Financial Crimes Enforcement Network (FinCEN)

On October 19, 2022, the U.S. Attorney’s Office for D.C., on behalf of the Financial Crimes Enforcement Network (“FinCEN”), filed a civil complaint against Larry Dean Harmon (“Harmon”), seeking $60 million in civil penalties for alleged violations of the Bank Secrecy Act (“BSA”) in connection with Harmon’s involvement in now-defunct cryptocurrency services Helix and Coin Ninja LLC.  The complaint seeks to obtain a judgment on FinCEN’s 2020 Assessment of Civil Money Penalty against Harmon (“Assessment”), which is attached to the complaint and includes a detailed statement of facts.

As we have blogged, Harmon previously pled guilty to operating an unlicensed money transmitter business.  Harmon’s sentencing hearing in the criminal case has been continued, and he reportedly has been attempting to cooperate with the government.  It appears that the civil complaint may represent something of a formality:  it seeks to reduce the assessment against Harmon to an actual civil judgment, upon which the government can collect in theory, in anticipation of Harmon’s criminal sentencing and any potential additional matters in which he may attempt to cooperate.

According to the complaint, starting in 2014, Harmon operated Helix, a bitcoin “mixing” service, which Harmon allegedly advertised explicitly as a way for customers to conceal their identities from the government.  The statement of facts attached to the Assessment alleged that Harmon “publicly advertised Helix on Reddit forums dedicated to darknet marketplaces, actively seeking out and facilitating high-risk transactions directly through customer service and feedback.”  Such “mixing” services – designed to maximize anonymity – increasingly have drawn the ire of the government, as reflected by the recent and controversial action by the Office of Foreign Assets Control to sanction virtual currency “mixer” – or passive technology – Tornado Cash.  

Continue Reading  DOJ Files Lawsuit for $60 Million in Civil Penalties for Alleged BSA Violations by Crypto “Mixer”

FinCEN announced yesterday that, once again, it is extending the Geographic Targeting Order, or GTO, which requires U.S. title insurance companies to identify the natural persons behind so-called “shell companies” used in purchases of residential real estate not involving a mortgage.  FinCEN also has expanded slightly the reach of the GTOs.

The new GTO is 

Actions Highlight Risky Mix of Sanctions Law, Inadequate Transaction Monitoring and Dealing with Anonymity-Enhanced Cryptocurrencies

The Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network (“FinCEN”) announced on October 11 simultaneous settlements with Bittrex, Inc. (“Bittrex”), a virtual currency exchange and hosted wallet provider. Under the OFAC settlement, Bittrex has agreed to pay $24,280,829.20 to settle its potential civil liability for 116,421 alleged violations of multiple sanctions programs. Under the FinCEN consent order, Bittrex agreed to pay a civil penalty of $29,280,829.20 for alleged anti-money laundering (“AML”) violations under the Bank Secrecy Act (“BSA”). FinCEN has agreed to credit Bittrex’s payment to OFAC against its penalty because it found that the alleged BSA violations “stem from some of the same underlying conduct”; thus, Bittrex’s total payments to the two regulators come to $29,280,829.20. 

According to the Department of the Treasury dual press release, the two settlements represent the first parallel enforcement actions by FinCEN and OFAC in the virtual currency and sanctions space. Also, it is OFAC’s largest virtual currency enforcement action to date. To further highlight the importance of the settlements, the press release quotes the OFAC Director Andrea Gacki and FinCEN Acting Director Himamauli Das, both sternly warning operators in the same environment as Bittrex to implement effective AML compliance and sanction screening programs.

It is conceivable that Bittrex, for years now, has been on notice that federal and state regulators are closely watching and expecting more comprehensive risk assessment programs and procedures from businesses transacting with virtual currency. As we previously blogged here, in 2019 the New York Department of Financial Services (“NYDFS”) denied Bittrex’s application for a Bitlicense, citing: “deficiencies in Bittrex’s BSA/AML/OFAC compliance program; a deficiency in meeting the Department’s capital requirement; and deficient due diligence and control over Bittrex’s token and product launches.”  In its letter denying Bittrex’s application, NYDFS set forth in detail the deficiencies it found in Bittrex’s BSA/AML/OFAC compliance program, noting that Bittrex’s compliance policies and procedures “are either non-existent or inadequate.”

As we will discuss, the FinCEN consent order highlights Bittrex’s alleged failure to address adequately the overall risk environment in which it operated, including transactions involving anonymity-enhanced cryptocurrencies, or AECs.  The consent order also highlights two repeated themes in enforcement actions: lack of adequate compliance staff, and a seemingly robust written compliance policy that was not matched by an effective day-to-day transaction monitoring system.

