Disclaimer: The contents of this article are intended to provide a general understanding of the subject matter. However, this article is not intended to provide legal or other professional advice, and should not be relied on as such.
The Financial Crimes Enforcement Network (FinCEN) is a bureau of the U.S. Department of the Treasury and it’s mission is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities. This blog will be updated with the latest advisories and guidance from FinCEN.
FinCEN’s Latest Guidance and Advisories:
June 15, 2022 – Advisory on Elder Financial Exploitation
In a recent advisory, FinCEN stresses the importance for financial institutions to detect, prevent and report any suspicious transactions to combat increases in elder financial exploitation (EFE).
The advisory is intended to draw attention to increases in EFE and to make financial institutions aware of new typologies and red flags since its last EFE advisory in 2011.
The advisory explains that EFE schemes tend to fall into two categories. The first of these, elder theft, a scheme where a trusted person steals an older adult’s assets, funds or income. The second typology, known as elder scams, an older adult transfers money to an imposter or stranger to receive a good, service or benefit, which the scammer does not provide.
For more information on EFE typologies, including case studies and individual elder scam typologies, view the full advisory.
EFE Red Flags
EFE red flags can be behavioral, or financial in nature.
Behavioral red flags may include:
- An older customer’s account showing unusual changes to contact information or new connections to contact information that originates overseas
- Unusual account activity taking place in the account of an older customer who is known to have physical, emotional and/or cognitive impairment
- An older customer appear to be unwilling and/or anxious to listen to advice or take direction from trusted individuals on their financial accounts, and/or unable to give answers to basic questions regarding their financial account activity
- An older customer mentioning that an individual online or romantic partner is requesting that they receive or transfer funds, or open a new bank account on their behalf
- An older customer seems to be taking direction from someone over the phone and appears anxious when completing a transaction
To see an additional 7 behavioral red flags, view the full advisory linked above.
Financial red flags may include:
- An older customer begins to purchase an unusual amount of gift cards or prepaid cards
- Multiple withdrawals from previously dormant accounts with large funds
- An older customer begins sending multiple wire transfers or checks with descriptions relating to “taxes”, “winnings” or “tech support”
- Unusual or frequent non-sufficient fund activity
- The closing of accounts or CDs with no regard for penalties
View the full advisory linked above to see an additional 7 financial red flags.
The advisory continues with a reminder of relevant BSA obligations and tools for financial institutions to combat EFE. This includes SAR filing instructions, along with a reminder to check the box for Elder Financial Exploitation (SAR Field 38(d) when filing a suspicious activity report that may relate to EFE.
View the full advisory on the FinCEN website for more in-depth information regarding EFE for financial institutions.
Apr 14, 2022 – Advisory on Kleptocracy and Foreign Public Corruption
With regulations and sanctions against Russia developing in 2022, FinCEN has released an advisory on kleptocracy and foreign public corruption. The advisory includes definitions of kleptocracies and kleptocrats, typologies of kleptocracy and foreign public corruption, ten financial red flag indicators and filing and reporting instructions. These red flags include:
Financial Red Flag Indicators
- Any transactions that involve long-term government contracts that are consistently awarded to the same legal entity, or entities that share similar beneficial ownership structures, through an unclear selection process.
- Transactions involved in services for state-owned companies or public institutions by companies that are registered in high-risk jurisdictions.
- Transactions that involve official embassies or foreign government business, that are conducted through personal accounts.
- Transactions that involve public officials that concern high-value assets (i.e. real estate, luxury goods) that are inconsistent with the reported source of wealth for said public official, or with the official’s normal activities and lifestyle.
- Transactions that involve public officials and funds to countries they do not normally operate in or do not have ties to.
SAR Filing Instructions
The regulatory body has requested that financial institutions reference alerts regarding kleptocracies and foreign public corruption by adding ‘CORRUPTION FIN-2022-A001” in SAR field 2, as well as in the narrative. It is also advised to indicate a connection between the suspicious activity and kleptocracies and/or foreign public corruption in the narrative.
To view a full list of red flag indicators, along with definitions, typologies and an in depth explanation of SAR filing, BSA reporting, due diligence and information sharing authority, view the full advisory.
Nov 8, 2021 – Update to Ransomware Advisory
A new updated has been released to the “Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments” which now includes new trends and typologies of ransomware and associated payments, including the growing proliferation of anonymity-enhanced cryptocurrencies (AECs) and decentralized mixers.
