FinCEN has posted the following on its website in light of a recent litigation outcome regarding the Corporate Transparency Act (“CTA”) in the Eastern District of Texas.  As we have blogged, and as the below notes, other federal district courts have reached opposite conclusions.  Also, the Eleventh Circuit still needs to rule on related issues, which creates the possibility of confusion and conflicting results regarding the national application of the CTA.

We don’t purport to have clear predictions here, so we simply quote FinCEN’s posting below. The government recently filed a notice of appeal of the below ruling. Whether the government also might obtain a stay of the district court’s ruling, and, if so, when, remains unclear. For now, the only clear take-away is that the CTA remains in a state of limbo, nationwide.

On Tuesday, December 3, 2024, in the case of Texas Top Cop Shop, Inc., et al. v. Garland, et al., No. 4:24-cv-00478 (E.D. Tex.), a federal district court in the Eastern District of Texas, Sherman Division, issued an order granting a nationwide preliminary injunction that: (1) enjoins the CTA, including enforcement of that statute and regulations implementing its beneficial ownership information reporting requirements, and, specifically, (2) stays all deadlines to comply with the CTA’s reporting requirements. The Department of Justice, on behalf of the Department of the Treasury, filed a Notice of Appeal on December 5, 2024.

Texas Top Cop Shop is only one of several cases in which plaintiffs have challenged the CTA that are pending before courts around the country. Several district courts have denied requests to enjoin the CTA, ruling in favor of the Department of the Treasury. The government continues to believe—consistent with the conclusions of the U.S. District Courts for the Eastern District of Virginia and the District of Oregon—that the CTA is constitutional.

While this litigation is ongoing, FinCEN will comply with the order issued by the U.S. District Court for the Eastern District of Texas for as long as it remains in effect. Therefore, reporting companies are not currently required to file their beneficial ownership information with FinCEN and will not be subject to liability if they fail to do so while the preliminary injunction remains in effect. Nevertheless, rereporting companies may continue to voluntarily submit beneficial ownership information reports.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

In a closely watched and complicated case, Van Loon et al. v. Dep’t of the Treasury et al., the U.S. Court of Appeals for the Fifth Circuit ruled that the Office of Foreign Assets Control (“OFAC”) cannot sanction Tornado Cash, “an open-source, crypto-transactions software protocol that facilitates anonymous transactions by obfuscating the origins and destinations of digital asset transfers.” The opinion, which reversed the ruling of the District Court, is here.  A recording of the oral argument is here. The opinion is complex but written in a very clear style.

We previously blogged on OFAC’s designation of Tornado Cash (here) and the resulting civil suit (here). We also covered the indictment returned against the alleged developers of Tornado Cash, Roman Storm and Roman Semenov, who were charged with conspiring to commit money laundering, operating an unlicensed money transmitting business, and violating sanctions under the International Emergency Economic Powers Act, or IEEPA (here). The DOJ subsequently obtained a superseding indictment against Storm only (here); Storm’s trial currently is scheduled for April 2025). When the initial indictment was unsealed, Treasury simultaneously sanctioned Semenov, who remains outside the U.S., by adding him to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List. 

These actions are a reminder that, putting aside the complex issues presented by the Fifth Circuit decision regarding OFAC’s (in)ability to sanction a technology, law enforcement and regulators still can pursue people for related alleged conduct. And, invariably, people are involved in a technology.

Continue Reading Fifth Circuit Rejects OFAC Designation of Tornado Cash Immutable Smart Contracts

On November 13, 2024, the Financial Crimes Enforcement Network (FinCEN) issued FIN-2024-Alert004 to help financial institutions identify fraud schemes associated with the use of deepfake media created with generative artificial intelligence (GenAI) in response to increased suspicious activity reporting. “Deepfake media” are a type of synthetic content that use artificial intelligence/machine learning to create realistic but inauthentic videos, pictures, audio, and text to circumvent identity verification and authentication methods.

