Financial Crimes Enforcement Network (FinCEN)

On October 3, 2018, the Financial Crimes Enforcement Network (FinCEN), the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), and the Office of the Comptroller of the Currency (OCC) (collectively, “the Agencies”) issued a statement addressing instances in which banks can collaborate with each other and share resources to manage their Bank Secrecy Act (BSA) and anti-money laundering (AML) obligations more efficiently and effectively. This may involve pooling human, technology, or other resources to reduce costs, increase efficiency, and leverage specialized expertise. The statement indicates that such collaborative arrangements are generally are most suitable for community banks with simple operations and lower risk for money laundering and terrorist financing. The statement does not apply to collaborative arrangements for the purpose of sharing information under Section 314(b) of the USA PATRIOT Act.

The statement provides several non-exhaustive examples of how banks may collaborate:

Internal Controls

Two or more banks may share resources to conduct internal control functions such as: (1) reviewing, updating, and drafting BSA/AML policies and procedures; (2) reviewing and developing risk-based customer identification and account monitoring processes; and (3) tailoring monitoring systems and reports for the risks posed.

Independent Testing

Personnel at one bank may be used to conduct the BSA/AML independent test at another bank within a collaborative arrangement.

BSA/AML Training

A collaborative arrangement may allow for the hiring of a qualified instructor to conduct the BSA/AML training across multiple banks.

In certain instances it may not be appropriate to share resources under a collaborative arrangement. For instance, it may not be appropriate for banks to share a BSA officer due to the confidential nature of SARs filed and the potential impact on the ability of the BSA officer to effectively manage each bank’s daily BSA/AML compliance.  Further, banks should be careful when considering entering into arrangements due to potential privacy concerns, regulatory requirements specific to third parties, oversight issues, and more. Any arrangement should be documented with a contract and evaluated on a periodic basis. It is also important that banks tailor any agreements to meet their specific risk profile for money laundering and terrorist financing. Finally, each bank remains individually responsible for ensuring compliance with BSA requirements.

The statement appears to reflect an acknowledgement by regulators of the increasing amount of financial and human resources that banks are obligated to invest in AML compliance and the growing dichotomy in the ability of large versus smaller banks to maintain complex AML programs.

Practical Considerations

Banks considering such arrangements may wish to consider incorporating into these agreements other types of collaboration allowed by BSA rules. For example, although the statement does not govern sharing under Section 314(b) of the USA PATRIOT Act, such arrangements could be combined with section 314(b) relationships where appropriate to help banks improve the quality of their SAR reporting. Likewise, banks have the option under BSA rules to enter into agreements to rely on other banks to perform customer identification and collect beneficial ownership information on shared customers, which could be combined with the new collaborative arrangements.

Of course, banks should be careful when entering into such arrangements to ensure regulatory and other concerns are met. Any collaborative arrangement should be fully documented, reviewed periodically, and commensurate with the banks’ risk profiles.


Finally, the statement encourages banks to engage with their primary federal regulators when first considering collaborative arrangements to ensure that regulators understand the nature and extent of the proposed collaboration and have an opportunity to provide feedback.

On September 7, 2018, the Financial Crimes Enforcement Network (FinCEN) granted exceptive relief to “covered financial institutions”—banks, broker-dealers, mutual funds, and introducing brokers in commodities—from the requirement to identify and verify the identity of the beneficial owner(s) of their legal entity customers when those customers open a new account as a result of the following:

  • A rollover of a certificate of deposit (CD).
  • A renewal, modification, or extension of a loan (e.g., setting a later payoff date) that does not require underwriting review and approval.
  • A renewal, modification, or extension of a commercial line of credit or credit card account (e.g., a later payoff date is set) that does not require underwriting review and approval.
  • A renewal of a safe deposit box rental.

This exceptive relief applies only to the rollover, renewal, modification, or extension of any of these types of accounts on or after May 11, 2018 (the date on which covered financial institutions became obligated to collect and verify beneficial ownership information), and does not apply to the initial opening of such accounts. The exceptive relief does not affect the other obligations that covered financial institutions have under the Bank Secrecy Act (BSA) and its implementing regulations with respect to such accounts. This includes, in particular, the obligation that covered financial institutions have to understand the “nature and purpose” of customer relationships, and to “conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”

For more information, please see Crowell’s Client Alert.




