Top Story Security Related

The FDIC has made its November 2024 updates to its Risk Management Manual of Examination Policies (RMS Manual). The Manual provides FDIC examiners information relating to examination activities and supervisory practices. The FDIC conducts examinations at financial institutions to ensure public confidence in the banking system and to protect the Deposit Insurance Fund. The Manual promotes consistency in examination activities, which center on evaluating an institution’s capital, assets, management, earnings, liquidity, sensitivity to market risk, and adherence to laws and regulations.

This month's updates are found in Section 22.1 — Examination Documentation Modules. The FDIC has added 25 Reference ED Modules to this section.

OFAC has issued a Penalty Notice imposing a $1,104,408 penalty on a natural U.S. person for 75 violations of OFAC sanctions on Iran valued at approximately $561,802.

Between 2019 and 2022, the individual executed a plan to purchase, renovate, and operate a hotel in Iran. In furtherance of this scheme, this individual used foreign money services businesses in Iran and Canada to evade U.S. sanctions, while aware at all times of U.S. sanctions on Iran. The penalty amount reflects OFAC’s determination that the violations were egregious and were not voluntarily self-disclosed.

Yesterday, the Treasury Department reported that OFAC sanctioned a network of nine Mexican nationals involved in fentanyl, heroin, and other deadly drug trafficking and money laundering. Individuals designated in this network also engage in human smuggling in furtherance of their drug trafficking activities. Additionally, as members of the Cartel Jalisco Nueva Generacion (CJNG), some of the individuals sanctioned today played a prominent role in the early stages of the U.S. opioid crisis, a leading factor driving the United States’ modern fentanyl crisis. CJNG is a violent Mexico-based drug trafficking organization responsible for a significant proportion of fentanyl and other deadly drugs trafficked into the United States.

Treasury also reported that OFAC designated six senior Hamas officials, including the terrorist group’s representatives abroad, a senior member of the Hamas military wing, the Izz Al-Din Al-Qassam Brigades, as well as individuals involved in supporting the terrorist group’s fundraising efforts and weapons smuggling into Gaza.

For the names and identification information of the designated individuals, see yesterday's BankersOnline OFAC Update.

Yesterday, the Treasury Department reported that OFAC was sanctioning Amana the Settlement Movement of Gush Emunim Central Cooperative Association Ltd (Amana), a settlement development organization that is involved with U.S.-sanctioned individuals and outposts that perpetrate violence in the West Bank, and its subsidiary Binyanei Bar Amana Ltd. Concurrently, the Department of State was designating three individuals and one entity.

For the names and identification information of the designated individuals and entities, see yesterday's BankersOnline OFAC Update.

The CFPB has published its Personal Financial Data Rights Rule at 89 FR 90838 in this morning's Federal Register.

Subject to the outcome of pending litigation against the rule, it will become final on January 17, 2025, with compliance dates for data providers beginning April 1, 2026; April 1, 2027; April 1, 2028; April 1, 2029; or April 1, 2030, based on the criteria set forth in § 1033.121(c).

FinCEN has updated two FAQs related to access to Beneficial Ownership Information. The topics covered are in Section O (Access FAQs), and include FAQ O1 (Access to BOI for authorized recipients) and FAQ O2 (Access to BOI for Federal agencies).

FAQ O1 indicates that access is being offered in five phases. The first four phases will extend the opportunity to request access to Federal and State, local, and Tribal law enforcement partners. The fifth phase, expected to begin in the spring of 2025, will extend the opportunity to request access to financial institutions subject to due diligence requirements under applicable law and their supervisors.

Yesterday, the Treasury Department reported that OFAC has sanctioned 26 companies, individuals, and vessels associated with the Al-Qatirji Company, a Syrian conglomerate responsible for generating hundreds of millions of dollars in revenue for Iran’s Islamic Revolutionary Guard Corps-Qods Force and the Houthis through the sale of Iranian oil to Syria and the People’s Republic of China.

For the names and identification information of the designated persons and vessels, see yesterday's BankersOnline OFAC Update.

OFAC has announced a $178,421 settlement with American Life Insurance Company (ALICO), a subsidiary of MetLife, Inc. ALICO agreed to settle its potential civil liability for 2,331 apparent violations of OFAC sanctions on Iran. The apparent violations related to insurance policies provided to entities in the United Arab Emirates that were owned or controlled by the Government of Iran. The settlement amount reflects OFAC's determination that the apparent violations were voluntarily self-disclosed and were not egregious.

FRBServices has announced the expansion of FedDetect Duplicate Notification for Check Services to include commercial checks, alongside its existing Treasury check notification service. Financial institutions can now see deposit information and images of potential duplicate items for commercial checks, supplementing their existing check fraud mitigation tools.

“Commercial checks remain a critically important form of payment, but they’re also vulnerable to fraud,” said Shonda Clay, FRFS executive vice president and chief of product and relationship management. “With the expansion of our FedDetect service, we are providing financial institutions of all sizes another powerful tool in their risk mitigation toolkit. Even better, we are now offering this service at no cost as part of our commitment to supporting depository institutions in the collective, industry-wide mission to combat fraud.”

The FedDetect service helps financial institutions mitigate loss of funds due to fraud or deposit capture errors by sending notices of potential duplicate Treasury or commercial checks across multiple payment channels and financial institutions.

The Financial Stability Board, an international organization that coordinates the work of national financial authorities and international standard-setting bodies and develops and promotes the implementation of effective regulatory, supervisory, and other financial sector policies in the interest of financial stability, has issued a report, "The Financial Stability Implications of Artificial Intelligence," which outlines recent developments in the adoption of artificial intelligence (AI) in finance and their potential implications for financial stability.

The FSB stated that widespread adoption and more diverse use cases of AI have prompted the FSB to revisit its 2017 report on AI and machine learning in financial services. Financial firms currently use AI mainly to enhance internal operations and improve regulatory compliance, but generative AI (GenAI) and large language models have given rise to new use cases, such as document summation, information retrieval, and code generation. While many financial institutions appear to be taking a cautious approach to using GenAI, interest remains high and the technology’s accessibility could facilitate more rapid integration in financial services.

The report notes that—

• The rapid adoption of AI offers several benefits but may also amplify certain financial sector vulnerabilities, such as third-party dependencies, market correlations, cyber risk and model risk, potentially increasing systemic risk.
• While existing financial policy frameworks address many of the vulnerabilities associated with use of AI by financial institutions, more work may be needed to ensure that these frameworks are sufficiently comprehensive.
• Financial authorities should enhance monitoring of AI developments, assess whether financial policy frameworks are adequate, and enhance their regulatory and supervisory capabilities including by using AI-powered tools.