The U.S. Department of the Treasury (“Treasury”) has released a Request for Information on the Uses, Opportunities, and Risks of Artificial Intelligence (“AI”) in the Financial Services Sector (“RFI”).  Written comments are due by August 12, 2024. 

AI is a broad topic and the term is sometimes used indiscriminately; as the RFI suggests, most AI systems being used or contemplated in the financial services sector involve machine learning, which is a subset of AI.  The RFI implicitly concedes that Treasury is playing “catch up” and quickly needs to learn more about AI and how industry is using it.  The RFI discusses a vast array of complex issues, including anti-money laundering (“AML”) and anti-fraud compliance, as well as fair lending and consumer protection concerns – particularly those pertaining to bias.

Continue Reading Treasury Issues Request for Information on Use of AI in Financial Services

The Financial Crimes Enforcement Network (“FinCEN”) has issued its Year in Review for FY 2023 (“YIR”).  It consists of five pages of infographics.  According to FinCEN’s press release:

The Year in Review is intended to help stakeholders gain insight into the collection and use of Bank Secrecy Act [(“BSA”)] data, including FinCEN’s efforts to support law enforcement and national security agencies. The Year in Review includes statistics from fiscal year 2023 on BSA reporting and how it is queried and used by law enforcement agencies. The Year in Review also includes information on how FinCEN uses and analyzes BSA reporting to fulfill its mission, including to support alerts, trend analyses, and regulatory actions. The publication of the Year in Review is in furtherance of FinCEN’s commitment to provide information and statistics on the usefulness of BSA reporting, consistent with Section 6201 of the Anti-Money Laundering Act of 2020.

According to the YIR, there are approximately 294,000 financial institutions and other e-filers registered to file BSA reports with FinCEN.  Collectively, they filed during FY 2023 a total of 4.6 million Suspicious Activity Reports (“SARs”) and 20.8 million Currency Transaction Reports (“CTRs”), as well as 1.6 million Reports of Foreign Bank and Financial Accounts (“FBARs”), 421,500 Forms 8300 regarding cash payments over $10,000 received in a trade or business, and 143,200 Reports of International Transportation of Currency or Monetary Instruments (“CMIRs”) for certain cross-border transactions exceeding $10,000.

As we will discuss, a massive amount of SARs and CTRs are filed every year.  Apparently – and the YIR necessarily represents only a snapshot lacking full context, so extrapolation is dangerous – only a very small portion of those filings ever become relevant to actual federal criminal investigations.  Further, the YIR suggests that information sharing under Section 314 of the Patriot Act between the government and financial institutions remains an under-utilized tool.

Continue Reading FinCEN Releases Year-in-Review for FY 2023: SARs, CTRs and Information Sharing

On May 13th, the Financial Crimes Enforcement Network (FinCEN) and the Securities Exchange Commission (SEC) issued a joint notice of proposed rulemaking (NPRM) that would require SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to establish a customer identification program (CIP). This joint NPRM is the second recent rulemaking effort aimed at investment advisers. In February, FinCEN issued a separate NPRM amending the definition in the Code of Federal Regulations of “financial institution” under the Bank Secrecy Act (BSA) to include investment advisers, which would require implementation of an anti-money laundering/countering terrorist financing (AML/CFT) compliance program. In this earlier NPRM, FinCEN alluded to a future joint rulemaking regarding CIP requirements for investment advisers.

The NPRM highlights that CIPs are long-standing, foundational components of an AML program. The NPRM requires a CIP similar to existing CIP requirements for other financial institutions, as FinCEN and the SEC want to ensure “effectiveness and efficiency” for investment advisers that are affiliated with other financial institutions, including banks, broker-dealers, or open-end investment companies that are already subject to CIP requirements.  

Background

Investment advisers have not been previously subject to CIP requirements, unless they were also a registered broker-dealer, a bank, or an operating subsidiary of a bank, and therefore already covered separately by the BSA. In many cases, investment advisers already voluntarily comply with CIP requirements, or their functional equivalent.

