AML/KYC

Subscribe to AML/KYC via RSS

Recently, the Financial Crimes Enforcement Network (FinCEN), a bureau of the U.S. Treasury Department, released a report on ransomware trends stating that during the first half of 2021, 68 different ransomware variants extracted approximately $600 million from victims across the country. FinCEN identified Bitcoin as the most common ransomware-related payment method in reported transactions and noted that ransomware incidents requesting Monero (XMR) – what FinCEN refers to as an anonymity-enhanced cryptocurrency – are increasing as hackers seek to reduce the transparency and traceability of such transactions.

Given this environment, the White House and Treasury Department have sought to counter the ransomware threat by taking a number of actions, including holding a virtual two-day multinational summit on ransomware, conducting classified threat briefings for critical infrastructure executives, and establishing some expected cybersecurity thresholds for critical infrastructure providers. Compounding these efforts, the Treasury Department is leveraging existing Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) controls that already apply to fiat currency and enforcing them more deliberately toward virtual currency to combat ransomware attacks.

Two days after the White House issued its October 13, 2021 Fact Sheet detailing these anti-ransomware efforts, the Treasury Department’s Office of Foreign Assets Control (OFAC) issued its “Sanctions Compliance Guidance for the Virtual Currency Industry” (“Guidance”).

Gary Gensler, Chair of the Securities and Exchange Commission (SEC), attracted a lot of attention following his remarks at the Aspen Security Forum earlier this month, asking Congress for more authority “to write rules for and attach guardrails to crypto trading and lending” and opining that for the “volatile” industry to truly prosper it needs more investor and consumer protections.  But make no mistake: Gensler is not waiting around for Congress to act.  In his remarks, Gensler highlighted various areas where the SEC currently has jurisdiction and emphasized that “we have taken and will continue to take our authorities as far as they go.”

On February 26, 2020, the Security and Exchange Commission’s (“SEC”) Division of Examinations (the “Division”) published a Risk Alert, “The Division of Examinations’ Continued Focus on Digital Asset Securities.” In the Risk Alert, the Division offered insight into its current examination focus with respect to the activities of market participants, including investment advisers, concerning digital assets that are securities (“Digital Asset Securities”) and distributed ledger technologies.

The Alert outlines the observations of the Division, which were the product of examinations of investment advisers, broker-dealers, and transfer agents and their use of Digital Asset Securities. At only eight pages, the Alert is not an exhaustive compliance document for market participants and does not detail explicitly how firms might remain in compliance with securities laws and regulations.  The Division’s outline of the risks it has observed from recent examinations is, however, a useful roadmap, outlining the areas of focus for the Division’s future examinations and compelling firms to take another look at their relevant compliance practices.  It also raises some questions about the scope of the applicability of federal securities to digital assets that have yet to be explored.

Treasury Secretary Steven Mnuchin remarked before a hearing of the Senate Finance Committee three weeks ago that “significant new requirements at FinCEN” for cryptocurrencies would be introduced quickly, in response to Senator Maggie Hassan’s (D-NH) question regarding the Treasury Department’s proposed use of budget increases for anti-money laundering (AML) and

Based on a recent regulatory statement, entities involved with cryptocurrency or digital assets should revisit their anti-money laundering and countering the financing of terrorism obligations (AML/CFT) compliance under the Bank Secrecy Act (BSA).

On October 11, the leaders of the Commodity Futures Trading Commission (CFTC), the Financial Crimes Enforcement Network (FinCEN), and the Securities and Exchange Commission (SEC) issued a joint statement (the “Joint Statement”) regarding the application of the BSA to activities involving digital assets. The Joint Statement “reminds” those involved with such activities of their AML/CFT obligations and specifically calls out those entities that would be subject to such obligations: futures commission merchants and introducing brokers (regulated by the CFTC), money services businesses (regulated by FinCEN), and broker-dealers and mutual funds (regulated by the SEC).

Potentially indicating a key concern of the regulators going forward, the Joint Statement notes that the applicability of AML/CFT obligations is not dependent on the terminology surrounding the applicable assets, but rather the nature of the assets themselves: “Regardless of the label or terminology that market participants may use, or the level or type of technology employed, it is the facts and circumstances underlying an asset, activity or service, including its economic reality and use (whether intended or organically developed or repurposed), that determines the general categorization of an asset, the specific regulatory treatment of the activity involving the asset, and whether the persons involved are “financial institutions” for purposes of the BSA.” Thus, while market participants refer to digital assets in many different ways, how assets are referred to should not have a bearing on BSA compliance. By way of example, the Joint Statement offers that “something referred to as an ‘exchange’ in a market for digital assets may or may not also qualify as an ‘exchange’ as that term is used under the federal securities laws.”

Following the general statement, each leader provides additional comments, which should guide entities subject to each applicable regulator’s review. Heath Tarbert (Chairman, CFTC) notes that introducing brokers and futures commission merchants are required to report suspicious activity and implement reasonably-designed AML programs, regardless of whether the digital assets qualify as commodities or are used as derivatives. Kenneth A. Blanco (Director, FinCEN) advises those handling digital assets to review FinCEN’s May 2019 interpretive guidance, under which FinCEN makes clear that many digital asset activities would qualify a person as a money services business subject to AML/CFT obligations (unless the person is registered with and functionally regulated and examined by the SEC or CFTC, whereby they would be subject to the BSA obligations of those regulators).  Jay Clayton (Chairman, SEC) reminds persons engaged in activities involving digital assets as securities that they remain subject to federal securities laws, but certain rules also apply regardless of whether the assets are securities, such as broker-dealer financial responsibility rules.

On a daily basis, companies are announcing new developments on the adoption of blockchain in core business operations.  However, many of these use cases present unique legal issues.  In order to provide some clarity on some of these issues, and perhaps to offer a blockchain-friendly environment for the operation of blockchain companies, state legislatures around the country are rushing to adopt blockchain-friendly laws.  Among the latest states to join are Florida and Nebraska.