leveraging corporate social responsibilities directly through advocacy awareness, intelligence integration, technology advancement and strategic data collaboration.  

As the Founder of the organization, my goal is to get our anti-human trafficking program, data, technology and training in as many financial institutions as possible, directly resulting in Suspicious Activity and Suspicious Transaction Reports being filed specifically on human trafficking. 

This ultimately will result in saving lives, bringing traffickers to justice and disrupting global trafficking operations

What does your career trajectory in financial crime look like?

I was very fortunate to be able to get practical experience in the financial crime industry through my college major in Economic Crime Investigation at Utica College (at the time, part of Syracuse University) and internships in the field for several years while studying.

Having a specialized background and some prior experience in the field allowed me the opportunity to get into the anti-money laundering field right out of college and gain exposure to investigations with Citibank in New York City. 

As I gained experience in the field working within the bank, I transitioned into financial services advisory consulting on AML and Financial Crimes.

Working in the advisory consulting space early in my career was a very enjoyable and rewarding experience that allowed for exposure to many different financial institutions of all types, sizes, locations and products/services while also experiencing extensive travel in the US and abroad (I have been to every continent other than Africa and Antarctica).  

I spent most of my 15+ year career working in advisory consulting as I advanced in the field with several firms over the years, while branching out on my own several times in between roles.

Taking the time to step away from the corporate umbrella to fly your own flag as an entrepreneur is not for everyone.

But I found that being accountable for my own professional development, salary, business relationships, media/marketing and everything else under the sun are the experiences that helped accelerate my career, build a brand for myself and evolve as a professional.

What is the best advice you have ever received?

“I fear not the man who has practiced 10,000 kicks once, but I fear the man who has practiced one kick 10,000 times.” – Bruce Lee

Although this is not advice I received directly, it is absolutely a quote I apply across the board in both a professional and personal capacity as an individual passionate about a number of different activities (i.e., Brazilian jiu jitsu, scuba & free diving).

The quote emphasizes the importance of a high level of focused practice and proficiency. 

Early on in my career I was given the opportunity within financial services consulting to work with a number of different groups practicing a variety of disciplines, but stayed focused on AML and Financial Crimes, honing this craft and advancing my career path. 

Today I still see tremendous value in this quote within the early years of developing a craft (professional or personal), but with a caveat: one should use focused practice and proficiency early on as a strategy to grow, but ultimately evolve to understand the fluidity and adaptability of the focused strategy.

This will prevent a narrow perspective and further enable growth in their professional or personal path. In other words, understand the strategy is part of your base as a practitioner of your craft and evolve the application of said craft outside the original use case.

What would you say are the most important attributes for someone in your role to be able to succeed?

The financial crimes field, related typologies and governing regulations are changing regularly and having the ability to adapt both proactively and reactively is at the forefront of necessary abilities needed in the industry. 

I also think an underrated characteristic in the financial crimes space that is necessary for true success in the field is creativity.

I encourage practitioners to dig deeper in whatever aspects of their career they are passionate about (i.e., writing, speaking, problem solving, building programs, investigation) and use it as a platform to express their professional creativity.

In my case, as someone who is in the middle of a career transition from the corporate sector to nonprofit leadership, it is clear that the many years of experience adapting to different client institutions needing various compliance, investigation and advisory services has prepared me for this next chapter of my career.

Launching ATII has been the most creative, rewarding and fascinating endeavor I have ever taken on both personally and professionally.

I am thankful that I have held prior roles within the financial crime space that have given me the encouragement and autonomy to develop creatively.

How has (compliance, investigations, etc.) changed and evolved during your career?

There has been a great deal of evolution in the financial crime field in the last 15 years that have had significant impacts on the profession. 

Technology is a major one that comes to mind and I am sure everyone has not only seen but lived through these changes as a professional and an individual these days navigating through all of the dangers presented by fraudsters on a daily basis. 

A major impact in the evolution of the financial crimes field and related compliance climate comes from changes in the regulatory environment, most notably following 9/11, the US PATRIOT ACT and the 2008 financial crisis. 

I would not be doing my job as an anti-human trafficking advocate if I did not talk about the current state of evolution and road to eventually having specific regulations around anti-human trafficking that financial institutions will be required to comply with. 

In 2014, FinCEN released guidance indicating that specific verbiage was required in the SAR narrative, so that accurate tracking of HT and HS reports could occur. In June of 2018, FinCEN had updated the U.S. suspicious activity report (SAR) to include a Human Trafficking Checkbox within the SAR form.

(Thank you to Joanne Alicea, an ACFCS Scholarship recipient who lobbied for seven years and was instrumental in this change!) 

As FinCEN continues showcasing the importance financial institutions play in anti-human trafficking through guidance and key changes to reporting mechanisms, it is my hope that institutions will realize bigger changes are on their way and begin practicing corporate social responsibility now rather than waiting until mandated to do so. 

What do you see as the key challenges related to financial crime in your role or in the sector overall?

A major challenge in both the fight against financial crime and anti-human trafficking is maximizing financial intelligence through collaboration and information sharing. 

A key challenge is the regulatory barriers that deter institutions from better utilizing and more actively collaborating through their collective financial intelligence. 

How to improve?

Further catering regulations and corresponding guidance to decrease obstacles that can get in the way of promoting financial institution collaboration with law enforcement, other financial institutions and non-governmental organizations.

By working more closely together to share information, trends and data, these public and private sector groups can more quickly identify the criminal networks that support various financial crimes including but not limited to, terrorism, drug-trafficking, money laundering, elder abuse and modern slavery. 

What motivated you to become a financial crime professional?

I originally had planned on becoming a Criminal Justice major and was able to transition to the Economic Crime Investigation program I mentioned in a previous question above. 

What solidified my interest and motivation in financial crimes were internships early in my career with New York State Officer of the Attorney General and MasterCard. 

I worked as a Consumer Frauds Investigator with the AG’s Office helping people who were taken advantage of by a variety of different corporations and other individuals (such as landlords). 