In addition to detailing recent ransomware examples, the advisory includes a number of red flag indicators to assist FIs in detecting, preventing, and reporting suspicious transactions associated with ransomware attacks. These include:
- When opening a new account or during other interactions with the financial institution, a customer provides information that a payment is in response to a ransomware incident.
- A customer’s CVC address, or an address with which a customer conducts transactions is connected to ransomware variants, payments, or related activity. These connections may appear in open sources or commercial or government analyses.
- An irregular transaction occurs between an organization, especially an organization from a sector at high risk for targeting by ransomware (e.g., government, financial, educational, healthcare) and a DFIR or CIC, especially one known to facilitate ransomware payments.
- A customer uses a foreign-located CVC exchanger in a high-risk jurisdiction lacking, or known to have inadequate, AML/CFT regulations for CVC entities.
- A customer initiates a transfer of funds involving a mixing service.
SAR Filing Instructions
FinCEN requests that FIs reference this advisory by including the key term: “CYBER-FIN-2021-A004” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and ransomware-related activity.
Financial institutions should also select SAR field 42 (Cyber event) as the associated suspicious activity type, as well as select SAR field 42z (Cyber event – Other) while including “ransomware” as keywords in SAR field 42z, to indicate a connection between the suspicious activity being reported and possible ransomware activity.
FIs should include any relevant technical cyber indicators related to the ransomware activity and associated transactions within the available structured cyber event indicator SAR fields 44(a)-(j), (z).
Read the full advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments. To learn more about how Alessa can help detect and monitor virtual currency exchanges and transactions, contact us.
Oct 19, 2021 – Casinos and Customer Identity Verification Requirements
FinCEN has granted limited exceptive relief to casinos from certain customer identity verification requirements for online gaming. Under the terms of the relief, a casino may utilize suitable non-documentary methods to verify the identity of online customers. The suitability or non-suitability of any particular method should be evaluated based on risk.
The casino’s anti-money laundering (AML) program would need to describe when the casino will verify identity through documentary methods, non-documentary methods, or a combination of both.
Non-documentary methods may include contacting the customer; independently verifying the customer’s identity through the comparison of information provided by the customer with information obtained from a consumer reporting agency, public database, or other source; checking references with other financial institutions; and obtaining a financial statement.
Non-documentary procedures must address situations where the customer is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard; the casino is unfamiliar with the documents presented; the account is opened without obtaining documents; the customer opens the account without appearing in person; or there are circumstances that increase the risk that the casino will be unable to verify the true identity of the customer through documents.
To learn more, read the full Exceptive Relief for Casinos from Certain Customer Identity Verification Requirements. To learn more about how Alessa can help casinos screen customers, monitor transactions and file regulatory reports, contact us
Jun 30, 2021 – First AML/CFT Priorities
Pursuant to the Anti-Money Laundering Act of 2020, FinCEN announced the first government-wide list of priorities for anti-money laundering and countering the financing of terrorism (AML/CFT).
While this announcement requires no immediate action to risk-based AML programs, FinCEN suggested financial institutions begin preparing for changes to the Bank Secrecy Act (BSA) that are required to be announced within 180 days of the establishment of the AML/CFT priorities.
The AML/CFT priorities are as follows (in no particular order):
- Cyber-crime, including social engineering, software vulnerability exploits, and network attacks
- Terrorist financing, both international and domestic
- Transnational criminal organization activity
- Drug trafficking organization activity
- Human trafficking and human smuggling
- Proliferation financing and proliferation support networks.
As required by the AML Act, FinCEN will be reviewing and updating these priorities every four years to reflect new or evolving threats.
To learn more about these first national AML/CFT priorities and accompanying statements, visit the FinCEN announcement. To discuss how to enhance your organization’s existing risk-based AML program, contact Alessa or browse through some of our past AML webinars on insightful topics.
April 29, 2021 – Renewal of GTOs
FinCEN has renewed its Geographic Targeting Orders (GTOs) that require U.S. title insurance companies to identify the natural persons behind shell companies used in all-cash purchases of residential real estate.
The renewed GTOs are identical to the previous GTO in that the purchase price of the residential real property is $300,000 or more within counties in the following U.S. metro areas: Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle. The purchase must be made without a bank loan or other similar form of external financing; and at least in part, using currency or a cashier’s check, a certified check, a traveler’s check, a personal check, a business check, a money order, a funds transfer, or virtual currency.
