Anti-Money Laundering

Anti-Money Laundering Compliance Programs for Financial Institutions and Other Businesses

By Stephanie Brooker, Linda Noonan, Ella Alves Capone, and Chris Jones[1]

Introduction

  • A doctor in Montana who performs unnecessary surgery hires a lawyer to set up a trust in a Caribbean jurisdiction to hide his profits from patients suing him for malpractice. Funds are sent through the doctor’s brokerage account, which has little investment activity.

  • A manufacturer of farm equipment in Kansas sells tractors to a Colombian distributor and is paid by a third party with a wire transfer from an account at a bank in Atlanta.

  • A mid-level drug dealer in Los Angeles arranges with his friend who owns a record company to buy the cash that the drug dealer receives from street sales in exchange for checks drawn on the record company’s commercial bank account.

  • A high-end jewelry store in Chicago sells a large engagement ring to a foreign government official and receives payment by wire from an offshore company the customer says he owns. The customer later says his fiancée has changed her mind and returns the ring. Instead of a refund, he asks the store to maintain a credit balance for future purchases.

  • A Swiss company wires hundreds of thousands of dollars to the checking account of an exchange student at a small community bank in Massachusetts in the town where she attends college. The student, who is the daughter of a notorious African dictator, then writes checks on the account to purchase several luxury vehicles and arranges for them to be shipped to her home country.

  • A family routinely skims cash from the sales of their successful U.S. retail business and uses the funds to purchase cashier’s checks at various banks in the U.S. and Canada. Family members deposit the cashier’s checks to an account for a charity controlled by a terrorist organization in a Middle Eastern country.

  • During the height of the pandemic, a man in Pittsburgh obtains a Payroll Protection Program loan through a bank for a business he has permanently closed. He transfers the funds from an account in the name of the defunct business to his personal account at a credit union and uses the funds for lavish personal expenses including his daughter’s wedding.

  • A network of Chinese immigrant smugglers extorts money from recently arrived immigrants in Seattle and wires the funds through a dishonest agent of a reputable money transmitter to an import-export company in China. The dishonest agent structures the funds he receives into smaller transactions to avoid detection by the money transmitter and by law enforcement.

  • A man in Hawaii purchases cryptocurrency from an unregistered virtual currency exchange and uses the cryptocurrency to make a bribe payment to a foreign official.

  • A casino receives payment on casino debt from a patron who owns a chain of hardware stores across the United States. Payment comes from multiple offshore accounts, including accounts at nonbank financial institutions.

  • A Chinese “manufacturing” customer of a Chinese bank with a correspondent account at a New York bank sends wire transfers routinely through this correspondent account to Mexican businesses.

  • A Russian couple acting as straw persons for a Russian oligarch on a sanctions list purchase a multimillion-dollar mansion in California in an “all cash” (no financing) transaction, with wires sent from multiple accounts in the name of a trust registered in Guernsey.

  • An agent for an undisclosed foreign buyer places the successful bid on a rare painting at an auction in New York. The agent asks the auction house to issue the invoice to a company in Nebraska that will make payment and accept delivery.

  • Criminals in Russia purchase ransomware software on the dark web and launch an attack on a medical center in Ohio and receive a payment from the medical center in crypto currency.

What do all these people and the businesses and financial institutions with which they do business have in common? They are all involved in one way or another with some form of money laundering.

What Is Money Laundering?

Money laundering is the process by which the existence, nature, or source of the proceeds of criminal activity is concealed or disguised to make the proceeds appear legitimate. Although money laundering is frequently associated with drug trafficking, money laundering sustains all types of criminal activity that generate proceeds—drug trafficking, public corruption, fraud, alien smuggling, and traditional organized crime activities. Money laundering often figures in fiscal law violations—tax evasion, violations of currency controls, and customs violations. Money laundering also supports sanctions evasion and terrorism, and the same controls that prevent and detect money laundering are useful in ensuring sanctions compliance and combatting terrorist financing. Criminals must launder their ill-gotten gains to sustain and grow their enterprises and to enjoy the fruits of their labor without detection by government authorities. Experts disagree on how to measure the money laundering problem or whether its extent can even be measured accurately. All agree, however, that money laundering is a problem of staggering proportions and that, despite the best efforts of governments around the world over the last 30 years, the overall level of money laundering does not appear to be decreasing.