For many years following the internship I continued receiving Christmas cards from grateful folks I had helped when they needed it.

At MasterCard I worked with their Fraud Management group in liaison with Federal law enforcement investigation websites dealing in child pornography and accepting credit card payments.

This was a very sad but rewarding experience that I would not know at the time, but has shaped my evolution as a financial crime professional, eventually culminating in what I am doing with my expertise today at ATII.

Is there anything that surprised you about your current role?

Pretty much everything about my current role surprises me. I find myself feeling the most passionate, fulfilled and forward-looking about my work to counter human trafficking and support victims. Those have resulted in some of the most rewarding experiences of my life. 

The amount of support pouring in from my family, friends and network has provided both incredible motivation and confirmation that I am on the path I should be on.   

Why did you join ACFCS and/or become CFCS-certified?

I reached out to the ACFCS after seeing how active they were in releasing content, interviewing experts and covering best practices in the anti-human trafficking effort. 

ACFCS is dedicated to educating their members on the topic and was as excited as we were to partner together to raise human trafficking awareness and educate on how financial crime professionals can help. 

As part of our collaborative efforts, ACFCS has generously donated Associate Memberships, materials and the testing fees allowing our team to become CFCS-certified.

I am in the process of becoming CFCS-certified and am taking advantage of the downtime many of us have due to the Corona virus. 

How did you get your first job in the field and what advice would you give other job seekers to help land their first position?

My first jobs in the field were internships while still in college. I was in a financial crimes specific major and very active in leveraging networking opportunities with organizations that were affiliated with my college program as well as prior graduates working in the financial crimes field.

I credit my acceptance for early internships with the New York State Officer of the Attorney General and MasterCard’s Fraud Management Department to creatively using the resources available to me, prioritizing the importance of networking and good old-fashioned persistence.

The experience gained from these internships in combination with my degree was what ultimately helped me land my first full-time role.

Ensuring that you can gain some form of practical experience in your field to supplement your education (college and professional organizations like ACFCS) is the biggest advice I would give in helping to land your first position.

Ideally, your practical experience would be a paid opportunity but even taking a part-time, non-paid role that you can squeeze in around your other obligations will give you invaluable experience that differentiates you from others when applying for your first job. 

What is the most rewarding part of your job?

The Anti-Human Trafficking Intelligence Initiative (ATII) is still in its early stages but it has been amazing to see so many individual contributors, partners and socially responsible organizations ready and willing to collaborate with us in combating modern slavery. 

We recently received word from a large global financial institution that an early proof of concept involving our High Risk Human Trafficking Data has led to uncovering several large networks of trafficking rings.

Knowing that our work will give financial institutions, corporations, law enforcement and other agencies the resources to better tackle human trafficking and contribute directly to protecting the vulnerable is my reward. 

For professionals with 5-10 years of experience, what advice would you give to help them rise in their careers to the next level?

Investing in yourself to further develop your expertise in the space is a big piece of advice I would give. 

Some simple ways to do this is to write industry articles or blogs (co-authoring is an option to get your foot in the door), speaking in industry round-tables, webinars or small chapter events (to build confidence initially) and joining industry thought leadership groups, committees or consortium’s catered to your field.

Getting certified as a CFCS particularly to solidify your existing experience in the field with a specialized designation in financial crimes will make you more effective and knowledgeable while setting you apart from others in your field who have not made the commitment to invest further in themselves.

Also, looking beyond just the financial crimes aspect of your role and taking courses or getting certifications deeper in the products, services or specilaiazation of your particular industry is also something that can help you grow and differentiate you in your field. 

Some examples: CRCM in the banking field, CipherTrace Certified Examiner (CTCE) or Certified Cryptocurrency Investigator in forensic cryptocurrency/blockchain, Series 7/23 for Broker Dealer, Casino education, etc…

After multiple legal setbacks, hefty legal bill, UK forced to rethink power, promise of UWOs to take down McMafia criminals

The Skinny:

  • The United Kingdom’s top counter-crime investigative body, the National Crime Agency (NCA) is redoubling its efforts to finally unsheathe what was hailed as an innovative, powerful tool to fight money laundering, corruption and other complex financial crime “McMafia” cases.
  • In all, the unexplained wealth order (UWO), was supposed to be an explosive arrow in the quiver of the NCA and other investigative agencies that would force shady groups to divulge their source of funds when the numbers appeared not to legally add up.
  • In early 2018, the government unveiled the UWO as the expected centerpiece of a forthcoming “full-spectrum” assault on illicit wealth being laundered through the London property market.
  • That, however, could be changing after a stinging, and costly, legal defeat.
  • The NCA and other U.K. law enforcement agencies have been forced to do a re-think after the double whammy of a recent loss in front of the Court of Appeal and a hefty legal bill that could eat up much of the funding meant to go after bad guys.  
  • The Court of Appeal hit the NCA with a £1.5 million legal bill from a failed attempt to impose UWOs on three London properties worth £80 million linked to a wealthy Kazakh family.

By Brian Monroe
bmonroe@acfcs.org
July 14, 2020 

The United Kingdom’s top counter-crime investigative agency is gearing up for a critical legal battle to finally unsheathe what was hailed as a powerful tool to fight money laundering, corruption and other complex financial crime “McMafia” cases.

Government ministers, public and private watchdog groups and investigative agencies all lauded the promise and potential of the unexplained wealth order (UWO), an explosive arrow in the quiver of the National Crime Agency (NCA) and other investigative agencies that would force groups to divulge their source of funds when the numbers appeared not to legally add up.

In early 2018, the government unveiled the UWO as the expected centerpiece of a forthcoming “full-spectrum” assault on illicit wealth being laundered through the London property market, according to public statements and media reports.

That, however, could be changing after a stinging, and costly, legal defeat.

