Anti-Money Laundering Act of 2020 emphasizes combating the financing of terrorism and demands risk-based programs

United States Publication January 2021

On January 1, 2021, the Anti-Money Laundering Act of 2020 (AMLA) contained in the William M. Thornberry National Defense Authorization Act of 2020 became law. The AMLA expands existing anti-money laundering (AML) related requirements in various ways, some of which are covered in prior alerts referenced herein.

Here, we discuss two more significant features of the AMLA: (1) its focus on countering the financing of terrorism (CFT); and (2) the requirement that all AML and CFT programs established by financial institutions be risk-based. This will require financial institutions to recalibrate their existing AML programs to ensure such programs appropriately address these changes.

Focus on CFT

The AMLA broadens the purpose of the Bank Secrecy Act (BSA) which since its enactment has served as one of the government's main tools in the fight against financial crimes. The BSA requires many financial institutions to keep records and file reports on certain transactions. These reports are submitted to the US Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) which analyzes the information to assist law enforcement efforts and to inform domestic policy makers in combating financial crimes.

The BSA's purpose has always included fighting terrorism, but over time that priority may have fallen into the shadows of the singular focus of guarding against money laundering. The AMLA amendments, which insert a reference to the financing of terrorism into no fewer than a half-dozen key provisions, recognize that while both concepts are similar, they are not the same.

Money laundering focuses mostly on funds originating from illegitimate sources (e.g., drug trade, human trafficking) that attempt to be integrated into the financial system usually through a layering component. By contrast, the financing of terrorism may involve legitimate funds that sponsor or facilitate terrorist activities by way of fund-raising activities or revenue generating activities. The cornerstone of combating both is knowledge of the true counter party to a business transaction.

However, a money laundering inquiry is focused on attempting to link the funds to a criminal act that has already transpired, while a terrorist financing assessment is additionally focused on preventing entities with terroristic ties from obtaining legitimate funds or access to otherwise bona fide business dealings that could finance future criminality. The AMLA recognizes that money laundering and financing of terrorism risks should be given co-equal focus. This dual focus extends to the considerations made when compliance programs are designed, risks are being assessed, and other regulatory obligations are set.

Codification of risk-based programs

The AMLA has underscored the need for tailored AML and CFT programs by requiring that these be risk-based. The BSA requires that certain financial institutions implement AML and CFT programs, which at a minimum include: (1) internal policies, procedures, and controls; (2) a compliance officer; (3) regular training for employees; and (4) an independent audit function. The AMLA adds that these programs must be "reasonably designed to assure and monitor compliance" and must be "risk-based, ensuring that more attention and resources of financial institutions should be directed toward higher-risk customers and activities, consistent with the risk profile of a financial institution, rather than toward lower risk customers and activities." Of course, risk-based programming requires the identification of risk through a risk assessment process. Because risks are not static, a process for continual risk-assessment will also need to be considered for implementation by financial institutions.

This statutory amendment does not present any novel ideas. Rather it codifies what many consider industry standard and what the Department of Justice has already indicated it considers in evaluating corporate compliance programs, see Evaluation of Corporate Compliance Programs (June 2020) analyzed in a prior alert.

This codification of tailored risk-based programs will make it easier for the federal government to penalize financial institutions for having programs that miss the mark even where a more serious violation may be harder to prove. No longer will regulators and prosecutors need to establish that a risk-based program is expected and required under the circumstances; going forward, regulators and prosecutors can simply point to the language added to the law by the AMLA.

Considerations going forward

Financial institutions should take this opportunity to ensure their programs meet the new requirements of the AMLA. First, financial institutions should consider whether their programs are sufficiently sensitive to risks associated with the financing of terrorism. Second, financial institutions should ensure their programs are risk-based by sufficiently identifying and directing resources to higher risk activities and customers.

Along with the other changes caused by the AMLA, such as the establishment of a new whistleblower provision, modernization of the system with investments in technological innovation, a professed interest in cooperation and information sharing, as well as the expansion to regulate dealers in antiquities (see our prior alert) there is a strong likelihood there will be an uptick in money laundering and financing of terrorism investigations and regulatory actions.

Recent publications

Subscribe and stay up to date with the latest legal news, information and events...