Farewell to 2021, and welcome 2022 — which hopefully will be better year for all.  As we do every year, let’s look back — because 2021 was a very busy year in the world of money laundering and BSA/AML compliance, and 2022 is shaping up to be the same.

Indicative of the increased pace and

As anticipated, the Office of the Comptroller of the Currency, the Federal Reserve Board, and the FDIC recently approved and released the Final Rule Requiring Computer-Security Incident Notification (“Final Rule”).  The Final Rule is designed to promote early awareness and stop computer security incidents before they become systemic.  It places new reporting requirements on both

Sixth Post in an Extended Series on Legislative Changes to BSA/AML Regulatory Regime

As we have blogged, the Anti-Money Laundering Act of 2020 (“AMLA”) contains major changes to the Bank Secrecy Act (“BSA”), coupled with other changes relating to money laundering, anti-money laundering (“AML”), counter-terrorism financing (“CTF”), and protecting the U.S. financial system against illicit foreign actors.

A recurring theme of the changes offered by AMLA is information sharing. AMLA mandates that the Department of Treasury’s supervision priorities must include “appropriate frameworks for information sharing among financial institutions, their agents and service providers, their regulatory authorities, associations of financial institutions, the Department of the Treasury, and law enforcement authorities.” The increased emphasis on information sharing is accompanied by provisions requiring confidentiality and data security protocols.

The Financial Crimes Enforcement Network (“FinCEN”) is already beginning to address AMLA’s focus on the sharing and protection of information, as it explained in its recent detailed Report on FinCEN’s Innovation Hours Program, which focuses on fostering technological innovation in AML/CTF compliance.  In this post, we explore AMLA’s expansion of information sharing, corresponding privacy and data security protections, and the tensions that lie therein.
Continue Reading  AMLA Information-Sharing and Privacy and Data Security Concerns

On December 18, 2020, the Office of the Comptroller of the Current (OCC), Federal Reserve Board (FRB), and Federal Deposit Insurance Corporation (FDIC) announced an interagency notice of proposed rulemaking that would require supervised banking organizations to provide notification of significant computer security incidents to their primary federal regulator.  Under the proposed rule, for incidents