Anti-Money Laundering

OFAC designates Evil Corp under cyber sanctions, and removes a terrorist

Earlier today, OFAC added the following persons:

ALVARES, Carlos, Moscow, Russia; DOB 18 May 1971; POB Spain; Gender Male; National ID No. AV176942 (Spain) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

BASHLIKOV, Aleksei, Moscow, Russia; DOB 18 Mar 1988; POB Russia; Gender Male; Passport 4509592875 (Russia) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

BURKHONOVA, Gulsara, Moscow, Russia; DOB 06 Apr 1977; POB Russia; alt. POB Tajikistan; Gender Female; Passport 9707561379 (Russia) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

GUBERMAN, David, Moscow, Russia; DOB 01 Mar 1971; POB Ukraine; Gender Male; National ID No. 7201105 (Israel) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

GUSEV, Denis Igorevich (Cyrillic: ГУСЕВ, ДЕНИС ИГОРЕВИЧ) (a.k.a. GOTMAN, David; a.k.a. POMOJAC, Marin), Moscow, Russia; DOB 10 Jun 1986; alt. DOB 08 Jul 1977; alt. DOB 07 Oct 1987; POB Moscow, Russia; alt. POB Ceadir-Lunga, Moldova; citizen Russia; Gender Male; Passport 717386212 (Russia); alt. Passport A1167292 (Moldova); alt. Passport 1213007 (Israel) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

MANIDIS, Georgios, Moscow, Russia; DOB 23 Aug 1971; Gender Male; National ID No. AV2752462 (Greece) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

PLOTNITSKIY, Andrey (a.k.a. KOVALSKIY, Andrey Vechislavovich; a.k.a. STREL, Andrey), Moscow, Russia; DOB 25 Jul 1989; Gender Male (individual) [CYBER2] (Linked To: EVIL CORP). 

 

SAFAROV, Azamat, Moscow, Russia; DOB 26 Mar 1990; POB Uzbekistan; Gender Male; National ID No. CE2236830 (Uzbekistan) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

SHEVCHUK, Tatiana, Moscow, Russia; DOB 08 Jan 1970; Gender Female; National ID No. BB299742 (Ukraine) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

SLOBODSKOY, Dmitriy Alekseyevich, Russia; DOB 28 Jul 1988; Gender Male; Passport 721007353 (Russia) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

SLOBODSKOY, Kirill Alekseyevich, Moscow, Russia; DOB 26 Feb 1987; POB Moscow, Russia; nationality Russia; Gender Male; Passport 721025114 (Russia); National ID No. 4508818947 (Russia) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

SMIRNOV, Dmitriy Konstantinovich, Moscow, Russia; DOB 10 Nov 1987; citizen Russia; Gender Male (individual) [CYBER2] (Linked To: EVIL CORP). 

 

TUCHKOV, Ivan Dmitriyevich, Russia; DOB 27 Nov 1986; POB Moscow, Russia; Gender Male; Passport 45092006504 (Russia); alt. Passport 753931329 (Russia); VisaNumberID 525867504 (France) (individual) [CYBER2] (Linked To: EVIL CORP). 

 

TURASHEV, Igor Olegovich (a.k.a. “ENKI”; a.k.a. “NINTUTU”), Russia; DOB 15 Jun 1981; Gender Male (individual) [CYBER2] (Linked To: EVIL CORP). 

 

YAKUBETS, Artem Viktorovich, Moscow, Russia; DOB 17 Jan 1986; POB Polonnoye, Khmelnitskaya Oblast, Ukraine; citizen Russia; Gender Male (individual) [CYBER2] (Linked To: EVIL CORP). 

 

YAKUBETS, Maksim Viktorovich (a.k.a. “AQUA”), Moscow, Russia; DOB 20 May 1987; POB Polonnoye, Khmelnitskaya Oblast, Ukraine; citizen Russia; Gender Male; Passport 4509135586 (Russia) (individual) [CYBER2] (Linked To: EVIL CORP; Linked To: FEDERAL SECURITY SERVICE). 

