Enforcement Trends, Crypto, the AML Act — and More

We are very pleased to be moderating, once again, the Practising Law Institute’s 2022 Anti-Money Laundering Conference on May 17, 2022, starting at 9 a.m. This year’s conference will be both live and virtual — and it will be as informative, interesting and timely as always. 

On April 5, 2022 the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced sanctions against “the world’s largest and most prominent darknet market, Hydra Market” and Garantex, a virtual currency exchange registered in Estonia but operating in Moscow and St. Petersburg, Russia.  The sanctions are part of a larger initiative targeting Russian cybercrime that spans across multiple federal departments—including the U.S. Department of Justice, Federal Bureau of Investigations, Drug Enforcement Administration, Internal Revenue Service Criminal Investigation, and Homeland Security Investigations—and across the globe—including international partners like the German Federal Criminal Police and Estonia’s Financial Intelligence Unit.  The sanctions follow September and November sanctions of SUEX OTC, S.R.O. and CHATEX, two virtual currency exchanges operated out of Moscow that allegedly facilitated transactions for ransomware actors.  SUEX was the first virtual currency exchange subject to OFAC sanctions (and the subject of a previous post).

While ostensibly focused on closing another avenue for ransomware purveyors to profit off of their wares, the sanctions may also cut off all types of cybercriminals who allegedly find “a haven” in Russia and used Hydra or Garantex.
Continue Reading  OFAC Designates “Hydra” –  the Largest Darknet Market – and Third Russian Virtual Currency Exchange

On March 1, 2022, the U.S. Department of the Treasury (“Treasury”) published its National Risk Assessment for Money Laundering, Terrorist Financing, and Proliferation Financing (the “NMLRA”), identifying the national threats, vulnerabilities, and risks facing the U.S. financial system.  The NMLRA is 74 pages long and comprehensively covers many different perceived threats and vulnerabilities, including the misuse of legal entities, virtual assets, real estate, investment advisors, and casinos.  This post therefore selects three key issues for closer analyses.

First, cybercrime (a topic we cover frequently) in the form of ransomware received the dubious honor of representing “a larger and growing share of the overall money laundering threat in the United States.”  Second, professional money laundering organizations (“PMLOs”) continue to peddle their illicit services internationally to launder the proceeds of cybercrime, narcotics trafficking, and other schemes on behalf of organized criminal enterprises.  Third, merchants and professionals, such as lawyers, real estate professionals, and financial services employees, continue to perform – knowingly or unknowingly – critical functions in support of money laundering schemes and obfuscating the source of ill-gotten gains.
Continue Reading  U.S. Treasury Identifies Ongoing and Emergent Money Laundering Risks and Vulnerabilities

Federal law enforcement and regulators continue to focus on technology-driven financial crime — specifically, cyber-enabled fraud and the laundering of illicit funds through cryptocurrency.  Last week, the Department of Justice (“DOJ”) announced that Eun Young Choi will serve as the first Director of the National Cryptocurrency Enforcement Team (“NCET”).  As we have blogged, the DOJ created in 2021 the NCET in order to address issues on which we repeatedly have blogged:  crypto exchangers and their AML obligations; the process of tracing digital asset transactions; ransomware; so-called “professional” money launderers; and the use of crypto to launder serious crimes such as drug trafficking and human trafficking.  This attempt at a coordinated government approach to crypto enforcement followed the announcement earlier in 2021 by the Financial Crimes Enforcement Network (“FinCEN”) of appointing its first-ever Chief Digital Currency Advisor.

Meanwhile, FinCEN has stressed the need for, and utility of, specific information to be submitted by the victims of cyber-enabled financial crime schemes, or the financial institutions of those victims, to FinCEN’s Rapid Response Program, or RRP.  The RRP seeks to share financial intelligence and recover the proceeds of crime.
Continue Reading  DOJ, FBI and FinCEN Continue to Focus on Crypto and Cyber Financial Crime

As anticipated, the Office of the Comptroller of the Currency, the Federal Reserve Board, and the FDIC recently approved and released the Final Rule Requiring Computer-Security Incident Notification (“Final Rule”).  The Final Rule is designed to promote early awareness and stop computer security incidents before they become systemic.  It places new reporting requirements on both

On October 15, 2021, the Financial Crimes Enforcement Network (“FinCEN”) issued a financial trend analysis on ransomware relating to Suspicious Activity Reports (“SARs”) filed in the first half of this year (“Analysis”).  According to the Analysis, U.S. banks and financial institutions reported $590 million in suspected ransomware payments in SARs filed between January and June 2021, more than the total for all of 2020.  FinCEN found that ransomware payments are often made using virtual currency, such as Bitcoin (“BTC”).  The Office of Foreign Assets Control (“OFAC”) also released guidance in tandem with the FinCEN Analysis, addressing how the virtual currency industry can address sanctions-related risks.

