Even though I’ve been hyper-focused on 1033 over the last five weeks, the fintech regulatory/compliance world hasn’t slowed down. There’s been quite a bit happening, and I find a lot of value in the following folks and sources who stay plugged in on the latest and greatest news from our friends in the regulatory space. To get us all caught up, this week we’ll pay a visit to some of the best in the business. Let’s jump into it:
Sarah Beth Felix reports that OFAC is going after CoinList, a crypto exchange which she notes did a decent job of maintaining sanctions controls, for not catching a small nuance that happens to be accounting for Crimea. The reason they didn’t catch this is likely because it’s not considered a country and most OFAC sanctions considerations only focus on blocking at a country level, but Crimea is a notable exception and has been since May 2022. It does seem a bit unfair that the exchange is getting hit to the tune of over $3 million for a number of transactions that occurred well before the regulation in question (31 CFR § 589.207) was even in effect. On the other hand, this isn’t the first time OFAC has gone after a company for this issue; most notably, Microsoft got hit earlier this year for a number of sanctions related violations, with 589.207 being one of many breaches on their end.
Jonathan Joshua bumps the news from earlier last month that the Telephone Consumer Protection Act Exam Manual has been updated by the OCC. For the uninitiated, the TCPA is what keeps telemarketers from robocalling you every hour and every minute of every day. While none of the information in this update is technically new, the purpose of the update is that the examiners have now added several points to their list of considerations when doing their reviews, namely considerations about telemarketers having to reference reassigned number databases, explicitly allowing consumers to be contacted about potential fraud on their accounts, and clarity around how consumers can revoke consent.
Craig Timm highlights some findings from Germany’s Financial Intelligence Unit, namely around the exploitation of Ukrainian refugees to facilitate money laundering. Fort the uninitiated, money mules are essentially intermediaries who take money received from victims of fraud and move it around to other fraudulent parties. In this case, the EU had relaxed its bank account onboarding standards for Ukrainian refugees and the mules were able to use that to their advantage, convincing them to open up new accounts and then use these accounts to facilitate money laundering. Unfortunately, the full article is behind a paywall and the report itself is in German, but let us know if you are able to translate it.
Jim Richards tips us off to FINCEN releasing its “rulemaking agenda”, as one of the numerous federal regulators that put out a snapshot of whatever rules/regulations they have in draft form that they are considering for issuance in the near future. As Jim highlights, looking at these agendas cumulatively can give a comprehensive picture of the agencies’ thinking. He points out several rules that went from being on this list, to TBD, to disappearing on this latest version. The ones that are relevant to the AML Act and Corporate Transparency Act are of particular note, i.e. an update around beneficial ownership access and safeguards. Clarity around beneficial ownership requirements, of course, was one of the key pillars of the AML Act when it passed in 2020.
Alan Kaplinksy shares a note from his team at Ballard Spahr, namely an update around the pretty-beat-up small lending rule aka 1071, or a proposal by the CFPB to increase the reporting requirements for lenders to small businesses (mostly community and regional banks) in the interest of trying to capture data around minority- and women-owned small businesses. Unfortunately, lenders themselves and many small businesses in general have come out against this rule, and the latest is that the House has just voted to overturn the rule, in lockstep with the Senate. The President is expected to overturn the Congressional decision via veto, but there are a few other lawsuits out there that will also be potential sources of the rule being overturned.
A shorter update than the deep dives we’ve been doing for the last few weeks, but there’s plenty more to dig into from each of our friends if so inclined. We’ll be back tomorrow (we hope!) for a final events roundup, which is going to be our delayed/much anticipated 2024 fintech compliance event calendar refresh. Join us then.