In addition to covering the latest regulatory activity in anti-money laundering (AML), sanctions, and artificial intelligence, our December edition of FinScan’s Regulatory Roundup, we provide a special post-US election outlook as Trump 2.0 is set to begin in January. Other key highlights include: several FinCEN, SEC, and FCA penalties for fraud and financial crime failings; several enforcement actions; FinCEN, OFAC, DOJ, and FCA alerts, updates, and reissued guidance on sanctions an
TRUMP 2.0: WHAT TO EXPECT?
Here is our assessment of what organizations can expect once Trump takes office January 20, 2025.
Relaxed regulations: Expect a less assertive approach to regulations, with a reigning in of regulatory interpretations, delays in efforts to create coherent AI regulatory framework, and renewed support for FinTech innovation.
Crypto expansion: A crypto-friendly stance will likely spark market growth, sanctions targeting key sectors and entities such as technology, energy, and finance, and a more accommodating regulatory environment.
Leadership changes: Power shifts at the SEC may favor crypto expansion, with a revolving door of acting directors who will likely take a less aggressive approach to regulation.
ANTI-MONEY LAUNDERING
FinCEN issues cease and desist order for Small Business Bank in Kansas
FinCEN’s civil money penalty includes a “strike 2” cease-and-desist order for Small Business Bank in Kansas for violating the Bank Secrecy Act (BSA), and orders the bank to allocate adequate resources to AML compliance, improve its customer identity program (CIP) and customer due diligence (CDD), develop a suspicious activity report (SAR) program, engage a third party to review transaction monitoring systems (TMS) and activities, and develop and submit written plans.
FinCEN issues alert on fraud schemes involving deepfake media targeting financial institutions
FinCEN has observed an increase in suspicious activity reporting by financial institutions describing the suspected use of deepfake media developed by GenAI, particularly the use of fraudulent identity documents to circumvent identity verification and authentication methods. The alert explains typologies associated with these schemes, provides red flag indicators to assist with identifying and reporting related suspicious activity, and reminds financial institutions of their reporting requirements under the BSA.
Nine members of multi-state money laundering organization charged in wide-ranging conspiracy
An indictment was unsealed in Nashville, Tennessee, charging nine members of a multi-state money laundering organization responsible for laundering millions of dollars derived from internet fraud, including business email compromise schemes. The nine defendants were arrested in a takedown coordinated across three jurisdictions.
SEC charges three broker-dealers with filing deficient suspicious activity reports
Broker-dealers Webull Financial LLC, Lightspeed Financial Services Group LLC, and Paulson Investment Company, LLC have agreed to settle charges that they filed with law enforcement that failed to include important, required information, including a description of activity and what “was unusual or irregular that caused suspicion.”
Former Arizona elected official pleads guilty to embezzlement of county funds
The DOJ announced that a former Santa Cruz County, Arizona official pled guilty to embezzlement, money laundering, and tax evasion for her role in stealing more than $38 million of Santa Cruz County funds between 2014 and 2024 and failing to pay income tax of more than $13 million while she was serving as Santa Cruz County Treasurer.
FCA fines Metro Bank £16m for financial crime failings
Between June 2016 and December 2020, Metro Bank failed to have the right systems and controls to adequately monitor over 60m transactions, with a value of over £51bn, for money laundering risks. Metro automated the monitoring of customer transactions for potential financial crime in June 2016. However, its system did not work as intended.
Conveyancing: OPBAS offers perspective on money laundering risk in UK property transactions
The FCA’s Office of Professional Body AML Supervision (OPBAS) has issued a letter highlighting opportunities to increase the effectiveness of conveyancing, which involves a transfer of the legal title of property—a key component in a well-functioning and competitive economy—and remains a high-risk activity. Opportunities include understanding risks in end-to-end processes, refreshing and maintaining a more detailed understanding of component risk factors.
SANCTIONS
OFAC reissues Burma Sanctions Regulations
OFAC is amending and reissuing the Burma Sanctions Regulations, 31 CFR part 525 (86 FR 29197, June 1, 2021) as a more comprehensive set of regulations that includes additional interpretive guidance and definitions, general licenses, and other regulatory provisions that will provide further guidance to the public.
OFAC amends FAQs on Russian harmful foreign activities sanctions
OFAC’s amended FAQ includes an important Q&A addressing blocking securities held at the National Settlement Depository (NSD), and explains the issuance of several authorizations related to U.S. and third-country diplomatic or consular missions operating in Russia and Russian diplomatic or consular missions operating abroad.
OFAC issues alert on sanctions risk for foreign FIs that join Russian financial messaging system
OFAC’s alert warns foreign jurisdictions and financial institutions about the sanctions risks of joining the Russian financial messaging system Sistema Peredachi Finansovykh Soobscheniy or “System for Transfer of Financial Messages” (SPFS).
OFAC imposes penalty on an individual for violations of the Iranian transactions and sanctions regs
OFAC has issued a Penalty Notice imposing a $1,104,408 penalty on a natural US person for 75 violations of OFAC sanctions on Iran valued at approximately $561,802. Between 2019 and 2022, the person executed a plan to purchase, renovate, and operate a hotel in Iran, and used foreign money services businesses in Iran and Canada to evade US sanctions, of which the person was aware.
American Life settles with OFAC for Iranian transaction and sanction violations
American Life Insurance Company, a subsidiary of MetLife, agreed to pay $178,421 to settle its potential civil liability for apparent violations of OFAC sanctions on Iran which included issuing group medical and life insurance policies, collecting premiums, and paying claims to several schools and entities located in the United Arab Emirates and owned or controlled by the Government of Iran.
5th Circuit rejects OFAC’s Tornado Cash sanctions
The US Court of Appeals for the Fifth Circuit rejected OFAC’s sanction of Tornado Cash, an open-source, crypto transaction software protocol that facilitates anonymous transactions by obfuscating the origins and destinations of digital asset transfers. The suit alleges that smart contracts are not property of a foreign national or entity under The International Emergency Economic Powers Act (IEEPA), meaning they cannot be blocked under IEEPA, and OFAC overstepped its congressionally defined authority.
UK’s OFSI provides financial sanctions guidance for insolvency practitioners
The UK’s Office of Financial Sanctions Implementation (OFSI) provided new guidance that highlights reporting obligations and prohibited transactions. Beginning 14 May 2025, insolvency practitioners will be “relevant firms” and subject to reporting requirements. Relevant firms must inform OFSI “as soon as practicable” if it knows or has reason to suspect it holds funds or economic resources for a prohibited person.
OFSI provides financial sanctions guidance for high-value dealers and market participants
OFSI has also provided guidance to entities and individuals that operate in the sale or trade of high-value goods. Beginning 14 May 2025, relevant firms will be expanded to include high-value dealers and art market participants.
ARTIFICIAL INTELLIGENCE
US DOJ updates Evaluation of Corporate Compliance Programs (ECCP)
The updated ECCP placed importance on ensuring that companies maintain appropriate compliance policies in an age when rapid AI development and implementation remain largely unregulated for companies. The ECCP encourages prosecutors in their investigation of companies’ compliance programs to assess whether a company has implemented the appropriate technology, governance, and safeguards to minimize risks, as well as considering the potential long-term ethical consequences of new AI technology.
Navigate change with confidence
Feel free to reach out if you need assistance managing the shifting regulatory and enforcement landscape. FinScan’s Advisory Services help with model risk management, data governance, policy development, and assessments of data quality, sanctions compliance, customer and compliance risk, and AI frameworks, among other areas. Contact us to learn more.