How Is Money Laundered?

Money laundering schemes can be very simple or extremely complex depending on the imagination and needs of criminals and their lawyers and financial advisers. While not all money laundering schemes fit the model, it has become commonplace to speak of money laundering as having three stages, based on an analytical model developed by the Central Intelligence Agency in the late 1980s. The three stages are called placement, layering, and integration.

  • Placement: The physical disposal of bulk cash or its initial placement in the financial system (e.g., by using the cash proceeds from street sales of drugs to buy money orders or traveler’s checks or by depositing the cash into bank accounts in amounts of $10,000 or less to avoid cash reporting requirements).

  • Layering: The creation of layers of financial transactions to distance the funds from their illegal source (e.g., by purchasing goods with multiple money orders or by depositing the money orders into an account at one bank and wiring the funds to an account at a second bank).

  • Integration: Reaching the stage of apparent legitimacy for the funds (e.g., using bank deposits to purchase luxury goods, a business, or real estate).

The term “money laundering” conjures images from films of the mafia counting piles of cash in back rooms.

Money laundering from drug trafficking, as well as from many forms of traditional organized crime, often does start with cash but does not always involve cash. For instance, money laundering may relate to various forms of fraud, high-level public corruption by so-called kleptocrats, or trade-based laundering (e.g., where illegitimate funds can flow across borders masked by the undervaluing or overvaluing of imports or exports, and it may involve checks, wire transfers, loans, and/or letters of credit). Money laundering may now also involve transactions in cryptocurrency, which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has recently described as becoming “the currency of preference in a wide variety of online illicit activity.”[2]

The Government Response

In the United States and in most other countries, governments have taken on the fight against money laundering by criminalizing money laundering conduct, making the proceeds subject to forfeiture, and imposing regulatory requirements on financial institutions and other businesses to prevent and detect money laundering. Financial institutions and other businesses have implemented anti-money laundering (AML) programs in response to these government measures to fulfill their legal and ethical responsibilities not to facilitate money laundering, terrorism, or other crimes, and to protect against the reputational risk of being named in an indictment, forfeiture action, or negative press.

The Crime of Money Laundering and Related Forfeiture Authority

Since 1986, it has been a crime under U.S. law to engage in virtually any financial transaction with the proceeds of “specified unlawful activity” with “knowledge” that the funds involved are the proceeds of some form of illegal activity.[3] Specified unlawful activities (SUAs) include hundreds of crimes, from drug trafficking and securities fraud to foreign and domestic public corruption. A person can be liable for money laundering without knowing which specific crime generated the proceeds, so long as the prosecution can prove that the funds in fact were the proceeds of any of the SUAs and that the person knew that the proceeds were derived from a violation of federal, state, or foreign law. Knowledge can be based on willful blindness or deliberate indifference to the source of the funds (i.e., failure to make inquiries in the face of red flags of suspicious activity). In addition, money laundering can be based on a government sting where the funds are represented by the undercover agent to be the proceeds of illegal activity. The penalties for money laundering are severe—up to 20 years imprisonment and large fines for each violation.

Not only can the funds of the person convicted of money laundering be forfeited, but there can be civil forfeiture of any funds or other property involved in, or traceable to, the money laundering activity, even if no one has been prosecuted and even if the funds are no longer in the hands of the wrongdoer.[4][5] If a civil forfeiture action is brought against property involved in or traced to money laundering, the person may defeat the forfeiture by establishing that the person was an “innocent owner,” who took the property without knowledge of the illegal activity.[6]

Why the Need for AML Programs?

