Latest News from FinCEN
October 16, 2020
Keep on top of the latest advisories and guidances from FinCEN. This blog will be updated with any new information from the regulator as it becomes available.
Oct. 15, 2020 - Human Trafficking
FinCEN has issued an advisory to help financial institutions identify and report human trafficking. The advisory supplements FinCEN's 2014 Guidance on Recognizing Activity that May be Associated with Human Smuggling and Human Trafficking -- Financial Red Flags.
Since the 2014 Advisory, FinCEN collaborated with law enforcement to identify 20 new financial and behavioral indicators of labor and sex trafficking, and four additional typologies. This advisory provides: (i) new information to assist in identifying and reporting human trafficking, and to aid the global effort to combat this crime; and (ii) two illustrative recent case studies.
The 2014 Advisory remains relevant, and provides information related to human smuggling, in addition to human trafficking.
New typologies described in the advisory includes:
- Front companies
- Exploitative Employment Practices
- Funnel Accounts
- Alternative Payment Methods
Read the full advisory here.
Oct. 1, 2020 - Ransomware Advisories
The U.S. Department of the Treasury issued a pair of advisories to assist U.S. individuals and businesses in efforts to combat ransomware scams and attacks, which continue to increase in size and scope.
The FinCEN advisory, entitled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments, provides information on the role of financial intermediaries in payments, ransomware trends and typologies, and related financial red flags.
Meanwhile, the Office of Foreign Assets Control (OFAC) issued a similar advisory, entitled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, to highlight the sanctions risks associated with facilitating ransomware payments on behalf of victims targeted by malicious cyber-enabled activities.
Sept.14, 2020 - FinCEN Issues Final Rule
FinCEN has issued a final rule that requires minimum standards for anti-money laundering programs for banks lacking a federal functional regulator.
The final rule also extends customer identification program and beneficial ownership requirements to those banks.
Banks without a federal functional regulator are currently required to comply with certain BSA obligations, including filing suspicious activity and currency transaction reports. FinCEN anticipates that banks lacking a federal functional regulator will be able to leverage existing policies, procedures, and internal controls required by other statutory and regulatory requirements to fulfill the obligations set out in the final rule.
Banks lacking a federal functional regulator will have 180 days from the day the final rule is published in the federal register to be in compliance.
Aug. 21, 2020 - Politically Exposed Persons (PEPs)
FinCEN and other agencies issued a joint statement clarifying that Bank Secrecy Act (BSA) due diligence requirements for customers who may be considered Politically Exposed Persons (PEPs) should be commensurate with the risks posed by the PEP relationship.
The term PEP is commonly used to refer to foreign individuals who are or have been entrusted with a prominent public function, as well as their immediate family members and close associates. By virtue of this public position or relationship, these individuals may present a higher risk that their funds may be the proceeds of corruption or other illicit activity.
The statement recognizes that PEP relationships present varying levels of money-laundering risk, which depends on facts and circumstances specific to the customer relationship. For example, PEPs with a limited transaction volume, a low dollar deposit account with the bank, known legitimate sources of funds, or access only to products or services that are subject to specific terms and payment schedules could reasonably be characterized as having lower customer risk profiles.
The statement clarifies that, while banks must adopt appropriate risk-based procedures for conducting customer due diligence (CDD), the CDD rule does not create a regulatory requirement, and there is no supervisory expectation for banks to have unique, additional due diligence steps for customers who are considered PEPs. This joint statement does not alter existing BSA and anti-money laundering (AML) legal or regulatory requirements and does not require banks to cease existing risk management practices.
Read the full statement here.
Aug. 18, 2020 - Enforcing Rules and Regulations Within BSA
FinCEN issued a statement Aug. 18, 2020 that sets forth its approach to enforcing the rules and regulations within the Bank Secrecy Act (BSA). The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.