On April 19, Crowell & Moring’s International Trade Attorneys hosted a webinar on “Trade in 2018 – What’s Ahead?”

Please click here to register and view the webinar on demand.


From the Section 232 national security tariffs on steel and aluminum imports to the ongoing NAFTA re-negotiation, the Trump administration is seeking to implement significant changes in international trade policy and enforcement. Economic sanctions on Russia continue to expand, the future is far from clear regarding Iran, and perhaps North Korea is coming into focus. A new Asia trade agreement without the United States, and a bumpy road ahead for Brexit all make for uncertainty and the need for enhanced trade risk management. Join us as we identify the international trade risks and opportunities likely to continue and grow in 2018.

Our Crowell & Moring team discussed predictions for the remainder of the year, with cross-border insights from our practitioners in the U.S., London, and Brussels. Topics included likely trends and issues in the U.S. and EU including:

  • Trade policy developments: Section 232, NAFTA renegotiation, and trade remedies
  • Sanctions in Year Two of the Trump Administration: Russia, Iran, North Korea, and beyond
  • Anti-money laundering (AML) and beneficial ownership
  • Supply chain risk management: blockchain, forced labor, the U.K. Modern Slavery Act, and GDPR
  • Europe: Brexit, the EU’s 4th AML Directive, and the EU/U.K. AML enforcement
  • CFIUS: how significant is the new legislation?
  • Export controls: Wither reform?
  • Import and customs

Venezuela has frequently been in the news lately, not only because of domestic politics, but also because of sanctions and bribery enforcement actions brought by U.S. authorities. In this podcast, Crowell & Moring’s Cari Stinebower, Dalal Hasan, Eduardo Mathison, and Mariana Pendás provide an overview of recent political and enforcement developments in Venezuela and explain what U.S. companies need to know about how these developments could impact business and trade ties with Venezuela.

Discussed in this 23-minute podcast:

  • An overview of the political situation in Venezuela.
  • Implications of U.S. and EU current sanctions targeting Venezuela and the potential for new sanctions.
  • FinCEN guidance on identifying corruption and money laundering red flags from Venezuela transactions.
  • Legal protections and International Dispute Resolution options for companies provided in Bilateral Investment Treaties (BITs) signed by Venezuela.
  • Takeaways for companies with business ties to Venezuela.

Click below to listen via the embedded player or access from the link:

On February 15, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), in coordination with the Office of the Comptroller of the Currency (OCC), and the U.S. Department of Justice (DOJ), announced the assessment of a $185 million civil money penalty against U.S. Bank for willful violations of several provisions of the Bank Secrecy Act (BSA).

According to FinCEN’s press release, since 2011, U.S. Bank willfully violated the BSA’s program and reporting requirements by failing to establish and implement an adequate anti-money laundering program (AML), failing to report suspicious activity, and failing to adequately report currency transactions.

Banks are required to conduct risk-based monitoring to sift through transactions and to alert staff to potentially suspicious activity. Instead of this, U.S. Bank:

  • Capped the number of alerts its automated transaction monitoring system would generate to identify only a predetermined number of transactions for further investigation, without regard for the legitimate alerts that would be lost due to the cap.
  • Systemically and continually devoted an inadequate amount of resources to its AML program.
    • Internal testing by U.S. Bank showed that alert capping caused it to fail to investigate and report thousands of suspicious transactions.
    • It also allowed, and failed to monitor, non-customers conducting millions of dollars of risky currency transfers at its branches through a large money transmitter.
    • In addition, the bank filed over 5,000 Currency Transaction Reports (CTRs) with incomplete or inaccurate information, impeding law enforcement’s ability to identify and track potentially unlawful behavior.

U.S. Bank also had an inadequate process to handle high-risk customers. As a result:

  • Customers whom the bank identified or should have identified as high-risk were free to conduct transactions through the bank, with little or no bank oversight.
  • By not having an adequate process in place to address high-risk customers, U.S. Bank failed to appropriately analyze or report the illicit financial risks of its customer base.

FinCEN noted these failures precluded the bank from addressing the risks that such customers posed, which included not filing timely suspicious activity reports (SAR) used by law enforcement investigators to recognize and to pursue financial criminals.

