U.S. Targets Bank M.Y. Safra in First-Ever Crypto AML Action
OCC Hits New York-Based Bank with First Ever Enforcement Action for Lack of Crypto AML Compliance
What Happened?
February 27, 2020: The U.S. OCC (Department of Treasury Office of the Comptroller of the Currency) took action publicly against M.Y. Safra Bank is the first in a new wave of enforcement for VASPs (virtual asset service providers).
According to the OCC order, the AML policies and procedures MYSB had in place were ineffective at identifying whether their clients were transacting with stolen or laundered virtual assets, such as Bitcoin and Ethereum cryptocurrencies and security tokens.
This inability to identify, investigate, or report this suspicious activity further prevented the bank from filing the appropriate SARs (suspicious activity reports) with FinCEN.
Source: https://www.occ.gov/static/enforcement-actions/ea2020-005.pdf
Who Is Impacted?
Any VASP–banks, crypto-exchanges, OTC desks, fintechs, etc.–dealing with virtual assets and serving U.S. customers.
Why This Matters?
The action taken against M.Y. Safra Bank is a strong indication that bank regulators such as the OCC, Federal Reserve Bank, and the FDIC (Federal Deposit Insurance Corporation) have already gathered enough information on VASPs to begin a campaign of targeted enforcement.
It also demonstrates that these regulators expect VASPs to have the capacity to identify and properly assess the risk of the clients and transactions they are serving. The regulator gives clear direction that the AML obligations of traditional finance apply to any virtual asset transaction.
What’s Next?
The MYSB board of directors has 60 days to respond with a comprehensive compliance program that is able to stand up to stress testing from an independent third party.
VASPs serving US users, clients, or investors should be able to clearly demonstrate that their KYC, risk screening, blockchain forensics, and transaction monitoring tools are integrated into an effective AML program – backed by comprehensive, written policies and procedures manuals, and audited by an independent expert.
Furthermore, compliance teams should review their AML providers to ensure they are not just paying for a KYC onboarding tool or identity verification APIs.
Ongoing monitoring programs are required – existing users should be screened regularly for AML risk such as whether they have appeared on global sanctions, watchlists, or adverse media risks, and whether they represent political exposure.
For iComply clients, our ongoing monitoring feature will perform these tasks on a daily basis and only provide alerts if a new risk is identified. Speak with your account manager for more information.
learn more
Is your AML compliance too expensive, time-consuming, or ineffective?
iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.
Request a demo today.
RegTech: Transforming Compliance with Innovative Technology
Regulatory Technology, commonly known as RegTech, is revolutionizing the way organizations manage compliance and regulatory requirements. With the increasing complexity of global regulations, businesses need efficient and...
Future KYC Technology Trends: Emerging technologies and trends in the KYC space.
As regulatory requirements and security threats continue to evolve, so do the technologies used in Know Your Customer (KYC) processes. Emerging technologies are shaping the future of KYC, enhancing security, efficiency, and compliance. This article explores future KYC...
AI-Powered Identity Verification: Leveraging AI for more accurate and efficient identity verification.
Identity verification is a critical component of many industries, from finance to healthcare. Traditional methods of identity verification can be slow, error-prone, and costly. AI-powered identity verification offers a transformative solution, enhancing accuracy and...