The Financial Crimes Enforcement Network (FinCEN), a bureau of the United States Department of the Treasury, requires financial institutions to accurately and promptly report suspicious activities under the Bank Secrecy Act. When institutions fail to meet anti-money laundering (AML) compliance requirements such as maintaining adequate transaction monitoring systems, performing customer due diligence, and properly filing suspicious activity reports (SARs) they can be fined billions of dollars. This is on top of the more than $275 billion the industry already spends on AML compliance.

Lawmakers and policymakers know that AML compliance places significant cost and operational burdens on financial institutions. Through the AML Act of 2020 and Innovation Initiative—and the latest proposed rule—FinCEN is actively advocating for financial institutions to modernize and innovate their AML/CFT programs and combat financial crime, including an increased focus on risk-based processes and technology. This will hopefully reduce some of the compliance costs and improve effectiveness. There is a growing emphasis on integrating technologies to support and enhance human intervention and judgment, ultimately boosting operational efficiencies and reducing errors.

As we move further into 2025, incorporating AI into AML compliance programs will be crucial. Fortunately, many leaders in the financial industry are already turning to AI to keep up with the changing landscape. According to a recent report, 78 percent of financial institutions arelooking to technology to help automate processes and improve efficiency.

Here are four ways AI can help you update your AML program:

1. Transform Transaction Monitoring

Traditional transaction monitoring (TM) systems struggle to keep up with the complexities of modern financial crime. They rely on static rules that can't adapt to new criminal tactics, resulting in a flood of non-suspicious items or false positives that overwhelm compliance teams and obscure the real threats.

While many TM analysts were attracted to their job’s analytical work, many have found their days to be tedious—filled with performing data gathering tasks rather than leveraging their true talent for fighting financial crime, managing risk and mitigating it. In traditional compliance operations, upwards of 80-85 percent of analyst work is spent tracking down information and supporting evidence for case reviews. By automating this tedious, error-prone work and auto-populating the SAR narrative, AI drastically reduces mistakes, ensures complete information, and frees up the analysts to work on higher-value/higher-risk type of work — making them more strategic contributors to the program.

2. Automate Manual Compliance Processes

Many AML programs still rely heavily on manual processes, which are labor-intensive and error-prone, leading to compliance breaches and hefty fines. AI and automation technologies can handle these repetitive and time-consuming tasks, such as customer onboarding, sanctions screening alert review, and the filing of suspicious activity reports, to improve efficiency and accuracy while freeing up human analysts for higher-value work.

For instance, AI can automate the review and disposition of sanctions alerts, of which 99 percent are false positives. Automation can also streamline the SAR filing process by automatically generating SARs based on predefined criteria, reducing the risk of human error and helping banks maintain regulatory compliance.

3. Mitigate Staffing Challenges

The financial industry continues to grapple with a significant talent shortage in AML and sanctions compliance. Many banks have open positions that remain unfilled for months, and even when new analysts are hired, onboarding and training can take considerable time. High attrition rates further exacerbate these challenges, as trained analysts often leave for better-paying opportunities, creating a perpetual cycle of recruitment and training.

Banks can leverage AI to augment their existing teams. AI can handle routine tasks, such as screening alert disposition and data extraction, allowing human analysts to focus on complex investigations that require judgment and expertise.

AI-driven augmentation enhances productivity and helps banks scale their operations without constantly hiring and training new staff, particularly during periods of increased alert volumes. AI can step in to manage the surge, ensuring compliance standards are maintained without overburdening the team.

4. Enhance Regulatory Reporting and Compliance Accuracy

With regulatory scrutiny intensifying, accurate and timely reporting is more critical than ever. AI and ML improve the accuracy and efficiency of regulatory reporting by analyzing large datasets and identifying relevant information to ensure that SARs and other compliance reports are thorough and error-free.

Additionally, AI can provide deeper insights into a bank’s risk exposure by identifying complex networks of transactions that might indicate money laundering, enabling banks to take proactive measures to mitigate risks.

