On May 6, 2019, FINRA issued Regulatory Notice 19-18 Anti-Money Laundering Program (“Notice 19-18”). Notice 19-18 incorporates and updates the list of money laundering red flags in Notice to Members 02-21 Anti-Money Laundering Program (“Notice 02-21”). Notice 19-18 identifies a total of 104 “red flags” bucketed into the following categories: (a) customer due diligence and interactions with customers; (b) deposits of securities; (c) securities trading; (d) money movements; (e) insurance products; and (f) miscellaneous. None of the red flags are new. All of the red flags were previously identified in either: Notice 02-21, enforcement actions, examination priorities letters and/or by other U.S. government agencies or international organizations. Notice 19-18 is simply a compilation of previously published red flags into one list. The list is not exhaustive and FINRA cautions that it does not guarantee compliance with AML program requirements or provide a safe harbor from regulatory responsibility. Notably, as FINRA acknowledges in Notice 19-18, some of the red flags may not apply depending on the nature of a given broker-dealer’s business.
Notice 19-18 also cautions broker-dealers with regard to emerging AML risks such as digital assets. It states that firms should consider and be aware of the risks associated with digital assets. Notice 19-18 states in no uncertain terms that AML requirements apply to digital assets, including suspicious activity reporting requirements, even though the digital assets are not securities.
In sum, there are no new obligations or requirements imposed by Notice 19-18 on broker-dealers and their AML Programs. Indeed, it appears that Notice 19-18 was issued to consolidate red flag guidance from multiple sources and to remind broker-dealers about the applicability of AML requirements to digital assets. Although Notice 19-18 does not include any new requirements, broker-dealers should perform a gap analysis comparing the list of red flags in Notice 19-18 to the red flags already incorporated in their AML programs and any gaps should be addressed. Broker-dealers should also perform risk assessments with regard to digital assets to identify any money laundering risk and put appropriate controls in place to mitigate that risk.