Latest FinCEN News, Guidance and Advisories

February 24, 2021

FinCEN is a bureau of the U.S. Department of the Treasury and it’s mission is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities. This blog will be updated with the latest advisories and guidances from FinCEN.


Feb 24, 2021 – COVID-19 Economic Impact Payments

FinCEN has issued an advisory to alert financial institutions to fraud and other financial crimes related to the Economic Impact Payments (EIPs), authorized by the Coronavirus Aid, Relief, and Economic Security (CARES) Act, and the Coronavirus Response and Relief Supplemental Appropriations Act of 2021.3.

The following examples are a non-exhaustive list of this type of criminal activity.

  • Fraudulent checks: Fraudsters send potential victims fraudulent checks, instructing the recipients to call a number or verify information online in order to cash the fraudulent EIP checks. Victims are asked for personal or banking information under the guise that the information is needed to receive or speed up their EIP. Fraudsters then use the information obtained to commit various crimes, such as identity theft and the unauthorized access of bank accounts.
  • Altered or counterfeit checks: Fraudsters deposit altered or counterfeit EIP checks, often via  an ATM or mobile device.
  • Theft of EIP: Such thefts can include individuals stealing an EIP from the U.S. mail; requesting an EIP disbursal for an ineligible person; seeking another person’s EIP without the payee’s knowledge and/or approval, or through coercive means; or using stolen personal information.
  • Phishing schemes: Fraudsters perpetrate phishing schemes using emails, letters, phone calls, and text messages with the purpose of obtaining PII and financial account information, such as account numbers and passwords.
  • Inappropriate seizure of EIP: A private company that may have control over a person’s finances or serves as his or her representative payee seizes a person’s EIP, for wage garnishments or debt collection, and does not return the inappropriately seized payments.

To read more about the above, relevant red flag indicators and what information to include the SAR, consult the advisory.


Feb 2, 2021 – COVID-19 Fraud Alert

The Financial Crimes Enforcement Network (FinCEN) issued an advisory to alert financial institutions to health insurance and health care frauds related to the COVID-19 pandemic. These frauds target Medicare, Medicaid/Children’s Health Insurance Program (CHIP), and TRICARE as well as other health care benefit programs and private health insurance companies. In addition, there has been fraud under the Paycheck Protection Program and Health Care Enhancement Act (PPP-HCEA).

This advisory contains descriptions of COVID-19-related fraud involving health care benefit programs and health insurance, associated financial red flag indicators, select case studies, and information on reporting suspicious activity.

The following are representative types of this illicit activity:

  • Unnecessary services: Ordering or submitting claims for expensive tests or services that do not test for COVID-19, oftentimes in conjunction with COVID-19 testing, such as medically unnecessary and expensive respiratory testing, allergy testing, genetic testing, narcotics screening, or whole-body health assessments, or providing testing for services not usually rendered by the company.
  • Billing schemes: Billing for services not provided, or overbilling (e.g., upcoding or unbundling), when administering or processing COVID-19 testing and treatments.
  • Kickbacks: Paying service providers or purported marketing organizations an illegal kickback or bribe in exchange for ordering, or arranging for the ordering of, services and testing.
  • Health care technology schemes: False and fraudulent representations about COVID-19 testing, treatments, or cures are used to defraud insurance carriers and to perpetrate fraud on the financial markets by defrauding investors.
  • Telefraud and telehealth schemes: Collecting beneficiaries’ personally identifiable information including Medicare information. Solicitations will often link their requests for information to COVID-19 treatment and prevention, such as testing or protective equipment. Fraudsters then submit fraudulent claims for payment from health care benefit programs.

The advisory also includes information on red flag indicators and case studies.

SAR Filing Request

FinCEN requests financial institutions reference this advisory in SAR field 2 (Filing Institution Note to FinCEN) and the narrative by including the following key term: “FIN-2021-A001” and select SAR field 34g (health care – public or private health insurance).


Jan 19, 2021 – FAQs Regarding Suspicious Activity Reporting and AML Requirements

FinCEN and banking agencies have issued responses to Frequently Asked Questions regarding SARs and AML requirements.

The answers pertain to questions arising from FIs, casinos, depository institutions, insurance businesses, Money Services Businesses (MSBs) and other institutions.

The answers clarify regulatory requirements related to SARs. The purpose is to assist financial institutions with their compliance obligations, while enabling FIs to focus on activities that produce the greatest value to law enforcement agencies and other government users of the Bank Secrecy Act (BSA).

