Welcome to the November 2024 edition of FinScan’s Regulatory Roundup. In this update, we cover the latest regulatory activity in anti-money laundering (AML), sanctions, and artificial intelligence. Key highlights include: trouble at TD Bank due to pervasive and systematic failures; increasing AML penalty and enforcement actions; sanctions updates pointing to penalties and weaknesses; and regulatory focus on linking AI, data privacy, and cybersecurity. Stay informed on the latest trends and compliance requirements to help navigate the evolving regulatory landscape.
ANTI-MONEY LAUNDERING
TD Bank’s $3.1 billion settlement: A story of what NOT to do
The DOJ, FinCEN, and OCC together imposed a historic $3.1 billion settlement and five-year probationary term on TD Bank for the “pervasive and systemic failure to maintain an adequate” AML compliance program. DOJ was highly critical of TD Bank’s lack of investment in compliance, specifically the bank’s “implementation of a flat-cost year-over-year spending paradigm.”
FinCEN imposes civil money penalty on Lake Elsinore Hotel & Casino
FinCEN imposed a civil money penalty against Sahara Dunes Casino, LP, doing business as Lake Elsinore Hotel and Casino (Lake Elsinore), for violations of the Bank Secrecy Act (BSA) due to failure to implement an adequate AML program, reporting violations (CTRs and SARs), and recordkeeping violations.
The OCC releases formal agreement with Axiom Bank
The Office of the Comptroller of the Currency (OCC)’s formal agreement with Axiom Bank, N.A., Maitland, Florida, covers unsafe or unsound practices, including those related to the bank’s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program and violations of 12 CFR 21.21(d)(1) and (d)(3) (BSA/AML internal controls and BSA officer).
UK provides guidance on information sharing
The UK government has released new guidance that sets out provisions to ensure that businesses abide by the new measures in the Economic Crime and Corporate Transparency Act 2023, practical considerations for businesses including mechanisms for cross-sector sharing, and requirements for law enforcement reporting, UK GDPR compliance, and customer redress.
SANCTIONS
FCA fines Starling Bank £29m for failings in their financial crime systems and controls
FCA identified “serious concerns” at Starling in 2021 to which bank agreed to restrictions on opening new accounts for high-risk customers. Starling failed to comply and opened 54K accounts for 49K customers between 2021 and 2023. In 2023, Starling became aware that, since 2017, its automated screening system had only been screening against a fraction of the financial sanctions list.
OFAC provides sanctions guidance for the maritime shipping industry
With maritime stakeholders at the forefront of the sanction compliance landscape, OFAC has issued a “compliance communique” highlighting the risk of vessel location data manipulation, document falsification, and vessel ownership obfuscation. In response, stakeholders are implementing additional due diligence on vessel ownership and using enhanced tracking for vessel and cargo.
OFAC issues counter-terrorism guidance
This guidance assists people in implementing and complying with the Counter-Terrorism (International Sanctions) (EU Exit) Regulations 2019. It covers the prohibitions and requirements imposed by the regulations, and provides guidance on best practices for complying with the prohibitions and requirements, enforcing them, and circumstances where they do not apply.
ARTIFICIAL INTELLIGENCE
Engaging with the machine: AI and financial stability
A speech given by the Deputy Governor, Financial Stability at Bank of England, Sarah Breeden, at the HKMA-BIS Joint Conference on Opportunities and Challenges of Emerging Technologies in the Financial Ecosystem, highlighted that 75% of firms already using some form of AI in operations, up from 53% in 2022; 17% of all use cases use foundational models; and 20% of firms using AI to mitigate external risks for money laundering.
FINRA publishes report on metaverse implications for the securities industry
FINRA published today a new report, The Metaverse and the Implications for the Securities Industry. The report is intended to raise awareness among FINRA member firms and the broader securities industry by providing an overview of how developments related to the metaverse may impact business models and processes. While the true implications of the metaverse may not be known for years, the report analyzes potential applications, use cases and challenges for member firms and notes certain regulatory considerations.
Ten years of FCA innovation: impact and opportunity
Jessica Rusu, the FCA’s Chief Data, Information and Intelligence Officer delivered a speech at an FCA Innovation 10th anniversary event, highlighting the launch of an AI Lab, celebrating its standing as the first financial regulator in the world to launch a regulatory sandbox 10 years ago, and underscoring its support for almost 1,000 firms and over 95 other regulators that have introduced a sandbox model.
Canada issues statement on the role of DPAs in fostering trustworthy AI
According to the statement based on the premise that many data protection overarching principles can be transposed into broader AI governance framework, data protection authorities (DPAs) are human-centric by default, can help address problems at their source, supervise a core component of AI, and have vast experience with data-driven processing.
The Investment Association publishes final AI report
The association’s final report from the Technology Working Group, Artificial Intelligence: Current and Future Usage within Investment Management, covers the external and internal factors impacting industry success and recommendations ranging from skills and talent to dealing with legal uncertainties.
European Security Month: AI & Cybersecurity—tool or weapon?
AI tools can help protect organizations from cybersecurity threats but can also aid cybercriminals in accessing personal data. The European Data Protection Supervisor’s security month in October focused on four positives and four challenging aspects of AI in cybersecurity.
Get expert support
We’ll keep tracking regulatory changes and share updates in upcoming editions of Regulatory Roundup. Meanwhile, feel free to reach out if you need assistance managing the shifting regulatory and enforcement landscape.
FinScan’s Advisory Services are available to help with model risk management, data governance, policy development, and assessments of data quality, sanctions compliance, customer and compliance risk, and AI frameworks, among other areas. Contact us to learn more.