FREQUENTLY ASKED QUESTIONS
Issued: January 18, 2023
Subject: Section 9714 Order Prohibits Certain Transmittals of Funds Involving Bitzlato
On January 18, 2023,
FinCEN issued an order that identifies Bitzlato Limited (Bitzlato), a financial institution operating outside of the United States, to be of primary money laundering concern in connection with Russian illicit finance and prohibits certain transmittals of funds involving Bitzlato by any covered financial institution (see FAQ #4) (the Order). The Order is the first such order issued pursuant to section 9714(a) of the Combating Russian Money Laundering Act (Public Law 116-283), as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81).
As a general matter, FinCEN expects covered financial institutions, including, but not limited to, convertible virtual currency (CVC) exchangers, to implement procedures reasonably designed to ensure compliance with the terms of the Order and exercise reasonable due diligence to prevent it (or its subsidiaries) from engaging in transmittals of funds involving Bitzlato.
To assist covered financial institutions in complying with the Order, FinCEN is publishing this list of frequently asked questions (FAQs). These FAQs are applicable only to this Order and should not be construed to apply to any other regulation or order issued by FinCEN. Terms used but not otherwise defined herein have the meaning set forth in the Order. For additional questions, please contact the FinCEN Resource Center at
[email protected].
1) What is a section 9714 action?
Section 9714 actions are undertaken by FinCEN pursuant to the authority granted in section 9714(a) of the Combating Russian Money Laundering Act (Public Law 116-283), as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81).
Upon determining that one or more financial institutions operating outside of the United States, or one or more classes of transactions within, or involving, a jurisdiction outside of the United States, or one or more types of accounts within, or involving, a jurisdiction outside of the United States is of primary money laundering concern in connection with Russian illicit finance, the Secretary of the Treasury is authorized to impose one or more of the following special measures: (1) one or more of the special measures described in 31 U.S.C. § 5318A(b), commonly known as section 311 of the USA PATRIOT Act (section 311); or (2) special measures prohibiting or imposing conditions upon certain transmittals of funds, as defined by the Secretary of the Treasury, by any domestic financial institution or domestic financial agency. In this case, this action is an order prohibiting certain transmittals of funds involving Bitzlato by any covered financial institution. The authority of the Secretary of the Treasury to administer section 9714(a) has been delegated to FinCEN.
The full statutes can be found here: Section 9714(a) of the Combating Russian Money Laundering Act (pages 1452-3) and as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (page 847).
2) How is a section 9714 action different than a section 311 action?
A section 9714 action is similar to a section 311 action. However, section 9714 actions are expressly intended to address, and can only be invoked for, primary money laundering concerns in connection with Russian illicit finance, can be implemented via order (without accompanying rulemaking), and can prohibit or place conditions on certain transmittals of funds.
3) Is there a limitation on the duration of this Order?
There is no limitation on the duration of a section 9714 order. The terms of this Order are effective February 1, 2023, with no cessation date.
4) What is a covered financial institution?
For the purpose of this Order, FinCEN has determined that a covered financial institution, meaning a financial institution required to comply with the Order, would be any domestic financial institution as defined in 31 C.F.R. §
1010.100(t).
5) How should covered financial institutions interpret this Order?
Covered financial institutions should: (1) cease any and all transmittals of funds, including CVC, from or to Bitzlato, or from or to any account or CVC address administered by Bitzlato, except as otherwise set forth in the Order; and (2) incorporate the determination that Bitzlato is of primary money laundering concern into their Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) compliance programs.
In the event that a covered financial institution determines that it is in receipt of CVC from Bitzlato, or from an account or CVC address administered by or on behalf of Bitzlato, either intentionally sent to covered financial institutions’ customers or by receiving CVC from dusting and/or spam attacks,1 the Order permits financial institutions to reject such CVC (as discussed in FAQ #8).
[1]. CVC sent in small increments to many CVC addresses (dusting) or targeted CVC addresses (political or spam) to make a statement on the public blockchain occurs after public actions. FinCEN anticipates this will occur after the Bitzlato action and because only the sender has control over
the CVC sent, a covered financial institution may be in receipt of CVC from Bitzlato and will need instructions on what to do with such CVC.
6) How should covered financial institutions identify Bitzlato or identify transactions involving Bitzlato?
