FinCEN’s FY2020 Report to Congress Reveals its Priorities and Performance

FinCEN Needs More Resources – and a TSV SAR Feedback Loop – To Really Make a Difference in the Fight Against Crime & Corruption

Every year each US federal government department and agency submits its Congressional budget justification and annual performance report and plan: essentially a document that says to Congress “here’s our mission, here’s how we did last year, here’s what we need for next year.” FinCEN’s fiscal year 2020 (October 1, 2019 through September 30, 2020) Congressional Budget Justification and Annual Performance Report and Plan is available at


My notes on the 14-page document summarize some of the key aspects of the report.

First is a summary of what FinCEN does: its areas of responsibility. Of note is the seventh area – “bringing together the disparate interests of law enforcement, [158 foreign] FIUs, regulatory partners, and industry”. This is also an admission that the interests of the various public and private sector participants are, in fact, disparate. Which begs the questions “should there be disparate interests?” and “what can we do to bring all these participants together and forge a single, unified interest of safeguarding the financial system from illicit use, combating money laundering, and promoting national security through the strategic use of financial authorities and the collection, analysis, and dissemination of financial intelligence?” (quoting FinCEN’s mission statement).  When it comes to fighting human trafficking, drug trafficking, etc., different perspectives are healthy and expected … competing or disparate interests are counterproductive.

Second, many people will be surprised at just how small FinCEN is – from the number of people to its overall budget – given the importance of its mission. The FY2019 budget called for 332 people and a budget of $115 million. The FY2020 budget proposes an increase to 359 people and a budget of $124.7 million, with the increase in people split between two priority programs: 13 for cybercrime, and 14 for “special measures”, which includes the actual special measures section (section 311) of the Patriot Act, requests to financial institutions for data on foreign financial institution wire transfers, and Geographic Targeting Orders.  As a “participant” for 20+ years, I would like to see what FinCEN could do if it had 659 people and a budget of $224.7 million: perhaps the $100 million to fund FinCEN’s efforts to combat human trafficking, narcotics trafficking, and foreign corruption could come from a 2.8% reduction in the “new drone procurement” budget request of the Department of Defense …

Third, the data on SARs filed, total BSA reports filed, and BSA Database Users is interesting. From FY2014 through FY2018 (actuals) and through FY2020 (estimates), the number of SARs filed has gone from 1.9 million to 2.7 million, an increase of 41.5%. But in the same period, the total number of BSA reports filed – including SARs – has gone from 19.2 million to 20.9 million, an increase of only 9.2%. That tells us two things: SARs are estimated to make up about 1 out of every 8 BSA reports filed in FY2020 compared to 1 out of every 10 BSA reports filed in FY2014 (a positive trend); and the total number of non-SAR BSA filings has essentially been the same for the last 7 years. In other words, the number of CTRs, CMIRs, and FBARs is not going up.

Fourth, there is the axiomatic, reflexive gripe that the SAR database is a black-hole: that financial institutions file SARs then never hear anything back from FinCEN or law enforcement as to whether those SARs are meaningful, effective, useful.  But look at the following from page 12:

FinCEN monitors the percentage of domestic law enforcement and regulators who assert queried BSA data led to detection and deterrence of illicit activity. This performance measure looks at the value of BSA data, such as whether the data provided unknown information, supplemented or expanded known information, verified information, helped identify new leads, opened a new investigation or examination, supported an existing investigation or examination, or provided information for an investigative or examination report. In FY 2018, FinCEN narrowly missed its target of 86 percent with 85 percent of users finding value from the data. FinCEN will work toward increasing its FinCEN Portal/FinCEN Query training efforts to provide more users with the knowledge needed in order to better utilize both FinCEN Portal and FinCEN Query. In FY 2019, the target is set at 86 percent and 87 percent in FY 2020.

Looking at this in a positive light, there appears to be a feedback loop between the users of BSA data – law enforcement and the regulators – and FinCEN, where law enforcement and regulators can assert – therefore they can determine – whether BSA data (mostly SARs and CTRs) led to detection and deterrence of illicit activity: whether the data provided unknown information, supplemented or expanded known information, verified information, helped identify new leads, opened a new investigation or examination, supported an existing investigation or examination, or provided information for an investigative or examination report.

The feedback loop between the users of BSA data (law enforcement, regulators, and FinCEN) must be expanded to include the producers (financial institutions) of BSA data

I have written previously about the need to provide financial institutions with more feedback on the 20 million+ BSA reports they produce every year. See, for example: https://regtechconsulting.net/uncategorized/rules-based-monitoring-alert-to-sar-ratios-and-false-positive-rates-are-we-having-the-right-conversations/

In that article, I introduced something I call the “TSV” SAR, or “Tactical or Strategic Value” SAR. I wrote:

How do you determine whether a SAR provides value to Law Enforcement? One way would be to ask Law Enforcement, and hope you get an answer. That could prove to be difficult.  Can you somehow measure Law Enforcement interest in a SAR?  Many banks do that by tracking grand jury subpoenas received to prior SAR suspects, Law Enforcement requests for supporting documentation, and other formal and informal requests for SARs and SAR-related information. As I write above, an Alert-to-SAR rate may not be a good measure of whether an alert is, in fact, “positive”. What may be relevant is an Alert-to-TSV SAR rate.  What is a “TSV SAR”? A SAR that has Tactical or Strategic Value to Law Enforcement, where the value is determined by Law Enforcement providing a response or feedback to the filing financial institution within five years of the filing of the SAR that the SAR provided tactical (it led to or supported a particular case) or strategic (it contributed to or confirmed a typology) value. If the filing financial institution does not receive a TSV SAR response or feedback from law enforcement or FinCEN within five years of filing a SAR, it can conclude that the SAR had no tactical or strategic value to law enforcement or FinCEN, and may factor that into decisions whether to change or maintain the underlying alerting methodology. Over time, the financial institution could eliminate those alerts that were not providing timely, actionable intelligence to law enforcement, and when that information is shared across the industry, others could also reduce their false positive rates.

Tactical or Strategic Value (TSV) SAR Feedback Loop

It appears that there are already mechanisms in place for law enforcement and the regulators to determine whether the 20 million CTRs and SARs that are being filed every year provide unknown information, supplement or expand known information, verify information, help identify new leads, open a new investigation or examination, support an existing investigation or examination, or provide information for an investigative or examination report. There is a way – there is always a way if there is the will – to provide that information to the private sector filers of the CTRs and SARs. Perhaps there is a member of Congress out there that could tweak FinCEN’s Fiscal Year 2020 budget request a little bit to give it the people power and monetary resources to begin developing a TSV SAR Feedback loop. We’d all benefit.

“Get off the Pot on Pot!” – A Panel of (Two of) Three Judges of the 2nd Circuit Court of Appeals Suggests the Administration Needs to Act on Marijuana Rescheduling

Patients, Veterans, and African‐American businessman Challenge the DOJ and DEA on Marijuana Scheduling

“This is the latest in a series of cases that stretch back decades and which have long sought to strike down the federal government’s classification of
marijuana as a Schedule I drug under the Controlled Substances Act (CSA) … The current case is, however, unusual in one significant respect: among the Plaintiffs are individuals who plausibly allege that the current scheduling of marijuana poses a serious, life‐or‐death threat to exhaust their administrative remedies before seeking relief from us, but we are troubled by the Drug Enforcement Administration (DEA)’s history of dilatory proceedings. Accordingly, while we concur with the District Court’s ruling, we do not dismiss the case, but rather hold it in abeyance and retain jurisdiction in this panel to take whatever action might become appropriate if the DEA does not act with adequate dispatch.”