On February 13, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a finding pursuant to Section 311 of the USA PATRIOT Act identifying ABLV Bank of Latvia as a “primary money laundering concern.” FinCEN also issued a notice of proposed rulemaking (NPRM) under that section which, if adopted, would prohibit financial institutions from opening or maintaining a correspondent account in the United States for, or on behalf of, ABLV. In practice, financial institutions (both U.S. and non-U.S. headquartered) often do not wait for such a rule to be finalized but instead move immediately to close out banking relationships with the designated foreign financial institution as soon as the finding and NPRM are announced.

Under Section 311, if FinCEN’s Director finds that a foreign financial institution qualifies as a “primary money laundering concern,” they may propose a rule that would impose one or more of five different “special measures” against it. The most serious special measure, and the one typically imposed, is the fifth, which prohibits U.S. banks from maintaining correspondent relationships with the named foreign financial institution. Proposed rules to impose special measures are made available for public comment and become effective once the rule is finalized.

FinCEN is proposing this action based on its finding set out in the NPRM that ABLV is a foreign bank of primary money laundering concern. In particular, the FinCEN NPRM reports that ABLV has institutionalized money laundering as a business practice and has been involved in the provision of banking services to entities designated by the United Nations – including North Korean entities.  FinCEN also found that ABLV has assisted North Korea in the procurement or export of ballistic missiles.

It should be noted that the last two instances of FinCEN’s use of its Section 311 authority were ultimately resolved in FinCEN’s favor.

  • On May 23, 2017, the United States Court of Appeals for the District of Columbia affirmed the dismissal of a challenge to the U.S. Treasury’s use of Section 311 of the USA PATRIOT Act against Andorran bank Banca Privada d’Andorra (BPA) by the bank’s majority shareholders. Please click here for Crowell’s Client Alert on the BPA case.
  • In April of 2017, the U.S. District Court for the District of Columbia upheld the Treasury Department’s use of Section 311 of the USA PATRIOT Act to impose “special measures” with respect to Tanzanian Bank FBME, Ltd. Please click here for Crowell’s Client Alert on the FBME case.

Written comments on the NPRM may be submitted within 60 days of publication.


Relying on new statutory authority contained in the sanctions legislation recently signed by President Trump, FinCEN announced on August 22 that it would expand the scope of its Geographic Targeting Orders (“GTOs”) on luxury residential real estate purchases to now cover transactions involving wire transfers.  FinCEN also expanded the geographic scope of its GTOs to include a seventh major metropolitan area, Honolulu, Hawaii.  FinCEN also has released new frequently asked questions, and new guidance that increasingly suggests that FinCEN is likely to issue new rules in the future that may impose anti-money laundering requirements on real estate brokers, escrow agents, title insurers, and other real estate professionals.

Earlier GTOs

The new orders represent a significant increase in FinCEN’s efforts in this area.  Starting in January 2016, FinCEN began to issue GTOs to require U.S. title insurance companies to, among other things, identify and report beneficial ownership information on legal entity purchasers making all-cash purchases of luxury residential real estate.  The first GTO covered only two markets—Manhattan and Miami-Dade—and was for only a six-month duration that began in March 2016.  After seeing substantial indicators of money laundering and other criminal activity from that initial trial, FinCEN expanded the order to cover all five boroughs of New York City; Miami-Dade County and two counties immediately north; Los Angeles County; the counties covering the San Francisco area; San Diego County; and the county that includes San Antonio, Texas.  FinCEN has continued to renew the requirement through September 21, 2017.  FinCEN has said that more than 30% of the transactions reported in response to the orders are the subject of independent suspicious activity reports (“SARs”) filed by financial institutions on potential criminal activity.

The New GTOs, as Expanded by CAATSA

The newly announced GTOs require title insurance companies involved in “Covered Transactions” to collect and report to FinCEN information on the identities of the purchaser, the individual primarily responsible for representing the purchaser, and the beneficial owners of the purchaser (defined as each natural person who, directly or indirectly, owns 25% or more of that legal entity).  “Covered Transactions” are defined as those in which a legal entity purchases residential real property at a price that meets or exceeds the threshold set for each of the geographic areas covered by the order (e.g., $3 million for the borough of Manhattan, $1 million for Miami-Dade and surrounding counties), provided that the purchase is made without a bank loan or similar form of external financing and that it is made, at least in part, using currency or a cashier’s check, a certified check, a traveler’s check, a money order in any form, or a funds transfer (i.e.,a wire transfer).  The new GTOs will run from September 22, 2017 to March 20, 2018.

