hardyp@ballardspahr.com | 215.864.8838 | view full bio

Peter is a national thought leader on money laundering, tax fraud, and other financial crime. He is the author of Criminal Tax, Money Laundering, and Bank Secrecy Act Litigation, a comprehensive legal treatise published by Bloomberg BNA.  Peter co-chairs the Practising Law Institute's Anti-Money Laundering program, and serves on the Steering Committee for the Cambridge Forum on Sanctions & AML Compliance

He advises corporations and individuals from many industries against allegations of misconduct ranging from money laundering, tax fraud, mortgage fraud and lending law violations, securities fraud, and public corruption.  He also advises on compliance with the Bank Secrecy Act and Anti-Money Laundering requirements.  Peter handles complex litigation involving allegations of fraud or other misconduct.

Peter spent more than a decade as a federal prosecutor before entering private practice, serving as an Assistant U.S. Attorney in Philadelphia working on financial crime cases. He was a trial attorney for the Criminal Section of the Department of Justice’s Tax Division in Washington, D.C.

FinCEN announced yesterday that, once again, it is extending the Geographic Targeting Order, or GTO, which requires U.S. title insurance companies to identify the natural persons behind so-called “shell companies” used in purchases of residential real estate not involving a mortgage.  FinCEN also has expanded slightly the reach of the GTOs.

The new GTO is 

With Guest Speaker Matthew Haslinger of M&T Bank

We are extremely pleased to offer a podcast (here) on the legal and logistical issues facing financial institutions as they implement the regulations issued by the Financial Crimes Enforcement Network (FinCEN) pursuant to the Anti-Money Laundering Act of 2020 (AMLA) and the Corporate Transparency Act

Second Post in a Two-Post Series on the CTA Implementing Regulations

As we just blogged, the Financial Crimes Enforcement Network (“FinCEN”) has issued a final rule (“Final Rule”) regarding the beneficial ownership information (“BOI”) reporting requirements pursuant to the Corporate Transparency Act (“CTA”).  The Final Rule will require tens of millions of corporations and limited liability companies registered to do business in the United States to report their BOI to FinCEN.  FinCEN views this development as a “historic step in support of U.S. government efforts to crack down on illicit finance and enhance transparency.”

The Final Rule defines a “beneficial owner” whose information must be reported as “any individual who, directly or indirectly, either exercises substantial control over such reporting company or owns or controls at least 25 percent of the ownership interests of such reporting company.”  In this post, we focus on the “substantial control” prong of the beneficial ownership definition: “any individual who, directly or indirectly, . . . exercises substantial control over such reporting company.” (emphasis added). The Final Rule generally adopts the language of the proposed rule issued by FinCEN in December 2021, with some minor adjustments.

FinCEN expects reporting companies to always identify at least one beneficial owner under the “substantial control” prong, even if all other individuals are subject to an exclusion or fail to satisfy the “ownership interests” prong.  As we will discuss, the Final Rule contemplates that a covered reporting company may need to report multiple individuals under the “substantial control” prong.  Further, and although FinCEN still needs to issue proposed regulations regarding the following, the Final Rule’s broad definition of the “substantial control” prong under the CTA presumably will lead to FinCEN expanding the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Final Rule for Beneficial Ownership Reporting: The “Substantial Control” Prong

First Post in a Two-Post Series on the CTA Implementing Regulations

On September 30, 2022, the Financial Crimes Enforcement Network (“FinCEN”) issued its final rule, Beneficial Ownership Information Reporting Requirements (“Final Rule”), implementing the beneficial ownership reporting requirements of the Corporate Transparency Act (“CTA”). 

FinCEN’s September 29, 2022 press release is here; the Final Rule is here; and a summary “fact sheet” regarding the rule is here.  The Final Rule largely tracks the December 8, 2021 Notice of Proposed Rulemaking (the “Proposed Rule”), on which we blogged here and here

The Final Rule requires many corporations, limited liability companies, and other entities created in or registered to do business in the United States to report information (“BOI”) about their beneficial owners the persons who ultimately own and control the company — to FinCEN.  This information will be housed within the forthcoming Beneficial Ownership Secure System (“BOSS”), a non-public database under development by FinCEN. 

The Final Rule takes effect on January 1, 2024.  In a nutshell, (1) companies subject to the BOI reporting rules (“reporting companies”) created or registered before the effective date will have one year, until January 1, 2025, to file their initial reports of BOI and (2) reporting companies created or registered after the effective date will have 30 days after creation or registration to file their initial reports.  In addition to the initial filing obligation, reporting companies will have to file updates within 30 days of a relevant change in their BOI.  And, as we discuss, covered companies also will have to report their “company applicants,” which could include lawyers, accountants or other third-party professionals.