FinCEN reports that fraudsters are using GenAI as a low cost tool to exploit financial institutions’ identity verification processes.  The SAR filings indicated the fraudsters are using GenAI to open accounts to funnel money and perpetrate fraud schemes, such as check fraud, credit card fraud, authorized push payment fraud, loan fraud, or unemployment fraud.

Deepfake media also may be used in phishing attacks and scams to defraud business and consumers by using GenAI to impersonate trusted individuals.

Red flag indicators to detect deepfake media include the following:

  • A customer’s photo is internally inconsistent (e.g., shows visual tells of being altered) or is inconsistent with their other identifying information (e.g., a customer’s date of birth indicates that they are much older or younger than the photo would suggest).
  • A customer presents multiple identity documents that are inconsistent with each other.
  • A customer uses a third-party webcam plugin during a live verification check. Alternatively, a customer attempts to change communication methods during a live verification check due to excessive or suspicious technological glitches during remote verification of their identity.
  • A customer declines to use multifactor authentication to verify their identity.
  • A reverse-image lookup or open-source search of an identity photo matches an image in an online gallery of GenAI-produced faces.
  • A customer’s photo or video is flagged by commercial or open-source deepfake detection software.
  • GenAI-detection software flags the potential use of GenAI text in a customer’s profile or responses to prompts.
  • A customer’s geographic or device data is inconsistent with the customer’s identity documents.
  • A newly opened account or an account with little prior transaction history has a pattern of rapid transactions; high payment volumes to potentially risky payees, such as gambling websites or digital asset exchanges; or high volumes of chargebacks or rejected payments.

FinCEN has identified the following practices as tools to attempt to reduce a financial institution’s vulnerability to deepfake identity documents:

  • Multifactor authentication (MFA), including phishing-resistant MFA; and
  • Live verification checks in which a customer is prompted to confirm their identity through audio or video.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.  Please click here to find out about Ballard Spahr’s Anti-Money Laundering Team.

    As we previously blogged, the Financial Crimes Enforcement Center (“FinCEN”) published Anti-Money Laundering Regulations for Residential Real Estate Transfers (“Final Rule”) regarding residential real estate.  The Final Rule, set to go into effect on December 1, 2025, institutes a new Bank Secrecy Act reporting form – the “Real Estate Report” (“Report”) – which imposes a nation-wide reporting requirement for the details of residential real estate transactions, subject to certain exceptions, in which the buyer is a covered entity or trust.

    FinCEN has now published the proposed Report, which is here, and requested comments within 60 days.  The Reports are to be filed through FinCEN’s electronic online reporting system. 

    Continue Reading FinCEN Issues Proposed Reporting Form for Residential Real Estate Deals

    In the possible final stage of the Alpine Securities saga (as we blogged about here, here and here), Judge Clark Waddopous of the United States District Court for the District of Utah issued an opinion granting the Securities and Exchange Commission’s (“SEC”) motion to dismiss the amended complaint filed by plaintiff brokerage firm Scottsdale Capital Advisors (“SCA”).

    SCA’s suit, distilled greatly, challenged the SEC’s authority to enforce, administer and interpret the Suspicious Activity Report (“SAR”) regulations issued under the Bank Secrecy Act (“BSA”) and incorporated into the securities laws. What makes this case interesting is that the SEC did not impose penalties for failure to comply with the SAR requirements against SCA; rather, the agency sought penalties against SCA’s contractual partner, Alpine Securities Corporation (“Alpine”), a Salt Lake City-based brokerage firm. SCA became involved because it agreed to act as an introducing broker-dealer for transactions cleared through Alpine. SCA’s amended complaint alleged that it had suffered harm as a result of the SEC’s improper enforcement action against Alpine.

    The ultimate reason the Court dismissed the suit is because SCA had to show standing under the Administrative Procedures Act, 5 U.S.C. §§ 550, et seq., (“APA”) and failed to satisfy this requirement because there was neither a “final agency action” nor an “injury” for APA purposes.

