On June 16, 2023, Michael J. Hsu, Acting Comptroller of the Currency made remarks to the American Bankers Association (“ABA”) Risk and Compliance Conference in San Antonio, Texas. In his remarks, Hsu discussed both the benefits and risks of artificial intelligence (“AI”) and tokenization. The core of Hsu’s remarks is that, given the rapid innovation of AI and tokenization in banking, banks should closely work with regulators to manage technological risks.

Hsu’s remarks came at the right time. Five days later, and as we discuss below, Google Cloud announced the launch of an AI anti-money laundering program. Early results seem promising, but only time will tell whether Hsu’s remarks concerning AI’s risks prove prophetic.

Continue Reading  Building the Engine Alongside the Brakes: Acting Comptroller Hsu’s Remarks Discuss Impact of Artificial Intelligence and Tokenization in Banking

The Federal Reserve, FDIC, and OCC have released final interagency guidance for their respective supervised banking organizations on managing risks associated with third-party relationships, including relationships with financial technology-focused entities such as bank/fintech sponsorship arrangements.  The guidance is intended to provide principles for effective third-party risk management for all  types of third-party relationships, regardless of how they may be structured.  At the same time, the agencies state that banking organizations have flexibility in their approach to assessing the risks posed by each third- party relationship and deciding the relevance of the considerations discussed in the final guidance

The final guidance rescinds and replaces each agency’s previously-issued guidance on risk management practices for third-party relationships.  In their July 2021 proposal, the agencies had included as an appendix FAQs issued by the OCC to supplement the OCC’s existing 2013 third-party risk management guidance.  The proposed guidance included the revised FAQs as an exhibit and the agencies sought comment on the extent to which the concepts discussed in the FAQs should be incorporated into the final guidance.  In their discussion of the final guidance, the agencies identify which concepts from the FAQs have been incorporated into the final guidance.

Continue Reading  Federal Banking Agencies Issue Final Interagency Guidance on Risk Management in Third-Party Relationships

On February 14, 2023, both the American Bankers Association (“ABA”) and the Bank Policy Institute (“BPI”) submitted comments to the Financial Crimes Enforcement Network (“FinCEN”) on FinCEN’s notice of proposed rulemaking (“NPRM”) relating to access to beneficial ownership information (“BOI”) reported to FinCEN under the Corporate Transparency Act (“CTA”). While both organizations had similar comments, mainly being that the proposed limits on FIs’ ability to use BOI retrieved from the database contradicts the CTA’s objective, the ABA recommended that FinCEN entirely withdraw the NPRM. Below, we break down each organization’s comments and strong critiques regarding the NPRM.

Continue Reading  Bank Industry Groups Heavily Criticize FinCEN’s Proposed Rule on Access to Beneficial Ownership Information

The Office of the Comptroller of the Currency (“OCC”) entered into a Consent Order (available here) with Anchorage Digital Bank (“Anchorage”), which requires Anchorage to create a compliance committee and take steps to remediate alleged shortcomings with respect to the implementation and effectiveness of Anchorage’s Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) program.  Notably, Anchorage will pay no civil penalty.

Anchorage is not any regular entity overseen by the OCC:  it is a cryptocurrency custodian.  As we will discuss, the timing of the Consent Order indicates that even when regulators permit crypto activities by financial institutions, they remain cautious, particularly as to BSA/AML compliance.  The OCC’s actions send a clear message that regulated entities offering emerging technology financial services must adhere to the same BSA/AML monitoring and reporting requirements as more traditionally regulated entities.
Continue Reading  OCC Targets BSA/AML Compliance by Anchorage Digital Bank – Only 15 Months After Granting National Trust Bank Charter to the Crypto Custodian

As we recently blogged (here and here), the Financial Crimes Enforcement Network (“FinCEN”) recently issued a Notice of Proposed Rulemaking (“NPRM”) regarding the beneficial ownership reporting requirements of the Corporate Transparency Act (“CTA”).  The NPRM is the first in a series of three rulemakings that FinCEN will issue to implement the CTA.  It sets forth FinCEN’s proposed reporting requirements, i.e., who must file a report on beneficial ownership information (“BOI”), what information must be reported, and when reports will be due.

In response, FinCEN received over 230 comments (see FinCEN’s press release here).   We focus here on comments from two key players: the American Bankers Association (“ABA”) and the Bank Policy Institute (“BPI”), which highlight the industry perspective of banking institutions (These groups also commented previously  on FinCEN’s Advance NPRM regarding the CTA’s implementation, which we blogged about here and here).

