In this new feature, we will highlight key current, upcoming or potential changes in the global financial crime landscape, so compliance professionals, investigators and regulators can better keep abreast of pressing vulnerabilities, issues, guidance, enforcement actions and potential and incoming legislative fixes. Enjoy!
Enforcement: US regulators levy $613 million penalty on U.S. Bank, $370 million on Rabobank for widespread compliance failings
Last week, one of the largest banks in the United States agreed to pay federal regulators and authorities $613 million in a settlement for longstanding financial crime compliance deficiencies, including capping alerts on potential illicit activity and attempting to hide known weaknesses from examiners.
The deferred prosecution agreement between U.S Bank National Association and the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), Office of the Comptroller of the Currency (OCC), Federal Reserve and the U.S. Department of Justice (DOJ) also includes the institution admitting responsibility in a statement of facts and facing felony charges for violating anti-money laundering (AML) program rules if it doesn’t improve enough in two years.
Earlier this month, Rababonk, one of Netherlands largest banks, agreed to pay U.S. authorities nearly $370 million and plead guilty to obstruction charges for allowing its financial crime compliance program to languish for more than a decade – and then lying to federal examiners about known gaps and high-risk practices.
DOJ and the OCC negotiated the $368.7 million forfeiture and settlement with Rabobank National Association for failures across the AML program from 2009 to 2012, including risk ranking, monitoring and reporting on high-risk customers, including Mexican entities potentially tied to drug cartels.
In the actions, regulators listed a bevy of critical compliance failures, including:
- Capping AML automated transaction alerts based on staffing and resources, rather than actual activity.
- Hiding gaps and known issues from examiners and not responding fully to regulatory inquiries.
- A host of risk ranking failures, including internally white-listing some of the highest risk customers, effectively shielding them from further AML analysis and alerts, such as politically-exposed persons and a payday lender.
- Failing to give more scrutiny to customers that were the subject of law enforcement subpoenas, even after the customer was mentioned in an active investigation.
- Missing or inaccurate CTRs and SARs, particularly for obviously high-risk customers and out-of-scope transactions in high-risk jurisdictions, like Mexico.
311 designation – FinCEN ‘death sentence’ on Latvian bank
FinCEN also this month kept the financial crime pressure going by levying a rare and powerful weapon – a Patriot Act 311 Designation – against a Latvian bank the bureau says had “institutionalized money laundering,” actively thwarted financial crime compliance programs and sought out and profited from dealings with organized criminal groups, terror cells and rogue regimes.
The “notice of proposed rulemaking” effectively cuts off ABLV Bank, Latvia’s third-largest by assets, from the U.S. financial system by naming it a “primary money laundering concern.” If finalized, the ruling would require banks subject to U.S. AML rules to “prohibit the opening or maintaining of a correspondent account in the United States for, or on behalf of, ABLV Bank.”
The bank’s lax policies made it “attractive to a range of illicit actors engaged in organized crime, weapons proliferation, corruption, and sanctions evasion,” involving regions including North Korea, Russia and Ukraine.
To read the full action, click here.
U.S. Congress – Hearings on Cryptocurrencies, Corporate Transparency and De-Risking
Both the House and Senate in the past few weeks have reviewed areas with financial crime implications, including analyzing the regulatory oversight and risks around virtual currencies, anonymous corporate structures and the after-effects of bank “de-risking.”
In a Senate hearing, officials from the Securities Exchange Commission (SEC) and Commodities Futures Trading Commission (CFTC) acknowledged that more oversight could be needed for the virtual currency sector, particularly when it intersects securities transactions and firms offering initial coin offerings (ICOs), which has been an area ripe for fraudsters.
One solution offered was requiring virtual currency exchanges, or banks and securities firms interacting with them, to require more stringent due diligence standards, for instance, to tie the unknown online moniker on a blockchain to the real person behind the transaction.
To view the hearing and statements on virtual currencies, click here.