Transactions that meet the requirements set forth by the GTO must be reported by filing a FinCEN Currency Transaction Report (CTR) within 30 days of the closing of the transaction. The terms of this Order are effective beginning May 5, 2021 and ending October 31, 2021. Read full details about the order and a list of counties. FinCEN has also issued a FAQ to answer commonly asked questions.
April 09, 2021 – RFI for Risk Management Guidance
The OCC, the Federal Reserve Board, FDIC, NCUA, and FinCEN have issued an RFI on the extent to which the principles discussed in the “model risk management guidance” (MRMG) support compliance to BSA/AML and Office of Foreign Assets Control requirements.
The agencies seek to better understand bank practices and to determine whether additional explanation or clarification may be helpful in increasing transparency, effectiveness, or efficiency. Comments must be received by June 11, 2021.
Alessa helps financial institutions implement dynamic risk scoring to support customer risk profiling. Risk profiles can be updated with changes in profile, account activity or geographic considerations. Contact us to learn more about the full extent of Alessa’s risk profiling capabilities.
Apr 1, 2021 – Beneficial Ownership Reporting Requirements
FinCEN is soliciting public comment on questions related to the implementation of the Corporate Transparency Act (CTA), which requires the agency to
- Maintain the reported beneficial ownership information in a confidential, secure and non-public database
- Authorizes FinCEN to disclose beneficial ownership information subject to appropriate protocols and for specific purposes to several categories of recipients, such as federal law enforcement
- Requires FinCEN to revise existing financial institution customer due diligence regulations concerning beneficial ownership to take into account the new direct reporting of beneficial ownership information.
Specifically, the agency is seeking public input on procedures and standards for reporting companies to submit information to FinCEN about their owners, as well as, maintenance and disclosure of beneficial ownership information.
FinCEN invites comments on all aspects of the CTA, but specifically seeks comments on any or all of the forty-eight main questions listed in the advance notice of proposed rulemaking (ANPRM).
- The CTA defines the “beneficial owner” of an entity, subject to certain exceptions, as “an individual who, directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise” either “exercises substantial control over the entity” or “owns or controls not less than 25 percent of the ownership of the entity.” Is this definition, including the specified exceptions, sufficiently clear, or are there aspects of this definition and specified exceptions that FinCEN should clarify by regulation?
- If a trust or special purpose vehicle is formed by a filing with a secretary of state or a similar office, should it be included or excluded from the reporting requirements?
- How should a company’s eligibility for any exemption from the reporting requirements, including any exemption from the definition of “reporting company,” be determined?
- What information should FinCEN require a reporting company to provide about the reporting company itself to ensure the beneficial ownership database is highly useful to authorized users?
- What information should FinCEN require a reporting company to provide about the reporting company’s corporate affiliates, parents, and subsidiaries, particularly given that in some cases multiple companies can be layered on top of one another in complex ownership structures?
Written comments on this ANPRM must be received on or before May 5, 2021.
Mar 9, 2021 – Trade in Antiquities and Art
Under the AML Act of 2020, the definition of “financial institution” will include persons “engaged in the trade of antiquities” and will be required to comply with the BSA. The Act also tasks a number of agencies to conduct a study to look at the facilitation of money laundering and the financing of terrorism through the trade of art, which markets should be subject to regulations, the degree to which the regulations should focus on high-value trade in works of art, and on the need to identify those involved in the purchase and trade of art.
FinCEN reminds financial institutions crimes relating to antiquities and art may include looting or theft, the illicit excavation of archaeological items, smuggling, the sale of stolen or counterfeit objects, money laundering and sanctions violations. These crimes have been linked to transnational criminal networks, international terrorism, and the persecution of individuals or groups on cultural grounds.
SAR Filing Instructions
FinCEN requests that FIs reference “FIN-2021-NTC2” in SAR field 2 and the connection between the suspicious activity being reported and the activities highlighted in this notice in the SAR narrative. Reporting entities should also select SAR field 36(z) (Money Laundering – other) as the associated suspicious activity type, and note if the suspicious activity relates to “Antiquities,” “Art,” or both.
