Some people may consider that 2016 was a very bad year. News like the widespread outbreak of the Zika virus, multiple terrorist attacks, the impact of the Syrian war on civilians, the Orlando shooting, the opioid epidemic, killer storms and wildfires and the results of the presidential elections that divided families and left many people feeling angry, anxious or depressed, were reported on all media outlets throughout last year.
As a leading source of news on compliance issues, BSA News Now is published on a daily basis and distributed to over 10,000 readers from fifty four countries. Our editors are constantly monitoring what’s been trending on AML topics and selected the following as the most important regulatory news for 2016.
The Panama Papers was an unprecedented leak of 11.5M files from the database of the world’s fourth biggest offshore law firm, Mossack Fonseca. The leak led to a global uproar that is still being felt all around. An international consortium of journalists reported that these documents tied the firm, which specializes in shell companies that can be used to conceal assets, to Russian oligarchs, former heads of state and world soccer’s scandal-plagued governing body. Financial institutions worldwide are still feeling the impact of these revelations as these events brought to the spotlight the implications of having limited or minimal information on beneficial owners of an account and propelled compliance officers to scrub their customer’s files to determine any connections resulting from this leak.
Over the course of the year, there was a significant amount of global news related to corruption in various levels of government in multiple countries worldwide. For example, the impeachment proceedings against Brazilian President Dilma Rousseff took center stage following the end of the Olympic Games in Rio de Janeiro. The U.S. has extensively enforced the Foreign Corrupt Practices Act on all industries, including financial services and pharmaceutical firms. The pharma sector, which increasingly does its business in foreign markets, faces heightened FCPA exposure in countries with national health systems, where doctors are considered public officials. In 2016, pharmaceutical giants Teva Pharmaceutical Industries Ltd, GlaxoSmithKline PLC, AstraZeneca PLC and Novartis AG all settled cases involving FCPA violations. These settlements involved billions on fines. The Security and Exchange Commission also announced an enforcement action with JPMorgan Chase & Co. where the company agreed to pay more than $130 million to settle SEC charges that it won business from clients and corruptly influenced government officials in the Asia-Pacific region by giving jobs and internships to their relatives and friends in violation of the Foreign Corrupt Practices Act (FCPA).
Final Rule for Customer Due Diligence Requirements
The Panama Papers may have been the “push” needed to establish a “fifth” pillar to the BSA Compliance Program requirements. On May 6, 2016, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) published a final rule under the Bank Secrecy Act (“BSA”) to codify new customer due diligence (“CDD”) requirements. The new rules amended 31 CFR Parts 1010, 1020, 1023, 1024 and 1026. The purpose of these rules was to clarify and strengthen customer due diligence requirements for “covered institutions” which were identified as banks; brokers or dealers in securities; mutual funds; futures commission merchants and brokers in commodities. The rules contain explicit customer due diligence requirements and include a new requirement to identify and verify the identity of beneficial owners of legal entity customers, subject to certain exclusions and exemptions. The final rules were effective July 11, 2016 and covered financial institutions must comply with these rules by May 11, 2018.
How “Not” to Do AML Compliance
On August 19, 2016 the New York Department of Financial Services (DFS) announced that Mega International Commercial Bank Company Ltd of Taiwan will pay a $180 million penalty and install an independent monitor for violating New York’s anti-money laundering laws. Mega International Commercial Bank of Taiwan is a subsidiary of Mega Financial Holding Company. It is one of the leading banks in Taiwan. According to the enforcement order, the New York branch was examined by DFS and another regulator during early 2015. Other enforcement actions include Agricultural Bank of China, which was fined $215 million, and Intesa Sanpaolo was fined $235 million. These enforcement actions were issued under the DFS’s recent risk-based anti-terrorism and anti-money laundering regulation that requires regulated institutions to maintain programs to monitor and filter transactions for potential BSA/AML violations and prevent transactions with sanctioned entities. The regulation, which took effect on January 1, 2017, requires regulated institutions to submit an annual board resolution or senior officer compliance certification confirming steps taken to ascertain compliance with the regulation.
Compliance Officers Professional Liability
Enforcement actions published by federal regulatory agencies throughout the year listed several actions against “institution-affiliated parties” for engaging in reckless unsafe or unsound practices. According to the enforcement actions examined, these violations or practices were part of a pattern of misconduct that caused more than a minimal loss to the institutions involved. The misconduct noted in these cases resulted in financial and reputational losses to the institutions involved; demonstrated willful or continuing disregard for the safety and soundness of the institutions involved, and involved reckless disregard for the applicable laws or regulations. These risks continue to pressure compliance officers to fulfill their duties under constant worry.
On October 25, 2016 the Financial Crimes Enforcement Network (FinCEN) issued an advisory to financial institutions on cyber-events and cyber-enabled crime. Cybercriminals target the financial system to defraud financial institutions and their customers and to further other illegal activities. Financial institutions can play an important role in protecting the U.S. financial system from these threats. In addition to the advisory, FinCEN issued Frequently Asked Questions (FAQs) regarding the reporting of cyber-events, cyber-enabled crime, and cyber-related information through Suspicious Activity Reports. Some states followed this action. For example, the New York State Department of Financial Services (DFS) updated its proposed first-in-the-nation cybersecurity regulation to protect New York State from the ever-growing threat of cyber-attacks. The proposed regulation, which was announced on December 28, 2016 and will be effective March 1, 2017, will require banks, insurance companies, and other financial services institutions regulated by DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.
New Payment Systems
Blockchains are beginning to become notably coveted within the financial services industry due to their ability to increase security while also increasing transparency at a much faster and more cost-effective rate than previous, lesser-developed methods, which include the use of multiple ledgers and intermediaries. While Bitcoin was once seen as a hazard within the financial services industry due to its ties to criminal activity, the most recent trend within this industry is the adoption of Blockchain technology due to its efficiency and ability to offer innovative ways to perform daily activities. While the upside is high, authorities are still trying to understand the risks. With anonymity playing a key role in conducting transactions using the Blockchain technology, money laundering has become a key concern which needs to be addressed as part of financial service provider’s anti-money laundering (AML) program.