This joint NPRM implements section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “USA PATRIOT Act”). Section 326 requires the Secretary of the Treasury to promulgate regulations setting forth the minimum standards for “financial institutions” regarding the identity of their customers in connection with the opening of an account at a financial institution. More specifically, and as the NPRM notes, the BSA defines “financial institution” to include, in a catch-all provision, “any business or agency which engages in any activity which the Secretary of the Treasury determines, by regulation, to be an activity which is similar to, related to, or a substitute for any activity in which any business described in this paragraph is authorized to engage[.]”  That is the statutory authority upon which this NPRM and the earlier NPRM rest.  If FinCEN’s proposed amendment to the regulatory definition of “financial institution” is finalized and survives any legal challenges, investment advisers will be required to implement and maintain a CIP, as well as AML programs.

Continue Reading FinCEN and SEC Propose Rulemaking Requiring CIP for Investment Advisers

Strategy Touts Regulations on Beneficial Ownership, Real Estate and Investment Advisers, but Bemoans Lack of Supervisory Resources for Non-Bank Financial Institutions

The U.S. Department of the Treasury has issued its 2024 National Strategy for Combatting Terrorist and Other Illicit Financing (“Strategy”).  It is a 55-page document which, according to the government’s press release, “addresses the key risks from the 2024 National Money Laundering, Terrorist Financing, and Proliferation Financing Risk Assessments. . . and details how the United States will build on recent historic efforts to modernize the U.S. anti-money laundering/countering the financing of terrorism (AML/CFT) regime, enhance operational effectiveness in combating illicit actors, and embrace technological innovation to mitigate risks.”

The Strategy discusses an enormous list of topics.  Given the breadth of its scope, the Strategy generally makes only very high-level comments regarding any particular topic.  This post accordingly is extremely high level as well, and offers only a few select comments. 

Continue Reading Treasury Issues Broad National Strategy for Combatting Illicit Financing

But Five Justices Express Deep Concern as to Civil Forfeiture Regimes

On May 9, in Culley et al. v. Marshall, the Supreme Court ruled that the U.S. Constitution does not require a preliminary hearing in civil forfeiture cases involving personal property for claimants to raise the “innocent owner” defense. Rather, the Court ruled that a “timely” forfeiture hearing affords claimants due process and that no separate preliminary hearing is constitutionally required. Although Culley arose under Alabama law, it has direct consequences for the forfeiture laws of many states, as well as federal civil forfeiture proceedings, in which claimants can raise the innocent owner defense.

It is important to remember that Culley involves personal property: as the Court noted, existing Supreme Court law allows States to immediately seize personal property (i.e., cars, currency, art, jewelry, etc.) subject to civil forfeiture if the property otherwise could be removed, destroyed, or concealed before a forfeiture hearing. Calero-Toledo v. Pearson Yacht Leasing Co., 416 U. S. 663, 679–680 (1974). In contrast, existing Supreme Court law provides that States ordinarily may not seize real property (i.e., land and structures) before providing notice and a hearing. United States v. James Daniel Good Real Property, 510 U. S. 43, 62 (1993). Moreover, States and Congress of course still can craft statutes which afford protections beyond the bare minimum required by the Constitution.

Finally, and more importantly, the dissenting and concurring opinions make clear that the legal and social debates over civil forfeiture practices, and their potential abuse, are far from over.

Continue Reading Supreme Court:  Innocent Owners of Forfeited Personal Property Must Wait

On April 20, 2024, the Pennsylvania Department of Banking and Securities (“DoBS”) issued a policy statement (“Policy Statement”) to “clarify” that the Department’s interpretation of the term “money” in the Pennsylvania Money Transmitter Act (“MTA”) includes “virtual currency, such as Bitcoin.”  The MTA provides in part that “[n]o person shall engage in the business of transmitting money by means of a transmittal instrument for a fee or other consideration with or on behalf of an individual without first having obtained a license from the department.’”