“FinCEN is committed to being transparent about its approach to BSA enforcement. It is not a ‘gotcha’ game,” said FinCEN Director Kenneth A. Blanco. “The information required by the BSA saves lives, and protects our communities and people from harm. It is a national security issue.”
The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.
Read the full statement here.
Aug 3, 2020 - FAQ about CDD Requirements
FinCEN has issued a new Frequently Asked Questions (FAQs) document about customer due diligence (CDD) requirements for financial institutions.
The FAQs are in addition to previous FAQs from July 2016 and April 2018. FinCEN’s latest documents deal with requirements regarding obtaining customer information, establishing a customer risk profile, and performing ongoing monitoring of the customer relationship.
To read the latest FAQs, click here.
July 31, 2020 - Indicators of Cybercrime and Cyber-Enabled Crime
FinCEN issued an advisory July 31 to alert financial institutions to potential indicators of cybercrime and cyber-enabled crime observed during the COVID-19 pandemic. The advisory contains descriptions of COVID-19-related malicious cyber activity and scams, associated financial red flag indicators, and information on reporting suspicious activity.
FinCEN said it issued the advisory based on data collected through the Bank Secrecy Act (BSA) and other intelligence sources.
The agency said cybercriminals and malicious actors are increasingly exploiting the COVID-19 pandemic through malware and phishing schemes, extortion, business email compromise (BEC) fraud, and exploitation of remote applications, especially against financial and healthcare systems. See the advisory for a list of red flags and advice.
Read the advisory here.
July 16, 2020 - Twitter Scams
FinCEN is warning FIs of a high-profile scam that exploits Twitter accounts to solicit fraudulent payments denominated in convertible virtual currency (CVC).
Cyber threat actors have compromised the accounts of public figures, organizations, and financial institutions to solicit payments to CVC accounts, claiming that any CVC sent to a wallet address would be doubled and returned to the sender.
It is critical that CVC exchanges and other financial institutions identify and report suspicious transactions associated with this type of activity as quickly as possible.
Read the July 16 alert here.
July 7, 2020 - Imposter Scams and Money Mule Schemes
FinCEN issued a new advisory July 7 to alert financial institutions to potential indicators of imposter scams and money mule schemes, which are prevalent during the COVID-19 pandemic.
FinCEN’s advisory contains descriptions of the schemes, financial red flag indicators for both, and information on reporting suspicious activity.
Imposter scams have criminals impersonating organizations such as governments or charities to offer services or otherwise defraud consumers.
Money mule schemes can either be with unwitting money mules, or those where a person is complicit in illegal activities.
The full advisory is intended to aid financial institutions in detecting, preventing, and reporting potential COVID19-related criminal activity.
This advisory is based on FinCEN’s analysis of COVID-19-related information obtained from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement partners.
May 18, 2020 - COVID-19 Related Medical Scams
FinCEN issued an advisory that contains red flags, descriptions of COVID-19-related medical scams, case studies, and information on reporting suspicious activity.
Bank Secrecy Act (BSA) data, as well as information from other federal agencies, foreign government partners, and public sources indicate possible illicit activities related to the coronavirus pandemic regarding fraudulent cures, tests, vaccines, and services; non-delivery scams; and price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.
Some of these red flags are common indicators of fraudulent merchant activity committed by shell or fraudulent retail or wholesale business operators. Additionally, some of the red flag indicators outlined below may apply to multiple COVID-19-related fraudulent activities.
SAR filing instructions
FinCEN also addressed some changes it has seen in SAR filings in light of the COVID-19 pandemic.
“Some financial institutions have added COVID-19 statements to their disclaimers or are using SAR narratives to address COVID-19’s impact on their SAR filing abilities."
Financial institutions should not include in the SAR narrative their challenges during the pandemic; the SAR narrative should include COVID-19 when it is tied to suspicious activity only. FinCEN goes on to say that filers who have already included references to COVID-19 in matters not related to the pandemic do not need to file corrected reports.
Read full May 18, 2020 advisory here.