The Future of AML

There’s no doubt that criminals are getting smarter, alerts are multiplying, and regulatory scrutiny penalties are mounting. By incorporating AI into their AML programs, banks can stay resilient and effective in the fight against financial crime.

The future of AML lies in using AI to enhance human capabilities, making compliance programs more adaptable to the ever-changing landscape of financial crime. Embracing AI isn’t just about staying compliant, it’s about staying ahead and protecting our financial system from criminal activities.  

David Caruso is Vice President of Financial Crime Compliance at WorkFusion. With over 25 years in financial crime compliance, David has led major AML and sanctions programs at banks, including JP Morgan, Wachovia, Key Bank, and Riggs Bank.

The post Four Strategic Ways AI Can Strengthen Your AML Program appeared first on Compliance Chief 360.

The OCC initially charged Bank of America based on violations and unsafe practices relating to these programs, including a failure to timely file suspicious activity reports and failure to correct a previously identified deficiency related to its Customer Due Diligence processes. The order also identifies deficiencies in the internal controls, governance, independent testing, and training components of the bank’s BSA compliance program.

The order requires the bank to take corrective actions to enhance its BSA/anti—money laundering (“AML”) and sanctions compliance programs, including the hiring of an independent consultant to assess the bank’s BSA/AML and sanctions compliance programs and conduct reviews to ensure all suspicious activity was appropriately reported.

The OCC found that Bank of America “had a breakdown in its policies, procedures, and processes to identify, evaluate, and report suspicious activity, including the Bank’s systemic failure to ensure that it transaction monitoring system had appropriate thresholds for determining when transaction alerts should trigger a case investigation” and that it “failed to make acceptable substantial progress towards correcting a deficiency related to the Bank’s Customer Due Diligence processes that was previously reported to the Bank by the OCC.”

This settlement should not come as a surprise to investors as Bank of America disclosed in its October filing that it has been in contact with regulators about its compliance programs and could foresee potential enforcement actions charged against the bank.

This settlement represents the OCC’s effort in combatting deficient BSA/AML compliance programs. The OCC recently imposed a $450 million fine against TD Bank for its failure to develop and maintain a BSA/AML program reasonably designed to assure and monitor compliance with the BSA. As a result of the bank’s failure, may criminal groups such as drug cartels used it to launder more than $650 million in drug money.  

The post Bank of America Settles OCC Cease-and-Desist Order Over Compliance Deficiencies appeared first on Compliance Chief 360.

Green Dot violated consumer law in its marketing, selling, and servicing of prepaid debit card products, and its offering of tax return preparation payment services. For example, Green Dot failed to adequately disclose the tax refund processing fee for tax preparation services offered on a third party’s website.

The firm also blocked access to accounts of legitimate customers receiving unemployment benefits and lacked reasonable policies and procedures to help those customers cure those blocks. In addition, Green Dot did not maintain effective consumer compliance risk management and anti-money laundering programs.

In response to the Fed’s announcement, Green Dot CEO George Gresham asserted that the company would strive to correct any and all deficiencies within Green Dot’s compliance program. “We have taken and will continue taking meaningful steps to correct and remediate those issues, including significant updates to our processes, our product packaging and marketing, our management team and our compliance programs,” Gresham said. “We are committed to cooperating and partnering closely with our regulators to ensure all concerns noted in the consent order are addressed and complied with and that our customers are well-served and protected on an ongoing basis.

Fed Orders Green Dot to Improve Compliance and Address Complaints

The Board is requiring the firm to take several steps to improve these programs. Green Dot is now required to hire an independent third-party to strengthen its consumer compliance risk management program and address the root causes of consumer complaints.

The firm also must develop an effective anti-money laundering program and hire an independent third-party to conduct a review of certain transaction activities to determine whether any suspicious activity conducted through the bank was properly identified and reported.

In his response, Gresham concluded by stating that the bank “remains optimistic about our financial and regulatory positions as well as our future growth potential and opportunity as we serve and empower customers directly and through our partners.”  