FinCEN recommends that covered financial institutions continue to implement appropriate
AML/CFT procedures and systems, including traditional compliance screening and blockchain tracing software, to identify their customers and determine whether they are involved in a transmittal of funds involving Bitzlato.
7) What is the prohibition placed on covered financial institutions?
As described in the Order, a covered financial institution is prohibited from engaging in a transmittal of funds from or to Bitzlato, or from or to any account or CVC address administered by or on behalf of Bitzlato.
8) What if a covered financial institution is unable to proactively prevent the receipt of CVC from Bitzlato?
FinCEN recognizes that, under certain circumstances, covered financial institutions may be subject to technological constraints that limit their ability to decline or reject incoming CVC transfers from addresses outside of their control.
For that reason, the Order offers covered financial institutions limited flexibility to decide, based on the facts and circumstances of a particular transaction and consistent with the terms of the Order, how to handle CVC transfers that originated from Bitzlato, or from an account or CVC address administered by or on behalf of Bitzlato. Specifically, a covered financial institution will be deemed not to have violated this Order where, upon determining that it received CVC that originated from Bitzlato or from an account or CVC address administered by or on behalf of Bitzlato, that covered financial institution “rejects” the transaction by: (1) preventing the intended recipient from accessing such CVC; and (2) returning the CVC to Bitzlato, or to the account or CVC address from which the CVC originated.
However, covered financial institutions are not required to reject such CVC transfers where doing so would violate other applicable laws or regulations, including, but not limited to, the sanctions administered and enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC). As stated in the Order, nothing in the Order shall be construed to modify, impair or otherwise affect any requirements or obligations to which a covered financial institution is subject pursuant to the Bank Secrecy Act, including, but not limited to, the filing of Suspicious Activity Reports (SARs), or other applicable laws or regulations, such as the sanctions administered and enforced by
OFAC.
Importantly, covered financial institutions may only “reject” transactions, as defined in the Order, in the form of CVC. When transfers of funds are in the form of fiat currency, as in a traditional bank wire or Automated Clearing house (ACH) transfer, financial institutions are instead required to reject such transactions without accepting the funds.
9) What is the penalty if FinCEN finds a covered financial institution is continuing to transact with Bitzlato in a manner prohibited by the Order?
Section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81) amended section 9714 of the Combating Russian Money Laundering Act (Public Law 116-283) to, among other things, provide that the penalties set forth in 31 U.S.C. §§ 5321 and 5322 that apply to violations of special measures imposed under 31 U.S.C. § 5318A will apply to violations of any order, regulation, special measure, or other requirement imposed under section 9714(a), in the same manner and to the same extent as described in §§ 5321 and 5322.
Civil penalties: FinCEN may impose a civil money penalty in an amount equal to not less than two times the amount of the transaction, but not more than $1,556,481 (as of today’s date), on any covered financial institution that violates a section 9714 order.
Criminal penalties: A covered financial institution that violates a section 9714 order will also be subject to a criminal fine in an amount equal to not less than two times the amount of the transaction, but not more than $1,000,000.
10) What if a covered financial institution identifies funds that originated from Bitzlato after the funds have been provided to a customer, or even withdrawn from the covered financial institution by the customer?
FinCEN recognizes that screening software may not immediately identify some transactions as involving Bitzlato. FinCEN expects that covered financial institutions will take such steps that a reasonable and prudent financial institution would take to identify any transactions that are prohibited by the Order.
11) What if a covered financial institution identifies historical transactions with Bitzlato?
Past transactional exposure to Bitzlato does not violate this Order, and, without identified high risk or prohibited activity, is not necessarily indicative of a connection to Russian illicit finance, money laundering, or other illicit activity. Covered financial institutions should exercise ordinary due diligence to determine the significance of such exposure.
FinCEN expects that covered financial institutions will take such steps that a reasonable and prudent financial institution would take to identify any transactions that are prohibited by the Order, including determining risk exposure with any person associated with Russian illicit finance or violations of applicable law, and determining the significance of such exposure.
12) Who is responsible for the transaction fees if a covered financial institution decides to reject CVC?
As long as a covered financial institution develops an established process that can be referenced in an audit, it may choose to pay the transmittal fee itself or take a portion of the original rejected CVC to facilitate the rejection transaction in accordance with its accounting policies and procedures.