The case is available at http://www.ca2.uscourts.gov/:

Court of Appeals Docket #: 18-859 Docketed: 03/29/2018
Nature of Suit: 2440 CIVIL RIGHTS-Other
Washington v. Barr
Fee Status: Paid
Case Type Information:
     1) Civil
     2) United States
     3) –
Originating Court Information:
     District: 0208-1 : 17-cv-5625
     Trial Judge: Alvin Hellerstein, U.S. District Judge

As the Court indicates, the plaintiffs all have compelling reasons to have the Government act. The plaintiffs are:

  1. An African‐American businessman working in the medical marijuana space. He would like to expand his business into whole‐plant cannabis products and take advantage of the federal Minority Business Enterprise Program, but, he alleges, he is impeded from so doing by the drug’s scheduling.
  2. The Cannabis Cultural Association, Inc. (CCA) is a not‐for‐profit organization dedicated to assisting people of color develop a presence in the cannabis industry. CCA is particularly focused on the way past convictions for possession, cultivation, distribution, and use of marijuana have disproportionately affected people of color and prevented minorities from participating in the new state‐legal marijuana industry.
  3. Two children with dreadful medical problems. [One] suffers from chronic and intractable seizures; [the other] from Leigh’s disease. They allege that they exhausted traditional treatment options before finding success medicating with cannabis. They claim that marijuana has saved their lives. Because of its Schedule I classification, however, they cannot bring their life‐saving medicine with them when they travel onto federal lands or into states where marijuana is illegal. For [one], these travel limitations also mean that she cannot take full advantage of the veteran’s benefits to which she is entitled through her father. In addition, both live in constant fear that their parents might be subject to arrest and prosecution for their involvement in their children’s medical treatment.
  4. One is a veteran of the war in Iraq and suffers from post‐traumatic stress disorder. After his honorable discharge, he became suicidal and was adjudged 70% disabled. He alleges that he pursued conventional therapies unsuccessfully. In despair, he turned to medical marijuana. This, he claims, has allowed him to manage his symptoms. He further asserts, like [another plaintiff], that marijuana’s Schedule I classification restricts his ability to travel and to take full advantage of his veteran’s benefits.
  5. Defendants are the United States, the Attorney General, the Department of Justice, the Acting Administrator of the DEA, and the DEA itself. They are
    responsible for implementing the CSA and, more particularly, for updating the classification of controlled substances.
The CSA Scheduling Process

The Court describes the process used to schedule, reschedule, or deschedule drugs in footnote 3 on page 8 of its May 30th order:

The CSA places in the Attorney General the power to schedule, reschedule, or deschedule drugs. See 21 U.S.C. § 811(a). The Attorney General has promulgated rules delegating this power to the head of the DEA. See 28 C.F.R. § 0.100(b). The CSA further requires that, before scheduling, rescheduling, or descheduling a drug, the Attorney General “shall . . . request from the Secretary [of Health and Human Services] a scientific and medical evaluation[ of the drug], and [the Secretary’s] recommendations, as to whether such drug or other substance should be so controlled or removed,” which “shall be binding on the Attorney General as to such scientific and medical matters.” 21 U.S.C. § 811(b). The process for reviewing a drug’s scheduling can be initiated by the Attorney General, the Secretary of Health and Human Services, or “on the petition of any interested party.” Id. § 811(a).

And then at page 13:

When Congress enacted the CSA, it put, by legislative fiat, certain drugs directly into schedules. See Controlled Substances Act, Pub. L. No. 91‐513, § 202, 84 Stat. 1236, 1247‐52 (1970) (codified at 21 U.S.C. § 812); see also Gonzales v. Raich, 545 U.S. 1, 14 (2005). But the statute contemplated that these initial lists would be regularly revised and updated by the Attorney General, in consultation with the Secretary of Health and Human Services, and that this would be done according to a specific procedure and set of standards.

It is Health & Human Services, not the DOJ or the DEA, that will decide whether to reschedule marijuana

The Court considered the plaintiffs’ arguments that the former Attorney General and Administrator of the DEA were biased against marijuana, and thus would not act appropriately. But the Court concludes that any bias by the AG or DEA is not relevant, because “on the medical and scientific claims central to Plaintiffs’ argument, it is the opinion of the Secretary of Health and Human Services that matters, not the judgment of the Attorney General or the head of the DEA.”

How long does it take to decide petitions to reschedule drugs? Nine years.

“Plaintiffs argue that the administrative process will prolong their ordeal intolerably. And their argument is not without force. Plaintiffs document that the average delay in deciding petitions to reclassify drugs under the CSA is approximately nine years.”

Rescheduling marijuana requires action by the Administration

At page 16:

A sensible response to our evolving understanding about the effects of marijuana might require creating new policies just as much as changing old ones. This kind of constructive governmental work, mixing adjudication and program‐design, creating policy through the balancing of competing legitimate interests, is not generally best accomplished by federal courts on their own; it is, however, the stock‐in‐trade of administration. See, e.g., James M. Landis, The Administrative Process (1938). Assuming, of course, that one can get the administrative agency to act.

It is this last sentence – assuming, of course, that one can get the administrative agency to act – that is the key aspect of this decision, and how the Court left it.

Conclusion: The Court warns the Administration to get off the pot on pot, or it will step in

At pages 25-26:

Unless the Plaintiffs seek agency review and so inform us within six months, we will affirm the District Court’s judgment dismissing this case. (And if only some Plaintiffs seek agency review, we will dismiss the complaint as to those who do not.) But if Plaintiffs do seek agency review, and the agency fails to act with alacrity, Plaintiffs may return directly to us, under our retained jurisdiction. To be clear, we repeat that this case remains in our purview only to the extent that the agency does not respond to Plaintiffs with adequate, if deliberate, speed. In other words, we retain jurisdiction exclusively for the purpose of inducing the agency to act promptly.

Artificial Intelligence – Who Is On The Hook When Things Go Wrong With Your AI System? You Are!

“Organisations and individuals developing, deploying or operating AI systems should be held accountable for their proper functioning”

For all the upstart fintechs out there that are trumpeting their innovative Artificial Intelligence-based solutions that can solve a financial institution’s financial crimes problems! … note that you may be held accountable when that AI system doesn’t quite turn out like your marketing materials suggested. Legal responsibility for something you design, build, and deploy is not a new concept, but how that “something” – in this case, the AI system you developed and installed at a client bank – actually works, and reacts, and adapts, over time could very be new ground that hasn’t been explored before. But many smart people are thinking about AI developers’ accountability, and other AI-related issues, and many of those have produced some principles to guide us as we develop and implement AI-based systems.

On May 22, 2019 the OECD published a Council Recommendation on Artificial Intelligence. At its core, the recommendation is for the adoption of five complimentary “value-based principles for responsible stewardship of trustworthy artificial intelligence. The link is Artificial intelligence and the actual recommendation is https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0449#_ga=2.200835047.853048335.1559167756-681244095.1559167756

What’s the big deal about artificial intelligence?

The OECD recognized a number of things about AI that are worth including:

  • AI has pervasive, far-reaching and global implications that are transforming societies, economic sectors and the world of work, and are likely to increasingly do so in the future;
  • AI has the potential to improve the welfare and well-being of people, to contribute to positive sustainable global economic activity, to increase innovation and productivity, and to help respond to key global challenges;
  • At the same time, these transformations may have disparate effects within, and between societies and economies, notably regarding economic shifts, competition, transitions in the labour market, inequalities, and implications for democracy and human rights, privacy and data protection, and digital security;
  • Trust is a key enabler of digital transformation; that, although the nature of future AI applications and their implications may be hard to foresee, the trustworthiness of AI systems is a key factor for the diffusion and adoption of AI; and that a well-informed whole-of-society public debate is necessary for capturing the beneficial potential of the technology, while limiting the risks associated with it;
  • Given the rapid development and implementation of AI, there is a need for a stable policy environment that promotes a human-centric approach to trustworthy AI, that fosters research, preserves economic incentives to innovate, and that applies to all stakeholders according to their role and the context;
  • certain existing national and international legal, regulatory and policy frameworks already have relevance to AI, including those related to human rights, consumer and personal data protection, intellectual property rights, responsible business conduct, and competition, while noting that the appropriateness of some frameworks may need to be assessed and new approaches developed; and
  • Embracing the opportunities offered, and addressing the challenges raised, by AI applications, and empowering stakeholders to engage is essential to fostering adoption of trustworthy AI in society, and to turning AI trustworthiness into a competitive parameter in the global marketplace.

