In this episode of This Week in AML, Elliot Berman is joined by Jennie Jonas to unpack FinCEN’s 2024 Year in Review, BSA modernization efforts, and key takeaways from recent FATF reports. They also explore global fraud trends, regulatory shifts in the EU and UK, and the evolving role of digital currencies in financial crime prevention, and other issues affecting the financial crime prevention community.
FinCEN 2024 Review, BSA Modernization, Fraud, and FATF Reports - Transcript
Elliot Berman: Hi, Jenny, how are you today?
Jennie Jonas: I'm good. Thanks for having me on the the session today in John's absence.
Elliot Berman: As John and I mentioned last week John's on a vacation this week and next week, and glad that you can join us. For those folks who haven't met you since you joined the company, I'll just remind them you're our senior Vice president in charge of our advisory function. Which puts you in center of many of the things we're gonna be talking about in terms of helping clients understand what's going on. Where would you like to start this week?
Jennie Jonas: I think I'd like to start Elliot, 'cause it piqued my interest when I saw news of it coming across, was FinCEN and their semi-annual meeting that happened last week. We saw a year in review get published shortly after part of that meeting. I think it had some interesting statistics in it. Not too much change on the filings front in terms of volumes, it seemed those volumes stayed fairly stagnant in comparison to 2023, because the report was looking at the fiscal year of 2024.
What was interesting to me from that review is the extent to which FinCEN's BSA search tool is getting utilized now. It was great to see, I think it was over 2 million searches on BSA data being conducted through that tool. It just signifies that SAR filings, CTR filings are getting utilized by law enforcement. And I think the year in review report really reinforce that which is great to see. Institutions always wanna see that the SAR filings that they produce are getting used in some way, shape or form to help, the fight against financial crime.
It was great to see that. But I think maybe what was more interesting to me were some of the remarks that the Deputy Secretary of the Treasury made during the event . He was really spending time outlining some of the guiding principles that are going to be relied upon or focused on as there's this modernization of the BSA. There were a couple of things that I think are repeat themes from, prior conversations that are happening in industry. The notion of innovation. The notion of different approaches for different sized institutions. And really leaning into that risk-based approach.
But I thought there was a bit of an interesting theme in there around fairness and objectivity and even transparency, really. Which we saw also echoed when the FCA issued a priorities report earlier this year. So it was an interesting event. The proof though, will be in the pudding, if you will, in terms of how these principles actually get enacted in practice. 'cause as Elliot, for a long time there's been a big focus on risk-based approach and we haven't quite got there as an industry yet.
Elliot Berman: A hundred percent agree. The meeting that you referred to is the semi-annual meeting of the Bank Secrecy Advisory Group, often called BSAAG and certainly over the years as regulations have been developed and whole concepts that became parts of regulations, they were often discussed in advance at BSAAG. So it'll be interesting to see how the current Treasury senior management uses BSAAG with some of these proposals.
Also as you mentioned one of the regulatory principles that was mentioned was that regulation should be efficient, striking an appropriate balance between costs and benefits. I wouldn't disagree with that, but as you already pointed out, the challenge for all these things is how do you actually put it into practice? The idea of what's, a balance between cost and benefit probably does change depending on who's measuring the benefit. And the benefit of this mostly is providing high quality information to law enforcement.
So how they would measure what they want versus what the industry would say what we're spending today is tolerable, but we don't wanna spend anymore, as an example, would be interesting. In the regulations for AMLA, which may or may not ever see the light of day, there was a lot of discussion about raising the CTR reporting threshold from $10,000 where it's been since it was, rolled out to maybe $40 or $50,000. Generally speaking, law enforcement doesn't love that because they're concerned about losing the slice of information. And as you pointed out, there were over 2 million searches of the databases by law enforcement agencies who have access.
Balance is a wonderful concept and always hard to strike, so it'd be interesting to see where that goes.
Jennie Jonas: All in all, I think a very interesting read and hopefully we'll start to see the government and the broader industry focus more on that cost benefit perspective of regulations, of enforcement, of programs, and really lean in to the risk-based approach.
Elliot Berman: There were a number of things both in the UK and in the EU, generally I would say the connecting theme was fraud. One was the EU is considering creating an obligation for banks to share fraud related data. And one of the governors of the Bank of England talked about the need for new digital currencies, including stable coins, to have anti-fraud mechanisms built into them.
So that's the highlights. What else did you see in those pieces that came out.