The NCA and other U.K. law enforcement agencies that were expected to bring multiple UWO actions a year, uncovering graft-gilt oligarchs and mega-laundering gatekeepers, have been forced to do a re-think after the double whammy of recent losses in front of the High Court and Court of Appeal and a hefty legal bill that could eat up much of the funding meant to go after bad guys.  

The Court of Appeal hit the NCA with a £1.5 million legal bill from a failed attempt to impose UWOs on three London properties worth £80 million linked to a wealthy Kazakh family.

The court ordered the payment of £500,000, immediately, further criticizing the NCA’s approach to the case as “flawed” and refused permission to appeal. Sources told The Times that the agency was braced to pay the remainder of £1 million.

A previous High Court judgment in April was scathing of the NCA’s investigation describing it as inadequate.

It said the agency ignored “cogent evidence” the properties were bought legitimately.

In NCA UWO legal defeat, lessons learned to fight another day

But there are lessons that can be learned from the High Court ruling if, and when, the NCA, or another government agency, wants to bring the UWO back into the fight, according to legal analysis by some of the top minds at Debevoise & Plimpton.

On a positive note, in National Crime Agency v Baker, the High Court highlighted some practical features of the UK’s relatively new UWO regime.

The first decided case in relation to UWOs focused on whether the wife of the chairman of a state-owned bank could be considered a ‘Politically Exposed Person,’ thereby enabling her to be the target of a UWO. 

Baker considered the strength and quality of the evidence relied upon by the NCA when seeking UWOs. The properties in question were ultimately beneficially owned by the ex-wife and son of Rakhat Aliyev, a Kazakh politician who died in exile in 2015.

After the UWOs were initially made at an ex parte hearing, the UWO targets (four offshore companies that owned the properties) voluntarily gave the NCA a written statement and supporting documentation regarding the purchase and transfer of the properties, their registered owners, and their ultimate beneficial owners.

The NCA still considered that the UWOs were needed (requiring the production of further documents and information regarding the properties), and the UWO targets applied to the Court to discharge them.

The following key points can be drawn from the judgment:

  • Although UWOs are a powerful means for the NCA to compel the disclosure of detailed information about the ownership of a property, the Court emphasised the relatively limited purpose of UWOs as an investigative tool.
  • Once the target has explained who owns a property and how it was acquired, the purpose of a UWO effectively falls away.
  • Any evidential disputes and whether the property should be forfeited as the proceeds of crime must be resolved in subsequent civil recovery proceedings, should the NCA decide to bring them.
  • Targets of UWOs will benefit from adopting a proactive approach when dealing with the NCA.
  • On the basis of the voluntarily-provided information, the UWO targets satisfied the Court that Aliyev’s ex-wife (a successful businesswoman in her own right) and son purchased the properties using funds unconnected to Aliyev’s alleged criminal activities, and therefore obtained the discharge of the UWOs.
  • This approach effectively undermined the evidential basis on which the NCA initially obtained the UWOs and obviated the need to answer directly each information requirement imposed by the UWOs.
  • Had the UWOs stood, any failure to comply with all of the information requirements would have led to a presumption that the properties had been obtained unlawfully for the purpose of future civil recovery proceedings. 
  • The Court emphasized that the use of complex offshore corporate structures or trusts to hold property cannot in itself lead the NCA to suspect that they are being used for wrongful purposes.
  • There must be some additional evidence creating an “irresistible inference” that a structure is being used to disguise money laundering.

The Court pointed to several obvious flaws in the NCA’s investigation, according to legal reviewers.  

Notably, the failure to consider the possibility that Aliyev’s ex-wife and son had the resources to purchase the properties independently of Aliyev and that his relationship with them ended before the properties were purchased.

Further, the NCA should have realized that his illegally-acquired assets had already been confiscated in Kazakhstan – all of which the NCA could easily have discovered before applying for the UWOs.

In seeking to defend the UWOs, the NCA also failed fairly to evaluate the new information that the UWO targets had voluntarily provided.

The judgment clearly indicates that the NCA will need actively to review the appropriateness of maintaining a UWO in light of information provided by its target as to the source of funds used to acquire the property in question, independently of the information requirements in the UWO.

The judgment also makes clear that the NCA cannot rely on inferences of impropriety solely based on the use of complex offshore structures and family relationships with PEPs, according to attorneys at Debevoise.

Will the cost of failure in early UWO regime legal tussles prove too high?

The costs of the case amount to more than a third of the £4.3 million budget of the NCA’s international anti-corruption unit and have prompted a rethink on the future use of UWOs.

The orders, which freeze assets and require those targeted to explain the source of their wealth, could be subject to a further legal challenge.

Lawyers for Zamira Hajiyeva, the wife of a jailed Azerbaijani banker whose properties worth £22 million are frozen, are seeking a Supreme Court hearing.

The situation is embarrassing for the Home Office, which predicted in an impact statement in 2017 that UWOs would be used in 20 cases per year with a maximum estimated cost of £10,000 each.

In reality since their introduction in 2018 UWOs have been deployed in only four investigations since their introduction in February 2018.

The NCA is the only body to have used the powers. The Serious Fraud Office, HM Revenue & Customs, Financial Conduct Authority and Crown Prosecution Service have authority but have shied away from them.

Sources told The Times that UWO investigations into oligarchs and “politically exposed persons” had proved much more difficult than expected.

Financial arrangements were difficult to disentangle, large amounts of paperwork slowed the process and inquiries in some overseas jurisdictions were not possible.

There is frustration in some agencies that UWOs have been hyped by ministers and the media when they are a limited tool rather than a silver bullet to tackle alleged money laundering.

The orders were the key measure in the Criminal Finances Act, which came into effect in January 2018.

Ben Wallace, the security minister at the time, said in an interview with The Times that he was pressing law enforcement agencies to use UWOs and bring the “full force of the government” to bear on corruption and organised crime.

Susan Hawley, of Spotlight on Corruption, said the failures in the Kazakh case would have a major impact on the future of UWOs.

