Introduction Stephanie Booker, Associate Director for Enforcement, Financial Crimes Enforcement Network (“FinCEN”), recently gave a speech at the Nevada Bar Association’s Bank Secrecy Act Conference in Las Vegas. Involved in the conference were the State Bar of Nevada’s Gaming Law Section, the American Gaming Association, and the University of Nevada–Las Vegas’ International Gaming Institute.
FinCEN is one of the Treasury Department’s primary agencies to oversee and implement policies to prevent and detect money laundering, and the only federal agency to oversee anti-money laundering (“AML”) compliance by casinos and card clubs. FinCEN polices for compliance with AML laws, including the Banking Secrecy Act (“BSA”), which requires certain reporting and recordkeeping by casinos and card clubs in an effort to prevent various financial and crimes. FinCEN works closely with the Internal Revenue Service (“IRS”) Small Business/Self-Employed Division, which is FinCEN’s delegated examiner for casinos and card clubs. The IRS refers significant violations of AML laws to FinCEN for enforcement action. FinCEN also receives referrals and coordinates its enforcement investigations with criminal law enforcement agencies, including the IRS-Criminal Investigations, the FBI, the Department of Justice’s Asset Forfeiture and Money Laundering Section, and U.S. Attorney’s Offices and state authorities, as well as other regulatory partners, including the Nevada Gaming Control Board.1
In her speech, Ms. Booker addressed BSA filing trends, the importance of BSA data, FinCEN’s enforcement approach and recent enforcement developments, and the critical importance of a culture of compliance throughout the business and compliance functions at casinos and card clubs. Ms. Booker’s speech made clear that casinos can no longer gamble on BSA compliance.
Impact of SARs Suspicious activity reports (“SARs”) form the cornerstone of the BSA reporting system, and are critical to FinCEN’s ability to utilize financial information to combat money laundering and other criminal activity, including organized crime, drug trafficking, and terrorism. FinCEN regulations require the filing of a SAR in response to a transaction “if it is conducted or attempted by, at, or through a casino, and involves or aggregates at least $5,000 in funds or other assets, and the casino knows, suspects, or has reason to suspect that the transaction (or a pattern of transactions of which the transaction is a part)”: (a) involves funds derived from illegal activity, or is intended to hide or disguise funds derived from illegal activity as part of a crime; (b) is designed to evade the BSA or its implementing regulations; (c) has no business or apparent lawful purpose or is not the type of transaction that the particular customer would normally be expected to engage in, and the casino knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction; or (d) involves the use of the casino to facilitate a crime.2
FinCEN regulations contain certain protections to encourage prompt and candid reporting. First, the regulations protect the confidentiality of SARs.3 Second, the regulation provides protection from civil liability for all reports of suspicious transactions regardless of whether such reports are filed pursuant to the SAR instruction. Specifically, the law provides: “A casino, and any director, officer, employee, or agent of any casino, that makes a voluntary disclosure of any possible violation of law or regulation to a government agency or makes a disclosure pursuant to this section or any other authority, including a disclosure made jointly with another institution, shall be protected from liability to any person for any such disclosure, or for failure to provide notice of such disclosure to any person identified in the disclosure, or both, to the full extent provided by 31 U.S.C. 5318(g)(3).”4
SARs provide some of the most important information available to U.S. law enforcement. The data is used to confront serious threats, including terrorist organizations, rogue nations, foreign grand corruption, cyber threats and transnational criminal organizations. The reporting aids in expanding the scope of ongoing investigations by revealing the identities of previously unknown subjects, exposing accounts and hidden financial relationships, or revealing other information, such as common addresses or phone numbers that connect seemingly unrelated participants in a criminal or terrorist organization.
The filing of SARs has improved dramatically in the past year, increasing 69 percent from 2013 to 2014, and the trend has continued in 2015. These increases have occurred industry-wide, in casinos, tribal casinos and card clubs. The highest reported categories of suspicious activity in casinos are minimal gaming and alternating transactions to avoid currency transaction report filing. However, SARs have also exposed patrons using casinos and card clubs to conceal narcotics transactions, moving money in support of international fraud schemes, laundering real estate fraud money, and transferring money for other illicit purposes.