The CTA, passed as part of the Anti-Money Laundering Act of 2020 (“AML Act”), requires certain legal entities to report their beneficial owners (“BOs”) to a database accessible by U.S. and foreign law enforcement and regulators, and to U.S. financial institutions seeking to comply with their own Anti-Money Laundering (“AML”) compliance obligations, particularly FinCEN’s existing Customer Due Diligence Rule (“CDD Rule”) for legal entity customers implemented in 2018.

Under the existing CDD Rule, covered financial institutions must collect and verify BOI from certain entity customers and maintain records of such information.  But until now, entities did not have to report directly such information to the government.  The CTA makes companies (like LLCs and corporations) subject to BOI reporting requirements.  The CTA also requires FinCEN to revise the existing CDD Rule to try to make it consistent with the CTA and remove any unnecessary or duplicative burdens.

The ABA (which represents large banks) and the BPI (which represents universal, regional, and major foreign banks) each submitted lengthy comment letters, showcasing their strong interest in how these reporting requirements shake out.  As the ABA observes, it will be difficult to determine how these reporting requirements will fit in with bank responsibilities until FinCEN issues its other rulemakings.  Still, both groups recommend making several modifications to the proposed reporting requirements now—mainly aligning the NPRM with the existing CDD Rule—to minimize future burdens on banks and their customers.  Both groups propose similar modifications, but there are some differences.  We summarize the most salient points in this post.

Overall, these comments make clear that the ABA and the BPI continue to support creation of the FinCEN registry as a way to drive down the cost of regulatory compliance for banks.  Both groups suggest, however, that such a benefit could be outweighed if the final reporting requirements stray too far from the existing CDD Rule.  As both groups observe, any significant change from the current CDD Rule will require banks to divert significant resources to comply with the new requirements, at the expense of other AML efforts.
Continue Reading  American Bankers Association and the Bank Policy Institute Weigh in on FinCEN’s Proposed Rules for Corporate Transparency Act

Consent Order Stresses that Only Three AML Analysts Struggled to Review 100 “Alerts” Per Day, Each – and Notes in Passing that “Outside Examiners” Blessed the Bank’s AML Program for the Same Five Years that the Bank Allegedly Maintained a Willfully Deficient Program

On December 16, 2021, the Financial Crimes Enforcement Network (“FinCEN”) entered into a Consent Order with CommunityBank of Texas, N.A. (“CBOT”), in which CBOT admitted to major shortcomings with respect to the implementation and effectiveness of its anti-money laundering (“AML”) program. The monetary penalties imposed on CBOT are substantial: FinCEN assessed an $8 million penalty, although CBOT will receive credit for a separate $1 million penalty to be paid to the Office of the Comptroller of the Currency (“OCC”).

The Consent Order, available here, offers valuable insight into FinCEN’s reasoning for its enforcement actions.  According to the Consent Order, CBOT has a regional footprint and operates several branches in Texas.  It serves small and medium-sized businesses and professionals.  And, in the “back of the house,” CBOT established a typical AML system designed to detect and escalate alerts for suspicious activity for investigation and potential filing of Suspicious Activity Reports (“SARs”). However, FinCEN alleged that over a period of at least four years, CBOT “willfully” failed to effectively implement its AML, program, leading to a failure to file SARs and otherwise detect specific suspicious activity.  As detailed below, many of the alleged shortcomings of CBOT’s AML program flowed from a lack of compliance resources and personnel between 2015 and 2019: too few analysts were assigned to review and investigate potentially suspicious transactions, and as a result, downstream investigations and due diligence suffered, including an alleged failure to file at least 17 specific SARs.

Because the detailed Consent Order offers a somewhat rare opportunity to glean FinCEN’s reasoning behind its enforcement actions generally, we explore the alleged failures in some detail below.  Then, we summarize key details of the Consent Order, offer key takeaways, and note several questions that the Consent Order still leaves unresolved.
Continue Reading  FinCEN Assesses Civil Penalty Against CommunityBank of Texas for AML Program Weaknesses

The Second U.S. Circuit Court of Appeals, in a recent 27-page decision, held that Halkbank, the state-owned Turkish lender, cannot claim sovereign immunity under the Foreign Sovereign Immunities Act (“FSIA”) in a money laundering and sanctions-related prosecution.  Upholding a decision by U.S. District Judge Richard M. Berman, the court ruled that even if the FSIA could shield the bank in a criminal case, the charges against Halkbank fall under the “commercial activity” exception to FSIA immunity.  This interpretation of the commercial activity exception significantly limits the immunity bestowed under the FSIA in criminal cases and furthers American deterrence against foreign financial institutions that allegedly facilitate evasion of U.S. sanctions or launder funds through the U.S. financial system.  Halkbank now faces potential trial for an alleged $20 billion money laundering scheme, bank fraud, and conspiracy charges.
Continue Reading  Second Circuit Says Turkish Halkbank Must Face Criminal Charges In Money Laundering and Iran Sanctions Case

The OCC, FDIC, and Federal Reserve Board have issued a guide that is intended to assist community banks in conducting due diligence when considering relationships with financial technology (fintech) companies (Guide).

