FinCEN Issues First National AML/CFT Priorities

The Financial Crimes Enforcement Network issued the first government-wide priorities for anti-money laundering and countering the financing of terrorism (AML/CFT). The publication of the priorities does not create an immediate change to the BSA requirements of supervisory expectations for credit unions.

The priorities are, in no particular order, as follows:

(1) Corruption — In the priorities, FinCEN highlights that corruption undermines democratic institutions and underpins many of the global challenges of our time, including serious human rights abuse, and has a disproportionate impact on the poor and most vulnerable. For all of these reasons, countering corruption is a core national security interest of the United States. Addressing the money laundering risks associated with such corruption will bolster efforts to counter corruption. FinCEN has issued advisories on human rights abuses enabled by corrupt senior foreign political figures and their financial facilitators with respect to Nicaragua, South Sudan, and Venezuela.

(2) Cybercrime, including relevant cybersecurity and virtual currency considerations — FinCEN broadly defines cyber crime as any illegal activity that involves a computer, another digital device, or a computer network. Cybercrime includes common cybersecurity threats like social engineering, software vulnerability exploits, and network attacks. Cybercrime is a significant illicit finance threat: the size, reach, speed, and accessibility of the U.S. financial system make covered institutions attractive targets to criminals, including terrorists and state actors. These actors target covered institutions’ websites, systems, and employees to steal customer and commercial credentials and proprietary information, defraud covered institutions and their customers, and disrupt business functions. Foreign interference in democratic processes, such as elections and election infrastructure, is often conducted through cyber-enabled methods. The Treasury is particularly concerned about cyber-enabled financial crime, ransomware attacks, and the misuse of virtual assets that exploits and undermines their innovative potential, including through laundering of illicit proceeds.

FinCEN has issued advisories with respect to ransomware and COVID-19-related cybercrime, including cyber-enabled financial crime, to alert covered institutions to predominant trends, typologies, and potential indicators.

(3) Foreign and domestic terrorist financing — Terrorists require financing to recruit and support members, fund logistics, and conduct operations. Preventing such financing, therefore, is essential to counter the threat of terrorism successfully. Covered institutions are reminded of existing obligations to identify and file SARs on potential terrorist financing transactions, as appropriate, and follow applicable requirements for reporting violations requiring immediate attention.

(4) Fraud – Fraud is a broad category that includes bank, consumer, health care, securities and investment, and tax fraud. Proceeds from fraudulent activities may be laundered through a variety of methods, including transfers through accounts of offshore legal entities, accounts controlled by cyber actors, and money mules. FinCEN has issued several fraud-related advisories, in particular with respect to BEC, email account compromise, and COVID-19. In 2019, FinCEN noted that BEC and email account compromise schemes were among a growing trend of cyber-enabled crime, with 32,000 reported cases involving almost $9 billion in attempted theft from BEC fraud schemes affecting U.S. financial institutions and their customers.

Also of concern are foreign intelligence entities and their proxies, which employ illicit financial practices to fund influence campaigns and facilitate a range of espionage activity by establishing front companies and conducting targeted investments to gain access to sensitive U.S. individuals, information, technology, and intellectual property.

(5) Transnational criminal organization activity — The priorities note that transnational criminal organizations (TCOs) are operating within the United States and include drug trafficking organizations (DTOs). These organizations are priority threats due to the crime-terror nexus and the wide range of illicit activities which can include cybercrime, drug trafficking, fraud, wildlife trafficking, human trafficking, property theft, weapons trafficking, and corruption.

(6) Drug trafficking organization activity — The priorities highlight that illicit drugs are a significant public health emergency. DTOs rely more on professional money laundering networks and there has been a substantial increase in complex schemes to launder proceeds from the sale of narcotics.

In 2019, FinCEN issued an advisory related to the trafficking of fentanyl and other synthetic opioids, which contained an extensive discussion of typologies, case studies, and red flags.

(7) Human trafficking and human smuggling — Human trafficking and human smuggling networks use a variety of mechanisms to move illicit proceeds, ranging from cash smuggling by individual victims to sophisticated cash smuggling operations through professional money laundering networks and criminal organizations. The illicit proceeds from human trafficking can include income associated with logistics, such as housing and transportation of victims, as well as earnings from the exploitation of victims. Human traffickers and smugglers have established shell companies to hide the true nature of a business.

(8) Proliferation financing — The threat of proliferation financing arises from proliferation support networks. These networks of individuals and entities, such as trade brokers and front companies, seek to exploit the U.S. financial system to move funds that will be used either: (1) to acquire weapons of mass destruction or delivery systems or their components; or (2) in the furtherance or development of state-sponsored weapons programs, including the evasion of United Nations or U.S. sanctions.

Question of the Week

Q. If my credit union accepts home mortgage applications over the internet, do we need to have the HMDA notice on our webpage?

A. The law mandates that credit unions post a general notice about the availability of its HMDA data in the lobby of its home office and each branch office located in an MSA (Metropolitan Statistical Area). Upon request, it must promptly provide the location of the office where the statement is available for inspection and copying or may include the location on the notice itself. The regulations acknowledge applications may be taken by mail, Internet, or telephone, but they do not address a notice on the credit union’s webpage. It is recommended that similar notice be posted on the webpage for members and customers who apply for mortgages online.

Related Link

12 CFR 1003.5(b)(2), (c)(1), and (e)

Compliance Alerts

National Credit Union Administration

NCUA to Implement Phase One of Resuming Onsite Operations: The NCUA released Letter to Credit Unions 21-CU-06, which provides insight into the NCUA’s phased approach to returning to onsite operations. Under Phase 1, as of July 19, NCUA staff and contractors are permitted to volunteer to work onsite at credit unions.

Consumer Financial Protection Bureau

CFPB and FDIC Release Enhanced Version of Money Smart for Older Adults: The CFPB and FDIC announced the joint release of an enhanced version of the financial education curriculum, Money Smart for Older Adults. The enhanced version includes a new section to help people avoid “romance scams.”

Federal Housing Finance Agency

60-day notice of Submission of Minority and Women Inclusion Information Collection for Approval from OBM: The FHFA is seeking public comments concerning an information collection known as “Minority and Women Inclusion.” The questions being asked center on whether the collection of information is necessary and ways to enhance the quality of information being submitted.

Financial Crimes Enforcement Network

Second FinCEN Exchange on Ransomware to Take Place in August: FinCEN announced it will convene a FinCEN Exchange in August 2021 with representatives from financial institutions, other key industry stakeholders, and federal government agencies to discuss ongoing concerns regarding ransomware.

Office of Foreign Assets Control

OFAC has updated the SDN list as of July 2. The last update prior to this was June 28.

­­­­­­­­­­­­­­­­­­Questions? Contact the Compliance Hotline: 1.800.546.4465;

Posted in Compliance News, Compliance News, Compliance Question.