This monthly roundup of compliance news includes the following articles:
While the benefits of cryptocurrencies have been widely publicized for their potentially lucrative investment opportunity and legitimate uses to improve global payment efficiency, their high degree of user anonymity poses significant challenges to the financial services industry. As there are over 1,000 digital currencies in the market today and regulation of the industry varies significantly from country to country, the use of cryptocurrency is thwarting global efforts to comply with anti-money laundering/counter-terrorist financing (AML/CTF) laws, regulations and guidance.
The Financial Action Task Force (FATF) has been warning law enforcement and the financial services industry for some time that cryptocurrencies are particularly vulnerable to money laundering and terrorist financing abuse. The magnitude of these risks is highlighted in a recent report from Europol, the primary law enforcement agency of the European Union (EU), which notes that a significant volume (at least $4 billion) of illicit proceeds is being cleansed through cryptocurrencies annually.
Earlier this year, the Venezuelan government announced the launch of a national cryptocurrency, Petro, as a remedy to help improve the country’s current crisis-ridden economic state. This attempted use of cryptocurrency to evade U.S. sanctions against the country has heightened law enforcement’s attention to this medium of exchange. In response, in March 2018 the Trump administration signed an Executive Order prohibiting U.S. persons from engaging in transactions related to, provision of financing for, and other dealings in any digital currency, digital coin, or digital token issued by, for or on behalf of the Venezuelan government. This sanction is the first of its kind the United States has taken involving a cryptocurrency.
On the same day the Executive Order was issued, the Office of Foreign Assets Control (OFAC) updated its sanctions compliance frequently asked questions (FAQs) to include five new FAQs on digital currencies, specific to compliance obligations related to handling digital currencies, OFAC’s authority to sanction users of digital currencies for illicit purposes, and the identification of digital currencies on the Specially Designated Nationals (SDN) and Blocked Persons List.
Cryptocurrencies possess several characteristics that make them attractive to users, including the ability of users to conduct peer-to-peer transactions globally and efficiently, with minimal total ownership costs. Criminals are attracted to the currency, as it provides users with an unprecedented level of anonymity when transacting. Generally, criminals can take advantage of cryptocurrencies to launder illicit funds in the following ways:
- Placement: Criminals can purchase cryptocurrency using illicit funds directly by using a pseudonym through encrypted email services, anonymous e-wallets and/or virtual private networks (VPNs).
- Layering: Criminals can mix, or “tumble,” their cryptocurrency to protect privacy and disguise traceability.
- Integration: Criminals can use portable software programs to store cryptocurrencies, “crypto wallets,” in concert with various money laundering intermediaries to transport currency and withdraw smaller amounts of money through multiple accounts and different financial institutions. Collectively, these tactics allow illicit funds to be transferred with minimal suspicion.
These recent regulatory sanctions are likely to be followed by other, similar actions to the extent that other governments or U.S.-sanctioned criminals launch new and/or utilize existing cryptocurrencies in a manner viewed as evading U.S. sanctions. Financial institutions should take steps to prevent the illicit use of cryptocurrencies by prioritizing their reviews of their internal AML/CTF controls designed to detect crime through cryptocurrency transactions. Specifically, financial institutions should take steps to help ensure the legitimacy of customers’ sources of wealth and funds, and develop robust customer profiles as the AML/CTF risks vary across cryptocurrency players, such as miners and traders.
Further, institutions should consider calibrating their transaction monitoring systems to detect transactions originating from or destined to digital currency exchanges or digital currency ATM kiosks and should pay close attention to transactions that occur near well-known digital money laundering hubs or are associated with government regimes contemplating the issuance or use of existing government-backed digital currency.
The Financial Stability Board (FSB), which monitors the global financial system, periodically issues studies and provides guidance to financial institutions and global regulators. In March 2018, the FSB published final supplementary guidance pertaining to its 2009 Principles for Sound Compensation Practices on compensation at significant financial institutions. The FSB advised these institutions to adjust compensation for all types of risk.
At the center of the guidance is the effective use of compensation tools based on strong governance and management of conduct risk through prudent compensation and robust performance management practices. The supplementary guidance provides these financial institutions and their global regulators with a framework to consider how compensation practices and tools, such as in-year bonus adjustments, malus (defined as deferred compensation reductions) and claw-backs, can be used to reduce misconduct risk and address misconduct incidents.
The FSB indicated that since the issuance of its Principles guidance in 2009, regulators and financial institutions have directed considerable attention to improving the link between risk governance and compensation practices to more effectively align compensation with sound risk-taking behavior. However, significant, well-publicized incidents of misconduct at financial institutions continue to be identified. In 2015, the FSB launched a work plan to reduce this misconduct. The supplementary guidance forms part of that overall plan.
