Heads Up: AML and Economic Sanctions Moves the Crypto Industry Should Watch for From Regulators in 2020
February 25, 2020
The federal government is settling in to 2020 with a continued focus on tightening anti-money laundering (AML) and economic sanctions controls on the cryptocurrency industry. Treasury Secretary Mnuchin told Congress recently that “[w]e are about to roll out some significant new requirements” related to cryptocurrency. And, earlier this month, then-FinCEN Deputy Director Jamal EL-Hindi hinted at “future rules and guidance” related to FinCEN’s ability to “regulate [cryptocurrency] consistent with the existing principles underlying the BSA/AML regime.” In general, Department of Treasury leadership has stressed its willingness to use all available authorities to ensure that the U.S. financial system is safe from abuse and that the goals of the Bank Secrecy Act (BSA) are met. In particular, the government has eyed social media and networking platforms developing cryptocurrency solutions as an area requiring greater scrutiny and transparency.
Recognizing the limits of its ability to engage in formal rulemaking under the current administration and in an election year, we anticipate the Department of Treasury is considering actions it can take through its Office of Terrorism and Financial Intelligence, which includes both the Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC). These departments have statutory authorities that would allow them to impose immediate requirements on the cryptocurrency industry and that have reduced or eliminated notice and rulemaking requirements to the extent they are related to national security.
We describe several of these authorities below, each of which could impose immediate new recordkeeping or reporting requirements, or even more comprehensive restrictions, and which would require financial institutions to implement new compliance controls.
Geographic Targeting Orders
Under the BSA (31 U.S.C. § 5326), FinCEN has the authority to issue a Geographic Targeting Order (GTO) aimed at countering activity FinCEN considers to pose a specific money laundering threat. A GTO can require financial institutions and non-financial trades or businesses to maintain records or report information related to certain transactions to FinCEN. GTOs are technically limited to an initial 180-day period, but can be repeatedly renewed. FinCEN’s use of GTOs has increased significantly and, in August, the Bureau created the new Global Investigations Division to further enhance its use of GTOs. With respect to cryptocurrency, it is significant to note FinCEN’s amendment in 2018 of a GTO from 2016 applicable to title insurance companies. The GTO required title insurance companies to obtain information on the beneficial owners involved in real estate purchases over a certain threshold, currently $300,000, for which there was no financing and the purchaser used cash or a monetary instrument. In November 2018, FinCEN amended the GTO to also cover payments in cryptocurrency.
Historically, FinCEN’s GTOs have related to specific metropolitan areas, but the statutory authority does not necessarily limit FinCEN in that way, and it is possible FinCEN may seek to use a GTO more broadly.
Potential Covered Entities: A GTO can impose obligations on financial institutions, including regulated cryptocurrency businesses, and non-financial trades or businesses, potentially including businesses that invest or transact in cryptocurrency, but not individuals. Covered entities are either within a specific geographic location or do business in a geographic location.
Potential New Requirements: A GTO can require covered entities to report customer or counterparty information to FinCEN for defined transactions. For example, FinCEN could require regulated cryptocurrency businesses in a specific area to report the name, address, cryptocurrency address, and other identifying information of a customer to FinCEN for every transaction above $1,000 in Bitcoin.
Compliance Enhancements: Because covered entities would be required to submit information to FinCEN for certain transactions, these entities would need to implement policies to collect the required information and to determine if a transaction meets the reportable threshold. A covered financial institution may also have an obligation to detect attempted evasions of the GTO and report that information to FinCEN in a Suspicious Activity Report.
Section 311 Actions
FinCEN also has the authority under section 311 of the USA PATRIOT ACT (31 U.S.C. § 5318A) to require reporting or prohibit activity related to foreign jurisdictions, financial institutions, or classes of transactions that it considers of “primary money laundering concern.” In May 2013, FinCEN relied on this authority to combat what it described as anonymized fraud, cybercrime, and money laundering activity involving cryptocurrency with its 311 action against Liberty Reserve. In that action, FinCEN prohibited U.S. financial institutions from maintaining correspondent accounts that facilitated Liberty Reserve transactions. While a separate Department of Justice action had functionally shut down Liberty Reserve, FinCEN used a 311 action to limit the company from re-establishing itself elsewhere. Of the financial institutions targeted by FinCEN for 311, over 60 percent have been shut down or forced into liquidation.