 

ZAMULKO, Ruslan, Moscow, Russia; DOB 25 Jun 1970; POB Ukraine; Gender Male; National ID No. HB698865 (Ukraine) (individual) [CYBER2] (Linked To: EVIL CORP).

and entities:

BIZNES-STOLITSA, OOO (Cyrillic: ООО БИЗНЕС-СТОЛИЦА) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU BIZNES-STOLITSA), d. 14 korp. 1 pom. Khll/kom. 1, ul., Sokolovo-Meshcherskaya Moscow, Moscow 125466, Russia; D-U-N-S Number 50-722-4994; Tax ID No. 7733904024 (Russia); Government Gazette Number 40335667 (Russia); Registration Number 5147746417682 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich). 

 

EVIL CORP (a.k.a. DRIDEX GANG), Moscow, Russia; Moldova [CYBER2]. 

 

OPTIMA, OOO (Cyrillic: ООО ОПТИМА) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU OPTIMA), d. 2 korp. 2 pom. 1, ul., Kominterna Moscow, Moscow 129344, Russia; D-U-N-S Number 50-579-8144; Tax ID No. 7716740680(Russia); Government Gazette Number 17325717 (Russia); Registration Number 1137746232260 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich). 

 

TREID-INVEST, OOO (Cyrillic: ООО ТРЕЙД-ИНВЕСТ) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU TREID-INVEST), 11/2, ul., Sadovaya-Chernogryazskaya Moscow, Moscow 105064, Russia; D-U-N-S Number 50-722-5114; Tax ID No. 7701416320 (Russia); Government Gazette Number 40214946 (Russia); Registration Number 5147746418782 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich). 

 

TSAO, OOO (Cyrillic: ООО ЦАО) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU TSENTR AVTOOBSLUZHIVANIYA), 9, per., Omski Kurgan, Kurganskaya Oblast 640000, Russia; D-U-N-S Number 68-215-4722; Tax ID No. 4501122896 (Russia); Government Gazette Number 78739479 (Russia); Registration Number 1064501172394 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich). 

 

VERTIKAL, OOO (Cyrillic: ООО ВЕРТИКАЛЬ) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU VERTIKAL), d. 102/1, ul. Beregovaya Kogalym, Khanty-Mansiski, Avtonomny Okrug – Yugra Okr. 628482, Russia; D-U-N-S Number 50-630-4726; Tax ID No. 8608056026 (Russia); Government Gazette Number 26149774 (Russia); Registration Number 1138608000189 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich). 

 

YUNIKOM, OOO (Cyrillic: ООО ЮНИКОМ) (a.k.a. OBSHCHESTVO S OGRANICHENNOI OTVETSTVENNOSTYU YUNIKOM), d. 18, ul. Tsentralnaya Kogalym, Khanty-Mansiski, Avtonomny Okrug – Yugra Okr. 628483, Russia; D-U-N-S Number 68-321-9795; Tax ID No. 8608052180 (Russia); Government Gazette Number 97396163 (Russia); Registration Number 1068608008204 (Russia) [CYBER2] (Linked To: GUSEV, Denis Igorevich).

to the SDN List under its cyber-related sanctions program.

Additionally, it removed the following listings under the counter terrorism sanctions program:

AMHAZ, Issam Mohamad (a.k.a. AMHAZ, ‘Isam; a.k.a. AMHAZ, Issam Mohamed), Ghadir, 5th Floor, Safarat, Bir Hassan, Jenah, Lebanon; Issam Mohamad Amhaz Property, Ambassades (Safarate), Bir Hassan Area , Ghobeiri, Baabda, Lebanon; DOB 04 Mar 1967; POB Baalbek, Lebanon; nationality Lebanon; Additional Sanctions Information – Subject to Secondary Sanctions Pursuant to the Hizballah Financial Sanctions Regulations; Passport RL0000199 (Lebanon); Identification Number 61 Nabha; Chairman, Stars Group Holding; General Manager, Teleserveplus (individual) [SDGT]. 