13) How prioritized does a rejection transaction need to be? How quickly does a rejection transaction need to be validated for it to constitute compliance?
Covered financial institutions are expected to take such steps that a reasonable and prudent financial institution would take in order to identify and reject transactions involving Bitzlato. As such, FinCEN expects that covered financial institutions will exercise reasonable diligence and discretion in rejecting transactions and develop an established process for rejections that can be referenced in an audit.
14) Are covered financial institutions required to file a Suspicious Activity Report (SAR) when they identify and/or send funds back to Bitzlato?
The Order does not impose a
SAR reporting obligation. However, consistent with their existing SAR reporting obligations, covered financial institutions may consider, as warranted and appropriate, Bitzlato’s identification as a primary money laundering concern related to Russian illicit finance.
If a SAR is filed pursuant to Bitzlato transactional activity, in Field 2 (Filing Institution Note to FinCEN) of the SAR format, FinCEN requests that covered financial institutions enter “FIN-9714 Bitzlato”.
As a reminder, certain financial institutions operating in the United States are required to file with FinCEN, to the extent and in the manner required by 31 CFR Chapter X and 12 CFR §§ 21.11, 163.180, 208.62, 353.3, and 748.1, a report of any suspicious transaction relevant to a possible violation of law or regulation. Financial institutions required to file a FinCEN SAR include: Banks (31 CFR §
1020.320); Casinos and Card Clubs (31 CFR §
1021.320); Money Services Businesses (31 CFR §
1022.320); Brokers or Dealers in Securities (31 CFR §
1023.320); Mutual Funds (31 CFR §
1024.320); and Futures Commission Merchants and Introducing Brokers in Commodities (31 CFR §
1026.320).
15) What types of information would be useful in a SAR related to Bitzlato?
Useful information in a SAR related to Bitzlato may include: CVC transactional information, to include CVC type (e.g., Bitcoin, Monero, Litecoin, Ethereum, etc.), denomination amount(s) in CVC and U.S. dollar equivalent amount, source and destination addresses, and transaction hash; and the customer information related to the transaction(s) involving Bitzlato, to include name(s), identification numbers, emails, IP addresses, and any other suspicious activity identified with that customer.
Issued: January 18, 2023
Subject: Section 9714 Order Prohibits Certain Transmittals of Funds Involving Bitzlato
On January 18, 2023, FinCEN issued an order that identifies Bitzlato Limited (Bitzlato), a financial institution operating outside of the United States, to be of primary money laundering concern in connection with Russian illicit finance and prohibits certain transmittals of funds involving Bitzlato by any covered financial institution (see FAQ #4) (the Order). The Order is the first such order issued pursuant to section 9714(a) of the Combating Russian Money Laundering Act (Public Law 116-283), as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81).
As a general matter, FinCEN expects covered financial institutions, including, but not limited to, convertible virtual currency (CVC) exchangers, to implement procedures reasonably designed to ensure compliance with the terms of the Order and exercise reasonable due diligence to prevent it (or its subsidiaries) from engaging in transmittals of funds involving Bitzlato.
To assist covered financial institutions in complying with the Order, FinCEN is publishing this list of frequently asked questions (FAQs). These FAQs are applicable only to this Order and should not be construed to apply to any other regulation or order issued by FinCEN. Terms used but not otherwise defined herein have the meaning set forth in the Order. For additional questions, please contact the FinCEN Resource Center at [email protected].
1) What is a section 9714 action?
Section 9714 actions are undertaken by FinCEN pursuant to the authority granted in section 9714(a) of the Combating Russian Money Laundering Act (Public Law 116-283), as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81).
Upon determining that one or more financial institutions operating outside of the United States, or one or more classes of transactions within, or involving, a jurisdiction outside of the United States, or one or more types of accounts within, or involving, a jurisdiction outside of the United States is of primary money laundering concern in connection with Russian illicit finance, the Secretary of the Treasury is authorized to impose one or more of the following special measures: (1) one or more of the special measures described in 31 U.S.C. § 5318A(b), commonly known as section 311 of the USA PATRIOT Act (section 311); or (2) special measures prohibiting or imposing conditions upon certain transmittals of funds, as defined by the Secretary of the Treasury, by any domestic financial institution or domestic financial agency. In this case, this action is an order prohibiting certain transmittals of funds involving Bitzlato by any covered financial institution. The authority of the Secretary of the Treasury to administer section 9714(a) has been delegated to FinCEN.