What is “Artificial Intelligence”?

The recommendation includes some helpful definitions of the major terms:

Artificial Intelligence System: a machine-based system that can, for a given set of human-defined objectives, make predictions, recommendations, or decisions influencing real or virtual environments. AI systems are designed to operate with varying levels of autonomy.

Artificial Intelligence System Lifecycle: four phases which can be sequential but may be iterative:

(i) design, data and models – a context-dependent sequence encompassing planning and design, data collection and processing, as well as model building;

(ii) verification and validation;

(iii) deployment; and

(iv) operation and monitoring

Artificial Intelligence Actors: AI actors are those who play an active role in the AI system lifecycle, including organisations and individuals that deploy or operate AI.

Is an OECD Recommendation binding on a country that has adopted it?

OECD Recommendations are not legally binding but they are highly influential and have many times formed the basis of international standards and helped governments design national legislation. For example, the OECD Privacy Guidelines adopted in 1980 and stating that there should be limits to the collection of personal data underlie many privacy laws and frameworks in the United States, Europe and Asia.

So the AI Principles are not binding, but the OECD provided five recommendations to governments:

  1. Facilitate public and private investment in research & development to spur innovation in trustworthy AI.
  2. Foster accessible AI ecosystems with digital infrastructure and technologies and mechanisms to share data and knowledge.
  3. Ensure a policy environment that will open the way to deployment of trustworthy AI systems.
  4. Empower people with the skills for AI and support workers for a fair transition.
  5. Co-operate across borders and sectors to progress on responsible stewardship of trustworthy AI.

Who developed the OECD AI Principles?

The OECD set up a 70+ member expert group on AI to scope a set of principles. The group consisted of representatives of 20 governments as well as leaders from the business (Google, Facebook, Microsoft, Apple, but not any financial institutions), labor, civil society, academic and science communities. The experts’ proposals were taken on by the OECD and developed into the OECD AI Principles.

What is the Purpose of the OECD Principles on AI?

The OECD Principles on Artificial Intelligence promote artificial intelligence (AI) that is innovative and trustworthy and that respects human rights and democratic values. The OECD AI Principles set standards for AI that are practical and flexible enough to stand the test of time in a rapidly evolving field. They complement existing OECD standards in areas such as privacy, digital security risk management and responsible business conduct.

What are the OECD AI Principles?

The Recommendation identifies five complementary values-based principles for the responsible stewardship of trustworthy AI:

1. Inclusive growth, sustainable development and well-beingAI systems should be designed in a way that respects the rule of law, human rights, democratic values and diversity, and they should include appropriate safeguards – for example, enabling human intervention where necessary – to ensure a fair and just society. And AI should benefit people and the planet by driving inclusive growth, sustainable development and well-being.

The actual text reads: “Stakeholders should proactively engage in responsible stewardship of trustworthy AI in pursuit of beneficial outcomes for people and the planet, such as augmenting human capabilities and enhancing creativity, advancing inclusion of underrepresented populations, reducing economic, social, gender and other inequalities, and protecting natural environments, thus invigorating inclusive growth, sustainable development and well-being.

2. Human-centred values and fairness AI actors should respect the rule of law, human rights and democratic values, throughout the AI system lifecycle. These include freedom, dignity and autonomy, privacy and data protection, non-discrimination and equality, diversity, fairness, social justice, and internationally recognized labor rights. To this end, AI actors should implement mechanisms and safeguards, such as capacity for human determination, that are appropriate to the context and consistent with the state of art.

3. Transparency and explainabilityAI Actors should commit to transparency and responsible disclosure regarding AI systems. To this end, they should provide meaningful information, appropriate to the context, and consistent with the state of art to foster a general understanding of AI systems, to make stakeholders aware of their interactions with AI systems, including in the workplace, to enable those affected by an AI system to understand the outcome, and, to enable those adversely affected by an AI system to challenge its outcome based on plain and easy-to-understand information on the factors, and the logic that served as the basis for the prediction, recommendation or decision.

4. Robustness, security and safetyAI systems should be robust, secure and safe throughout their entire lifecycle so that, in conditions of normal use, foreseeable use or misuse, or other adverse conditions, they function appropriately and do not pose unreasonable safety risk. To this end, AI actors should ensure traceability, including in relation to datasets, processes and decisions made during the AI system lifecycle, to enable analysis of the AI system’s outcomes and responses to inquiry, appropriate to the context and consistent with the state of art. And AI actors should, based on their roles, the context, and their ability to act, apply a systematic risk management approach to each phase of the AI system lifecycle on a continuous basis to address risks related to AI systems, including privacy, digital security, safety and bias.

5. AccountabilityAI actors should be accountable for the proper functioning of AI systems and for the respect of the above principles, based on their roles, the context, and consistent with the state of art. Organisations and individuals developing, deploying or operating AI systems should be held accountable for their proper functioning in line with the above principles.

What countries belong to the OECD?

Australia, Austria, Belgium, Canada, Chile, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Israel, Italy, Japan, Korea, Latvia, Lithuania, Luxembourg, Mexico, Netherlands, New Zealand, Norway, Poland, Portugal, Slovak Republic, Slovenia, Spain, Sweden, Switzerland, Turkey, United Kingdom, United States

Colorado: The Epicenter of Black Market Marijuana in the United States?

Forty-two Individuals Arrested In One Of The Largest Black Market Marijuana Takedowns In Colorado History

A two year investigation by dozens of federal, state, county, and local law enforcement agencies in the Greater Denver area culminated in the exercise of 255 search warrants on 247 homes and 8 businesses. The result was that law enforcement found 240 residential grows, arrested 42 individuals, seized 80,000 plants and 2.5 tons of finished marijuana. In 7 federal criminal cases and 6 federal civil forfeiture cases, the government is seeking forfeiture of 41 homes, $2.2 million in cash, and 25 vehicles – the 41 homes all had grow operations with at least 100 plants, many with more than 1,000 plants. Colorado law allows no more than 12 plants in home grows

Some of the statements of the lead agencies’ heads are telling:

  • US Attorney for Colorado: “Colorado has become the epicenter of black market marijuana in the United States … this investigation may be just the tip of the iceberg.”
  • DEA Special Agent in Charge (Denver): “this marijuana issue is out of control in Colorado.”
  • 18th Judicial District (Denver) District Attorney: Colorado is becoming “the wild west of weed.”

Looking at the names of the 15 defendants in the 7 federal criminal cases, my guess is that these cases will have similar fact patterns to the US v Li case from March 2019 filed in the Central District of California. See the story from March 14, 2019 https://regtechconsulting.net/uncategorized/illegal-cannabis-grows-shell-companies-straw-buyers-border-searches-beneficial-owners-and-gtos/.

The US Attorney’s press release is at https://www.justice.gov/usao-co/pr/forty-two-individuals-arrested-one-largest-black-market-marijuana-takedowns-colorado

Cannabis Payment Card Company Runs Afoul of Oregon’s Money Transmitter Laws

Walnut Creek, California-based Linx Card., Inc., a “Trusted Payment Solution for Dispensaries”, Fined $200,000

On May 16, 2019, Linx Card, Inc. (“Linx”) entered into an order with Oregon’s Department of Consumer and Business Services, Division of Financial Regulation, and agreed to a fine of $200,000 for operating as an unlicensed money transmitter under Oregon law.

