What’s expected of AML compliance during the pandemic? Business as usual, says FinCEN.
Economic slowdowns could hurt bitcoin ATM owners, and new, pandemic-inspired scams will threaten consumers, but regulators are telling all financial institutions not to rest on their laurels.
Every industry is learning how to adapt to the coronavirus pandemic in real-time, and cryptocurrency is no exception.
The market itself has already seen some interesting ups and downs. While major exchanges could see their businesses flourish through the crisis, entrepreneurs running bitcoin ATMs out of now-shuttered brick-and-mortar retail establishments will undoubtedly suffer.
To put it mildly, the present situation has created a great deal of uncertainty when it comes to our everyday lives.
But as business owners look to the headlines for new breaks in the COVID-19 story, understandably concerned how stay-at-home orders and the market’s performance affect their bottom lines, it might be easy to overlook day-to-day institutional AML compliance requirements.
Believe me, I understand that compliance and scams might be the last thing on everyone’s mind right now. That’s why we’re publishing this post. I want to make sure everyone reading this has the best information at hand to make good decisions about their financial institution during these times.
To wit, you might have missed two recent announcements from FinCEN with immediate and major implications for the regulatory compliance of every crypto financial institution. Not next year, not a few months from now, today.
We will explain both so that you understand the lay of the land, as well as offer some advice for cryptos.
I think it’s safe to say we don’t want any more surprises than necessary in these unprecedented times. Let’s dive in.
FinCEN’s message(s) to financial institutions
On March 16, the Financial Crimes Enforcement Network (FinCEN) released a short announcement warning financial institutions about potential scam activity from bad actors seeking to take advantage of the pandemic.
They also asked financial institutions to contact them directly with any questions they might have about filing reports for suspicious activity.
On April 3, they followed up with another announcement which provided much more detail concerning Bank Secrecy Act (BSA) and reporting obligations, as well as a dedicated contact mechanism for COVID-19-related questions and concerns.
So, in short — be on the lookout for scam activity related to the pandemic, and let us know if you have any questions. Easy, right?
What does this mean for crypto businesses
First, let’s take an easy question off the list. “These announcements don’t mention crypto, so how do we know that they apply?”
As we’ve covered exhaustively, cryptocurrency businesses are considered money services businesses/money transmitters by FinCEN which means that when they say “financial institution,” they’re talking to cryptos as much as they are talking to banks.
With that out of the way, you might have some questions about the timing and purpose of these announcements.
It is a bit unusual to see two announcements on the same subject this close together, and since they appear to be fairly friendly public service announcements, you might be confused as to the urgency here.
Here’s the insider baseball.
These announcements aren’t friendly PSAs. They are warnings.
Like we said in the intro — if your business has been shuttered or otherwise impacted by the coronavirus pandemic, compliance is probably the last thing on your mind.
But these announcements are FinCEN’s really, really dry regulatory way of saying you can’t rest on your AML compliance laurels.
“It’s business as usual. Our lines of communication are wide open to support you during this time. The pandemic won’t be a crutch or an excuse for compliance mishaps during a future regulatory review.”
So, what should your business be doing about this?
Key takeaways for bitcoin compliance
Let’s say you do find yourself with lower transaction volumes. Maybe some or all of your kiosks are not in or among essential brick-and-mortar businesses or services and no one has access to them.
Now with that extra time, you should invest in your AML program. Kick the tires and see if there are things to work on.
Here are a few good places to start.
Staff training and professional development
That compliance training workshop you haven’t gotten around to? Now would be a great time to catch up.
Anything you can do to close any knowledge gaps you, your BSA Compliance Officer, or your frontline employees still have about bitcoin regulation, bitcoin money laundering typologies, or traditional compliance, you should be doing.
And make sure you document your participation diligently. Regulators love that.
Tune cryptocurrency red flags
It’s always advisable to take time to go over transaction history and make sure red flags are working to identify and catch potentially suspicious activity. There’s no better time than now to catch up on that if it’s been a while.
As with the previous point, document any changes within your AML program.
Everyone’s favorite: recordkeeping
I know, it’s not the most exciting topic. But if you do have the extra time to invest in your business and its operations, it’s a great opportunity to formally document some of your informal day-to-day practices and processes.
Not only is this good compliance, the more process documentation you have, the better you’ll fare under regulatory audit, or even a company valuation review.
Add in some COVID-19 scam protections
Even if the most optimistic projections about the end of the pandemic become reality, COVID-19 is going to be part of our lives in one form or another for the foreseeable future.
This means that bad actors will use tried-and-true methods that prey on anxieties about the virus to cheat people out of their hard-earned money.
Not only do the FinCEN announcements warn of increased scam activity, reports from investigators are already suggesting that pandemic scams are on the rise.
Most of you already have (or should have) terms of service and fraud warnings about things like Craigslist scams, romance scams, IRS scams, and elder financial abuse. Add in some language about COVID-19.
No health insurance provider is going to solicit overdue payments in cryptocurrency, no government grant or economic relief program will solicit bitcoin, and it’s highly, highly unlikely that anyone offering to sell you a COVID-19 test online is legitimate, especially if they ask for payment in advance.
Long story short, anything related to COVID-19 seeking payment in cryptocurrency is fraudulent. Period.
Let us know if you have questions
If you have questions about this topic, want to invest in your AML compliance, or need some AML consulting help, we’re here for you. Reach out here.