Role of Sharing among Casinos As another element of the casino compliance landscape, the USA PATRIOT Act provides financial institutions with the ability to share information with one another, under a safe harbor that offers protections from liability, in order to better identify and report potential money laundering or terrorist activities.5
In 2014, FinCEN saw an increase in information-sharing between casinos and card clubs through this program, which now includes 98 casinos and card clubs. Casinos and card clubs that participate in this program can communicate with other participants, even if those participants are not casinos or card clubs. Such information-sharing between institutions can play a critical role in achieving BSA and AML goals. Information-sharing is a powerful tool for providing casinos with a more comprehensive view of potential money laundering or terrorist financing that involves multiple institutions.
FinCEN Articulates Six Core Principals FinCEN enumerated six core principles: transparency, giving credit when due, recidivism, individual accountability, remedial framework and accountability.
- Transparency in Rationale: FinCEN desires its enforcement to be transparent, supported by plain facts rather than a “hide-the-ball” exercise. In support of this principle, FinCEN strives to ensure that its public enforcement assessments clearly explain the facts and violations underlying the enforcement action to ensure that the public will understand why FinCEN took action.
- Credit Where Credit is Due: Another core principle is “giving credit where credit is due,” meaning that FinCEN will take a casino’s historical conduct into consideration in assessing whether to take an enforcement action or impose a penalty. While FinCEN will take historical conduct into consideration, FinCEN has made clear that an institution may not avoid penalty for remediating prior or existing violations, but that the respondent will generally be in a better position than one that had violations and never fixed the problem.
- Recidivism: It is clear that institutions that have had repeat violations over multiple exams will receive heightened scrutiny from FinCEN. In addition, institutions obstructing the exam process, such as denying access to information or key personnel, and failing to address repeated violations, will be heavily weighted factors in considering whether to bring an enforcement action.
- Individual Accountability: The BSA provides FinCEN with broad supervisory and enforcement authority, allowing FinCEN to impose civil penalties not only against casinos, but also against partners, directors, officers and employees of casinos who themselves participate in misconduct. FinCEN continuously evaluates whether to initiate an enforcement action against those individuals responsible for an institution’s BSA/AML failures, including barring individuals from working in the industry.
- Remedial Framework: Recent enforcement actions have begun to focus on correcting errors identified in investigations to prevent future issues from arising. FinCEN is now incorporating a remedial framework into settlements, including “undertakings,” which aim to ensure that the institution rectifies identified problems. For example, FinCEN may insist on corporate monitor arrangements as part of enforcement settlements, or require a casino to have more stringent independent testing for a given period of time.
- Accountability: Recently, FinCEN has expressed a willingness to consider departing from historical settlement practices to one that includes an admission to the facts and the violations of law. Previously, FinCEN regularly permitted financial institutions to “neither admit nor deny” allegations. FinCEN has implemented this practice in enforcement actions against all sizes and types of financial institutions and individuals, including casinos.
Reversing the historical practice of allowing casinos to “neither admit nor deny” raises some interesting issues and may result in unanticipated collateral effects. For example, financial institutions will be less likely to enter into settlements if they are required to publicly admit wrongdoing. This will result in more cases going to trial, putting further burden on an already strained prosecutorial system.
FinCEN is not the only regulator to have considered this approach. Daniel P. Stipano, Deputy Chief Counsel of the Office of the Comptroller of the Currency, testified on the issue of requiring admissions in settlements before the House Committee on Financial Services, and argued that “because consent orders are made available to the public, requiring an admission of wrongdoing would prolong settlement negotiations and increase the number of respondents who choose to litigate the merits of the action.”6 In line with Mr. Stipano’s statements, many defendants will likely be concerned that an admission will have non-mutual offensive collateral estoppel effects in subsequent private litigation, barring the defendant from taking a different position or re-litigating the issues surround the alleged wrongdoing. Defendants may also be concerned that an admission of wrongdoing could be admissible evidence in subsequent private litigation.