The expansion of reporting requirements to include transactions involving wire transfers was made possible by new language in Section 275 of the “Countering America’s Adversaries Through Sanctions Act” (“CAATSA”), the sanctions legislation concerning Russia, Iran, and North Korea signed into law on August 2, 2017.  Section 275 of CAATSA amended the GTO provisions of the Bank Secrecy Act (“BSA”), which previously allowed FinCEN to impose temporary recordkeeping and reporting requirements with respect to transactions in “United States coins or currency” or “monetary instruments,” to encompass transactions in “funds,” thereby allowing FinCEN to demand information on wire transfers and addressing what some had viewed as a loophole in earlier real estate GTOs.

The Advisory, and the Likelihood of New Rulemaking

In its related advisory, FinCEN notes that it has authority under the BSA to regulate “persons involved in real estate closings and settlements” as “financial institutions,” and suggests that this term “may include real estate brokers, escrow agents, title insurers, and other real estate professionals.”  While FinCEN notes that it “currently has exempted” such persons from the broader AML obligations that apply to regulated financial institutions, including the requirement to report suspicious activity, it has taken the unusual step of encouraging these unregulated parties to file voluntary SARs, and has clarified its view that they are protected by a safe harbor from liability in the BSA for doing so.  FinCEN provides red flags of potentially suspicious activity to aid such persons in doing so, which also may be useful to regulated financial institutions.  FinCEN’s repeated references to “current” conditions, its unusual step of encouraging voluntary SAR reporting by parties not subject to AML program requirements, and its repeated expansions of the real estate GTOs and announcements of strong indications of criminal activity in this area all suggest an increased likelihood that FinCEN is considering a rulemaking in this area.  Its suggested definition of “persons involved in real estate settlements and closings” provides further indication that FinCEN is considering what a rule might look like, and provides a window into who might be covered by one.  This builds on previous statements by the agency that these GTOs are “informing future regulatory approaches” to this issue and will help the agency to “determine [its] future regulatory course.”

Meanwhile, section 243 of CAATSA specifically references FinCEN’s real estate GTOs in the context of Russian money laundering, requiring Treasury to produce an annual report to Congress describing interagency efforts to combat Russian illicit finance, including a summary of efforts by Treasury to “[e]xpand the number of real estate geographic targeting orders or other regulatory actions, as appropriate, to degrade illicit financial activity relating to the Russian Federation” in the United States.  The reporting requirement, as well as the new statutory authority relating to wire transfers, appears to indicate that Congress is actively encouraging FinCEN to continue to explore new ways to use its GTO authority in the future.

FinCEN also notes in the advisory that persons involved in real estate settlements and closings are not entirely unregulated.  Like any trade or business not subject to a separate “currency transaction report” (“CTR”) requirement, persons involved in closings and settlements must report transactions in currency and certain monetary instruments to FinCEN on a Form 8300.

The FAQs

The FAQs clarify that a reporting title insurer “may reasonably rely” on the beneficial ownership information provided to it by the purchaser.  This is a concept taken from BSA requirements on banks and other financial institutions to obtain and verify beneficial ownership information.  It means that, although title insurers normally may rely on a purchaser’s representation of who its beneficial owners are, in cases where the title insurer has information indicating that the beneficial ownership information provided by a purchaser may not be correct, it has an obligation to investigate further to determine whether the information is correct.

Separately, the FAQs confirm that a transaction must be reported under the GTOs where any part of the purchase price is paid using currency, a funds transfer, or the various types of monetary instruments described in the orders.

Practical Considerations

FinCEN notes in its FAQs that it “expects a Covered Business to implement procedures reasonably designed to ensure compliance with the terms of the GTOs, including reasonable due diligence to determine whether it (or its subsidiaries or agents) is involved in a Covered Transaction and to collect and report the required information.”  It also provides that covered businesses must keep all records relating to compliance with the GTOs for a period of five years.  Title insurers that receive the order should take these obligations seriously.  FinCEN previously has expressed its disapproval over reports of parties trying to evade reporting under previous real estate GTOs, and CAATSA also elevates the importance of the orders.  Both make enforcement of any violations of the GTOs more likely.