The Order sets out exactly how Linx operated to facilitate payments in Oregon cannabis retailers. According to the Order:

  • Since [February 2017] Linx operated in Oregon as a business that allows consumers to transfer funds from their personal credit or debit cards onto reloadable payment cards (the “Linx Card”), a physical card with a magnetic stripe, similar to most credit or debit cards.
  • Linx has contracted with marijuana dispensaries to create a network of dispensaries that accept Linx Cards. As part of this network, participating marijuana dispensaries distribute the Linx Cards to consumers on Linx’s behalf and assist consumers to load funds onto their Linx Cards. To load these funds, the participating marijuana dispensary swipes a consumer’s credit or debit card in a card reader provided by Linx.
  • Funds loaded onto a Linx Card are transferred from a consumer’s credit or debit card to an account owned and controlled by Linx. A participating dispensary does not receive or control any funds as part of the process to load funds onto a Linx Card. After a consumer makes a purchase using a Linx Card, funds are transferred from Linx’s account to the participating dispensary where the purchase was made.
  • Any funds loaded onto a Linx Card are redeemable only at marijuana dispensaries that participate in Linx’s network, where consumers may use those funds to purchase marijuana products or other goods sold at such dispensaries.
  • After the initial purchase of a Linx Card and loading of funds on that card, consumers may load additional funds onto their Linx Cards at a participating marijuana dispensary or online at Linx’s website. Consumers may also maintain a balance of unused funds on their Linx Cards.
  • When consumers load funds onto their Linx Cards, Linx charges them a fee or fees. Between February 6, 2017, and July 31, 2018, approximately 50,005 Oregon consumers made 129,676 load transactions and paid $375,970 in fees to Linx. Consumers have continued to make load transactions and pay fees to Linx.

The Order then provides that, following conversations with the Division, a wholly-owned subsidiary of Linx – GiVV, Inc. – applied for an Oregon money transmitter license in December 2018 and that license was issued on May 1, 2019.

I’ll get back to GiVV, Inc. First, though, to the violations and penalty.

The Director of the Division concluded that Linx is the issuer and seller of a “payment instrument” (the Linx card), and Linx is in the business of receiving money from consumers for transmission, and transmitting money from consumers to marijuana dispensaries that participate in the Linx network, which makes Linx a money transmitter under Oregon (and federal) law.

The penalties are stiff: a civil penalty in an amount not to exceed $1,000 for each violation or, in the case of a continuing violation, $1,000 for each day that the violation continues.  The Director fond this to be a continuing violation (continuing since February 6, 2017), and assessed a civil penalty of $200,000. The Director ordered $100,000 to be paid immediately, and the remaining $100,000 suspended for three years and, if Linx complies with the Oregon Money Transmitters Act and the terms and conditions of the Order, the $100,000 would be waived.

What about GiVV, Inc.? According to publicly available sources, GiVV, Inc. is an Australian entity, registered in California (CA entity C3836387) linked to someone named Chris Grant Foster. See www.egivv.com. It appears that GiVV has the merchant account side of the business (rather than the consumer side), and uses a Merchant Category Code of 5947 – Gift, Card, Novelty Stores – for its marijuana retailer/dispensary merchant customers.

Linx Card, Inc. is also a California registered entity (C3986647) managed and controlled by Patrick Hammond (who signed the order on behalf of Linx) with an address of 1990 N. California Blvd, 8th Floor, Walnut Creek, California. According to publicly available information, which I can’t confirm other than to know that it was publicly available, the process for consumers in the marijuana retailer is as follows:

  • The marijuana consumer gives the Budtender his or her ID and a bank debit or credit card.
  • Budtender opens the Linx terminal and uses the consumer’s ID to create a Linx account.
  • Budtender enters the purchase amount and a load fee of $3.00 to “load” the card.
  • Budtender swipes the credit/debit card, then enters the credit/debit card number to load the Linx card
  • The Linx system draws down the Linx card and credits the dispensary’s Linx account.
  • The issuer of the Linx gift card appears to be, or perhaps was, Security State Bank out of St. Paul, Minnesota.
  • Transactions appear on the consumer’s credit or debit card statements as “GiVV, Inc.”, not the cannabis retailer.

We’ll have to wait and see if FinCEN comes down on Linx Card, Inc., GiVV, Inc. or any of their principals or beneficial owners for operating as an unlicensed money remitter under federal law: 18 USC s. 1960.

The Oregon order is available at https://dfr.oregon.gov/AdminOrders/enf-orders-2019/LinxConsentOrderSIGG.pdf

Thanks to Adam Crabtree of NCS Analytics for the heads up on this case: https://www.ncsanalytics.com/

314(a) Information Requests – Can A Bank Research a Name in 4 Minutes or Less?

A call to action for all US financial institutions!

On May 7, 2019, FinCEN published a “Notice and Request for Comments” in the Federal Register that sought comments from the public on its renewal, without change, of the 314(a) Program … the program created by section 314(a) of the USA PATRIOT Act of 2001, and established by regulations published on September 26, 2002, where law enforcement, through FinCEN, can ask covered financial institutions to search their customer and transactional records for names of persons and entities believed to be involved in terrorist financing or money laundering.

The notice is at https://www.regulations.gov/document?D=FINCEN-2018-0017-0001 but I couldn’t find any reference on FinCEN’s website to indicate that it published the Notice and Request for Comments.

The original 2002 regulation gave federal law enforcement agencies the ability to use 314(a). The regulation was revised in 2010 to give certain non-federal law enforcement entities access to 314(a). This Notice and Request for Comments only applies to the non-federal law enforcement entities: footnote 4 on page 20000 of the Federal Register notice provides ” this renewal applies only to the use of the 314(a) Program with respect to queries initiated by non-Federal law enforcement entities.”

Under the Paperwork Reduction Act, each such notice requires a statement of how many entities are affected by the notice or proposed rule, and how much time each of those entities will take to comply.

Here’s where it gets interesting …

14,463 financial institutions receive 314(a) requests that come from non-federal law enforcement agencies

FinCEN writes that “On an annual basis, there are approximately 14,643 covered financial institutions, consisting of certain commercial banks, savings associations, and credit unions, securities broker-dealers, future commission merchants, certain trust companies, life insurance companies, mutual funds and money services businesses.” (footnote 5)

And how many 314(a) requests does FinCEN send to these 14,463 financial institutions that do not originate with federal law enforcement agencies?

FinCEN sends ninety (90) requests a year under section 314(a) that do not originate with federal law enforcement agencies

Footnote 6 provides the details: “Estimated cases/subjects per annum subject to the [Paperwork Reduction Act] include, 10 from FinCEN, 50 from state/
local law enforcement, and 30 from European Union countries approved by treaty, for a total of 90 requests per annum, with each request containing an average of 7 subjects (including aliases).”

How much time is spent responding to each request?

According to FinCEN, it takes a bank 4 minutes on average to determine if a 314(a) name is a match on its customer and transactional systems

Footnote 6 continues with this: “Each subject requires 4 minutes to research, resulting in (90 × 7 × 4 ÷ 60) = 42 hours per year.”

Does it really take only 4 minutes to scour bank records to determine if there is a match?

What does the 314(a) regulation require of financial institutions? 31 CFR s.1010.520(b)(3) sets out the two “obligations of a financial institution receiving an information request” – searching records and, if there is a name match, to report to FinCEN:

(i) Record search. Upon receiving an information request from FinCEN under this section, a financial institution shall expeditiously search its records to determine whether it maintains or has maintained any account for, or has engaged in any transaction with, each individual, entity, or organization named in FinCEN’s request. A financial institution may contact the law enforcement agency, FinCEN or requesting Treasury component representative, or U.S. law enforcement attaché in the case of a request by a foreign law enforcement agency, which has been named in the information request provided to the institution by FinCEN with any questions relating to the scope or terms of the request. Except as otherwise provided in the information request, a financial institution shall only be required to search its records for:

(A) Any current account maintained for a named suspect;

(B) Any account maintained for a named suspect during the preceding twelve months; and

(C) Any transaction, as defined by §1010.505(d), conducted by or on behalf of a named suspect, or any transmittal of funds conducted in which a named suspect was either the transmittor or the recipient, during the preceding six months that is required under law or regulation to be recorded by the financial institution or is recorded and maintained electronically by the institution.