The post Federal Reserve Fines Green Dot for Consumer Compliance Violations appeared first on Compliance Chief 360.

According to the SEC’s complaint, Silvergate, Lane, and Fraher misled investors in stating that Silvergate had an effective BSA/AML compliance program and conducted ongoing monitoring of its high-risk crypto customers, including FTX, in part to deny public rumors that FTX had used its accounts at Silvergate to enable FTX’s misconduct. In reality, Silvergate’s automated transaction monitoring system failed to monitor more than $1 trillion of transactions by its customers on the bank’s payments platform, the Silvergate Exchange Network.

“At all times, but especially during moments of crises, public companies and their officers must speak truthfully to the investing public. Here, we allege that Silvergate, Lane and Fraher fell not only woefully, but also fraudulently, short in that regard,” said Gurbir Grewal, Director of the SEC’s Division of Enforcement. “Rather than coming clean to investors about serious deficiencies in its compliance programs in the wake of the collapse of FTX, one of Silvergate’s largest banking customers, they doubled down in a way that misled investors about the soundness of the programs. In fact, because of those deficiencies, Silvergate allegedly failed to detect nearly $9 billion in suspicious transfers among FTX and its related entities. Silvergate’s stock eventually cratered, wiping out billions in market value for investors.”

SEC Alleges Silvergate Misrepresented Its Financial Condition

The SEC’s complaint also alleges that Silvergate and Martino misrepresented the company’s bleak financial condition during a liquidity crisis and bank run following FTX’s collapse. The complaint alleges that Silvergate and Martino, in an earnings release and earnings call, understated Silvergate’s losses from expected security sales and misrepresented that it remained well-capitalized as of December 31, 2022. In March 2023, Silvergate announced it would wind down its banking operations, and its stock eventually plummeted to near $0.

The SEC charged Martino with violating certain of the antifraud and books-and-records provisions of the federal securities laws, and with aiding and abetting certain of Silvergate’s violations. The complaint also charges Silvergate, Lane, and Fraher with fraud and charges Silvergate with violating certain reporting, internal accounting controls, and books-and-records provisions.

Without admitting or denying the allegations, Silvergate agreed to a settlement ordering it to pay a $50 million civil penalty and imposing a permanent injunction to settle the charges. Lane and Fraher also settled the charges without admitting or denying the allegations, agreeing to permanent injunctions, five-year officer-and-director bars, and fines of $1 million and $250,000 respectively.

All the settlements require court approval, and Silvergate’s payment may be offset by penalties paid to the Board of Governors of the Federal Reserve System (FRB) and/or the California Department of Financial Protection and Innovation (DFPI). In parallel actions, FRB and DFPI today announced settled charges against Silvergate.  

Jacob Horowitz is a contributing editor at Compliance Chief 360° 

The post Silvergate Settles SEC Charges for Compliance Failures appeared first on Compliance Chief 360.

“Bank Secrecy Act and Anti-Money Laundering laws and regulations are critical national security protections, safeguarding financial markets and consumers from bad actors,” said Superintendent of Financial Services, Adrienne Harris. “Regulated institutions must be held accountable for failing to adhere to New York’s rigorous legal and regulatory standards.”

The Consent Order resolves the Department’s investigation into ICBC’s compliance failures, including multiple deficiencies in the New York branch’s BSA/AML compliance program from 2018 through 2022 including the Bank’s failure to maintain books and records, its failure to submit a report to the Superintendent upon discovering the occurrence of “embezzlement, misapplication, larceny, forgery, fraud, dishonesty, making of false entries and omission of true entries, or other misconduct.”

The investigation also concluded that a former New York branch employee, under the order of a branch employee, backdated several compliance documents and that ICBC failed to report this misconduct to the Department in a timely fashion. Finally, the investigation concluded that ICBC unlawfully disclosed confidential supervisory information to an overseas regulator.

