What Can We Learn from Binance's Problems? | Guidance on Identifying Potential Export Control Evasion | PEP list in the EU | FATF reports | AML news

Welcome to our AML News and Updates Newsletter December 2023 edition. 👏

Stay up to date with main AML news and updates in less than 10 minutes per month!

November was a month with a lot of developments. Let's see an outline of the topics to be covered in this edition:

1. Discussion of the month: Crypto Compliance: What Can We Learn from Binance's Problems?
2. Regulatory Developments:✅ FinCEN and BIS Issue Guidance on Identifying Potential Export Control Evasion✅ Functions within each EU Member State that qualify as PEPs✅ IMF: Countering the Financing of Terrorism: Good Practices to Enhance Effectiveness✅ Reports issued in November 2023 by the FATF✅ FATF Mutual Evaluations and Follow up reports issued in November 2023
3. Other News:

✔️ Australian police arrest 28 over $650 mln crime syndicate

✔️ 566 arrests in week of coordinated actions in Southern Europe

✔️ Europol arrested hackers involved in ransomware attacks

✔️Leading Firm in UK Fined for Anti-Money Laundering Failures

Let's start....

Crypto Compliance: What Can We Learn from Binance's Problems?

In recent years, the cryptocurrency industry has seen an explosive rise, attracting millions of users worldwide. However, this rapid growth has also attracted increased scrutiny 🔎 from regulators, particularly in the area of compliance culture.

The story of Binance, the world's largest cryptocurrency exchange, serves as a wake-up call for companies, highlighting importance of fostering a robust compliance framework.

What exactly happened with Binance❓

In November 2023, Binance faced a series of regulatory actions and penalties for failing to comply with anti-money laundering (AML) and know-your-customer (KYC) regulations.

These actions resulted in a settlement with the U.S. Department of Justice (DOJ), in which Binance agreed to the following:

👉 Forfeit $2.5 billion and pay a criminal fine of $1.8 billion – a total financial penalty of $4.3 billion.

👉 Enter a 5-year monitorship program to ensure Binance's complete exit from the US.

👉 Identify and report to FinCEN the suspicious transactions that it processed and willfully failed to report (more than 100k)

Compliance failures

The DOJ's settlement highlighted several critical shortcomings in Binance's compliance culture. The company was found to have:

✖️ Turned a blind eye to its legal obligations in the pursuit of profit.

✖️ Had an inadequate KYC and AML procedures, allowing criminals to use its platform for illicit activities.

✖️ Willfully failed to report well over 100,000 suspicious transactions that it processed as a result of its deficient controls.

✖️ Willfully enabled hundreds of millions of dollars in transactions between American users and users subject to US sanctions.

✖️ Failed to adequately monitor and investigate suspicious transactions.

✖️ Operated as an unregistered securities exchange.

✖️ Failed to restrict US customers from its platform, despite public statements to the contrary.

What was wrong with Binance's compliance Culture❓

The Binance’s approach to compliance were reflected in multiple internal discussions starting from 2018.

According to Chief Compliance Officer’s communication to employees:

🔷  “Our stance is [n]ot to openly do business with Iran due to sanctions. [I]t affects our banking relationships. I understand that we still support [I]ranian customers but that has to be done non-openly”.

🔷  With respect to users from sanctioned countries, “[w]e are servicing [them] but non-public.” He further added, “[I] [t]old [yo]u we have [I]ranian customers; [the CEO of Binance] knows also. And allows it.”

🔷  Regarding sanctions restrictions in Binance’s Terms of Use the CCO stated: “has to be there to protect us, [it is] protective language. In biz, ceo doesn’t want to enforce.”

🔷  “We currently have users from sanction[ed] countries on Binance, adding that the “[d]ownside risk is if FinCEN or OFAC has concrete evidence we have sanction[ed] users, they might try to investigate or blow it up big on worldstage.”

 🔷 The Deputy Head of Compliance in a communication he explained to the then CCO that “[the CEO] keeps saying that compliance is here to make Binance APPEAR compliant.”

🔷 Additionally, at a point CZ told employees it was “better to ask for forgiveness than permission,” and prioritized Binance’s growth over compliance with U.S. law.

The above communications reveal the real stance that Binance held in regard to compliance and confirm that the company's management did not take compliance seriously.

How about personal liability❓

While personal liability for compliance failures is still a not such a common occurrence, due to the seriousness of the case, Binance CEO Changpeng Zhao (CZ) and Chief Compliance Officer (CCO) were also fined 💲50 million and 💲1.5 million, respectively.

 CZ faces up to 10 years in prison (but may get no more than 18 months under a plea deal).

 These individual penalties underscore the personal responsibility that senior managers have in ensuring that their companies adhere to compliance regulations.

 Lessons Learned from Binance's Compliance Failures

 Binance’s compliance failures underscore the importance of fostering a strong compliance culture. Non-compliance can have severe consequences, including financial penalties, reputational damage, and even criminal charges.

 Here are some key takeaways from the Binance case:

✅ Compliance is an ongoing process: Compliance is not a one-off task. It requires continuous monitoring and improvement.

✅ Compliance is a cultural issue: Top management must not treat compliance as an afterthought or a box to be checked. Instead, they must embed compliance into the organization's culture, values, and everyday operations.

✅ Compliance is not unique to financial institutions: All entities subject to AML laws must have a robust compliance program in place.