The agency also requests that filers explain how the suspicious activity relates to “Antiquities,” “Art,” or both in the SAR narrative and include details like the objects connected to the financial transactions, other transactions or proposed transactions that may involve antiquities or art, and any other relevant information.
Details that would assist in investigations include:
- Names, identifiers, contact information, IP address(es), email addresses and phone number(s) of purchasers and their intermediaries or agents.
- Volume and dollar amount of transactions of a dealer in antiquities or art,
- Any beneficial owner(s) of entities (such as shell companies).
In the case of stolen art or antiquities, filers should provide detailed description of the stolen item(s), whether photographs of the items are available, and information about the place(s) where the reported individuals or entities are operating.
Read the full notice from FinCEN on the Trade in Antiquities and Art.
Feb 24, 2021 – COVID-19 Economic Impact Payments
FinCEN has issued an advisory to alert financial institutions to fraud and other financial crimes related to the Economic Impact Payments (EIPs), authorized by the Coronavirus Aid, Relief, and Economic Security (CARES) Act, and the Coronavirus Response and Relief Supplemental Appropriations Act of 2021.3.
The following examples are a non-exhaustive list of this type of criminal activity.
- Fraudulent checks: Fraudsters send potential victims fraudulent checks, instructing the recipients to call a number or verify information online in order to cash the fraudulent EIP checks. Victims are asked for personal or banking information under the guise that the information is needed to receive or speed up their EIP. Fraudsters then use the information obtained to commit various crimes, such as identity theft and the unauthorized access of bank accounts.
- Altered or counterfeit checks: Fraudsters deposit altered or counterfeit EIP checks, often via an ATM or mobile device.
- Theft of EIP: Such thefts can include individuals stealing an EIP from the U.S. mail; requesting an EIP disbursal for an ineligible person; seeking another person’s EIP without the payee’s knowledge and/or approval, or through coercive means; or using stolen personal information.
- Phishing schemes: Fraudsters perpetrate phishing schemes using emails, letters, phone calls, and text messages with the purpose of obtaining PII and financial account information, such as account numbers and passwords.
- Inappropriate seizure of EIP: A private company that may have control over a person’s finances or serves as his or her representative payee seizes a person’s EIP, for wage garnishments or debt collection, and does not return the inappropriately seized payments.
To read more about the above, relevant red flag indicators and what information to include the SAR, consult the advisory.
Feb 2, 2021 – COVID-19 Fraud Alert
FinCEN issued an advisory to alert financial institutions to health insurance and health care frauds related to the COVID-19 pandemic. These frauds target Medicare, Medicaid/Children’s Health Insurance Program (CHIP), and TRICARE as well as other health care benefit programs and private health insurance companies. In addition, there has been fraud under the Paycheck Protection Program and Health Care Enhancement Act (PPP-HCEA).
This advisory contains descriptions of COVID-19-related fraud involving health care benefit programs and health insurance, associated financial red flag indicators, select case studies, and information on reporting suspicious activity.
The following are representative types of this illicit activity:
- Unnecessary services: Ordering or submitting claims for expensive tests or services that do not test for COVID-19, oftentimes in conjunction with COVID-19 testing, such as medically unnecessary and expensive respiratory testing, allergy testing, genetic testing, narcotics screening, or whole-body health assessments, or providing testing for services not usually rendered by the company.
- Billing schemes: Billing for services not provided, or overbilling (e.g., upcoding or unbundling), when administering or processing COVID-19 testing and treatments.
- Kickbacks: Paying service providers or purported marketing organizations an illegal kickback or bribe in exchange for ordering, or arranging for the ordering of, services and testing.
- Health care technology schemes: False and fraudulent representations about COVID-19 testing, treatments, or cures are used to defraud insurance carriers and to perpetrate fraud on the financial markets by defrauding investors.
- Telefraud and telehealth schemes: Collecting beneficiaries’ personally identifiable information including Medicare information. Solicitations will often link their requests for information to COVID-19 treatment and prevention, such as testing or protective equipment. Fraudsters then submit fraudulent claims for payment from health care benefit programs.
The advisory also includes information on red flag indicators and case studies.
SAR Filing Request
FinCEN requests financial institutions reference this advisory in SAR field 2 (Filing Institution Note to FinCEN) and the narrative by including the following key term: “FIN-2021-A001” and select SAR field 34g (health care – public or private health insurance).