(ii) Report to FinCEN. If a financial institution identifies an account or transaction identified with any individual, entity, or organization named in a request from FinCEN, it shall report to FinCEN, in the manner and in the time frame specified in FinCEN’s request, the following information:

(A) The name of such individual, entity, or organization;

(B) The number of each such account, or in the case of a transaction, the date and type of each such transaction; and

(C) Any Social Security number, taxpayer identification number, passport number, date of birth, address, or other similar identifying information provided by the individual, entity, or organization when each such account was opened or each such transaction was conducted.

So … given a name, the financial institution needs to search all of its customer systems going back twelve months, and all of its transaction systems going back six months, to look for name matches and, if there is a match, to report back to FinCEN.  This process takes much longer than four minutes.

The most important part of the entire Notice came at the end of footnote 6, where FinCEN wrote: “For the 2016 renewal of this information collection, FinCEN did not receive any public comments regarding the estimate of 4 minutes.”

Action Required – Financial Institutions, Let FinCEN Know How Long It Takes to Comply With 314(a) Requests!

I strongly urge financial institutions to submit comments to FinCEN by the deadline date of July 8, 2019, to let it know how long it actually takes to comply with 314(a) requests.

44% of UK Solicitors Tested Are Not Meeting ML/TF Regulatory Requirements – but Unlike Their American Counterparts, At Least They Have Regulatory Requirements

A review by the UK’s Solicitors Regulation Authority (SRA) results in 44% of solicitor firms tested will be subject to disciplinary process. That’s bad, but what is worse is that US lawyers performing the same type of work are not subject to equivalent regulations

There are 7,000 regulated law firms in England and Wales that are subject to the anti-money laundering program and reporting regulations promulgated as a result of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Act 2017. Among other things, those firms are required to have a risk-based ML/TF compliance program, including customer due diligence and suspicious activity reporting requirements.

Note 1: not all “lawyers” are subject to these regulations. In the UK (and Canada) lawyers are either barristers – representing clients in criminal and civil proceedings in court – or solicitors – acting for clients in all other legal matters. The ML/TF regulations apply, generally, to solicitors, or “independent legal professionals and trust of company service providers” that provide “legal or notorial services to other persons, when participating in financial or real property transactions concerning” the buying or selling of real property and businesses, managing client money or asserts, opening and management of bank, savings, or securities accounts, and creating companies, trusts, and foundations. Put simply, financial, company, or property transactional work outside the court systems is covered by the ML/TF program and reporting requirements.

Note 2: the money laundering and terrorist financing compliance program requirements address at least (or only) three (3) of the enumerated thirty-eight (38) risks identified by the SRA in its Regulatory Risks Index. Ten (10) of the risks relate to the market and are not given a “severity” score: twenty-eight (28) of the risks relate to individual firms and are given a severity risk. Those risks range from a low of 4% for geographical or jurisdictional conflicts to a high of 96% for misuse of money or assets. The mean (average) risk is 43%, and the median (middle) risk is 38%. The second highest severity score was for criminal association (77%), the third highest was for money laundering (73%), and the fourth highest was for bribery and corruption (67%). Other than stealing clients’ money, the Solicitors Regulation Authority considers financial crimes – associating with criminals, money laundering, and bribery and corruption – to be the risks with the greatest severity. So with such severe risk, one would assume that firms would be serious about their compliance requirements: the results of the SRA’s review suggest otherwise.

In 2018 the SRA reviewed the programs of 59 law firms. On May 7, 2019 the SRA published the results. The actual report is at Go to the review. The press release is at https://www.sra.org.uk/sra/news/press/aml-tcsp-review-2019.page.

The SRA’s press release provided as follows:

A review has shown that a significant minority of law firms are not doing enough to prevent money laundering, with some falling seriously short.

The review did not find evidence of actual money laundering or that firms had any intention of becoming involved in criminal activities. However, it did find a range of breaches of the 2017 Money Laundering Regulations, as well as poor training and processes.

One of the biggest areas of concern was firms’ risk assessments. A firm risk assessment is required in legislation and should be the backbone of a firm’s anti-money laundering approach. We found that more than a third (24) of firms reviewed fell short in this area, including four that had no risk assessment at all.

There were also issues around appropriate customer due diligence. This included inadequate processes in almost a quarter (14) of firms to manage risks around Politically Exposed Persons, known as PEPs. However, in some instances effective customer due diligence did result in firms turning down work. Fifteen firms had done this, with one of the main reasons being evasive clients.

As a result of the review we have put 26 firms [out of 59] into our disciplinary processes. We have also published a warning notice reminding the profession of their obligations, particularly in relation to firm risk assessments. And we have begun a further review of 400 other law firms to check compliance with the Governments 2017 Money Laundering Regulations. This review will be led by a new dedicated anti-money laundering unit, being set up to bolster resources to prevent and detect money laundering.

But as important as what the press release did include is what it did not include. According to the actual report:

“Firms had raised low numbers of internal suspicious activity reports (ISARs).” The actual data, represented by the graphic below, suggests an even bleaker picture: only three (3) of fifty-nine (59) firms  – or one out of twenty – averaged more than one internal report on potential suspicious activity per year.  And the report noted that “only 10 firms had submitted SARs in the last 24 months”, but like the ISAR data, the actual SAR data was even more bleak, with only two (2) of the fifty-nine (59) firms filing more than one SAR a year over the last two years. 

Other results are worth highlighting:

  • two firms failed to consider the countries that they operate in and failed to have a PEP process in place
  • two firms failed to consider the geographical location of their clients or the nature of their firm’s work
  • five firms failed to consider the types of transactions that they undertake. They also failed to provide information and procedures in their AML policy about scrutinising complex and/or unusual transaction or transactions that have no apparent economic or legal purpose
  • one firm failed to address how they deliver legal services and also acknowledged that they do not see 5% of their clients
  • five firms that did not have a file [client] risk assessment process in place. This is concerning and suggests that some firms are not systematically addressing money laundering issues. This undermines the ability of fee earners to detect issues, report concerns and mitigate risks.
  • nine firms that had a [client risk assessment] process in place, but the fee earner was unable to provide an adequate risk assessment for each file. These failures suggest some firms struggle to monitor the compliance levels of fee earners and/or fail to implement the process/policy
  • We made eight referrals into our disciplinary processes about inadequate AML policies. This included one referral for a complete lack of written policies
  • of the 59 firms we visited, the fee earner we spoke to at 10 of the firms (17%) was unable to provide the relevant CDD for each of their files
  • eight files did not contain adequate information and/or recorded evidence about beneficial owners of the relevant trust or company
  • eight firms had no PEP process. These firms were referred into our disciplinary process

These same firms are advising financial institutions on how to comply with UK AML laws and regulations. It is inconceivable that these firms would ignore their own advice – assuming it is good advice – by having programs that have inadequate risk assessments, missing or inadequate customer due diligence files, no or inadequate internal processes for escalating unusual or potentially suspicious activity, and missing SARs. In fairness, though, where five firms have no programs, fifty-four have programs; where eight firms have no PEP process, fifty-one have a PEP process. And, as the headline indicates, at least the UK solicitors are equal partners with their financial institution clients in the global fight against money laundering and terrorist financing … unlike their American counterparts.

Regulators Testify on BSA/AML

Sed quis custodiet ipsos Custodes

But who will guard the guards themselves? – Roman poet and satirist Juvenal, c. 100 AD

On May 15, 2019 the Senate Banking Committee held a hearing on “Oversight of Financial Regulators”. The link to the hearing is:


The heads of the OCC, FDIC, and NCUA, and the head of regulatory supervision of the Board of Governors of the Federal Reserve, submitted written statements and testified. Anti-money laundering (AML) and its regulatory regime under the Bank Secrecy Act (BSA) were touched on by three of the four witnesses in their written statements.

