hardyp@ballardspahr.com | 215.864.8838 | view full bio

Peter is a national thought leader on money laundering, tax fraud, and other financial crime. He is the author of Criminal Tax, Money Laundering, and Bank Secrecy Act Litigation, a comprehensive legal treatise published by Bloomberg BNA.  Peter co-chairs the Practising Law Institute's Anti-Money Laundering program, and serves on the Steering Committee for the Cambridge Forum on Sanctions & AML Compliance

He advises corporations and individuals from many industries against allegations of misconduct ranging from money laundering, tax fraud, mortgage fraud and lending law violations, securities fraud, and public corruption.  He also advises on compliance with the Bank Secrecy Act and Anti-Money Laundering requirements.  Peter handles complex litigation involving allegations of fraud or other misconduct.

Peter spent more than a decade as a federal prosecutor before entering private practice, serving as an Assistant U.S. Attorney in Philadelphia working on financial crime cases. He was a trial attorney for the Criminal Section of the Department of Justice’s Tax Division in Washington, D.C.

The Office of Foreign Assets Control (“OFAC”) announced (here and here) yesterday that virtual currency exchange Payward, Inc. – better known as Kraken – has agreed to pay $362,158.70 in order to settle its potential civil liability for apparent violations of the sanctions against Iran. Kraken also has agreed to invest an additional $100,000 in certain sanctions compliance controls.  According to OFAC, “[d]ue to Kraken’s failure to timely implement appropriate geolocation tools, including an automated internet protocol (IP) address blocking system, Kraken exported services to users who appeared to be in Iran when they engaged in virtual currency transactions on Kraken’s platform.” 

Compared to OFAC’s recent settlement with Bittrex, which agreed to pay a total of $29,280,829.20 to OFAC and the Financial Crimes Enforcement Network (“FinCEN”) in order to resolve allegations of sanctions and Bank Secrecy Act violations, the settlement amount is relatively low – and, as OFAC noted in its announcement, Kraken faced an astronomical statutory maximum civil monetary penalty of $272,228,964.  OFAC has stated that “[t]he settlement amount reflects OFAC’s determination that Kraken’s apparent violations were non-egregious and voluntarily self-disclosed.”

Continue Reading  Kraken Settlement Demonstrates Importance of Sanctions Monitoring for Transactions — Not Just When Onboarding Customers

Today we are very pleased to welcome, once again, guest blogger Dr. Kateryna Boguslavska of the Basel Institute on Governance (“Basel Institute”), who will discuss the Basel Institute’s recent release of the Basel AML Index for 2022 (the “Index”). The data-rich annual Index is a research-based ranking that assesses countries’ risk exposure to money laundering and terrorist financing. It is one of several excellent online tools developed by the Basel Institute to help both public- and private-sector practitioners tackle financial crime.  We are excited to continue this annual dialogue between the Basel Institute and Money Laundering Watch.

Established in 2003, the Basel Institute, an Associated Institute of the University of Basel, is a not-for-profit Swiss foundation dedicated to working with public and private partners around the world to prevent and combat corruption. The Institute’s work involves action, advice and research on issues including anti-corruption collective action, asset recovery, corporate governance and compliance, and more.

Dr. Kateryna Boguslavska is Project Manager for the Basel AML Index at the Basel Institute. A political scientist, she holds a PhD in Political Science from the National Academy of Science in Ukraine, a master’s degree in Comparative and International Studies from ETH Zurich as well as a master’s degree in Political Science from the National University of Kyiv-Mohyla Academy in Ukraine. Before joining the Basel Institute, Dr. Boguslavska worked at Chatham House in London as an Academy Fellow for the Russia and Eurasia program.

This blog post again takes the form of a Q & A session, in which Dr. Boguslavska responds to several questions posed by Money Laundering Watch about the Basel AML Index 2022. We hope you enjoy this discussion of global money laundering risks — which addresses enforcement, virtual assets, environmental crime, AML for lawyers, how the U.S. is performing, and more.  –Peter Hardy

Continue Reading  The Basel AML Index 2022: One Step Forward, Four Steps Back. A Guest Blog.

Report Previews Potential Implications for the United States

The European Commission (“Commission”) recently released its 2022 Supranational Risk Assessment Report (“SNRA Report”) to the European Parliament and Counsel regarding the “risk of money laundering and terrorist financing affecting the internal market and relating to cross-border activities.”  The SNRA Report analyzes, on a broad scale, money laundering and terrorism financing risks and proposes a plan of action to address them.  The Report also examines more specifically “sectors or products where relevant changes have been detected.” 

The SNRA Report flags the “Gambling Sector” as a “high risk” area of Anti-Money Laundering (“AML”) and Countering the Financing of Terrorism (“CFT”) concern, with a particular focus on online gambling.  According to the Commission, online gambling presents a particularly high AML/CFT risk due to factors such as “the non-face-to face element, [and] huge and complex volumes of transactions and financial flows.”  The potential use of e-money and virtual currencies, as well as the emergence of unlicensed online gambling sites, exacerbates this risk.

