OCC FIRST-EVER ENFORCEMENT ACTION AGAINST NEW YORK BASED BANK LACKING CRYPTO AML COMPLIANCE

  • On JAN 2020, the U.S. Office of the Comptroller of the Currency (OCC) has undertaken first legal action against M.Y. Safra Bank as a consequence of the bank's non-compliance with the new crypto rules. This happened because of the lack of implementation of AML regulations for compliance and monitoring of the bank’s virtual assets (VAs). Among the crypto firms that were affected by this action were some cryptocurrency exchanges, and Bitcoin ATMs also.

    The rules that were decided over 2 years ago were not properly implemented by MYSB bank, as they haven't included proper AML controls of new VA accounts, neither did they take any steps to identify and monitor accounts that had been suspected of suspicious activity. The OCC has made enforcement action against the MYSB because the bank had failed to submit any suspicious activity reports (SARs) to the Financial Crimes Enforcement Network (FinCEN), since they didn't setup the system of monitoring and AML control properly in the first place.

    The OCC has given the bank a deadline of 30 days, during which they are required to set up proper AML controls and update their Bank Secrecy Act (BSA) systems. The bank will not have to endure any monetary penalties if they manage not to break this deadline. This action might resonate strongly across the cryptocurrency industry, as MYSB will have to invest funds in the update of their compliance programs in order to satisfy the regulations enforced upon them by this action.

    Before the end of the deadline, in 30 days, MYSB’s Board of Directors has to:

    • - Form a Compliance Committee which will guide the bank’s update progress
    Next, they will have 45 days to:
    • - Oversee the development, implementation and practical application of a training program that will educate all the staff employed by the bank about the BSA and their respective roles and responsibilities thereof.
    Then, in 90 days, they will need to :

    • - Make certain that an independent BSA audit is implemented by the the bank
    • - Confirm that a reliable system of monitoring suspicious activity, as well as reporting it if there is any, is in place
    • - Oversee the implementation and application of an internal controls program, as well as a well-developed routine to create and submit SARs
    • - Find an outside, non-biased consultant who will sweep through the SAR history and confirm that no suspicious activity remained unreported
    • - Ensure that the CDD information gathered by the bank is collected by proper procedures and in order with the lastest policies
    • - Ensure that a BSA/AML Risk Assessment which will span across the entire institution is developed by the bank management
    Lastly, they will have 180 days to:
    • - Select and employ a qualified BSA Officer with enough experience permanently, as well as sufficient staff.
    From everything mentioned so far, it seems as if the banks wishing to delve deeper into the cryptocurrency business will be under strict overwatch of the regulators, like the FDIC, Federal Reserve Banks and, as seen here, the OCC. When all is said and done, in cryptocurrency related transfers and businesses, the banks will have to protect their customers by implementing proper AML rules and regulations to evade punishment by the regulators.

    Banks will be required by law to do advanced transaction monitoring, so the service we provide might become mandatory in the world of tomorrow, as many of the risks banks are exposed to remain hidden, they might be needing help to be efficient in their actions. We are certain that non-adhering to policies will invoke actions like this.

    READ THE FULL OCC ENFORCEMENT ACTION are going to make a change and bring servises we offer to the public.

    Stay tuned!
    Aleksandar JELIC
Prev Next