Treasury National Illicit Finance Strategy
Fraud, ransomware, virtual assets, nonproliferation, etc. in the spotlight
Some might consider the release of the US Treasury’s National Illicit Finance Strategy boring, but for nerds like me, it’s exciting news. The release of the strategy gives me an idea of what threats Treasury considers most imminent to the US financial system, and I like knowing the government’s priorities, which helps understand the underlying reasons for some of the regulatory changes coming down the pike. I don’t complain about developments without understanding why they were implemented.
I also don’t consider Twitterati brain droppings a news source. I’d rather read the 55-page document myself, so that’s what I’ve done. The priorities are nothing surprising, as we look back on the past two years.
We already know that Iran is a major state-sponsor of terrorism, and that problem needs to be addressed. (By the way, the world may be a couple of terrorists less after a helicopter carrying Iranian president Ebrahim Raisi and foreign minister Hossein Amirabdollahian apparently crashed experienced a hard landing somewhere.)
We knew that ransomware is a significant threat to the United States, our critical infrastructure, and our financial system. FinCEN in late 2021 published an updated advisory on the use of the US financial system to facilitate ransomware payments. The Justice Department that year ranked investigations of ransomware attacks as a similar priority as terrorism and created a task force to deal with the threat after a Russian hack of the Colonial Pipeline caused panic buying and consequent gas price spikes on the East Coast.
HAMAS financing became a bigger concern, especially after the group’s brutal terrorist attack on Israel in October.
And then there’s Russia. Waging a full-scale war on Ukraine, procuring weapons from illicit actors such as North Korea and Iran, vetoing the extension of the North Korean UN panel of experts and UN sanctions against Iran’s ballistic missile and UAV program.
The 2024 Strategy addresses key illicit finance threats related to large-scale fraud schemes, potent ransomware attacks, an opioid-driven overdose epidemic, foreign and domestic terrorist attacks, corruption, and illicit exploitation of technological advances in payments and financial products and services. Hamas’ financing of its brutal terrorist attack on Israel and Russia’s financing of its continued full-scale invasion of Ukraine, including Russian elites’ support for the war, demonstrate how key threats to national security can exploit vulnerabilities in the U.S. and global financial system.
The threats are numerous, and our vulnerabilities need to be addressed if we are to protect the US financial system and the integrity of the global financial system, since we are the world’s reserve currency.
How does the US government plan to address these threats and vulnerabilities?
By closing legal and regulatory gaps in our AML/CFT framework that illicit actors exploit to anonymously access and corrupt the US financial system.
By promoting a more effective and risk-focused AML/CFT regulatory and supervisory framework for financial institutions, providing guidance and sharing other information to make them more effective and efficient at detecting and deterring financial crimes.
By enhancing the operational effectiveness of law enforcement, other US government agencies, and international partnerships. I’ve always highlighted that sanctions and other efforts to stop illicit finance are more effective if US agencies and foreign partners coordinate and take multilateral action against malign actors.
Responsibly use technological advances and innovactions to combat illicit finance.
The US government has made some progress in supporting these priorities, including passing the Corporate Transparency Act; operationalizing the beneficial ownership registry; working to bring more transparency to the real estate sector to protect it from abuse; and working to update regulatory requirements for virtual asset transactions.
Is there more work to be done? Indubitably.
Are we doing the work? Yes.
This is why we are seeing proposed regulations requiring investment advisers to implement customer identification programs.
That’s why regulators are issuing guidance and conducting educational events to help financial institutions understand new requirements.
That’s why FinCEN has been renewing and expanding geographic targeting orders (GTOs) requiring US title insurance companies to identify the natural persons behind shell companies used in non-financed purchases of residential real estate.
And then there are virtual assets. FinCEN last year issued a proposed rule that would identify international Convertible Virtual Currency Mixing as a class of transactions of primary money laundering concern pursuant to its authority under section 311 of the USA PATRIOT Act. OFAC in 2022 sanctioned virtual currency mixing service Tornado Cash that’s been used by illicit actors, such as North Korea’s Lazarus Group to launder money. The founders of Tornado Cash were charged with money laundering for cleaning more than $1 billion in illicit proceeds. (Tornado Cash developer, Alexey Pertsev, a few days ago was found guilty of money laundering in a Dutch court and now faces more than five years in prison.)
FinCEN in early 2023 identified the virtual asset service provider (VASP) Bitzlato as a primary money laundering concern in connection with Russian illicit finance, in part for its facilitation of illicit transactions for Russian ransomware actors.
There’s definitely work to be done to promote a more effective and risk-focused AML/CFT regulatory and supervisory framework for financial institutions. Guidance is being updated regularly, and proposals to revise AML program requirements for all financial institutions, which will further incorporate the risk-based approach into the US AML/CFT regime are in the works. Challenges in US territories remain, however, and resource constraints are always hindering progress.