Recent Notable Enforcement Actions FinCEN has taken enforcement actions against a wide range of financial institutions and individuals covered by the BSA, including casinos and casino employees.
For example, in March 2015, FinCEN imposed a $10 million penalty on Trump Taj Mahal in Atlantic City, N.J., for willful and repeated violations of the BSA.7 In addition to the civil penalty, the casino was required to conduct periodic external audits to examine its anti-money laundering BSA compliance program, and provide those reports to FinCEN and the casino’s board of directors. In the investigation, Trump Taj Mahal admitted to several willful BSA violations, including failure to implement and maintain an effective AML program, failure to report suspicious transactions, failure to properly file currency transaction reports, and failure to keep appropriate records as required by the BSA. Notably, Trump Taj Mahal had ample notice of these deficiencies as many of these violations were discovered in previous examinations. Trump Taj Mahal has a history of BSA violations dating back to 1998, when FinCEN assessed a $477,700 civil money penalty against Trump Taj Mahal for currency reporting violations.
More recently, in June 2015, FinCEN assessed a $75 million penalty against Hong Kong Entertainment Investments, Ltd., d/b/a Tinian Dynasty Hotel & Casino, in the Northern Mariana Islands for willful and egregious violations of the BSA.8 Specifically, Tinian Dynasty failed to develop and implement an AML program, and no member of Tinian Dynasty staff was delegated responsibility for day-to-day compliance with the BSA. The casino failed to develop and implement policies and procedures designed to ensure AML compliance, or to detect suspicious transactions; it also never conducted an independent test of its systems to ensure compliance. Further, casino personnel were not trained in BSA recordkeeping or in identifying, monitoring and reporting suspicious activity. The casino operated for years without AML programs in place, and accommodated patrons who desired to conduct financial transactions with large amounts of cash, without the casino reporting the transaction. In some instances, casino employees provided detailed instructions on how patrons could conduct transactions without being reported or without attracting law enforcement scrutiny.
Fostering a Culture of Compliance In her closing remarks, Ms. Booker focused on FinCEN’s expectation that institutions, including casinos and card clubs, develop a “culture of compliance.” For decades, other types of financial institutions, particularly banks, have heard their regulators consistently focus on this idea that compliance must be engrained in an institution’s culture. FinCEN’s comments at this conference reflect FinCEN’s expectation that casinos and card clubs will be held to the same high compliance standards as their much more pervasively regulated bank counterparts. Fundamental to the creation and development of a strong culture of compliance, regulated entities must develop a risk management framework that is engrained into the day-to-day culture of the entity. The entity’s board and management must exercise oversight of the risk management plan to ensure the establishment of effective communication channels, culture change, discipline, and accountability. A telltale sign of effective risk management is that minor deficiencies are identified before they become major compliance problems; the deficiencies are corrected; and the entity incorporates corrective measures going-forward to ensure that the same deficiency is unlikely to reemerge in the future. In other words, the entity learns from its mistakes. Repeated instances of the same deficiencies is a sign of a failed compliance culture.
In order to design and implement a culture of compliance, it is crucial that casinos and card clubs seek legal counsel that is familiar with the nuances of the legal, compliance, and reputational risks that are implicated by AML laws and regulations. Focusing on these risks as part of designing a comprehensive compliance program will help regulated entities, such as casinos and card clubs, to avoid potentially damaging enforcement actions in the future.
- 31 U.S.C. § 1021.320(a).
- 31 U.S.C. § 1021.320 (e).
- 31 U.S.C. § 1021.320 (f).
- USA PATRIOT Act § 314(b).
- Testimony of Daniel P. Stipano, Deputy Chief Counsel, Office of the Comptroller of the Currency, Before the Committee on Financial Services of the U.S. House of Representatives, May 17, 2012.
- “FinCEN Fines Trump Taj Mahal Casino Resort $10 Million of Significant and Long Standing Anti-Money Laundering Violations,” (March 6, 2015) (last visited June 23, 2015).
- “FinCEN Fines Tinian Dynasty Hotel & Casino $75 Million for Egregious Anti-Money Laundering Violations,” (June 3, 2015) (last visited June 23, 2015).
Client Alert 2015-174