On September 14, 2022, the OFAC sanctioned ten individuals and two entities for their roles in conducting malicious cyber acts, including ransomware activity. This action is part of OFAC’s series of designations that aim to protect U.S. persons from ransomware activity, facilitators of ransomware activity, and other cybercrime.

On July 15, 2022, the OFAC announced a settlement with American Express National Bank (Amex) to settle its potential civil liability for 214 apparent violations of OFAC’s Kingpin sanctions. Amex agreed to remit $430,500, which reflects OFAC’s determination that the apparent violations were not voluntarily self-disclosed and were non-egregious.

One June 28, 2022, FinCEN and the BIS issued a joint alert to financial institutions advising them to be vigilant against efforts by individuals or entities to evade BIS export controls implemented in connection with the Russian Federation’s further invasion of Ukraine.

On June 22, 2022, FinCEN issued a statement to provide clarity to banks on how to apply a risk-based approach to conducting customer due diligence (CDD) on independent Automated Teller Machine (ATM) owners or operators, consistent with the requirements set out in FinCEN’s 2016 CDD Rule. Some independent ATM owners and operators have reported difficulty in obtaining and maintaining access to banking services, which jeopardizes the important financial services they provide, including to persons in underserved markets.

On June 15, 2022, FinCEN issued an advisory to alert financial institutions to the rising trend of elder financial exploitation (EFE). EFE involves the illegal or improper use of an older adult’s funds, property, or assets, and is often perpetrated either through theft or scams. The advisory highlights new EFE typologies and red flags since FinCEN issued its first advisory on the issue in 2011.

On June 3, 2022, FinCEN issued an Advance Notice of Proposed Rulemaking to solicit public comment on questions relating to the implementation of a no-action letter process at FinCEN. A no-action letter is generally understood to be a form of enforcement discretion where an agency states by letter that it will not take an enforcement action against the submitting party for the specific conduct presented to the agency.

On May 20, 2022, the SEC announced charges against Wells Fargo Advisors for failing to file at least 34 Suspicious Activity Reports (SARs) in a timely manner between April 2017 and October 2021. Wells Fargo Advisors, the St. Louis-based broker-dealer, has agreed to pay $7 million to settle the charges.