“The costs awarded against the NCA in this one case represent what the government predicted the costs would be from UWOs over ten years,” she said. “Taking such action will involve unpicking complex corporate vehicles and reams of evidence. Such cost exposure poses a real hurdle to the continuing use of UWOs in all but the most obvious cases.”

Graeme Biggar, director of the NCA’s national economic crime centre, admitted that the costs order was a blow. “Clearly we need to think about what it means for future cases and we will learn from it,” Biggar said. “We are still committed to going after suspected illicit finance in the UK and using UWOs as part of that. We will still look to use UWOs where it is the right tool.”

The Kazakh politician Dariga Nazarbayeva and her son Nurali Aliyev, whose properties were targeted by the NCA, said that the agency had behaved irresponsibly in the case.

Aliyev said the NCA had obtained the UWOs “on an inaccurate basis as part of a flawed investigation which was entirely without merit.” He accused the NCA of pursuing “a groundless, vicious legal action.”

Monroe’s Musings: This is really interesting and kind of crazy.

So, the U.K. government is going to give up because they lost a case and now they are worried about the bill? Or the legal bill for future cases if they lose? What?!?!?

That is like FinCEN saying it won’t fine a bank because it lost a case in levying a penalty against a prior institution. Or like OFAC saying it won’t sanction an illicit entity or foreign threat because it is worried about paying the bill if the entity challenges them in court and OFAC loses.

Every new asset forfeiture, financial freeze or counter-corruption power against criminals typically faces challenges and setbacks as both sides better hash out the more bright line boundaries in what can be nuanced, murky and complex legal maneuvering.

My two cents: Stay in the fight. Sharpen your cases. Get some help from agencies in ally countries like the United States. The only defeats, or mistakes, that are too costly are the ones you don’t learn from. 

Special ACFCS Video Financial Crimecast: NICE Actimize’s Stephen Taylor discusses pandemic transaction trends, potential of AI, power of consortium-based analytics

The Skinny:

  • Stephen Taylor, the General Manager of Anti-Money Laundering (AML) for compliance technology heavyweight NICE Actimize, discusses pandemic transaction trends, the potential of AI, the power of consortium-based analytics and more in a special video version of the ACFCS Financial Crimecast.
  • Taylor noted that, at least initially, some banks and securities firms faced alert backlogs due to individuals and corporates pulling money out of stocks and into cash, but that has leveled off.
  • As well, many institutions adjusted quickly, and “relatively seamlessly” to working from home due to web and cloud access to AML technologies and secure bank systems.
  • In recent months, as the pandemic has dragged on, banks have seen certain filings, like customer transaction reports (CTRs), drop, in some cases by nearly half.
  • Taylor also touched on where and how certain technologies can buttress the various prongs of the AML program.
  • On the horizon, the future looks bright, with more powerful analytical tools like AI, automation, robotics, machine learning and cognitive intelligence joining the fight against financial crime, enabling better detection, lower alert volumes and an overall more efficient and effective journey to the finial of any program: the suspicious activity report (SAR).

By Brian Monroe
bmonroe@acfcs.org
July 6, 2020 

Welcome everyone to another special video version of the ACFCS Financial CrimeCast.

In the association’s continuing series to engage top thought leaders in the financial crime and compliance space on tips, trends and tactics to improve results, we get a chance to get a view of pandemic inflection points across institutions with one of the sector’s biggest technology leaders.

Our guest in this discussion is Stephen Taylor, General Manager of Anti-Money laundering (AML) at NICE Actimize, who yielded vital insight on how counter-crime teams are responding to the pandemic, including through stronger technology partnerships, and what criminal trends are changing.

Taylor noted that, at least initially, some banks and securities firms faced alert backlogs due to individuals and corporates pulling money out of stocks and into cash, but that has leveled off.

As well, many institutions adjusted quickly, and “relatively seamlessly” to working from home due to web and cloud access to AML technologies and secure bank systems.

In recent months, as the pandemic has dragged on, banks have seen certain filings, like customer transaction reports (CTRs), drop, in some cases by nearly half.

Taylor also touched on where and how certain technologies can buttress the various prongs of the AML program.

On the horizon, the future looks bright, with more powerful analytical tools like AI, automation, robotics, machine learning and cognitive intelligence joining the fighting against financial crime, enabling better detection, lower alert volumes and an overall more efficient and effective journey to the finial of any program: the suspicious activity report (SAR).

He covered a wide gamut of topics and gave insight on critical questions, issues and trends in a rousing 30-minute discussion, including:

  • What financial crime and compliance trends are you seeing related to the pandemic?
  • What schemes, frauds and crimes appear to be rising or dropping?
  • How have AML transaction monitoring alert volumes changed during the pandemic?
  • Regulators have been focused on effectiveness and in December 2018, exhorted financial institutions to tinker with technology in an invitation to innovation. Have you seen more banks willing to tinker with things like AI, automation and machine learning?
  • What trends are you seeing in the area of CARES Act Paycheck Protection Program (PPP) fraud and what red flags are there to help banks uncover fraudsters before, during and after they lend the money?

Compliance in a time of coronavirus: AML challenges aplenty

The COVID-19 pandemic is still raging across the globe, with more than 200 countries and territories around the world reporting millions of confirmed cases of the coronavirus.

The pandemic has shown no signs of slowing down, contracting in some areas and expanding in others, harming professionals and corporates physically and fiscally.

As a result, the coronavirus has caused a slump in the global economy with full sectors grinding to a halt and those who are employed working from home in a new environment with its own compliance, communication and security challenges.

Not surprisingly, this has created myriad challenges for anti-money laundering (AML) professionals, investigators and regulators and opened the door for new illicit financial flows, including money laundering, fraud and phishing and other scam attacks.

Overall, financial crime compliance teams are having to shoulder more responsibilities – from training teams to making critical decisions on cases – while at home, at times without easy or fast access to colleagues.