Final thoughts

Regardless of your industry or size, establish a comprehensive compliance program tailored to your specific risk profile. Some best practices for entities to prepare for AML compliance are:

📌 𝐒𝐭𝐚𝐫𝐭 𝐞𝐚𝐫𝐥𝐲: Use the 𝒄𝒐𝒎𝒑𝒍𝒊𝒂𝒏𝒄𝒆-𝒃𝒚-𝒅𝒆𝒔𝒊𝒈𝒏 approach, embedding compliance into the development and operation of products, services and processes.

📌 𝐆𝐞𝐭 𝐞𝐱𝐩𝐞𝐫𝐭 𝐚𝐝𝐯𝐢𝐜𝐞: Employ an AML consultant who can help businesses develop and implement an effective AML compliance program.

📌 𝐔𝐬𝐞 𝐭𝐞𝐜𝐡𝐧𝐨𝐥𝐨𝐠𝐲: Technology can help businesses automate AML processes and improve their ability to identify and report suspicious transactions.

📌 𝐓𝐫𝐚𝐢𝐧 𝐞𝐦𝐩𝐥𝐨𝐲𝐞𝐞𝐬: All employees should be trained on AML risks, their personal legal liability and how to identify suspicious transactions. 

And remember: Non-compliance can be more expensive than compliance!

FinCEN and BIS Issue Guidance on Identifying Potential Export Control Evasion

 FinCEN and the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) have issued guidance to financial institutions. This guidance outlines a set of red flags that can help identify potential attempts to circumvent export controls, particularly those related to advanced and critical technologies.

 Additionally, FinCEN and BIS announced a new SAR key term to support financial institutions in reporting potential efforts to evade U.S. exports controls beyond the Russia-related circumstances that were the focus of prior alerts.

 Red the guidance here.

Functions within each EU Member State that qualify as PEPs

In accordance with Article 20a (3) of the Fourth Anti-Money Laundering Directive (AMLD4), the European Commission is responsible for compiling a single list of all public functions within each Member State that qualify as prominent public functions (PEPs) under national laws, regulations, and administrative provisions.

 On November 10, 2023, the aforementioned list of prominent public functions at the national, international organization, and EU institutions and bodies levels was published and you can access it in the EU Official Journal.

IMF: Countering the Financing of Terrorism: Good Practices to Enhance Effectiveness

The International Monetary Fund (IMF) has issued  a comprehensive guide to combat money laundering and countering financing of terrorism for policymakers and practitioners. The report has six chapters:

1. Improving the understanding of terrorist financing
2. The role of the private sector in detecting and disrupting terrorist financing activities
3. The production and use of financial intelligence to counter terrorism and terrorist financing
4. Investigating, prosecuting, and sanctioning terrorism financiers
5. Terrorism-related targeted financial sanctions
6. International cooperation in combating the financing of terrorism.

You can download the report here.

Reports issued in November 2023 by the FATF

Following its recent plenary meeting that took place in October 2023, the Financial Action Task Force (FATF) has issued in November the following reports aiming to assist countries to mitigate specific risks related to the following: 

• Misuse of Citizenship and Residency by Investment Programmes
• Best Practices on Combating the Abuse of Non-Profit Organisations
• Recovering International Proceeds of Crime through Inter-Agency Networks
• Illicit Financial Flows from Cyber-enabled Fraud

 The FATF also issued a table which provides an up-to-date overview of the ratings that assessed countries obtained for effectiveness and technical compliance of the FATF recommendations based on the Mutual Evaluations Reports.

FATF Mutual Evaluations and Follow up reports issued in November 2023

In November 2023, the FATF along with FATF-Style Regional Bodies (FSRBs) issued the following follow-up reports:

• Suriname
• Turks and Caicos Islands
• South Africa
• Cambodia
• Thailand
• Myanmar
• Mongolia

Australian police arrest 28 over $650 mln crime syndicate

Australian police have arrested 28 people in an operation against one of the most powerful criminal networks in the country's history.

The syndicate, that police said originated from Lebanon, is alleged to be linked to the movement of over AU$1 billion ($648.9 million) through firearm, drug, tobacco, and money laundering offences.

Police have seized two tonnes of prohibited drugs and precursor drugs with a street value of over AU$130 million, along with 25 firearms, nearly $3.5 million in cash and cryptocurrency, $3 million worth of luxury watches and a Lamborghini.

Source: Reuters

566 arrests in week of coordinated actions in Southern Europe

 Law enforcement authorities across Europe joined forces to target firearms trafficking, drug trafficking, migrant smuggling and trafficking in human beings, and high-risk criminal networks during coordinated EMPACT Joint Action Days South East Europe (EMPACT JAD SEE).

 As a result there were 566 arrests:

• 218 related to migrant smuggling
• 186 related to drug trafficking
• 69 related to firearms trafficking
• 89 related to other crimes

 Source: Europol

Europol arrested hackers involved in ransomware attacks

Europol and its global law enforcement partners have apprehended five individuals suspected of involvement in a series of ransomware attacks that have victimized over 1,800 individuals worldwide.

The arrests, which included the 32-year-old ringleader of the criminal organization and four of his most active accomplices, were the outcome of a series of raids conducted at 30 properties across Ukraine, according to Europol’s statement. The suspects' identities have not been disclosed.

 Source: Europol

Leading Firm in UK Fined for Anti-Money Laundering Failures

In a recent regulatory settlement agreement, the Solicitors Regulation Authority (SRA) has fined Ashfords, a prominent law firm in the South-West, £101,357 for failing to adequately address money laundering red flags in three property transactions. This marks the second time in three years that Ashfords has been fined by the SRA for anti-money laundering (AML) oversights.

Read more here.

That's all for this month! 👋

Stay tuned for next month's AML News and Updates!

Best

Anna

Founder

AML Cube Consulting and Education