Top Story Security Related

The Treasury Department yesterday announced that OFAC was designating Hilltop Youth, a violent extremist group that has repeatedly attacked Palestinians and destroyed Palestinian homes and property in the West Bank.

The Treasury Department alsoreported that OFAC was designating seven individuals and two entities associated with the Russia-based cybercriminal group Evil Corp, in a tri-lateral action with the United Kingdom’s Foreign, Commonwealth & Development Office (FCDO) and Australia’s Department of Foreign Affairs and Trade (DFAT). Additionally, the U.S. Department of Justice has unsealed an indictment charging one Evil Corp member in connection with his use of BitPaymer ransomware targeting victims in the United States.

For identification information on the sanctioned individuals and entities, see BankersOnline’s October 1, 2024, OFAC Update.

The Securities and Exchange Commission has announced charges against registered broker-dealer TD Securities (USA) LLC for manipulating the U.S. Treasury cash securities market through an illicit trading strategy known as spoofing. The bank was also charged for failing to supervise the then-head of its U.S. Treasuries trading desk, who allegedly made hundreds of illegal trades over a 13-month period.

According to the SEC's order, between April 2018 and May 2019, the former TD Securities trader spoofed the U.S. Treasury cash securities market by entering orders on one side of the market that he had no intention of executing (herein, non-bona fide orders), so he could obtain more favorable execution prices on bona fide orders he was entering simultaneously on the other side of the market. After the bona fide orders were filled, resulting in profits to TD Securities, the trader allegedly then canceled the non-bona fide orders. The SEC’s order also finds that TD Securities lacked adequate controls and that it failed to take reasonable steps to scrutinize the trader after receiving warnings of his potentially irregular trading activity.

TD Securities consented to the entry of the SEC’s order finding that it violated an antifraud provision of the federal securities laws and failed to reasonably supervise the trader. TD Securities was further ordered to cease and desist from future violations of the relevant antifraud provision, was censured, and was ordered to pay disgorgement of $400,000, prejudgment interest, and a civil penalty of $6.5 million. In a related matter, TD Securities has entered into a deferred prosecution agreement with the U.S. Department of Justice and has agreed to pay a total monetary sanction of more than $15 million as part of that agreement, of which $400,000 will be credited by disgorgement to the SEC. TD Securities has separately agreed to pay a $6 million fine to the Financial Industry Regulatory Authority to resolve related charges.

The National Credit Union Administration has announced it has issued a Consent Prohibition Order against Monica Jackson, formerly the operation and marketing director at Koin Credit Union, Brentwood, Tennessee, after a finding that she took cash out of the credit union’s vault, made unauthorized transfers to herself out of the account of a deceased member, and fraudulently opened and used lines of credit in the names of nominees for her own personal gain. She further used the master administration access code to lock one of the accounts she was using to conceal her fraudulent activity from other employees and KCU. Her fraudulent activities caused the credit union significant financial loss.

The NCUA also issued a Notice of Prohibition to Autumn S. Smith formerly employed by SecurityPlus Federal Credit Union, Baltimore, Maryland, after a conviction for the offense of theft ($1,500 to under $25,000) resulting from her misconduct at the credit union.

On Friday, the Treasury Department announced OFAC actions to defend and protect U.S. campaign and government officials from Iranian attempts to interfere in U.S. elections. OFAC designated seven individuals as part of a coordinated U.S. government response to Iran’s operations that sought to influence or interfere in the 2024 and 2020 presidential elections.

For the names and identification information of the designated individuals, see Friday's BankersOnline OFAC Update.

The OCC has expanded the reach of its earlier announcement allowing banks in the path of Hurricane Helene to close. Yesterday, the OCC issued a proclamation allowing national banks, federal savings associations, and federal branches and agencies of foreign banks to close offices in areas of North Carolina, South Carolina and Virginia affected by Hurricane Helene, if they are affected by potentially unsafe conditions as a result of the storm.

The Treasury Department has reported actions taken by OFAC in a coordinated international effort to disrupt Russian cybercrime services. FinCEN has issued a notice on Imposition of Special Measure Prohibiting the Transmittal of Funds Involving PM2BTC that identifies a Russian virtual currency exchanger associated with Russian individual Sergey Sergeevich Ivanov—as being of “primary money laundering concern” in connection with Russian illicit finance. Concurrently, the Office of Foreign Assets Control (OFAC) is sanctioning Ivanov and Cryptex—a virtual currency exchange registered in St. Vincent and the Grenadines and operating in Russia. The FinCEN and OFAC actions are being issued in conjunction with actions by other U.S. government agencies and international law enforcement partners to hold accountable Ivanov and the associated virtual currency services. FinCEN's notice will be effective when published in the Federal Register