 

AMHAZ, Issam Mohamed (a.k.a. AMHAZ, ‘Isam; a.k.a. AMHAZ, Issam Mohamad), Ghadir, 5th Floor, Safarat, Bir Hassan, Jenah, Lebanon; Issam Mohamad Amhaz Property, Ambassades (Safarate), Bir Hassan Area , Ghobeiri, Baabda, Lebanon; DOB 04 Mar 1967; POB Baalbek, Lebanon; nationality Lebanon; Additional Sanctions Information – Subject to Secondary Sanctions Pursuant to the Hizballah Financial Sanctions Regulations; Passport RL0000199 (Lebanon); Identification Number 61 Nabha; Chairman, Stars Group Holding; General Manager, Teleserveplus (individual) [SDGT]. 

 

AMHAZ, ‘Isam (a.k.a. AMHAZ, Issam Mohamad; a.k.a. AMHAZ, Issam Mohamed), Ghadir, 5th Floor, Safarat, Bir Hassan, Jenah, Lebanon; Issam Mohamad Amhaz Property, Ambassades (Safarate), Bir Hassan Area , Ghobeiri, Baabda, Lebanon; DOB 04 Mar 1967; POB Baalbek, Lebanon; nationality Lebanon; Additional Sanctions Information – Subject to Secondary Sanctions Pursuant to the Hizballah Financial Sanctions Regulations; Passport RL0000199 (Lebanon); Identification Number 61 Nabha; Chairman, Stars Group Holding; General Manager, Teleserveplus (individual) [SDGT].

And the Treasury Department issued the following press release:

PRESS RELEASES

Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware

Washington – Today the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware.  Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft.  This malicious software has caused millions of dollars of damage to U.S. and international financial institutions and their customers.  Concurrent with OFAC’s action, the Department of Justice charged two of Evil Corp’s members with criminal violations, and the Department of State announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader.  These U.S. actions were carried out in close coordination with the United Kingdom’s National Crime Agency (NCA).  Additionally, based on information obtained by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) released previously unreported indicators of compromise associated with the Dridex malware and its use against the financial services sector.   

“Treasury is sanctioning Evil Corp as part of a sweeping action against one of the world’s most prolific cybercriminal organizations.  This coordinated action is intended to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group,” said Steven T. Mnuchin, Secretary of the Treasury.  “OFAC’s action is part of a multiyear effort with key NATO allies, including the United Kingdom.  Our goal is to shut down Evil Corp, deter the distribution of Dridex, target the “money mule” network used to transfer stolen funds, and ultimately to protect our citizens from the group’s criminal activities.”

Worldwide, cybercrime results in losses that total in the billions of dollars, while in the United States, financial institutions and other businesses remain prime targets for cybercriminals.  Today’s action clarifies that, in addition to his involvement in financially motivated cybercrime, the group’s leader, Maksim Yakubets, also provides direct assistance to the Russian government’s malicious cyber efforts, highlighting the Russian government’s enlistment of cybercriminals for its own malicious purposes.  Maksim Yakubets is not the first cybercriminal to be tied to the Russian government.  In 2017, the Department of Justice indicted two Russian Federal Security Service (FSB) officers and their criminal conspirators for compromising millions of Yahoo email accounts.  The United States Government will not tolerate this type of activity by another government or its proxies and will continue to hold all responsible parties accountable.

Today’s designations and indictments were issued in furtherance of previous international actions targeting Evil Corp in an effort to further disrupt and degrade the group’s ability to operate.  In October 2015, the Department of Justice indicted Andrey Ghinkul for spreading the Dridex malware.  At that same time, the Federal Bureau of Investigation and the NCA disrupted the global infrastructure utilized at the time by Evil Corp.  Over the past several years, the NCA and the United Kingdom’s Metropolitan Police Service have arrested multiple individuals who enabled the activities of Evil Corp, including laundering stolen proceeds acquired through the Dridex malware.