The FSB guidance focuses on financial institutions that global regulatory authorities might consider to be “significant,” particularly those considered to be large, systemically important firms. Although it does not establish additional principles or standards beyond those already set out in the Principles, it does provide recommendations on better practices. The supplementary guidance consists of eight recommendations for firms and supervisors in three parts:
- The governance of compensation and misconduct risk. Specifically, the FSB assigns responsibility to the board to oversee senior management’s creation and implementation of a compensation system designed to promote ethical behavior while also retaining the ultimate responsibility for ensuring accountability for any misconduct. The FSB tasks senior management with creating sound governance, robust risk management frameworks, and adequate involvement by control functions in design and decision-making. Further, senior management must ensure that business lines communicate and implement expectations for ethical behavior and business practices in compliance with laws, regulations and internal conduct standards.
- Effective alignment of compensation with misconduct risk. Specifically, the guidance advises firms to adjust their compensation for all types of risk, including difficult-to-measure risks that embed non-financial assessment criteria (such as the quality of risk management, the degree of compliance with laws and regulations, and the broader conduct objectives of the financial institution, including fair treatment of customers) into individual performance management and compensation plans. This should also include, through in-year adjustments, malus or claw-back arrangements, which can reduce variable compensation after it is awarded or paid and which are clearly defined in compensation policies and procedures.
- Supervision of compensation and misconduct risk. Specifically, the FSB advises national regulators to set their own clear expectations on the use of compensation tools in addressing misconduct risk and related misconduct outcomes and the criteria for their application.
In the wake of recent incidents within the industry, greater emphasis is being placed on financial institutions to adhere to higher standards of conduct. Standards for risk management are evolving as a result of scrutiny from regulators, boards, customers and other stakeholders to understand how the risk of misconduct is being identified, assessed, monitored and managed across the industry. As a primary area of focus, these institutions should continue to evaluate compensation practices, including:
- Defining risk appetite through allowed and disallowed compensation components
- Establishing risk governance over creation, alignment and approval of incentive compensation programs
- Developing a disciplined risk assessment over incentive compensation programs
- Designing credible challenge standards through design and implementation to evaluate whether objectives are being met
- Establishing effective monitoring to evaluate compliance with requirements, control effectiveness and issue resolution
In the wake of the financial crisis, the Consumer Financial Protection Bureau (CFPB) issued sweeping new rules in 2014 to afford additional protections to consumers in the servicing of mortgage loans. As the mortgage servicing industry has worked to comply with these requirements, the CFPB amended the rule to clarify its original intent, address operational issues with complying with the rule, and in some cases expand compliance requirements.
In August 2016, the CFPB amended the original rule to require mortgage servicers to provide a modified version of the periodic mortgage loan billing statements to borrowers who are in active bankruptcy (previously, a servicer was not required to provide periodic statements to such borrowers). The amendment was based on research conducted by the CFPB that indicated that borrowers in bankruptcy benefit by receiving such information about their mortgage account(s) to ensure their accounts are updated in a timely manner and that payments are correctly posted.
The 2016 amendment required that a mortgage servicer provide a modified periodic statement to borrowers once they entered bankruptcy proceedings. When borrowers exit bankruptcy proceedings, a servicer is required to transition back to providing periodic statements as usual within a single billing cycle. The rule provided that a servicer was exempt from this timing requirement when the payment due date for that billing cycle was less than 14 days after the due date on which a triggering event occurs (i.e., when the borrower enters bankruptcy or exits bankruptcy, or when the court discharges personal liability for the loan).
Mortgage servicers faced implementation challenges, as this requirement was complex and difficult to operationalize. As a result, the CFPB issued a second amendment in March 2018 to change the requirement to send a modified or unmodified periodic statement to such customers from a single billing cycle to a single statement transition period. Mortgage servicers are now exempt from providing a modified periodic statement in the first billing cycle after a borrower files or exits bankruptcy (or it is discharged) and can now provide the first statement to the customer in the subsequent billing cycle.
The amended rule became effective in April 2018; therefore, it is crucial that mortgage servicers evaluate these changes and ensure that they design, implement and validate the effectiveness of the controls necessary to timely and accurately send the modified periodic statements to customers entering bankruptcy proceedings and provide unmodified statements in a timely manner to borrowers who exit bankruptcy.
It is important to note that this newsletter is provided for general information purposes only and is not intended to serve as legal analysis or advice. Companies should seek the advice of legal counsel or other appropriate advisers on specific questions and practices as they relate to their unique circumstances.