According to Treasury, the U.S. Secret Service’s Cyber Investigative Section, the Netherlands Police, and the Dutch Fiscal Intelligence and Investigation Service (FIOD) have seized web domains and/or infrastructure associated with PM2BTC, UAPS, and Cryptex. The U.S. Department of State has issued a reward offer up to $10 million through its Transnational Organized Crime Rewards Program for information leading to the arrest and/or conviction of Ivanov. Lastly, the U.S. Secret Service and the U.S. Attorney’s Office for the Eastern District of Virginia are unsealing an indictment of Ivanov and another Russian national, Timur Shakhmametov. These actions by U.S. and Dutch agencies were taken in partnership with Operation Endgame, a multinational coordinated cyber operation with European partners, to dismantle financial enablers of transnational organized cybercrime.

For identification information on Ivanov and Cryptex, see BankersOnline’s September 26, 2024, OFAC Update.

FinCEN has announced it has published a notice in the Federal Register today at 89 FR 79184 withdrawing its finding that ABLV Bank, AS is a financial institution of primary money laundering concern, as well as the related notice of proposed rulemaking seeking to impose special measure five pursuant to section 311 of the USA PATRIOT Act.

On February 16, 2018, FinCEN issued an NPRM that set forth FinCEN’s findings of money laundering concern regarding ABLV, a commercial bank located in Riga, Latvia, and proposed imposing special measure five under section 311, prohibiting covered financial institutions from opening or maintaining in the United States correspondent accounts for, or on behalf of, ABLV.

According to FinCEN, material subsequent developments since the issuance of the NPRM have mitigated the money laundering risks associated with ABLV. Shortly after the issuance of the NPRM, the European Central Bank (ECB) determined that ABLV—as well as its subsidiary, ABLV Bank Luxembourg—was failing or likely to fail. The ECB subsequently withdrew ABLV’s banking license, and the Luxembourg subsidiary was ordered dissolved. Thus, ABLV no longer operates as a depository institution. The bank is in the advanced stage of an irrevocable liquidation process supervised by the Government of Latvia, which ensures anti-money laundering/countering terrorist financing compliance. Furthermore, Latvian authorities have undertaken significant efforts to identify and address past illicit activity facilitated by the bank, resulting in criminal charges against owners of the bank and its senior managers. As a result, FinCEN has determined that ABLV is no longer a financial institution of primary money laundering concern.

The Treasury Department yesterday issued two announcements of OFAC sanctions activity.

OFAC has sanctioned two Haitian individuals: a former member of Haiti’s parliament, Prophane Victor, for his role in forming, supporting, and arming gangs and their members that have committed serious human rights abuse in Haiti; and Luckson Elan, the current leader of the Gran Grif gang, for his involvement in serious human rights abuse related to gang activity in Haiti’s Artibonite department.

OFAC has also sanctioned one individual and more than a dozen entities and vessels for their involvement in the shipment of Iranian crude oil and liquid petroleum gas to Syria and East Asia on behalf of the Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF) and Hizballah.

For the names and identification information of the designated individuals, entities and vessels involved in the two OFAC actions, see yesterday’s BankersOnline OFAC Update.

The OCC has announced it has issued a proclamation allowing national banks, federal savings associations, and federal branches and agencies of foreign banks to close offices in areas of Alabama, Florida, Georgia and Tennessee affected by Hurricane Helene. As is always the case, the OCC expects that only those bank offices directly affected by potentially unsafe conditions will close, and those offices should make every effort to reopen as quickly as possible to address the banking needs of their customers.

• OCC Bulletin 2012-28, Supervisory Guidance on Natural Disasters and Other Emergency Conditions
• OCC Major Disaster News Center

The FDIC has issued FIL-66-2024 with steps intended to provide regulatory relief to financial institutions and facilitate recovery in areas of Illinois affected by severe storms, tornadoes, straight-line winds, and flooding from July 13 to July 16, 2024. Cook, Fulton, Henry, St. Clair, Washington, Will and Winnebago Counties are currently included as affected areas. That list may change. Check FEMA's website at https://www.fema.gov/disaster/4819/designated-areas for any updates.

The FDIC also issued FIL-67-2024 to provide regulatory relief to financial institutions and facilitate recovery in areas of Connecticut — including Fairfield, Litchfield, and New Haven Counties — affected by a severe storm, flooding, landslides, and mudslides on August 18 and 19, 2024. Any updates to that list of counties will be posted to FEMA’s website at https://www.fema.gov/disaster/4820/designated-areas.