US compliance teams faced no shortage of adversity in 2022, not least the consequences of Russia’s invasion of Ukraine and lingering Covid-19 pandemic measures. Those challenges prompted a decisive regulatory response from the US government, and meant that firms had to adapt to an evolving anti-money laundering (AML) and counter-financing of terrorism (CFT) risk landscape in order to avoid damaging penalties.
With the Ukraine war and economic turbulence ongoing, US AML regulations will continue to evolve to meet new financial crime risks in 2023. To help your firm navigate the compliance landscape and meet its obligations, let’s take a look at some of the key upcoming US AML regulation changes.
The FINCEN Final Rule
The US’ Anti-Money Laundering Act 2020 (passed on 1 January 2021) set out new rules for the reporting of beneficial ownership information (BOI). Intended to crack down on the use of shell companies and legal structures in money laundering, the rules introduce new reporting requirements and ensure that US law enforcement and security agencies have access to essential company ownership information.
In September 2022, the Financial Crimes Enforcement Network (FinCEN) published its final rule on the BOI provisions. Due to be implemented on 1 January, 2024, the final rule broadly aligns with the original proposals, and introduces the following regulatory points:
- A definition of “reporting companies” that are obliged to comply with the BOI rules.
- A definition of “beneficial owners” which includes individuals that exercise “substantial control” over a company, such as senior officers or C-suite employees, or that have at least 25% control of the company.
- A requirement for companies to report “company applicants” which refers to individuals who file company formation documents, and to individuals who direct those responsible for filing.
- A list of ownership information that must be reported, including the names, addresses, and birthdates of owners, and other identifying documents (such as driving licences).
- A requirement for firms to report no later than 30 days after their registration date.
- A clarification of criminal and financial penalties for reporting violations. Under the new rules, responsibility for violations will “fall principally on individuals” rather than reporting companies.
National Illicit Finance Strategy
In May 2022, the US Department of Treasury announced its National Strategy for Combating Terrorist and Other Illicit Financing. A response to the threats identified in the 2022 National Risk Assessments for Money Laundering, Terrorist Financing, and Proliferation Financing, the Strategy will serve as “a roadmap to close loopholes” in the country’s financial system, by increasing transparency and strengthening US AML/CFT regulations. The National Illicit Finance Strategy has four priorities:
- Closing loopholes in the US AML/CFT framework that are vulnerable to exploitation by shell companies and cash real estate purchases.
- Continuing to enhance the US AML/CFT framework by providing clear compliance guidance, facilitating information sharing, and funding supervision and enforcement.
- Enhancing the effectiveness of law enforcement in combatting illicit finance.
- Enabling the benefits of new technologies while mitigating the risks that they pose and addressing the potential threats of virtual assets and other fintech innovations.
Responsible Financial Innovation Act
Introduced to congress in June 2022, the Responsible Financial Innovation Act (RFIA) is intended to “create a regulatory framework for digital assets” in the US. Also known as the “Lummis-Gillibrand Bill” (after its proponents, senators Cynthia Lummis and Kirsten Gillibrand), the RFIA will provide regulatory clarity for the use of digital assets, including the authorities which will provide oversight for them, and will introduce reporting responsibilities for digital asset service providers.
Key highlights of the RFIA include:
- Oversight: The Commodity Futures Trading Commission (CFTC) would become the primary regulator of digital assets.
- Reporting: Issuers of digital assets would be required to periodically disclose information to the Securities and Exchange Commission (SEC). All digital asset service providers would be required to make certain disclosures to customers.
- Stablecoins: Issuers of stablecoins would be subject to new prudential regulations.
- DAO classification: Decentralised Autonomous Organisations (DAO) would be classified as “business entities” and subject to the relevant regulations and tax treatment.
- Taxation: Digital assets would be subject to tax rules, with the IRS introducing guidance on certain tax issues.
Responsible Development of Digital Assets
The US government’s regulatory focus on digital assets is growing. In September 2022, President Biden released the Comprehensive Framework for the Responsible Development of Digital Assets, which included recommendations for protecting consumers and national security interests from the risks of digital assets.
The Framework suggests that the Biden administration will introduce further regulatory controls on digital assets in 2023 and beyond. Key highlights include:
- Guidance: While the US government prepares digital asset regulations, the Treasury will “issue guidance and rules to address current and emergent risks in the digital asset ecosystem”.
- Collaboration: The Treasury and other federal agencies will cross-collaborate with US firms to provide and implement regulatory guidance on digital assets.
- Education: The US Financial Literacy Education Commission (FLEC) will lead efforts to increase public awareness of the risks and fraudulent practices associated with digital assets.
Global Sanctions and Ukraine
With the invasion of Ukraine entering its second year, it is likely that the US, along with Western allies, will add to its “unprecedented” sanctions programme against Russia and President Vladmir Putin’s regime. In February 2023, the White House announced a range of new economic restrictions, including:
- New export restrictions targeting Russia’s defence and energy sectors.
- A crackdown on attempts by third parties to evade US sanctions on Russia.
- A joint initiative with the UK to impose sanctions against Russian cybercriminals.
Beyond Ukraine and Russia, the US will evolve its sanctions programmes against a range of global targets. In particular, it is likely that the US will continue to exert pressure on Iran in response to its ongoing oppression of human rights protesters, and efforts to develop nuclear weapons. In early February, the Biden administration imposed sanctions against Iranian petrochemical manufacturers that were selling fuel to customers in Singapore and Malaysia.
It is also likely that the US will target China with additional economic sanctions in response to ongoing espionage activities, including the Chinese spy balloon that was discovered in US airspace in early February. Following that incident, the US announced the addition of six Chinese technology companies to the Bureau of Industry and Security (BIS) Entity List as a result of their support for China’s military aerospace programmes.
Using Technology to Comply with US AML Regulations
While the US is following a global trend of digital asset regulation, its sanctions activity in 2023, especially pertaining to Ukraine, may be harder to predict, and depend on both the economic situation in Russia and progress made on the frontlines. In a compliance context, this means that financial institutions must implement agile screening solutions with a global scope, and be ready to move quickly to adapt to geopolitical developments. Innovative AML technology will continue to be critical to US AML compliance. In a complex and evolving risk environment, firms must be able to acquire meaningful data quickly and accurately, and minimise the amount of false positives their screening solution generates.
With that goal in mind, Ripjar’s Labyrinth Screening platform has a proven track record of helping firms extract actionable insight from complex data sets, including millions of adverse news media articles, and international sanctions and watchlists such as the US’ OFAC sanctions list. Labyrinth uses advanced machine learning algorithms to process data in real time, in over 20 foreign languages, delivering results in seconds to ensure your organisation understands its risk liability, in the US and around the world.