On June 30, 2021, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued its first government-wide priorities (Priorities) for combatting money laundering and the financing of terrorism.1 The Priorities are intended to assist financial institutions subject to the Bank Secrecy Act (BSA) in tailoring their compliance programs and assessing the money laundering and terrorism financing risks posed by their business activities.

FinCEN and the agencies with which it consulted — including the U.S. Attorney General, federal functional regulators,2 state financial regulators and national security agencies — made clear in statements published simultaneously with the Priorities that they will be revising their regulations in coming months to align them with the Priorities.3 While financial institutions are not required to incorporate the Priorities into their compliance programs until final regulations come into effect, FinCEN suggested that institutions may wish to begin considering how to approach the Priorities.

I. The Priorities

The Anti-Money Laundering Act of 2020 (AML Act), which contains sweeping provisions designed to expand and modernize anti-money laundering (AML) and countering the financing of terrorism (CFT) laws and regulations, required FinCEN to publish AMT/CFT national priorities within 180 days of enactment.4

In addition to setting government-wide examination and supervisory expectations, the Priorities are designed to inform regulated financial institutions of what the U.S. government views as “the most significant AML/CFT threats facing the United States” and assist institutions in prioritizing compliance resources accordingly. The AML Act requires FinCEN to update the Priorities at least once every four years to account for new and emerging threats to the U.S. financial system and national security.

FinCEN identified the following Priorities, in no particular order:

  • Corruption: The Priorities cite a recent White House briefing statement in which President Biden declared that countering corruption is a core national security interest.5 FinCEN notes that corrupt actors often seek to exploit vulnerabilities in the U.S. financial system to launder assets and obscure the proceeds of criminal activities, and it asserted that addressing money laundering risks associated with corruption will bolster broader efforts to combat corruption. FinCEN points to prior advisories on corruption and human rights abuses, which enumerate risk typologies and red flags and may assist institutions in identifying corrupt actors and activities. Institutions should consider reviewing their policies, procedures and practices relating to politically exposed persons, who pose heightened corruption-related AML risks.
  • Cybercrime, Including Relevant Cybersecurity and Virtual Currency Considerations: The Priorities highlight cybercrime — defined as any illegal activity involving a computer, another digital device or a computer network — as a significant threat to U.S. interests. FinCEN notes that Treasury is particularly concerned with cyber-enabled financial crime, ransomware attacks and the misuse of virtual assets to launder illicit proceeds. FinCEN references both its own advisories on ransomware and COVID-19-related cybercrime and an advisory issued by the Office of Foreign Assets Control in 2020 alerting financial institutions to trends, risk typologies and indicators of potential illicit cyber activities. FinCEN notes that financial institutions are “uniquely positioned to observe the suspicious activity that results from cybercrime, including cyber-enabled financial crime.” This suggests that the agency will expect financial institutions to ensure their transaction monitoring systems are designed to effectively detect potential cybercrime. In addition, FinCEN encourages institutions to share information pursuant to section 314(b) of the BSA to better identify and report potential money laundering or terrorist financing. FinCEN points to the recent attacks against Colonial Pipeline and JBS Foods to emphasize the acute threat posed by ransomware, and says the U.S. is committed to working with world partners to disrupt and deter ransomware actors, including by developing policies toward ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds of ransomware attacks. It also states that, while virtual currencies are “a substantial financial innovation,” they have become “the currency of preference” for a variety of online illicit activities, as they “often are used to layer transactions to hide the origin of money derived from illicit activity [through] a number of techniques . . . including the use of mixers and tumblers.”
  • Foreign and Domestic Terrorist Financing: The Priorities describe the significant risk to U.S. national security posed by both international and domestic terrorism, and highlight racially- and ethnically-motivated violent extremists as a particular concern domestically. The Priorities emphasize financial institutions’ obligations to file suspicious activity reports with respect to potential terrorist financing transactions and to follow applicable reporting requirements where violations warrant immediate attention. The Priorities also remind financial institutions of their obligations to comply with U.S. sanctions and the need to factor sanctions into their BSA/AML programs.
  • Fraud: The Priorities note that fraud-related crime is believed to generate the largest share of illicit proceeds in the U.S. The Priorities highlight business email compromise, email account compromise and COVID-19-related fraud schemes as increasingly common forms of cyber-enabled criminal activity. Finally, the Priorities note that foreign intelligence entities and their proxies often use front companies to facilitate a range of espionage activities.
  • Transnational Criminal Organization Activity: FinCEN describes transnational criminal organizations as priority threats due to the crime-terror nexus of their operations. FinCEN also notes that transnational criminal organizations are increasingly turning to professional money laundering networks.
  • Drug Trafficking Organization Activity: The Priorities state that drug trafficking organizations, like transnational criminal organizations, often rely on professional money laundering networks, primarily in Asia, that often facilitate the exchange of Chinese yuan for U.S. dollars and serve as brokers in trade-based money laundering schemes. The Priorities also highlight the substantial increase in schemes involving Mexican drug trafficking organizations that launder proceeds through Chinese citizens residing in the U.S. and front companies that can deposit illicit proceeds into the banking system.
  • Human Trafficking and Human Smuggling: The Priorities describe a variety of mechanisms that human trafficking and human smuggling networks use to move illicit proceeds, including by smuggling cash using individual victims and sophisticated operations using professional money laundering networks and criminal organizations. FinCEN also notes that human traffickers and smugglers often establish shell companies to hide the true nature of their business, and use mechanisms like funnel accounts and trade-based money laundering schemes to receive payment.
  • Weapons Proliferation Financing: FinCEN notes that the principal threat of proliferation financing arises from support networks that assist in the transfer of nuclear, chemical and biological weaponry. These networks use both individuals and entities, such as trade brokers and front companies, to move money and weapons. The Priorities identify correspondent banking as a principal vulnerability and driver of proliferation financing risk due to its vital role in U.S. dollar clearing.

II. Future Regulations and Supervisory Expectations

As noted above, the Priorities do not immediately create new BSA requirements or supervisory expectations, but FinCEN must promulgate final rules within 180 days of publishing the Priorities, and financial institutions will be required to incorporate the Priorities into their BSA/AML programs when the implementing regulations become effective. Moreover, the AML Act requires that regulators examine financial institutions’ BSA/AML programs to ensure they reflect the Priorities once the rules are in effect.

FinCEN recognizes that not all of the Priorities will be relevant to every financial institution. Accordingly, financial institutions should consider the extent to which the Priorities are relevant to their business activities and risk profile and assess whether any modifications are needed to their BSA/AML compliance programs to effectively address relevant Priorities. Such an assessment should involve a review of the risks posed by an institution’s products and services, customers and geographic locations. Several of the Priorities refer to prior FinCEN advisories that describe risk typologies and red flags and suggest actions that institutions can take to mitigate the risks associated with the Priorities. Financial institutions may want to review those advisories for guidance.

Although several of the Priorities reflect longstanding threats to U.S. national security and the global financial system, such as corruption, fraud, and international terrorism, others describe rapidly evolving and acute threats like domestic terrorism and cybercrime, which may not yet be adequately addressed by existing internal controls. To comply with the forthcoming regulations and supervisory expectations, it will therefore be important to conduct an up-to-date assessment of an institution’s risk profile and control environment.