Compliance Blog

Sep 11, 2019

Bad Guys Are Innovating, So Should You!

911 Memorial
National September 11 Memorial & Museum

Following the tragic and deadly terrorist attacks against the United States on the morning of September 11, 2001, compliance professionals around the globe were faced with the pressing need for protocols to detect and interrupt terrorist financing cash flows. Today, we are facing a new breed of terrorism, a domestic one. I am referring to the shocking wave of massive shootings whose financing methods are different and difficult to identify and report, which can turn out to be very challenging for credit unions.

Understanding and accepting the evolution of criminals seems to be crucial, as it puts all compliance professionals in the inevitable (and necessary) place of implementing changes and innovating when it comes to approaching the ever-changing threats in money laundering and terrorist financing. 

What is FinCEN doing?

On June 12, 2019, Kenneth A. Blanco, Director of the Treasury’s Financial Crimes Enforcement Network (FinCEN), provided remarks at the New York University (NYU) Law Program on Corporate Compliance and Enforcement that highlighted FinCEN’s evolving approach to emerging threats in money laundering and terrorist financing, which includes, among others:

  • FinCEN’s procedures for processing the Suspicious Activity Reports (SARs) it receives each day through the agency’s automated business rules to identify SARs for further review;
  • FinCEN’s Crisis Response team, focused on addressing terrorist attacks across the globe as quickly as possible, which builds out a network to connect the terrorist attack down to the transactions, locations, streets, houses, and cars used to perpetrate the attack; and
  • FinCEN’s collaboration with the Federal Bureau of Investigation to create a Rapid Response Program in which law enforcement notifies the agency upon receiving complaints about a growing threat to financial institutions that has resulted in over $12.5 billion in losses since 2013: Business Email Compromise fraud.  

Director Blanco concluded his remarks emphasizing FinCEN’s commitment to working with the private sector in a number of innovative approaches to strengthen FinCEN’s Anti-Money Laundering (AML)/Countering Financing of Terrorism (CFT) system, including the following:

  • On December 04, 2017 ,FinCEN announced the creation of the FinCEN Exchange, a program for law enforcement and financial institutions to share information on certain topics in an effort to enhance public-private information sharing and to increase the number and quality of reports to the agency;
  • On October 03, 2018, FinCEN issued a joint statement with Federal banking agencies to describe circumstances in which financial institutions can enter into collaborate arrangements to share resources to manage their Bank Secrecy Act (BSA) and AML obligations more efficiently and effectively;
  • On May 9, 2019, FinCEN issued updated guidance and an advisory regarding how its regulations apply to convertible virtual currencies and certain activities that financial institutions should monitor in this space;
  • On May 24, 2019, FinCEN announced an Innovation Hours Program, which will provide financial technology and regulatory technology companies and financial institutions with opportunities to present their innovative products and services to FinCEN; and
  • FinCEN is increasing its engagement with the BSA Advisory Group, a group that meets twice a year to discuss regulatory expectations, emerging trends in illicit finance, and potential areas for AML/CFT innovation. The group consists of, among others, representatives of federal law enforcement and regulatory agencies, state government agencies, and self-regulatory organizations.

 What can credit unions do?

Based on what the Federal Financial Institutions Examination Council (FFIEC) advises its examiners to look for in its Core Examination Procedures, some things credit unions can do include, but are not limited to:

  • Review the credit union’s policies, procedures and processes to monitor, identify, research, and report suspicious activities;
  • Develop/strengthen risk models to adequately address the evolving breeds of terrorism and its financing methods;
  • Evaluate the effectiveness of any systems used by the credit union to identify unusual activity;
  • Determine whether such monitoring systems use reasonable filtering criteria, as well as how such systems fit into the credit union’s overall suspicious activity monitoring and reporting process;
  • Invest in new technologies or products in the market for enhancing transaction monitoring and detection of suspicious activity processes;
  • Update procedures for reviewing and evaluating the transaction activity of subjects included in law enforcement requests;
  • Review the credit union’s transaction monitoring reports to determine whether they capture all areas that pose money laundering and terrorist financing risks. Determine whether the credit union has policies, procedures, and processes to ensure the timely generation of, review of, and response to these reports;
  • Identify any deficiencies in the monitoring systems and their underlying cause (e.g., inappropriate filters, insufficient risk assessment, or inadequate decision-making);
  • Verify that staffing levels are sufficient to review reports and alerts and investigate items, and that staff possess the requisite experience level and proper investigatory tools;
  • Conduct periodic training for all relevant staff on new trends and red flags, spotting at-risk behaviors, typologies of mass attacks such as credit card usage spikes, weapons purchases, etc.


Attend our upcoming compliance webinars to learn more about fiduciary accounts and unauthorized transactions

September 17: How to Handle Fiduciary Accounts – Trusts, Estates and Powers of Attorney

September 26: Unauthorized Transactions: The Keys to Compliance