We are really pleased to be moderating the Practising Law Institute’s 2020 Anti-Money Laundering Conference on May 12, 2020, starting at 9 a.m. Perhaps needless to say, this year’s conference will be entirely virtual. But the conference still should be as informative, interesting and timely as always. Our conference co-chair, Nicole S. Healy of Ropers
Second Post in a Two-Post Series
On March 19, 2020, Swedbank received its first sanction at the conclusion of parallel investigations by Swedish and Estonian authorities for its role in the seemingly non-stop Anti-Money Laundering (“AML”) debacle centered around Danske Bank and its now-notorious Estonian Branch. In the first of what will likely be multiple sanctions, Swedbank AB was ordered to pay a record 4 billion Swedish Krona ($38 million) and its subsidiary, Swedbank AS, has been ordered to improve its AML risk control systems to comply with applicable requirements.
In our first post, we discussed the various public AML-related investigations and enforcement actions plaguing Swedbank. In this post, we discuss the details and implication of the report of internal investigation regarding Swedbank’s alleged deficiencies in its AML processes performed by an outside law firm at the request of Swedbank, which has made the report publically available.
The Report is lengthy and detailed. As we discuss, however, the Report highlights some basic, evergreen issues in AML compliance and enforcement: the need to implement adequate systems to manage high-risk customers; the need to identify beneficial ownership; the need for top management to understand and truly respect AML compliance; the need for transparency with regulators; and the need for transparency by financial institutions with investors and the public.
AMA Details Components of a Strong AML/BSA Program for the Gaming Industry
Earlier this month, the American Gaming Association (“AGA”) released an updated Best Practices for Anti-Money Laundering (“AML”) Compliance (“Best Practices Guidance”) reflecting a heightened focus on risk assessment as well as Know Your Customer/Customer Due Diligence measures for the gaming industry. This update amends the industry’s first set of comprehensive best practices for AML compliance, issued in 2014. At the time, the best practices were well-received by the U.S. Department of Treasury’s Financial Crimes Enforcement Network (“FinCEN”). These updated Best Practices have drawn from recent FinCEN guidance and enforcement actions, the Treasury Department’s National Money Laundering Risk Assessment, and the Office of Foreign Assets Control’s (“OFAC”) updated compliance guidelines and provide detailed guidance regarding how the industry can continue to be “a leader in compliance.”
Organization Excels at Niche Branding but Stumbles in Avoiding Enforcement
The first paragraph of the press release sums it up:
Today the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware. Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft. This malicious software has caused millions of dollars of damage to U.S. and international financial institutions and their customers. Concurrent with OFAC’s action, the Department of Justice charged two of Evil Corp’s members with criminal violations, and the Department of State announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader. These U.S. actions were carried out in close coordination with the United Kingdom’s National Crime Agency (NCA). Additionally, based on information obtained by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) released previously unreported indicators of compromise associated with the Dridex malware and its use against the financial services sector.
The Department of Treasury press release is extremely detailed. Summarized very broadly, it observes that OFAC’s designation targets 17 individuals and seven entities, including Evil Corp, its “core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group.” The designation means that all property and interests in property of these persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited in engaging in transactions with them.
As noted below, the U.S. government is alleging that these cyber criminals are working with the Russian government. FinCEN and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security also have issued an Alert to financial institutions regarding how to try to detect, mitigate and report the presence of the pernicious Dridex malware.…
On October 25, 2019, FinCEN issued a final rule imposing the Fifth Special Measure against the Islamic Republic of Iran as a “jurisdiction of primary money laundering concern” (“Final Rule”) under Section 311 of the USA PATRIOT ACT. The Final Rule will prohibit the opening or maintaining of a correspondent bank account in the U.S. for, or on behalf of, an Iranian financial institution. It also will prohibit the correspondent accounts of foreign financial institutions at covered U.S. financial institutions from processing transactions involving Iranian financial institutions.…
Indictment Alleges that Bank and its Officers Used Front Companies to Evade Prohibitions on Iran’s Access to the U.S. Financial System
The U.S. Attorney for the Southern District of New York has charged Turkish state-owned bank Halkbank (formally known as Türkiye Halk Bankasi A.S.) with money laundering, bank fraud and sanctions offenses under the International Emergency Economic Powers Act, or IEEPA, arising from the Bank’s alleged involvement in a multibillion-dollar scheme to evade U.S. sanctions on Iran. As alleged in the six-count indictment, senior officials at Halkbank designed and executed the Bank’s systemic and illicit movement of Iranian oil revenue moving through the Bank to give Iran access to the funds. This case is an extension of prosecutions initiated in late 2017 against nine individual defendants in the scheme, including bank employees and the former Turkish Minister of the Economy.…
Foreign Banks Reliant on U.S. Correspondent Services Should Take Note of New Rules
We are pleased to present this guest blog by Hdeel Abdelhady, who is a Washington, D.C.-based attorney and Principal at MassPoint Legal and Strategy Advisory PLLC, her boutique law and strategy firm. Ms. Abdelhady focuses on regulatory compliance and transactional matters, including cross-border trade and finance transactions and regulation.
As Ms. Abdelhady discusses, the Office of Foreign Assets Control (OFAC) issued on June 21, 2019 an interim final rule (the “IFR”) amending provisions of the Reporting, Procedures, and Penalties Regulations applicable to OFAC-administered sanctions programs at 31 C.F.R. Part 501. The IFR became effective upon publication in the Federal Register on June 21. OFAC has requested public comments, which are due by July 22, 2019. The IFR has many important potential consequences, including for foreign banks that rely on U.S. correspondent banking services, as well as U.S. financial institutions facing additional compliance burdens.