Jan 19, 2021 – FAQs Regarding Suspicious Activity Reporting and AML Requirements
FinCEN and banking agencies have issued responses to Frequently Asked Questions regarding SARs and AML requirements.
The answers pertain to questions arising from FIs, casinos, depository institutions, insurance businesses, Money Services Businesses (MSBs) and other institutions.
The answers clarify regulatory requirements related to SARs. The purpose is to assist financial institutions with their compliance obligations, while enabling FIs to focus on activities that produce the greatest value to law enforcement agencies and other government users of the Bank Secrecy Act (BSA).
Questions answered in the FAQ include:
- Can a financial institution maintain an account or customer relationship for which it has received a written “keep open” request from law enforcement, even though the financial institution has identified suspicious or potentially illicit activity?
- Should a financial institution file a SAR solely on the basis of receiving a grand jury subpoena or other law enforcement inquiries?
- Is a financial institution required to terminate a customer relationship following the filing of a SAR or multiple SARs?
- Is a financial institution required to file a SAR based solely on negative news?
- If there are multiple negative news alerts based on the same event, is a financial institution expected to independently investigate each of those alerts?
- Do financial institutions need to repeat information in the SAR narrative that has already been included in other SAR data fields?
- Should financial institutions file additional SARs on the same suspicious activity to accommodate narratives that are longer than the SAR narrative character limits?
Read the answers to these questions here.
Dec 18, 2020 – Unhosted CVC Wallets
FinCEN has released a proposed rule change for convertible virtual currency (CVC) transactions with unhosted wallets. Under the proposed change, banks and money services businesses (MSBs) would be required to verify the identity of their customer and submit reports for CVC transactions over $10,000; and keep records of CVC transactions greater than $3,000 when a counterparty uses an unhosted or otherwise covered wallet.
Information to be collected includes:
- The name and address of the financial institution’s customer;
- The type of CVC or legal tender digital asset (LTDA) used in the transaction;
- The amount of CVC or LTDA in the transaction;
- The time of the transaction;
- The assessed value of the transaction, in U.S. Dollars, based on the prevailing exchange rate at the time of the transaction;
- Any payment instructions received from the financial institution’s customer;
- The name and physical address of each counterparty to the transaction of the financial institution’s customer;
- Other counterparty information the Secretary may prescribe as mandatory on the reporting form for transactions subject to reporting pursuant to § 1010.316(b);
- Any other information that uniquely identifies the transaction, the accounts, and, to the extent reasonably available, the parties involved; and,
- Any form relating to the transaction that is completed or signed by the financial institution’s customer.
Nov 13, 2020 – Charities and Other Non-Profit Organizations
FinCEN issued a joint fact sheet to provide clarity to banks on how to apply a risk-based approach to charities and other non-profit organizations (NPOs).
The fact sheet reminds banks to apply a risk-based approach to customer due diligence that enables them to (i) understand the nature and purpose of customer relationships for the purpose of developing a customer risk profile, and (ii) conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
When discussing the CDD rule, FinCEN reminds banks that there is no regulatory requirement in the CDD rule, nor is there a supervisory expectation, for banks to have unique, additional due diligence steps for charities or other NPO customers.
Although the CDD rule does not require the collection of this specific information, FinCEN says the following customer information may be useful in determining the ML/TF risk profile of charities and other NPO customers:
- Purpose and nature of the NPO, including mission(s), stated objectives, programs, activities, and services.
- Geographic locations served, including headquarters and operational areas, particularly in higher-risk areas where terrorist groups are most active.
- Organizational structure, including key principals, management, and internal controls of the NPO.
- State incorporation, registration, and tax-exempt status by the IRS and required reports with regulatory authorities.
- Voluntary participation in self-regulatory programs to enhance governance, management, and operational practice.
- Financial statements, audits, and any self-assessment evaluations.
- General information about the donor base, funding sources, and fundraising methods, and for public charities, level of support from the general public.
- General information about beneficiaries and criteria for disbursement of funds, including guidelines/standards for qualifying beneficiaries and any intermediaries that may be involved.
- Affiliation with other NPOs, governments, or groups.
Read the full joint fact sheet.
Nov 6, 2020 – FATF Identified Jurisdictions and SAR Filing Request
FinCEN has issued an advisory to inform financial institutions of updates to the FATF list of jurisdictions with AML deficiencies. Financial institutions should consider these updates when reviewing their obligations and risk-based policies, procedures, and practices.