Jennie Jonas: Yeah, I was doing a lot of reading around that last one around the Bank of England governor's remarks on digital currencies and the need for anti-fraud functions. I think at a high level when you actually dig into to his remarks from the event he was at, which was interestingly held at the National Bank of Ukraine, he was talking a lot actually about the growth of NBFIs in general and not just focused on digital currencies and was noting the connectivity between those and the traditional banking part of the of the industry and the risk or the interconnectivity between the two. And therefore the risk that the one can introduce to the other.
He made an interesting remark about regulations and I think he raised the question of whether over all of the regulations that have been put into that traditional bank part of the industry has really pushed the risk into these MBFIs. So in trying to stabilize the totality of the banking and financial services sector, that risk is still come in, but in, the less regulated part of that environment.
What I took his comments around the fraud piece to be is given all the advancement in technology, in part due to the evolution of crypto and digital currencies in general, I think he was really challenging the financial services industry to think about how they can use that technology that surrounds those types of of digital monies to fight fraud.
Because there's a lot of information that exists and there's been a lot of success with leveraging blockchain analysis. And so yeah, so I thought, it was really a call to action from him as opposed to how it had been reported in some articles like this mandate, for digital currencies to have those fraud functions. It's very clear that they need it because of the extent of fraud in that part of the market today. I think the DOJ also last week had seized, if I'm not mistaken, over, over $200 million dollars worth of funds that were linked to crypto investment scams. So it should, it just reinforces that fraud is such a problem in that space.
Elliot Berman: Yeah, they filed a civil forfeiture complaint. They have not seizes funds yet. I think they're holding the funds but seeking to get permission to not just hold them in a sense, in a freeze, but to actually take possession as a forfeiture.
The EU as I mentioned a moment ago, is considering a measure in a large package of changes and proposals that would overhaul the EU payment system focusing heavily on for the purpose of cracking down on fraud, which is exploding, not just in Europe, but around the globe.
And they talked about that it would be helpful to have a central repository where transaction information related to bank accounts could be put in in a semi anonymized fashion so that when an account that's being used in connection with a fraud. So that other institutions are alerted to be attentive to transactions coming from that now fraud related account. Which is a really interesting concept. I'll be very curious to see where it goes because the EU has been very aggressive about personal privacy.
That balance, if you wanna help people not be defrauded and you want the line of defense in part to be built at the institution level to manage against bad transactions you're gonna have to share some kind of information. And it'd be interesting to see where that entire proposal goes but in particular the one about information sharing.
Elliot, just on that point. I've been spending more time in the UK of late given my global role and I've had the chance to really connect with quite a few fraud leaders at institutions, over in the UK especially through various events that I've attended. And there's always been this repeated theme being discussed at those events amongst those leaders. And that is, the more information that can be shared.
First off, they really wanna see more information shared because they understand the need and the necessity for that to happen for the fight against fraud, to favor more of the institution than it does the bad guy at the moment. This is a really interesting development. I think of course, 'cause it exists within the EU should not have any immediate impact on the uk. But the geographical closeness of the two, I think suggests that there'll be some downstream and some trickle effect for those UK institutions.
So I think it'll be interesting news and welcome news for a lot of fraud leaders in that part of the world. I think it was also interesting to see part of the proposal referring to the inclusion of internet carriers and messaging platforms in this fraud prevention scope really to strengthen it.
Again, I think that's a long been a topic of discussion for many institutions, fraud leaders the need to really expand the collaboration, not just amongst financial institutions, but amongst the connected industries. Because as we know all too well or at least I do, I get so many spam calls and text messages, Elliot, on my phone trying to engage me in conversation.
I have no doubt that it would ultimately to lead to some sort of fraudulent financial transaction if I were to let it. They, internet carriers, messaging platforms, telecoms organizations, I think all of them play a role. In helping with this fight against fraud.
Elliot Berman: Yes. And the traditional bank. Bank service, bank providers and some of their related service providers. So in the us, the ACH network, which is run not by the banks, but by two outside parties. The wire systems those traditional things. They've had many of these anti-fraud capabilities built in over time. But the proliferation of other money transfer platforms, value transfer platforms that are tangentially connected to traditional financial institutions in many cases, they have plenty of catching up to do.
And I think the EU is smart to say, we need to really look at this problem comprehensively, not just focus on the traditional. I don't wanna say there's no problem there, but because the field has gotten so big and so diverse because lots of people are bringing great technology ideas, but not necessarily bringing with them the other safeguards. And one of the challenges, the faster you go. The less time you generally have to take that look and go does this make sense?
So whether we can build it in without building in too much friction, I think that remains to be seen.
Jennie Jonas: Yeah. So that's the age old challenge isn't friction versus prevention.