In the House of Representatives hearing on de-risking, witnesses stated that it’s more advantageous for federal banking regulators to pull back pressure on banks to shed risky customers. This would help certain sectors – such as money services businesses, real and virtual currency exchanges, third-party payment processors, and others – to be part of the formal financial sector with bank accounts.
That way, sector regulators can better review these entities, with a bank as a backstop, and counter potential fraud and money laundering schemes while ensuring these operations are engaging in AML monitoring themselves to create intelligence for law enforcement – rather than these operations seeking criminal help to move money.
For the hearing on de-risking, please click here.
As well this month, the country’s lack of capturing beneficial ownership data at the company formation stage took center stage at a Senate Judiciary Committee hearing, where current and former law enforcement officials highlighted how criminals, terror groups and corrupt oligarchs hide behind anonymous, opaque ownership structures to move illicit assets.
There are several bills wending through Congress currently, some with extensive bipartisan support. To see the hearing, click here.
US State Rules
NYDFS issues stern guidance to crypto space – Firms must look for fraud
The New York State Department of Financial Services (NYDFS) this month issued new guidance reminding all licensed virtual currency exchanges in New York State, including those registered as a money transmitter, that they are required to not just create AML programs, but also need processes to detect, prevent, and respond to fraud.
In the guidance, DFS directed virtual currency entities to adopt measures that include, at a minimum, effective implementation of a written policy that:
- Identifies and assesses the full range of fraud-related and similar risk areas, including, as applicable, market manipulation;
- Provides effective procedures and controls to protect against identified risks;
- Allocates responsibility for monitoring risks; and
- As part of its procedures and controls to protect against identified risks, virtual currency entities must provide for the effective investigation of fraud and other wrongdoing, whether suspected or actual, including, as applicable, market manipulation
To read the full guidance, click here.
NYDFS cyber rules coming into effect in various tranches with a deadline this month, phasing in until 2019.
In late August 2017, the first in the nation cybersecurity compliance rules came into effect requiring certain financial institutions to bolster cyber protections and training, rapidly report breaches and attacks and designate a top officer to manage, with a CCO, or board member, certifying effectiveness.
To read more about what is needed to comply with the first deadline, click here.
Here are some upcoming deadlines:
- February 15, 2018 – First certification on or before this date
- March 1, 2018 – One-year transition period ends, first batch of requirements must be implemented
- September 3, 2018 – Eighteen-month transition ends, second batch must be implemented
- March 1, 2019 – Two-year transition ends, compliance with all requirements
“Sixth AML Directive” in the Works?
While many European Union countries are still digesting the Fourth and Fifth AML Directives, broadly approved in December and replete with new beneficial ownership provisions to crack open anonymous shell companies, some analysts say they better be looking out for the latest potential package of amendments to the bloc’s chief counter-financial crime legislation.
Though still nascent, reviewers are calling these initiatives the Sixth AML Directive, which could have wide-ranging repercussions for subject entities. If finalized, look for major changes to compliance programs, including:
- More extensive staff training on a wider range of money laundering predicate offenses, possibly nearly two dozen.
- Convicted launders could face bans from working in the public sector or holding office.
- Any company found guilty of money laundering could also see executives and employs face laundering charges.
- For large companies, executives, even though the company is too large for them to face money laundering charges directly, could face charges of “failing to prevent” the precursor crime or the laundering.
For more analysis, click here.
Fintrac releases red flags tied to fentanyl trafficking
Canada’s financial intelligence unit, the Financial Transactions and Reports Analysis Centre (Fintrac), has issued this month a list of financial indicators that could point to a transaction being tied to buying or selling fentanyl and laundering the proceeds generated from illicit sales.
The move comes as the United States and other countries attempt to cope with an opioid epidemic that is enriching criminal groups while killing tens of thousands of people globally each year, more than 100 in the United States each day alone.
The prescription opioid fentanyl is used to treat severe pain caused by cancer and invasive surgeries. Carfentanil is a synthetic analogue of this drug, created for veterinary purposes to be more potent and cheaper.