The OCC’s Comptroller, Joseph Otting, had the following:

“Compliance risk remains elevated as banks seek to manage money-laundering risks in a complex, dynamic operating and regulatory environment.”

“My priorities also include improving the efficiency and effectiveness of Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) regulations, supervision, and examination, while continuing to support law enforcement, protect the financial system from those who seek to exploit it for illicit and illegal purposes, and reduce the burden of BSA/AML compliance.”

And under the heading “Bank Secrecy Act and Anti-Money Laundering”, the Comptroller wrote:

The BSA and AML laws and regulations exist to protect our financial system from criminals who would exploit that system for their own illegal purposes or use that system to finance terrorism. While regulators and the industry share a commitment to fighting money laundering and other illegal activities, the process for complying with current BSA/AML laws and regulations has become inefficient and costly. It is critical that the BSA/AML regime be updated and enhanced to address today’s threats and better use the capabilities of modern technology to protect the financial system from illicit activity.

The OCC has taken a leadership role in coordinating discussions with the FDIC, Board of Governors of the Federal Reserve System, National Credit Union Administration, Treasury’s Office of Financial Intelligence, and FinCEN to identify and implement ways to improve the efficiency and effectiveness of BSA/AML regulations, supervision, and examinations, while continuing to meet the requirements of the statute and regulations, support law enforcement, and reduce BSA/AML compliance burden. In October 2018, these agencies released a joint statement clarifying ways in which community banks with a lower BSA risk profile may be able to increase efficiency and reduce burden in their BSA/AML compliance programs by sharing BSA resources. The statement describes how these banks can effectively use collaborative arrangements to share human, technology, or other resources related to BSA compliance to reduce costs, increase operational efficiency, and leverage specialized expertise.

More recently, in December 2018, these agencies issued a joint statement encouraging banks to take innovative approaches to meet their BSA/AML compliance obligations. The statement recognizes significant potential for technological innovation to transform BSA/AML compliance. In addition to assisting banks’ efforts to control their costs, innovation is increasingly necessary to counter constantly changing threats, as illicit financing methods evolve to exploit vulnerabilities in existing systems. The statement makes clear the agencies are committed to continued engagement with the private sector to modernize and innovate in their BSA/AML compliance programs. The OCC is actively engaged in discussions with banks and other stakeholders regarding ways to explore enhanced technology usage while maintaining the current strong protections for the financial system.

The OCC also has identified areas in which legislative changes could increase the impact and efficiency of BSA/AML regulation and compliance programs. The OCC generally supports legislative changes that would reduce unnecessary industry burden and compliance costs and allow for more effective information sharing related to illicit finance. These include requiring a regular review of BSA/AML regulations to identify those that could be strengthened, refined or to reduce unnecessary burden, and providing safe harbors to promote sharing of information.

The written statements of Jelena Williams, Chair of the FDIC, and Randal K. Quarles, Vice Chair for Supervision for the Federal Reserve, did not include anything on BSA/AML.

The written statement of Rodney E. Hood, Chairman of the National Credit Union Administration (NCUA), included the following on BSA/AML (footnotes omitted):

Ensuring Compliance with the Bank Secrecy Act The NCUA takes seriously its obligations to supervise federal credit unions for compliance with the various BSA and AML laws and regulations. As technology has become embedded in financial systems, even small financial institutions like credit unions can be vulnerable to illicit finance activity. The NCUA examines federal credit union compliance with BSA during every examination that we conduct. Additionally, the NCUA assists state regulators by conducting BSA examinations in federally insured, state-chartered credit unions where state resources are limited. In 2018, the NCUA conducted 3,308 BSA examinations in federal credit unions.

The NCUA’s BSA reviews are risk-focused and include a set of core procedures that cover an institution’s compliance with the pillars of the BSA. These core procedures are based on the FFIEC examination procedures we issue jointly with the other federal financial regulatory agencies. In addition to the core procedures, examiners are trained and directed to tailor examinations based on the unique risk characteristics of each federal credit union. Federal credit unions that have diverse platforms with higher risk activities will receive an expanded review tailored to the unique risk characteristics they present. Conversely, examinations of smaller, low-risk credit unions are appropriately scaled to minimal necessary procedures consistent with their risk characteristics and our obligations under the FCU Act.

The NCUA coordinates regularly with our counterparts as the other federal financial regulatory agencies, as well as the Financial Crimes Enforcement Network (FinCEN). The NCUA actively participates in the Bank Secrecy Act Advisory Group (BSAAG) and the FFIEC BSA Working Group. Additionally, the NCUA is part of a recently established interagency working group to improve effectiveness and streamline, where possible, our regulations and supervisory processes. The working group recently issued a Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing, as well as an Interagency Statement on Shared BSA Resources. Both joint statements provide appropriate information for institutions to leverage resources and new technologies to improve and streamline their BSA compliance obligations. The NCUA intends to continue to foster collaborative working relationships with our regulatory counterparts, including FinCEN. I believe that this is especially important in addressing substantial concerns related to the proliferation of cash-based businesses, which further necessitates reforming and modernizing the BSA regime.

Finally, the NCUA also communicates with the credit union industry through numerous channels, including: BSAAG participation and outreach; assistance and participation in national events applicable to the BSA attended by credit union industry professionals and leaders; and through periodic and ongoing training via webinars. The NCUA continues to maintain transparency in its policy positions. To that end, the agency publishes our examination and policy manuals, as well as nearly all guidance and directives provided to examiners related to the supervisory process or examinations.

I’ve highlighted three excerpts from Comptroller’s Otting’s statement:

It is critical that the BSA/AML regime be updated and enhanced to address today’s threats and better use the capabilities of modern technology to protect the financial system from illicit activity.

The agencies issued a joint statement encouraging banks to take innovative approaches to meet their BSA/AML compliance obligations. The statement recognizes significant potential for technological innovation to transform BSA/AML compliance.

The OCC generally supports legislative changes that would reduce unnecessary industry burden and compliance costs and allow for more effective information sharing related to illicit finance. These include requiring a regular review of BSA/AML regulations to identify those that could be strengthened, refined or to reduce unnecessary burden, and providing safe harbors to promote sharing of information.

Comptroller Otting’s testimony – and indeed the actions of the OCC and the other regulators – around the encouragement of innovative uses of technology is a very positive for all financial institutions struggling to balance the competing and sometimes conflicting interests and perspectives of their regulators, their customers, and law enforcement. The promotion of sharing information is also very positive: financial institutions working individually will never fulfill their regulatory obligations effectively or efficiently, and can only do so by sharing information with other institutions. Big data intelligence and collaborative investigations are the future of BSA/AML.

The Plaintiffs Trump v Democrat-controlled House Committees’ Subpoenas

One key question – do the Committees’ investigations have a valid legislative purpose? – brings Anti-Money Laundering investigations and legislation into the spotlight

Posted May 11, 2019 with an update from one court’s decision on May 20, 2019

I am not offering an opinion, one way or another, on the relative merits of the parties’ allegations: I am pointing out that these cases could have an impact on AML programs and professionals.

In two different federal courts in a span of seven days, President Trump and various companies he owned or controlled, directly or indirectly (or owns or controls, directly or indirectly, through a trust or otherwise, or otherwise has or had an interest in), and in the New York case, three of his children (all collectively referred to “the Plaintiffs Trump”), sought to quash a number of subpoenas issued by three Democrat-controlled U.S. House of Representative committees. In both cases, the plaintiffs Trump argued that the Democrats or Democrat-controlled committees:

“ignored the constitutional limits on Congress’ power to investigate. Article I of the Constitution does not contain an ‘Investigations Clause’ or an ‘Oversight Clause.’ It gives Congress the power to enact certain legislation. Accordingly, investigations are legitimate only insofar as they further some legitimate legislative purpose. No investigation can be an end in itself. And Congress cannot use investigations to exercise powers that the Constitution assigns to the executive or judicial branch.”