How can a financial institution or other business protect itself and its employees against money laundering liability and forfeiture actions if it becomes involved, even inadvertently, in money laundering? The best defense is a good offense—by establishing a fully implemented risk-based AML program. AML programs are required for some financial institutions or financial businesses pursuant to specific regulatory requirements, discussed below, and are necessary for other businesses to help avoid potential criminal liability and forfeiture actions, as well as to protect the reputation and integrity of the organization and its directors, officers, and employees. The contents of an AML program can vary widely depending on the nature of the business; any AML regulatory requirements applicable to the business; and the money laundering risks posed by the business’ customers, products, and services and the jurisdictions in which the business and its customers operate.

Companies can obtain insight into the government’s expectations for AML programs from the U.S. Department of Justice’s (DOJ) Principles of Federal Prosecution of Business Organizations, which sets forth what a prosecutor must consider in deciding whether to charge a corporation with a crime. Prosecutors are directed to consider whether there is a compliance program that is “adequately designed for maximum effectiveness in preventing and detecting wrongdoing by employees and whether corporate management is enforcing the program or is tacitly encouraging or pressuring employees to engage in misconduct to achieve business objectives.” To make this determination, prosecutors are to consider not only whether there is a compliance program on paper, but also if the program was designed, implemented, reviewed, and revised in an effective manner, including by determining whether there was sufficient staff to audit the program and whether adequate information about the program was disseminated to staff.[7] DOJ’s Criminal Division published a guidance document for prosecutors entitled Evaluation of Corporate Compliance Programs that provides additional insight into the factors prosecutors consider to determine the extent to which a business’ compliance program was effective at the time of an offense and at the time of a charging decision or resolution of the case.[8]

In 2014, FinCEN issued an Advisory to U.S. Financial Institutions on Promoting a Culture of Compliance that also offers insight into government expectations for AML programs.[9] The tenets of the document apply equally to any business’s AML program, not just those of financial institutions:

  • Leadership, management, and the board must be visibly and actively engaged in creating a culture of compliance;

  • Compliance should not be compromised by revenue interests;

  • Information should be shared within different areas of the organization to facilitate identifying potential suspicious activity; and

  • The AML compliance function must have adequate authority and independence and be supported by adequate staffing and technology resources.

The existence of a well-designed and fully implemented compliance program that meets these standards is not an ironclad guarantee but should go a long way toward protecting a financial institution or other business against criminal liability. It should also help to establish an innocent ownership defense in the event of a forfeiture action.

The Bank Secrecy Act

Overview

The main legal authority for AML requirements applicable to financial institutions—reporting, recordkeeping, and AML program requirements—is the Bank Secrecy Act, as amended, and its implementing regulations (collectively, the BSA).[10] The BSA statute was enacted in 1970, long before money laundering was a criminal offense and, for many years, was the main weapon used to prosecute money laundering. The BSA provides the Secretary of the Treasury with the authority to require financial institutions to file reports, maintain records, and take other AML measures useful for criminal, tax, and regulatory investigations and proceedings, combatting terrorism, and national security purposes. The BSA statutory requirements generally are not self-executing and must be implemented by regulation. In some cases, financial institutions are also subject to parallel requirements from their primary federal regulator or their self-regulatory organization (SRO), such as the Financial Industry Regulatory Authority (FINRA).

Any discussion about the Bank Secrecy Act requirements must come with a warning that they are undergoing change. More than four years ago, FinCEN began an initiative to make BSA compliance and enforcement more effective and efficient with an emphasis on better public-private information sharing, application of modern technology to compliance, and a more risk-based approach to compliance. On January 1, 2021, Congress enacted the Anti-Money Laundering Act of 2020 (AML Act), which is the most comprehensive set of reforms to the AML laws in the United States since the USA PATRIOT Act was passed in 2001.[11] Its provisions are largely aimed at increasing BSA/AML effectiveness and modernization and expanding BSA/AML enforcement authority and tools.