As legal counsel to U.S. and foreign banks, other financial services providers, and businesses, Ms. Abdelhady has advised on sanctions, anti-money laundering, anti-corruption, and counter-terrorism finance regulation and compliance under U.S. law and international standards, including the FATF Recommendations and Wolfsberg Standards. She has served as in-house counsel on secondment to banks in the United States and abroad, including in connection with the first major USA Patriot Act enforcement by the Comptroller of the Currency and Financial Crimes Enforcement Network (FinCEN). In addition, Ms. Abdelhady has advised on the establishment of money services businesses and Foreign Banking Organizations in the United States.
Ms. Abdelhady serves on the board of the Washington, D.C. Chapter of the Association of Certified Financial Crime Specialists (ACFCS), is a Fellow of the American Bar Foundation, and is an Adjunct Professor at The George Washington University Law School. Ms. Abdelhady writes frequently on banking, finance, and regulatory compliance matters. Among other publications, Reuters, the World Bank Legal Review, and Law360 has published her work. We hope that you enjoy this discussion by Ms. Abdelhady of this important development. –Peter Hardy
In addition to effectuating technical and conforming amendments, the IFR revises Trading With the Enemy Act (TWEA) penalties and amends reporting requirements and procedures applicable to initial and annual blocked property reports, unblocked property reports, and the unblocking of funds due to mistaken identity. Additionally, the IFR revises reporting requirements applicable to “rejected transactions.” The rejected transactions amendment is the most substantial of the revisions, and is the focus of this update.…
Testimony Supports Bill Requiring States to Collect Beneficial Ownership Information at Entity Formation
As we have blogged, the proposed Corporate Transparency Act of 2019 (the “Act”) seeks to ensure that persons who form legal entities in the U.S. disclose the beneficial owners of those entities. Specifically, the Act would amend the Bank Secrecy Act (“BSA”) to compel the Secretary of Treasury to set minimum standards for state incorporation practices. Thus, applicants forming a corporation or LLC would be required to report beneficial ownership information directly to FinCEN, and to continuously update such information.
If passed, the Act would build significantly upon FinCEN’s May 11, 2018 regulation regarding beneficial ownership (“the BO Rule,” about which we blog frequently and have provided practical tips for compliance here and here). Very generally, the BO Rule requires covered financial institutions to identify and verify the identities of the beneficial owners of legal entity customers at account opening. The issue of beneficial ownership is at the heart of current global anti-money laundering efforts to enhance the transparency of financial transactions.
On May 21, the U.S. Senate Committee on Banking, Housing and Urban Affairs, held a hearing entitled: “Combating Illicit Financing by Anonymous Shell Companies Through the Collection of Beneficial Ownership Information.” This hearing, which provided fuel for passage of the Act, featured the exact same trio of speakers who had appeared before the Committee during a November 2018 hearing on “Combating Money Laundering and Other Forms of Illicit Finance: Regulator and Law Enforcement Perspectives on Reform,” which pertained to a broader set of potential changes to the BSA. The speakers were:
- Grovetta Gardineer, Senior Deputy Comptroller for Bank Supervision Policy and Community Affairs at the Office of the Comptroller of the Currency (“OCC”) (written remarks here)
- Kenneth A. Blanco, Director of FinCEN (written remarks here); and
- Steven D’Antuono, Acting Deputy Assistant Director of the FBI (written remarks here).
Unlike the broader November 2018 hearing, which featured some distinct tensions between certain positions of the OCC and those of FinCEN and the FBI, this hearing reflected close alignment amongst the speakers. Every speaker stressed the advantages to be reaped by law enforcement, regulators and the public if a national database of beneficial owners was required and created. Only the OCC acknowledged the need to consider the issue and sometimes competing concern of the regulatory burden imposed on financial institutions by the current BSA/AML regime, and even the OCC seemed to assume that a national database on beneficial ownership would represent only a boon to financial institutions, as opposed to yet more data – however helpful – to be absorbed and acted upon to the satisfaction of regulators. None of the speakers addressed some of the potential ambiguities and problems inherent in the current language of the Act, such as the fact that the Act lacks precision and fails to define the critical terms “exercises substantial control” or “substantial interest,” both of which drive the determination of who represents a beneficial owner.…
UK-based Standard Chartered Bank (“SCB”) announced the terms of significant settlements last week with various U.S. and U.K. governmental agencies, resolving a series of related investigations into the bank’s alleged violations of international sanctions and concomitant failures of anti-money laundering (“AML”) controls over a period stretching from 2007 to 2014. The bank will pay a total of $1.1 billion in combined forfeitures and fines to various national and state agencies in the two countries — and extend, once again, its deferred prosecution agreements (“DPAs”) with the U.S. Department of Justice (“DOJ”) and the New York County District Attorney’s Office (“NYDA”).
Specifically, the bank will pay: a $480 million fine and a $240 million forfeiture to the DOJ; approximately $639 million to the U.S. Treasury Department Office of Foreign Assets Control (“OFAC”); over $292 million to the NYDA; almost $164 million to the Board of Governors of the Federal Reserve System; and $180 million to the New York Department of Financial Services. The bank also will pay over £102 million (an amount approximately equal to over $133 million) to the U.K.’s Financial Conduct Authority (“FCA”). After certain payments are credited against some of these penalties, the total will exceed $1 billion.
As reported in Reuters and other media outlets, the partial government shutdown has impaired the ability of the U.S. Treasury to maintain many of its anti-money laundering and counter-terrorist financing (“AML/CTF”) efforts. Specifically, the Financial Crimes Enforcement Network (“FinCEN”), the Office of Foreign Assets Controls (“OFAC”) and the Office of Terrorism and Financial Intelligence (“TFI”) …