Required ICBC Compliance Improvements

As part of its agreement with the Department, in addition to paying a $30 million penalty to New York State, ICBC will be required to create a written plan, acceptable to the Department, outlining improvements to compliance policies and procedures, corporate governance and management oversight, customer due diligence requirements, and the handling of confidential supervisory information. According to the Consent Order the Bank’s  plan is required to include updates on the following:

• A system of internal controls reasonably designed to ensure compliance with BSA/AML requirements and relevant state laws and regulations;
• Controls reasonably designed to ensure compliance with all requirements relating to correspondent accounts for foreign financial institutions;
• A comprehensive BSA/AML risk assessment that identifies and considers all products and services of the New York Branch, customer types, geographic locations, and transaction volumes, as appropriate, in determining inherent and residual risks;
• Management of the New York Branch’s BSA/AML compliance program by a qualified compliance officer, who is given full autonomy, independence, and responsibility for implementing and maintaining an effective BSA/AML compliance program that is commensurate with the New York Branch’s size and risk profile, and is supported by adequate staffing levels and resources;
• Identification of management information systems used to achieve compliance with BSA/AML requirements and relevant state laws and regulations, and a timeline to review key systems to ensure they are configured to mitigate BSA/AML risks;
• Comprehensive and timely independent testing for the New York Branch’s compliance with applicable BSA/AML requirements and relevant state laws and regulations; and
• Effective training for all appropriate New York Branch personnel and appropriate ICBC personnel that perform BSA/AML compliance-related functions for the New York Branch in all aspects of BSA/AML requirements, relevant state laws and regulations, and relevant internal policies and procedures.  

The post China Bank AML Settlement Comes with Several Compliance Requirements appeared first on Compliance Chief 360.

Rapidly changing elements of digital finance and geopolitical dynamics mean organizations need to continuously adapt and improve sanctions screening programs and AML measures for compliance programs to maintain their effectiveness and integrity. Regulatory enforcement of sanctions violations also appears to be on the rise. Managing sanctions risk has become more complex than ever.

To cope with this pressure and stay compliant, organizations need a strong sanctions screening program—one that achieves a healthy balance between data demands, compliance posture, and operational equilibrium.

Avoiding Data Malnutrition

Access to accurate, high-quality data is essential for a healthy sanctions screening program. Screening effectiveness can be compromised when dealing with incomplete or inaccurate data, resulting in an overwhelming number of alerts and false positives and increasing the risk of overlooking false negatives.

Compliance teams need to screen customers and transactions against a myriad of constantly changing sanctions lists that update often with new sanctions, modified existing ones, and some being removed.

Screening data needs to include both sanctions and customer data, which are the backbone of any healthy screening program. These insightful data sets enable businesses to accurately screen their customers (both existing and new) and transactions against the latest sanctions lists and prevent inadvertent engagement with sanctioned parties.

Additionally, there are a multitude of sanctioning bodies, including sovereign states, regional unions, and international organizations such as the Office of Foreign Assets Control that enforce their own sanctions—and these lists do not always align. Each sanctioning body has its own unique way of organizing and disseminating the data, which can create complexities in integrating and comparing the information.

Navigating through a variety of formats and sizes of sanctions lists, keeping track of frequent updates and ensuring real-time screening requires continuous effort and resources. This means organizations should use extensively researched and up-to-date global risk information that includes the latest Politically Exposed Persons and sanctions lists as well as adverse media and enforcement records from all corners of the world.

Even so, the strength of external data alone is not enough. The quality of customer data is equally important. Streamlining data acquisition processes and enriching customer and third-party data is a must. Organizations should invest time at the very front of their screening processes to cleanse and prepare their data. Conducting an internal data quality assessment will greatly improve process efficiency, saving time in unnecessary remediation.

Today’s high-risk global marketplace also means organizations need to have a clear understanding of their prospective customers and proactively assess the risks they may bring to their business. It’s not only customers, however, who can present sanctions risk. A comprehensive screening program encompasses a list of various entities connected to the organization’s operations including associates, beneficial owners, and the extended supply chain. Regularly reviewing and updating internal and external data is crucial for businesses, as regulatory bodies around the world constantly evolve their rules and restrictions to address geopolitical tensions, financial crimes, and global security concerns.

