Financial Action Task Force Identifies Jurisdictions with Anti-Money Laundering, Combating the Financing of Terrorism, and Counter-Proliferation Finance Deficiencies
October 30, 2024
WASHINGTON—The Financial Crimes Enforcement Network (FinCEN) is informing U.S. financial institutions that the Financial Action Task Force (FATF), an intergovernmental body that establishes international standards for anti-money laundering, countering the financing of terrorism, and countering the financing of proliferation of weapons of mass destruction (AML/CFT/CPF), updated its lists of jurisdictions with strategic AML/CFT/CPF deficiencies at the conclusion of its plenary meeting this month.[1] U.S. financial institutions should consider the FATF’s stance toward these jurisdictions when reviewing their obligations and risk-based policies, procedures, and practices.[2]
On October 25, 2024, the FATF added Algeria, Angola, Côte d’Ivoire, and Lebanon to its list of Jurisdictions Under Increased Monitoring and also removed Senegal from the list.
The FATF’s list of High-Risk Jurisdictions Subject to a Call for Action remains the same, with Iran, the Democratic People’s Republic of Korea (DPRK), and Burma subject to calls for action. Iran and DPRK are still subject to the FATF’s countermeasures, while Burma is still subject to the application of enhanced due diligence, but not countermeasures.[3]
As part of the FATF’s listing and monitoring process to ensure compliance with its international standards, the FATF issued two statements: (1) Jurisdictions Under Increased Monitoring, which publicly identifies jurisdictions with strategic deficiencies in their AML/CFT/CPF regimes that have committed to, or are actively working with, the FATF to address those deficiencies in accordance with an agreed upon timeline; and (2) High-Risk Jurisdictions Subject to a Call for Action, which publicly identifies jurisdictions with significant strategic deficiencies in their AML/CFT/CPF regimes and calls on all FATF members to apply enhanced due diligence and, in the most serious cases, apply countermeasures to protect the international financial system from the money laundering, terrorist financing, and proliferation financing risks emanating from the identified countries.
Jurisdictions Under Increased Monitoring
With respect to the FATF-identified Jurisdictions Under Increased Monitoring, U.S. covered financial institutions are reminded of their obligations to comply with the due diligence obligations for foreign financial institutions (FFIs) under 31 CFR § 1010.610(a) in addition to their general obligations under 31 U.S.C. § 5318(h) and its implementing regulations. As required under 31 CFR § 1010.610(a), covered financial institutions should ensure that their due diligence programs, which address correspondent accounts maintained for FFIs, include appropriate, specific, risk-based, and, where necessary, enhanced policies, procedures, and controls that are reasonably designed to enable the covered financial institution to detect and report, on an ongoing basis, any known or suspected money laundering activity conducted through or involving any correspondent account established, maintained, administered, or managed in the United States for an FFI. Furthermore, money services businesses (MSBs) have parallel requirements with respect to foreign agents or foreign counterparties, as described in FinCEN Interpretive Release 2004-1, which clarifies that the AML program regulation requires MSBs to establish adequate and appropriate policies, procedures, and controls commensurate with the risk of money laundering and the financing of terrorism posed by their relationship with foreign agents or foreign counterparties. Additional information on these parallel requirements (covering both domestic and foreign agents and foreign counterparts) may be found in FinCEN’s Guidance on Existing AML Program Rule Compliance Obligations for MSB Principals with Respect to Agent Monitoring. Such reasonable steps should not, however, put into question a financial institution’s ability to maintain or otherwise continue appropriate relationships with customers or other financial institutions, and should not be used as the basis to engage in wholesale or indiscriminate de-risking of any class of customers or financial institutions. Financial institutions should also refer to previous interagency guidance on providing services to foreign embassies, consulates, and missions.
The United Nations (UN) continues to adopt several resolutions implementing economic and financial sanctions. Member States are bound by the provisions of these UN Security Council Resolutions (UNSCRs), and certain provisions of these resolutions are especially relevant to financial institutions. Financial institutions should be familiar with the requirements and prohibitions contained in relevant UNSCRs. In addition to UN sanctions, the U.S. Government maintains several sanctions programs. For a description of current Office of Foreign Assets Control (OFAC) sanctions programs, please consult OFAC’s Sanctions Programs and Country Information.
High-Risk Jurisdictions Subject to a Call for Action
With respect to the FATF-identified High-Risk Jurisdictions Subject to a Call for Action, Burma remains in this category, and the FATF urges jurisdictions to apply enhanced due diligence proportionate to the risks. As a general matter, FinCEN advises U.S. financial institutions to apply enhanced due diligence when maintaining correspondent accounts for foreign banks operating under a banking license issued by a country designated as noncooperative with international anti-money laundering principles or procedures by an intergovernmental group or organization of which the United States is a member, and with which designation the U.S. representative to the group or organization concurs.[4] U.S. financial institutions should continue to consult existing FinCEN and OFAC guidance on engaging in financial transactions with Burma.[5]
With respect to the FATF-identified High-Risk Jurisdictions Subject to a Call for Action—specifically, countermeasures in the case of DPRK and Iran—U.S. financial institutions must comply with the extensive U.S. restrictions and prohibitions against opening or maintaining any correspondent accounts, directly or indirectly, for North Korean or Iranian financial institutions. Existing U.S. sanctions and FinCEN regulations prohibit any such correspondent account relationships.
