PODCAST
This Week in AML
FCPA Rollbacks, OCC Risk Tolerance, and Crypto Compliance Gaps
AML RightSource
:
Aug 01, 2025
In this week's episode, Joe McNamara and John Byrne examine significant shifts in the regulatory landscape, starting with a tribute to compliance leader Anna Rentschler. They dive into concerning changes to FCPA enforcement guidance that critics say abandons universal ethical standards, the OCC's unusual LinkedIn post signaling increased risk tolerance for banks, and growing threats to the Corporate Transparency Act. The discussion moves internationally to cover the UK's crypto asset sanctions compliance findings, the EU's latest money laundering risk assessment highlighting fintech vulnerabilities, and an FBI advisory on the Scattered Spider cybercriminal group.
FCPA Rollbacks, OCC Risk Tolerance, and Crypto Compliance Gaps - Transcript
Joe McNamara: Hey John, how are you this week?
John Byrne: I'm good Joe. Hopefully Elliot's still enjoying his, well-deserved vacation and he'll be back in a few weeks. I wanna start off on a more somber note.
Unfortunately, um, a good friend who was a tremendous role model for compliance officers, Anna Rentschler, passed away late last week in Missouri. Anna was throughout her career, she was at Central Bank Company, which is a large, Midwest bank. She was from Mexico, Missouri, but she was the Vice President of BSA Officer. But more importantly, she was a, as I said, a role model.
She, first, came of notice to us when I was with the American Bankers Association on our compliance committee. She received their distinguished service award, she then joined us with ACAMS on the advisory board, and also got the specialist Career Leadership Award at ACAMS.
Did a whole host of things, both in the industry and out.
She did a lot of work with United Way and her church and all sorts of things. But, as I've said she was very generous with her time. Did a lot of training always reaching out to new BSA officers and compliance folks, and was a strong advocate for our community, so, Anna will be, will be sorely missed.
ACAMS wrote a nice piece in their publication – and just wanted to note that, as we start this off today.
Joe McNamara: Yeah, definitely one of those things that, you know, is never easy to deal with, but all the same. And I think it eventually comes for all of us. In terms of other passings that we've seen recently, I know that there was, a recent op-ed written around the FCP (FCPA) and essentially titled the FCP(FCPA) as we know it, is gone. You know, did you get a chance to look at that and if so, what were your initial thoughts on, on some of the, the things that were posed in that article?
John Byrne: I know you were saving time, but it's the “FCPA” - that's okay, and we're, we're not, we're not gonna edit this - but no, I take the point.
You, you flagged this for me and I really appreciate this. This was a former, senior official that worked in this space, and this was actually a piece on Substack entitled “The FCPA as we know it, is gone”. And throughout this pretty short piece, they do talk about new guidance from the Department of Justice.
They, stressed a couple of things. Elliot and I mentioned this a few weeks ago - it's in their guidelines for investigations and enforcement of the FCPA. That's the memorandum that he's referring to. And here's part of, his comment. For example, the DOJ will now focus on quote, “serious misconduct” unquote, as opposed to quote, “routine business practices in other nations”, unquote.
None of that is defined again, according to the author, but it sounds like someone at the DOJ will judge whether paying a foreign official for a quid pro quo is actionable. Based on how common similar bribes are in the country. Congress, however, never endorsed a standard based on local practices. The stunning idea at the heart of the FCPA was to raise America's ethical business standards universally, not lower them to match local corruption levels.
And there's more in the piece. But as we mentioned when this first occurred, there is a five-year statute of limitations. So companies that ignore the FCPA guardrails, if you will, are potentially making a mistake, because of the statute of limitations.
Joe McNamara: Yeah. And again, it's kind of a head scratching moment when you start to look into exactly what's been rolled back. Um, and again, great article written by Richard Cassin. Yes. Um, but there was also another head scratching event that happened this week with another acronym organization.
Did you happen to see what got posted by the OCC?
John Byrne: Yeah, so, you know, all of us that are paying attention to what's going on in our community do follow a lot of the postings on LinkedIn. And I was sort, I was, yeah - head scratching is a good phrase for this. Jonathan Gould is the new comptroller and he's made it very clear his support of crypto.
He's also made it very clear his support of deregulation, but they simply posted the following statement on LinkedIn, and I'll just read it. This is quoting, “Risk is inherent to banking and for banks to fulfill their role supporting the US economy, they must be able to engage in prudent risk taking. As regulators, we need to recalibrate our risk tolerance and empower banks to make sound decisions that support economic development.”