Questions answered in the FAQ include:

  • Can a financial institution maintain an account or customer relationship for which it has received a written “keep open” request from law enforcement, even though the financial institution has identified suspicious or potentially illicit activity?
  • Should a financial institution file a SAR solely on the basis of receiving a grand jury subpoena or other law enforcement inquiries?
  • Is a financial institution required to terminate a customer relationship following the filing of a SAR or multiple SARs?
  • Is a financial institution required to file a SAR based solely on negative news?
  • If there are multiple negative news alerts based on the same event, is a financial institution expected to independently investigate each of those alerts?
  • Do financial institutions need to repeat information in the SAR narrative that has already been included in other SAR data fields?
  • Should financial institutions file additional SARs on the same suspicious activity to accommodate narratives that are longer than the SAR narrative character limits?

Read the answers to these questions here.


Dec 18, 2020 – Unhosted CVC Wallets

FinCEN has released a proposed rule change for convertible virtual currency (CVC) transactions with unhosted wallets. Under the proposed change, banks and money services businesses (MSBs) would be required to verify the identity of their customer and submit reports for CVC transactions over $10,000;  and keep records of CVC transactions greater than $3,000 when a counterparty uses an unhosted or otherwise covered wallet.

Information to be collected includes:

  1. The name and address of the financial institution’s customer;
  2. The type of CVC or legal tender digital asset (LTDA) used in the transaction;
  3. The amount of CVC or LTDA in the transaction;
  4. The time of the transaction;
  5. The assessed value of the transaction, in U.S. Dollars, based on the prevailing exchange rate at the time of the transaction;
  6. Any payment instructions received from the financial institution’s customer;
  7. The name and physical address of each counterparty to the transaction of the financial institution’s customer;
  8. Other counterparty information the Secretary may prescribe as mandatory on the reporting form for transactions subject to reporting pursuant to § 1010.316(b);
  9. Any other information that uniquely identifies the transaction, the accounts, and, to the extent reasonably available, the parties involved; and,
  10. Any form relating to the transaction that is completed or signed by the financial institution’s customer.

Read a summary of the proposed rule from CipherTrace here. Read the full proposed rule from the U.S. Department of Treasury here.


Nov 13, 2020 – Charities and Other Non-Profit Organizations

FinCEN issued a joint fact sheet to provide clarity to banks on how to apply a risk-based approach to charities and other non-profit organizations (NPOs).

The fact sheet reminds banks to apply a risk-based approach to customer due diligence that enables them to (i) understand the nature and purpose of customer relationships for the purpose of developing a customer risk profile, and (ii) conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.

When discussing the CDD rule, FinCEN reminds banks that there is no regulatory requirement in the CDD rule, nor is there a supervisory expectation, for banks to have unique, additional due diligence steps for charities or other NPO customers.

Although the CDD rule does not require the collection of this specific information, FinCEN says the following customer information may be useful in determining the ML/TF risk profile of charities and other NPO customers:

  • Purpose and nature of the NPO, including mission(s), stated objectives, programs, activities, and services.
  • Geographic locations served, including headquarters and operational areas, particularly in higher-risk areas where terrorist groups are most active.
  • Organizational structure, including key principals, management, and internal controls of the NPO.
  • State incorporation, registration, and tax-exempt status by the IRS and required reports with regulatory authorities.
  • Voluntary participation in self-regulatory programs to enhance governance, management, and operational practice.
  • Financial statements, audits, and any self-assessment evaluations.
  • General information about the donor base, funding sources, and fundraising methods, and for public charities, level of support from the general public.
  • General information about beneficiaries and criteria for disbursement of funds, including guidelines/standards for qualifying beneficiaries and any intermediaries that may be involved.
  • Affiliation with other NPOs, governments, or groups.

Read the full joint fact sheet.


Nov 6, 2020 – FATF Identified Jurisdictions and SAR Filing Request

FinCEN has issued an advisory to inform financial institutions of updates to the FATF list of jurisdictions with AML deficiencies. Financial institutions should consider these updates when reviewing their obligations and risk-based policies, procedures, and practices.

  • Jurisdictions identified by the FATF as high-risk jurisdictions: Iran and Democratic People’s Republic of Korea (DPRK)
  • Jurisdictions identified by the FATF for increased monitoring: Albania, The Bahamas, Barbados, Botswana, Cambodia, Ghana, Jamaica, Mauritius, Myanmar, Nicaragua, Pakistan, Panama. Syria, Uganda, Yemen and Zimbabwe
  • Jurisdictions no longer subject to monitoring: Iceland and Mongolia.