As the European Union (“EU”) considers how to tackle the potential risks of online gambling, the United States is simultaneously grappling with the rapid expansion of online gambling and online sports betting in particular.  Before May 2018, when the Supreme Court struck down a 1992 federal law that effectively banned commercial sports betting in most states, Nevada was the only state with legalized sports betting in the United States.  Although California ballot Proposition 27, which would have legalized online and mobile sports betting in California, failed to pass during last week’s national and state elections, more than 30 states still have legalized some form of sports betting, and there is politial pressure to continue to expand online gambling and other forms of gaming.  As Americans jockey for the immense potential receipts that the expansion of online gambling can bring, it may be worth taking a page out of the EU’s book in order to consider the potential money laundering and terrorist financing risks that can accompany it.

Continue Reading  European Commission Highlights Online Gambling’s Money Laundering Risks

FinCEN announced yesterday that, once again, it is extending the Geographic Targeting Order, or GTO, which requires U.S. title insurance companies to identify the natural persons behind so-called “shell companies” used in purchases of residential real estate not involving a mortgage.  FinCEN also has expanded slightly the reach of the GTOs.

The new GTO is 

With Guest Speaker Matthew Haslinger of M&T Bank

We are extremely pleased to offer a podcast (here) on the legal and logistical issues facing financial institutions as they implement the regulations issued by the Financial Crimes Enforcement Network (FinCEN) pursuant to the Anti-Money Laundering Act of 2020 (AMLA) and the Corporate Transparency Act

Second Post in a Two-Post Series on the CTA Implementing Regulations

As we just blogged, the Financial Crimes Enforcement Network (“FinCEN”) has issued a final rule (“Final Rule”) regarding the beneficial ownership information (“BOI”) reporting requirements pursuant to the Corporate Transparency Act (“CTA”).  The Final Rule will require tens of millions of corporations and limited liability companies registered to do business in the United States to report their BOI to FinCEN.  FinCEN views this development as a “historic step in support of U.S. government efforts to crack down on illicit finance and enhance transparency.”

The Final Rule defines a “beneficial owner” whose information must be reported as “any individual who, directly or indirectly, either exercises substantial control over such reporting company or owns or controls at least 25 percent of the ownership interests of such reporting company.”  In this post, we focus on the “substantial control” prong of the beneficial ownership definition: “any individual who, directly or indirectly, . . . exercises substantial control over such reporting company.” (emphasis added). The Final Rule generally adopts the language of the proposed rule issued by FinCEN in December 2021, with some minor adjustments.

FinCEN expects reporting companies to always identify at least one beneficial owner under the “substantial control” prong, even if all other individuals are subject to an exclusion or fail to satisfy the “ownership interests” prong.  As we will discuss, the Final Rule contemplates that a covered reporting company may need to report multiple individuals under the “substantial control” prong.  Further, and although FinCEN still needs to issue proposed regulations regarding the following, the Final Rule’s broad definition of the “substantial control” prong under the CTA presumably will lead to FinCEN expanding the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Issues Final Rule for Beneficial Ownership Reporting: The “Substantial Control” Prong

First Post in a Two-Post Series on the CTA Implementing Regulations

On September 30, 2022, the Financial Crimes Enforcement Network (“FinCEN”) issued its final rule, Beneficial Ownership Information Reporting Requirements (“Final Rule”), implementing the beneficial ownership reporting requirements of the Corporate Transparency Act (“CTA”). 

FinCEN’s September 29, 2022 press release is here; the Final Rule is here; and a summary “fact sheet” regarding the rule is here.  The Final Rule largely tracks the December 8, 2021 Notice of Proposed Rulemaking (the “Proposed Rule”), on which we blogged here and here

The Final Rule requires many corporations, limited liability companies, and other entities created in or registered to do business in the United States to report information (“BOI”) about their beneficial owners the persons who ultimately own and control the company — to FinCEN.  This information will be housed within the forthcoming Beneficial Ownership Secure System (“BOSS”), a non-public database under development by FinCEN. 

The Final Rule takes effect on January 1, 2024.  In a nutshell, (1) companies subject to the BOI reporting rules (“reporting companies”) created or registered before the effective date will have one year, until January 1, 2025, to file their initial reports of BOI and (2) reporting companies created or registered after the effective date will have 30 days after creation or registration to file their initial reports.  In addition to the initial filing obligation, reporting companies will have to file updates within 30 days of a relevant change in their BOI.  And, as we discuss, covered companies also will have to report their “company applicants,” which could include lawyers, accountants or other third-party professionals.

The Final Rule will have broad effect.  FinCEN estimates that over 32 million initial BOI reports will be filed in the first year of the Final Rule taking effect, and that approximately 5 million initial BOI reports and over 14 million updated reports will be filed in each subsequent year.  We summarize here the key provisions of the Final Rule.  In our next blog post, we will discuss the Final Rule’s broad definition of the “control” prong regarding who represents a “beneficial owner,” which will result in an expansion of the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Issues Final Rule on Beneficial Ownership Reporting Requirements

On Friday, the Department of Justice (“DOJ”) announced two developments:  First, the release of a 66-page report, The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets (the “Report”), issued under President Biden’s March 9, 2022 Executive Order on Ensuring Responsible Development of Digital Assets.  Second, the establishment of the Digital Asset Coordinator (“DAC”) Network, a nationwide group of prosecutors designated as legal and technical experts in digital asset cases.