As a result of today’s designations, all property and interests in property of these persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them.  Additionally, any entities 50 percent or more owned by one or more designated persons are also blocked.  Foreign persons may be subject to secondary sanctions for knowingly facilitating a significant transaction or transactions with these designated persons.

DESIGNATION TARGETS

Today’s action targets 17 individuals and seven entities to include Evil Corp, its core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group.  OFAC designated these persons pursuant to Executive Order (E.O.) 13694, as amended, which targets malicious cyber-enabled actors around the world, and as codified by the Countering America’s Adversaries Through Sanctions Act.

DRIDEX infection chain photo

Evil Corp is the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware.  The Dridex malware is a multifunctional malware package that is designed to automate the theft of confidential information, to include online banking credentials from infected computers.  Dridex is traditionally spread through massive phishing email campaigns that seek to entice victims to click on malicious links or attachments embedded within the emails.  Once a system is infected, Evil Corp uses compromised credentials to fraudulently transfer funds from victims’ bank accounts to those of accounts controlled by the group.  As of 2016, Evil Corp had harvested banking credentials from customers at approximately 300 banks and financial institutions in over 40 countries, making the group one of the main financial threats faced by businesses.  In particular, Evil Corp heavily targets financial services sector organizations located in the United States and the United Kingdom.  Through their use of the Dridex malware, Evil Corp has illicitly earned at least $100 million, though it is likely that the total of their illicit proceeds is significantly higher.  As a result of this activity, Evil Corp is being designated pursuant to E.O. 13694, as amended, for engaging in cyber-enabled activities that have the effect of causing a significant misappropriation of funds or economic resources for private financial gain. 

Evil Corp operates as a business run by a group of individuals based in Moscow, Russia, who have years of experience and well-developed, trusted relationships with each other.  Maksim Yakubets (Yakubets) serves as Evil Corp’s leader and is responsible for managing and supervising the group’s malicious cyber activities.  For example, as of 2017, Yakubets supervised Evil Corp actors who were attempting to target U.S. companies.  As of 2015, Yakubets maintained control of the Dridex malware and was in direct communication with Andrey Ghinkul prior to the unsealing of his indictment.  As a result, Yakubets is being designated pursuant to E.O. 13694, as amended, for having acted for or on behalf of and for providing material assistance to Evil Corp.  Prior to serving in this leadership role for Evil Corp, Yakubets was also directly associated with Evgeniy Bogachev, a previously designated Russian cybercriminal responsible for the distribution of the Zeus, Jabber Zeus, and GameOver Zeus malware schemes.  In particular, Yakubets was responsible for recruiting and managing a network of individuals responsible for facilitating the movement of money illicitly gained through the efforts spearheaded by Evgeniy Bogachev.  Yakubets is the subject of an indictment and criminal complaint unsealed today by the Department of Justice, while the Department of State announced a $5 million reward for information leading to the capture of Yakubets. 

In addition to his leadership role within Evil Corp, Yakubets has also provided direct assistance to the Russian government.  As of 2017, Yakubets was working for the Russian FSB, one of Russia’s leading intelligence organizations that was previously sanctioned pursuant to E.O. 13694, as amended, on December 28, 2016.   As of April 2018, Yakubets was in the process of obtaining a license to work with Russian classified information from the FSB.  As a result, Yakubets is also being designated pursuant to E.O. 13694, as amended, for providing material assistance to the FSB.  Additionally, as of 2017, Yakubets was tasked to work on projects for the Russian state, to include acquiring confidential documents through cyber-enabled means and conducting cyber-enabled operations on its behalf.

Another key Evil Corp figure targeted today is Igor Turashev (Turashev).  As of 2017, Turashev was involved in helping Evil Corp exploit victims’ networks.  As of 2015, Turashev served as an administrator for Yakubets and had control over the Dridex malware.  As a result, Turashev is being designated pursuant to E.O. 13694, as amended, for having acted for or on behalf of and for providing material assistance to Evil Corp.  Turashev is also the subject of an indictment unsealed today by the Department of Justice.