SAR Filing Request

FinCEN requests that financial institutions reference this advisory by including the key term “October 2020 FATF FIN-2020-A009” in SAR field 2 (Filing Institution Note to FinCEN) and the narrative to indicate a connection between the suspicious activity being reported and the activities highlighted in this advisory.

Read the advisory in full here.


Nov 5, 2020 – GTOs Renewed

FinCEN has renewed its Geographic Targeting Orders (GTOs) that require U.S. title insurance companies to identify the natural persons behind shell companies used in all-cash purchases of residential real estate.

These renewed GTOs are identical to those issue in May 2020. Purchase amount threshold remains at $300,000 and the GTOs affect certain counties within the following major U.S. metropolitan areas:  Boston; Chicago; Dallas-Fort Worth; Honolulu; Las Vegas; Los Angeles; Miami; New York City; San Antonio; San Diego; San Francisco; and Seattle.

Read the announcement here.


Oct 23, 2020 – Proposed Rule to Significantly Lower Threshold for International Funds Transfers

The Federal Reserve Board and FinCEN have issued a proposed modification  in the rule requiring financial institutions to collect and retain information on certain funds transfers and transmittals of funds. The applicable threshold would be reduced from $3,000 to $250 for funds transfers and transmittals of funds that begin or end outside the United States.

The proposed amendments would also formally extend these rules to cover domestic and cross-border transactions involving convertible virtual currency (“CVC”) and digital assets used as legal tender.

Written comments on this proposed rule may be submitted on or before November 27, 2020. Read the full proposed rule here.


Oct. 19, 2020 – First Bitcoin “Mixer” Penalized

FinCEN has assessed a $60 million penalty against the founder, administrator, and primary operator of convertible virtual currency “mixers” (also known as “tumblers”), Helix and Coin Ninja.

According to FinCEN, Larry Dean Harmon operated Helix as an unregistered money services business (MSB) which conducted over 1,225,000 transactions for its customers and was associated with virtual currency wallet addresses that sent or received over $311 million dollars.  At least 356,000 bitcoin transactions flowed through Helix which advertised its services in the dark web as a way to anonymously pay for things like drugs, guns, and child pornography.  Coin Ninja operated in a similar manner.

FinCEN’s investigation revealed that Mr. Harmon willfully violated the BSA’s registration, program, and reporting requirements by failing to register as a MSB, failing to implement and maintain an effective AML program, and failing to report suspicious activities. Mr. Harmon is also said to have failed to collect and verify customer names, addresses, and other identifiers on over 1.2 million transactions and actively deleted the minimal customer information he did collect.

Read the full announcement here.


Oct. 15, 2020 – Identifying Human Trafficking

FinCEN has issued an advisory to help financial institutions identify and report human trafficking. The advisory supplements FinCEN’s 2014 Guidance on Recognizing Activity that May be Associated with Human Smuggling and Human Trafficking — Financial Red Flags.

Since the 2014 Advisory, FinCEN collaborated with law enforcement to identify 20 new financial and behavioral indicators of labor and sex trafficking, and four additional typologies. This advisory provides: (i) new information to assist in identifying and reporting human trafficking, and to aid the global effort to combat this crime; and (ii) two illustrative recent case studies.

The 2014 Advisory remains relevant, and provides information related to human smuggling, in addition to human trafficking. New typologies described in the recent advisory includes:

  • Front companies
  • Exploitative Employment Practices
  • Funnel Accounts
  • Alternative Payment Methods

Read the full advisory here.


Oct 13, 2020 – Unemployment Insurance Fraud During Covid-19

FinCEN has released a new advisory that contains descriptions of COVID-19-related unemployment insurance (UI) fraud, associated financial red flag indicators, and information on reporting suspicious activity.