In the Washington DC case, the Plaintiffs Trump allege:

“[the] subpoena … lacks a legitimate legislative purpose. There is no possible legislation at the end of this tunnel; indeed, the Chairman does not claim otherwise. With this subpoena, the Oversight Committee is instead assuming the powers of the Department of Justice, investigating (dubious and partisan) allegations of illegal conduct by private individuals outside of government. Its goal is to expose Plaintiffs’ private financial information for the sake of exposure, with the hope that it will turn up something that Democrats can use as a political tool against the President now and in the 2020 election.”

In the New York case, the Plaintiffs Trump allege:

“The subpoenas … lack any legitimate legislative purpose. There is no possible legislation at the end of this tunnel; indeed, the Committee Chairs have not claimed otherwise. With these subpoenas, the Committees are instead assuming the powers of the Department of Justice, investigating (dubious and partisan) rumors of illegal conduct by private individuals, many of whom are outside of government. Their goal is to rummage around Plaintiffs’ private financial information in the hope that they will stumble upon something they can expose publicly and use as a political tool against the President.”

The cases are very similar and involve the same four basic principles of law: the scope of the investigatory powers of Congress, whether and to what extent the various committees have the power to investigate, whether a committee has a “valid legislative purpose” in issuing a subpoena, and the role of the courts in quashing Congressional subpoenas. In the DC case, the “valid legislative purpose” or purposes involve conflicts of interest and financial disclosure issues: in the New York case, those purposes involve compliance with banking regulations, money laundering, industry-wide compliance with anti-money laundering policies, the use of anonymous corporations as vehicles to launder illicit funds, and transparency regarding ownership of anonymous shell corporations generally.

For AML professionals, the New York case should be watched closely to see if there is any impact on AML legislation, regulation, and expectations.

The Washington DC Case – Federal District Court, District of Columbia, Civil Case Number 19CV01136 –filed April 22, 2019

In this case, President Trump and various Trump-owned and/or controlled (previously or currently, directly or indirectly through trusts or otherwise) companies, sued Elijah Cummings in his official capacity as Chairman of the House Committee on Oversight & Reform, and Mazars USA LLP. The opening two paragraphs of the complaint paint the picture:

“The Democrat Party, with its newfound control of the U.S. House of Representatives, has declared all-out political war against President Donald J. Trump. Subpoenas are their weapon of choice.”

“This case involves one of those subpoenas. Last week, Defendant Elijah E. Cummings invoked his authority as Chairman of the House Oversight Committee to subpoena Mazars USA LLP—the longtime accountant for President Trump and several Trump entities (all Plaintiffs here). Chairman Cummings asked Mazars for financial statements, supporting documents, and communications about Plaintiffs over an eight-year period—mostly predating the President’s time in office.”

(One week after the complaint was filed, the parties agreed to, essentially, dismiss the case against the accounting firm and the Chairman of the House Committee, and substitute as the sole defendant the actual Committee, to be represented by the Office of General Counsel of the House of Representatives).

On May 9th, Judge Amit Mehta issued an order that has the effect of turning the May 14th hearing on the preliminary injunction into a trial on the merits: the Judge will hear arguments on the 14th and then decide whether the subpoena shall stand or not.

The New York Case – Federal District Court, Southern District of New York, Civil Case Number 19CV03826 – filed April 29, 2019

This complaint is very similar to the complaint filed in Washington DC the prior week. Here, President Trump, a number of his companies, and three of his children (Donald Jr., Eric, and Ivanka: again, “the Plaintiffs Trump”) brought a civil complaint against two of the Plaintiffs Trump’s banks, Deutsche Bank and Capital One, to prevent the banks from responding to subpoenas issued by the House Permanent Select Committee on Intelligence and the House Financial Services Committee. Among other allegations, the Plaintiffs Trump pleaded that the subpoenas “have no legitimate or lawful purpose”, are “to harass” the President, “to rummage through every aspect of his personal finances” and are intended to “ferret about” for incriminating information. And as in the DC case, the Plaintiffs Trump also argue that the Committees are exceeding their constitutional powers:

“The Committees have ignored the constitutional limits on Congress’ power to investigate. Article I of the Constitution does not contain an ‘Investigations Clause’ or an ‘Oversight Clause.’ It gives Congress the power to enact certain legislation. Accordingly, investigations are legitimate only insofar as they further some legitimate legislative purpose. No investigation can be an end in itself. And Congress cannot use investigations to exercise powers that the Constitution assigns to the executive or judicial branch.”

“The subpoenas to Deutsche Bank and Capital One lack any legitimate legislative purpose. There is no possible legislation at the end of this tunnel; indeed, the Committee Chairs have not claimed otherwise. With these subpoenas, the Committees are instead assuming the powers of the Department of Justice, investigating (dubious and partisan) rumors of illegal conduct by private individuals, many of whom are outside of government. Their goal is to rummage around Plaintiffs’ private financial information in the hope that they will stumble upon something they can expose publicly and use as a political tool against the President.”

On May 3rd the plaintiffs filed a Motion for Preliminary Injunction to prevent the defendant banks from responding to the subpoenas. The two Committees intervened, and were added as Intervenor-Defendants (“real parties in interest”) and are represented by the Office of General Counsel of the U.S. House of Representatives. The parties agreed on a schedule for submitting replies to the Motion and for a hearing date – May 15th.

On May 10th the House filed its Opposition to the Trump motion. Among other things, the Opposition addresses the Plaintiffs Trump arguments about the powers of the Congressional committees and their motives in issuing the subpoenas:

  • “Mr. Trump’s request for a preliminary injunction betrays a fundamental misunderstanding of the powers of the Legislative Branch under our constitutional scheme and is flatly inconsistent with nearly a century of Supreme Court precedent.”
  • “Contrary to Mr. Trump’s allegation that the Committees are merely attempting to expose his finances, the Committees are investigating serious and urgent questions concerning the safety of banking practices, money laundering in the financial sector, foreign influence in the U.S. political process, and the threat of foreign financial leverage, including over the President, his family, and his business.”
  • “The Committees are conducting wide-ranging investigations of issues bearing upon the integrity of the U.S. financial system and national security, including bank fraud, money laundering, foreign influence in the U.S. political process, and the counterintelligence risks posed by foreign powers’ use of financial leverage.”

The House Opposition provides some details on what the two committees are investigating. The details relating to the Committee on Financial Services are particularly interesting for AML professionals. That Committee is:

“… investigating serious issues regarding compliance with banking regulations, loan practices, and money laundering … the movement of illicit funds throughout the global financial system … the questionable financing provided to President Trump and the Trump Organization by banks like Deutsche Bank to finance his real estate properties …. industry-wide compliance with banking statutes and regulations, particularly anti-money laundering policies … the use of anonymous corporations as vehicles to launder illicit funds through legitimate investments and enterprises …”

And “[t]he Committee is considering legislation that would increase transparency regarding ownership of anonymous shell corporations generally.”

As of this writing, the Plaintiffs Trump have not yet replied to the House Opposition to their motion.

Update May 20, 2019 – In the District of Columbia case, the District Court judge upheld the Committee’s subpoena and ordered the accounting firm to comply with the subpoena. The Plaintiffs Trump have indicated they will appeal that decision.

In his written opinion, the Judge began with the following (citations omitted):

“I do, therefore, . . . solemnly protest against these proceedings of the House of Representatives, because they are in violation of the rights of the coordinate executive branch of the Government, and
subversive of its constitutional independence; because they are
calculated to foster a band of interested parasites and informers,
ever ready, for their own advantage, to swear before ex parte
committees to pretended private conversations between the
President and themselves, incapable, from their nature, of being
disproved; thus furnishing material for harassing him, degrading
him in the eyes of the country . . .” – President James Buchanan

These words, written by President James Buchanan in March 1860, protested a resolution adopted by the U.S. House of Representatives to form a committee—known as the Covode Committee—to investigate whether the President or any other officer of the Executive Branch had sought to influence the actions of Congress by improper means. 