Continue Reading  OFAC and FinCEN Settle with Bittrex in Parallel Virtual Currency Enforcements

With Guest Speaker Matthew Haslinger of M&T Bank

We are extremely pleased to offer a podcast (here) on the legal and logistical issues facing financial institutions as they implement the regulations issued by the Financial Crimes Enforcement Network (FinCEN) pursuant to the Anti-Money Laundering Act of 2020 (AMLA) and the Corporate Transparency Act

Second Post in a Two-Post Series on the CTA Implementing Regulations

As we just blogged, the Financial Crimes Enforcement Network (“FinCEN”) has issued a final rule (“Final Rule”) regarding the beneficial ownership information (“BOI”) reporting requirements pursuant to the Corporate Transparency Act (“CTA”).  The Final Rule will require tens of millions of corporations and limited liability companies registered to do business in the United States to report their BOI to FinCEN.  FinCEN views this development as a “historic step in support of U.S. government efforts to crack down on illicit finance and enhance transparency.”

The Final Rule defines a “beneficial owner” whose information must be reported as “any individual who, directly or indirectly, either exercises substantial control over such reporting company or owns or controls at least 25 percent of the ownership interests of such reporting company.”  In this post, we focus on the “substantial control” prong of the beneficial ownership definition: “any individual who, directly or indirectly, . . . exercises substantial control over such reporting company.” (emphasis added). The Final Rule generally adopts the language of the proposed rule issued by FinCEN in December 2021, with some minor adjustments.

FinCEN expects reporting companies to always identify at least one beneficial owner under the “substantial control” prong, even if all other individuals are subject to an exclusion or fail to satisfy the “ownership interests” prong.  As we will discuss, the Final Rule contemplates that a covered reporting company may need to report multiple individuals under the “substantial control” prong.  Further, and although FinCEN still needs to issue proposed regulations regarding the following, the Final Rule’s broad definition of the “substantial control” prong under the CTA presumably will lead to FinCEN expanding the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Final Rule for Beneficial Ownership Reporting: The “Substantial Control” Prong

First Post in a Two-Post Series on the CTA Implementing Regulations

On September 30, 2022, the Financial Crimes Enforcement Network (“FinCEN”) issued its final rule, Beneficial Ownership Information Reporting Requirements (“Final Rule”), implementing the beneficial ownership reporting requirements of the Corporate Transparency Act (“CTA”). 

FinCEN’s September 29, 2022 press release is here; the Final Rule is here; and a summary “fact sheet” regarding the rule is here.  The Final Rule largely tracks the December 8, 2021 Notice of Proposed Rulemaking (the “Proposed Rule”), on which we blogged here and here

The Final Rule requires many corporations, limited liability companies, and other entities created in or registered to do business in the United States to report information (“BOI”) about their beneficial owners the persons who ultimately own and control the company — to FinCEN.  This information will be housed within the forthcoming Beneficial Ownership Secure System (“BOSS”), a non-public database under development by FinCEN. 

The Final Rule takes effect on January 1, 2024.  In a nutshell, (1) companies subject to the BOI reporting rules (“reporting companies”) created or registered before the effective date will have one year, until January 1, 2025, to file their initial reports of BOI and (2) reporting companies created or registered after the effective date will have 30 days after creation or registration to file their initial reports.  In addition to the initial filing obligation, reporting companies will have to file updates within 30 days of a relevant change in their BOI.  And, as we discuss, covered companies also will have to report their “company applicants,” which could include lawyers, accountants or other third-party professionals.

The Final Rule will have broad effect.  FinCEN estimates that over 32 million initial BOI reports will be filed in the first year of the Final Rule taking effect, and that approximately 5 million initial BOI reports and over 14 million updated reports will be filed in each subsequent year.  We summarize here the key provisions of the Final Rule.  In our next blog post, we will discuss the Final Rule’s broad definition of the “control” prong regarding who represents a “beneficial owner,” which will result in an expansion of the definition of “beneficial owner” under the existing Customer Due Diligence (“CDD”) rule applicable to banks and other financial institutions (“FIs”).

Continue Reading  FinCEN Issues Final Rule on Beneficial Ownership Reporting Requirements

On Friday, the Department of Justice (“DOJ”) announced two developments:  First, the release of a 66-page report, The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets (the “Report”), issued under President Biden’s March 9, 2022 Executive Order on Ensuring Responsible Development of Digital Assets.  Second, the establishment of the Digital Asset Coordinator (“DAC”) Network, a nationwide group of prosecutors designated as legal and technical experts in digital asset cases.

