FinCEN recently issued its much-anticipated anti-money laundering (AML) priorities to clarify where financial institutions should focus their efforts to more effectively monitor customer activity
The U.S. Treasury Department’s anti-money laundering (AML) unit recently issued the much-anticipated AML priorities Congress demanded in the Anti-Money Laundering Act of 2020, a legislative effort to clarify where financial institutions should focus their efforts to more effectively police transactions for illicit activity.
Some experts said the AML and counter-terror finance priorities issued by Treasury’s Financial Crimes Enforcement Network (FinCEN) — the first of their kind — were disappointing because they cited well-known threats without adding value. Still, the priorities might be of potential use to those institutions working to close gaps in their risk assessments, they said.
“Today’s publication of government-wide (priorities) is a significant milestone in FinCEN’s efforts to improve the efficiency and effectiveness of the nation’s AML/CFT [countering the financing of terrorism] regime and to foster greater public-private partnerships,” noted FinCEN Acting Director Michael Mosier in a written statement. “The priorities reflect the U.S. government’s view of the threat landscape — highlighting longstanding threats like corruption, fraud, and international terrorism, as well as rapidly evolving and acute threats, such as domestic terrorism, ransomware, and other cybercrime.”
How to approach the priorities
FinCEN issued the priorities in consultation with other Treasury units, as well as federal and state regulators, law enforcement, and national security agencies, the bureau said. FinCEN said the priorities — “in no particular order” — include corruption, cybercrime, domestic and international terrorist financing, fraud, transnational criminal organizations, drug trafficking organizations, human trafficking and human smuggling, and proliferation financing. In addition to the priorities, FinCEN also issued statements — one for banks and one for non-bank financial institutions — “to provide guidance to covered institutions on how to approach the priorities.” The statements were similar, although they cited ongoing efforts involving different regulators.
The documents state that FinCEN’s priorities do “not create an immediate change to Bank Secrecy Act (BSA) requirements or supervisory expectations” for financial institutions. Instead, FinCEN and the regulators will be working to revise regulations, “as necessary, to address how the AML/CFT priorities will be incorporated into banks’ BSA requirements,” the Treasury bureau said.
The priorities, and the statements, “are intended to assist covered institutions in their AML/CFT efforts and enable those institutions to prioritize the use of their compliance resources,” FinCEN said. “In particular, the priorities highlight key threat trends as well as informational resources that can assist covered institutions in managing their risks. Coupled with the Department of the Treasury’s 2020 Illicit Finance Strategy and 2018 National Risk Assessment, the priorities aim to help covered institutions assess their risks, tailor their AML programs, and prioritize their resources,” FinCEN added.
The Treasury bureau added that it will update the priorities at least once every four years to highlight new or evolving threats, as required by the AML Act. It also noted that “covered institutions are not required to make any immediate changes to their risk-based AML programs” in response to the priorities.
“FinCEN will propose implementing regulations in the coming months. FinCEN, the federal functional regulators, and state regulators will not examine any covered institution for the incorporation of the priorities into their risk-based AML programs until implementing regulations have been promulgated,” FinCEN said. “Nevertheless, in preparation for any new requirements when those final rules are published, covered institutions may wish to start considering how they will incorporate the AML/CFT priorities into their risk-based AML programs.”
Experts find little new in FinCEN priorities
The latter point — the lack of any concrete step forward — confounded some experts who were eagerly awaiting the issuance of the priorities.
“Make sure your program addresses corruption, cybercrime, virtual currency, foreign and domestic terrorist financing, fraud, transnational criminal organizations, drug trafficking organizations, human trafficking, human smuggling, and proliferation financing. How is any of this new, or even actionable?” asked Jim Richards, former BSA compliance officer with Wells Fargo who now runs RegTech Consulting LLC, adding that FinCEN’s list “is pretty much every threat or risk that banks already have to address with their programs.”
Since regulators will take time to amend the rules, financial institutions “have some time to incorporate this new focus, but I would start now,” suggested Sarah Beth Felix, who runs Palmera Consulting LLC, an AML consulting firm. Felix cited the following reasons: the threats outlined already exist, are happening now, and are applicable to an institution’s day-today monitoring for suspicious activity; it takes time to justify and hire the right people for threat-focused jobs; and, FinCEN’s focus is on helping institutions mitigate regulatory risk, but institutions should be focused on mitigating actual financial crime risk, which stems from the threats noted in the priorities.
The bottom line is that FinCEN is “reframing what they expect of their enforcers and thus, the financial institutions,” Felix said. “But really, having a threat-focused program should have been the reality of day-to-day for all institutions. Unfortunately, institutions have been required to satisfy the regulatory (such as the Federal Financial Institutions Examination Council’s BSA/AML Examination Manual), and then resources are limited or non-existent to actually identify and mitigate their real — actual — threats.”
Overall, FinCEN’s statements on priorities “provide little new insights” and cover extremely broad categories, said James Freis Jr., a former FinCEN director who now runs the consultancy Market Integrity Solutions LLC. “The most important thing that financial institutions could do promptly in response to the published priorities is to review their existing risk assessment methodology to ensure that they have analyzed — and documented the analysis — consistent with the categories used by FinCEN in this publication,” Freis said.
“The most beneficial aspect is to help a financial institution ensure that it does not have gaps in its risk assessment of whether it is vulnerable to each category of money laundering, and that it can both recognize risks and apply appropriate mitigation measures,” Freis added.