The South Dakota Division of Banking (the “Division”) issued a Memorandum notifying all licensed South Dakota money lenders and non-residential mortgage lenders that the Division has taken the position that they are subject to the Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) obligations imposed by a 2020 Final Rule published by the Financial Crimes Enforcement Network (“FinCEN”) regarding banks lacking a federal functional regulator (“Final Rule”). The Final Rule became effective in 2020, and the Memorandum requires licensees to comply by March 31, 2024.  No other state has taken this same position, and the Final Rule itself stated that it applied to approximately 567 banks. 

Accordingly, all money lender and non-residential mortgage lender licensees covered by the Memorandum must develop a BSA/AML compliance program that aligns with the Memorandum’s requirements, which are equivalent to that of a “bank” under FinCEN’s regulations. The compliance program must include a risk assessment, ongoing transaction monitoring, and filing of Suspicious Activity Reports (“SARs”) and Currency Transaction Reports (“CTRs”), among other requirements. In addition, licensees must register with FinCEN for BSA e-filing.

Continue Reading  South Dakota Regulator Requires BSA/AML Compliance for Money Lender Licensees and Non-Residential Mortgage Lenders

Second of Three Posts in a Related Series on Recent AML and Money Laundering Prosecutions

The Department of Justice (“DOJ”) has been very active in the Bank Secrecy Act (“BSA”) / Anti-Money Laundering (“AML”) space, as reflected by a recent series of individual prosecutions and corporate non-prosecution agreements (“NPAs”).  

In the first blog post in this series, we discussed a significant prosecution of an individual, and two related corporate NPAs, involving the gaming industry.  In our final post, we will discuss the prosecution and sentencing of a lawyer who allegedly became part of the fraud and money laundering scheme perpetrated by his crypto client.

In this second post, we will discuss two unusual prosecutions involving, respectively, an individual executive of a bank and an alleged AML specialist working with small financial institutions.  

As we previously noted, all of these cases, although all unique, are also united in certain ways – particularly in regards to the need for institutions and professionals to perform sufficient due diligence regarding the conduct and source of funds of high-risk clients and customers.

Continue Reading  Criminal Case Round-Up: Recent Prosecutions Involving Financial Institution Officers

On October 23, the Financial Crimes Enforcement Network (“FinCEN”) published a notice of proposed rulemaking (“NPRM”) entitled Proposal of Special Measure Regarding Convertible Virtual Currency Mixing, as a Class of Transactions of Primary Money Laundering Concern.  Section 311 of the Patriot Act, codified at 31 U.S.C. § 5318A (“Section 311”), grants the Secretary of the Treasury authority – which has been delegated to FinCEN – to require domestic financial institutions and agencies to take certain “special measures” if FinCEN finds that reasonable grounds exist for concluding that one or more classes of transactions within or involving a jurisdiction outside of the United States is of “primary money laundering concern.” 

In this NPRM, FinCEN proposes to designate under Section 311 all convertible virtual currency (“CVC”) mixing transactions, as defined by the NPRM.  This designation would require imposing reporting and recordkeeping requirements upon covered financial institutions (“FIs”) regarding transactions occurring by, through, or to a FI when the FI “knows, suspects, or has reason to suspect” that the transaction involves CVC mixing.

The NPRM is complicated and raises complex questions.  We only summarize here, and note selected issues.  Comments are due on January 22, 2024.  FinCEN can expect many comments.

Continue Reading  FinCEN Proposes to Require Recordkeeping and Reporting for CVC Mixing Transactions

Complex Civil and Criminal Cases Converge

On August 17, 2023, Judge Robert Pitman of the federal district court for the Western District of Texas issued an Order granting summary judgment for the U.S. Treasury Department (“Treasury”) in a lawsuit brought by six individuals, and denying the cross-motion for summary judgment filed by the individuals. The lawsuit alleged that Treasury overstepped its authority by imposing sanctions on the coin mixing service Tornado Cash.  Deciding for the government, Judge Pitman determined that Tornado Cash is a “person” that may be designated by OFAC sanctions.  Specifically, the regulatory definition of “person” includes an “association,” and Tornado Cash is an “association” within its ordinary meaning.