- Jurisdictions identified by the FATF as high-risk jurisdictions: Iran and Democratic People’s Republic of Korea (DPRK)
- Jurisdictions identified by the FATF for increased monitoring: Albania, The Bahamas, Barbados, Botswana, Cambodia, Ghana, Jamaica, Mauritius, Myanmar, Nicaragua, Pakistan, Panama. Syria, Uganda, Yemen and Zimbabwe
- Jurisdictions no longer subject to monitoring: Iceland and Mongolia.
SAR Filing Request
FinCEN requests that financial institutions reference this advisory by including the key term “October 2020 FATF FIN-2020-A009” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in this advisory.
Read the advisory in full here.
Nov 5, 2020 – GTOs Renewed
FinCEN has renewed its Geographic Targeting Orders (GTOs) that require U.S. title insurance companies to identify the natural persons behind shell companies used in all-cash purchases of residential real estate.
These renewed GTOs are identical to those issue in May 2020. Purchase amount threshold remains at $300,000 and the GTOs affect certain counties within the following major U.S. metropolitan areas: Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle.
Read the announcement here.
Oct 23, 2020 – Proposed Rule to Significantly Lower Threshold for International Funds Transfers
The Federal Reserve Board and FinCEN have issued a proposed modification in the rule requiring financial institutions to collect and retain information on certain funds transfers and transmittals of funds. The applicable threshold would be reduced from $3,000 to $250 for funds transfers and transmittals of funds that begin or end outside the United States.
The proposed amendments would also formally extend these rules to cover domestic and cross-border transactions involving convertible virtual currency (“CVC”) and digital assets used as legal tender.
Written comments on this proposed rule may be submitted on or before November 27, 2020. Read the full proposed rule here.
Oct. 19, 2020 – First Bitcoin “Mixer” Penalized
FinCEN has assessed a $60 million penalty against the founder, administrator, and primary operator of convertible virtual currency “mixers” (also known as “tumblers”), Helix and Coin Ninja.
According to FinCEN, Larry Dean Harmon operated Helix as an unregistered money services business (MSB) which conducted over 1,225,000 transactions for its customers and was associated with virtual currency wallet addresses that sent or received over $311 million dollars. At least 356,000 bitcoin transactions flowed through Helix which advertised its services in the dark web as a way to anonymously pay for things like drugs, guns, and child pornography. Coin Ninja operated in a similar manner.
FinCEN’s investigation revealed that Mr. Harmon willfully violated the BSA’s registration, program, and reporting requirements by failing to register as a MSB, failing to implement and maintain an effective AML program, and failing to report suspicious activities. Mr. Harmon is also said to have failed to collect and verify customer names, addresses, and other identifiers on over 1.2 million transactions and actively deleted the minimal customer information he did collect.
Read the full announcement here.
Oct. 15, 2020 – Identifying Human Trafficking
FinCEN has issued an advisory to help financial institutions identify and report human trafficking. The advisory supplements FinCEN’s 2014 Guidance on Recognizing Activity that May be Associated with Human Smuggling and Human Trafficking — Financial Red Flags.
Since the 2014 Advisory, FinCEN collaborated with law enforcement to identify 20 new financial and behavioral indicators of labor and sex trafficking, and four additional typologies. This advisory provides: (i) new information to assist in identifying and reporting human trafficking, and to aid the global effort to combat this crime; and (ii) two illustrative recent case studies.
The 2014 Advisory remains relevant, and provides information related to human smuggling, in addition to human trafficking. New typologies described in the recent advisory includes:
- Front companies
- Exploitative Employment Practices
- Funnel Accounts
- Alternative Payment Methods
Read the full advisory here.
Oct 13, 2020 – Unemployment Insurance Fraud During Covid-19
FinCEN has released a new advisory that contains descriptions of COVID-19-related unemployment insurance (UI) fraud, associated financial red flag indicators, and information on reporting suspicious activity.