We focus here on the regulatory and legislative recommendations of the Report, which seek to expand significantly the ability of the DOJ to investigate and prosecute offenses involving digital assets. The recommendations include increasing criminal penalties, extending statutes of limitations, expanding venue provisions, enhancing the government’s forfeiture powers, and prohibiting virtual asset service providers from “tipping off” the subjects of grand jury subpoenas received by the providers.  The recommendations also include making clear that the federal criminal law against maintaining an unlicensed money transmitter applies to peer-to-peer platforms that purportedly do not take custody or assume control over the digital asset being exchanged; ensuring that the Financial Crimes Enforcement Network (“FinCEN”) issues a final rule expanding the application of the Travel Rule under the Bank Secrecy Act (“BSA”) to digital asset transfers; and expanding or arguably clarifying that the BSA applies to platforms dealing in non-fungible tokens, or NFTs, including online auction houses and digital art galleries.

Continue Reading  DOJ Issues Report on Digital Asset Law Enforcement Seeking Expansive New Powers, and Launches New Crypto Prosecutor Network

On August 8, the U.S. Department of the Office of Foreign Assets Control (“OFAC”) sanctioned “notorious” virtual currency “mixer” Tornado Cash, which allegedly has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.  Tornado Cash is a virtual currency mixer that operates on the Ethereum blockchain.  Tornado Cash receives a variety of transactions and mixes them together before transmitting them to their individual recipients.  The stated purpose of such mixing is to increase privacy, but mixers are often used by illicit actors to launder funds because the process enhances anonymity and makes it very hard to track the flow of funds.  According to the Treasury Department press release, “[d]espite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risk.”  This statement seems to imply that Tornado Cash is run by actual people – an implication that is at the heart of the controversy over these sanctions, as we will discuss.

The sanctions against Tornado Cash have elicited enormous controversy in the crypto world because, some argue, (1) Tornado Cash is not an entity run by actual people, but is merely code; and (2) although OFAC has the legal authority to sanction people and entities, it lacks such authority to sanction code or a technology – or at the very least, such sanctions create many practical problems for innocent actors, including in ways which no one has foreseen fully.  As we discuss,  even a member of the U.S. House of Representatives has waded into the controversy this week, questioning the ability of OFAC to issue the sanctions and demanding answers.  The controversy also reflects that, once again, whether one chooses to focus on the word “privacy” or on the word “anonymity” typically reflects an a priori value judgment predicting one’s conclusion as to whether something in the crypto world is good or bad. 

Indisputably, the Tornado Cash sanctions are, to date, unique and unprecedented.  Although they may turn out to be an outlier experiment by OFAC, public pronouncements by the U.S. Treasury Department strongly suggest that, to the contrary, they represent part of the future of crypto regulation, in which the enormous power of the U.S. government to issue broad sanctions obliterates legal and practical hurdles which could stymie other agencies, such as the Financial Crimes Enforcement Network (FinCEN).  This may be because, ultimately, the government actually agrees that no person is in control of a powerful technology that has easy application for malicious uses, and that is precisely the problem.

Continue Reading  OFAC Sanctions Virtual Currency “Mixer” Tornado Cash and Faces Crypto Backlash

Case Involves Familiar But Instructive Regulatory Findings

The New York Department of Financial Services (“NYDFS”) made clear last week that crypto companies can be held accountable for allegedly failing to comply with anti-money laundering (“AML”) / Bank Secrecy Act (“BSA”) regulations.  Federal and certain State laws require crypto companies like Robinhood Crypto, LLC (“RHC”) to maintain effective AML programs, and to implement systems to identify suspicious activity and block illegal transactions on their platforms (which we have previously discussed, including here and here).  On August 2, 2022, NYDFS announced that it entered a Consent Order penalizing RHC $30 million for alleged AML, cybersecurity and consumer protection violations.  RHC also is required to retain an independent consultant to perform compliance assessments evaluating the Company’s remediation efforts. 

This enforcement action is entirely consistent with the recent Guidance on Use of Blockchain Analytics issued by the NYDFS, directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  As we have blogged, the Guidance emphasizes “the importance of blockchain analytics to effective [AML] policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The Consent Order contains a litany of alleged AML deficiencies, many of which have figured prominently in other enforcement actions.  We detail them below.  From a BSA/AML perspective, the key focus – not surprisingly – was on the adequacy of RHC’s transaction monitoring systems.  Again, the message is:  written policies and programs may look great on their face, but actual execution is key.  The adequate funding and staffing of compliance functions is also critical.

Continue Reading  Crypto Compliance Matters: NYDFS Fines Robinhood $30M for Alleged AML, Cybersecurity, and Consumer Protection Violations