    The opinion is important because all types of financial institutions covered by the BSA routinely enter into contracts with third parties (which themselves may or may not be covered by the BSA) involving the fulfillment of anti-money laundering (“AML”) compliance requirements.  These relationships can involve fintech-bank partnerships, third parties tasked with collecting customer information, and much more.  As the opinion reflects, if a regulator goes after an entity’s contractual partner for alleged AML failures, that entity can suffer downstream consequences – including a contract and indemnification dispute – with little to no ability to affect the regulator’s actions through the APA.

    Continue Reading Another Chapter in the Alpine Securities Saga:  District Court Grants Motion to Dismiss Complaint Challenging AML Enforcement Action Against Contractual Partner

    On October 23rd, the Financial Crimes Enforcement Network (“FinCEN”) issued a supplementary alert regarding countering financing of the U.S.-designated foreign terrorist organization Hizballah (the “Alert”). In May 2024, FinCEN published an initial alert that focused on the countering of financing Iran-backed terrorist organizations, including Hizaballah. This Alert focuses solely on Hizballah and indicates that as part of the U.S. Department of the Treasury’s (“Treasury”) campaign against Hizballah for the past two decades, financial institutions (“FIs”) must remain vigilant in identifying suspicious activity of the terrorist organization.

    According to the Alert, is it estimated that Iran has provided $700 million per year in support of Hizballah. Hizballah is known to generate revenue through various illicit activities including oil smuggling, money laundering, black market money exchange, counterfeiting, and illegal weapons procurement. Funds are laundered through businesses in West Africa, Europe, and South America.

    In an accompanying press release, FinCEN Director Gacki noted that the Alert was released in part due to Hizaballah’s recent attacks against Israel. In addition, the Alert is consistent with FinCEN’s National Priorities, which include domestic and foreign terrorism.

    Continue Reading FinCEN Issues Alert on Countering Financing of Hizballah and Terrorist Activities

    New State Laws Create Tension with Federal AML Requirements

    An increasing number of states have either enacted or are considering enacting legislation requiring financial institutions to provide persons (both existing customers and prospective customers) who are not ordinarily protected by the federal anti-discrimination statutes with “fair access” to financial services.

    For example, and as we have blogged, a new Florida law (Fla. Stat. § 655.0323, entitled “Unsafe and unsound practices”) prohibits federal and state depository institutions conducting business in the state from denying services based on religion or political beliefs and activities.  As we also have blogged, this Florida law prohibits a financial institution acting on the basis of “any factor if it is not a quantitative, impartial, and risk-based standard, including any such factor related to the person’s business sector[.]” This prohibition creates a clear challenge for implementing an anti-money laundering/countering the financing of terrorism (“AML/CFT”) compliance program, which inherently involves subjective judgments and an assessment of the risk presented by a customer based on its line of business.

    This podcast provides an in-depth exploration of these state laws and the challenges they present.  Alan Kaplinsky, Senior Counsel and former chair for 25 years of the firm’s Consumer Financial Services Group, moderates this podcast.  We are grateful to be joined by Brian Knight, Senior Research Fellow at the Mercatus Center of George Mason University, and Professor Peter Conti-Brown of the Wharton School of the University of Pennsylvania.

    We hope you enjoy the podcast.

    If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.  

    Card Club Will Pay $900,000 and Undertake AML Program Review

    The Financial Crimes Enforcement Network (“FinCEN”) has entered into a Consent Order with the Sahara Dunes Casino, doing business as the Lake Elsinore Hotel and Casino (“Lake Elsinore”).  The Consent Order describes Lake Elsinore, located in California, as a “medium-sized card club” with 22 tables offering card games such as poker.

    In the Consent Order, Lake Elsinore has admitted to willful violations of the Bank Secrecy Act (“BSA”), including failing to implement and maintain an effective Anti-Money Laundering (“AML”) compliance program, failing to file Currency Transaction Reports (“CTRs”) and Suspicious Activity Reports (“SARs”), and recordkeeping failures involving a negotiable instruments log, which is supposed to list each transaction between a casino or card club and its customers involving certain monetary instruments with a face value of $3,000 or more. Lake Elsinore has agreed to pay a $900,000 penalty and be subject to an AML program review. 

