Parent Company of Security Token Exchange tZERO Subpoenaed Twice by the U.S. Regulator at the End of Last Year

What Happened?

March 3, 2020: As disclosed in Overstock’s annual report, one of the subpoenas requested the documents related to the investment made in the company by Chinese private equity firm GSR. The second one was related to Overstock’s insider trading policies.​

Source: https://www.sec.gov/Archives/edgar/data/1130713/000113071320000014/ostk-20191231x10k.htm

Who Is Impacted?

Issuers of digital securities, broker-dealers, and alternative trading systems.

Why This Matters?

tZero’s token offering was promoted to investors globally and received a lot of media attention. The information requested by the SEC includes:

– all supporting documents related to a specific blockchain transaction

– written policies related to insider trading activity

Businesses that choose to issue digital securities or security tokens are expected to maintain up-to-date records supporting every transaction. This documentation can include disclosure documents, subscription agreements, source of funds, source of wealth, accredited investor certification, know your client data, and anti-money laundering risk screening reports for an initial offering. For assets trading in a secondary market, there can be even more items for the compliance checklist.

What’s Next?

Board members considering the use of digital securities should understand which regulatory tasks will need to become part of their daily operations and board review. Compliance officers should hold their board accountable for maintaining compliance across each jurisdiction that their tokens enter or trade through.

In most cases, compliance teams can automate over 90% of these activities. This enables a more effective AML program because teams can focus on signals rather than data entry and manual compliance processes.

By integrating validator or multi-sig blockchain functions directly into real-time transaction monitoring, KYC software, and regulatory reporting tools businesses can effectively use digital securities offerings to reduce costs, unlock liquidity, and keep a clean audit trail of the entire process.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

OCC Hits New York-Based Bank with First Ever Enforcement Action for Lack of Crypto AML Compliance

What Happened?

February 27, 2020: The U.S. OCC (Department of Treasury Office of the Comptroller of the Currency) took action publicly against M.Y. Safra Bank is the first in a new wave of enforcement for VASPs (virtual asset service providers).

According to the OCC order, the AML policies and procedures MYSB had in place were ineffective at identifying whether their clients were transacting with stolen or laundered virtual assets, such as Bitcoin and Ethereum cryptocurrencies and security tokens.

This inability to identify, investigate, or report this suspicious activity further prevented the bank from filing the appropriate SARs (suspicious activity reports) with FinCEN.

Source: https://www.occ.gov/static/enforcement-actions/ea2020-005.pdf

Who Is Impacted?

Any VASP–banks, crypto-exchanges, OTC desks, fintechs, etc.–dealing with virtual assets and serving U.S. customers.

Why This Matters?

The action taken against M.Y. Safra Bank is a strong indication that bank regulators such as the OCC, Federal Reserve Bank, and the FDIC (Federal Deposit Insurance Corporation) have already gathered enough information on VASPs to begin a campaign of targeted enforcement.

It also demonstrates that these regulators expect VASPs to have the capacity to identify and properly assess the risk of the clients and transactions they are serving. The regulator gives clear direction that the AML obligations of traditional finance apply to any virtual asset transaction.

What’s Next?

The MYSB board of directors has 60 days to respond with a comprehensive compliance program that is able to stand up to stress testing from an independent third party.

VASPs serving US users, clients, or investors should be able to clearly demonstrate that their KYC, risk screening, blockchain forensics, and transaction monitoring tools are integrated into an effective AML program – backed by comprehensive, written policies and procedures manuals, and audited by an independent expert.

Furthermore, compliance teams should review their AML providers to ensure they are not just paying for a KYC onboarding tool or identity verification APIs.

Ongoing monitoring programs are required – existing users should be screened regularly for AML risk such as whether they have appeared on global sanctions, watchlists, or adverse media risks, and whether they represent political exposure.

For iComply clients, our ongoing monitoring feature will perform these tasks on a daily basis and only provide alerts if a new risk is identified. Speak with your account manager for more information.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

BCSC Says “Global” Platform For Institutional and Retail Clients Operating Without a License

What Happened?

February 26, 2020: The BCSC announced that JT Trader Financial Services Ltd. was serving residents of British Columbia without a license to do so. According to its website, JT Trader is an online foreign exchange broker that offers cutting-edge trading tools to institutional and retail clients globally.

Source: https://www.bcsc.bc.ca/Enforcement/Investment_Caution_List/JT_Trader_Financial_Services_Ltd_/

Who Is Impacted?

Financial service providers offering foreign exchange, virtual asset, or fintech solutions serving audiences in multiple states (United States), provinces (Canada), or countries (Global). Risk managers for online payment services and money transfer businesses–such as Meastro, Visa, Mastercard, and WebMoney who serve JT Trader–will need to identify and reassess their own risk in doing business with and enabling these transactions for JT Trader.

Why This Matters?

According to the BCSC, JT Trader was operating out of Toronto, in the Canadian province of Ontario. Ontario is regulated by the OSC (Ontario Securities Commission). Both BCSC and OSC are members of the CSA (Canadian Securities Administrators). Due to the nature of JT Trader’s business, they will need to secure regulatory approval from every provincial regulator where they have at least one user.

What’s Next?

JT Trader’s actions have placed the company on several international watchlists and adverse media lists. Companies who serve JT Trader will need to complete risk assessments to determine if they can continue to support their business activity.

Compliance teams should consider whether their AML tools can easily identify what jurisdiction their user is from and whether they are legally able to serve the user.

If the proper licenses are in place and the user is accepted, the KYC and AML procedures need to meet the regulatory requirements of the user’s jurisdiction. An intelligent AML program should enforce country-specific workflows for user authentication, identity verification, document verification, risk screening, and data privacy.

Business managers should ensure their compliance teams are not wasting money and resources on users from jurisdictions that the company is not able to serve and, subsequently, should not be onboarding.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.