Now understand this was not part of his speech. This was not part of a press release. This was simply a statement posted on LinkedIn. Now, of course, all the agencies are looking at various levels of deregulation, but I think this is more than a shot across the bow, and it will be fascinating to see how this could impact our world of AML/CFT and sanctions.
Joe McNamara: No doubt, John, and I think you know, I share those sentiments. I think the one silver lining that I've, I have, that I, I cling to as often as I can, are the previous conversations that I've had with other practitioners in the space where, you know, even kind of given the existing environment and situation that we find, you know, our, our friends, you know, operating within, it seems to me that for the most part, they still have the long-term goals of true compliance, you know, at the heart of, of what they're doing.
You know, my goal and hope is that, we don't see that you know, back out at all. But, um, wait, before, before you
John Byrne: Sorry to interrupt, but since we're sort of on the same plane in terms of US related.
Issues, you know, FCPA, OCC - I did wanna just highlight very quickly a, a group that we have definitely interviewed some of their members in the past. the Financial Accountability and Corporate Transparency Coalition, they did an op-ed piece in the Wall Street Journal late last week entitled “Be transparent about Shells”. The subheading is our nation's adversaries and competitors shouldn't be able to weaponize US Financial secrecy. Again, written by the FACT Group. Erica Che, I hope I got her name correctly, but in this op-ed piece very briefly, it's , it says. Our nation's adversaries and competitors shouldn't be able to weaponize us financial se secrecy to dodge tariffs and undercut law abiding businesses.
The competitiveness of US manufacturers depends on it. If the White House is serious about enforcing us tariffs, it would support resounding calls from law enforcement to reinstate disclosures for domestic companies. Under the Corporate Transparency Act now we've talked about the CTA, we talked about the potential act by this Congress to eliminate the act entirely, which possibly can happen in September.
I'm actually gonna get, a briefing this week from some folks on Capitol Hill. I'll be able to share some of that next week. But this is the fast group pointing out not only do they think that it was a mistake to eliminate coverage for domestic entities, but that law enforcement's very concerned about it.
So I think that's an important message, coming. And again, it was in the July 25th Wall Street Journal. No doubt,
Joe McNamara: John. And when I think about the analogy here, it's really hard to hold water in a leaky bucket, especially if you've got holes at the bottom of it. You know, hopeful that at least the briefing that you get this week and, and into next, provide some level of, of positive outlook.
I don't think, I'm alone in saying that I, I'm not gonna hold my breath.
John Byrne: No, I know, unfortunately, I don't think it's gonna be positive, but at least we'll have more information on what's possibly gonna happen and potentially could help those that want to, address it, so, we'll see
Joe McNamara: Absolutely. Okay. Anything else domestic before we, we move international?
John Byrne: I believe that's it. Just checking my notes - Oh, there's one other one. FBI cyber division issued through FBI, CSA and other partners a joint cybersecurity advisory.
And this is on the indicators of compromise and tactics and techniques of a cybercriminal group, “Scattered spider” targets large companies, and their contracted IT firms to conduct data theft for extortion and encryption for further ransom. There's more information available on the FBI website and under the category, the Joint Cybersecurity Advisory, just issued yesterday.
Joe McNamara: It is a, a bit of a read, but I agree with you in terms of insight and just getting a better sense for what's, what we're up against. Excellent resource. Okay, so moving internationally. John, I also saw something regarding the, the UK. It was the UK Office for Financial Sanctions implementation, crypto Assets Threat Assessment.
So, this was published, looks like the 28th of this month. Um, and essentially, it's, it's titled “Key Lessons for Sanctions Compliance”. Did you get a chance to read through that and if you did, what did you think of OFSI's decision?
John Byrne: Actually no, I just, you highlighted it for me, and I was more focused on the, European Banking Authority.
So why don't you give the highlights that you saw there? So, I apologize for missing that. I did see the note, but when this cybersecurity thing came out from the FBI, like everything else, I just shifted by, there's a lot going on. There's a lot that happened this week.
Joe McNamara: No [worries]. And. Yeah, I would say in terms of, of what I gleaned from it, the, the most interesting thing that I found was actually right at the top - incomplete self-disclosure of breaches.
So, and I'm quoting here, “OFSI found it is almost certain that some UK crypto asset firms, including banks and non-bank financial institutions, may not be fully reporting suspected. Sanctions breaches due to detection, failures, misunderstanding of reporting obligations or hesitation to self-disclose”. And it kind of goes on to lay out, you know, specific areas including direct or indirect exposure to a designated person, or within sanctioned jurisdictions.
