Cybercrime, including relevant cybersecurity and virtual currency considerations
Foreign and domestic terrorist financing
Transnational criminal organization activity
Drug trafficking organization activity
Human trafficking and human smuggling
Joint Statement on National Priorities
FinCEN, federal banking agencies, and state bank and credit union regulators issued a joint statement on the National Priorities with several key points for banks and non-bank financial institutions (NBFIs):
FinCEN will issue implementation regulations for the National Priorities in the next 180 days.
The National Priorities do not amend Bank Secrecy Act (BSA) requirements, but the federal banking agencies plan to revise BSA regulations, as necessary, to address how banks and NBFIs will incorporate the National Priorities into their BSA programs.
The forthcoming regulations will provide an effective date by which banks and NBFIs must incorporate the National Priorities into their BSA programs.
After the effective date, regulators will verify that banks and NBFIs have incorporated the National Priorities into their compliance programs through regular examinations.
Banks and NBFIs may wish to start considering how they will incorporate the AML/CFT Priorities into their risk-based AML programs, such as by assessing the potential risks associated with the products and services they offer, the customers they serve, and the geographic areas in which they operate.
Impact to Banks and NBFIs
The forthcoming National Priorities regulations and their implementation could be challenging for some firms. While many financial institutions have been monitoring their exposure to the items on the National Priorities list for years, FinCEN has identified these as targets for change and furtherance of policy goals. A jump-start on the process could lessen the burdens of change, prevent constricted timelines for remediation, and avoid potential gaps while managing changes. Additionally, new provisions in the AML Act of 2020 raise the specter of personal liability for compliance failures. Stakeholders should apply serious thought to the upcoming changes.
Digital assets businesses will likely have a heavy lift under the upcoming regulations, particularly in the areas of know-your-customer and client identification, monitoring, recording, and recordkeeping. The pseudo-anonymity of digital assets presents challenges for sanctions screening, transaction monitoring, digital onboarding, and a heightened risk for money laundering, fraud, and cyber-enabled financial crimes. Digital asset businesses must configure their AML procedures, controls, documentation protocols, and technology to address these specific risks as they evolve. Additionally, as cyberenabled financial crime, ransomware attacks, and the illicit use of virtual assets are of particular focus of concern for the National Priorities list, regulators will likely continue to tighten AML requirements, develop the expertise of examiners through special training, and scrutinize the compliance programs of digital assets businesses through regular examination.
Regulators and the Biden administration have previously indicated their interest in combating the illicit activity reflected in the National Priorities list. For instance, the National Priority “corruption” was of interest to the Commodity Futures Trading Commission (CFTC). In 2020, the CFTC issued its first enforcement action involving foreign corruption under the Foreign Corrupt Practices Act. The action was notable because the alleged conduct occurred entirely on foreign soil and involved interagency cooperation with the US Department of Justice, as well as foreign regulators. On June 3, 2021, President Biden released a memorandum naming the fight against corruption as a core US national security interest. A report due by December 20, 2021, will align regulators in executing the president’s new strategy.
Stakes are high for financial institutions because of the ongoing trend among regulators to pursue personal liability for compliance failures. With the passage of the AML Act of 2020, regulators have additional tools for enforcement and increased accountability for compliance stakeholders. In its 2020 annual report, the CFTC Enforcement Division named “promoting individual accountability” as a top priority for 2021 and beyond. This is consistent with previous studies that identified a growing trend of personal accountability in enforcement actions. The AML Act of 2020 provides for clawbacks of bonuses for parties who engaged in unethical, but noncriminal, activity, and violators can be barred from serving on corporate boards for a period of 10 years. To facilitate investigations and enforcement of foreign corrupt practices, the AML Act of 2020 provides whistleblower protections and compensation, and additional subpoena powers for obtaining records from foreign financial institutions with correspondent accounts in the US. A refusal to answer a subpoena can be grounds for terminating a correspondent account. US regulators have a mandate under the National Priorities list to fight corruption and several new tools under the AML Act of 2020 to enforce compliance.
Financial Institutions should begin to ask:
What business lines have higher exposure to the corruption priority (e.g., exposure to natural resources extraction, international trade, and/or commodities markets)?
Which of the financial institution’s customers are higher risk for corruption (e.g., type and number of Politically Exposed Persons, and customer type by industry)?
What is the trend in the institution’s risk exposure to the corruption National Priority over the past three years?
Financial institutions will have different answers to these questions on corruption, and similar questions regarding the other National Priorities. For each National Priority, financial institutions should be prepared to demonstrate that they are aware of their risk exposure, have taken appropriate steps to mitigate the risk, and can produce the evidence and the data to support their assessment and response in an organized manner to regulators.
While this is the first time FinCEN has released a National Priorities list, the AML Act of 2020 directs the regulator to provide an update every four years. Financial institutions should equip themselves to address changes in National Priorities and policies, particularly when both regulators and the White House have signaled a shift in focus. Financial institutions should take advantage of the National Priorities announcement to begin planning and scoping the exercise to implement them.
Key Considerations for Financial Institutions
FinCEN suggests financial institutions start their assessments now. A proactive approach over the next few months will allow banks and NBFIs to be better prepared to meet the changes. Banks and NBFIs should:
Identify stakeholders and staff responsible for the planning, execution, and oversight of possible enhancements to the program(s).
Review recent publications, guidelines, recommendations, enforcement actions, and policy statements regarding the topics on the National Priorities list.
Review current trends, typologies, and industry experiences involving the topics on the National Priorities list.
Assess risk exposure to the topics on the National Priorities list, including product and service offerings, customer types, and geographies.
Assess the effectiveness of risk mitigation efforts against the National Priorities list and identify the unmitigated residual risk that may show areas for improvement.
Create an action plan for any key processes, controls, and procedures identified for enhancements.
Identify sources of data relevant to the National Priorities list, such as customers, transactions, reports, and alerts; verify they are readily accessible.
Identify affected systems that will be critical to implementing the forthcoming regulations, such as customer risk scoring, customer file management, transactions monitoring and screening, fraud detection, and trade compliance, among others.
Identify potential data and technology needs to comply with the forthcoming National Priorities and reporting obligations to stakeholders and regulators.
Call to Action
Guidehouse can help financial institutions prepare for and implement the forthcoming National Priorities. FinCEN’s recommendations have made it clear that a tailored approach is necessary. Financial institutions should consider their unique business profile and compliance needs rather than a boilerplate approach that may work for some, but not for others. Guidehouse professionals have deep knowledge of financial institution processes, with areas of relevant expertise, including the following:
Anti-Proliferation and Counter-Terrorist Financing
Virtual Asset Service Providers
Risk assessment and management
Vendor sourcing and governance
Guidehouse can quickly review and assess your anti-financial crime program to determine its effectiveness, identify gaps or weaknesses, or conduct training on the National Priorities and emerging trends. Guidehouse is well-equipped to make an individualized assessment of your unique circumstances and offer innovative advice and solutions in preparation for regulator examinations.
Special thanks to contributing author Ben Trent and Tania Flores.