A key development in the AML Act is a requirement that certain companies report beneficial ownership information to FinCEN, which will maintain a nonpublic corporate registry of beneficial ownership information.[12] The lack of requirement for corporations to provide beneficial ownership information at the state or federal level in the United States has long been seen by law enforcement as a loophole that criminals can exploit. This section of the AML Act, known as the Corporate Transparency Act or CTA, is designed to close that loophole and address the longstanding problem of money laundering through shell corporations. Information in FinCEN’s corporate registry will be available to law enforcement and regulators under certain circumstances and subject to the reporting company’s consent, the information will also be accessible to financial institutions with customer due diligence obligations to facilitate their compliance with those requirements. FinCEN is in the multi-year process of establishing the registry, including by issuing implementing regulations.[13]

Other provisions in the AML Act: (i) significantly expand the AML/BSA whistleblower award program; (ii) increase penalties for certain BSA/AML violations; (iii) increase government resources for combatting money laundering, including by providing FinCEN with special hiring authority and creating domestic and foreign liaison roles within FinCEN; (iv) require FinCEN to update current BSA regulations and guidance; (v) provide additional statutory authority for DOJ to seek documents from foreign financial institutions; and (vi) promote public-private collaboration in efforts to combat money laundering and terrorist financing.[14] Many of the AML Act’s provisions, like the CTA, must be imposed through BSA regulations before they go into effect. Those regulations are currently under consideration and at various stages in the regulatory process.

BSA Scope

The BSA statute broadly defines what constitutes a “financial institution.”[15] To date, AML program requirements have been imposed by BSA regulation on:

  • Banks (including thrifts and credit unions)

  • Broker-dealers in securities

  • Futures commission merchants and introducing brokers in commodities

  • Mutual funds

  • Insurance companies[16]

  • Money services businesses (MSBs)[17]

  • Casinos and card clubs

  • Dealers in precious metals, jewels, and stones

  • Operators of credit card systems (like Visa, Mastercard, Discover, and American Express)

  • Nonbank residential mortgage lenders and originators

  • Housing government-sponsored enterprises (Fannie Mae and Freddie Mac)

Treasury is considering how to address the risk posed by Registered Investment Advisors (RIAs), including whether impose BSA requirements on them by regulation.[18]

Under the AML Act, FinCEN must promulgate regulations imposing BSA requirements on persons engaged in the trade of antiquities and provide Congress with a study on the extent to which trade “in works of art” figures in money laundering and terrorist financing, and whether BSA requirements should apply to art dealers. FinCEN issued an Advance Notice of Proposed Rulemaking soliciting views on applying BSA requirements on persons involved in the trade of antiquities in September 2021 and is planning to issue a notice of proposed rulemaking with a specific proposal early next year.[19] The required Congressional report on the art industry was published in February 2022 and concluded that applying the BSA to art dealers was not an immediate priority.[20]

Since 2016, through BSA geographic targeting orders (GTOs), FinCEN has required title insurance companies in certain metropolitan areas to report cash (non-financed) sales of higher-end residential real estate purchases by legal entities.[21] Because of the potential risks of money laundering through real estate, FinCEN is actively considering further application of the BSA to the real estate industry.[22]

There are many other businesses listed in the BSA statute that could become subject to BSA requirements by regulation in the future (e.g., other types of loan and finance companies, travel agents, pawnbrokers, and vehicle sellers). However, FinCEN has no immediate plans to regulate these businesses.

The BSA requirements for financial institutions generally do not apply extraterritorially, but only to financial institutions located in the United States. MSBs that conduct business “wholly or in substantial part” in the United States, however, are subject to the BSA requirements for MSBs, even if they have no physical presence in the United States. This authority has been used by FinCEN to reach virtual currency businesses that operate offshore but have substantial U.S. activity.[23]

As used in this article, “financial institution” generally applies broadly to all financial institutions and financial businesses subject to requirements under the BSA. Only certain of these meet the BSA regulatory definition of financial institution.

This document is only available to subscribers. Please log in or purchase access.
Purchase Login
 

About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2023 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings