The Saudi Central Bank (previously known as the Saudi Monetary Authority, or SAMA) has published the third edition of the Key Principles for Governance in Financial Institutions (the “Guide”), which are intended to enhance management styles, set direct and indirect strategic objectives, maintain stability, and promote the rights of stakeholders.
We recently shared an alert covering The National Defense Authorization Act for Fiscal Year 2021 (NDAA), which became law on January 1, 2021. The NDAA included significant reforms to the U.S. anti-money laundering and countering the financing of terrorism regime. Division F of the NDAA consists of the Anti-Money Laundering Act of 2020, which includes the Corporate Transparency Act (CTA). Congress enacted the CTA to establish uniform beneficial ownership information reporting requirements to improve transparency for national security, intelligence, and law enforcement agencies in their efforts to detect and prevent money laundering and terrorist financing.
On September 29, 2022, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued regulations regarding the beneficial ownership reporting requirements. The final rulemaking is effective January 1, 2024. Reporting companies created or registered before January 1, 2024, will have one year (until January 1, 2025) to file their initial reports, while reporting companies created or registered after January 1, 2024, will have 30 days after creation or registration to file their initial reports.
In our recent alert, Corporate Transparency Act: FinCEN Issues Final Rule for Beneficial Ownership Reporting, we detail the background of the CTA, what it requires, penalties for non-compliance, and how reported information may be used.
On September 16, 2022, the U.S. Department of the Treasury (“Treasury”) published three reports in response to a March 2022 Executive Order concerning the development of digital assets. The reports address the future of money and payments; implications for consumers, investors, and businesses; and the illicit financing risks of digital assets. Secretary Yellen described the reports as identifying the challenges and risks of digital assets used for financial services, while providing recommendations for mitigating such risks. The reports responded to President Biden’s March 9, 2022 Executive Order (“EO 14067”) on Ensuring Responsible Development of Digital Assets, which called for a coordinated, inter-agency strategy to harness the potential benefits of digital assets while addressing their inherent risks. We have written previously on EO 14067, and on a report issued by the Department of Justice pursuant to EO 14067. We analyze below one of the three Treasury reports, specifically the Treasury’s Action Plan to Address Illicit Financing Risks of Digital Assets (“Action Plan”).
On August 8, 2022, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) sanctioned virtual currency mixer Tornado Cash for having laundered more than USD 7 billion worth of virtual currency since its founding in 2019. This includes over USD 455 million worth of stolen virtual currency associated with the Lazarus Group, a “Democratic People’s Republic of Korea (DPRK) state-sponsored hacking group” that is responsible for the largest known virtual currency heist to date.[1] Notably, Tornado Cash is only the second virtual currency mixer that OFAC has sanctioned, following its May 2022 sanctions on Blender.io. These sanctions against two virtual currency mixers within months of each other signal an escalation in OFAC’s focus toward cyber-criminal activity perpetrated through virtual currency related platforms. Some in the digital assets industry, however, feel that OFAC’s actions—sanctioning a piece of computer code rather than specific bad actors—is unconstitutional and subject to legal challenge.
“Russia should not benefit from European knowledge and expertise.” That is the view of European Commission (“EC”) President Ursula von der Leyen, who recently proposed an eighth package of sanctions against Russia in response to “escalation” in Ukraine.
Among the “biting” new sanctions will be a wider ban on the provision of European services to Russia. The list of banned services has not yet been announced, but there are multiple reports circulating that this may include legal services. Watch this space!
On September 16, 2022, the U.S. Department of Justice (“DoJ”) issued a report on The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets (the “Report”), which will have a significant and wide-ranging impact on the U.S. government’s ability to investigate, prosecute, and disrupt crimes involving digital assets. The Report announces an expansion of DoJ’s enforcement capabilities through the establishment of a national network of prosecutors dedicated to investigating and prosecuting criminal activity involving digital assets. The Report also provides recommended regulatory and legislative actions, in order of priority, which DoJ believes would help it enforce criminal violations involving digital assets.
On September 15, 2022, Deputy Attorney General Lisa Monaco announced updated guidelines for the U.S. Department of Justice’s (“DOJ”) corporate criminal enforcement in a speech at New York University Law School. Monaco previously announced in October 2021 that DOJ would take a tougher stance on white collar crime. Shortly thereafter, Monaco formed an advisory group to evaluate potential changes to existing DOJ policies to facilitate DOJ’s more aggressive approach. The advisory group solicited feedback from defense counsel, executives, compliance personnel, law professors, and others during its review. Last week’s announcement and a DOJ memo released the same day were the culmination of nearly a year’s work and included both incentives and warnings for businesses and individuals. The new guidance updates existing DOJ guidance in the following areas:
The policy revisions apply across the DOJ, and while some of the announcements supplement or clarify existing guidance, others establish new policies, e.g., guidance on evaluating a corporation’s compensation plans. DOJ indicates that the new guidance will be incorporated into DOJ’s existing, publicly available policy manual, the “Justice Manual,” but that for now, prosecutors are instructed to employ the Justice Manual’s existing “Principles of Federal Prosecution of Business Organizations,” in conjunction with the October 2021 and these recently announced policy updates.
The author and editors would like to thank Eben Kurtz for his contributions to this post.
On 21 April 2022, the U.K.’s Financial Conduct Authority (“FCA”) secured its first Account Forfeiture Order (“AFO”), a tool used for asset recovery under Part 5 of Proceeds of Crime Act 2002 (”POCA”), for a sum of £2,000,000 against the company QPay Europe Limited. Please find the FCA’s press release on the case here.
Until now, these powers, granted by the Criminal Finances Act 2017, have mainly been used by the National Crime Agency, regional police forces, and His Majesty’s Revenue and Customs (“HMRC”). However, because the FCA stated in their recently published three year strategy that they plan to use their “enforcement and intervention powers more actively”, these measures should now be firmly on the radar of the compliance teams and MLRO’s of FCA regulated entities.
The U.S. Department of Justice announced late last year that it would utilize the False Claims Act, the U.S. government’s primary civil tool to redress false claims for federal funds and property, to bring actions against U.S. government contractors and subcontractors who do not meet the cybersecurity requirements of a particular contract or grant. The U.S. Department of Justice (the “DoJ”) certainly was not bluffing. In the past few months, DoJ has announced the settlement of two False Claims Act cases related to cybersecurity deficiencies or misrepresentations, and more are expected.
As such, it is now imperative that companies executing U.S. government contracts and subcontracts proactively assess their compliance with federal cybersecurity requirements.
The United Arab Emirates (the “UAE”) continues to lead the Arab world in terms of its anti-bribery and corruption (“ABC”) endeavors. The UAE offers a business-friendly environment with an effective and efficient public administration; it criminalizes active and passive bribery, embezzlement, abuse of functions, and facilitation payments, it enforces its domestic ABC legislation and it continues to work with international partners to combat bribery and corruption.