Shortly thereafter, on August 23, 2023, the U.S. Department of Justice (“DOJ”) unsealed an indictment returned in the Southern District of New York against the alleged developers of Tornado Cash, Roman Storm (“Storm”), a naturalized citizen residing in the U.S., and Roman Semenov (“Semenov”), a Russian citizen.  The indictment charges them with conspiring to commit money laundering, operate an unlicensed money transmitting business, and commit sanctions violations involving the International Emergency Economic Powers Act, or IEEPA.  When the indictment was unsealed, Storm was arrested and then released pending trial.  Treasury simultaneously sanctioned Semenov, who remains outside of the U.S., adding him to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List.

These are very complicated cases raising complicated issues.  They are separate but obviously related.  As we will discuss, the factual and legal issues tend to blend together, and how a party characterizes an issue says a lot about their desired outcome:  has the government taken incoherent action against a technology, or has it pursued a group of people attempting to hide behind tech?

Continue Reading  All Roads Lead to Roman: Alleged Tornado Cash Co-Founders Roman Storm Arrested and Roman Semenov Sanctioned, Days After Treasury Defeats Lawsuit Challenging OFAC

Legislation Targets Unhosted Wallets, Validators and Digital Asset ATMs

On July 28th, Senators Elizabeth Warren (D-Mass), Roger Marshall (R-Kan.), Joe Manchin (D-W.Va.) and Lindsey Graham (R-S.C.), reintroduced the Digital Asset Anti-Money Laundering Act (the “Act”), legislation aimed at closing gaps in the existing anti-money laundering and countering of the financing of terrorism (AML/CFT) framework as it applies to digital assets. Senators Warren and Marshall previously had introduced the same piece of legislation in December 2022, but at that time it lacked widespread support and stalled in the Senate.

Now, potentially in response to crypto-friendly legislation that recently passed in the House, the Act gained momentum with a larger group of bipartisan legislators and may have a more promising future.  The Act also was reintroduced immediately on the heels of a successful amendment to the 2024 National Defense Authorization Act (NDAA) pertaining to AML compliance examinations for financial institutions under the Bank Secrecy Act (BSA) and the future regulation of anonymity-enhancing technologies, such as mixers or tumblers.  According to Senator Warren’s press release the Act currently enjoys the support of the Bank Policy Institute, the National District Attorneys Association, Major County Sheriffs of America, and the National Consumers League, among other groups.

As we discuss immediately below, the Act would make major changes to the current BSA/AML regulatory regime as it applies to digital assets.

Continue Reading  Bipartisan Group of Senators Re-Introduce the Digital Asset Money Laundering Act

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Finance Monitor podcast series, A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi.” 

In this episode, we follow up and expand upon our blog post regarding the U.S. Department of the Treasury’s April 6, 2023 report examining vulnerabilities

On April 6, 2023, the U.S. Department of the Treasury released a report examining vulnerabilities in decentralized finance (“DeFi”), including potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes for DeFi.  The report concludes by making a series of recommendations, including the closing of “gaps” in the application of the Bank Secrecy Act (“BSA”) to the extent that certain DeFi services currently fall outside the scope of the BSA’s definition of a “financial institution” covered by the BSA.  The report cautions that it does not alter any existing legal obligations, issue any new regulatory interpretations, or establish any new supervisory expectations.

Continue Reading  U.S. Treasury Releases Report and Recommendations Regarding Vulnerabilities in Decentralized Finance

The U.S. Department of Justice (“DOJ”) announced on March 15, 2023 that in a coordinated effort between U.S. Federal Bureau of Investigations, Europol, and German police, the darknet cryptocurrency mixing service ChipMixer has been shut down.  The operation involved the U.S. government’s court-authorized seizure of two domains that directed users to the ChipMixer service and one Github account.  In addition, German authorities seized $46 million in cryptocurrency, as well as ChipMixer’s back-end servers used to run the site. 

Further, the U.S. Attorney’s Office for the Eastern District of Pennsylvania filed a criminal complaint against ChipMixer’s suspected founder, Vietnamese national, Minh Quoc Nguyen (“Nguyen”), alleging that Nguyen openly flouted financial regulations and instructed users how to use ChipMixer to evade reporting requirements while obscuring his true name under a series of stolen and fictitious identities. The complaint also alleges that ChipMixer, described as a popular platform for laundering illicit funds gained from unlawful activities like drug trafficking, ransomware attacks (according to Europol, ransomware actors Zeppelin, SunCrypt, Mamba, Dharma, Lockbit have used ChipMixer), and payment card fraud, was used to launder more than $3 billion in cryptocurrency since 2017.  Nguyen has been charged with money laundering, operating an unlicensed money transmitting business, and identity theft in connection with the operation of ChipMixer. 

