On 9/16/20, the Financial Crimes Enforcement Network (FinCEN) issued an Advance Notice of Proposed Rulemaking (ANPRM) seeking public comment on a number of questions pertaining to potential regulatory amendments under the Bank Secrecy Act (BSA). Specifically, FinCEN explained in their advisory that they are seeking comment on creating a new AML program component, referred to as an “effective and reasonably designed” AML program component, so that financial institutions can be empowered to allocate resources more effectively. FinCEN also explained that this component would also seek to create an understanding between financial institutions and their regulators regarding which AML program elements are deemed necessary, while imposing minimal additional obligations under the existing supervisory framework.

On 9/14/2020, the Financial Action Task Force (FATF) issued a report called “Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing.” This 24-page report was designed to help government agencies detect whether virtual assets are being used for criminal activity. Specifically, the report highlights key red flag indicators - that were identified through more than 100 case studies - that could suggest criminal behavior. The red flag indicators included in the report could assist financial institutions in detecting and reporting suspicious activity related to virtual assets.

On 8/21/2020, the joint agencies (Federal Reserve, FDIC, FinCEN, NCUA, and OCC) issued a joint statement clarifying that Bank Secrecy Act (BSA) due diligence requirements for customers who may be considered “politically exposed persons” (PEPs) should be commensurate with the risks posed by the PEP relationship. Of particular note, the statement clarifies that PEPs refer to senior foreign individuals and that “the Agencies do not interpret the term “politically exposed persons” to include U.S. public officials.”

On 8/18/2020, the Financial Crimes Enforcement Network (FinCEN) issued a statement that explains its approach to enforcing BSA/AML rules and regulations. This statement corresponds with the interagency statement issued on 8/13/2020 by the FDIC, Federal Reserve, OCC, and NCUA. In their release, FinCEN explains that this statement is intended to provide clarity and transparency to its approach when contemplating compliance or enforcement actions against covered financial institutions that violate the Bank Secrecy Act. The statement outlines administrative actions available to FinCEN, provides an overview of the information FinCEN analyzes in order to determine the appropriate outcome of BSA violations, and encourages financial institutions to voluntarily and promptly report violations as well as candidly and completely cooperate with any investigation.

On 8/13/2020, the joint regulators (FDIC, Federal Reserve, OCC, and NCUA) issued an updated joint statement on enforcement of BSA/AML requirements. As explained in the FDIC’s release (FIL-76-2020), this statement - which runs about 13 pages long - does not create new expectations or standards, but describes circumstances in which an agency will issue a mandatory cease and desist order to address noncompliance with BSA/AML requirements.

On 8/3/2020, the Financial Crimes Enforcement Network (FinCEN) issued responses to three frequently asked questions (FAQs) regarding customer due diligence requirements for covered financial institutions. These FAQs are in addition to those published on July 19, 2016 and April 3, 2018. The first FAQ discusses the collection of customer information for CDD, while the second question focuses on establishing a customer risk profile. The third question relates to performing ongoing monitoring of the customer relationship.

On 7/30/2020, the Financial Crimes Enforcement Network (FinCEN) issued an advisory to alert financial institutions to potential indicators of cybercrime and cyber-enabled crime observed during the COVID-19 pandemic. This advisory provides a number of red flags for financial institutions to look for and includes SAR filing instructions of including the key term “COVID19-CYBER FIN-2020-A005”. Institutions filing SARs should also select SAR field 42 (Cyber Event) for each applicable filing.