Elliot Berman: Last week John and I reported on the June FATF plenary. One of the things we mentioned is that the plenary summary report mentioned that there would be several additional detailed reports coming out, and several of them did come out.
One is on the major gaps in, global responses to proliferation financing and sanctions evasion. And the other one was the new guidance on financial inclusion and anti-money laundering and terrorists financing measures.
Did you have any particular takeaway from either one of those reports that you wanna talk about?
Jennie Jonas: I always find the FATF reports to be a great read. And I think there were some really great insights noted in that and I'm gonna trip up on the word too, complex proliferation oh, there you go. It rolled off the tongue, sanctions evasion schemes report. I like how it ran the gamut of really highlighting the ways in which they've recently observed certain methods to evade sanctions. As well as providing guidance on the best practices. It probably came as no surprise to anyone who's read it or who will read it in the future, that they acknowledged that the Democratic People's Republic of Korea is a particularly significant actor in this space. And they recognize the reasons for that.
So I just, I felt all round that it was a very helpful and beneficial report to digest. And I would encourage anyone who's in the sanction space to take a read through that.
Elliot Berman: Yeah, I think the other report was also interesting. It's in a space that FATF has been, writing and talking about for a long time. This is updating a report from that started out in 2011. And it's been updated a number of times, and this is the latest update.
What they're looking at is the balancing between assessing risk and also not as a result of poorly assessing risk excluding people from the financial system. And they note that on the one hand, just because you appear to be low risk that doesn't mean it's truly low risk. It takes a deeper look than that. But on the other hand you also don't just say if you are in that country you're not gonna have access to the financial system because you're in that country.
Or in that, that area in a country or, you're in a particular, they didn't dive as far deeply there, but you're in a particular industry.
Things like that. Again, as, and I agree with you, the reports are always well thought out, put together. They're definitely the result of a lot of insightful work, and they're important reads to figure out where things are going. So I I urge all of our listeners to take a look at both of those reports, which you can find on the FATF website.
So we're just about out of time. Is there one more thing that you wanted to talk about?
Jennie Jonas: I think we'd be remiss not to acknowledge an OCC bulletin that came out in the last week or so, Elliot, and that was on potential criminal enforcement. And as I read the bulletin, I think it was, 2025 - 13 for any one of the listeners who want to go and check it out. It was putting forward that the OCC would outline what criminal regulatory offenses will be enforceable by the DOJ and or the OCC and the range of penalties for such offenses.
I know that for a long time there's been a discussion around the personal liability of BSA/AML officers, but it'll be interesting to see what comes off the back of this bulletin and whether we'll see any, significant shift, particularly in that part of the enforcement space.
Elliot Berman: Yes. And this is really in part responsive to the President's executive order 14294 early in May, which is titled Fighting Overcriminalization in Federal Regulation. So we'll see how this goes. Again it'll all be in the definitions.
I think the other thing that we need to at least note is obviously there's been escalation of the conflict in the Middle East by actions of the US as well as continued actions by both Iran and Israel. We're not gonna talk about military things, and we're not gonna talk about politics, but so what does that mean for the financial crime prevention community? I've seen several commentators say that this could over a long period of time increase the amount of terrorist activity.
As one of the ways that Iran could respond. We'll have to see. So what does that mean for the community? It means whatever you do to try to identify potential terrorist financing. I would turn the dial up a little bit. But thoughts on your side?
Jennie Jonas: Yeah I totally agree with you, Elliot. It is definitely a space to be keeping a close eye on. All financial crimes leaders should really understand what specific controls they have to manage the risk in that part of the world. Not just specifically Iran, of course, but just generally in that region. And be comfortable with the controls that you've got in place.
And certainly talk to peers, see if there's anything in terms of best practices that can be gleaned through those conversations. And of course we are on hand to have that conversation too Elliot, but of course, your industry peers are right at the forefront and making changes to your point, Elliot, to turn up the dial on a day-to-day basis.
I'm sure I speak for both of us, when I say that our thoughts and our hearts go out to the individuals and the people and the residences of those nations and we think about their safety and hope this situation deescalates.
Elliot Berman: So as we wrap up, let me remind our listeners that the June webinar will have live streamed by the time you hear this episode, but it'll be available in a recorded version on our website by the end of next week. And our july webinar, which is July 24th, and it'll live stream at 1:00 PM Eastern Time is on how AI can impact your financial crime compliance program. And of course there'll be lots of other great content that you can find at our website.
Jenny, thank you so much for joining me today. I really had a great time chatting with you and hope you have a good rest of the week and a great weekend.
Jennie Jonas: Thanks, Elliot.