Some institutions have trimmed bank staff, including AML teams, even as alerts fluctuate wildly in some transactional areas during the pandemic, rising in the beginning as individuals pull out money to live on and investors flee the stock market, and other transactions dwindling due to a drop in overall transactional throughput.

So that begs the question: Where can new technology help in the AML program?

Some examples include: detection, segmentation, model tuning, predictive scoring, advanced anomaly detection, federating learning, collective intelligence and consortium-based analytics, which holds the promise of improving the detection race across the industry as a whole.

Taylor, though, is cognizant of the current metrics in the fincrime sector.

Of the trillions of dollars laundered globally annually, investigators only seize and freeze less than one percent.

But still, he chooses to be a hopeful realist, an informed optimist.

Rather than seeing the industry’s communal efforts as being a “decimal point away from failure,” as one congressional witness stated, Taylor views this is an opportunity, an incredible chance for improvement.

Feel free to listen to the full interview or jump around to issues pertinent to your team with the timestamps below.  

Tips, trends and timestamps

3:00 – Changing transaction monitoring trends

Working from home, adjustments have been made, “relatively seamless” due to web-based technologies.

Up in investment space, rush to cash. A lot of alert generation at the beginning, but retail bank, fewer cash transactions, fewer alerts, CTR reporting gone down by about 30 40 percent.

Biggest problem for the banks would be managing some of the SBA loans and PPP program. Major challenges for banks for the entirety of the sector in the near term.

5:00 – SBA PPP challenges.

Banks were under a tremendous amount of pressure to get the loans out as part of the multi-trillion dollar Cares Act.

In order to lend quickly as part of the Paycheck Protection Program, which allowed banks to turn loans into grants if companies kept or rehired workers, AML teams had to redirect resources to enable correct compliance procedures to take place during the loan provisions themselves.

Fincrime compliance groups, even under intense pressure to support a faltering economy, wanted to make sure they were doling out the loans properly.

“It’s terrible how fraudsters are using this crisis to pay off their credit cards or buy expensive cars and watches.”

8:00 – Pandemic fraud

Rising fraudulent activity tied to the pandemic, stimulus checks, charities. No new schemes, just new themes.

9:00 – Pandemic transaction trends across institutions

What types of potentially suspicious transactions are rising and falling?

Examples: certain trade-based money laundering schemes are falling due to the overall drop in trade and fewer people are trying to exchange currency, particularly those who would have done so for business or tourist travel.

With fewer cash transactions, more attempts to scam and de-fraud through other means.

10:30 – Have risks flip-flopped?

Is normal business the new abnormal?

Banks need agility in their AML programs. They need to pivot on a dime and prepare better for something like this happening in the future.

12:00 – Where are there alert backlogs due to the pandemic?

Originally, some investment banks, now, mainstream banks tied to PPP loans. The current challenge on the horizon: PPP lending to non-customers.

14:00 – Are vendors updating systems, backend algorithms to help banks adjust to the changing transaction patterns tied to the pandemic?

One answer: faster, streamlined KYC, CDD practices to speed on boarding.

On the horizon: AI, automation, robotics, machine learning, cognitive intelligence. Better detection, lower alert volumes, better, more efficient, effective journey to the SAR.

One example of success: Traditional AML transaction monitoring tuning can easily take a team of eight people weeks of work. But in one instance recently, with one organization, NICE Actimize shrunk a re-tuning down to two hours.

17:00 – Effectiveness and an invitation to innovation.

Regulators to banks and vendors, let’s have a conversation about technology. How can we come together to lower costs, recover the money lost and laundered due to financial crime and better serve law enforcement.

Where can new technology help in the AML program?

Detection, Segmentation, model tuning, predictive scoring, advanced anomaly detection, federating learning, collective intelligence, consortium-based analytics, improve the detection race across the industry as a whole.

Cloud-based technology. More agility, lower costs, but faster implementation.

21:00 – Better information sharing across banks.

You know about Patriot Act Section 314(a), 314(b), but what about 314(c)? A look at the importance of sharing best practices on how to run a compliance program and share information on what passes muster with regulators.

How to spot anomalies across institutions. That goes a long way to helping us solve financial crime and follow the money. Machine learning thrives when there is more data.

24:30 – AI and convergent, holistic training, a recipe for success?

A look at how AI can take away some of the subjectivity, pressure on training, of human decision-making.

26:30 – The sobering reality of current paradigms, effectiveness and the unassailable power of hope

Of the trillions of dollars laundered globally annually, we only seize and freeze less than one percent.

Are we a “decimal point away from failure” as a financial crime compliance industry? Or do we have an incredible chance for improvement?

Even though criminals use technology, we actually now have the technology to spot them better than ever before.

That means more opportunities to counter surging crimes with terrible financial and human costs, like human trafficking.

“I see a real paradigm shift happening.”

Can we go from 10 percent to 20 percent, then to 30 percent?

“That is a wonderful thing for everyone to achieve. That is why we get up in the morning.”  

About the speaker: Stephen Taylor, General Manager of AML, NICE Actimize 

Taylor has worked within the global financial services industry helping firms manage their risk and compliance obligations for more than 20 years. He has held a variety of key roles in product management and business development.

He started his career at Lexis Nexis in London providing legal and compliance information to the top five law firms, known as the “Magic Circle.” While at Lexis, Taylor helped develop several of the company’s initial online research engines and legal data solutions.

After Lexis, he moved to a small London-based startup called Complinet, where he headed up product development for their Reference Services and AML products. The business quickly expanded and was eventually acquired by Thomson Reuters in 2010.

After Complinet, Taylor joined Wolters Kluwer and became the Global Market Manager for their GRC product (OneSumX).

Taylor’s last position before joining NICE Actimize was Chief Commercial Officer for MyComplianceOffice (MCO).

