Top Story Security Related

The Treasury Department yesterday reported that OFAC has sanctioned two individuals and one entity involved in a network that launders millions of dollars of illicit funds generated by the Democratic People’s Republic of Korea (DPRK) information technology (IT) workers and cybercrime to support the DPRK Government. Based in the United Arab Emirates (UAE), Lu Huaying and Zhang Jian worked through a UAE-based front company to facilitate money laundering and cryptocurrency conversion services that funneled the illicit proceeds back to Pyongyang. This network is led by OFAC-sanctioned Sim Hyon Sop (Sim), a PRC-based banking representative for the DPRK who orchestrates money laundering schemes to fund the regime.

Treasury also reported OFAC action against 12 individuals and eight entities, located across seven countries, who are linked to the global illicit drug trade. These sanctions are the result of strong collaboration with the Drug Enforcement Administration and a range of international law enforcement partners, including in Colombia, Lithuania, and New Zealand. This action was also enabled with support from Treasury’s Financial Crimes Enforcement Network and reporting from financial institutions under the Bank Secrecy Act, and was coordinated closely with various foreign Financial Intelligence Units.

For the names and identification information of the designated parties, see yesterday's BankersOnline OFAC Update.

The Office of the Comptroller of the Currency has reported the key issues facing the federal banking system in its Semiannual Risk Perspective for Fall 2024.

The OCC highlighted credit, operational, compliance, and market risks, as the key risk themes in the report. Highlights from the report include:

• Commercial credit risk remains moderate and shows signs of stabilizing as risks are better identified, monitored, and controlled.
• Overall retail credit risk is stable. Delinquency and loss rates on residential real estate-secured loans held by banks remain historically low but are increasing. Delinquencies in other retail asset classes, namely credit cards and auto loans, reflect an increasing trend.
• Operational risk is elevated. Banks continue to respond to an evolving and increasingly complex operating environment. Evolving cyber threats by sophisticated malicious actors target the financial services industry and their key service providers.
• From a compliance risk perspective, banks continue to operate in a dynamic banking environment as customers’ needs and preferences related to products, services, and delivery channels evolve.
• Community Reinvestment Act (CRA) related risks remain stable as the OCC continues to assess banks’ CRA performance under the 1995/2021 regulatory framework.
• Regarding market risk, banks net interest margin (NIM) performance has varied across bank asset sizes.

A special topic in the report focuses on the increasing trend in external fraud activity targeting consumers and the federal banking system. The frequency of both traditional and novel, more sophisticated fraud activities targeting customers and banks continues to increase. Banks should maintain sound fraud risk management practices through prudent controls and appropriate fraud monitoring capabilities to identify, investigate, mitigate, and report fraudulent activity. Banks can also support their customers by providing educational information about trending fraud activities and ways to protect themselves.

The Department of the Treasury has reported that OFAC has sanctioned nine individuals and seven entities that have provided financial and military support to the Democratic People’s Republic of Korea (DPRK). Also, the U.S. Department of State sanctioned three targets related to the DPRK’s ballistic missile program. These actions reflect the DPRK’s escalating provocation and hostile military posturing that exacerbate global tensions and destabilize regional peace and security.

For the names and identification information of the designated parties, see yesterday's BankersOnline OFAC Update.

The Treasury Department's Office of Foreign Assets Control (OFAC) has announced a $257,690 settlement with C.H. Robinson International Inc. (CHR). CHR agreed to settle its potential civil liability for 82 apparent violations by five of its non-U.S. subsidiaries, which provided freight brokerage or transportation services for shipments in apparent violation of OFAC sanctions on Cuba and Iran. The settlement amount reflects OFAC's determination that the apparent violations were voluntarily self-disclosed and were not egregious.

CHR is a Minnesota-based global transportation and logistics company. Following a series of overseas acquisitions by CHR of freight and logistics firms, between November 2018 and February 2022 five of CHR’s foreign subsidiaries provided freight brokerage or transportation services for 82 shipments, to or from Iran (in two instances), of Iranian- or Cuban-origin goods, or by dealing with an Iranian airline. The vast majority of the apparent violations appear to have occurred because the subsidiaries’ brokerage management systems had not yet been incorporated into CHR’s system or otherwise updated to include the latest sanctions compliance controls and did not screen for potentially violative transactions.

Further details can be found in OFAC's Enforcement Release.

The FDIC has published [89 FR 101014] a "Sunshine Act" notice of its next Board of Directors meeting, scheduled for 10:00 a.m. EST on Tuesday, December 17, 2024. The meeting will be open to public observation only by webcast. Matters on the agenda for consideration include:

• Proposed 2025 FDIC Operating Budget
• Discussion Draft relating to FDIC Policy regarding the Annunzio-Wylie Anti-Money Laundering Act
• Discussion Draft relating to FDIC Policy on Bank Capital Distributions in Unusual and Exigent Circumstances

The OCC, Federal Reserve Board, and FDIC this morning published [89 FR 99751] a request for comments to inform their review under the Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA) of agency regulations to identify outdated or otherwise unnecessary regulatory requirements on insured depository institutions and their holding companies.

This is the third of four such requests for comment on multiple categories of regulations. Today's request seeks comment on regulations in the categories of Rules of Procedure; Safety and Soundness; and Securities. Written comments will be accepted through March 11, 2025.

The Department of the Treasury has reported that the EU-U.S. Joint Financial Regulatory Forum took place December 4–5, 2024, with participants exchanging views on topics of mutual interest as part of their regular financial regulatory dialogue. The dialogue was co-chaired by the U.S. Department of the Treasury and the European Commission.

The Forum emphasized close, ongoing U.S. and EU cooperation in a range of areas and focused on seven themes: (1) market developments and financial stability; (2) operational resilience and digital finance; (3) the sharing and financial reporting of financial data; (4) anti-money laundering and countering the financing of terrorism (AML/CFT); (5) sustainable finance; (6) banking and insurance; and (7) capital markets.

The Treasury Department has reported that OFAC has sanctioned cybersecurity company Sichuan Silence Information Technology Company, Limited, and one of its employees, Guan Tianfeng, both based in the People’s Republic of China, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.S. critical infrastructure companies.

For identification information on Sichuan Silence and Guan, see yesterday's BankersOnline OFAC Update.

The Treasury Department has reported that OFAC has sanctioned one individual and one entity involved in abuses against prisoners held in Houthi-run prisons in Yemen and one individual providing support to Bashar al-Assad, and that the State Department has announced steps to impose visa restrictions on dozens of individuals pursuant to Section 212(a)(3)(C) of the Immigration and Nationality Act, and designated one official under Section 7031(c) of the annual Appropriations Act for involvement in a gross violation of human rights.

Treasury also reported that OFAC has sanctioned 28 individuals and businesses involved in a global gold smuggling and money laundering network based in Zimbabwe, under the authority of Executive Order 13818, which targets perpetrators of serious human rights abuse and corruption around the world.

For the names and identification information of the designated parties, see yesterday's BankersOnline OFAC Update.

On Friday, the Financial Stability Oversight Council unanimously approved its 2024 annual report, which reviews developments in financial markets, identifies vulnerabilities and emerging threats to U.S. financial stability, and makes recommendations to mitigate those vulnerabilities and threats. The report also details the activities of the Council and summarizes significant regulatory developments. The report was developed collaboratively by Council members and their agencies and staffs. Overall, the Council finds that the U.S. financial system remains resilient, though vulnerabilities warrant ongoing vigilance.

The report made recommendations in the following areas:

• Cybersecurity
• Depository institutions
• Third-party service providers
• Commercial real estate credit risk
• Digital assets
• Investment funds