Securities and Exchange Commission (SEC)

A Huge Monetary Penalty for Sprawling Allegations – But Will Zhao Receive a Prison Sentence?

As the world now knows, Binance Holdings Limited, doing business as Binance.com (“Binance” or the “Company”), has entered into a plea agreement with the U.S. Department of Justice (“DOJ”).  

Binance is registered in the Cayman Islands and regarded as the world’s largest virtual currency exchange. It agreed to plead guilty to conspiring to willfully violating the Bank Secrecy Act (“BSA”) by failing to implement and maintain an effective anti-money laundering (“AML”) program; knowingly failing to register as a money services business (“MSB”); and willfully causing violations of U.S. economic sanctions issued pursuant to the International Emergency Economic Powers Act (“IEEPA”). Despite the plea agreement, Binance will continue to operate.

Changpeng Zhao, also known as “CZ,” also pleaded guilty to violating the BSA by failing to implement and maintain an effective AML program. Zhao is Binance’s primary founder, majority owner, and – until now – CEO. As part of his plea agreement, Zhao has stepped down as the CEO, although he apparently will keep his shares in Binance.

As part of its plea agreement, Binance has agreed to forfeit $2,510,650,588 and to pay a criminal fine of $1,805,475,575 for a total criminal penalty of $4,316,126,163. Binance also entered into related civil consent orders with the Financial Crimes Enforcement Network (“FinCEN”), the Commodity Futures Trading Commission (“CFTC”), and the Office of Foreign Assets Controls (“OFAC”). Zhao also entered into a consent order with the CFTC.

The allegations are vast and detailed, and much digital ink already has been spilled regarding this matter. Our discussion therefore will be relatively high-level. Distilled, the government alleges that Binance – under the direction of Zhao – tried to hide the fact that it operated in the U.S., purposefully avoided any meaningful AML compliance, and consequently laundered many millions of dollars’ worth of cryptocurrency involving extremely serious criminal conduct, including terrorism, child pornography, and U.S. sanctions evasion.

As for Zhao, and as we will discuss, whether he will go to prison – and if so, for how long – is an open and very interesting question. His sentencing currently is scheduled for February 23, 2024.

Continue Reading  Binance Settles Criminal and Civil AML and Sanctions Enforcement Actions for Multiple Billions – While its Founder, Owner and Former CEO Zhao Pleads Guilty to Single AML Crime

Priorities Echo Prior Alerts and Enforcement Actions

The SEC’s Division of Examinations (the “Division”) released on October 16 a report on its “Examination Priorities” (the “Report”) for fiscal year 2024.  This release occurred earlier than in prior years, which the Report’s prefatory message characterizes as an example of the Division’s “intention to provide more transparency” and “to move forward together with investors and industry to promote compliance.”

The Report

The Report highlights four major areas of focus for the Division’s examinations in the coming year, which it terms “risk areas impacting various market participants”:

  1. Anti-money laundering (“AML”);
  2. Information security and “operational resilience”;
  3. Crypto and emerging financial technologies (“fintech”); and
  4. Regulation systems compliance and integrity (“SCI”).

As to AML, the Report first rehearses the requirement of the Bank Secrecy Act (“BSA”) for broker-dealers: namely, that they establish AML programs tailored to their unique risk profile – their location, size, customer base, menu of products and services, and method of delivery of those products and services. The Report further notes that such AML programs must be reasonably designed to achieve compliance with the BSA and related regulations, must undergo independent testing of their viability, and must include customer due diligence procedures and ongoing transaction monitoring – including, where appropriate, filing of Suspicious Activity Reports (“SARs”) with the Financial Crimes Enforcement Network (“FinCEN”).  Although the Report also references “certain registered investment companies,” investment advisers as a group are not (yet) subject to the BSA.

