Securities and Exchange Commission (SEC)

Following up on its Notice of Proposed Rulemaking (“NPR”), which we discussed back in March, the Financial Crimes Enforcement Network (FinCEN) released on August 28th a final rule extending Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) requirements to certain investment advisers (Final Rule).

The Final Rule adds “investment adviser” to the definition of “financial institution” at 31 C.F.R. 1010.100(t).  The Final Rule applies to registered investment advisers (RIAs), and investment advisers (IAs) that report information to the Securities Exchange Commission (SEC) as exempt reporting advisers (ERAs), subject to certain exceptions. IAs generally must register with the SEC if they have over $110 million in assets under management (AUM). ERAs are investment advisers that (1) advise only private funds and have less than $150 million in AUM in the United States or (2) advise only venture capital funds.  

The Final Rule requires certain IAs to: (1) develop and maintain an AML/CFT compliance program; (2) file Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs); (3) comply with the Recordkeeping and Travel Rules; (4) respond to Section 314(a) requests; and (5) implement special due diligence measures for correspondent and private banking accounts.

FinCEN released a Fact Sheet in conjunction with the Final Rule, which becomes effective January 1, 2026.  

Continue Reading  FinCEN Finalizes Rule Subjecting Investment Advisers to AML/CFT Regulations

On May 13th, the Financial Crimes Enforcement Network (FinCEN) and the Securities Exchange Commission (SEC) issued a joint notice of proposed rulemaking (NPRM) that would require SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to establish a customer identification program (CIP). This joint NPRM is the second recent rulemaking effort aimed at investment advisers. In February, FinCEN issued a separate NPRM amending the definition in the Code of Federal Regulations of “financial institution” under the Bank Secrecy Act (BSA) to include investment advisers, which would require implementation of an anti-money laundering/countering terrorist financing (AML/CFT) compliance program. In this earlier NPRM, FinCEN alluded to a future joint rulemaking regarding CIP requirements for investment advisers.

The NPRM highlights that CIPs are long-standing, foundational components of an AML program. The NPRM requires a CIP similar to existing CIP requirements for other financial institutions, as FinCEN and the SEC want to ensure “effectiveness and efficiency” for investment advisers that are affiliated with other financial institutions, including banks, broker-dealers, or open-end investment companies that are already subject to CIP requirements.  

Background

Investment advisers have not been previously subject to CIP requirements, unless they were also a registered broker-dealer, a bank, or an operating subsidiary of a bank, and therefore already covered separately by the BSA. In many cases, investment advisers already voluntarily comply with CIP requirements, or their functional equivalent.

This joint NPRM implements section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “USA PATRIOT Act”). Section 326 requires the Secretary of the Treasury to promulgate regulations setting forth the minimum standards for “financial institutions” regarding the identity of their customers in connection with the opening of an account at a financial institution. More specifically, and as the NPRM notes, the BSA defines “financial institution” to include, in a catch-all provision, “any business or agency which engages in any activity which the Secretary of the Treasury determines, by regulation, to be an activity which is similar to, related to, or a substitute for any activity in which any business described in this paragraph is authorized to engage[.]”  That is the statutory authority upon which this NPRM and the earlier NPRM rest.  If FinCEN’s proposed amendment to the regulatory definition of “financial institution” is finalized and survives any legal challenges, investment advisers will be required to implement and maintain a CIP, as well as AML programs.

Continue Reading  FinCEN and SEC Propose Rulemaking Requiring CIP for Investment Advisers

Years in the making, on February 13, the Financial Crimes Enforcement Network (“FinCEN”) issued a notice of proposed rulemaking (“NPRM”) to include “investment adviser” (“IA”) within the definition of “financial institution” under the Bank Secrecy Act (“BSA”). FinCEN has posted a fact sheet on the NPRM here.

The NPRM subjects broad categories of IAs to statutory and regulatory anti-money laundering/countering terrorist financing (“AML/CTF”) compliance obligations. FinCEN is accepting comments on the NPRM until April 15, 2024.

Continue Reading  FinCEN Seeks to Make Investment Advisers Subject to Bank Secrecy Act

Farewell to 2023, and welcome 2024.  As we do every year, let’s look back.

We highlight 10 of our most-read blog posts from 2023, which address many of the key issues we’ve examined during the past year: criminal money laundering enforcement; compliance risks with third-party fintech relationships; the scope of authority of bank regulators; sanctions

A Huge Monetary Penalty for Sprawling Allegations – But Will Zhao Receive a Prison Sentence?

As the world now knows, Binance Holdings Limited, doing business as Binance.com (“Binance” or the “Company”), has entered into a plea agreement with the U.S. Department of Justice (“DOJ”).  

Binance is registered in the Cayman Islands and regarded as the world’s largest virtual currency exchange. It agreed to plead guilty to conspiring to willfully violating the Bank Secrecy Act (“BSA”) by failing to implement and maintain an effective anti-money laundering (“AML”) program; knowingly failing to register as a money services business (“MSB”); and willfully causing violations of U.S. economic sanctions issued pursuant to the International Emergency Economic Powers Act (“IEEPA”). Despite the plea agreement, Binance will continue to operate.

Changpeng Zhao, also known as “CZ,” also pleaded guilty to violating the BSA by failing to implement and maintain an effective AML program. Zhao is Binance’s primary founder, majority owner, and – until now – CEO. As part of his plea agreement, Zhao has stepped down as the CEO, although he apparently will keep his shares in Binance.

As part of its plea agreement, Binance has agreed to forfeit $2,510,650,588 and to pay a criminal fine of $1,805,475,575 for a total criminal penalty of $4,316,126,163. Binance also entered into related civil consent orders with the Financial Crimes Enforcement Network (“FinCEN”), the Commodity Futures Trading Commission (“CFTC”), and the Office of Foreign Assets Controls (“OFAC”). Zhao also entered into a consent order with the CFTC.