Examples of illicit activities include:
- Fictitious employer-employee fraud: filers falsely claim they work for a legitimate company, or create a fictitious company and supply fictitious employee and wage records to apply for UI payments;
- Employer-employee collusion fraud: the employee receives UI payments while the employer continues to pay the employee reduced, unreported wages;
- Misrepresentation of income fraud: an individual returns to work and fails to report the income in order to continue receiving UI payments, or in an effort to receive higher UI payments, an applicant claims higher wages than he/she previously earned;
- Insider fraud: state employees use credentials to inappropriately access or change UI claims, resulting in the approval of unqualified applications, improper payment amounts, or movement of UI funds to accounts that are not on the application; or
- Identity-related fraud: filers submit applications for UI payments using stolen or fake identification information to perpetrate an account takeover
SAR Filing Request
FinCEN requests financial institutions reference this advisory in SAR field 2 (Filing Institution Note to FinCEN) and the narrative by including the following key term: “COVID19 UNEMPLOYMENT INSURANCE FRAUD FIN-2020-A007” and select SAR field 34(z) (Fraud – other). Additional guidance for filing SARs appears near the end of this advisory.
To read more about this advisory, including red flag indicators, visit here.
Oct. 1, 2020 – Ransomware Advisories
The U.S. Department of the Treasury issued a pair of advisories to assist U.S. individuals and businesses in efforts to combat ransomware scams and attacks, which continue to increase in size and scope.
The FinCEN advisory, entitled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments, provides information on the role of financial intermediaries in payments, ransomware trends and typologies, and related financial red flags.
Meanwhile, the Office of Foreign Assets Control (OFAC) issued a similar advisory, entitled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, to highlight the sanctions risks associated with facilitating ransomware payments on behalf of victims targeted by malicious cyber-enabled activities.
Sept.14, 2020 – FinCEN Issues Final Rule
FinCEN has issued a final rule that requires minimum standards for anti-money laundering programs for banks lacking a federal functional regulator.
The final rule also extends customer identification program and beneficial ownership requirements to those banks.
Banks without a federal functional regulator are currently required to comply with certain BSA obligations, including filing suspicious activity and currency transaction reports. FinCEN anticipates that banks lacking a federal functional regulator will be able to leverage existing policies, procedures, and internal controls required by other statutory and regulatory requirements to fulfill the obligations set out in the final rule.
Banks lacking a federal functional regulator will have 180 days from the day the final rule is published in the federal register to be in compliance.
Aug. 21, 2020 – Politically Exposed Persons (PEPs)
FinCEN and other agencies issued a joint statement clarifying that Bank Secrecy Act (BSA) due diligence requirements for customers who may be considered Politically Exposed Persons (PEPs) should be commensurate with the risks posed by the PEP relationship.
The term PEP is commonly used to refer to foreign individuals who are or have been entrusted with a prominent public function, as well as their immediate family members and close associates. By virtue of this public position or relationship, these individuals may present a higher risk that their funds may be the proceeds of corruption or other illicit activity.
The statement recognizes that PEP relationships present varying levels of money-laundering risk, which depends on facts and circumstances specific to the customer relationship. For example, PEPs with a limited transaction volume, a low dollar deposit account with the bank, known legitimate sources of funds, or access only to products or services that are subject to specific terms and payment schedules could reasonably be characterized as having lower customer risk profiles.
The statement clarifies that, while banks must adopt appropriate risk-based procedures for conducting customer due diligence (CDD), the CDD rule does not create a regulatory requirement, and there is no supervisory expectation for banks to have unique, additional due diligence steps for customers who are considered PEPs. This joint statement does not alter existing BSA and anti-money laundering (AML) legal or regulatory requirements and does not require banks to cease existing risk management practices.
Read the full statement here.
Aug. 18, 2020 – Enforcing Rules and Regulations Within BSA
FinCEN issued a statement Aug. 18, 2020 that sets forth its approach to enforcing the rules and regulations within the Bank Secrecy Act (BSA). The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.
“FinCEN is committed to being transparent about its approach to BSA enforcement. It is not a ‘gotcha’ game,” said FinCEN Director Kenneth A. Blanco. “The information required by the BSA saves lives, and protects our communities and people from harm. It is a national security issue.”
The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.
Read the full statement here.
Aug 3, 2020 – FAQ about CDD Requirements
FinCEN has issued a new Frequently Asked Questions (FAQs) document about customer due diligence (CDD) requirements for financial institutions.
The FAQs are in addition to previous FAQs from July 2016 and April 2018. FinCEN’s latest documents deal with requirements regarding obtaining customer information, establishing a customer risk profile, and performing ongoing monitoring of the customer relationship.
To read the latest FAQs, click here.