Continue Reading  SEC Exam Priorities Target AML

On July 31, 2023, the United States Securities and Exchange Commission (“SEC”) published an alert outlining deficiencies the Division of Examinations has observed in broker-dealers’ (“BD”) compliance with anti-money laundering (“AML”) and countering terrorism financing (“CTF”) requirements.  While the alert addresses overarching compliance requirements for BDs, it focuses on deficiencies the Division of Examinations has observed with regard to independent testing of BDs’ AML programs, personnel training and identification and verification of customers and their beneficial owners.

The alert makes two over-arching observations.  First, BDs “did not appear to devote sufficient resources, including staffing, to AML compliance given the volume and risks of their business.”  Second, the “effectiveness of policies, procedures, and internal controls was reduced when firms did not implement those measures consistently.”  Emphasizing the key elements of an adequate AML program BDs must implement, the Alert then shifts its focus to independent testing and training and customer identification and customer due diligence.

Continue Reading  SEC Issues Alert Outlining Deficiencies in Broker-Dealers’ AML Compliance

On June 5, 2023, the SEC filed an extensive civil complaint against Binance Holdings Limited, its assorted affiliates and its beneficial owner and CEO, Changpeng Zhao, alleging multiple violations of the Securities Act of 1933 and the Securities Exchange Act of 1934.  The Binance suit, as all of SEC’s enforcement efforts in the crypto space, arises from the hotly contested and frequently litigated predicate categorically asserted by the SEC that at least some cryptocurrencies are “securities” under, and therefore subject to, the federal securities laws.  The Binance case demonstrates how, from that premise, the SEC takes a utilitarian approach to the crypto industry, essentially overlaying the functions and participants in the traditional securities industry against their counterparts in crypto.

Although the Binance enforcement action obviously focuses on securities law, it is relevant to anti-money laundering concepts because the action focuses on Know-Your-Customer (“KYC”) requirements, as a predicate to discussing the securities laws.  The Binance enforcement action is similar to the enforcement action against Bitmex and other entities, which rested on the allegation that the entity attempted to pretend that it did not have U.S. customers — even though it in fact had such customers, as it allegedly well knew and despite efforts to obfuscate such U.S. contacts.  This post therefore will focus on the KYC and customer identification issues presented by the Binance complaint.

Continue Reading  SEC’s Suit Against Binance Demonstrates Scope of Its Crypto Enforcement Efforts

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Finance Monitor podcast series, A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi.” 

In this episode, we follow up and expand upon our blog post regarding the U.S. Department of the Treasury’s April 6, 2023 report examining vulnerabilities

On April 6, 2023, the U.S. Department of the Treasury released a report examining vulnerabilities in decentralized finance (“DeFi”), including potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes for DeFi.  The report concludes by making a series of recommendations, including the closing of “gaps” in the application of the Bank Secrecy Act (“BSA”) to the extent that certain DeFi services currently fall outside the scope of the BSA’s definition of a “financial institution” covered by the BSA.  The report cautions that it does not alter any existing legal obligations, issue any new regulatory interpretations, or establish any new supervisory expectations.

Continue Reading  U.S. Treasury Releases Report and Recommendations Regarding Vulnerabilities in Decentralized Finance

Meaningful Overlap or Superficial Similarities?

On October 3, the release of the Pandora Papers flooded the global media, as millions of documents detailed incidents of wealthy and powerful people allegedly using so-called offshore accounts and other structures to shield wealth from taxation and other asset reporting. Data gathered by the International Consortium of Investigative Journalists, the architect of the Pandora Papers release, suggests that governments collectively lose $427 billion each year to tax evasion and tax avoidance. These figures and the identification of high-profile politicians and oligarchs involved in the scandal (Tony Blair, Vladimir Putin, and King Abdullah II of Jordan, to name a few) have grabbed headlines and spurred conversations about fairness in the international financial system – particularly as COVID-19 has highlighted and exacerbated economic disparities.