Denis Gusev (Gusev), a senior member of Evil Corp, is also being designated today for his active role in furthering Evil Corp’s activities.  As of 2017, Gusev was involved in helping Evil Corp move to a new office location and as of 2018, Gusev served as a financial facilitator for Evil Corp and its members.  As a result, Gusev is being designated pursuant to E.O. 13694, as amended, for having acted for or on behalf of and for providing material assistance to Evil Corp.

Gusev also serves as the General Director for six Russia-based businesses. These entities include Biznes-Stolitsa, OOO, Optima, OOO, Treid-Invest, OOO, TSAO, OOO, Vertikal, OOO, and Yunikom, OOO.  As a result, these entities are being designated pursuant to E.O. 13694, as amended, for being owned or controlled by Gusev.

In addition to Yakubets, Turashev, and Gusev, Evil Corp relies upon a cadre of core individuals to carry out critical logistical, technical, and financial functions such as managing the Dridex malware, supervising the operators seeking to target new victims, and laundering the proceeds derived from the group’s activities.  These additional core members of the group include Dmitriy Smirnov, Artem Yakubets, Ivan Tuchkov, Andrey Plotnitskiy, Dmitriy Slobodskoy, and Kirill Slobodskoy.  As a result, these six individuals are being designated pursuant to E.O. 13694, as amended, for having acted for or on behalf of and for providing material assistance to Evil Corp.

To transfer the proceeds gained through their use of the Dridex malware, Evil Corp relies upon a network of money mules who are involved in transferring stolen funds obtained from victims’ bank accounts to accounts controlled by members of Evil Corp.  Previously, the NCA arrested multiple individuals in the United Kingdom suspected of laundering the criminal profits of cybercrime schemes, including those perpetrated by Evil Corp, through hundreds of accounts at various banks in the United Kingdom.  Today, OFAC is designating eight Moscow-based individuals who have served as financial facilitators for Evil Corp.  These individuals include Aleksei Bashlikov, Ruslan Zamulko, David Guberman, Carlos Alvares, Georgios Manidis, Tatiana Shevchuk, Azamat Safarov, and Gulsara Burkhonova.  As a result, these eight individuals are being designated pursuant to E.O. 13694, as amended, for providing financial and material assistance to Evil Corp.

And FinCEN and the Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) issued an alert about the Dridex malware.

Links:

OFAC Notice

Treasury Press Release

FinCEN/OCCIP Dridex Malware Alert

Finanstilsynet publishes new virtual currency rules

New rules for virtual currency and fiat currency exchange providers as well as virtual wallet providers.

Pr. January 10, 2020, everyone must be registered with the Danish Financial Supervisory Authority in accordance with the Money Laundering Act.

You can already submit your application to the Danish Financial Supervisory Authority. 

You can read more about this on the Danish FSA’s website, where you also find a review form:

https://www.finanstilsynet.dk/Ansoeg-og-Indberet/Indberetning-for-finansielle-virksomheder/Andre/Anmeldelsesskema-hvidvask

In the section entitled “The purpose of the company”, write that you exchange virtual currencies with fiat currencies or provide virtual wallets. 

Providers of exchanges between virtual currencies and fiat currencies as well as providers of virtual wallets are not mentioned directly in the table yet. This is because these companies are only covered by the Money Laundering Act on January 10, 2020.

This also means that you will not receive your registration until January 10, 2020. However, the Danish FSA will begin processing your review by January 10.

You will not be able to do business with the exchange of virtual currencies and fiat currencies and the provision of virtual wallets from January 10, 2020, if you have not registered with the Danish Financial Supervisory Authority.