July 31, 2020 – Indicators of Cybercrime and Cyber-Enabled Crime
FinCEN issued an advisory July 31 to alert financial institutions to potential indicators of cybercrime and cyber-enabled crime observed during the COVID-19 pandemic. The advisory contains descriptions of COVID-19-related malicious cyber activity and scams, associated financial red flag indicators, and information on reporting suspicious activity.
FinCEN said it issued the advisory based on data collected through the Bank Secrecy Act (BSA) and other intelligence sources. The agency said cybercriminals and malicious actors are increasingly exploiting the COVID-19 pandemic through malware and phishing schemes, extortion, business email compromise (BEC) fraud, and exploitation of remote applications, especially against financial and healthcare systems.
See the advisory for a list of red flags and advice.
July 16, 2020 – Twitter Scams
FinCEN is warning FIs of a high-profile scam that exploits Twitter accounts to solicit fraudulent payments denominated in convertible virtual currency (CVC).
Cyber threat actors have compromised the accounts of public figures, organizations, and financial institutions to solicit payments to CVC accounts, claiming that any CVC sent to a wallet address would be doubled and returned to the sender.
It is critical that CVC exchanges and other financial institutions identify and report suspicious transactions associated with this type of activity as quickly as possible.
Read the July 16 alert here.
July 7, 2020 – Imposter Scams and Money Mule Schemes
FinCEN issued a new advisory July 7 to alert financial institutions to potential indicators of imposter scams and money mule schemes, which are prevalent during the COVID-19 pandemic. It contains descriptions of the schemes, financial red flag indicators for both, and information on reporting suspicious activity.
The full advisory is intended to aid financial institutions in detecting, preventing, and reporting potential COVID19-related criminal activity. This advisory is based on FinCEN’s analysis of COVID-19-related information obtained from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement partners.
May 18, 2020 – COVID-19 Related Medical Scams
FinCEN issued an advisory that contains red flags, descriptions of COVID-19-related medical scams, case studies, and information on reporting suspicious activity.
Bank Secrecy Act (BSA) data, as well as information from other federal agencies, foreign government partners, and public sources indicate possible illicit activities related to the coronavirus pandemic regarding fraudulent cures, tests, vaccines, and services; non-delivery scams; and price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.
Some of these red flags are common indicators of fraudulent merchant activity committed by shell or fraudulent retail or wholesale business operators. Additionally, some of the red flag indicators outlined below may apply to multiple COVID-19-related fraudulent activities.
SAR filing instructions
FinCEN also addressed some changes it has seen in SAR filings in light of the COVID-19 pandemic. “Some financial institutions have added COVID-19 statements to their disclaimers or are using SAR narratives to address COVID-19’s impact on their SAR filing abilities.”
Financial institutions should not include in the SAR narrative their challenges during the pandemic; the SAR narrative should include COVID-19 when it is tied to suspicious activity only. FinCEN goes on to say that filers who have already included references to COVID-19 in matters not related to the pandemic do not need to file corrected reports.
Read full May 18, 2020 advisory here.
May 9, 2020 – Regulatory Framework for Virtual Currencies
FinCEN has issued new guidance regarding the regulatory treatment of multiple variations of businesses dealing in CVCs (convertible virtual currencies). The guidance does not establish any new regulatory expectations or requirements. Instead, it consolidates current FinCEN regulations, and related administrative rulings and guidance issued since 2011, and then applies these rules and interpretations to other common business models involving CVC engaging in the same underlying patterns of activity.
The document is intended to help financial institutions comply with their existing obligations under the BSA by describing FinCEN’s existing regulatory approach to the issues most frequently raised by industry, law enforcement, and other regulatory bodies.
FinCEN also issued an Advisory on Illicit Activity Involving Convertible Virtual Currency to assist FIs in identifying and reporting suspicious activity related to criminal exploitation of CVCs. The advisory highlights prominent typologies, associated “red flags,” and identifies information that would be most valuable to law enforcement if contained in suspicious activity reports.
Tools for FinCEN Compliance
Alessa is an AML compliance solution that offers customer due diligence, sanctions and watchlist screening, real-time transaction monitoring and regulatory reporting. With the ability to integrate with existing AML and banking systems, the solution provides a holistic view of data so organizations can take a risk-based approach to compliance. To learn how Alessa can be used to comply with FinCEN regulations, contact us today.