Suspicious Activity Report (SAR)

Enforcement Trends, Crypto, the AML Act — and More

We are very pleased to be moderating, once again, the Practising Law Institute’s 2022 Anti-Money Laundering Conference on May 17, 2022, starting at 9 a.m. This year’s conference will be both live and virtual — and it will be as informative, interesting and timely as always. 

On April 28, 2022 the New York Department of Financial Services (“NYDFS”) issued its Guidance on Use of Blockchain Analytics, a document directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law.  The Guidance emphasizes “the importance of blockchain analytics to effective policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.”

The NYDFS is stressing the role of blockchain analytics in anti-money laundering (“AML”) compliance because “virtual currencies such as Bitcoin and Ether can be transferred peer-to-peer directly from one individual or entity to another pseudonymously, absent the use of a regulated third party (e.g., between non-custodial wallets, or self-hosted wallets that allow users to maintain control of their private keys). . . . [T]hese wallet addresses are typically pseudonymous, with nothing on the face of the transfer tying back to the originator, beneficiary, or underlying beneficial owners.”

Given the potential compliance challenges presented by such characteristics, the NYDFS wants virtual currency entities to leverage the fact that virtual currencies also enable provenance tracing because “the blockchain ledger’s immutability typically allows a historical view of a virtual currency transmission between wallet addresses, providing the opportunity for greater visibility into transaction lineage than is typically found with traditional, fiat funds transfers.”

The Guidance provides that, ultimately, all risk mitigation strategies must account for an entity’s business profile to assess risk across types of virtual currencies and effectively address the specific characteristics of any particular virtual currency involved.  If a virtual currency entity chooses to outsource its control functions to third-party service providers rather than use only internally developed blockchain analytics, it must have “clearly documented policies, processes, and procedures with regard to how the [third-party] blockchain analytics activity integrates into the [entity’s] overall control framework consistent with the [entity’s] risk profile.”
Continue Reading  NYDFS Stresses Use of Blockchain Analytics for AML Compliance by Virtual Currency Businesses

The Office of the Comptroller of the Currency (“OCC”) entered into a Consent Order (available here) with Anchorage Digital Bank (“Anchorage”), which requires Anchorage to create a compliance committee and take steps to remediate alleged shortcomings with respect to the implementation and effectiveness of Anchorage’s Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) program.  Notably, Anchorage will pay no civil penalty.

Anchorage is not any regular entity overseen by the OCC:  it is a cryptocurrency custodian.  As we will discuss, the timing of the Consent Order indicates that even when regulators permit crypto activities by financial institutions, they remain cautious, particularly as to BSA/AML compliance.  The OCC’s actions send a clear message that regulated entities offering emerging technology financial services must adhere to the same BSA/AML monitoring and reporting requirements as more traditionally regulated entities.
Continue Reading  OCC Targets BSA/AML Compliance by Anchorage Digital Bank – Only 15 Months After Granting National Trust Bank Charter to the Crypto Custodian

Sanctions involving Russia is a front-burner issue for all businesses, but particularly for financial institutions. As we previously blogged, the Financial Crimes Enforcement Network (“FinCEN”) issued on March 7 an alert calling for increased vigilance in the face of potential evasion of Russian sanctions. On March 16, FinCEN issued its second alert on the topic (the “Alert”), reiterating the need for increased vigilance and assisting financial institutions in detecting suspicious transactions involving high-value assets to evade sanctions.

We discuss here the Alert, which provides guidance to financial institutions on how to identify suspicious transactions relating to the use of certain high-value assets by Russian elites, their family members and their “proxies.” The Alert reminds financial institutions of the importance of quickly identifying suspicious activity related to the disposition of sanctioned Russian assets. The Alert also highlights the international and domestic task forces that were formed to effectuate the sanctions laws we describe below, emphasizing the need for cross-agency collaboration and information sharing to achieve the common goal of sanctioning Russia’s power players.  However, and as we discuss, the Alert unfortunately offers no guidance on how “proxies” should be identified or defined.
Continue Reading  Russian Sanctions Redux: FinCEN Issues Guidance on Suspicious Transactions and Evasion Using High-Value Assets

On March 7, the Financial Crimes Enforcement Network (“FinCEN”) issued an alert “advising all financial institutions to be vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented in connection with the Russian Federation’s further invasion of Ukraine.”  The press release is here.  The alert itself is here.
Continue Reading  Russian Sanctions:  FinCEN Provides Red Flags for Potential Evasion Attempts

On January 24, 2022, the Financial Crimes Enforcement Network (“FinCEN”) published a Notice of Proposed Rulemaking (“NPRM”).  FinCEN is proposing a rule to establish a pilot program that permits certain financial institutions to share Suspicious Activity Reports (“SARs”) in alignment with Section 6212(a) of the Anti-Money Laundering Act of 2020 (“AML Act”).

The Proposed Rule

This proposed rule would add a new section at 31 C.F.R. section 1010.240, which would enact a pilot program permitting financial institutions with SARs reporting obligations to share SARs and SARs information with its foreign branches, subsidiaries, and affiliates for the purpose of combating illicit finance risks.  According to FinCEN, this proposed rule ensures that federal and state law enforcement mechanisms would limit the sharing of SARs and information related to SARs.  Moreover, the proposed role considers the intelligence community’s potential concerns and would be governed by requirements and standards surrounding the confidentiality of personally identifying information and data security.