Once you have registered, you will be subject to the requirements of the Money Laundering Act. This means, among other things, that you must 

  • make a risk assessment in relation to money laundering and terrorist financing for your business

  • have policies, business procedures and controls to prevent money laundering and terrorist financing

  • conduct customer awareness procedures in relation to all your customers, including any sharpened knowledge management procedures

  • continuously monitor your business relationships

  • conduct investigations of all complex and unusually large transactions, as well as all transaction patterns and activities that do not have a clear economic or demonstrable legal purpose, to determine whether there is reasonable cause to suspect that they are or have been linked to money laundering or terrorist financing 

  • notify the Money Laundering Secretariat of the State Prosecutor for Special Economic and International Crime (SEIC) if you are aware of, suspect or have reason to suspect that a transaction, funds or activity has or has been linked to money laundering or terrorist financing.

You can read much more in the Money Laundering Act and in the Danish FSA’s guide to the Money Laundering Act, which you can find here:

https://www.retsinformation.dk/Forms/R0710.aspx?id=209981

https://www.retsinformation.dk/Forms/R0710.aspx?id=203495

Link:

Finanstilsynet notice

Finanstilsynet publishes its AML seminar materials

Money Laundering Seminar 2019

We have gathered all the slides from the seminar in one document.

On 18 November 2019, the Danish FSA held the first annual money laundering seminar. We thank you for the great interest, including the great attendance from authorities and the industry.

To those interested, we have published all the slides from the individual posts.

Download all slides  here .

Links:

Finanstilsynet notice

Seminar slides

Finanstilsynet inspection: Handelsbanken

Statement on inspection in Handelsbanken, branch of Svenska Handelsbanken AB (publ), Sweden (money laundering area)

In March 2019, the Danish FSA was on inspection in Handelsbanken, a branch of Svenska Handelsbanken AB (hereafter the branch).

The inspection was an investigation of the money laundering area as part of the ongoing supervision of the branch. The inspection included the branch’s risk assessment, policies, procedures and internal controls, as well as customer knowledge procedures, including private and corporate customer monitoring.

Risk assessment and summary

Handelsbanken is a Danish branch of Svenska Handelsbanken AB, a Swedish credit institution, which at the end of 2018 was the fifth largest bank in Denmark and on a group basis among the largest in the Nordic region.

The branch focuses on having full customers, both private and corporate customers, and for this reason the branch has only a small proportion of customers who purchase only one single product. 
 
The Danish FSA considers that the branch’s inherent risk of being abused for money laundering or terrorist financing is normal to high when compared to the average of financial companies in Denmark. In the assessment, the Danish FSA has placed particular emphasis on the fact that the branch has many customers and that it offers a number of different financial products for use by both private and corporate customers.  

Based on the inspection, there are a number of areas that give rise to supervisory reactions.

The branch is required to revise its risk assessment, as the branch’s risk assessment does not take sufficiently into account the branch’s own business model, including the customer’s types of customer, and does not include an assessment of the risk factors associated with customer products, services, and transactions, and delivery channels and countries or geographies. where the business activities are conducted. This is particularly true of the risk of the branch being abused for terrorist financing.

The branch is instructed to adjust its money laundering policy so that it is based on the risk assessment that sets the branch’s overall strategic objectives in the area of ​​money laundering and describes the risks the branch wishes to take. 

In addition, the branch is required to ensure that it has adequate internal controls to include risk management, knowledge management procedures, investigation, listing and reporting obligations, information retention, employee screening and internal control for effective prevention, mitigation and management of risks. money laundering and terrorist financing. 

Finally, the branch is instructed to ensure that, in all cases when establishing customer relationships and in changing customer relationships, it assesses whether it is relevant to obtain information about the purpose and intended nature of the customer relationship.

Link:

Inspection Statement

HKMA holds RegTech forum

22 Nov 2019

Hong Kong Monetary Authority (HKMA) fosters a diversified ecosystem for Anti-Money Laundering and Counter-Financing of Terrorism (AML/CFT) Regulatory Technology (RegTech)

The HKMA hosted the first AML/CFT RegTech Forum on 22 November 2019. 

The event gathered various stakeholders in Hong Kong’s AML/CFT regime and was attended by around 400 representatives of banks as well as government agencies, financial regulators and law enforcement agencies, together with global experts and firms in the application of technology, including artificial intelligence and data analytics.  Participants shared insights in grasping opportunities for the use of innovative technology to enhance the efficiency of both banks and the wider AML/CFT ecosystem.

