The “Highlights” — To Russia, With Crypto

The Financial Crimes Enforcement Network (“FinCEN”) issued on November 1 a Financial Trend Analysis regarding ransomware-related Bank Secrecy Act (“BSA”) filings during the second half of 2021 (the “Report”).  This publication follows up on a similar ransomware trend analysis issued by FinCEN regarding the first half of 2021, on which we blogged here.  

In the most recent analysis, FinCEN found that both the number of ransomware-related Suspicious Activity Reports (“SAR”) filed, and the dollar amounts at issue, nearly tripled from 2020 to 2021.  The notable takeaways from the Report include:

  • Ransomware-related SARs were the highest ever in 2021 (both in number of SARs and in dollar amounts of activity reported).
  • Ransomware-related SARs reported amounts totaling almost $1.2 billion in 2021.
  • Approximately 75% of ransomware-related incidents between June 2021 and December 2021 were connected to Russia-related ransomware variants.

The Report, which stated that the majority of these ransomware payments were made in Bitcoin, serves as a particular reminder to cryptocurrency exchanges of their role in both identifying and reporting ransomware-related transactions facilitated through their platforms.  The Report stresses that SAR filings play an essential role in helping FinCEN identify ransomware trends.

Continue Reading  FinCEN Reports Staggering Increase in Reported Ransomware Attacks

Case Involves Familiar But Instructive Regulatory Findings

The New York Department of Financial Services (“NYDFS”) made clear last week that crypto companies can be held accountable for allegedly failing to comply with anti-money laundering (“AML”) / Bank Secrecy Act (“BSA”) regulations.  Federal and certain State laws require crypto companies like Robinhood Crypto, LLC (“RHC”) to maintain effective AML programs, and to implement systems to identify suspicious activity and block illegal transactions on their platforms (which we have previously discussed, including here and here).  On August 2, 2022, NYDFS announced that it entered a Consent Order penalizing RHC $30 million for alleged AML, cybersecurity and consumer protection violations.  RHC also is required to retain an independent consultant to perform compliance assessments evaluating the Company’s remediation efforts. 

This enforcement action is entirely consistent with the recent Guidance on Use of Blockchain Analytics issued by the NYDFS, directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  As we have blogged, the Guidance emphasizes “the importance of blockchain analytics to effective [AML] policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The Consent Order contains a litany of alleged AML deficiencies, many of which have figured prominently in other enforcement actions.  We detail them below.  From a BSA/AML perspective, the key focus – not surprisingly – was on the adequacy of RHC’s transaction monitoring systems.  Again, the message is:  written policies and programs may look great on their face, but actual execution is key.  The adequate funding and staffing of compliance functions is also critical.

Continue Reading  Crypto Compliance Matters: NYDFS Fines Robinhood $30M for Alleged AML, Cybersecurity, and Consumer Protection Violations

Strategy Includes Professionals Not Yet Covered by BSA

On May 13, 2022, the U.S. Treasury (“Treasury”) released its 2022 Strategy for Combatting Terrorist and Other Illicit Financing (“2022 Strategy”).  The proposed 2022 Strategy, prepared pursuant to Sections 261 and 262 of the Countering America’s Adversaries Through Sanctions Act (CAATSA), outlines four goals to address the key risks identified by the 2022 National Money Laundering, Terrorist Financing, and Proliferation Financing Risk Assessments:

  • Increasing transparency and closing legal and regulatory gaps in the U.S. Anti-Money Laundering / Combating the Financing of Terrorism (“AML/CFT”) framework exploited by bad actors;
  • Making the AML/CFT regulatory framework for financial institutions more effective and efficient;
  • Enhancing operational effectiveness in combating illicit finance; and
  • Utilizing technological innovation to combat illicit finance risks.

The 2022 Strategy is incredibly broad, identifying sixteen threats and vulnerabilities to the AML/CFT system as top priorities, and providing fourteen separate supporting actions necessary to achieve Treasury’s four goals outlined above.  This post summarizes the priorities outlined in the 2022 Strategy, and details the specific supporting action targeting financial intermediaries and gatekeepers not presently covered by the Bank Secrecy Act (“BSA”), such as investment advisors, lawyers and accountants. 

Continue Reading  U.S. Treasury Releases 2022 Strategy for Combatting Terrorist and Other Illicit Financing

Farewell to 2021, and welcome 2022 — which hopefully will be better year for all.  As we do every year, let’s look back — because 2021 was a very busy year in the world of money laundering and BSA/AML compliance, and 2022 is shaping up to be the same.

Indicative of the increased pace and

On December 6, FinCEN announced that it was issuing an Advanced Notice of Proposed Rulemaking (“AMPRM”) to solicit public comment on potential requirements under the Bank Secrecy Act (“BSA”) for certain persons involved in real estate transactions to collect, report, and retain information.  If finalized, such regulations could affect a whole new set of professionals and one of the largest industries in the U.S.—an industry which, heretofore, has not been subject to the requirements of the BSA, with limited exceptions.

The ANPRM envisions imposing nationwide recordkeeping and reporting requirements on specified participants in transactions involving non-financed real estate purchases, with no minimum dollar threshold.  Fundamentally, FinCEN highlights two alternate, proposed rules.  One proposed option, promulgated under 31 U.S.C § 5318(a)(2), would involve implementing specific and relatively limited reporting requirements, similar to those currently required of title insurance companies in the non-financed real estate market.  This rule would require covered persons to collect and report certain prescribed information, such as, presumably, beneficial ownership.  Alternatively, FinCEN is considering imposing more fulsome Anti-Money Laundering (“AML”) monitoring and reporting requirements, including filing Suspicious Activity Reports (“SARs”) and establishing AML/CFT programs under 31 U.S.C. § 5318(g)(1) and 31 U.S.C. §§ 5318(h)(1)-(2).   This latter option would require covered persons to adopt adequate AML/CFT policies, designate an AML/CFT compliance officer, establish AML/CFT training programs, implement independent compliance testing, and perform customer due diligence.

Notably, FinCEN suggests that any new rule may cover attorneys and law firms, along with other client-facing participants.  FinCEN also is considering regulations applicable to both residential and commercial real estate transactions.

As we discuss, real estate and money laundering has been a long-simmering issue.  We repeatedly have blogged on AML and real estate, and previously published a detailed chapter, The Intersection of Money Laundering and Real Estate, in Anti-Money Laundering Laws and Regulations 2020, a publication issued by International Comparative Legal Guides.  FinCEN’s ANPRM appears to represent the culmination of an inevitable march towards the issuance of regulations under the BSA regarding real estate transactions, following years of increasing focus by the U.S. government and others on perceived AML risks in the real estate industry.
Continue Reading  Real Estate and Money Laundering: FinCEN Issues Advanced Notice of Regulations for the Real Estate Industry