Strengthening Compliance’s Analytics Capabilities

Access to more accurate, high-quality data is critical for productive screening. While vast amounts of data can deliver deep insights, however, the sheer volume can cause problems for organizations seeking to identify suspicious activity that could constitute compliance risk.

This is where technology automation has a lot to offer. Applying powerful analytics and machine-learning techniques to screening programs helps accurately record, cross-reference, and analyze massive quantities of data and variables. This has distinct benefits when it comes to customer, vendor, and third-party screening as this activity requires the aggregation of disparate data sources including internal systems and external sources.

The world’s rapidly evolving regulatory landscape is increasing demand for organizations to proactively manage risk on a daily and sometimes hourly basis. As challenges continue to grow, it becomes imperative for tools and strategies to evolve accordingly. By harnessing the power of collecting, managing, and analyzing both external and internal data, organizations can gain strategic advantages in risk management. Embracing the latest technologies empowers them to proactively identify, manage, mitigate, and prevent risks effectively.

Organizations can use this increased capability to interrogate their records and identify screening issues earlier so they can move from a reactive to a proactive compliance posture and prevent or neutralize threats before they become a problem. Automating previously manual, time-consuming processes helps to reduce costs, improve compliance efficiency, and free up human resources for tasks that require emotional intelligence.

Boosting Operational Metabolism

One of the greatest challenges organizations face when it comes to sanctions screening is managing frequent alerts and false positives. This is particularly true for legacy systems that rely on fuzzy matching and rules-based screening, as these methods have limitations that make them less effective in handling the complexity of sanctions and countless changes to watchlists.

To address these challenges and reduce the number of false positives, businesses should turn to more advanced technologies such as machine learning and big data analytics. Modernizing legacy technology is a critical first step, ideally followed by a thorough analysis of the quality of the data organizations hold, as data gaps and inaccuracies can compromise screening effectiveness. Finally, organizations should avoid treating all false positives as equal without considering the likelihood of a match and the varying levels of risk. Using entity resolution tools can achieve this.

Deploying entity resolution tools to assess the relevance scores for alerts helps organizations transition from a perspective of quantity to one focused on quality. These tools help consolidate and link records that refer to the same real-world entity, even if the data points have slight variations or discrepancies, enhancing the screening process with improved relevance and matching precision for handling false positives.

Rather than relying on a rules-based method to accept or reject matches, entity resolution employs sophisticated analytics and accurate entity linking to match data points and assess the probability that two database records represent the same real-world individual, company, or entity. This process eliminates irrelevant data, enabling it to effectively identify matches and uncover concealed relationship risks.

This approach provides a quantitative assessment of customer risk, evaluating the strength of the match between a customer account and a watchlist entity. It focuses on identifying matches that merit immediate attention, ensuring a more targeted and efficient risk management process.

As the wellness of sanctions screening and AML programs faces ongoing pressures and emerging threats, innovative, more holistic approaches to screening are necessary. By leveraging the latest technology and engaging a high-quality, dynamic, and global data organization can enhance their match precision and prioritized risk ranking, resulting in a more accurate and effective screening process.

Forward-thinking organizations will gain stronger control over false positives and be able to achieve the much-needed balance between strong compliance posture and operational efficiency.

Grayson Clarke is senior vice president of LexisNexis Risk Solutions.

The post Sanctions Screening and AML Programs: Embracing a More Holistic Approach appeared first on Compliance Chief 360.

How can businesses, including banks and finance companies, balance effective anti-money laundering (AML) efforts, know your customer (KYC) workflows, customer due diligence (CDD), and third-party risk rating workflows with the levels of efficiency that today’s competitive market and contentious geopolitical climate demand?

The answer can be found through automation. Automating critical due diligence activities helps center a financial compliance program at the intersection of efficiency and effectiveness.