The allegations are vast and detailed, and much digital ink already has been spilled regarding this matter. Our discussion therefore will be relatively high-level. Distilled, the government alleges that Binance – under the direction of Zhao – tried to hide the fact that it operated in the U.S., purposefully avoided any meaningful AML compliance, and consequently laundered many millions of dollars’ worth of cryptocurrency involving extremely serious criminal conduct, including terrorism, child pornography, and U.S. sanctions evasion.

As for Zhao, and as we will discuss, whether he will go to prison – and if so, for how long – is an open and very interesting question. His sentencing currently is scheduled for February 23, 2024.

Continue Reading  Binance Settles Criminal and Civil AML and Sanctions Enforcement Actions for Multiple Billions – While its Founder, Owner and Former CEO Zhao Pleads Guilty to Single AML Crime

Priorities Echo Prior Alerts and Enforcement Actions

The SEC’s Division of Examinations (the “Division”) released on October 16 a report on its “Examination Priorities” (the “Report”) for fiscal year 2024.  This release occurred earlier than in prior years, which the Report’s prefatory message characterizes as an example of the Division’s “intention to provide more transparency” and “to move forward together with investors and industry to promote compliance.”

The Report

The Report highlights four major areas of focus for the Division’s examinations in the coming year, which it terms “risk areas impacting various market participants”:

  1. Anti-money laundering (“AML”);
  2. Information security and “operational resilience”;
  3. Crypto and emerging financial technologies (“fintech”); and
  4. Regulation systems compliance and integrity (“SCI”).

As to AML, the Report first rehearses the requirement of the Bank Secrecy Act (“BSA”) for broker-dealers: namely, that they establish AML programs tailored to their unique risk profile – their location, size, customer base, menu of products and services, and method of delivery of those products and services. The Report further notes that such AML programs must be reasonably designed to achieve compliance with the BSA and related regulations, must undergo independent testing of their viability, and must include customer due diligence procedures and ongoing transaction monitoring – including, where appropriate, filing of Suspicious Activity Reports (“SARs”) with the Financial Crimes Enforcement Network (“FinCEN”).  Although the Report also references “certain registered investment companies,” investment advisers as a group are not (yet) subject to the BSA.

Continue Reading  SEC Exam Priorities Target AML

On July 31, 2023, the United States Securities and Exchange Commission (“SEC”) published an alert outlining deficiencies the Division of Examinations has observed in broker-dealers’ (“BD”) compliance with anti-money laundering (“AML”) and countering terrorism financing (“CTF”) requirements.  While the alert addresses overarching compliance requirements for BDs, it focuses on deficiencies the Division of Examinations has observed with regard to independent testing of BDs’ AML programs, personnel training and identification and verification of customers and their beneficial owners.

The alert makes two over-arching observations.  First, BDs “did not appear to devote sufficient resources, including staffing, to AML compliance given the volume and risks of their business.”  Second, the “effectiveness of policies, procedures, and internal controls was reduced when firms did not implement those measures consistently.”  Emphasizing the key elements of an adequate AML program BDs must implement, the Alert then shifts its focus to independent testing and training and customer identification and customer due diligence.

Continue Reading  SEC Issues Alert Outlining Deficiencies in Broker-Dealers’ AML Compliance

On June 5, 2023, the SEC filed an extensive civil complaint against Binance Holdings Limited, its assorted affiliates and its beneficial owner and CEO, Changpeng Zhao, alleging multiple violations of the Securities Act of 1933 and the Securities Exchange Act of 1934.  The Binance suit, as all of SEC’s enforcement efforts in the crypto space, arises from the hotly contested and frequently litigated predicate categorically asserted by the SEC that at least some cryptocurrencies are “securities” under, and therefore subject to, the federal securities laws.  The Binance case demonstrates how, from that premise, the SEC takes a utilitarian approach to the crypto industry, essentially overlaying the functions and participants in the traditional securities industry against their counterparts in crypto.

Although the Binance enforcement action obviously focuses on securities law, it is relevant to anti-money laundering concepts because the action focuses on Know-Your-Customer (“KYC”) requirements, as a predicate to discussing the securities laws.  The Binance enforcement action is similar to the enforcement action against Bitmex and other entities, which rested on the allegation that the entity attempted to pretend that it did not have U.S. customers — even though it in fact had such customers, as it allegedly well knew and despite efforts to obfuscate such U.S. contacts.  This post therefore will focus on the KYC and customer identification issues presented by the Binance complaint.

Continue Reading  SEC’s Suit Against Binance Demonstrates Scope of Its Crypto Enforcement Efforts

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Finance Monitor podcast series, A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi.” 

In this episode, we follow up and expand upon our blog post regarding the U.S. Department of the Treasury’s April 6, 2023 report examining vulnerabilities

On April 6, 2023, the U.S. Department of the Treasury released a report examining vulnerabilities in decentralized finance (“DeFi”), including potential gaps in the United States’ anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) regulatory, supervisory, and enforcement regimes for DeFi.  The report concludes by making a series of recommendations, including the closing of “gaps” in the application of the Bank Secrecy Act (“BSA”) to the extent that certain DeFi services currently fall outside the scope of the BSA’s definition of a “financial institution” covered by the BSA.  The report cautions that it does not alter any existing legal obligations, issue any new regulatory interpretations, or establish any new supervisory expectations.

Continue Reading  U.S. Treasury Releases Report and Recommendations Regarding Vulnerabilities in Decentralized Finance