The full statutes can be found here: Section 9714(a) of the Combating Russian Money Laundering Act (pages 1452-3) and as amended by section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (page 847).
2) How is a section 9714 action different than a section 311 action?
A section 9714 action is similar to a section 311 action. However, section 9714 actions are expressly intended to address, and can only be invoked for, primary money laundering concerns in connection with Russian illicit finance, can be implemented via order (without accompanying rulemaking), and can prohibit or place conditions on certain transmittals of funds.
3) Is there a limitation on the duration of this Order?
There is no limitation on the duration of a section 9714 order. The terms of this Order are effective February 1, 2023, with no cessation date.
4) What is a covered financial institution?
For the purpose of this Order, FinCEN has determined that a covered financial institution, meaning a financial institution required to comply with the Order, would be any domestic financial institution as defined in 31 C.F.R. § 1010.100(t).
5) How should covered financial institutions interpret this Order?
Covered financial institutions should: (1) cease any and all transmittals of funds, including CVC, from or to Bitzlato, or from or to any account or CVC address administered by Bitzlato, except as otherwise set forth in the Order; and (2) incorporate the determination that Bitzlato is of primary money laundering concern into their Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) compliance programs.
In the event that a covered financial institution determines that it is in receipt of CVC from Bitzlato, or from an account or CVC address administered by or on behalf of Bitzlato, either intentionally sent to covered financial institutions’ customers or by receiving CVC from dusting and/or spam attacks,1 the Order permits financial institutions to reject such CVC (as discussed in FAQ #8).
[1]. CVC sent in small increments to many CVC addresses (dusting) or targeted CVC addresses (political or spam) to make a statement on the public blockchain occurs after public actions. FinCEN anticipates this will occur after the Bitzlato action and because only the sender has control over
the CVC sent, a covered financial institution may be in receipt of CVC from Bitzlato and will need instructions on what to do with such CVC.
6) How should covered financial institutions identify Bitzlato or identify transactions involving Bitzlato?
FinCEN recommends that covered financial institutions continue to implement appropriate AML/CFT procedures and systems, including traditional compliance screening and blockchain tracing software, to identify their customers and determine whether they are involved in a transmittal of funds involving Bitzlato.
7) What is the prohibition placed on covered financial institutions?
As described in the Order, a covered financial institution is prohibited from engaging in a transmittal of funds from or to Bitzlato, or from or to any account or CVC address administered by or on behalf of Bitzlato.
8) What if a covered financial institution is unable to proactively prevent the receipt of CVC from Bitzlato?
FinCEN recognizes that, under certain circumstances, covered financial institutions may be subject to technological constraints that limit their ability to decline or reject incoming CVC transfers from addresses outside of their control.
For that reason, the Order offers covered financial institutions limited flexibility to decide, based on the facts and circumstances of a particular transaction and consistent with the terms of the Order, how to handle CVC transfers that originated from Bitzlato, or from an account or CVC address administered by or on behalf of Bitzlato. Specifically, a covered financial institution will be deemed not to have violated this Order where, upon determining that it received CVC that originated from Bitzlato or from an account or CVC address administered by or on behalf of Bitzlato, that covered financial institution “rejects” the transaction by: (1) preventing the intended recipient from accessing such CVC; and (2) returning the CVC to Bitzlato, or to the account or CVC address from which the CVC originated.
However, covered financial institutions are not required to reject such CVC transfers where doing so would violate other applicable laws or regulations, including, but not limited to, the sanctions administered and enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC). As stated in the Order, nothing in the Order shall be construed to modify, impair or otherwise affect any requirements or obligations to which a covered financial institution is subject pursuant to the Bank Secrecy Act, including, but not limited to, the filing of Suspicious Activity Reports (SARs), or other applicable laws or regulations, such as the sanctions administered and enforced by OFAC.
Importantly, covered financial institutions may only “reject” transactions, as defined in the Order, in the form of CVC. When transfers of funds are in the form of fiat currency, as in a traditional bank wire or Automated Clearing house (ACH) transfer, financial institutions are instead required to reject such transactions without accepting the funds.
9) What is the penalty if FinCEN finds a covered financial institution is continuing to transact with Bitzlato in a manner prohibited by the Order?