The issuance of the Guide follows the agencies’ July 2021 release of proposed interagency guidance for banking organizations on managing risks associated with third-party

A Guest Blog by Angelena Bradfield

Today we are very pleased to welcome guest blogger Angelena Bradfield, who is the Senior Vice President of AML/BSA, Sanctions & Privacy for the Bank Policy Institute. BPI is a nonpartisan public policy, research and advocacy group, representing the nation’s leading banks. Its members include universal banks, regional banks and the major foreign banks doing business in the United States.  BPI has been engaged in efforts to modernize the U.S. anti-money laundering/ countering the financing of terrorism (AML/CFT) regime for almost half a decade and worked closely with Senate and House leadership throughout the introduction and final passage of the Anti-Money Laundering Act of 2020 (AML Act). Angelena previously was a Vice President at The Clearing House Association, where she supported its regulatory affairs department in similar policy areas. Before that, she supported comprehensive immigration reform efforts at ImmigrationWorks USA and worked on various domestic policy issues at the White House where she served as a staff assistant in both the Domestic Policy Council and Presidential Correspondence offices.

We reached out to Angelena regarding BPI’s recent letter to the Financial Crimes Enforcement Network (FinCEN) commenting on its implementation of the Corporate Transparency Act (CTA).  Congress passed the CTA on January 1, 2021, as part of the AML Act.  The CTA requires certain legal entities to report their beneficial owners to a directory accessible by U.S. and foreign law enforcement and regulators.  This directory also will be accessible to U.S. financial institutions seeking to comply with their own AML obligations, particularly the beneficial ownership regulation, otherwise known as the Customer Due Diligence Rule (CDD Rule), already applicable to banks and other financial institutions. The CTA’s beneficial ownership directory is one of the most important and long-awaited changes to the BSA/AML regulatory regime, but it presents many challenges, both legal and logistical.  On April 5, 2021, FinCEN issued an advance notice of proposed rulemaking to solicit public comment on the CTA’s implementation.  In response, FinCEN received over 200 letters from industry stakeholders – including the letter from BPI.

This blog post again takes the form of a Q&A session, in which Angelena responds to questions posed by Money Laundering Watch about the CTA and how it should be implemented.  We hope you enjoy this discussion on this important topic. – Peter Hardy and Shauna Pierson
Continue Reading  Implementing the Corporate Transparency Act:  A Guest Blog

As we recently blogged, the Financial Crimes Enforcement Network (“FinCEN”) issued an advance notice of proposed rulemaking (“ANPRM”) on April 5, 2021 to solicit public comment on the implementation of the Corporate Transparency Act (“CTA”). In response, FinCEN received over 200 letters from industry stakeholders. This post will focus on one such letter, from the American Bankers Association (“ABA”), which highlights the industry perspective of large financial institutions.

The CTA, passed as part of the Anti-Money Laundering Act of 2020 (“AMLA”), requires certain legal entities to report their beneficial owners to a database accessible by U.S. and foreign law enforcement and regulators, and to U.S. financial institutions seeking to comply with their own Anti-Money Laundering (“AML”) compliance obligations, particularly FinCEN’s existing BO regulation which is part of the Customer Due Diligence Rule (“CDD Rule”) implemented in 2018. The beneficial ownership database is one of the most important and long-awaited changes to the AML legal framework in the United States.

To understand the paradigm shift, it is useful to recall the CDD rule currently in existence. Under FinCEN’s existing regulations, covered financial institutions have the requirement to collect and verify beneficial ownership information from their customers, and maintain records of such information. But until now their customers, which may include individuals and companies of all sizes, did not have to report such information to the government. The CTA makes companies (like LLCs and corporations) subject to such beneficial ownership reporting requirements. The CTA also requires FinCEN to revise the CDD Rule to try to make it consistent with the CTA and remove any unnecessary or duplicative burdens on financial institutions and legal entity customers.

In anticipation of these significant changes, industry groups have submitted comments to FinCEN on topics ranging from who will be covered to the logistics of implementation. The ABA, representing large banks, submitted a lengthy comment letter showcasing a strong interest in how these regulations shake out. The ABA first makes clear its support for Congress and FinCEN in ramping up efforts to combat money laundering and terrorism financing. It then lays out its recommendations for filling in gaps left by the CTA, largely tracking the questions that FinCEN solicited in its ANPRM. We summarize the most salient points below.
Continue Reading  American Bankers Association Weighs in on the Corporate Transparency Act