Much of the conduct revealed by the Pandora Papers appears to involve entirely legal structures used by the wealthy to – not surprisingly – maintain or enhance wealth.  Thus, the core debate implicated by the Pandora Papers is arguably one of social equity and related reputational risk for financial institutions (“FIs”), rather than “just” crime and anti-money laundering (“AML”). Media treatment of the Pandora Papers often blurs the distinction between AML and social concerns – and traditionally, there has been a distinction.

This focus on social concerns made us consider the current interest by the U.S. government, corporations and investors in ESG, and how ESG might begin to inform – perhaps only implicitly – aspects of AML compliance and examination.  ESG, which stands for Environmental, Social, and Governance, are criteria that set the foundation for socially-conscious investing that attempts to identify related business risks.  At first blush, the two are separate fields.  But as we discuss, there are ESG-related issues that link concretely to discrete AML issues: for example, transaction monitoring by FIs of potential environmental crime by customers for the purposes of filing a Suspicious Activity Report, or SAR, under the Bank Secrecy Act (“BSA”).  Moreover, there is a bigger picture consideration regarding BSA/AML relating to ESG:  will regulators and examiners of FIs covered by the BSA now consider – consciously or unconsciously – whether FIs are providing financial services to customers that are not necessarily breaking the law or engaging in suspicious activity, but whose conduct is inconsistent with ESG principles?

If so, then ESG concerns may fuel the phenomenon of de-risking, which is when FIs limit, restrict or close the accounts of clients perceived as being a high risk for money laundering or terrorist financing.  Arguably, and as we discuss, there also would be a historical and controversial analog – Operation Chokepoint, which involved a push by the government (not investors) for FIs to de-risk certain types of customers.  Regardless, interest in ESG means that FIs have to be even more aware of potential reputational risk with certain clients.  Even if the money in the accounts is perfectly legal, the next data breach can mean unwanted publicity for servicing certain clients.

These concepts are slippery, involve emerging trends that have yet to play out fully, and the similarities between AML and ESG can be overstated.  Nonetheless, it is possible that these two fields, both of which are subject to increasing global interest, may converge in important respects.  A preliminary discussion seems merited, however caveated or subject to debate.
Continue Reading  ESG, AML Compliance and the Convergence of Social Concerns

Amicus Briefs Urge that Only FinCEN, Not the SEC, Should Enforce the BSA in Regards to Broker-Dealers

In the next stage of the Alpine Securities saga (as we blogged about here, here and here), a petition for a writ of certiorari is pending before the Supreme Court, asking the Court to decide whether the Southern District of New York and the Second Circuit correctly decided that the Securities Exchange Commission (“SEC”) may bring suit directly to enforce compliance with the Bank Secrecy Act (“BSA”).  Distilled, the Second Circuit and the District Court ruled that by promulgating Rule 17a-8, which states in part that “[e]very registered broker or dealer who is subject to the requirements of the [BSA] shall comply with the reporting, recordkeeping and record retention requirements of [BSA regulations promulgated by FinCEN],” the SEC is properly exercising its own independent authority under Rule 17a-8 and Section 17(a) of the Exchange Act when it regulates broker-dealers for the record-keeping and reporting requirements of the BSA.

Alpine Securities’ petition (the “Petition”) has received support in the form of amicus briefs from former officials of the Financial Crimes Enforcement Network (“FinCEN”) and the Cato Institute (“CATO”), both of which argue the SEC does not have the power to enforce violations of the BSA.  As we will discuss, the amicus briefs argue that only FinCEN may enforce the BSA, and that a contrary system would undermine FinCEN and create unacceptably conflicting interpretations, standards, and penalties for BSA/anti-money laundering (“AML”) compliance.
Continue Reading  Circular Delegation: Amicus Support By Former FinCEN Officials and the Cato Institute in the Alpine Securities Saga

Action Highlights that Even Sophisticated Companies Serious about Compliance are not Immune from AML Enforcement – and the Importance of Cooperation When Cutting a Deal

On May 12, 2021, the Securities and Exchange Commission (“SEC”) issued an Order instituting a cease-and-desist proceeding under Sections 15(b) and 21C of the Securities and Exchange Act of 1934 (the “Exchange Act”), and imposed a $1.5 million monetary penalty against broker-dealer, GWFS Equities, Inc. (“GWFS”) for its alleged violations of the Bank Secrecy Act (“BSA”) due to its claimed failure to file Suspicious Activity Reports (“SARs”) when it was required to do so, and because certain filed SARs were inadequate.  The suspicious activity at issue involved primarily so-called “account takeovers” by cyber criminals, which is of course a growing and pernicious threat.

