In this week’s Financial Crime Wave, the US takes the fight to bank hackers at the heart of a massive fraud scheme, Germany is found to be not terribly transparent, an influential investment adviser association urges FinCEN to pull back on new rules because it doesn’t understand the sector, and more.


In an all too rare offensive fusillade against a hacking group, U.S. prosecutors on Tuesday released criminal charges against three men accused of running a sprawling computer hacking and fraud scheme that included a huge attack against JPMorgan Chase & Co and generated hundreds of millions of dollars of illegal profit. Court documents name Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein, all from Israel, were charged in a 23-count indictment with alleged crimes targeting 12 companies, including nine financial services companies and media outlets including The Wall Street Journal. Prosecutors said the enterprise dated from 2007, and caused the exposure of personal information belonging to more than 100 million people. The alleged enterprise included pumping up stock prices, online casinos, payment processing for criminals, an illegal bitcoin exchange, and the laundering of money through at least 75 shell companies and accounts around the world. Tuesday’s charges expand a case first announced in July, and according to U.S. Attorney General Loretta Lynch target “one of the largest thefts of financial-related data in history.” The charges are also the first tied to the JPMorgan attack, which prosecutors said involved the stealing of records belonging to more than 83 million customers, the largest theft of customer data from a U.S. financial institution (via Reuters).

New York State’s chief financial services regulator this week unveiled new, more concrete details about potential new cyber security regulations for banks and insurance companies under its jurisdiction, a model that bears striking similarities to anti-money laundering (AML) programs. The measures, which come after a banner year for hackers puncturing many of the nation’s largest banks and retailers, would require institutions to create or appoint a chief information security officers and adopt more stringent, multi-layered procedures for different employees to access certain systems, and increase similar protocols for customers logging into online portals. The NYDFS regulations, if ultimately adopted, would require firms to adopt written cyber security policies and procedures in 12 areas, including customer data privacy and network security. Firms would also have to develop policies to require that outside service providers also keep data secure. The planned measures follow surveys that NYDFS conducted between 2013 and 2015 about cyber security programs of companies it regulates. An April report, for example, revealed that one-third of the 40 banks NYDFS had surveyed in 2014 did not require outside vendors to notify them of data breaches, which could compromise bank data. Firms, if the measures are adopted, would have to conduct annual testing and auditing of their cyber security systems, process banks already must perform on the AML front. Each firm’s chief information security officer would also have to submit an annual report to NYDFS, informing the regulator of possible vulnerability to risks (via Reuters).

Capital flight

The ranks of China’s wealthy continue to surge. As their economy shows signs of weakness at home, they’re sending money overseas at unprecedented levels to seek safer investments — often in violation of currency controls meant to keep money inside China. But the question on everyone’s mind is how are they doing it? The answer: The methods include China’s underground banks, transfers using Hong Kong money changers, carrying cash over borders and pooling the quotas of family and friends — a practice known as “smurfing.” The transfers exist in a gray area of cross-border legality: What’s perfectly legitimate in another country can contravene the law in China. This flood of cash is being felt around the world, driving up real estate prices in Sydney, New York, Hong Kong and Vancouver. The Chinese spent almost $30 billion on U.S. homes in the year ending last March, making them the biggest foreign buyers of real estate. Their average purchase price: about $832,000. Same trend in Sydney, where Chinese investors snap up a quarter of new homes and are forecast to double their spending by the end of the decade. In Vancouver, the Chinese have helped real estate prices double in the past 10 years. In Hong Kong, housing prices are up 60 percent since 2010 (via Bloomberg).


SNC-Lavalin Group Inc., one of Canada’s top engineering firms, is pressing the country’s new Liberal government to adopt corporate corruption settlement deals like those in place in the United Kingdom and the United States, saying federal charges laid against the company are hurting its ability to compete against rivals in Group of 7 countries. Differing interests are at play. SNC wants to resolve the matter without admitting guilt, which could damage its ability to bid for contracts internationally and at home. Ottawa has been trying to get tougher on companies involved in corruption after being rebuked for years on the international stage for its perceived failure to take the matter seriously. Prosecutors in February laid rare corruption and fraud charges against Montreal-based SNC, Canada’s largest engineering firm, related to its business in Libya. The company says there was wrongdoing by executives who have since left the company and says it has since reformed ethics and compliance procedures to among the toughest in the world. It is suing those same executives, namely former vice-president Riadh Ben Aissa, to recoup the allegedly embezzled funds and maintains the company itself did nothing wrong and should never have been charged. SNC management wants Ottawa to consider letting federal prosecutors make so-called “deferred prosecution agreements” (DPAs) with companies accused of corruption. These are deals by which prosecutors can obtain multimillion-dollar fines from companies facing bribery allegations while sparing them a criminal conviction that would trigger other consequences such as violating covenants signed with lenders or joint-venture partners. The idea is that the company is held accountable for past actions while not being permanently crippled (via The Globe and Mail).


