United States financial regulators have, in recent years, cemented their standing as the most active out of all jurisdictions globally. In 2022 alone, the US issued $3 billion in enforcement fines to financial institutions (FIs), almost three quarters of the global total of $4.2 billion.
2023 has proved no different. US regulators have not taken their foot off the gas when it comes to enforcing - and evolving - anti-money laundering (AML) and countering the financing of terrorism (CFT) rules. In the first six months of 2023, US financial institutions paid out 83% ($157,263,860) of the total penalty dollars, despite comprising only 10% of the world’s regulatory violations.
High-value penalties for compliance breaches are more likely to come from US regulators than any other jurisdiction.
In November 2023, FinCEN and the Office of Foreign Assets Control (OFAC) jointly pursued and won a settlement into the billions of dollars- $4.3 billion to be exact- against one of the world’s largest crypto firms for sanctions violations. This represents the largest penalty in the history of both FinCEN and the US Treasury.
The Securities and Exchange Commission (SEC) and the Commodities and Futures Trading Commission (CFTC) have issued several fines to FIs exceeding the $1 billion mark in 2023. As we enter 2024, FIs need to be aware of the areas of compliance and risk that will be at the forefront of the US regulatory agenda, and ask how can they prepare?
A Regulatory Reckoning: What’s in Store for Crypto, AML, and ESG
US regulatory authorities face growing pressure from the government in Washington, D.C. to clamp down on cryptocurrency and digital assets in light of ongoing conflict in Eastern Europe and the Middle East. This is due to concerns about crypto providing a means for criminal organizations or corrupt government officials to avoid financial sanctions.
Cryptocurrency has been regarded suspiciously by US regulators, as evidenced by several high-profile legal cases, enforcement actions, and criminal convictions of founders in the past few years. SEC Chairman Gary Gensler has referred to the sector as “a Wild West” yet has also said “nothing about the crypto markets is incompatible with the securities law”, suggesting the problem the SEC has with crypto firms is perhaps down to a lack of compliance with US regulatory frameworks than the emerging technology itself.
In 2022, fines to crypto financial institutions and their employees for AML breaches reached $193 million, rising by 92% when compared to 2021. All but one of these fines were issued by US regulators, highlighting cracking down on crypto as a priority issue in the region. While we are seeing a higher standard of compliance across established financial institutions in our annual research of global financial institution enforcement actions, the crypto industry has a lot of catching up to do.
It’s also not the first time that crypto has been a priority issue, right from the top of US lawmaking. Last year, in 2022, the White House issued its first-ever comprehensive framework for responsible development of digital assets – highlighting it as a priority area of technology development.
In November 2023, the SEC revealed it had levied a total of $5 billion in fines and other financial penalties over the previous fiscal year. Much of this figure can be attributed to breaches related to AML regulations and to the crypto sector, which the SEC had given particularly close scrutiny through several landmark legal cases.
The recent announcement of its 2024 examination priorities is also telling of what the next year will hold for crypto firms and other FIs under its remit, namely an intention to increase in-person fieldwork, and an increased focus on compliance with new rules and AML requirements.
While Environmental, Social, and Governance (ESG) was notably absent from the SEC’s priorities list, AML considerations focused on ensuring FIs:
- Have AML programs that are tailored to their individual business models and associated financial crime risks
- Conduct independent testing
- Meet obligations around Suspicious Activity Report (SAR) filing
- Ensure compliance with sanctions such as the Office of Foreign Assets Control (OFAC) sanctions
- Establish an adequate program to identify and report on beneficial owners of customer entities
The regulation of crypto assets and crypto providers is set to remain a focus for the SEC, as it plans to examine how companies involved with crypto assets meet and follow compliance standards, deal with risk, and ensure operational resiliency. 2023 was a landmark year for crypto in the US, with multiple lawsuits and fines against firms operating within the country or offering digital assets to US customers citing concerns around consumer protection.
In June 2023, FinCEN published its Spring 2023 Rulemaking Agenda, which proposed timelines for key rulemakings coming up before the end of the year. The regulatory body will continue to focus on issuing regulations as outlined by the Corporate Transparency Act (CTA) and the Anti-Money Laundering Act of 2020 (AMLA 2020).
The key highlights of the agenda reveal a planned focus on areas like:
- Beneficial ownership information (BOI) reporting
- Sharing of SARs information between branches for multijurisdictional FIs
- Implementation of section 6314 of AMLA 2020 and the Whistleblower Improvement Act, to enhance whistleblower incentives and protections
FinCEN is tasked with a large remit when it comes to implementing AML legislation and acting against firms that violate the rules it issues.
How can US financial institutions meet regulators’ high standards and prepare for 2024?
Equally important to keeping up with and preparing for incoming regulations, is being prepared to respond to them. FIs must keep up with emerging technologies, both in financial services and for client management, to ensure their KYC and AML strategies are up to the task of preventing financial crime and, ultimately, mitigating the risk of enforcement actions.
Digitalization of compliance processes brings greater operational efficiencies and operational resilience in financial services, namely by improving flexibility which is necessary to successfully adapt to incoming rules and expectations from regulators.
We will likely see U.S. regulators coming down hard on cryptocurrency and other emerging tech in the coming years, therefore it’s key that fintechs shore up their compliance frameworks to stand up to this scrutiny. As crypto becomes increasingly integrated into the traditional financial ecosystem, both in the US and globally, effective client due diligence for KYC and a cross-border, collaborative approach to combating financial crime is becoming even more crucial for FIs to get right.