Regulatory changes are approaching: is your financial institution ready?
Regulations relating to the fight against money laundering and the financing of terrorism are modernizing – financial institutions must also evolve.
In December 2021, the Financial Crime Enforcement Network (FinCEN) posted a review seeking comments on its Request for Information (RFI) on ways to “streamline, modernize, and update the United States’ Anti-Money Laundering and Anti-Terrorist Financing (AML/CFT) regime.” The agency needs to modernize its risk-based AML/CFT regulations to make compliance of financial services firms with the Bank Secrecy Act (BSA) more effective and efficient.
How does this work in practice?
Join now for FREE unlimited access to Reuters.com
Preventing malicious actors from abusing the US financial system is playing the mole game. As new ways and methods to track illicit financial transactions are developed or updated, threat actors find new schemes to access US dollars, contributing to an ever-changing illicit financial landscape. New technologies that facilitate new business models, products and services also offer new ways to evade sanctions and launder funds, rendering certain regulations and strategies obsolete.
Regulations must follow no matter what, which is why FinCEN is initiating a review to ensure that the safeguards that have been implemented to protect the US financial system from bad actors are effective and still effective, such as required by the Anti-Money Laundering Act 2020. The agency will not only review which required reports and records are still useful in combating financial crime, but will also assess which additional documents that do not currently fall within the record keeping requirements may be useful in the fight against illicit financing.
Some regulations are clearly redundant. Here’s how FinCEN describes “redundancy”:
For the purposes of this RFI, FinCEN considers redundant regulations to include BSA regulations that: (i) impose requirements on regulated entities that are the same or significantly overlap with requirements imposed by other BSA regulations; BSA; or (ii) were issued under a different statutory authority, but for which it is not possible to comply with both mandates by taking one set of measures. Regulations imposing such requirements will not be considered redundant to the extent that fully meeting one requirement in one framework fully meets the other requirement as well.
Some of the issues that FinCEN will consider involve threats or vulnerabilities that the agency may not be aware of, and whether current AML/CFT requirements and regulations adequately address those risks. The agency will also consider comments on record-keeping requirements that are no longer useful or do not meet international standards, as well as additional reporting requirements that will help combat modern financial crime. Some BSA regulations may be redundantWhere outmoded if they do not promote a risk-based AML/CFT regime, and the agency said it plans to assess their usefulness and effectiveness.
The list of AML/CFT priorities published by FinCEN in June 2021 will play an important role in possible regulatory changes. FinCEN will almost certainly place more emphasis on corruption and cybercrime, given that the Biden administration has made these issues a top priority.
Some common corruption red flags include dealings in jurisdictions known for corruption and kleptocracy, penalties under Magnitsky public authorities and the involvement of politically exposed persons (PEPs) in transactions. All of this makes regional, political and linguistic knowledge essential for tracking ultimate beneficial ownership and allows regulators to be more proactive in preventing corrupt actors from gaining access to the US financial system.
U.S. financial institutions will likely need to prepare by engaging with experts who understand jurisdictional risk and can highlight possible front or shell companies operating in global free trade zones; examine the risks of PEP, understand the cultural environment of the targeted jurisdictions; and review global media, business registers and public databases in local languages.
Cybercrime continues to rise
Monitoring of red flags associated with cybercrime, in particular Ransomware — will be especially important as FinCEN adjusts regulations to reflect this key White House priority. Again, financial institutions will need to focus on risky jurisdictions and use geolocation tools to track IP addresses that may be in geographic locations at risk of cybercrime. Financial institutions also need to assess and understand their customers’ regular networks and activities, as well as note transactions that fall outside the norm.
Financial institutions should also report the use of anonymity-enhanced cryptocurrencies or virtual currency exchanges in high-risk foreign jurisdictions. And the use of an unregistered mixing service may also indicate a cybercrime-related transaction, as illicit actors seek to mix cybercrime proceeds to disguise their origins.
Ultimately, additional regulations regarding the reporting of suspicious activity associated with cybercrime will be implemented, as well as additional requirements to perform enhanced due diligence for customers in jurisdictions known for corruption, kleptocracy and breaches. human rights.
Provide feedback to regulators
FinCEN identifies financial institutions, casinos, depository institutions, insurance companies, money services businesses, mortgage brokers, precious metals and jewelry businesses, and securities firms as parties interested parties who may wish to comment on possible regulatory reforms.
Non-bank financial institutions (NBFIs) should take proactive steps to anticipate regulatory changes and improve their compliance programs accordingly, although FinCEN notes that NBFIs will not be required to incorporate agency priorities into their AML/CFT regimes until the date of entry into force of the changes.
Nonetheless, financial institutions and NBFIs may want to begin to assess their risk appetite as well as the potential risks associated with their specific offerings by engaging with expert analysts to perform a risk assessment on their current compliance and due diligence.
Join now for FREE unlimited access to Reuters.com
The opinions expressed are those of the author. They do not reflect the views of Reuters News, which is committed to integrity, independence and non-partisanship by principles of trust. Thomson Reuters Institute is owned by Thomson Reuters and operates independently of Reuters News.