Thus, the Policy Statement means that virtual currency exchangers and related businesses doing business in Pennsylvania must become licensed as money transmitters.  The effective date of the Policy Statement is October 15, 2024.  Neither the DoBS nor the MTA define “virtual currency.”

Continue Reading PA Department of Banking and Securities: Virtual Currency is “Money”

Enforcement Trends, Gaming, Crypto — and More

I am very pleased to co-chair again the Practicing Law Institute’s 2024 Anti-Money Laundering Conference on May 23, 2024, starting at 9 a.m. in New York City (the event also will be virtual). 

I am also really fortunate to be working with my fabulous co-chair Elizabeth (Liz) Boison, a partner at Hogan Lovells.

We have another fantastic line-up of experienced and knowledgeable panelists:

  • Alma M. Angotti, Guidehouse, Partner, Financial Crime, Fraud, and Investigative Services
  • Michael Grady, U.S. Department of Justice, MLARS, Chief, Bank Integrity Unit
  • Carole House, Terranet Ventures, Inc., Executive in Residence
  • Kevin Mosley, U.S. Department of Justice, MLARS, Deputy Chief, Bank Integrity Unit
  • Ron Schmidt, Internal Revenue Service, BSA Group Manager
  • Christopher Soriano, Penn National Gaming, VP, Chief Compliance Officer

The conference will tackle critical issues in BSA/AML/OFAC compliance and money laundering enforcement.  The three panels will be:

1.         Recent Trends in Money Laundering and Enforcement

The Department of Justice continues to bring major money laundering indictments and civil forfeiture actions.  The panel will discuss:

  • Enforcement actions against individuals: key cases and emerging trends.
  • Enforcement actions against organizations: key cases and emerging trends.
  • The implications for U.S. financial institutions and their AML programs, including risks and the red flags for potentially problematic customers and business lines.

2.         The Gaming Industry: Unique AML Challenges and Emerging Issues

The unique services and products offered by the gaming industry present unique AML issues and risks. Further, the dramatic growth in online wagering has created particular challenges, as the volume of transactions and customers increase and bad actors develop more advanced and complicated measures to circumvent existing AML controls.

Topics discussed by the panel will include:

  • What does it mean in today’s environment for a casino to have an effective, risk-based BSA/AML program? 
  • The IRS examines gaming institutions for BSA/AML compliance. What do examiners want to see, and how should institutions prepare? 
  • Online gaming presents emerging AML and money laundering risks. What controls are appropriate, and how should the relationships between casinos and online gaming providers best be managed? 
  • How could the current BSA/AML regulatory and enforcement regime be improved in regards to the gaming industry? 

3.         Anti-Money Laundering: Blockchain, Cryptocurrency, and Digital Assets

One of blockchain’s most compelling and adopted use cases is to make the cross-border movement of money faster, cheaper, and decentralized. The panel will discuss:

  • The (near) future of crypto: what is the likely regulatory, law enforcement, and case law landscape going forward?
  • What do regulators expect a recipient to know about the source of digital asset funds? (Travel rule, mixers/tumblers, hosted vs. unhosted wallets and FinCEN’s special measures requiring reporting on mixers);
  • Transaction tracing and investigations of illicit crypto schemes: illicit funds, hacking, ransomware, and more. What are financial institutions’ responsibilities to monitor and trace crypto transactions, identify wrongdoers, and, potentially re-screen transactions once new attributions have been made?

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

On May 3, 2024, the Board of Governors of the Federal Reserve System (the “Federal Reserve”), the Federal Deposit Insurance Corporation (“FDIC”), and the Office of the Comptroller of the Currency (“OCC”) jointly released the “Third-Party Risk Management: A Guide for Community Banks” (the “Guide”), presenting it as a resource for community banks to bolster their third-party risk management programs, policies, and practices.