Converging Challenges Are Complicating Compliance

Businesses are dealing with a convergence of due diligence challenges stemming from digital acceleration, geopolitical volatility, and renewed regulatory focus. Resource-strained compliance teams also face increased budget scrutiny as the global economic outlook increasingly reflects inflation pressures, supply chain problems, and the impact of Russia’s invasion of Ukraine.

Regulators and enforcement agencies are also increasing activity levels. Enforcement actions from the Financial Crimes Enforcement Network (FinCEN), for example, were edging back up in 2022 and some recent fines are retroactive. FinCEN is showing little tolerance for anti-money laundering programs that do not pair business growth with compliance capabilities.

Zero tolerance equally characterizes today’s digital consumers whose expectations for instant transactions are at an all-time high. Due diligence delays and productivity lags at onboarding can quickly add up to consumer abandonment and lost revenue.

The unprecedented volume, velocity, and scope of sanctions and regulatory actions stemming from Russia’s invasion of Ukraine add another layer of complexity and resource demands to due diligence workflows. It is an understatement to say doing much more with less is turning into a daily compliance struggle for many organizations.

The Marriage of Efficiency and Effectiveness

An efficient due diligence workflow is meaningless if it doesn’t underpin a highly effective, risk-based approach to compliance. However, effective due diligence shouldn’t erode the speed of day-to-day business operations or customer experience. There are many ways automation can help answer the efficient and effective conundrum.

Automation tools and technologies, such as application program interfaces, machine learning, and artificial intelligence, can help accelerate risk assessment and decisions at key points in due diligence workflows. It is important to evaluate the operational advantages a business can achieve with automation within the framework of regulatory requirements and expectations. These include:

• Automating the collection of the documentation needed during onboarding. This reduces workflow delays while also contributing to effectiveness by raising the level of process consistency and providing a way to record and prove the collected documents as needed.
• Automating AML and KYC screening enables a business to prioritize accounts that need further investigation or enhanced due diligence and provides a higher level of traceability to help demonstrate the effectiveness of risk-based policies.

Automation helps businesses segment workflows more effectively. Organizations can redeploy human capital resources to focus on higher value compliance decisions and activities by automating more routine due diligence processes.

Finding Balance on the Risk/Control Continuum

Digital acceleration and today’s rapidly evolving regulatory climate are creating dynamic due diligence risks. Static due diligence approaches, siloed functions, and disparate data limit an organization’s ability to outpace risk. Missed status changes in customer and supplier relationships can be detrimental in today’s real-time economy.

Leveraging automation to support a continuous approach to risk-based due diligence helps better align enterprise resources to support the execution of internal policies around customer risk rating and ongoing monitoring. Automation facilitates the ability to capture a more holistic and end-to-end view of due diligence risk that enables an organization to responsively manage the inherent customer and supplier risks in a controlled framework. The technology fueling automation also underpins improved compliance effectiveness by providing a clear framework to document, demonstrate, and defend compliance policies and risk controls.

Using automation to integrate due diligence intelligence across core enterprise processes delivers time savings and cost efficiencies while contributing to a more responsive compliance program.

Perfecting the efficiency and effectiveness equation can result in a due diligence workflow that respects an organization’s risk appetite and reflects evolving market and regulatory realities. 

Camilla Yellets is director, financial crime compliance, at LexisNexis Risk Solutions.

The post Achieving Compliance Efficiency Through Automation appeared first on Compliance Chief 360.

As CCO, Laura Akahoshi was responsible for overseeing Rabobank’s Bank Secrecy Act and anti-money laundering (BSA/AML) compliance program, supervising the bank’s BSA/AML officer, and advising the board of directors on compliance and regulatory matters, the OCC stated.

Akahoshi also was responsible for “‘ensuring clear communications between the bank and national and international regulatory authorities,’ as well as for ‘providing advice to executive management and the board on matters that could impact how the bank is perceived by its regulator,’” the OCC said.

