New York Department of Financial Services (NYDFS)

Subscribe to New York Department of Financial Services (NYDFS)

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Financial Monitor Podcast series — a weekly podcast focusing on the consumer finance issues that matter most, from new product development and emerging technologies to regulatory compliance and enforcement and the ramifications of private litigation.  Our podcast discusses the conduct for which financial institutions have been faulted in recent Anti-Money Laundering (“AML”) enforcement actions, flags other AML-related missteps that can trigger regulatory scrutiny, and offers practical tips for avoiding regulatory criticism and reducing enforcement risk. This podcast follows up on two related blog posts, in which we provided some practical tips for financial institutions to increase the chances that their AML programs will withstand regulators’ scrutiny, and then discussed the consequences of potentially failing to heed these practical tips in a specific case: the New York Department of Financial Services’ (DFS) recent enforcement action against Mashreqbank.

We hope that you enjoy the podcast, moderated by our partner Alan Kaplinksy, and find it useful.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch. To learn more about Ballard Spahr’s Anti-Money Laundering Team, please click here.  To visit Ballard Spahr’s award-winning Consumer Financial Monitor blog, please click here.

Second Post in a Two-Part Series

NYDFS Action Highlights the Need for Good Monitoring – and Good Consultants

In part one of this two-part post, we provided some practical tips for financial institutions to increase the chances that their Anti-Money Laundering (“AML”) programs will withstand regulators’ scrutiny, including: (1) promoting a culture of AML/Bank Secrecy Act (“BSA”) compliance; (2) focusing on transaction monitoring; (3) improving information sharing; (4) identifying and handling high-risk accounts appropriately; and (5) knowing your risks and continually improving your AML program to control those risks.

In this post we’ll discuss the consequences of potentially failing to heed these practical tips in a specific case: the New York Department of Financial Services’ (DFS) recent enforcement action against Mashreqbank. Further, we look forward to discussing all of these issues in an upcoming podcast in Ballard Spahr’s Consumer Financial Monitor Podcast series. So please continue to stay tuned.

Mashreqbank is the oldest and largest private bank in the United Arab Emirates. Its New York branch is Mashreqbank’s only location in the United States. It offers correspondent banking and trade finance services and provides U.S. dollar clearing services to clients located in Southeast Asia, the Middle East and Northern Africa. In 2016, the branch cleared more than 1.2 million USD transactions with an aggregate value of over $367 billion. In 2017, the branch cleared more than one million USD transactions with an aggregate value of over $350 billion.

The DFS enforcement action asserted that Mashreqbank’s AML/BSA program was deficient in a number of respects and that the New York branch had failed to remediate identified compliance issues. The enforcement action began with a DFS safety and soundness examine in 2016. In 2017, DFS and the Federal Reserve Bank of New York (FRBNY) conducted a joint safety and soundness examination. DFS provided a report of its findings to which Mashreqbank submitted a response.

In a consent order signed on October 10, 2018, Mashreqbank admitted violations of New York laws and accepted a significant monetary penalty and increased oversight for deficiencies in its AML/BSA and Office of Foreign Assets Control (OFAC) programs. Regulators pursued the enforcement action despite the New York branch’s strong cooperation and demonstrated commitment to building an effective and sustainable compliance program. Among other things, Mashreqbank agreed to pay a $40 million fine; to hire a third-party compliance consultant to oversee and address deficiencies in the branch’s compliance function including compliance with AML/BSA requirements; and to develop written revised AML/BSA and OFAC compliance programs acceptable to DFS.

The DFS and FRBNY examination findings demonstrate Mashreqbank’s failure to follow the practical tips identified in part one of this post. Specifically, the regulators found that Mashreqbank failed to: (1) have appropriate transition monitoring; (2) identify and handle high-risk accounts appropriately; and (3) know its risk and improve its AML program to control those risks.