In the guidance, Fintrac noted that:
- Many traffickers procure fentanyl, and its analogues and precursors, from overseas sources, mainly in China.
- Traffickers most often pay for these materials with wire transfers and money orders processed by money services businesses, but use virtual currency in some instances.
- Fentanyl and its analogues are typically smuggled into Canada through the postal system, prior to being distributed through networks in a small area surrounding the arrival point.
- The laundering of the proceeds of fentanyl trafficking in Canada generally takes place through Canadian banks, caisses populaires and credit unions.
- It largely resembles the financial transactions associated with low-level drug trafficking but has some unique characteristics, including structured transactions to China, India and Ukraine and using post office boxes for addresses.
To read the full list of red flags, click here.
In the corporate transparency arena, In British Columbia, government officials have decided the province will require land owners currently hiding behind anonymous trusts and shell companies to reveal themselves, according to media reports.
For U.K., new tool in AML arsenal: the unexplained wealth order
The new United Kingdom unexplained wealth order (UWO) regime has come to the fore, officially coming into force on January 31, 2018, and on 1 February 2018, the government published Circular 003/2018 to spread awareness of the initiative, which some are saying could be a powerful tool against criminals.
A UWO requires a person who is reasonably suspected of being connected to a “serious crime” to “explain the nature and extent of their interest in particular property, and to explain how the property was obtained, where there are reasonable grounds to suspect that the respondent’s known lawfully obtained income would be insufficient to allow the respondent to obtain the property.”
A UWO can also be applied to “politicians or officials from outside the European Economic Area (EEA), or those associated with them i.e. Politically Exposed Persons (PEPs). A UWO made in relation to a non-EEA PEP would not require suspicion of serious criminality.”
There has since been significant publicity about the order with Ben Wallace, the Minister for Economic Crime, saying that wealthy foreign criminals would feel the “full force of government” in an attempt to tackle the £90 billion of illicit flows that are thought to be laundered through the UK each year, according to media reports and legal analysts.
To read the full circular, click here.
Austrac releases guidance on reporting beneficial owners for entities, and AML rules for clubs with gaming machines.
To view the guidance, click here.
The guidance relates to the country’s chief AML regulation, crafted in 2006, but with amendments occurring as recently as August. A beneficial owner is defined as the individual behind a non-individual customer who controls the customer, or either directly or indirectly owns 25 percent or more of the customer.
The guidance, in the form of a fact sheet, is delineated in five key areas:
- Assess: Gauge the money laundering/terrorism financing (ML/TF risk) posed by the beneficial owners of your customers. These include the transparency, or opacity, of the corporate structures, and the inherent risks posed by the jurisdictions, industries and transactional amounts involved.
- Determine: Uncover the identity of the beneficial owners of your corporate, or non-individual, customers, directly or indirectly, down to the 25 percent ownership level.
- Collect: Capture, and take reasonable measures to verify, each beneficial owner’s identification information, including, at minimum, the full name of each beneficial owner, as well as either their date of birth or their full residential address. A personal certification by someone at the company should only be used as a last resort.
- Keep records to demonstrate you have traced through each link in a non-individual customer’s chain of ownership until you have identified all individuals who meet the definition of beneficial owners. Records typically must be kept for seven years.
- Documents: Subject entities must clearly document how they will fulfill these beneficial ownership requirements in their AML program, including what reliable and independent documentation or data will be used.
Austrac also released guidance this week on what operations in the “pubs and clubs” sector with electronic gambling machines would be subject to which pieces of an AML program. The guidance makes a clear delineation between clubs with 16 gaming machines.
If you have less, you won’t be subject to the full four-pronged AML program, but if you have 16 machines or more, then the compliance obligations tick up considerably. In both cases, clubs will need to enroll with Austrac, report suspicious transactions, and keep certain transaction records.
To view the guidance, click here.