The Final Rule will have broad effect.  FinCEN estimates that over 32 million initial BOI reports will be filed in the first year of the Final Rule taking effect, and that approximately 5 million initial BOI reports and over 14 million updated reports will be filed in each subsequent year.  We summarize here the key provisions of the Final Rule.  In our next blog post, we will discuss the Final Rule’s broad definition of the “control” prong regarding who represents a “beneficial owner,” which will result in an expansion of the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Issues Final Rule on Beneficial Ownership Reporting Requirements

On Friday, the Department of Justice (“DOJ”) announced two developments:  First, the release of a 66-page report, The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets (the “Report”), issued under President Biden’s March 9, 2022 Executive Order on Ensuring Responsible Development of Digital Assets.  Second, the establishment of the Digital Asset Coordinator (“DAC”) Network, a nationwide group of prosecutors designated as legal and technical experts in digital asset cases.

We focus here on the regulatory and legislative recommendations of the Report, which seek to expand significantly the ability of the DOJ to investigate and prosecute offenses involving digital assets. The recommendations include increasing criminal penalties, extending statutes of limitations, expanding venue provisions, enhancing the government’s forfeiture powers, and prohibiting virtual asset service providers from “tipping off” the subjects of grand jury subpoenas received by the providers.  The recommendations also include making clear that the federal criminal law against maintaining an unlicensed money transmitter applies to peer-to-peer platforms that purportedly do not take custody or assume control over the digital asset being exchanged; ensuring that the Financial Crimes Enforcement Network (“FinCEN”) issues a final rule expanding the application of the Travel Rule under the Bank Secrecy Act (“BSA”) to digital asset transfers; and expanding or arguably clarifying that the BSA applies to platforms dealing in non-fungible tokens, or NFTs, including online auction houses and digital art galleries.

Continue Reading  DOJ Issues Report on Digital Asset Law Enforcement Seeking Expansive New Powers, and Launches New Crypto Prosecutor Network

On August 8, the U.S. Department of the Office of Foreign Assets Control (“OFAC”) sanctioned “notorious” virtual currency “mixer” Tornado Cash, which allegedly has been used to launder more than $7 billion worth of virtual currency since its creation in 2019.  Tornado Cash is a virtual currency mixer that operates on the Ethereum blockchain.  Tornado Cash receives a variety of transactions and mixes them together before transmitting them to their individual recipients.  The stated purpose of such mixing is to increase privacy, but mixers are often used by illicit actors to launder funds because the process enhances anonymity and makes it very hard to track the flow of funds.  According to the Treasury Department press release, “[d]espite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risk.”  This statement seems to imply that Tornado Cash is run by actual people – an implication that is at the heart of the controversy over these sanctions, as we will discuss.

The sanctions against Tornado Cash have elicited enormous controversy in the crypto world because, some argue, (1) Tornado Cash is not an entity run by actual people, but is merely code; and (2) although OFAC has the legal authority to sanction people and entities, it lacks such authority to sanction code or a technology – or at the very least, such sanctions create many practical problems for innocent actors, including in ways which no one has foreseen fully.  As we discuss,  even a member of the U.S. House of Representatives has waded into the controversy this week, questioning the ability of OFAC to issue the sanctions and demanding answers.  The controversy also reflects that, once again, whether one chooses to focus on the word “privacy” or on the word “anonymity” typically reflects an a priori value judgment predicting one’s conclusion as to whether something in the crypto world is good or bad. 

Indisputably, the Tornado Cash sanctions are, to date, unique and unprecedented.  Although they may turn out to be an outlier experiment by OFAC, public pronouncements by the U.S. Treasury Department strongly suggest that, to the contrary, they represent part of the future of crypto regulation, in which the enormous power of the U.S. government to issue broad sanctions obliterates legal and practical hurdles which could stymie other agencies, such as the Financial Crimes Enforcement Network (FinCEN).  This may be because, ultimately, the government actually agrees that no person is in control of a powerful technology that has easy application for malicious uses, and that is precisely the problem.

Continue Reading  OFAC Sanctions Virtual Currency “Mixer” Tornado Cash and Faces Crypto Backlash

Case Involves Familiar But Instructive Regulatory Findings

The New York Department of Financial Services (“NYDFS”) made clear last week that crypto companies can be held accountable for allegedly failing to comply with anti-money laundering (“AML”) / Bank Secrecy Act (“BSA”) regulations.  Federal and certain State laws require crypto companies like Robinhood Crypto, LLC (“RHC”) to maintain effective AML programs, and to implement systems to identify suspicious activity and block illegal transactions on their platforms (which we have previously discussed, including here and here).  On August 2, 2022, NYDFS announced that it entered a Consent Order penalizing RHC $30 million for alleged AML, cybersecurity and consumer protection violations.  RHC also is required to retain an independent consultant to perform compliance assessments evaluating the Company’s remediation efforts. 

This enforcement action is entirely consistent with the recent Guidance on Use of Blockchain Analytics issued by the NYDFS, directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  As we have blogged, the Guidance emphasizes “the importance of blockchain analytics to effective [AML] policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The Consent Order contains a litany of alleged AML deficiencies, many of which have figured prominently in other enforcement actions.  We detail them below.  From a BSA/AML perspective, the key focus – not surprisingly – was on the adequacy of RHC’s transaction monitoring systems.  Again, the message is:  written policies and programs may look great on their face, but actual execution is key.  The adequate funding and staffing of compliance functions is also critical.