Further, and as our discussion will reflect, the Mashreqbank enforcement action is also notable in two other respects. First, the alleged AML failures pertain entirely to process and the general adequacy of the bank’s AML program – whereas the vast majority of other AML/BSA enforcement actions likewise discuss system failures, they usually also point to specific substantive violations, such as the failure to file Suspicious Activity Reports (“SARs”) regarding a particular customer or set of transactions. Second, although the use of external consultants usually represents a mitigating factor or even a potential reliance defense to financial institution defendants, the DFS turned what is typically a defense shield into a government sword and instead criticized Mashreqbank for using outside consultants who, according to DFS, were just not very rigorous. This alleged use of consultants performing superficial analysis became part of the allegations of affirmative violations against the bank, thereby underscoring how financial institutions must ensure that their AML/BSA auditors or other consultants are experienced, competent, and performing meaningful testing, particularly when addressing issues previously identified by regulators. Continue Reading Practical Tips in Action: The Mashreqbank AML Enforcement Action

Public Risks Posed by Unbanked and Cash-Heavy Industry Deemed Insufficient to Outweigh Federal Law Concerns

As we just blogged, the New York State Department of Financial Services (“NYDFS”) has published guidance to “clarify the regulatory landscape and encourage” New York, state-chartered banks and credit unions to “offer banking services” to “marijuana related businesses licensed by New York state[,]” thereby identifying New York as a state friendly to financial services for marijuana-related businesses. In stark contrast, Ed Leary, Commissioner of the Utah Department of Financial Institutions (“UDFI”), recently articulated the polar opposite position, thereby exemplifying the increasingly bewildering patchwork quilt of approaches to banking and anti-money laundering (“AML”) policy in regards to state-licensed marijuana businesses.

In a presentation on August 17, 2018 to members of the National Association of Industrial Banks and the Utah Association of Financial Services, Commissioner Leary advised that UDFI will not ask any financial institutions regulated by his department to provide banking or payment processing services to cannabis-related businesses. To the contrary, if any examination conducted by UDFI identifies evidence of cannabis-related banking activities, UDFI will cite the conduct as an apparent violation of federal law. Continue Reading Banking and Marijuana, Redux: Utah Department of Financial Institutions Commissioner Declares Opposite Position to New York’s Encouragement of Banking Services for Marijuana Businesses Licensed Under State Law

New York State Encourages Banking for State-Licensed Medical Marijuana Businesses – Whereas a Maine Company Runs Into Trouble, Despite State Law Legalizing Medical Marijuana

To state the obvious, growing and dispensing marijuana is still illegal under federal law.  As a result, being involved in even a state-licensed marijuana business can be risky. Moreover, obtaining financial services for such a business is sometimes impossible, primarily due to the federal anti-money laundering (“AML”) obligations imposed upon financial institutions by the Bank Secrecy Act (as we have blogged).

This post discusses two recent developments related to state-licensed medical marijuana operations, which serve as contrasting bookends to the spectrum of potential risks and opportunities presented by such businesses.  On the risk-end of the spectrum, we discuss the recent difficulties encountered by a Maine business, and how dubious the seeming safe harbor of state legalization of marijuana can be in some cases. On the opportunity-end of the spectrum, we discuss recent guidance issued by the New York Department of Financial Services, which has declared its support and encouragement of state-chartered banks and credit unions to offer banking services to medical marijuana related businesses licensed by New York State. Continue Reading The Medical Marijuana Industry and AML: Opportunities and Risks

And a Tale of Four Countries: Singapore Fines a U.K. Bank, and the U.S. Imposes a Consent Order on a Chinese Bank

Less than a week apart, two major financial institutions (“FIs”) have been hit with penalties for failing to implement adequate anti-money laundering (“AML”) protections. But the penalties imposed by the involved regulators are different.  In this post, we report on the enforcement actions recently lodged against Standard Chartered PLC and the Industrial & Commercial Bank of China Ltd. by the Monetary Authority of Singapore and the United States Federal Reserve, respectively.  We also consider the approaches of these two regulators to the banks and the differing outcomes of the enforcement actions.

Continue Reading A Tale of Two Enforcement Actions

As the value of bitcoin continues to soar (USD:BTC this past weekend exceeded $19,000.00:1), we thought that now would be a good time to emphasize the need to ensure regulatory compliance with the many federal and state AML rules and regulations, in addition to those segmented across various countries. A caveat: This post is far from exhaustive, and before undertaking any investment in cryptocurrency, it would be wise to consult with an attorney familiar with the rules applicable to the cryptocurrency sector.  Due to the nascency of the sector, the practical application of previously existing laws and regulations is rapidly evolving.

To begin, the notion that bitcoin and other digital tokens represent a currency only for criminals has been dispelled. Indeed, there is no question that investment in cryptocurrencies is inherently lawful and increasingly commonplace.  In 2017 alone, investment in initial coin offerings, or token sales, has exceeded $1.5 billion; in a similar vein, the value of certain cryptocurrencies now exceeds a number of Fortune 50 companies.  Most recently, CBOE and CME, the world’s largest futures exchange, launched bitcoin futures contracts.