Ransomware appears to be top-of-mind at the U.S. Treasury, as we have blogged.  FinCEN’s Analysis and OFAC’s guidance came quickly on the heels of OFAC issuing on September 21 a six-page Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, which states that OFAC will consider self-reporting, cooperation with the government and strong cybersecurity measures to be mitigating factors in any contemplated enforcement action against a ransomware victim that halts an attack by making the demanded payment to attackers who were sanctioned or otherwise had a sanctions nexus.  Also on September 21, 2021, OFAC issued its first sanctions designation against a virtual currency exchange by designating the virtual currency exchange “for its part in facilitating financial transactions for ransomware variants.”
Continue Reading  FinCEN Reports Spiraling SARs Relating to Ransomware

On October 6, the Department of Justice (“DOJ”) announced the creation of a National Cryptocurrency Enforcement Team (“NCET”).  The DOJ press release is set forth in part below, without further commentary, other than to observe that the NCET’s stated goals are to address issues on which we repeatedly have blogged:  crypto exchangers and their AML

OFAC Updates Advisory on Enforcement Risks Relating to Agreeing to Pay Ransomware

First Post in a Two-Part Series on Recent OFAC Designations

On September 21, 2021 OFAC issued its first sanctions designation against a virtual currency exchange by designating the virtual currency exchange, SUEX OTC, S.R.O. (SUEX) “for its part in facilitating financial transactions for ransomware variants.”  Although this is a unique development, the broader and more important issue for any financial institution or company facing a ransomware attack is the continuing problem encapsulated in OFAC’s six-page Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, which OFAC released in conjunction with the announcement of the SUEX designation.  The Updated Advisory illustrates a “Catch 22” scenario, in which a victim that halts a ransomware attack by making the demanded payment then may find itself under scrutiny from OFAC on a strict-liability basis if it turns out that the attackers were sanctioned or otherwise had a sanctions nexus.  The Updated Advisory states that OFAC will consider self-reporting, cooperation with the government and strong cybersecurity measures to be mitigating factors in any contemplated enforcement action.

OFAC has been busy.  Tomorrow, we will blog on a more traditional action announced by OFAC right before the SUEX designation:  OFAC’s designation of members of a network of financial conduits funding Hizballah and Iran’s Islamic Revolutionary Guard Corps-Qods Force.  This designation is notable for the targets’ alleged use of gold as a vehicle to launder illicit funds through front companies.
Continue Reading  OFAC Targets Virtual Currency Exchange For Ransomware Attack

Breadth of List Undermines Usefulness to Industry

As required by the Anti-Money Laundering Act (“AML Act”), the Financial Crimes Enforcement Network (“FinCEN”) issued on June 30, 2021 the first government-wide list of priorities for anti-money laundering and countering the financing of terrorism (“AML/CFT”) (the “Priorities”).  The Priorities purport to identify and describe the most significant AML/CFT threats facing the United States.  The Priorities have been much-anticipated because, under the AML Act, regulators will review and examine financial institutions in part according to how their AML/CFT compliance programs incorporate and further the Priorities, “as appropriate.”

Unfortunately, and as we will discuss, there is a strong argument that FinCEN has prioritized almost everything, and therefore nothing.
Continue Reading  FinCEN Identifies AML/CFT “Priorities” For Financial Institutions

Last week, the law enforcement agencies across the globe executed a historic two-day takedown of hundreds of alleged criminals who used securely encrypted communication devices to further their criminal enterprises.  The operation, dubbed “Operation Trojan Shield,” involved over 9,000 law enforcement officers deployed worldwide to search more than 700 locations, which resulted in more than 800 arrests.  Their secret weapon? The encrypted communication devices used by these criminal organizations were manufactured and distributed by a company called ANOM, which just happens to be owned and operated by the Federal Bureau of Investigation (“FBI”).

To date, government press releases throughout the world have focused on the arrests and the seizures of contraband:  more than eight tons of cocaine; 22 tons of marijuana; two tons of methamphetamine/amphetamine; six tons of precursor chemicals; 250 firearms; and more than $48 million in various worldwide currencies and cryptocurrencies.  However, law enforcement agencies also have been clear that, of course, spin-off investigations are in the works.  As we discuss, money laundering already is a focus, and presumably numerous money laundering charges will be forthcoming over the years as a result of this operation, including as to any third parties or professionals knowingly involved in helping to move the massive amount of illicit proceeds.
Continue Reading  The Ultimate Inside Job: FBI-Owned Encrypted Communication Devices Take Down Criminal Syndicates Worldwide – With Money Laundering Cases Across the Globe to Follow