Special ACFCS/GFI Webinar Series: Inside the Illicit Gold Trade – Using Financial Tools and Public Policy to Fight Money Laundering

The Skinny:

  • ACFCS and trade and transparency watchdog Global Financial Integrity (GFI) are presenting a special webinar series on the Illicit Gold Trade.
  • This two-part series taking place this month, July 8 and July 21 at 1 p.m., will explore using financial tools and public policy to fight money laundering using gold, itself a part of the multi-trillion dollar vulnerability of trade-based money laundering.
  • The series will also analyze gold trafficking as a key money laundering and financing tool for criminal groups and sanctions evasion.
  • Regionally, the series will look at the illegal gold trade through Colombia, Venezuela, Uganda, along with highlighting the role of commodity trading hubs like Dubai and Switzerland and its impact on the U.S. financial system.

By Brian Monroe
bmonroe@acfcs.org
July 6, 2020 

When it comes to financial crime and compliance, all that glitters may not be gold – because if you look closer at the gleaming precious metal, you may see the fingerprints from a wide array of illicit entities, political powerbrokers and sanctions evaders.

“What makes gold particularly vulnerable to abuse by organized criminals, armed groups, corrupt oligarchs are the nature and size of the market and anonymity it provides,” according to Lakshmi Kumar, Policy Director at Global Financial Integrity (GFI), a trade and transparency watchdog group.

“Gold is a cash intensive business with limited oversight and licensing processes,” she said. “Furthermore, once gold has been mined, there is nothing in its condition to indicate if it was produced legitimately or otherwise.”

This makes tracking the origins of gold “exceedingly difficult but also highly attractive to illicit actors wishing to hide, move or invest their illicit proceeds,” Kumar said.

“The complex and inter-connected nature of the global financial system and trade system further compounds these problems as does the abuse of anonymous and complex corporate ownership structures to skirt global AML/trade-based money laundering (TBML) efforts,” she said. 

FATF highlights gold, precious metals, criminal connections

The last report from the Financial Action Task Force (FATF) specifically in relation to risks related to the gold sector was published in 2015.

The report noted that gold “remained a vehicle for money launderers and set out the vulnerabilities.

It pointed out that the gold market is cash-intensive, that gold can be traded anonymously, and that transactions are difficult to trace and verify,” according to longtime compliance thought leader and consultant, Dev Odedra, in a report on financial crime and precious metals.

Furthermore, gold is a form of global currency and acts as a medium for exchange in criminal transactions.

Investment in gold provides reliable returns, and gold is easily smuggled and traded.

The report set out some “red flags” and concluded that the characteristics of gold make it both attractive for, and vulnerable to, exploitation by criminal organizations that need to legitimize assets, Odedra wrote.

Gold has intrinsic value, is easily smuggled and can be traded worldwide anonymously.

Reports, investigations and first-hand insights all affirm that risks in this sector are not new and remain as prevalent as ever and are likely to exist for the foreseeable future.

Anti-financial crime professionals and financial institutions should factor in a number of considerations when a connection to the gold sector is present, Odedra said, including:

  • Material risks involving gold require a high-risk rating.
  • Focus above and beyond standard KYC is required, for example: how clients source their gold; the client’s customer base; and the client’s own EDD processes in managing industry risks.
  • Making use of external EDD for larger/higher-risk clients and situations.
  • How the addition of transactions connected to precious metals under 5MLD can be built into the control framework.
  • Factoring in human rights abuse risks as part of the mining, processing and transporting processes within the gold sector.

Gold can do more than cleanse ill-gotten gains, it can also evade sanctions

But what makes the illicit trade and money laundering of gold particularly interesting is that the dangers to U.S. financial system from the global trade and exports of gold are not always immediately obvious.

At times, trends can only come to light analyzing trade data.

Engaging in such an exercise, however, reveals that Venezuela, a country under US sanctions, was able to move 7.4 tons of gold to Uganda for refining.

Uganda in turn exported it to the commodity trading hubs of Switzerland and Dubai, with the US in turn importing the gold from Switzerland. Forthcoming analysis from GFI analysis shows that Uganda exports its gold to Dubai and Dubai exports it to Switzerland. This raises the risk that the Venezuelan gold could be making its way back into the US.

Addressing the supply chain due diligence challenges and the AML risks is key to ensuring that the U.S. financial and trade system does not accidentally fund criminal governments that are under U.S. sanctions.

Similarly, in Colombia, gold mining has been tied to financing non-state armed groups and narcotraffickers within the country, as well as large scale money laundering schemes involving the use of anonymous companies.

As discussed in GFI’s report on Colombia and Illicit Financial FlowsColombia’s second largest gold exporter was found to have used 6,000 gold “registered” suppliers (90 percent of their suppliers) that simply did not exist, were owned by deceased persons, or operated small informal shops that were not even involved in gold transactions.

The company also confirmed they had bought millions of dollars’ worth of gold from Los Urabeños (recently renamed as Cartel del Golfo), one of the largest drug trafficking organizations in the country, thus confirming the links between narcotraffickers and the gold industry.

U.S. imports of gold have increased 407.17 percent from $2.21 billion to $11.19 billion through the first four months of 2020 when compared to the same period the previous year, based on an analysis of the latest U.S. Census Bureau data.

Historically, the largest of the US imports of gold have come from countries like Switzerland and Colombia, therefore making an analysis of the trade all the more imperative.

The webinar builds on GFI’s expertise on identifying and estimating the risk from illicit trade in the natural resource sector and GFI’s ongoing work examining the gold trade in Sudan, Uganda, and Colombia.

Part One – Illicit Gold Trade and Using Trade Data and Financial Tools to Fight Money Laundering and Transnational Organized Crime

Wednesday, July 8, 1 – 2 PM ET

The first part of webinar will look at the use of trade data and other financial tools to examine how the illicit trade in gold can be more effectively understood and tracked.

Through a combination of the country and company level export data, the webinar will show investigative techniques to identify TBML risks, as well as other red flag indicators of heightened money laundering risks.

To review more details about the webinar and register, click here.