With this in mind, and as we have written on this blog before (see herehere, here, here, here, here, here, here, and here), it is clear that regulators are moving aggressively to bring the cryptocurrency sector into the fold of existing rules and regulations. To be sure, applying these rules to the burgeoning sector has been like fitting a square peg in a round hole; a bedrock of the initial cryptocurrency boom was the promise of anonymity for its users. Conversely, identity verification is a bedrock of AML compliance. Continue Reading Beyond Best Practices: Regulatory Compliance Now a Necessity in the Cryptocurrency Sector

As widely reported, the Spanish police raided last year the Madrid offices of the Chinese state-run Industrial and Commercial Bank of China (“ICBC”), the world’s biggest bank by assets. In the nearly 18 months following that raid and the numerous arrests made at that time, very little information about this money laundering investigation became known publically. That is, until Reuters recently published a lengthy article resulting from its review of “thousands of pages of confidential case submissions” and its “interviews with investigators and former ICBC employees.” The article raises numerous questions regarding the enforcement of European money laundering laws against Chinese banks operating abroad, as well as certain unique political and diplomatic considerations that may exist in those enforcement efforts. Below, we will compare these efforts with similar U.S. enforcement efforts, which are potentially gaining steam. Continue Reading High-Profile Spanish Money Laundering Investigation of Chinese Bank Raises Questions About Future of Similar U.S. Enforcement

Settlement of FinCEN Action Against Former AML Chief Compliance Officer Serves as Possible Bellwether of Future Cases

This post discusses individual liability in AML/BSA enforcement, which is an area of increasing attention. Indeed, according to public statements by the government, individual liability is the focus of enhanced scrutiny across the enforcement table.

Man looking over shoulder with suspicionAlthough the raw number of enforcement actions against individuals in the AML/BSA realm (or even in the broader realm of general financial crime) has not climbed dramatically, even a few enforcement actions can have a profound effect on an industry – and that appears to be occurring in the AML realm. We begin our discussion here with a recent settlement of a high-profile enforcement action against a former AML compliance officer, and how it highlights potential individual liability.  Ironically, special scrutiny can apply to the very people specifically tasked with maximizing compliance at a corporation, and such scrutiny can end up pitting them against a company’s management and board. Continue Reading Individual Accountability in AML Cases

We were pleased to contribute an article to the May 2017 issue of Business Crimes Bulletin titled “The Growing Convergence of Cyber-Related Crime and Suspicious Activity Reporting.” Regulators and law enforcement are taking proactive steps to further leverage anti-money laundering monitoring and reporting tools in their battle with cyber attacks and cyber crimes. In-house legal and compliance teams need to be fully versed in the latest Financial Crimes Enforcement Network (FinCEN) and bank regulatory guidance on cyber-related crimes and have the right professionals available to assist them with these matters.

Cyber-related crimes increasingly are making headlines across the globe as cyber attacks and other cyber incidents grow in intensity, volume and sophistication against government, political and business targets. The motives of attackers are as varied as their methods, but there is clearly an increasing number of attacks and other illegal activity motivated by financial gain against businesses, including financial institutions. Recent regulatory developments reveal that that illegal cyber activity has become more relevant to the fight against money laundering and terrorist financing as well.

Click here to read the full article.

If you would like to remain updated on these issues, please click here to subscribe to Money Laundering Watch.

Reprinted with permission from the May 2017 issue of Business Crimes Bulletin.
© 2017 ALM Media Properties, LLC. Further duplication without permission is prohibited. All rights reserved.

 

 

NY DFS Seal CircleThe New York State Department of Financial Services (“DFS”) has issued its fifth BitLicense to date, continuing a marked effort to bring legitimacy and controls to the virtual currency (“VC”) industry, whose advantages in lowering costs and creating efficiencies have been marred with concerns of nefarious use.

Founded in 2012, Coinbase, Inc. operates as a digital currency exchange and is perched at the top of well-funded startups in the VC industry. Its BitLicense signifies an important milestone in the company’s nearly two-year, multi-state licensing strategy. In the same vein, the fact that a VC market-leader has sought after and is now approved to do business in New York is an equally important occasion for the BitLicense program itself. Continue Reading Coinbase the Latest to Obtain New York BitLicense