In its Fall 2023 Semiannual Risk Perspective, published on December 7, the Office of the Comptroller of the Currency (“OCC”) reported on key issues facing the federal banking system.  In evaluating the overall soundness of the federal banking system, the OCC emphasized the need for banks to maintain prudent risk management practices. The key risk themes that the OCC underscored in the report included credit, market, operational, and compliance risks. 

Of particular note was the discussion on the Bank Secrecy Act (“BSA”)/Anti-Money Laundering (“AML”) compliance risks with respect to fintech relationships.  We also will discuss briefly certain other compliance and operational risks highlighted by the OCC.

Continue Reading  OCC Risk Perspective Report Focuses on Third-Party Relationships with Fintechs

The CFPB has issued a proposed rule to supervise nonbank companies that qualify as larger participants in a market for “general-use digital consumer payment applications.”  Comments on the proposal are due by January 8, 2024 or by the date that is 30 days after the proposal’s publication in the Federal Register, whichever is later.

The proposal is based on the CFPB’s authority to supervise nonbank entities considered to be “a larger participant of a market for other consumer financial products or services.”  It would cover providers of consumer financial products and services that are commonly referred to as “digital wallets,” “payment apps,” “funds transfer apps,” and “person-to-person or P2P payment apps.”

Continue Reading  CFPB Issues Proposal to Supervise Nonbank Providers of Digital Wallets and Payment Apps

Complex Civil and Criminal Cases Converge

On August 17, 2023, Judge Robert Pitman of the federal district court for the Western District of Texas issued an Order granting summary judgment for the U.S. Treasury Department (“Treasury”) in a lawsuit brought by six individuals, and denying the cross-motion for summary judgment filed by the individuals. The lawsuit alleged that Treasury overstepped its authority by imposing sanctions on the coin mixing service Tornado Cash.  Deciding for the government, Judge Pitman determined that Tornado Cash is a “person” that may be designated by OFAC sanctions.  Specifically, the regulatory definition of “person” includes an “association,” and Tornado Cash is an “association” within its ordinary meaning.

Shortly thereafter, on August 23, 2023, the U.S. Department of Justice (“DOJ”) unsealed an indictment returned in the Southern District of New York against the alleged developers of Tornado Cash, Roman Storm (“Storm”), a naturalized citizen residing in the U.S., and Roman Semenov (“Semenov”), a Russian citizen.  The indictment charges them with conspiring to commit money laundering, operate an unlicensed money transmitting business, and commit sanctions violations involving the International Emergency Economic Powers Act, or IEEPA.  When the indictment was unsealed, Storm was arrested and then released pending trial.  Treasury simultaneously sanctioned Semenov, who remains outside of the U.S., adding him to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List.

These are very complicated cases raising complicated issues.  They are separate but obviously related.  As we will discuss, the factual and legal issues tend to blend together, and how a party characterizes an issue says a lot about their desired outcome:  has the government taken incoherent action against a technology, or has it pursued a group of people attempting to hide behind tech?

Continue Reading  All Roads Lead to Roman: Alleged Tornado Cash Co-Founders Roman Storm Arrested and Roman Semenov Sanctioned, Days After Treasury Defeats Lawsuit Challenging OFAC

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Finance Monitor podcast series, A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi.” 

In this episode, we follow up and expand upon our blog post regarding the U.S. Department of the Treasury’s April 6, 2023 report examining vulnerabilities

The Federal Reserve, FDIC, and OCC have released final interagency guidance for their respective supervised banking organizations on managing risks associated with third-party relationships, including relationships with financial technology-focused entities such as bank/fintech sponsorship arrangements.  The guidance is intended to provide principles for effective third-party risk management for all  types of third-party relationships, regardless of how they may be structured.  At the same time, the agencies state that banking organizations have flexibility in their approach to assessing the risks posed by each third- party relationship and deciding the relevance of the considerations discussed in the final guidance

The final guidance rescinds and replaces each agency’s previously-issued guidance on risk management practices for third-party relationships.  In their July 2021 proposal, the agencies had included as an appendix FAQs issued by the OCC to supplement the OCC’s existing 2013 third-party risk management guidance.  The proposed guidance included the revised FAQs as an exhibit and the agencies sought comment on the extent to which the concepts discussed in the FAQs should be incorporated into the final guidance.  In their discussion of the final guidance, the agencies identify which concepts from the FAQs have been incorporated into the final guidance.

Continue Reading  Federal Banking Agencies Issue Final Interagency Guidance on Risk Management in Third-Party Relationships

Enforcement Trends, Crypto, Regulatory Developments — and More

I am very pleased to co-chair again the Practicing Law Institute’s 2023 Anti-Money Laundering Conference on May 16, 2023, starting at 9 a.m. in New York City (the event also will be virtual). 

I am also really fortunate to be working with co-chair Elizabeth (Liz) Boison

On April 6, 2023, the U.S. Department of the Treasury released a report examining vulnerabilities in decentralized finance (“DeFi”), including potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes for DeFi.  The report concludes by making a series of recommendations, including the closing of “gaps” in the application of the Bank Secrecy Act (“BSA”) to the extent that certain DeFi services currently fall outside the scope of the BSA’s definition of a “financial institution” covered by the BSA.  The report cautions that it does not alter any existing legal obligations, issue any new regulatory interpretations, or establish any new supervisory expectations.