Examples of illicit activities include:

  • Fictitious employer-employee fraud: filers falsely claim they work for a legitimate company, or create a fictitious company and supply fictitious employee and wage records to apply for UI payments;
  • Employer-employee collusion fraud: the employee receives UI payments while the employer continues to pay the employee reduced, unreported wages;
  • Misrepresentation of income fraud: an individual returns to work and fails to report the income in order to continue receiving UI payments, or in an effort to receive higher UI payments, an applicant claims higher wages than he/she previously earned;
  • Insider fraud: state employees use credentials to inappropriately access or change UI claims, resulting in the approval of unqualified applications, improper payment amounts, or movement of UI funds to accounts that are not on the application; or
  • Identity-related fraud: filers submit applications for UI payments using stolen or fake identification information to perpetrate an account takeover

SAR Filing Request

FinCEN requests financial institutions reference this advisory in SAR field 2 (Filing Institution Note to FinCEN) and the narrative by including the following key term: “COVID19 UNEMPLOYMENT INSURANCE FRAUD FIN-2020-A007” and select SAR field 34(z) (Fraud – other). Additional guidance for filing SARs appears near the end of this advisory.

To read more about this advisory, including red flag indicators, visit here.


Oct. 1, 2020 – Ransomware Advisories

The U.S. Department of the Treasury issued a pair of advisories to assist U.S. individuals and businesses in efforts to combat ransomware scams and attacks, which continue to increase in size and scope.

The FinCEN advisory, entitled Advisory on Ransomware and the Use of the Financial System to Facilitate Ransom Payments, provides information on the role of financial intermediaries in payments, ransomware trends and typologies, and related financial red flags.

Meanwhile, the Office of Foreign Assets Control (OFAC) issued a similar advisory, entitled Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments, to highlight the sanctions risks associated with facilitating ransomware payments on behalf of victims targeted by malicious cyber-enabled activities.

Read the FinCEN advisory here. Read the OFAC advisory here.


Sept.14, 2020 – FinCEN Issues Final Rule

FinCEN has issued a final rule that requires minimum standards for anti-money laundering programs for banks lacking a federal functional regulator.

The final rule also extends customer identification program and beneficial ownership requirements to those banks.

Banks without a federal functional regulator are currently required to comply with certain BSA obligations, including filing suspicious activity and currency transaction reports.  FinCEN anticipates that banks lacking a federal functional regulator will be able to leverage existing policies, procedures, and internal controls required by other statutory and regulatory requirements to fulfill the obligations set out in the final rule.

Banks lacking a federal functional regulator will have 180 days from the day the final rule is published in the federal register to be in compliance.

Read the news release here and the Final Rule here.


Aug. 21, 2020 – Politically Exposed Persons (PEPs)

FinCEN and other agencies issued a joint statement clarifying that Bank Secrecy Act (BSA) due diligence requirements for customers who may be considered Politically Exposed Persons (PEPs) should be commensurate with the risks posed by the PEP relationship.

The term PEP is commonly used to refer to foreign individuals who are or have been entrusted with a prominent public function, as well as their immediate family members and close associates.  By virtue of this public position or relationship, these individuals may present a higher risk that their funds may be the proceeds of corruption or other illicit activity.

The statement recognizes that PEP relationships present varying levels of money-laundering risk, which depends on facts and circumstances specific to the customer relationship.  For example, PEPs with a limited transaction volume, a low dollar deposit account with the bank, known legitimate sources of funds, or access only to products or services that are subject to specific terms and payment schedules could reasonably be characterized as having lower customer risk profiles.

The statement clarifies that, while banks must adopt appropriate risk-based procedures for conducting customer due diligence (CDD), the CDD rule does not create a regulatory requirement, and there is no supervisory expectation for banks to have unique, additional due diligence steps for customers who are considered PEPs.  This joint statement does not alter existing BSA and anti-money laundering (AML) legal or regulatory requirements and does not require banks to cease existing risk management practices.

Read the full statement here.


Aug. 18, 2020 – Enforcing Rules and Regulations Within BSA

FinCEN issued a statement Aug. 18, 2020 that sets forth its approach to enforcing the rules and regulations within the Bank Secrecy Act (BSA).  The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.

“FinCEN is committed to being transparent about its approach to BSA enforcement.  It is not a ‘gotcha’ game,” said FinCEN Director Kenneth A. Blanco.  “The information required by the BSA saves lives, and protects our communities and people from harm.  It is a national security issue.”

The statement describes FinCEN’s enforcement authorities, dispositions, and the factors it evaluates in determining the appropriate response and enforcement of BSA violations.

Read the full statement here.


Aug 3, 2020 – FAQ about CDD Requirements

FinCEN has issued a new Frequently Asked Questions (FAQs) document about customer due diligence (CDD) requirements for financial institutions.

The FAQs are in addition to previous FAQs from July 2016 and April 2018. FinCEN’s latest documents deal with requirements regarding obtaining customer information, establishing a customer risk profile, and performing ongoing monitoring of the customer relationship.