Withholding Information

In November 2012, the OCC conducted an on-site examination of the bank’s BSA/AML compliance program. According to the OCC’s allegations, Akahoshi “improperly withheld information from OCC examiners” during its on-site examination.

See related article, “Former Chief Compliance Officer Gets Three Years in Prison for Wire Fraud.”

In December 2012, the bank engaged Crowe Horwath to perform a BSA/AML program assessment, in which Crowe uncovered “significant deficiencies in the bank’s BSA/AML compliance program.”

According to the OCC, throughout communications with the OCC, enforcement counsel characterized Akahoshi’s communications as “evasive and misleading,” while Akahoshi characterized her communications as “reflecting an honest effort to summarize information gathered from bank officers—such as CEO Ryan and GC Weiss—who had more direct knowledge of the Crowe engagement.”

Rabobank CCO Case Dismissed

While the events at issue “occurred during a short three-week period in 2013, its considerable and lengthy procedural history… has extended the matter to the present day,” the OCC said. Fast-forward a decade later, in dismissing the $30,000 penalty against Akahoshi, the OCC said, “upon scrutiny,” it became “evident” the administrative law judge in the case did not fully address certain documents and testimony favoring Akahoshi. Thus, she was not fully able to defend herself.

“While the Comptroller does not condone [Akahoshi’s] alleged actions…the delay in this action would likely make it difficult for witnesses to accurately recall the events in question and their attendant states of mind,” the OCC said in its order. “More than 10 years have passed since the events that gave rise to this matter. Accordingly, in an exercise of his plenary discretion over remedies, the Comptroller hereby orders that the action be terminated and the outstanding Notice of Charges and Assessment be dismissed. Because this action is now dismissed, the remaining issues raised in the Parties’ exceptions and any pending motions are moot.”

In February 2018, Rabobank N.A. pleaded guilty and agreed to forfeit $369 million “as a result of allowing illicit funds to be processed through the bank without adequate BSA or AML review.” It was also assessed a $50 million penalty by the OCC for deficiencies in its BSA/AML compliance program. 

Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.

The post Regulator ‘Reluctantly’ Dismisses Action Against Ex-Rabobank CCO appeared first on Compliance Chief 360.

The final rule, which implements the registration and reporting requirements of the Corporate Transparency Act (CTA), will require “tens of millions” of companies doing business in the United States to report information about their beneficial owners to FinCEN.

“Designed to protect U.S. national security and strengthen the integrity and transparency of the U.S. financial system, the rule will help to stop criminal actors, including oligarchs, kleptocrats, drug traffickers, human traffickers, and those who would use anonymous shell companies to hide their illicit proceeds,” FinCEN said.

“For too long, it has been far too easy for criminals, Russian oligarchs, and other bad actors to fund their illicit activity by hiding and moving money through anonymous shell companies and other corporate structures right here in the United States,” said Acting FinCEN Director Himamauli Das. “This final rule is a significant step forward in our efforts to support national security, intelligence, and law enforcement agencies in their work to curb illicit activities.”

Beneficial owner defined
Under the rule, a beneficial owner includes any individual who exercises “substantial control” over the reporting company or owns or controls at least 25 percent of the ownership interests of a reporting company.

An individual exercises “substantial control” if such individual serves as a senior officer (excluding the corporate secretary and treasurer); has authority to appoint or remove any senior officer or a majority of the board; or directs or has substantial influence over “important decisions made by” the reporting company.

Under the rule, five categories of individuals are exempt from the definition of beneficial owner:

• minors;
• nominees, intermediaries, custodians, and agents;
• certain employees who are not senior officers,
• heirs with a future interest in the company; and
• certain creditors.

Reporting companies
The final rule describes two distinct types of reporting companies that must file reports with FinCEN: domestic reporting companies and foreign reporting companies. Domestic reporting companies include any entity that is created by the filing of a document with a secretary of state or similar office in any U.S. state or tribal jurisdiction. A foreign reporting company is any entity created under the law of a foreign jurisdiction that is registered to do business in any U.S. state or tribal jurisdiction.

