Stepping Out from the Shadows: FinCEN Sets First National AML Priorities

Earlier this week, FinCEN took a first step in fulfilling its expanded role under the Anti-Money Laundering Act of 2020 by issuing a set of national Anti-Money Laundering and Countering the Financing of Terrorism Priorities (“AML/CFT Priorities”) applicable to both banks and non-bank financial institutions. FinCEN has 180 days to issue regulations specifically implementing the priorities. Once the regulations become final, regulators will measure financial institutions, in part, on how they incorporate these and future priorities into their formal AML compliance programs. 

FinCEN’s national priorities are not entirely new, and include categories that have long been the focus of law enforcement and regulators. At the same time, the AML/CFT Priorities include a focus on aspects that are noteworthy in light of current events, including, for example, domestic violent extremism, COVID-19 related crime, and the inclusion of domestic officials—historically, regulatory guidance has focused on senior foreign political figures. Additionally, the AML/CFT Priorities are a first signal of the scope of coming regulations that are likely to create a new, more specific framework around which financial institutions will be expected to structure their risk-based compliance programs. FinCEN’s priorities statement does not, however, provide any specific detail on how financial institutions should address these priorities or how examiners will measure a financial institution’s effectiveness in addressing these priorities. Based on prior BSA regulations, it is unlikely the coming regulations will be particularly prescriptive

Before the AML Act of 2020, although regulators publicly articulated AML/CFT priorities, these priorities were not encapsulated in formal requirements. This created a double-edged sword for financial institutions in terms of AML compliance. On the one hand, financial institutions have broader latitude in designing their own programs. On the other hand, regulators and prosecutors enjoy broad discretion in assessing what they consider to be a “reasonable” AML compliance program, an analysis that can be conducted after facts and circumstances of concern have arisen. We will not know the contours of FinCEN’s expectations regarding how the national priorities should be incorporated in AML compliance programs until FinCEN’s regulations are issued. But, financial institutions should begin now to consider incorporating meaningful risk-reduction measures based on these priorities into their own AML programs.

FinCEN’s National AML/CFT Priorities

• Corruption.  Domestic and foreign corruption, including money laundering associated with misappropriation of public assets and bribery, and political corruption associated with foreign regimes and senior foreign political figures.
• Cybercrime.  Cyber-enabled financial crime, including ransomware attacks, phishing, business email compromise, and related schemes. In particular, the misuse of virtual assets for a variety of illicit acts, including related to ransomware, child exploitation, illegal substances, and money laundering. 
• Foreign and domestic terrorist financing.  Both international threats, including ISIS, Al Qaeda, and related groups, and domestic violent extremist (DVE) threats, including racially motivated violent extremists (RMVEs) and other anti-authority violent extremists. 
• Fraud.  Bank, consumer, health care, securities and investment, and tax fraud, including new internet-enabled fraud schemes such as romance scams, synthetic identity fraud, and other identity theft scams, as well as COVID-19 or government-benefit related fraud schemes.
• Transnational criminal organization (TCO) activity.  Organizations involved in cybercrime, drug trafficking organizations, human smuggling, intellectual property theft, weapons trafficking, and corruption, in particular Mexican and Russian TCOs operating in the United States. 
• Drug trafficking organization (DTO) activity.  Proceeds from the sale of illicit drugs, including from Mexican DTOs’ distribution of fentanyl to the United States, and associated money-laundering networks, frequently located in Asia (primarily China).
• Human trafficking and human smuggling.  Human smuggling activities, including income associated with the housing and transportation of victims, earnings from the exploitation of victims, and associated money-laundering schemes.
• Proliferation financing.  Funds used in connection with the proliferation or use of nuclear, chemical, or biological weapons, and associated support networks comprised of trade brokers and front companies involved in acquiring illicit materials, supporting state-sponsored weapons programs, and evading sanctions. Global correspondent banking, in particular, drives proliferation financial risk in the United States. 

Immediate Impact of the National AML/CFT Priorities

FinCEN, along with the federal banking regulators, issued two coordinated statements along with the national AML/CFT Priorities, reinforcing that, until regulations are finalized, financial institutions are not expected to incorporate these priorities into their internal AML controls. However, financial institutions should begin implementing these priorities into their risk assessments and programs in anticipation of these regulations. Financial institutions should be prepared to demonstrate to their examiners and FinCEN the processes and reporting that they do to address the national AML/CFT Priorities. In particular, financial institutions should consider:

• Ensuring that their risk assessments specifically assess the institution’s exposure to the underlying illicit activity listed in the national AML/CFT Priorities;
• Develop internal reporting to track controls and SAR filings that focus on the national AML/CFT Priorities; and
• Continually monitor the institution’s activities specific to the national AML/CFT Priorities to ensure that it can sufficiently provide a positive narrative to their examiner.

Understanding the institution’s exposure and efforts to mitigate these national AML/CFT Priorities will be crucial to safeguarding the institution from regulatory criticism.  With regulations forthcoming in a matter of months, a proactive approach to evaluating the broad national priorities and developing necessary enhancements to existing AML programs would be prudent. 

A Note About Cryptocurrency

FinCEN addresses cryptocurrency in the broad category of cybercrime, which it defines as any crime that involves a computer. As it relates to virtual currency, FinCEN highlights “the misuse of virtual assets that exploits and undermines their innovative potential, including through laundering of illicit proceeds.” Identifying ransomware, online child exploitation material, illicit drugs and other illicit goods, FinCEN emphasizes its view that virtual currency is the currency of preference for a broad range of online illicit activity and the laundering of criminal proceeds. In this respect, financial institutions that are either primarily or tangentially involved with cryptocurrency should pay particular attention to relevant regulatory guidance and advisories issued in the last several years. Regulators will expect in-house compliance teams to have strong awareness of these factors and expertise in mitigating related risks. 

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Laurel Loomis Rimon, an O'Melveny partner licensed to practice law in California and the District of Columbia, Braddock Stevenson, an O'Melveny counsel licensed to practice law in the District of Columbia, New Jersey, New York, and Pennsylvania, and Vivaan Nehru, an O'Melveny associate licensed to practice law in Maryland, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2021 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising.  Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.