Welcoming the group, Mr Arthur Yuen, Deputy Chief Executive of the HKMA, said, “The Forum, building on the positive results of the recent Financial Action Task Force evaluation of Hong Kong’s AML/CFT regime, brings together the banking and technology sectors and stakeholders to further enhance effectiveness, which requires vision and aspiration because there are always new and emerging risks; criminals will exploit new technology to create terrible harm.”   “The HKMA and the banking sector will continue to contribute to AML/CFT efforts in Hong Kong, and through our supervisory processes, regulations and guidance, we support banks’ efforts to innovate and fully grasp the benefits of RegTech.” Mr Yuen added.

In a series of panels and break-out sessions, participants shared experience and expertise in the application of Regtech to AML/CFT work in the banking sector and explored further collaboration among banks and various stakeholders.  Three break-out groups, namely “Accelerators”, “Enablers”and “Collaborators”, will keep up the momentum collectively by focusing on the following efforts in the next six to twelve months:

 

  • “Accelerators” : Applying an appropriate assessment framework that assists banks to review AML/CFT processes end-to-end for RegTech adoption and drive changes in the industry;

  •  

  • “Enablers” : Experimenting in “Lab sessions” for software innovations in areas including transaction monitoring and screening; and

  •  

  • “Collaborators” : Working to fulfill requirements, namely data, analytics, information delivery, collaboration as well as skills and expertise, to further enhance effectiveness of the AML/CFT ecosystem and the positive impacts of information and intelligence sharing.

  •  

 

Hong Kong Monetary Authority
22 November 2019

 

Mr Arthur Yuen, Deputy Chief Executive of the HKMA makes welcoming remarks at the first HKMA AML/CFT RegTech Forum.
Mr Arthur Yuen, Deputy Chief Executive of the HKMA makes welcoming remarks at the first HKMA AML/CFT RegTech Forum.

(From left to right – Panel 1) Mr Stewart McGlynn, Head (AML and Financial Crime Risk) of the HKMA; Mr Paul Jevtovic, Head of Financial Crime Threat Mitigation, Asia Pacific of The Hongkong and Shanghai Banking Corporation Limited; Mr Zane Moi, Deputy General Manager of Amazon Web Services Hong Kong & Taiwan; Mr Malcolm Wright, Chief Compliance Officer of Diginex and Mr Chris Bostock, Director of Deloitte share insights about innovation and the future of money laundering and terrorist financing risk management.
(From left to right – Panel 1) Mr Stewart McGlynn, Head (AML and Financial Crime Risk) of the HKMA; Mr Paul Jevtovic, Head of Financial Crime Threat Mitigation, Asia Pacific of The Hongkong and Shanghai Banking Corporation Limited; Mr Zane Moi, Deputy General Manager of Amazon Web Services Hong Kong & Taiwan; Mr Malcolm Wright, Chief Compliance Officer of Diginex and Mr Chris Bostock, Director of Deloitte share insights about innovation and the future of money laundering and terrorist financing risk management.

(From left to right - Panel 2) Mr Anir Bhattacharyya, Director of Deloitte; Ms Wendy Ennis, Head, Financial Crime Compliance of SC Digital Solutions Limited; Mr John Collins, Partner of JohnsonLeonard Data & Analytics; Mr Edward Chiu, Chief Operating Officer of Chong Hing Bank Limited and Mr Brian W Tang, Co-Chairman of the Fintech Association of Hong Kong’s Regtech Committee discuss challenges and opportunities in adopting RegTech in AML/CFT.
(From left to right – Panel 2) Mr Anir Bhattacharyya, Director of Deloitte; Ms Wendy Ennis, Head, Financial Crime Compliance of SC Digital Solutions Limited; Mr John Collins, Partner of JohnsonLeonard Data & Analytics; Mr Edward Chiu, Chief Operating Officer of Chong Hing Bank Limited and Mr Brian W Tang, Co-Chairman of the Fintech Association of Hong Kong’s Regtech Committee discuss challenges and opportunities in adopting RegTech in AML/CFT.

