On June 30, the Financial Crimes Enforcement Network (FinCEN), in conjunction with the Office of Foreign Asset Control (OFAC) and other regulators, issued its first set of national priorities for combating money laundering and countering the financing of terrorism. The priorities are intended to guide financial institutions to focus their anti-money laundering (AML) programs on the most relevant threats to the U.S. financial system and national security. The priorities are: 

• Corruption 
• Cybercrime
• Financing of both domestic and international terrorism 
• Fraud
• Transnational criminal organizations 
• Drug trafficking organization activity 
• Human trafficking and smuggling 
• Proliferation financing

Regulators and the market will evaluate financial institutions based on how their risk-based AML compliance programs incorporate these priorities. Institutions will be expected to incorporate the nuances of these priorities into their customer due diligence processes, real-time transaction monitoring, and risk assessments to ensure that their compliance programs are properly identifying and calibrating risk. Moreover, the companies that are most successful in applying these principles to their risk-based compliance programs will see financial benefits on top of the compliance benefits. Compliance programs that consider and incorporate these priorities, including the nuanced changes discussed in more detail below, will be able to more accurately and efficiently identify AML-related risks, which will allow those companies to lower their risk profiles while increasing their customer bases.  

Background

The Anti-Money Laundering Act of 2020 (AMLA), which was passed on January 1, 2021 as part of the National Defense Authorization Act for Fiscal Year 2020 (NDAA), required Treasury, the U.S. Department of Justice (DOJ), and other regulators to "establish and make public priorities" for combating money laundering by June 30, 2021 and update those priorities at least every four years. 

By the end of the year, FinCEN is required under the AMLA to promulgate regulations related to the national priorities. In statements accompanying the national priorities, the U.S. regulators made explicit that the publication of the priorities does not create an immediate change in Bank Secrecy Act (BSA) requirements or supervisory expectations. Financial institutions will not be required to incorporate the priorities into their risk-based AML programs until the regulations, which will be promulgated later this year, become effective. 

Still, this development will allow financial institutions to start considering how the national priorities affect the potential risks associated with their products, services, customers, and locations. And eventually, the AMLA will require that a bank be supervised and examined based in part on how it has incorporated the priorities into its risk-based BSA compliance program. 

Priorities

The priorities build upon, and are largely in line with, the National Strategy for Combating Terrorist and Other Illicit Financing (National Strategy), which was drafted in 2018 and updated in 2020. The national priorities issued this week do not significantly narrow or focus the risks that AML compliance programs will have to combat from what was previously identified in the National Strategy. However, a close reading of the priorities identifies some nuances in the priorities that could be important for companies considering how to build an effective compliance program. 

Corruption: Corruption has been a part of the National Strategy since 2018, but recent moves from the Biden administration make clear that the administration intends to make corruption enforcement a top priority. In June, the White House issued a National Security Study Memorandum that established countering corruption as a core United States national security interest and directed the National Security Advisor and other administration officials to develop a modern presidential strategy for fighting corruption. Covered institutions will need to continue to consider corruption risk in the jurisdictions in which they operate. In addition, the national priorities, as well as the National Security Study Memorandum, make clear that domestic corruption should also be a priority.

Cybercrime: With the recent uptick in ransomware attacks, it is not surprising that cybercrime features in the first set of national priorities. The priorities touch on two separate aspects of cybercrime. First, covered institutions are in a good position to observe suspicious activity that results from cybercrime and cyber-enabled financial crime through, for example, monitoring transfers controlled by cyber actors. Following the high-profile attack on the Colonial Pipeline, the White House identified combating ransomware as a top priority through for example rapid tracing and interdiction of virtual currency proceeds. Without a doubt, handling of cryptocurrency will be a high priority for risk-based AML compliance programs. Second, the priorities warn of cybercrime targeting the financial institutions themselves, saying that "the size, reach, speed, and accessibility of the U.S. financial system make covered institutions attractive targets to criminals." 

Terrorist Financing and Proliferation Financing: The dual risks of terrorist financing and proliferation financing have been a focus of U.S. regulators since at least September 11, 2001. However, the new priorities expand to cover domestic terrorism. Traditionally, the focus on terrorist financing has focused on foreign groups such as Hezbollah, Al-Qaida, Islamic State in Iraq and Syria (ISIS), and others. The new priorities, on the other hand, highlight the threat of domestic terrorism, noting that the intelligence community has said that "racially or ethnically motivated violent extremists (RMVEs) — primarily those advocating for the superiority of the white race — and anti-government or anti-authority violent extremists are the most lethal domestic violent extremist (DVE) threats." Compliance with sanctions programs are a critical part of tracking terrorist financing and proliferation financing, as are Suspicious Activity Reports (SARs) for terrorist financing transactions. 

Fraud: Fraud is one of the largest drivers of illicit funds in the United States and has always been an important risk factor for AML compliance. However, the national priorities focus on an increasing trend of email account compromise frauds and other cyber-enabled fraud. In addition, the priorities note that fraud related to the COVID-19 pandemic has been a particular concern. 

Transnational Criminal Organizations (TCOs), Drug Trafficking, and Human Trafficking: These three priorities are listed separately but have significant overlap because TCOs include drug trafficking organizations and human trafficking organizations. The priorities note that Mexican and Russian TCOs operating in the United States remain priority threats and certain Africa- and Asia-based TCOs have become more significant in recent years. The priorities also specifically note that there has been a substantial increase in complex schemes to launder drug trafficking proceeds through cash transactions from Mexican Drug Trafficking Organizations (DTOs) to Chinese citizens in the United States, including through front companies. 

In summary, the national priorities build off the prior National Strategy documents and at a broad level are consistent with threats and areas of interest previously identified. For many sophisticated institutions with established AML compliance programs, the priorities are likely already reflected in their programs. But the areas of focus and examples cited in the national priorities give additional insight into policy shifts that institutions would be wise to consider. Though additional guidance will be forthcoming, institutions would be wise to start reviewing their customer due diligence processes and transaction risk-rating metrics to ensure that both focus resources on the areas identified as national priorities. Institutions who can leverage the significant volume of data available to them to make use of these new priorities through, for example, adjusting the risk rating of transactions used for real-time monitoring or more accurately judging the risk level of their customers, will see efficiencies in their compliance programs and lowering of their risk profiles. 

For more information, please contact:

Ian A. Herbert, iherbert@milchev.com, 202-626-1496

Ann Sultan, asultan@milchev.com, 202-626-1474

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.