Separately, banks need to prepare for the fact that real estate professionals involved in closings and settlements may begin filing voluntary SARs on real estate transactions, some part of which may flow through the bank.  This is especially likely for real estate transactions that involve wire transfers.  Banks will want to avoid situations where real estate professionals are reporting suspicious activity that the banks are not, and may wish to step up their scrutiny of transactions potentially subject to the new orders.

On July 26, 2017, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) assessed a civil money penalty of more than $110 million against BTC-e, a Russian-headquarted, internet-based virtual currency exchanger, and a $12 million penalty against its Russian owner, Alexander Vinnik. On that same day, the Department of Justice announced a 21-count indictment against Vinnik for money laundering and the operation of an unlicensed money services business (MSB). Vinnik was arrested in Greece the day before. This is the second time FinCEN has pursued enforcement against a virtual currency provider. It also represents the second largest penalty FinCEN ever has levied against an MSB.

Virtual currencies, which entered into mainstream consciousness with the advent of Bitcoin and its progeny, do not have legal tender status in any jurisdictions. However, “convertible” virtual currencies have equivalent value in real currency or act as a substitute for real currency, while often allowing users a greater degree of anonymity than real currency. BTC-e exchanged U.S. dollars, Russian Rubles, and Euros for virtual currencies Bitcoin, Litecoin, Namecoin, Novacoin, Peercoin, Ethereum, and Dash.

FinCEN has authority under the Bank Secrecy Act (BSA) to regulate MSBs, including money transmitters. In March 2013, FinCEN issued interpretative guidance identifying “exchangers” of virtual currency – defined as persons engaged as a business in the exchange of virtual currency for real currency, funds or other virtual currency – as money transmitters subject to regulation as MSBs under the BSA. The assessment against BTC-e alleges failure to register with FinCEN as an MSB as well as gross failures to maintain appropriate anti-money laundering (AML) controls and to report suspicious transactions as required by the BSA.

FinCEN’s previous enforcement action was for $700,000 for similar violations against popular virtual currency provider Ripple Labs, in 2015. The substantial difference in penalties between the two may be attributable in part to the facts that: (1) Ripple’s penalty was a negotiated settlement, as part of broader non-prosecution agreement with DOJ, whereas the assessment against BTC-e is nonconsensual; (2) BTC-e customers allegedly openly discussed their use of the exchanger to facilitate the sale of drugs and other unlawful activity without objection or further diligence from BTC-e; (3) BTC-e’s customer base allegedly consisted largely of “criminals who desired to conceal proceeds from crimes such as ransomware, fraud, identity theft, tax refund fraud schemes, public corruption, and drug trafficking”; and (4) BTC-e allegedly failed to demand or verify even basic identifying information for its customers and allowed the use of tools, such as bitcoin “mixers,” that obscured the identity of transacting parties.

Although not technically a penalty action, in June 2013 FinCEN also used Section 311 of the USA PATRIOT Act to identify another foreign virtual currency provider closely linked to criminal activity, Liberty Reserve S.A., as a ‘primary money laundering concern’ under Section 311 of the USA PATRIOT Act, and to propose special measures that would have cut off the company’s access to U.S. correspondent banking, once again in coordination with arrests and prosecution by DOJ.

FinCEN clarified by rule in 2011 that MSBs conducting business wholly or in substantial part in the United States are subject to regulation under the BSA for such activities, even if the MSBs have no physical presence there. FinCEN’s assessment against BTC-e appears to represent the first time FinCEN has taken action under this guidance against a foreign MSB with no physical presence in the U.S.

Practical Considerations

These actions, along with FinCEN’s 2013 guidance, and numerous administrative rulings since then about whether various virtual currency models qualify as MSB activity, offer several lessons. First, FinCEN appears determined to bring “legitimate” virtual currency providers under its regulation while taking strong steps to punish providers that wilfully allow the use of their systems to facilitate illegal activity, including through measures that preserve the anonymity of transacting parties. Second, FinCEN is willing to target foreign virtual currency businesses that lack any physical presence in the U.S., so long as they do substantial business there. This may occur either through civil enforcement actions or through the use of other tools such as Section 311. Third, FinCEN’s enforcement actions and various administrative rulings since its 2013 guidance suggest that determining whether a virtual currency activity is subject to regulation by FinCEN can be difficult. For example, FinCEN has issued rulings clarifying that a party renting computer systems to mine virtual currency would not be a money transmitter, but that a party that proposed to accept credit card payments on behalf of merchants and then to pay the merchants in virtual currency would be. For all of these reasons, U.S. and foreign entities considering providing virtual currency-related services should consult available FinCEN guidance and consider carefully whether their business models may qualify as MSB activity. They should use counsel as appropriate to assist them in navigating this emerging area of the law, and should consider seeking an administrative ruling from FinCEN in close cases.

Bureau of Industry and Security (BIS)

  • On July 25, BIS entered into a Settlement Agreement with Harold Rinko, doing business as Global Parts Supply of Hallstead, Pennsylvania (also known as Rinko/Global Parts Supply) to settle a charge of one alleged violation of the Export Administration Regulations (EAR). The company was assessed a $100,000 civil penalty and a denial of export privileges for ten years. Both are suspended so long as the company makes quarterly reports to BIS.
    • Between 2007 and 2011, Rinko/Global Parts conspired and/or acted in concert with others to procure U.S.-origin goods, subject to the EAR, from suppliers in the U.S. to Syria without a license. These included items specifically identified on the Commerce Control List (CCL) or designated as EAR99. For example, in 2008, the company prepared false sales invoices for a multi-gas scanner, used in the detection of chemical warfare agents, and accessories, knowing the items would be transshipped to Syria.

Financial Crimes Enforcement Network (FinCEN)

  • On July 26, Treasury took its first action against a foreign-located money service business, assessing a $110 million civil monetary penalty against BTC-e, a/k/a Canton Business Corporation for willfully violating U.S. anti-money laundering (AML) laws. One of BTC-e’s operators, Russian national Alexander Vinnik, was arrested in Greece, as well. FinCEN assessed a $12 million penalty against him for his role in the violations.
    • BTC-e exchanges fiat currency as well as different convertible virtual currencies, such as Bitcoin. It is one of the largest virtual currency exchanges by volume in the world. BTC-e facilitated transactions involving ransomware, computer hacking, identity theft, tax refund fraud schemes, public corruption, and drug trafficking.

For more information, contact: Jeff Snyder, Edward Goetz


MoneyGram’s ex-Chief Compliance Officer, Thomas Haider, on May 3 settled alleged anti-money laundering (AML) compliance violations with the U.S. Department of the Treasury’s Financial Crimes Enforcement Network for $250,000, according to announcements by FinCEN and U.S. Attorney’s Office for the Southern District of New York. It appears to be the largest penalty FinCEN ever has imposed on an individual. The settlement resolves an action that FinCEN brought in federal district court to enforce its penalty against Haider, and also Haider’s counter-claim that the Government violated the Privacy Act by leaking details of its investigation to the media. This appears to be the first time that FinCEN has sought penalties against an individual for mismanagement of an AML compliance program, and only the second time FinCEN has sued to enforce a civil penalty. Haider also agreed to be enjoined from performing compliance functions for a money transmitter for a period of three years.

The settlement comes four months after the United States District Court for the District of Minnesota denied Haider’s motion to dismiss FinCEN’s complaint, rejecting in particular his argument that the Bank Secrecy Act (BSA) did not allow penalties against individual employees of a financial institution for the institution’s willful violations of the BSA’s requirement to implement an effective AML program. FinCEN’s complaint was based on previous allegations that MoneyGram failed to file suspicious activity reports (SARs) or to discipline agents despite repeated evidence of fraud against MoneyGram customers in which those agents appear to have colluded. These allegations included events from 2003 to 2008, and ultimately led to MoneyGram entering into a deferred prosecution agreement (DPA) with the Department of Justice in 2012 and agreeing to forfeit $100 million. FinCEN brought its complaint against Haider two years later, in 2014. The complaint alleged that Haider willfully failed to ensure that MoneyGram implemented an effective AML program, in particular by failing to discipline or terminate MoneyGram agents and outlets that presented a high risk for fraud, and also that he willfully failed to ensure that MoneyGram filed SARs on reports of fraud or money laundering through these agents as required by the BSA. (See our previous alert on the complaint and the district court’s opinion here.)

The settlement amount of $250,000 is less than the $1 million FinCEN sought in its Complaint. The agreed injunction also is narrower than the government’s request in the complaint that Haider be barred from “participating, directly or indirectly, in the conduct of the affairs of any financial institution” for a period of years to be determined at trial. And FinCEN did not obtain an admission from Haider that he willfully violated the BSA, something that FinCEN has sought and obtained in recent settlements against both individuals and institutions. However, the amount is far more than reported AML settlements for individuals with other financial regulators, and appears to be the largest paid by an individual to date.

FINRA historically has been the most active regulator in assessing penalties against individual AML compliance personnel. A former global AML chief compliance officer of Brown Brothers Harriman (BBH) and a former AML compliance officer at Raymond James & Associates (RJ) each settled for $25,000 with FINRA in 2014 and 2016, respectively. For purposes of comparison, BBH paid $8 million and RJ paid $17 million to settle the related corporate enforcement actions. The SEC also has prioritized individual accountability, highlighted by an October 2016 enforcement action against the CEO of a Miami-based brokerage firm which resulted in a $50,000 individual settlement. The decision to pursue the CEO was driven by the SEC’s finding that he was ultimately responsible for its AML program and supervision of the firm’s AML officer. Haider’s $250,000 settlement with FinCEN is enough to strike fear into the hearts of AML compliance officers at all financial institutions.

That is particularly true for compliance officers at financial institutions also regulated by New York’s Department of Financial Services, which in June of 2016 adopted new AML rules requiring one or more “senior officers” (which is likely for many institutions to include their chief AML officers) to certify annually that the institution’s AML programs have various mandatory elements similar to those required under federal law, with potential penalties for “false” certifications. In cases where AML officers are deemed to have “willfully” violated BSA rules by failing to properly maintain aspects of their institution’s AML programs, they may risk accusations from the NYDFS that their certifications about the adequacy of these programs were false. (See our alert on the NYDFS rule here.)

Practical Considerations

Two aspects of the Haider settlement provide special guidance to AML compliance officers. First, the settlement notes that Haider chose not to implement a draft policy to discipline or terminate agents with high reported incidents of fraud in part because of opposition from the company’s Sales Department. Second, the fraud and money laundering activity occurring through specific MoneyGram agents was not reported to FinCEN in SARs in part because MoneyGram’s Fraud Department, also under Haider’s management, did not share information on agents that had been the subject of disproportionate reports of fraud with its AML Compliance Department. This also prevented AML Compliance Department staff from targeting audits to address such activity, a further basis for the AML program failures attributed to Haider.

The first lesson that comes from this resolution is that financial institutions need to empower their AML compliance officers to ensure that the goals of sales and other company departments do not prevent the company from making sound compliance decisions and avoiding costly fines. This is consistent with FinCEN’s 2014 guidance recommending a “culture of compliance,” which calls for such empowerment of AML compliance officers. Second, this case makes it clear that FinCEN expects AML compliance officers to stand firm in demanding compliance-related changes to address situations that put the company at risk. In cases where a decision may be overruled by concerns other than compliance, AML compliance officers should document their requests that particular actions be taken to ensure compliance, as well as the rationales for those requests. Third, financial institutions should avoid silos in the sharing and processing of internal alerts, in particular the alerts of internal fraud departments, to ensure that circumstances that merit a SAR are seen by the right people and are reported. Finally, the successful collaboration between FinCEN and the U.S. Attorney’s Office in this case is likely to embolden FinCEN to continue pursuing penalties against individuals for AML program and other violations in egregious cases. This is especially relevant following DOJ’s 2015 “Yates Memo,” which provides an incentive for financial institutions to identify individuals responsible for alleged misconduct in order to receive cooperation credit in criminal cases. In future criminal prosecutions by DOJ of financial institutions for AML program and SAR violations, it is possible to imagine more circumstances where FinCEN will collaborate with DOJ to impose civil penalties on culpable individuals (who also potentially may face prosecution by DOJ).