Top Story Compliance Related

FinCEN has updated its Beneficial Ownership Information Frequently Asked Questions to include new information for entities that are disregarded for U.S. tax purposes (Question F.13), as well as updated information that addresses the time frame for obtaining an Employer Identification Number (EIN) from the IRS (Question G.3). An in-page search for "July 24" will take you to the end of each of those new FAQs.

The updated FAQ can be downloaded as a 50-page PDF document, where the two new FAQs begin on pages 31 and 33, respectively.

The CFPB yesterday announced it has issued Consumer Financial Protection Circular 2024-04 to law enforcement agencies on whistleblower protections under section 1057 of the Consumer Financial Protection Act (CFPA). The circular explains how companies may be breaking the law by requiring employees to sign broad nondisclosure agreements that could deter whistleblowing. Imposing sweeping nondisclosure agreements that do not clearly permit communication with law enforcement may intimidate employees from disclosing misconduct or cooperating with investigations. This could impede investigations and potentially violate federal whistleblower protections.

In its press release, the CFPB asserts that whistleblowing plays an important role in addressing illegal and unethical misconduct. In the CFPA, Congress included a provision specifically protecting whistleblowers from retaliation for reporting violations of consumer financial protection laws. Although nondisclosure agreements can be entered into for legitimate purposes, such as ensuring the protection of confidential trade secrets, such agreements, depending on how they are worded and the context, could lead employees to believe they would face lawsuits or other retaliation for reporting suspected misconduct to governmental authorities. An employer can significantly reduce the risk of violating whistleblower protections by ensuring that its agreements expressly permit employees to communicate freely with government enforcement agencies and to cooperate in government investigations.

The Treasury Department yesterday announced that, as part of implementing the historic Rebuilding Economic Prosperity and Opportunity for Ukrainians Act (the “REPO for Ukrainians Act”), OFAC has issued a new reporting requirement for financial institutions holding Russian sovereign assets. Under section 104(a) of the Act, all financial institutions at which Russian sovereign assets are located, and that know or should know of such assets, must provide notice of such assets to OFAC no later than August 2, 2024 or within 10 days of the detection of such assets, and can do so via OFAC’s new form, which can be found on OFAC's Reporting System webpage.

The CFPB yesterday announced it was sending 122,507 payments totaling $53,885,244 to consumers harmed by BrightSpeed Solutions and its founder, Keven Howard.

In 2021, the CFPB brought a lawsuit against the privately-owned, third-party payment processor for knowingly facilitating payments for companies that tricked consumers into expensive and unnecessary antivirus software or services. In many cases, targeted consumers were older adults unaware that the services and software were available for free.

The distribution of payments from the CFPB's Civil Penalty Fund was made yesterday through Epiq Systems.

• CFPB sues third-party payment processor (3/4/2021)
• CFPB bans Brightspeed Solutions and former CEO (1/19/2022)

The Treasury Department yesterday reported that OFAC has targeted a network of three individuals associated with the expanded activities of the Islamic State of Iraq and Syria (ISIS) on the African continent. These individuals serve as key financiers and trusted operatives, enabling the activities of ISIS and its leaders across Central, Eastern, and Southern Africa. They also serve as critical links between far-flung ISIS operations, including ISIS affiliates in the Democratic Republic of the Congo (DRC), Mozambique, Somalia, and ISIS cells in South Africa, allowing ISIS leadership to leverage each affiliate’s capabilities to conduct terrorist attacks that undermine peace and security in the region.

Treasury also reported that OFAC has sanctioned two Mexican members of Cartel de Jalisco Nueva Generacion (CJNG) and two Mexican companies.

For the names and identification information of the designated individuals and entities, see this July 23, 2024, BankersOnline OFAC Update.

The Federal Reserve Board has reported it has executed a consent order for the assessment of a $4,800 civil money penalty against North Shore Bank of Commerce, Duluth, Minnesota, for a pattern or practice of violations of Regulation H, 12 C.F.R. § 208.25, which implements the provisions of the National Flood Insurance Act.

Yesterday, OFAC released Guidance on Extension of Statute of Limitations to address questions raised by recent legislation that extended the statute of limitations for violations of certain sanctions that the agency administers. As explained in the guidance, OFAC may now commence an enforcement action for civil violations of International Emergency Economic Powers Act- or Trading with Enemy Act-based sanctions prohibitions within 10 years of the latest date of the violation if such date was after April 24, 2019.

The Treasury Department, on behalf of the Financial Crimes Enforcement Network (FinCEN) has published [89 FR 59805] in today's Federal Register a request for public comment on an information collection associated with requests made to FinCEN by certain persons for beneficial ownership information. Written comments on the proposed information collection are due within 30 days (by August 22, 2024).

The 30-day notice seeks comment on the information to be collected from certain authorized recipients requesting access to beneficial ownership information, consistent with the requirements of the Beneficial Ownership Information Access and Safeguards Rule published on December 22, 2023, and effective since February 20, 2024. The Corporate Transparency Act authorizes government agencies as well as financial institutions and their regulators to obtain beneficial ownership information under certain specified circumstances for national security and law enforcement purposes.

This 30-day notice gives the public an opportunity to comment on: (1) the information to be collected from certain persons requesting beneficial ownership information from FinCEN; and (2) FinCEN’s estimate of the burden involved in the information collection. Comments must be submitted by August 22, 2024.

FinCEN is setting the stage for financial institutions and certain government agencies to have access to Beneficial Ownership Information reported by entities subject to Beneficial Ownership Information Reporting requirements, which is expected to be finalized early in 2025.

The FDIC, Federal Reserve Board, NCUA, and OCC have jointly announced they are requesting comment on a proposal to update their requirements for supervised institutions to establish, implement, and maintain effective, risk-based, and reasonably designed anti-money laundering and countering the financing of terrorism (AML/CFT) programs. The amendments are intended to align with changes concurrently proposed by the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), most of which result from the Anti-Money Laundering Act of 2020 (AML Act).

The proposed amendments would require supervised institutions to identify, evaluate, and document the regulated institution’s money laundering, terrorist financing, and other illicit finance activity risks, as well as consider, as appropriate, FinCEN’s published national AML/CFT priorities. Additionally, and consistent with the AML Act, the proposal would mandate that the duty to establish, maintain, and enforce the AML/CFT program remain the responsibility of, and be performed by, persons in the United States who are accessible to, and subject to the oversight and supervision by, the relevant agency. The proposal also supports institutions’ consideration of innovative approaches to meet compliance obligations.

Comments on the proposal are due 60 days after the date of publication in the Federal Register.

• Interagency Statement on the Issuance of the AML/CFT Program Notices of Proposed Rulemaking
• FDIC FIL-42-2024
• OCC Bulletin 2024-19

The Treasury Department on Friday reported that OFAC has exposed the identity of two members of a Russian government-related hacktivist group, and imposed sanctions on them. OFAC designated Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for their roles in cyber operations against U.S. critical infrastructure. These two individuals are the group’s leader and a primary hacker, respectively.

For identification information on Pankratova and Degtyarenko, see BankersOnline’s July 19, 2024, OFAC Update.