Part Two – Illicit Gold Trade and TBML Policy Options

Tuesday, July 21, 1 – 2 PM ET

The second part of the webinar will discuss the policy options for the U.S. government and the private sector to address the risks of TBML in the illicit gold trade and the effectiveness of ongoing policy measures.

To review more details about the webinar and register, click here

About the speaker: Lakshmi Kumar, Policy Director, GFI

Lakshmi Kumar is the Policy Director at Global Financial Integrity with several years of experience working on issues of financial policy, securities investigation, regulatory governance, anti-corruption, and anti-money laundering/terrorist financing.

Prior to joining GFI, Ms. Kumar was a lawyer and policy professional in India, working with governments and regulatory agencies across South Asia, East Africa, and Eurasia to investigate money laundering and terrorist financing risks to their financial systems.

Her prior work includes drafting legislation to identify beneficial ownership for the financial sector in India, assessing and evaluating the robustness of the securities market in the Eurasian region for the Eurasian Group on Combating Money Laundering (EAG), and conducting investigations on sovereign wealth funds, procurement procedures, and other off-shore investment entities for fraud and terrorist financing risks.

She received a Master of Arts in Law and Diplomacy from the Fletcher School at Tufts University, and a B.A, LL.B from the NALSAR University of Law, Hyderabad, India.

Lawmakers, banking, trade, transparency groups push for sweeping AML bill to be included in NDAA

The Skinny:

  • A coalition of powerful lawmakers, investigators, regulators, and influential banking and corporate transparency groups are lobbying to get a sweeping piece of legislation that would reform, refine and retool the country’s financial crime compliance defenses tacked on to a quickly encroaching defense spending bill.
  • These groups are pinning their hopes on the passage of S. Amendment 2198, the Anti-Money Laundering Act (AMLA) of 2020, to be added to the National Defense Authorization Act (NDAA) of 2021, with some reports expecting passage as soon as this week.
  • The AMLA, at more than 200 pages, is not light reading. It is dense, didactic and has provisions informed by other pieces of legislation to break open beneficial ownership bastions, including HR2513, the Corporate Transparency Act, which passed the House, and S2563, the ILLICIT Cash Act, which stagnated in the Senate, and much more.
  • In all, the AMLA touches on nearly every area of fighting financial crime, including many core AML program duties, in some cases opening the door to innovation and better information sharing, including previously impervious ownership structures, but also raising the potential penalty exposure for failures – by individuals and institutions, particularly serial violators.
  • “If enacted, it would be the biggest revision to the U.S. AML/CFT regime since the USA PATRIOT Act of 2001,” said one of the compliance sector’s top minds.

The plethora of provisions in the Anti-Money Laundering Act of 2020, being pushed as an amendment to the quickly encroaching National Defense Authorization Act of 2021 would significantly strengthen the country’s counter-crime compliance defenses, known by many as the Bank Secrecy Act, the basics of which are discussed in the above video.

By Brian Monroe
bmonroe@acfcs.org
July 1, 2020 

Lawmakers, federal investigative agencies and regulators, and a host of powerful banking and corporate transparency groups are lobbying to get a sweeping piece of legislation that would reform, refine and retool the country’s financial crime compliance defenses tacked on to a quickly encroaching defense spending bill.

Bi-partisan lawmakers, including the Senate Banking Committee’s top Republican and top Democrat, are pushing for the passage of S. Amendment 2198, the Anti-Money Laundering Act (AMLA) of 2020, to be added to the National Defense Authorization Act (NDAA) of 2021, with some reports expecting passage as soon as this week. To read the full AMLA, click here.

The AMLA, a mammoth tome at 214 pages, has provisions informed by other pieces of legislation to break open beneficial ownership bastions, including HR2513, the Corporate Transparency Act, which passed the House, and S2563, the ILLICIT Cash Act, which stagnated in the Senate, and much more.

In all, the AMLA touches on nearly every area of fighting financial crime, including many core AML program duties, in some cases opening the door to innovation and better information sharing, including previously impervious ownership structures, but also raising the potential penalty exposure for failures – by individuals and institutions, particularly serial violators.

“If enacted, it would be the biggest revision to the U.S. AML/CFT regime since the USA PATRIOT Act of 2001,” said Jim Richards, the former head of AML at Wells Fargo. To read his full review, click here.

What many consider the centerpiece of the AMLA is a provision to direct the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit and arbiter of AML rules, to create and maintain a secure beneficial ownership registry of legal entities.

Even in expansive, expensive package of AML reforms, gaps remain

Even while the amendment addresses many of the longstanding gaps in the country’s counter-crime framework, it is still remiss in many glaring areas highlighted repeatedly by global evaluation bodies, like the Paris-based Financial Action Task Force (FATF).

The AMLA, in its current incarnation, has clear bruises from the political horse-trading behind the scenes and, while strong in some areas, including beneficial ownership and better public-private and technology partnerships, is weak in areas like gatekeepers, such as more forcefully adding attorneys, real estate agents and accountants to AML rules.

In tandem, the AMLA only touches tangentially on a perennially ill-addressed challenge: trade-based money laundering (TBML).

The amendment only mentions TBML in passing, in a call for more data analysis – not a surprise as congress would be hesitant to install any new barriers to global trade with a world still gripped by an economic downturn at the hands of the COVID-19 pandemic.

An imperfect,  but ‘balanced’ bill on crime, compliance, transparency?

“The bill strikes the right balance between imposing minimal requirements on small businesses and providing critical information to law enforcement and financial institutions,” according to a coalition of groups, including the American Bankers Association (ABA), the financial services sector’s top lobbying body.

“In addition, if enacted prior to the COVID outbreak, the bill could have assisted financial institution efforts to serve new customers under the Small Business Administration’s Paycheck Protection Program,” itself a core component of the multi-trillion dollar CARES Act, which allow bank loans to be morphed into grants if small businesses could keep or rehire employees.

In a letter to Senate Armed Services Committee leaders this weekend, ABA joined six other financial trade organizations, from credit unions to consumer banking heavyweights, calling for the inclusion of the AMLA into the NDAA.