Continue Reading  Crypto Compliance Matters: NYDFS Fines Robinhood $30M for Alleged AML, Cybersecurity, and Consumer Protection Violations

Amendment Focuses on Professional “Gatekeepers” – Lawyers, Accountants, Payment Processors, and Those Providing Corporate Formation and Trust Services

On July 13, 2022, the House of Representatives (the “House”) adopted an amendment to the 2023 National Defense Authorization Act (“NDAA”) offered by Maxine Waters (D. CA), inserting into the NDAA a version of the “Establishing New Authorities for Business Laundering and Enabling Risks to Security Act,” otherwise more commonly known as the ENABLERS Act. If ultimately passed into statute, even a scaled-back version of this amendment could significantly alter the Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) regulatory framework in the United States.  Of course, the sweeping AML Act of 2020 was passed because it also was tucked into the massive defense spending authorization bill for that year—so backers of BSA/AML expansion appear to be reverting to tactics which previously bore fruit.

Arguably, this amendment is even more sweeping than the AML Act. As we will discuss, it applies the BSA to persons providing corporate formation, trust, third-party payment, or similar legal or accounting services.  Although much digital ink will be spilled regarding the amendment’s application to lawyers—and we certainly emphasize here that potential sea change in AML regulation—the amendment’s application to third-party payment processors, depending upon how that term ultimately gets defined if the amendment becomes law, also could be a very significant development affecting many businesses and financial technology companies (“fintechs”).  Currently, and depending on the facts, the BSA often does not apply to payment processors, who often fit into an exemption under the BSA’s definition of a “money services business,” or MSBs, subject to AML requirements.  However, the amendment is “scaled back” from the original version of the ENABLERS Act, introduced last year, which had included investment advisors, art and antiquities dealers, and public relations firms.  Finally, the ambitious agenda of the amendment does not appear to acknowledge the current reality of actual government resources: the fact remains that the Financial Crimes Enforcement Network (“FinCEN”), which implements the BSA, has been struggling to implement the huge array of tasks and deadlines already foisted upon it by Congress through the AML Act and the recently-passed Corporate Transparency Act (“CTA”)—and FinCEN has been stating repeatedly that it needs increased funding.

Continue Reading  Closing the Gate:  House Adopts ENABLERS Act Amendment to 2023 NDAA

On July 6, the Financial Crimes Enforcement Network (“FinCEN”), The Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency (collectively, “the Agencies”) issued a Joint Statement to “remind” banks that they, of course, should apply a risk-based approach to assessing customer relationships and conducting customer due diligence (“CDD”).

The Joint Statement appears to echo FinCEN’s June 22 Statement on Bank Secrecy Act Due Diligence for Independent ATM Owners or Operators (“ATM Statement”), in which FinCEN also “reminded” banks that “that not all independent ATM owner or operator customers pose the same level of money laundering, terrorist financing (ML/TF), or other illicit financial activity risk, and not all independent ATM owner or operator customers are automatically higher risk.”

Combined – and although generally worded – these publications appear to urge financial institutions (“FIs”) to not pursue broadly-applied “de-risking” strategies.  De-risking is the term for a FI’s decision to terminate a business relationship, or refuse to do business, with a type of customer because that type is associated with a perceived heightened risk of involvement in money laundering or terrorist financing.  Indeed, both new publications caution FIs against turning away potential customers, or closing the accounts of existing customers, on the basis of general customer types.  However, regulators themselves have been criticized for encouraging de-risking by driving highly risk-adverse decisions by FIs, who are unwilling to take the chance and assume the compliance costs of doing business with specific customers who may in fact be “legitimate,” but whose risk profile is deemed to be high due to their group affiliation.  Some front-line regulatory BSA/AML examiners arguably may review a FI’s compliance in a narrow and check-the-box manner versus a more holistic approach, and will not truly value broader societal and equity issues such as the need for equal access to the global financial system, particularly by certain industries and persons living in less-developed countries.  Accordingly, although these new publications are welcome, it might have been better if they had been more explicit – particularly because it is arguably ironic for regulators to be chiding FIs for conforming to de-risking behavior that regulators themselves have encouraged.

Continue Reading  FinCEN and Federal Functional Regulators Issue Coded Warnings Against De-Risking

On June 15, FinCEN issued an Advisory on Elder Financial Exploitation (“Advisory”) to warn financial institutions about the rising trend of elder financial exploitation (“EFE”), which FinCEN defines as “the illegal or improper use of an older adult’s funds, property, or assets, and is often perpetrated either through theft or scams.”  The Advisory is detailed.  It highlights new EFE typologies and potential red flags and builds upon a related advisory issued in 2011.  It also offers tips on Suspicious Activity Report (“SAR”) filings and describes other resources available to fight EFE.

Continue Reading  FinCEN Warns Against Elder Financial Exploitation