Buchanan “cheerfully admitted” that the House of Representatives had the authority to make inquiries “incident to their legislative duties,” as “necessary to enable them to discover and to provide the appropriate legislative remedies for any abuses which may be ascertained.” But he objected to the Covode Committee’s investigation of his conduct. He maintained that the House of Representatives possessed no general powers to investigate him, except when sitting as an impeaching body. Buchanan feared that, if the House were to exercise such authority, it “would establish a precedent dangerous and embarrassing to all my successors, to whatever political party they might be attached.” 

Some 160 years later, President Donald J. Trump has taken up the fight of his predecessor.


Echoing the protests of President Buchanan, President Trump and his associated entities are before this court, claiming that the Oversight Committee’s subpoena to Mazars exceeds the Committee’s constitutional power to conduct investigations. The President argues that there is no legislative purpose for the subpoena. The Oversight Committee’s true motive, the President insists, is to collect personal information about him solely for political advantage. He asks the court to declare the Mazars subpoena invalid and unenforceable.

Courts have grappled for more than a century with the question of the scope of Congress’s investigative power. The binding principle that emerges from these judicial decisions is that courts must presume Congress is acting in furtherance of its constitutional responsibility to legislate and must defer to congressional judgments about what Congress needs to carry out that purpose. To be sure, there are limits on Congress’s investigative authority. But those limits do not substantially constrain Congress. So long as Congress investigates on a subject matter on which “legislation could be had,” Congress acts as contemplated by Article I of the Constitution.

Applying those principles here compels the conclusion that President Trump cannot block the subpoena to Mazars.


… it is not for the court to question whether the Committee’s actions are truly motivated by political considerations. Accordingly, the court will enter judgment in favor of the Oversight Committee. 

More to come …

FinCEN’s Advisories and Guidance – “Persuasive Precedential Effect”, Whatever That Means

US-based AML practitioners are familiar with FinCEN Guidance and Advisories. Most are probably not sure what the differences are between a Guidance document and an Advisory. But both seem to have something called “persuasive precedential effect”. What is persuasive precedential effect? Is it different from non-persuasive precedential effect? My spell check doesn’t recognize the word “precedential”, and Googling the phrase only brings back 74 hits.

Just what is “persuasive precedential effect”? Having just glanced at the title of the first search result – “Legitimacy Model for the Interpretation of Plurality Decisions” – I couldn’t bear to try to answer that question myself, so … could a financial institution subject to the BSA please seek an Administrative Ruling from FinCEN to get an answer to the question “what does the phrase ‘persuasive precedential effect’ actually mean?”

FinCEN’s Regulatory Releases – Regulations, Guidance, Statements of Policy, Advisories, and Enforcement Rulings

On May 9, 2019, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN), which has responsibility for the administration of the Bank Secrecy Act (BSA) under Treasury Order 180-01 (1992), issued formal Guidance (FIN-2019-G001) titled “Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies.”


Also on May 9th, FinCEN issued an Advisory (FIN-2019-A003) titled “Advisory on Illicit Activity Involving Convertible Virtual Currency”.


Why two documents? Why was one labeled “Guidance” and the other “Advisory”? The answers, in part, can be found at FinCEN’s “Regulatory Releases” page: FinCEN Regulatory Releases

According to FinCEN, it has authority to issue regulations, regulatory interpretations and guidance, advisories, and enforcement assessments/consent assessments. As explained by FinCEN:

I. Regulations

Regulations implementing the Bank Secrecy Act codified in title 31 of the Code of Federal Regulations, Chapter X (31 CFR Chapter X). Related publications include:

  • Final rules
  • Interim final rules
  • Notices of proposed rulemakings (known as “NPRM”)
  • Advance notices of proposed rulemakings (known as “ANPRM”)
  • Corrections

Final rules, interim final rules, and any subsequent corrections to these rules, are binding obligations on individuals and entities within the scope of such rules.

II. Regulatory Interpretations and Guidance

According to FinCEN, it “routinely issue[s] interpretations of BSA regulations as well as guidance to financial institutions on complying with our regulations.” There are three categories that fall into this bucket:

1. Administrative Rulings

The authority, process, and effect of Administrative Rulings is contained in subpart G of Part X of Title 31 of the code of Federal regulations – 31 CFR § 1010.710-717. Although FinCEN’s website provides that “published letter rulings often express an opinion about a new issue, apply an established theory or analysis to a set of facts that differs materially from facts or circumstances that have been previously considered, or provide a new interpretation of Title 31 of the United States Code, or any other statute granting FinCEN authority”, the regulation itself is somewhat more direct. It provides:

§1010.715 Issuing rulings – The Director, FinCEN, or his designee may issue a written ruling interpreting the relationship between this chapter and each situation for which such a ruling has been requested in conformity with § 1010.711. A ruling issued under this section shall bind FinCEN only in the event that the request describes a specifically identified actual situation. A ruling issued under this section shall have precedential value, and hence may be relied upon by others similarly situated, only if FinCEN makes it available to the public through publication on the FinCEN Web site under the heading “Administrative rulings” or other appropriate forum.”

The result? If FinCEN publishes an Administrative Ruling, it shall have precedential value and may be relied upon by financial institutions “similarly situated” as the requestor.

2. Interpretive Guidance

FinCEN provides three examples of interpretive guidance:

  • Interpretive releases, including written responses to informal inquires on the application of 31 CFR Chapter X that are not made and submitted to the Financial Crimes Enforcement Network consistent with the procedures outlined at 31 CFR § 1010.711
  • Frequently Asked Questions
  • Staff commentaries

Notably, interpretations of BSA regulations that are published on FinCEN’s public web site under the heading “Guidance” shall have persuasive precedential effect and, to that extent, may be relied upon by those financial institutions subject to the specific provision of the BSA regulation being interpreted until such interpretation is superseded, revoked, or amended.

FinCEN notes that “if written guidance is not published on FinCEN’s public web site under the heading “Guidance”, although not binding, such guidance provides useful insight into our view of the application of the Bank Secrecy Act and its implementing regulations at the time that the guidance is issued.”

3. Statements of Policy

This appears to cover guidance not published as “Guidance”, as well as “statements outlining or describing our policy with respect to specific issues arising under the Bank Secrecy Act.” According to FinCEN, “these statements provide useful insight into our view of the application of the Bank Secrecy Act and its implementing regulations at the time the statement is issued.”

III. Advisories

Advisories are published to financial institutions “concerning money laundering or terrorist financing threats and vulnerabilities for the purpose of enabling financial institutions to guard against such threats.”  If published on the FinCEN web site under the heading “Advisories” and to the extent they interpret BSA regulations , Advisories shall have persuasive precedential effect and may be relied upon by those financial institutions subject to the specific provision of the BSA regulation being interpreted until such interpretation is superseded, revoked, or amended.

And, like guidance not published under the heading “Guidance”, advisories not published under the heading “Advisory”, are not binding but provides “useful insight into [FinCEN’s] view of the application of the BSA and BSA regulations at the time that the advisory/guidance is issued.

IV. Enforcement Assessments and Consent Assessments

Public enforcement actions, often referred to as “Consent Orders” by the OCC and Federal Reserve and “Consent Assessments” by FinCEN because they are entered into with the (grudging) consent of the sanctioned entity, are binding on and apply exclusively to the sanctioned entity. However, as FinCEN notes, any “regulatory interpretations contained in such assessments shall have persuasive precedential effect and, to that extent, may be relied upon by those financial institutions subject to the specific provision of 31 CFR Chapter X being interpreted until such interpretation is superseded, revoked, or amended.”