We focus here on the regulatory and legislative recommendations of the Report, which seek to expand significantly the ability of the DOJ to investigate and prosecute offenses involving digital assets. The recommendations include increasing criminal penalties, extending statutes of limitations, expanding venue provisions, enhancing the government’s forfeiture powers, and prohibiting virtual asset service providers from “tipping off” the subjects of grand jury subpoenas received by the providers.  The recommendations also include making clear that the federal criminal law against maintaining an unlicensed money transmitter applies to peer-to-peer platforms that purportedly do not take custody or assume control over the digital asset being exchanged; ensuring that the Financial Crimes Enforcement Network (“FinCEN”) issues a final rule expanding the application of the Travel Rule under the Bank Secrecy Act (“BSA”) to digital asset transfers; and expanding or arguably clarifying that the BSA applies to platforms dealing in non-fungible tokens, or NFTs, including online auction houses and digital art galleries.

Continue Reading  DOJ Issues Report on Digital Asset Law Enforcement Seeking Expansive New Powers, and Launches New Crypto Prosecutor Network

How effective is the current framework for filing Suspicious Activity Reports, or SARs?  The AML Act mandates that federal law enforcement agencies provide statistics to assist Congress, regulators, and financial institutions answer this question.  Specifically, it requires the Department of Justice (“DOJ”) to annually produce a report to the Secretary of the Treasury containing statistics, metrics and other information on the use of Bank Secrecy Act (“BSA”) reports.  It further requires the Financial Crimes Enforcement Network (“FinCEN”), to the extent possible, to periodically disclose to financial institutions summary information on SARs that proved useful to law enforcement; it also requires FinCEN to review SARs and publish information on threat patterns and trends.

Yet, on August 25, 2022, the United States Government Accountability Office (“GAO”) published a report, Action Needed to Improve DOJ Statistics on Use of Reports on Suspicious Financial Transactions, describing how the DOJ has not fulfilled that statutory mandate.  The GAO’s report sets forth two recommendations: (1) the DOJ should include data on the use of BSA reports in its ongoing agency-wide efforts to improve data collection; and (2) involve its Chief Information Officer and Statistical Official in the design of its annual BSA statistical report. 

Arguably, the most eye-catching observation of the report is that FinCEN itself “cannot currently provide comprehensive feedback on the impact of BSA reports [to the DOJ] because agencies do not provide FinCEN with comprehensive data on their use of those reports or the effect they had.”  Accordingly, and despite ongoing calls for FinCEN to provide meaningful feedback (now, a statutory requirement under the AML Act), FinCEN “cannot connect their data on report searches to the impact of those reports on case outcomes.”

Continue Reading  GAO Report: DOJ Cannot Provide Meaningful Feedback on SAR Use

Earlier this year, U.S. President Joe Biden requested an increase in spending for the Financial Crimes Enforcement Network (“FinCEN”) to $210 million.  Last week, the U.S. House of Representatives (the “House”) passed a bill fulfilling that request, increasing FinCEN’s budget by over 30% to $210,330,000.  This is the exact figure requested by FinCEN, which

Amendment Focuses on Professional “Gatekeepers” – Lawyers, Accountants, Payment Processors, and Those Providing Corporate Formation and Trust Services

On July 13, 2022, the House of Representatives (the “House”) adopted an amendment to the 2023 National Defense Authorization Act (“NDAA”) offered by Maxine Waters (D. CA), inserting into the NDAA a version of the “Establishing New Authorities for Business Laundering and Enabling Risks to Security Act,” otherwise more commonly known as the ENABLERS Act. If ultimately passed into statute, even a scaled-back version of this amendment could significantly alter the Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) regulatory framework in the United States.  Of course, the sweeping AML Act of 2020 was passed because it also was tucked into the massive defense spending authorization bill for that year—so backers of BSA/AML expansion appear to be reverting to tactics which previously bore fruit.

Arguably, this amendment is even more sweeping than the AML Act. As we will discuss, it applies the BSA to persons providing corporate formation, trust, third-party payment, or similar legal or accounting services.  Although much digital ink will be spilled regarding the amendment’s application to lawyers—and we certainly emphasize here that potential sea change in AML regulation—the amendment’s application to third-party payment processors, depending upon how that term ultimately gets defined if the amendment becomes law, also could be a very significant development affecting many businesses and financial technology companies (“fintechs”).  Currently, and depending on the facts, the BSA often does not apply to payment processors, who often fit into an exemption under the BSA’s definition of a “money services business,” or MSBs, subject to AML requirements.  However, the amendment is “scaled back” from the original version of the ENABLERS Act, introduced last year, which had included investment advisors, art and antiquities dealers, and public relations firms.  Finally, the ambitious agenda of the amendment does not appear to acknowledge the current reality of actual government resources: the fact remains that the Financial Crimes Enforcement Network (“FinCEN”), which implements the BSA, has been struggling to implement the huge array of tasks and deadlines already foisted upon it by Congress through the AML Act and the recently-passed Corporate Transparency Act (“CTA”)—and FinCEN has been stating repeatedly that it needs increased funding.

Continue Reading  Closing the Gate:  House Adopts ENABLERS Act Amendment to 2023 NDAA