To read the latest FAQs, click here.


July 31, 2020 – Indicators of Cybercrime and Cyber-Enabled Crime

FinCEN issued an advisory July 31 to alert financial institutions to potential indicators of cybercrime and cyber-enabled crime observed during the COVID-19 pandemic. The advisory contains descriptions of COVID-19-related malicious cyber activity and scams, associated financial red flag indicators, and information on reporting suspicious activity.

FinCEN said it issued the advisory based on data collected through the Bank Secrecy Act (BSA) and other intelligence sources. The agency said cybercriminals and malicious actors are increasingly exploiting the COVID-19 pandemic through malware and phishing schemes, extortion, business email compromise (BEC) fraud, and exploitation of remote applications, especially against financial and healthcare systems.

See the advisory for a list of red flags and advice.


July 16, 2020 – Twitter Scams

FinCEN is warning FIs of a high-profile scam that exploits Twitter accounts to solicit fraudulent payments denominated in convertible virtual currency (CVC).

Cyber threat actors have compromised the accounts of public figures, organizations, and financial institutions to solicit payments to CVC accounts, claiming that any CVC sent to a wallet address would be doubled and returned to the sender.

It is critical that CVC exchanges and other financial institutions identify and report suspicious transactions associated with this type of activity as quickly as possible.

Read the July 16 alert here.


July 7, 2020 – Imposter Scams and Money Mule Schemes

FinCEN issued a new advisory July 7 to alert financial institutions to potential indicators of imposter scams and money mule schemes, which are prevalent during the COVID-19 pandemic. It contains descriptions of the schemes, financial red flag indicators for both, and information on reporting suspicious activity.

The full advisory is intended to aid financial institutions in detecting, preventing, and reporting potential COVID19-related criminal activity. This advisory is based on FinCEN’s analysis of COVID-19-related information obtained from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement partners.

Read full July 7 2020 advisory here. Read the Spanish version here


May 18, 2020 – COVID-19 Related Medical Scams

FinCEN issued an advisory that contains red flags, descriptions of COVID-19-related medical scams, case studies, and information on reporting suspicious activity.

Bank Secrecy Act (BSA) data, as well as information from other federal agencies, foreign government partners, and public sources indicate possible illicit activities related to the coronavirus pandemic regarding fraudulent cures, tests, vaccines, and services; non-delivery scams; and price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.

Some of these red flags are common indicators of fraudulent merchant activity committed by shell or fraudulent retail or wholesale business operators. Additionally, some of the red flag indicators outlined below may apply to multiple COVID-19-related fraudulent activities.


SAR filing instructions

FinCEN also addressed some changes it has seen in SAR filings in light of the COVID-19 pandemic. “Some financial institutions have added COVID-19 statements to their disclaimers or are using SAR narratives to address COVID-19’s impact on their SAR filing abilities.”

Financial institutions should not include in the SAR narrative their challenges during the pandemic; the SAR narrative should include COVID-19 when it is tied to suspicious activity only. FinCEN goes on to say that filers who have already included references to COVID-19 in matters not related to the pandemic do not need to file corrected reports.

Read full May 18, 2020 advisory here.


FinCEN has issued new guidance regarding the regulatory treatment of multiple variations of businesses dealing in CVCs (convertible virtual currencies). The guidance does not establish any new regulatory expectations or requirements. Instead, it consolidates current FinCEN regulations, and related administrative rulings and guidance issued since 2011, and then applies these rules and interpretations to other common business models involving CVC engaging in the same underlying patterns of activity.

The document is intended to help financial institutions comply with their existing obligations under the BSA by describing FinCEN’s existing regulatory approach to the issues most frequently raised by industry, law enforcement, and other regulatory bodies.

FinCEN also issued an Advisory on Illicit Activity Involving Convertible Virtual Currency to assist FIs in identifying and reporting suspicious activity related to criminal exploitation of CVCs. The advisory highlights prominent typologies, associated “red flags,” and identifies information that would be most valuable to law enforcement if contained in suspicious activity reports.


Alessa is an AML compliance solution that offers customer due diligence, sanctions and watchlist screening, real-time transaction monitoring and regulatory reporting. With the ability to integrate with existing AML and banking systems, the solution provides a holistic view of data so organizations can take a risk-based approach to compliance. To learn how Alessa can be used to comply with BSA, contact us.


Recent Posts

Try Alessa