I think the overarching message here, and it goes on, so there's, there's some other threats including, you know, Garantex and Grinex, which were both, um, Russian exchanges. But, you know, ultimately it kinda raises the awareness bar yet again in terms of the growing crypto space and certainly the risks involved with you know, moving, moving any kind of value, including monetary through these systems. You know, it's, it's a call to action in a lot of ways for especially, you know, folks in the, the UK to really start taking this more seriously.
It, it looks to me as though, you know, we're gonna continue to see legislation and continue to see, you know, growth on this, on this front as it relates to just kind of tightening up not just sanctions compliance but more general financial compliance as well. And so, you know, for any disrupting organization out there.
I think it's just a, it's a good reminder that, you know, if you haven't, you probably should really start, investing some time into understanding, you know, the, the risks associated with sanction entities, designated persons, and essentially understanding who's moving through your platform and how you could potentially be facilitating, um, some nefarious activity to say the least.
John Byrne: That all makes sense. So as I as I indicated, the, European Banking Authority came out with, their, opinion and report, if you will, their 2025 opinion and report on money laundering, terrorist financing risks that affect the EU’s financial sector, so long report, but some of the takeaways from their summary, 70% of competent authorities report a rising money laundering / terrorist financing risks in fintechs in the RegTech space, over half of serious compliance failures reported to the EBAs database involve the improper use of RegTech tools, crypto assets.
Going back to what you mentioned, this remains a high-risk sector with a 2.5-fold increase in authorized crypto asset service providers between 2022 and 2024. Fraud and AI - another thing that we've talked about, criminals are increasingly using AI to automate laundering schemes, forged documents, evade detection.
And then restrictive measures, again, going back to sanctions, the complexity of EU sanctions, regimes, poses, compliance challenges. So that website, Europa.eu. And that is, the most recent report issued, just several days ago.
Joe McNamara: And, and again, I think overall, I think the two topics that that kind of came outta that AI and fraud are definitely two that are, are near and dear to us as well.
Before I start throwing plugs in for our previous and and upcoming webinars. John, was there anything else that you saw abroad?
John Byrne: No no. I mean, there's plenty going on. I know that the FATF has, finalized some mutual evaluation reports of, um, several countries. One was through their Caribbean regional group.
So some of that stuff is on that. People should always subscribe to the FATF website because those reports are valuable as a training tool, as we talked about many, many times. So that, I mean, there's quite a bit going on in Europe with. With the tariffs and all sorts of things, but that, those are the highlights that I saw.
And as we go, when this gets when you're hearing this on Friday, we'll have posted on Thursday an interview that I did with David Tyrese. You'll be able to listen to that. We talked about that last week when you and I had this conversation, so I wanted to highlight that. But what else is going on?
Joe McNamara: Yeah. Really, I'm actually really looking forward to, to getting that Tyree, interview posted. I thought it was an awesome conversation, but in terms of upcoming monthly webinars, so again, John you're front and center here, but our webinar for August is Coping with the Growing Fraud Threat.
It's a live stream happening on August 28th at 1:00 PM Eastern, and essentially. you've got kind of a, a heavy hitting cast, to help you kind of discuss this. You’ve got Don Fort, who is a former IRS CI Chief - now the Director of Investigations for Kostelantetz, as well as Ulises Pineda, who is the Director of Financial Crimes and Head of Fraud Investigations for First Citizens Bank.
So we will make if you're looking for a way to sign up. Number one, you can find it on our website. So it's right there at the top. You hit resources and go down to monthly webinar. Otherwise, if you guys are already subscribed keep an eye out for some emails coming across.
John Byrne: , Don was kind enough, I had last class of this my summer class on money laundering / terrorism and corruption to come to class last night and talked to the students about his career at IRS, but also what's going on now in in the crypto space. What's going on in terms of tax evasion, so, and fraud of course. So we always stand to gain when we have Don Fort involved, and Ulises’ background is tremendous and so really looking forward to hearing, hearing his insight, in a couple of weeks.
Joe McNamara: Absolutely. I guess at this point, John them’s the news. You know, we will, we'll certainly catch you next week. And again, I'm thoroughly enjoying just sitting in this catbird seat, with, with Elliot out. You know, we wish him the best and hopefully...
John Byrne: Well, you got another week. You got another week of this dude, to do it one more time.
Joe McNamara: I know, know - gonna do a hat trick here. But, just, appreciate the time, John, and we'll see you next week.
John Byrne: Take care.
Joe McNamara: Bye-bye.
Resources for this episode:
Coping with the Growing Fraud Threat
AMLA The new EU Authority for Anti-Money Laundering and Countering the Financing of Terrorism
The FCPA as we know it is gone
Investigations, Bank Records, and Cooperation: The Keys to Following the Money