The amendment includes “critical provisions for law enforcement investigations into organized transnational criminal operations, human trafficking, terrorism financing and other unlawful activity,” according to the ABA.

The AMLA also has broad bipartisan support by key Congressional powerbrokers as sponsors, including Senators Mike Crapo (R-ID), Sherrod Brown (D-OH), Tom Cotton (R-AR), Mark Warner (D-VA), Mike Rounds (R-SD), Doug Jones (D-AL), Jerry Moran (R-KS), Bob Menendez (D-NJ) and John Kennedy (R-LA).

“S.Amdt.2198 would strengthen our country’s anti-money laundering laws and curtail the misuse of anonymous shell companies for illicit purposes,” said trade and transparency watchdog Global Financial Integrity (GFI), in a letter of support for the AMLA to lawmakers. To read the full letter, click here.

Here is a snapshot of some of the changes being sought in the AMLA, from myself and Richards:

National AML exam priorities

s.5101 – changes the foundation and purpose of the main money laundering laws (31 USC ss. 5311 and 5318), including by establishing national federal regulatory exam and supervision priorities informed by federal investigative agencies and detailed in national fincrime risk and threat assessments, potentially as often as every four years.

Working to more fully capture virtual value, high-value baubles on AML

s. 5102 – Strengthens FinCEN to share information with tribal authorities, tries to more aggressively capture virtual value, precious metals stones, with this: VALUE THAT SUBSTITUTES FOR CURRENCY.—  (1) DEFINITIONS.—Section 5312(a) of title 31,  United States Code, is amended—  (A) in paragraph (1), by striking ‘‘, or a transaction in money, credit, securities, or gold’’ and inserting ‘‘, a transaction in money, credit, securities or gold, or a service provided with respect to money, securities, futures, precious metals, stones and jewels, or value that substitutes for money.’’

Strengthens FinCEN info sharing, technology innovation, liaisons

s. 5103 – codifies FinCEN Exchange, which shall facilitate a voluntary public-private information sharing partnership among law enforcement agencies, financial institutions, and FinCEN to counter all areas of financial crime by “promoting innovation and technical advances in reporting.”

ss. 5107, 5108 – adds at least 13 FinCEN domestic and international liaison positions.

Ensconces art dealers with AML duties

s. 5110 – looks to add Dealers in Art & Antiquities to the BSA regime.

More AML, investigative technical assistance, capacity building globally

s. 5111. Increasing technical assistance for international cooperation. More money to teach and train on AML best practices, fighting financial crime and sharing tactical information around the world.

Looks to create ‘tactical’ SARs, other SAR, CTR reviews, adjustments

ss. 5201-5203 – creates my long-sought-after “TSV” (Tactical & Strategic Value) SAR regime (my words, not the bill’s words).

s. 5204 – Analyzes potential adjustments to SARs, CTRs, including fields, financial thresholds for different crimes and the parameters around filings tied to continuing suspicious activity.

s. 5205 – contemplates a SAR threshold change (it should go down, IMHO, says Richards).

s. 5206. Requires FinCEN to analyze bank SAR data and share threat pattern and trend information with banks and regulators, including to better sensitize bank AML transaction monitoring systems. FinCEN “shall provide financial institutions and the Federal functional regulators with typologies, including data that can be adapted in algorithms if appropriate, relating to emerging money laundering and terrorist financing threat patterns and trends.”

ss. 5207, 5302 – adds two BSAAG subcommittees

s. 5210. Pilot program on sharing SAR information within a financial group, including foreign branches. A long sought after provision bemoaned by large international banks something isn’t in place already.

Government review of AML ties to de-risking

s. 5213 – Tackles financial services de-risking due to AML concerns, calls on GAO to do a study. This is a big deal because entities not using formal banking channels, or leaving them, is a loss of valuable intelligence for domestic and international investigative agencies. 

Treasury review of AML rules, guidance, regulations to trim, update

s. 5214 – Review of regulators and guidance. This would require Treasury to review AML rules and guidance and trim any that are redundant, outdated or don’t serve, or even hinder, the ability of the country to counter illicit crime and be in line with international standards and best practices.

s. 5305 – adds a new section to title 31 to give banks a safe harbor for “keep open” letters from FinCEN.

Would require examiners to have dedicated AML training, similar to program prong for compliance officers

s. 5306 – adds a new section to title 31 to require examiners to have BSA training.

Intelligence spigot for foreign banks with U.S. correspondent relationships

s. 5307. Obtaining foreign bank records from banks with U.S. correspondent accounts. A wish list item for federal law enforcement. This would open the door to subpoenas and law enforcement requests to banks not in the U.S., but with correspondent ties to domestic banks.

More punitive power for AML civil monetary penalties against serial scofflaws

s. 5308: Additional damages for repeat AML program violators. Allows the U.S. Treasury to levy additional penalties against individuals and institutions engaging in serial, flagrant and egregious AML program failures. How much more? “If practicable to calculate, 3 times the profit gained or loss avoided by such person as a result of the violation; or ‘‘(2) 2 times the maximum penalty with respect to the violation.’’

s. 5312 – adds a new section to title 31 around concealing the source of funds.

Evaporating corporate opacity 

s. 5403 – adds a new section to title 31 (section 5336) which is the new beneficial ownership reporting requirements. FinCEN would keep the data, corporates would capture it and re-send if ownership changes. 

Government set to scrutinize illicit financial networks tied to human, drug trafficking, TBML

s. 5504 – Presses GAO to engage in a study on fighting illicit financial networks tied to human and drug trafficking, including how virtual currencies are used in these crimes.

s. 5505 – Pushes the U.S. Treasury to study and report on trade-based money laundering.

ACFCS Government Capitol building with ring of stars graphic abstract background
“If enacted, it would be the biggest revision to the U.S. AML/CFT regime since the USA PATRIOT Act of 2001.”
- Jim Richards, former head of AML at Wells Fargo
Designer