Puerto Rico presents significant risks for money laundering, but it also has considerable potential and causes for optimism. As discussed in the 2024 NMLRA, Treasury has taken several actions against International Banking Entities (IBEs) and International Financial Entities (IFEs) that operate in Puerto Rico for willful violations of the BSA and U.S. sanctions. This includes FinCEN’s first civil money penalty against a Puerto Rican IBE for violations of the BSA.
Bancrédito International Bank and Trust Corporation in September was penalized $15 million for willful violations of the Bank Secrecy Act.
Regulators continue to regularly issue alerts and advisories, highlighting new illicit finance methodologies and warning firms and financial institutions about developments in the regulatory space. Since Russia’s full-scale invasion of Ukraine two years ago, I was struck with the sheer volume of alerts, advisories, and other public information-sharing efforts to help US entities remain in compliance.
I’ve also been impressed at the increased coordination and collaboration between US agencies and foreign partners. The Institute for Financial Integrity in February highlighted that Russia’s invasion and continued aggression in Ukraine has led to an unprecedented level of collaboration by sanctions stakeholders across jurisdictions, agencies, and sectors, and Treasury’s National Strategy notes that many of the most sophisticated and significant threats the United States faces are cross-border in nature, and they involve much more than Russia.
Criminal actors operate transnationally to expand their illicit business, generating revenue that is laundered around the world, including within the United States. As a result, since the 2022 Strategy, the United States has prioritized bilateral and multilateral cooperation to advance law enforcement action against transnational organizations. A significant nexus for this activity remains the Southwest Border of the United States, and the administration continues to work closely with the government of Mexico through high-level dialogues as well as ongoing operational information-sharing discussions to jointly attack financial crimes.
Significant efforts include the battle against illicit fentanyl and the proceeds generated by it, which cartels work to launder using the US financial system. Fraud, corruption, international terrorism and domestic violent extremism, as well as human trafficking, trade-based money laundering, and wildlife crimes are also on Treasury’s radar.
And finally, we should address US support to global efforts to strengthen the implementation of AML/CFT standards.
The United States supports the FATF’s ongoing focus on monitoring and responding to evolutions in payments, including its commitment to updating Recommendation 16, the standard on payment transparency, and issuing subsequent guidance. This update will address the adoption of the ISO 20022 financial messaging standard and changes in payment business models, as well as seek to ensure the standard remains technology-neutral and follows the principle of “same activity, same risk, same rules.”
The United States also remains supportive of the FATF’s core mission to monitor and respond to changes in money laundering, terrorist financing, and proliferation financing threats and risks. Recent FATF reports examined corruption related to citizenship and residency by investment programs, highlighting how corrupt actors, tax evaders, and other criminals have exploited these programs to disguise their identities; analyzed crowdfunding techniques to demonstrate how terrorist groups like Hamas raise money for their attacks; and raised awareness about money laundering from fentanyl and synthetic opioid trafficking, including analyzing the best approaches to detect and disrupt the criminal networks involved.
Treasury has a lot on its plate. The global illicit finance environment is becoming more complex. New technologies are providing not just innovative ways for those without access to the global financial system to transact, but also helping illicit actors hone their methodologies. Proliferation financing, in particular, is seeing new opportunities in the crypto world, while it has traditionally relied on the conventional financial system and cross-border trade. The enhanced anonymity, the ability to move vast amounts of cash quickly, and reduced reliance on formal financial institutions, which are collectively enhancing their due diligence efforts, are all attractive to groups seeking to move weapons and components.
A self-described weapons smuggler in China used Tether to pay a Hong Kong electronics distributor for electrical parts for drones Russia uses to target civilian infrastructure and murder Ukrainian citizens placed by US-designated Russian weapons conglomerate, Kalashnikov Concern. Andrey Zverev used the cryptocurrency, to pay millions of dollars from Kalashnikov to its supplier, since even Chinese banks were getting nervous about transacting with Russian military customers after President Biden signed EO 14114, authorizing secondary sanctions against foreign financial institutions that support Russia’s military-industrial sector.
Treasury’s National Strategy adjusts based on the threats, vulnerabilities, and progress in addressing them during the past two years. What the document tells me is that the government is going to increase efforts to combat ever-developing illicit financial threats, and it will use all tools at its disposal—including automation and emerging technologies—to do so.
That is why we are the 'good guys'... sigh
I look at this and think back to the work we did with JIEDDO. We 'never' caught up, because we had to obey the rules... And never had enough people with the 'right' knowledge to get ahead of the bad guys. I hope Treasury has better luck than we did.