    The conduct at issue in the Consent Order is old:  it occurred from about September 2014 through February 2019.  The enforcement action arose from a 2017 examination of Lake Elsinore by the California Bureau of Gambling Control (“CABGC”).  The Consent Order illustrates how a federal enforcement action can flow from a state regulatory agency working with FinCEN – as well as just how long that process can take.  The Consent Order further illustrates that some BSA-covered institutions will operate with little to no day-to-day AML compliance until an exam occurs.

    Continue Reading FinCEN Issues Consent Order Against Card Club for “Fundamentally Unsound” AML Program

    On October 22, 2024, the U.S. Court of Appeals for the Second Circuit ruled that Türkiye Halk Bankası A.Ş. (“Halkbank”), owned by the Republic of Turkey, can be prosecuted for allegedly helping Iran evade U.S. sanctions and committing related money laundering and bank fraud.

    The court rejected Halkbank’s claim of immunity, stating that foreign state-owned companies are not protected from prosecution for commercial, non-governmental activities under U.S. common law. This decision allows U.S. prosecutors to pursue charges against Halkbank for allegedly laundering $20 billion of restricted funds through the use of money services businesses and front companies, coupled with the making of false statements to the U.S. Department of the Treasury regarding transactions with Iran to conceal the scheme.

    The Second Circuit’s ruling underscores a pivotal point: foreign state-owned corporations cannot claim blanket immunity from prosecution in the U.S. for commercial activities under either the common law or the Foreign Sovereign Immunities Act (“FSIA”).  This will be particularly true in cases involving charges of money laundering, which necessarily involve financial transactions.  Further, the alleged involvement of foreign government officials in the charged schemes will not bestow, standing alone, immunity from prosecution.

    Continue Reading Halkbank Faces Prosecution: U.S. Court of Appeals Denies Sovereign Immunity

    The Bank Policy Institute (“BPI”) has issued its comment on the Federal Functional Regulators’ (the OCC, the Board of Governors of the Federal Reserve System, the FDIC, and the National Credit Union Administration) notice of proposed rulemaking (“NPRM”) to modernize financial institutions’ anti-money laundering and countering terrorist financing (“AML/CFT”) programs (“Comment”). The agencies’ NPRM, on which we blogged here, is consistent with FinCEN’s similar and earlier AML/CFT modernization proposal (“FinCEN’s NPRM”), on which we blogged here (please also see our podcast on these regulatory proposals here). 

    The Comment, which generally tracks BPI’s earlier comment on FinCEN’s NPRM, is detailed and 23-pages long.  We only summarize it here.  The Comment is not a positive proponent of the NPRM and suggests significant changes.

    Broadly, the Comment initially asserts that “[t]he proposed rule will neither implement the intent of Congress in enacting the AML Act nor facilitate a risk-based approach to identifying and disrupting financial crime.”  Likewise, the Comment asserts that “[i]n practice, [bank] examiners are exactingly focused on technical compliance . . . rather than effectiveness.  This approach is utterly divorced from a focus on management of true risk.”  According to BPI, “the status quo examination oversight of [the AML/CFT] regime does not expressly instruct institutions to dedicate efforts to detecting suspected crime or engaging in innovation to this end—efforts that are surely foundational to the integrity of the banking and financial system.” 

    The Comment also fires a shot across the bow by suggesting the possibility of future litigation by stating – albeit in a footnote – that “BPI has significant concerns that the proposed rule does not align with the letter and spirit of the AML Act and provides for arbitrary procedural requirements that could render the rule vulnerable to challenge [under the Administrative Procedures Act].”

    The Comment then dives into the details. 

    Continue Reading Bank Policy Institute Critiques Notice of Proposed Rulemaking to Modernize AML/CFT Programs