FinCEN Holding Crypto to a High KYC Standard
On May 19, 2022, Alessio Evangelista, Associate Director of FinCEN’s Enforcement and Compliance Division spoke at the Chainalysis Links Conference. Mr. Evangelista emphasized the large amount of information available to Virtual Asset Service Providers (VASPs) and suggested “VASPs proactively adopt and uphold high standards for compliance.”
What Is FinCEN?
The U.S. Financial Crimes Enforcement Network (FinCEN) is a bureau of the U.S. Department of the Treasury. FinCEN’s goal is to safeguard the financial system from illicit use and combat money laundering and promote national security.
Mr. Evangelista encouraged the blockchain industry to reach its full potential by delving into the information available to it through public blockchain ledgers to develop a deep understanding of customer relationships and transactional activity. According to Mr. Evangelista, a review of this information will enable the industry to assess risks, customers, and transactions in the formation of a rigorous risk-based compliance program.
I agree with the Assistant Director it is important to protect the global financial system and actively follow an effective compliance program. Part of following an effective compliance program is protecting the company’s reputation – including from the damage of facilitating criminal enterprises. However, the question is: what amount of data mining from the public blockchain does FinCEN expect a VASP to engage in during a KYC process. Whether a VASP believes FinCEN has provided adequate guidance to this question, it is important that a VASP establish in writing what its own risk appetite is by outlining specific KYC steps its employees must take at onboarding, at specified time frames and for certain specified triggering events.
Mr. Evangelista made it clear FinCEN is actively engaged in enforcement and that “AML/CFT requirements apply to financial institutions dealing in cryptocurrencies and other digital assets the same way they do to financial institutions dealing in fiat currency.” Based on the points he made in his speech, I recommend a VASP ensure the following points are included in its written compliance program and training sessions:
Company risk profile – this can be formed in a message similar to creating your company mission statement.
Clear anti-money laundering and countering the financing of terrorism (AML/CFT) due diligence steps. (FinCEN’s AML/CFT Priorities should be reviewed).
When and how to file a Suspicious Activity Report (SAR). (See my previous post on SARs: That's a SAR Not a SAR!).
Establish a company standard regarding the amount of data mining on the public blockchain which must be completed and when.
Crypto & FATCA / CRS
Currently, crypto assets are not considered Financial Accounts under FATCA. The U.S. Infrastructure Investment and Jobs Act (which was signed in 2021) imposed non-FATCA reporting obligations on crypto exchanges. However, it did not change FATCA.
The OECD’s framework for crypto reporting standards will ultimately result in crypto reporting requirements being adapted into local country CRS legislation. The timing on this is not clear. The OECD collected comments this year and held a public consultation meeting on the Crypto-Asset Reporting Framework (CARF) on May 23, 2022.