Continue Reading  U.S. Treasury Releases Report and Recommendations Regarding Vulnerabilities in Decentralized Finance

Amendment Focuses on Professional “Gatekeepers” – Lawyers, Accountants, Payment Processors, and Those Providing Corporate Formation and Trust Services

On July 13, 2022, the House of Representatives (the “House”) adopted an amendment to the 2023 National Defense Authorization Act (“NDAA”) offered by Maxine Waters (D. CA), inserting into the NDAA a version of the “Establishing New Authorities for Business Laundering and Enabling Risks to Security Act,” otherwise more commonly known as the ENABLERS Act. If ultimately passed into statute, even a scaled-back version of this amendment could significantly alter the Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) regulatory framework in the United States.  Of course, the sweeping AML Act of 2020 was passed because it also was tucked into the massive defense spending authorization bill for that year—so backers of BSA/AML expansion appear to be reverting to tactics which previously bore fruit.

Arguably, this amendment is even more sweeping than the AML Act. As we will discuss, it applies the BSA to persons providing corporate formation, trust, third-party payment, or similar legal or accounting services.  Although much digital ink will be spilled regarding the amendment’s application to lawyers—and we certainly emphasize here that potential sea change in AML regulation—the amendment’s application to third-party payment processors, depending upon how that term ultimately gets defined if the amendment becomes law, also could be a very significant development affecting many businesses and financial technology companies (“fintechs”).  Currently, and depending on the facts, the BSA often does not apply to payment processors, who often fit into an exemption under the BSA’s definition of a “money services business,” or MSBs, subject to AML requirements.  However, the amendment is “scaled back” from the original version of the ENABLERS Act, introduced last year, which had included investment advisors, art and antiquities dealers, and public relations firms.  Finally, the ambitious agenda of the amendment does not appear to acknowledge the current reality of actual government resources: the fact remains that the Financial Crimes Enforcement Network (“FinCEN”), which implements the BSA, has been struggling to implement the huge array of tasks and deadlines already foisted upon it by Congress through the AML Act and the recently-passed Corporate Transparency Act (“CTA”)—and FinCEN has been stating repeatedly that it needs increased funding.

Continue Reading  Closing the Gate:  House Adopts ENABLERS Act Amendment to 2023 NDAA

Global AML Compliance Faces Challenges Relating to Regulator Expertise, the Travel Rule, Decentralized Finance, and “Regulator Shopping”

Today we are very pleased to welcome guest blogger Federico Paesano from the Basel Institute on Governance (“Basel Institute”). The Basel Institute recently issued its Basel AML Index for 2021 (“Basel AML Index”). This data-rich and fascinating annual publication, one of several online tools developed by the Basel Institute to help both public- and private-sector practitioners tackle financial crime, is a research-based ranking that assesses countries’ risk exposure to money laundering and terrorist financing. This year, we will focus on the section of the Basel AML Index which analyzes data from the Financial Action Task Force (“FATF”) on how jurisdictions are responding to money laundering and terrorist financing threats related to virtual assets.  The Basel AML Index concludes: “not well at all.”

Federico Paesano is a Senior Financial Investigation Specialist at the Basel Institute’s International Centre for Asset Recovery, and leads its Cryptocurrencies and Anti-Money Laundering Compliance Training.  For 14 years, Federico worked for the Italian Financial Police, ending his career as Chief Investigator, leading and conducting judicial and financial investigations, focusing in particular on economic crimes such as corruption and money laundering.  In July 2009, he was seconded by the Italian Government to the European Union Police Mission in Afghanistan (“EUPOL”) as Mentor to the Minister of Interior on Anticorruption.  Along with Europol and Interpol, Federico and the Basel Institute are co-organizing on December 7–8, 2021 the 5th Global Conference on Criminal Finances and Cryptocurrencies, which focuses on the emerging threat posed by criminals using new payment methods to conceal the proceeds of their crimes. His Quick Guide to Cryptocurrencies and Money Laundering Investigations may be found here.

The Basel Institute is a not-for-profit Swiss foundation dedicated to working with public and private partners around the world to prevent and combat corruption, and is an Associated Institute of the University of Basel. The Basel Institute’s work involves action, advice, and research on issues including anti-corruption collective action, asset recovery, corporate governance and compliance, and green corruption.  Money Laundering Watch was pleased to have Gretta Fenner and Dr. Kateryna Boguslavska of the Basel Institute guest blog on the Basel AML Indices for 2020 and 2019.

This blog post again takes the form of a Q & A session, in which Federico responds to questions posed by Money Laundering Watch about the Basel AML Index 2021 and wider debates on the topic. We hope you enjoy this discussion of money laundering risks and virtual assets — which addresses regulators’ frequent lack of expertise, tracing of cryptocurrency transactions, the Travel Rule, the challenges posed by decentralized finance, “regulator shopping,” and more.  —Peter Hardy and Andrew D’Aversa
Continue Reading  The Basel AML Index 2021: Virtual Assets and Money Laundering. A Guest Blog.

The OCC, FDIC, and Federal Reserve Board have issued a guide that is intended to assist community banks in conducting due diligence when considering relationships with financial technology (fintech) companies (Guide).

The issuance of the Guide follows the agencies’ July 2021 release of proposed interagency guidance for banking organizations on managing risks associated with third-party