Participants have break-out group discussion on “pain points” in AML/CFT work and possible application of RegTech across various use cases and deploying technology to advance more proactive data and knowledge sharing.
Participants have break-out group discussion on “pain points” in AML/CFT work and possible application of RegTech across various use cases and deploying technology to advance more proactive data and knowledge sharing.

Ms Carmen Chu, Executive Director (Enforcement and AML) of the HKMA gives concluding remarks highlighting the follow-up actions to keep up the momentum and effectiveness of the AML/CFT efforts.
Ms Carmen Chu, Executive Director (Enforcement and AML) of the HKMA gives concluding remarks highlighting the follow-up actions to keep up the momentum and effectiveness of the AML/CFT efforts.

Link:

HKMA Notice

November 14, 2019: FINTRAC updates identity verification guidance, Guideline 5

FINTRAC updates its Methods to verify the identity of an individual and confirm the existence of a corporation or an entity other than a corporation guidance 

After consulting and working closely with businesses, FINTRAC has updated its guidance on Methods to verify the identity of an individual and confirm the existence of a corporation or an entity other than a corporation. The updated guidance reflects amendments to theProceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) that came into force on June 25, 2019, and the feedback we received from Canadian businesses which helped us create a better product.

Specifically, government-issued photo identification documents used to verify the identity of an individual must be ‘authentic, valid and current’ instead of ‘original, valid and current’ as it was previously; and the prohibition on the use of electronic images as sources of information has been lifted.

This change provides greater flexibility to businesses to effectively comply with PCMLTFA requirements by allowing for the use of new technologies to verify identity and authenticate documents.

Additionally, FINTRAC has also made a slight change to Guideline 5. Terrorist group and Listed person lists can now be found:

·         on Public Safety Canada’s website.

·         in the Schedule of the Regulations Implementing the United Nations Resolutions on the Suppression of Terrorism.

FINTRAC is committed to working with businesses to increase their awareness and understanding of their compliance obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and to reducing the associated administrative burden where possible.

November 8, 2019: FinCEN renews the Real Estate GTO?

FinCEN Reissues Real Estate Geographic Targeting Orders for 12 Metropolitan Areas

Contact
Steve Hudak, 703-905-3770
Immediate Release

WASHINGTON—The Financial Crimes Enforcement Network (FinCEN) today announced the renewal of its Geographic Targeting Orders (GTOs) that require U.S. title insurance companies to identify the natural persons behind shell companies used in all-cash purchases of residential real estate.  The purchase amount threshold remains $300,000 for each covered metropolitan area. 

These renewed GTOs will be identical to the May 2019 GTOs with one modification: the new GTOs will not require reporting for purchases made by legal entities that are U.S. publicly-traded companies.  Real estate purchases by such entities are identifiable through other business filings. 

The terms of this Order are effective beginning November 12, 2019 and ending on May 9, 2020.  GTOs continue to provide valuable data on the purchase of residential real estate by persons possibly involved in various illicit enterprises.  Reissuing the GTOs will further assist in tracking illicit funds and other criminal or illicit activity, as well as inform FinCEN’s future regulatory efforts in this sector.

Today’s GTOs cover certain counties within the following major U.S. metropolitan areas:  Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle.  

FinCEN appreciates the continued assistance and cooperation of the title insurance companies and the American Land Title Association in protecting the real estate markets from abuse by illicit actors.

Any questions about the Orders should be directed to the FinCEN Resource Center at FRC@FinCEN.gov. 



So, normally GTOs are for limited duration. This one, however, has been through a number of iterations and renewals. Why? Are they not getting enough actionable data? If they were, you’d think they’d issue a rulemaking extending all this nationally….

Just saying…

Links:

FinCEN Press Release

Geographic Targeting Order

GTO FAQs