The Government of Iran and Iranian financial institutions remain persons whose property and interests in property are blocked under E.O. 13599 and section 560.211 of the Iranian Transactions and Sanctions Regulations (ITSR), 31 CFR Part 560. U.S. financial institutions and other U.S. persons continue to be broadly prohibited under the ITSR from engaging in transactions or dealings with Iran, the Government of Iran, and Iranian financial institutions, including opening or maintaining correspondent accounts for Iranian financial institutions. These sanctions impose obligations on U.S. persons that go beyond the relevant FATF recommendations. In addition to OFAC-administered sanctions, on October 25, 2019, FinCEN found Iran to be a Jurisdiction of Primary Money Laundering Concern and issued a final rule, pursuant to Section 311 of the USA PATRIOT Act, imposing the fifth special measure available under Section 311. This rule prohibits U.S. financial institutions from opening or maintaining correspondent accounts for, or on behalf of, an Iranian financial institution, and the use of FFIs’ correspondent accounts at covered United States financial institutions to process transactions involving Iranian financial institutions (31 CFR § 1010.661).
For jurisdictions removed from the FATF listing and monitoring process, U.S. financial institutions should take the FATF’s decisions and the reasons behind the delisting into consideration when assessing risk, consistent with financial institutions’ obligations under 31 CFR § 1010.610(a) and 31 CFR § 1010.210.
If a financial institution knows, suspects, or has reason to suspect that a transaction involves funds derived from illegal activity or that a customer has otherwise engaged in activities indicative of money laundering, terrorist financing, or other violation of federal law or regulation, the financial institution must file a Suspicious Activity Report.
ABA Banking Journal: ABA’s Nichols calls on Congress, White House to address fraud crisis
October 28, 2024
Calling fraud an “insidious problem” that affects the financial and psychological well-being of millions of Americans, American Bankers Association President and CEO Rob Nichols today called for immediate government action to develop a national fraud and scam prevention strategy. Speaking to bankers at the 2024 Annual Convention in New York City, Nichols emphasized that the fight against fraud requires “a whole-of government approach… that starts at the very top.”
Specifically, Nichols called on the next administration and Congress to create and fund an Office of Scam and Fraud Prevention and develop a national strategy that will address all parts of the fraud ecosystem and help reduce the number of Americans who fall victim to scams. According to Federal Trade Commission Data from 2023, fraud losses in the U.S. topped 23.7 billion, though that figure could be as high as 158 billion, according to agency estimates.
Nichols also called on the Federal Communications Commissions to develop a database of reported SPAM text messages that would be available for all legitimate businesses to access, and require that telecoms and messaging apps submit all SPAM messages reported by consumers to the database. Having this tool would make it easier for banks and others to more closely monitor how scam topics are evolving and educate their customers more effectively, he said.
Finally, Nichols advocated for the creation of “financial crimes intelligence centers,” that can provide resources at the state and local level for communities and individuals when they are victimized by financial crimes. Such a center is already operational in the state of Texas, Nichols noted, adding that it “has been a force multiplier for law enforcement,” and that “every state in the country could benefit from this approach.”
As the only trade association serving banks of all sizes and charters, Nichols also emphasized ABA’s commitment to leading the fight against fraud, flagging several resources the association has developed to aid banks in their efforts to combat financial crimes, including a Fraud Contact Directory—accessible by all banks—and the popular anti-phishing campaign, #BanksNeverAskThat, which returns this year with a complementary campaign, #PracticeSafeChecks.
ABA Banking Journal: FS-ISAC releases guide for financial institutions on ransomware defense
October 28, 2024
The Financial Services Information Sharing and Analysis Center today published a guide to help financial institutions guard themselves against ransomware attacks. The guide, published in partnership with cloud services provider Akamai, focuses on ransomware mitigation best practices, incident response and crisis management, consideration for paying ransoms and resources for further study.
In 2024, roughly 65% of financial organizations reported having dealt with ransomware-related issues, according to FS-ISAC. “Ransomware is one of the few threats that can truly disable a financial services institution. Increasingly innovative, aggressive and frequent, ransomware attacks can disrupt customer services, halt business operations, and damage the institution’s standing with customers and regulators.”
FS-ISAC said it does not recommend that financial institutions make ransomware payments as the money funds further criminal activities. While the organization acknowledged the decision requires an evaluation of all options by stakeholders, it noted there are significant risks with making payments, such as the victims not getting access to her data even after the ransom is paid.
FinCEN Releases Commercial on Beneficial Ownership Information Reporting
The Financial Crimes Enforcement Network this week released a new video and radio commercial to educate business owners on the new beneficial ownership information reporting requirements. It is part of a larger public outreach campaign by the agency, which includes a dedicated website and videos on BOI reporting.
FinCEN last month issued a notice to financial institution customers about BOI reporting, explaining why certain customers must report directly to the agency in addition to giving information to their banks, which are subject to the customer due diligence rule.
Vote No on IM-28 | South Dakota Retailers Association
South Dakota Retailers Association Executive Director, Nathan Sanderson, shares the impact of IM-28, a widespread tax cut that would decrease state funding by up to $646 Million, potentially resulting in an income tax, higher property taxes, and/or less funding to essential public services like schools and roadways.
A: This isn’t as straightforward as it may seem! Regulation E does indeed exclude from its definition of an "account" – and therefore, from its scope – an account that is held by a financial institution under a “bona fide trust agreement” (§ 1005.2(b)(2)). But not so fast – the regulation’s commentary astutely points out that the term “bona fide trust agreement” is not defined anywhere within the regulation, and that financial institutions must therefore “look to state or other applicable law for interpretation.” (Comment 2(b)(2)-1). So, it seems as though when a “trust” account is involved, this may ultimately require an internal determination by the bank, based upon several factors, including the intended purpose of the account and the bank's historical practice of considering trust accounts to be commercial or consumer purpose.