Potential Covered Entities: A 311 action can impose immediate, temporary reporting obligations on financial institutions, including regulated cryptocurrency businesses. FinCEN can make these reporting requirements permanent through notice and comment. Additionally, a 311 action can prohibit U.S. financial institutions from transacting with foreign banks that have ties to the 311 target.
Potential New Requirements: Similar to a GTO, a 311 action can require covered entities to report customer or counterparty information to FinCEN for defined transactions. For example, in its action against Halawi, a Lebanese money transmitter, FinCEN required U.S. money transmitters to report to FinCEN all originator, beneficiary, and transactional information for any transfer involving Halawi.
A 311 can also prohibit covered entities from maintaining a correspondent account for a foreign bank if the funds in that account involve what FinCEN considers to be the “primary money laundering concern.” For example, FinCEN could prohibit U.S. financial institutions from maintaining a foreign bank’s correspondent account that was used to facilitate transactions in a specific anonymity enhanced cryptocurrency.
Compliance Enhancements: Similar to a GTO, covered entities would need to implement policies to collect the required information and to determine if a transaction meets the reportable threshold. A covered financial institution may also have an obligation to detect attempted evasions of the 311 and report that information to FinCEN in a Suspicious Activity Report.
In addition, covered entities would need to implement policies and procedures to determine if their foreign bank customer uses their U.S. account to facilitate transactions involving the defined jurisdiction, institution, or class of transactions.
Executive Orders Establishing Economic Sanctions
OFAC administers and enforces economic sanctions programs against countries, entities, and individuals. The authority to issue economic sanctions arises from various statutes, but mainly from the International Emergency Economic Powers Act. Economic sanctions programs are implemented primarily through executive orders issued by the President and through OFAC regulations.
U.S. economic sanctions laws prohibit most transactions (including those involving cryptocurrency) with Specially Designated Nationals (SDN), which are persons and entities sanctioned for engaging in various types of illicit behavior, such as cybercrime, terrorism, narcotics trafficking, and human rights violations. These laws also cover certain specific jurisdictions, generally including persons located within them. For example, Cuba, Iran, North Korea, Syria, and the Crimean region of Ukraine are subject to broad prohibitions, while Venezuela and Russia are subject to more targeted restrictions.
In March 2018, the President issued the first executive order authorizing economic sanctions specific to a cryptocurrency – the Petro, a cryptocurrency launched by the Venezuelan government. Executive Order 13827 barred transactions in “any digital currency, digital coin, or digital token that was issued by, for, or on behalf of the Government of Venezuela on or after January 9, 2018.” Government statements suggest a view that sanctioned jurisdictions and persons are resorting to cryptocurrency as a means of conducting transactions outside of normal financial channels. Accordingly, U.S. economic sanctions targeting cryptocurrencies like the Petro may expand.
Potential Covered Entities: OFAC sanctions apply to all U.S. persons, not just financial institutions, wherever located, and can also apply to entities located internationally that transact in U.S. currencies or that conduct business in the U.S.
Potential New Requirements: The President has broad powers to issue executive orders implementing additional economic sanctions targeting cryptocurrency. Future executive orders may be aimed at cryptocurrency use with an international nexus, including categories of blockchain activity that regulators have identified as high-risk (e.g. cross-border decentralized applications or distributed/disintermediated platforms). These orders generally require U.S. persons to reject or block transactions and reporting to OFAC.
Compliance Enhancements: Because OFAC sanctions apply to transactions or property of SDNs and persons in sanctioned jurisdictions, cryptocurrency companies should develop a compliance program for identifying and screening customers and counterparties. Given the breadth of these measures, it is important to tailor information collection and screening controls in accordance with risk.
We anticipate Treasury offices and bureaus, including OFAC and FinCEN, will continue coordinating on efforts to protect the U.S. financial system from the illicit use of cryptocurrency. We continue to monitor Treasury’s efforts in this respect, including the potential use of targeted, fast-acting authorities that can have significant collateral consequences. Understanding the authorities the government has is highly beneficial to companies as they develop and enhance their compliance programs and prepare for future developments.
This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Laurel Loomis Rimon, an O’Melveny partner licensed to practice law in California and the District of Columbia, Eric Sibbit, an O’Melveny partner licensed to practice law in California and New York, Greta Lichtenbaum, an O’Melveny partner licensed to practice law in the District of Columbia, Braddock Stevenson, an O’Melveny counsel licensed to practice law in New York and New Jersey, and Mary Pat Dwyer, an O’Melveny associate licensed to practice law in the District of Columbia and Pennsylvania, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.
© 2020 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.