Section 6106(b) of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81) amended section 9714 of the Combating Russian Money Laundering Act (Public Law 116-283) to, among other things, provide that the penalties set forth in 31 U.S.C. §§ 5321 and 5322 that apply to violations of special measures imposed under 31 U.S.C. § 5318A will apply to violations of any order, regulation, special measure, or other requirement imposed under section 9714(a), in the same manner and to the same extent as described in §§ 5321 and 5322.
Civil penalties: FinCEN may impose a civil money penalty in an amount equal to not less than two times the amount of the transaction, but not more than $1,556,481 (as of today’s date), on any covered financial institution that violates a section 9714 order.
Criminal penalties: A covered financial institution that violates a section 9714 order will also be subject to a criminal fine in an amount equal to not less than two times the amount of the transaction, but not more than $1,000,000.
10) What if a covered financial institution identifies funds that originated from Bitzlato after the funds have been provided to a customer, or even withdrawn from the covered financial institution by the customer?
FinCEN recognizes that screening software may not immediately identify some transactions as involving Bitzlato. FinCEN expects that covered financial institutions will take such steps that a reasonable and prudent financial institution would take to identify any transactions that are prohibited by the Order.
11) What if a covered financial institution identifies historical transactions with Bitzlato?
Past transactional exposure to Bitzlato does not violate this Order, and, without identified high risk or prohibited activity, is not necessarily indicative of a connection to Russian illicit finance, money laundering, or other illicit activity. Covered financial institutions should exercise ordinary due diligence to determine the significance of such exposure.
FinCEN expects that covered financial institutions will take such steps that a reasonable and prudent financial institution would take to identify any transactions that are prohibited by the Order, including determining risk exposure with any person associated with Russian illicit finance or violations of applicable law, and determining the significance of such exposure.
12) Who is responsible for the transaction fees if a covered financial institution decides to reject CVC?
As long as a covered financial institution develops an established process that can be referenced in an audit, it may choose to pay the transmittal fee itself or take a portion of the original rejected CVC to facilitate the rejection transaction in accordance with its accounting policies and procedures.
13) How prioritized does a rejection transaction need to be? How quickly does a rejection transaction need to be validated for it to constitute compliance?
Covered financial institutions are expected to take such steps that a reasonable and prudent financial institution would take in order to identify and reject transactions involving Bitzlato. As such, FinCEN expects that covered financial institutions will exercise reasonable diligence and discretion in rejecting transactions and develop an established process for rejections that can be referenced in an audit.
14) Are covered financial institutions required to file a Suspicious Activity Report (SAR) when they identify and/or send funds back to Bitzlato?
The Order does not impose a SAR reporting obligation. However, consistent with their existing SAR reporting obligations, covered financial institutions may consider, as warranted and appropriate, Bitzlato’s identification as a primary money laundering concern related to Russian illicit finance.
If a SAR is filed pursuant to Bitzlato transactional activity, in Field 2 (Filing Institution Note to FinCEN) of the SAR format, FinCEN requests that covered financial institutions enter “FIN-9714 Bitzlato”.
As a reminder, certain financial institutions operating in the United States are required to file with FinCEN, to the extent and in the manner required by 31 CFR Chapter X and 12 CFR §§ 21.11, 163.180, 208.62, 353.3, and 748.1, a report of any suspicious transaction relevant to a possible violation of law or regulation. Financial institutions required to file a FinCEN SAR include: Banks (31 CFR § 1020.320); Casinos and Card Clubs (31 CFR § 1021.320); Money Services Businesses (31 CFR § 1022.320); Brokers or Dealers in Securities (31 CFR § 1023.320); Mutual Funds (31 CFR § 1024.320); and Futures Commission Merchants and Introducing Brokers in Commodities (31 CFR § 1026.320).
15) What types of information would be useful in a SAR related to Bitzlato?
Useful information in a SAR related to Bitzlato may include: CVC transactional information, to include CVC type (e.g., Bitcoin, Monero, Litecoin, Ethereum, etc.), denomination amount(s) in CVC and U.S. dollar equivalent amount, source and destination addresses, and transaction hash; and the customer information related to the transaction(s) involving Bitzlato, to include name(s), identification numbers, emails, IP addresses, and any other suspicious activity identified with that customer.