Exempt companies
The final rule exempts 23 categories of entities from the definition of “reporting companies,” including “money services businesses” and “large operating companies.” The final rule defines “large operating companies” as those that have an operating presence at a physical office within the United States; have more than 20 full-time employees in the United States; and that have more than $5 million in gross receipts or sales from sources inside the United States. Responding to some comments submitted, FinCEN declined to allow companies to consolidate employee headcount across affiliated entities for purposes of meeting the 20 full-time employee threshold.

Additionally, under the final rule, a “subsidiary exemption” exists for entities that are owned entirely by one or more specified exempt entities.

Reports due
Reporting companies created or registered before Jan. 1, 2024, will have until Jan. 1, 2025, to file their initial reports, while reporting companies created or registered after Jan. 1, 2024, will have 30 days after their creation or registration to file their initial reports. “Once the initial report has been filed, both existing and new reporting companies will have to file updates within 30 days of a change in their beneficial ownership information,” FinCEN said.

The final rule clarifies that a person “fails to report” complete or updated beneficial ownership information to FinCEN if the “person either causes the failure or is a senior officer of the entity at the time of the failure.” FinCEN said in the final rule it believes that “the approach of holding individuals in these specific positions of authority responsible for ensuring that the information filed with FinCEN is correct and up-to-date provides additional clarity and certainty and appropriately rests that obligation with those in charge of an entity.” 

Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.

The post FinCEN Issues Final Rule on Beneficial Ownership Reporting Requirement appeared first on Compliance Chief 360.

According to the FCA’s Oct. 12 decision notice, between June 2014 and July 2017, Gatehouse “failed to conduct sufficient checks on its customers in countries with a higher risk of money laundering and terrorist financing” and “failed to undertake the correct checks when some of the customers were classed as Politically Exposed Persons (PEPs).”

The FCA also said in its decision notice that Gatehouse’s compliance function was under-resourced and, “although Gatehouse had adopted a three-lines-of-defense model, this did not operate effectively, meaning that frontline relationship managers did not appropriately screen customers, and an overburdened compliance function was left to remedy deficiencies in the quality of due diligence information collected.”

In one instance, Gatehouse opened an account for a company based in Kuwait to pool the customers of this company’s funds for a prospective real estate investment. However, Gatehouse relied on the Kuwait company to carry out customer due diligence of the investors, “a large number of whom were high risk, high-net worth customers,” according to the FCA notice.

“Gatehouse took inadequate measures to confirm the quality of this company’s AML checks and did not require it to collect information about customers’ source of wealth and source of funds,” the FCA said. Consequently, for two years, Gatehouse accepted $62 million into the account without properly vetting the funds for financial crime risks, according to the FCA notice.

“Gatehouse Bank’s failures exposed itself to the risk that it might be used as part of a laundering process for illegal funds,” said Mark Steward, Executive Director of Enforcement and Market Oversight. “While not deliberate, there can be no excuse for failures as serious as this. The FCA will continue to hold firms to account for poor anti-money laundering systems and controls.”

In deciding the civil penalty, the FCA said it considered Gatehouse’s remedial measures in fixing the deficiencies in its AML controls. “In particular, between June 2014 and August 2016, Gatehouse undertook a compliance review to remediate customer files” and “invested in improving its AML systems and controls, including engaging external consultants to assist it and to advise on the overhaul of its AML systems and controls,” the FCA said in the notice.

Additionally, the FCA noted, “from mid-2016 to mid-2017, Gatehouse established and implemented a new suite of AML and financial crime related policies and procedures which addressed the deficiencies.”

Because Gatehouse cooperated and settled at an early stage of the investigation, it qualified for a 10 percent reduction off the original penalty of £2.26 million ($2.6 million). 

Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.

The post U.K. Financial Conduct Authority Fines Gatehouse $1.8M for AML Lapses appeared first on Compliance Chief 360.