What is particularly notable about the case is that the SEC targeted GWFS for enforcement for allegedly filing 297 deficient SARs between September 2015 through October 2018 (the “Relevant Period”), despite GWFS having a seemingly otherwise robust  anti-money laundering (“AML”) program, a designated and capable BSA/AML Officer, a SAR review committee, written supervisory procedures that stressed the importance of providing “clear, complete, and concise descriptions of” suspicious activity, including the five essential elements of the suspicious activity—who, what, when, where and why (the “five essential elements”)—and GWFS providing formal and informal training to combat and report suspicious activity.  Stated otherwise, this AML enforcement action involves an actor clearly serious in general about compliance, rather than a compliance “outlier” representing an easy enforcement target. Crucially, cetain filed SARs allegedly omitted the “five essential elements” required in a SAR, even though GWFS allegedly knew the information and also knew that it was obligated to include the information in its SARs.  Instead, GWFS utilized a generic format for its SARs that did not contain much useful information.

The lesson here is clear: in regards to the allegedly inadequate filed SARs, the SEC is sending a message that a perceived cookie-cutter, cut-and-paste approach to fulfilling one’s obligations under the BSA will not be enough to stave off scrutiny and potential costly liability from government regulators.  With incidences of identity theft and other cybercrimes showing no signs of abating, and the government’s interest in ensuring that financial institutions are playing their role to guard against and to combat cybercrime, additional regulatory actions for deficient compliance are likely to follow.  It is not enough to just have a compliance program in place.  Broker-dealers should ensure that their compliance staff is well-trained and reports suspicious activity through the issuance of SARs that, at a minimum, contain the five essential elements.
Continue Reading  SEC Extracts AML Settlement From Broker-Dealer Based on Alleged Failure to Comply with “Five Essential Elements” of SAR Filings Regarding Cyber Crime

On March 29, 2021, the Securities and Exchange Commission (“SEC”) began to make good on its promise to make AML a key examination priority in 2021 by issuing a risk alert authored by the Division of Examinations (“EXAMS”) detailing the results of a review of broker-dealers’ compliance with anti-money laundering (“AML”) requirements (the “Alert”).

The Alert details the obligations of broker-dealers to comply with AML programs and SAR monitoring and reporting requirements pursuant to the “AML Program Rule,” 31 C.F.R. § 1023.210, and the “SAR Rule,” 31 C.F.R. § 1023.320, as well as similar obligations under Rule 17a-8 of the Securities Exchange Act of 1934 (“Exchange Act”), which incorporates the Bank Secrecy Act (“BSA”) reporting and record-keeping obligations applicable to broker-dealers.  The Alert further issues findings that indicate certain firms are experiencing shortcomings when it comes to establishing and implementing sufficient suspicious activity monitoring and reporting policies and procedures, which is leading to inadequate SAR reporting in several respects.

Perhaps not coincidentally, EXAMS issued the Alert shortly after the U.S. Court of Appeals for the Second Circuit ruled in December 2020 in SEC vs. Alpine Securities Corp. that the SEC has the authority to bring an enforcement action against broker-dealers under Section 17(a) and Rule 17a-8 of the Exchange Act on the basis of alleged BSA failures, including failures to comply with the SAR Rule.  Whether the Alert is a true “heads up” or a forewarning of enforcement actions to come, firms are encouraged not to replicate the specific deficiencies identified in the Alert.
Continue Reading  Broker-Dealers Fail SEC AML Examinations