Continue Reading  Darkweb Cryptocurrency Mixer ChipMixer Shut Down for Allegedly Laundering $3 Billion Worth of Crypto

In its first use of Section 9714(a) of the Combating Russian Money Laundering Act, the Financial Crimes Enforcement Network (“FinCEN”) issued a notice of enforcement order (the “Order”) on January 18, 2023 against the cryptocurrency exchange Bitzlato Limited (“Bitzlato”), which has operated globally and is registered in Hong Kong.  The Order was issued in conjunction with the Department of Justice’s (“DOJ”) arrest of Bitzlato’s founder, Russian national Anatoly Legkodymov.  Bitzlato has processed over four billion dollars in cryptocurrency transactions since 2018.  According to the government, a substantial portion of those transactions involved criminal proceeds.

Legkodymov, who resided in China until his arrest in the United States, has been charged initially, via complaint and warrant, with conducting an unlicensed money-transmitting business under 18 U.S.C. § 1960, although the allegations against Bitzlato appear to extend far beyond mere unlicensed money transmission. Both the Order and the lengthy affidavit in support of the complaint stress that Bitzlato openly touted its intentional lack of any sort of real anti-money laundering (“AML”) program.  For example, “Bitzlato’s website advertised for years (and as recently as March 31, 2022) that the site offered ‘Simple Registration without KYC.  Neither selfies nor passports required.  Only your email needed.’  Similarly, a blog post on Bitzlato’s website stated:  ‘On Bitzlato no KYC is required for you to trade.’”

This post will focus on FinCEN’s Order, which identifies Bitzlato as a “primary money laundering concern,” and prohibits certain money transmission involving Bitzlato by covered financial institutions.  The Order also highlights the threats posed to U.S. national security and the integrity of the U.S. financial sector by Bitzlato’s active facilitation of laundering of Russian illicit finance. However, FinCEN’s press release makes clear that Bitzlato is just one part of a larger ecosystem of Russian cybercriminals, including ransomware attackers, operating with impunity in Russia.

Continue Reading  FinCEN Issues Enforcement Order Against Crypto Exchange Bitzlato in First-Time Use of Section 9714(a)

On October 19, 2022, the U.S. Attorney’s Office for D.C., on behalf of the Financial Crimes Enforcement Network (“FinCEN”), filed a civil complaint against Larry Dean Harmon (“Harmon”), seeking $60 million in civil penalties for alleged violations of the Bank Secrecy Act (“BSA”) in connection with Harmon’s involvement in now-defunct cryptocurrency services Helix and Coin Ninja LLC.  The complaint seeks to obtain a judgment on FinCEN’s 2020 Assessment of Civil Money Penalty against Harmon (“Assessment”), which is attached to the complaint and includes a detailed statement of facts.

As we have blogged, Harmon previously pled guilty to operating an unlicensed money transmitter business.  Harmon’s sentencing hearing in the criminal case has been continued, and he reportedly has been attempting to cooperate with the government.  It appears that the civil complaint may represent something of a formality:  it seeks to reduce the assessment against Harmon to an actual civil judgment, upon which the government can collect in theory, in anticipation of Harmon’s criminal sentencing and any potential additional matters in which he may attempt to cooperate.

According to the complaint, starting in 2014, Harmon operated Helix, a bitcoin “mixing” service, which Harmon allegedly advertised explicitly as a way for customers to conceal their identities from the government.  The statement of facts attached to the Assessment alleged that Harmon “publicly advertised Helix on Reddit forums dedicated to darknet marketplaces, actively seeking out and facilitating high-risk transactions directly through customer service and feedback.”  Such “mixing” services – designed to maximize anonymity – increasingly have drawn the ire of the government, as reflected by the recent and controversial action by the Office of Foreign Assets Control to sanction virtual currency “mixer” – or passive technology – Tornado Cash.  

Continue Reading  DOJ Files Lawsuit for $60 Million in Civil Penalties for Alleged BSA Violations by Crypto “Mixer”