The pilot program does not apply to all foreign branches of a financial institution.  Rather, the proposed rule would largely exclude the sharing of SARs and SARs information with foreign affiliates in The People’s Republic of China, the Russian Federation, and any jurisdiction that is a state sponsor of terrorism, that is subject to United States sanctions, or that the Secretary of the Treasury (the “Secretary”) has determined cannot reasonably protect the security of SARs and SARs information.  A “state sponsor of terrorism” is a jurisdiction so determined by the United States Department of Justice.  The Secretary may, however, make exceptions to this prohibition on a case-by-case basis by notifying the Senate Committee on Banking, Housing, and Urban Affairs and the House Committee on Financial Services that such an exception is in the United States’ national security interests.
Continue Reading  Sharing is Caring: FinCEN Proposes Extending Sharing Suspicious Activity Reports to Foreign Affiliates

On January 13, 2022, Himamauli “Him” Das, the Acting Director of FinCEN, virtually addressed the Financial Crimes Enforcement Conference hosted by the American Bankers Association and the American Bar Association.  In his speech, Mr. Das highlighted the transformation and modernization of the anti-money laundering/counter-terrorist financing (“AML/CFT”) regulatory framework from a tool updated in the wake of September 11, 2001 to combat money flows to terrorist organizations, to an instrument designed to address the more complex current and future challenges presented by digital assets and strategic corruption.

Acting on the authority accorded FinCEN by the Anti-Money Laundering Act of 2020 (the “AML Act”), FinCEN has been in the process of reorganizing and upscaling several of its divisions in order to meet increased obligations. New divisions include the Global Investigations Division, the Strategic Operations Division and the Enforcement and Compliance Division, which together work to combine resources against bad actors, share information, and act to resolve investigations across the financial sector. Mr. Das focused on three additional areas that FinCEN would concentrate on moving forward: new threats, new innovations and new partnerships.
Continue Reading  Transformation of the AML/CFT Regulatory Regime Requires Innovation and Collaboration, According to FinCEN Acting Director

The U.S. Government Accountability Office (“GAO”) recently issued a public version of a more detailed and confidential report previously sent to Congress summarizing the GAO’s review of the use of virtual currencies to facilitate human and drug trafficking.  The GAO’s report, Additional Information Could Improve Federal Agency Efforts to Counter Human and Drug Trafficking, (“the Report”) is lengthy.  The GAO examined two issues:  (1) U.S. agencies’ collection of data on the use of virtual currencies for human and drug trafficking; and (2) the steps taken and challenges faced by U.S. agencies to counter human and drug trafficking facilitated by virtual currencies.  In this post, we will describe the Report at a high level, but will focus on the emerging trends identified in the Report and the GAO’s recommendations to counter the use of virtual currency in facilitating human and drug trafficking by amending BSA/AML regulation of virtual currency kiosks, otherwise known as virtual currency ATMs, so as to identify specific locations.
Continue Reading  GAO Publishes Report on Nexus Between Virtual Currencies and Human and Drug Trafficking Financing

Consent Order Stresses that Only Three AML Analysts Struggled to Review 100 “Alerts” Per Day, Each – and Notes in Passing that “Outside Examiners” Blessed the Bank’s AML Program for the Same Five Years that the Bank Allegedly Maintained a Willfully Deficient Program

On December 16, 2021, the Financial Crimes Enforcement Network (“FinCEN”) entered into a Consent Order with CommunityBank of Texas, N.A. (“CBOT”), in which CBOT admitted to major shortcomings with respect to the implementation and effectiveness of its anti-money laundering (“AML”) program. The monetary penalties imposed on CBOT are substantial: FinCEN assessed an $8 million penalty, although CBOT will receive credit for a separate $1 million penalty to be paid to the Office of the Comptroller of the Currency (“OCC”).

The Consent Order, available here, offers valuable insight into FinCEN’s reasoning for its enforcement actions.  According to the Consent Order, CBOT has a regional footprint and operates several branches in Texas.  It serves small and medium-sized businesses and professionals.  And, in the “back of the house,” CBOT established a typical AML system designed to detect and escalate alerts for suspicious activity for investigation and potential filing of Suspicious Activity Reports (“SARs”). However, FinCEN alleged that over a period of at least four years, CBOT “willfully” failed to effectively implement its AML, program, leading to a failure to file SARs and otherwise detect specific suspicious activity.  As detailed below, many of the alleged shortcomings of CBOT’s AML program flowed from a lack of compliance resources and personnel between 2015 and 2019: too few analysts were assigned to review and investigate potentially suspicious transactions, and as a result, downstream investigations and due diligence suffered, including an alleged failure to file at least 17 specific SARs.

Because the detailed Consent Order offers a somewhat rare opportunity to glean FinCEN’s reasoning behind its enforcement actions generally, we explore the alleged failures in some detail below.  Then, we summarize key details of the Consent Order, offer key takeaways, and note several questions that the Consent Order still leaves unresolved.
Continue Reading  FinCEN Assesses Civil Penalty Against CommunityBank of Texas for AML Program Weaknesses

On December 14, the Financial Crimes Enforcement Network (“FinCEN”) issued a request for information (“RFI”), seeking comment on ways to “streamline, modernize, and update” the anti-money laundering (“AML”) and counter-terrorism financing (“CTF”) regime of the United States.  As we will discuss, the RFI is the latest development in a protracted inquiry into how to try to leverage technology in order to maximize the usefulness to the government of Bank Secrecy Act (“BSA”) reporting and record-keeping, and minimize the compliance costs imposed on industry.  However, as we also discuss, the RFI may add fuel to ongoing efforts to expand the coverage and reporting requirements of BSA regulations.
Continue Reading  FinCEN Seeks Comments on Modernizing the AML/CFT Regime