The Guide serves as a companion to the Interagency Guidance on Third-Party Relationship: Risk Management issued in June 2023 (on which we blogged, here).  It also relates to the OCC’s Fall 2023 Semiannual Risk Perspective, which emphasizes the need for banks to maintain prudent risk management practices – including practices tailored to address Bank Secrecy Act (“BSA”)/Anti-Money Laundering (“AML”) compliance risks with respect to fintech relationships.

The Guide acknowledges the widespread collaborations between community banks and third-party entities, and recognizes the strategic importance for such partnerships to improve competitiveness and adaptability. These collaborations provide community banks with access to a diverse array of resources, such as new technologies, risk management tools, skilled personnel, delivery channels, products, services, and market opportunities.

However, the Guide underscores that reliance on third parties entails a loss of direct operational control, thereby exposing community banks to a spectrum of risks.  Banks are still accountable for executing all activities in compliance with applicable laws and regulations.  “These laws and regulations include . . . those designed to protect consumers (such as fair lending laws and prohibitions against unfair, deceptive, or abusive acts or practices) and those addressing financial crimes (such as fraud and money laundering).”  Accordingly, the Guide emphasizes that the engagement of third parties does not absolve a bank of its responsibility to operate in a safe and sound manner and to comply with regulatory requirements, “just as if the bank were to perform the service or activity itself.”  The Guide sets forth this concept in bold, on the first page. 

The Guide’s emphasis on governance practices highlights the critical role of oversight, accountability, and documentation in ensuring regulatory compliance and safeguarding the interests of both banks and their customers.   Although the Guide styles itself as offering a framework tailored to the specific needs and challenges faced by community banks, it also offers direction to all financial institutions in regards to effective third-party risk management. 

Continue Reading Federal Banking Agencies Issue Guide to Third-Party Risk Management Practices for Community Banks

The Financial Crimes Enforcement Network (“FinCEN”) recently issued a Financial Trend Analysis (“Analysis”) focusing on patterns and trends identified in Bank Secrecy Act (“BSA”) data linked to Elder Financial Exploitation (“EFE”) involving scams or theft perpetrated against older adults.

The Analysis is a follow up to FinCEN’s June 2022 EFE Advisory (“2022 Advisory”). The Analysis reviews BSA reports filed between June 15, 2022 and June 15, 2023 that either used the key term referenced in the 2022 Advisory (“EFE FIN-2022-A002”) or checked “Elder Financial Exploitation” as a suspicious activity type.  In its 2022 Advisory, FinCEN warned financial institutions (“FIs”) about the rising trend of EFE, which FinCEN defines as “the illegal or improper use of an older adult’s funds, property, or assets, and is often perpetrated either through theft or scams.” The 2022 Advisory identified 12 “behavioral” and 12 “financial” red flags to help FIs detect, prevent, and report suspicious activity connected to EFE. Additionally, FinCEN recommended EFE victims file incident reports to the FBI’s Internet Crime Complaint Center (IC3) and the Federal Trade Commission. Consistent with a risk-based approach to BSA compliance, FinCEN encouraged FIs to perform additional due diligence where appropriate.

Continue Reading FinCEN Issues Analysis of Increasing Elder Financial Exploitation

On April 18, the Financial Crimes Enforcement Network (“FinCEN”) released updated FAQs related to the Corporate Transparency Act (“CTA”) and Beneficial Ownership Information (“BOI”) Rule. The last round of updates occurred in January 2024. As we previously have reported, the FAQs do not create any new requirements and are intended to clarify the regulation. In total, there are 16 new FAQs and 2 updated FAQs. We have included brief summaries below.

One of the main take-aways is that FinCEN does not expect to provide access to CTA BOI to financial institutions (“FIs”) until 2025.  In the interim, FinCEN will issue the long-awaited proposed regulations seeking to align the CTA with the Customer Due Diligence (“CDD”) Rule already applicable to certain FIs, including banks, which requires FIs to obtain BOI from covered entity customers opening accounts.  This delay is likely very frustrating for FIs seeking to comply with the CTA and adjust their existing systems for complying with the CDD Rule.

Continue Reading FinCEN Releases Updated BOI FAQs