Germany’s secretive financial sector is second only to Luxembourg in its vulnerability to money laundering, and is one of the worst member states for tax dodging, according to an analysis of EU nations published in coordination with the European Network on Debt and Development (Eurodad), and occurring a year after the Luxleaks scandal. At the heart of the report is a worrisome statistic that most of the 15 countries scrutinized failed to tackle tax evasion and avoidance, with the jurisdictions affording “ample opportunities” for multinationals and wealthy individuals to hide money. “Some of the most troubling countries are still Luxembourg and Germany, which offer a diverse set of options for concealing ownership and laundering money,” the network of 48 NGOs, including Oxfam and Christian Aid, said. Money laundering is turning the proceeds of crime into ostensibly legal money or assets, and has been linked to international terrorism. The Luxleaks scandal pushed corporate tax avoidance, which is technically legal, and tax evasion, which is illegal, up the political agenda, according to the group (


For international banks salivating at the prospect of getting a foothold in Iran and assisting clients in business and other deals with the prospect of a sanctions thaw after the agreement to limit Iran’s nuclear program, the road ahead is fraught with complications and potential pitfalls. For instance, some sanctions filtering providers mistook “adoption day” for “implementation day” and mistakenly removed hundreds of names from screening lists. As well, until the day the sanctions are implemented, the US Treasury has been aggressive in reminding banks and other corporates that all US sanctions on Iran currently remain in effect. Even so, there will be opportunities for banks as “trade finance connections will need to be re-established, project finance loans will need to be agreed, and construction loans will need negotiating – without finance, the economic revival that many hope for, and on which the Iranian leadership has surely gambled, will fail to materialize. But in the midst of this expected boom, banks must also be vigilant about what is moving through correspondent portals and ensure any non-sanctions businesses in Iran don’t have hidden ties to terror groups (via CityAM).

Money laundering

Russia’s “shadow banker,” Alexander Grigoriev, has been arrested by law enforcement authorities while dining with his girlfriend in the glamorous restaurant he part-owns in Moscow. On Friday, Oct. 30, agents from Russia’s domestic intelligence body, the FSB, along with anti-corruption officers and special forces, raided Sfera restaurant and clapped the 48-year-old in handcuffs as he lay on the ground, reports national newspaper Kommersant. Grigoriev is head of a number of failed financial institutions including Zapadny, Doninvest and the Russian Land Bank (RZB), all of which lost their licenses between 2014 and 2015 for high-risk credit policies, placing funds in low-quality assets, withdrawing capital from Russia, and for the mysterious vanishment of its own funds. Investigators say Grigoriev led a criminal ring of 500 people who not only ran banks into the ground for their own gain but shipped abroad a staggering US$ 46 billion in liquid assets through banks in Moldova and the Baltic states. The annual turnover for the alleged criminal group is said to have been about 1 trillion rubles (US$ 15.7 billion). OCCRP investigations have shown how Grigoriev’s RZB was involved in a huge-scale fraud and money laundering scheme in which Moldovan law enforcement officials found that the bank wired 152.5 billion rubles (US$ 5 billion) to the Moldovan bank Moldindconbank between 2012 and 2014 (via the Organized Crime and Corruption Reporting Project).


The Investment Adviser Association (IAA) is exhorting the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) to “carve back” its recently released proposal to extend anti-money laundering (AML) regulations to all SEC-registered investment advisors. The influential lobbying group also wants a range of exemptions for advisors and advisory services that the IAA says do not raise money-laundering risks. In particular, the group asked to be exempted: advisory services that do not involve management of client assets; advisory services to AML-regulated entities, including mutual funds and broker-dealer wrap accounts; advisory services to other advisors; and advisory services to low-risk clients such as pensions, publicly traded corporations and government entities such as state and municipal agencies. “FinCEN’s expansive proposal is based on a fundamental misunderstanding of the nature and scope of the services advisors provide,” said IAA General Counsel Bob Grohowski.  “As a result, many of the proposal’s provisions would impose compliance burdens on advisors that are unnecessary, duplicative and costly – while contributing little to FinCEN’s AML regime.”

In a Nov. 2 comment letter, IAA said it objects to the proposal’s expansive scope, which would apply AML requirements to all SEC-registered investment advisors regardless of the nature of their clients or the advisory services they provide (via