new-LOGO-GREY-TEXT - Modifié

As a courtesy to our friends and clients, we are pleased to provide you with this analysis, discussing the extraterritorial reach of U.S. laws, rules and regulations upon UAE banks, as well as an analysis of the duties and obligations required of UAE banks to comply with U.S. anti-money laundering laws.

In drafting this Client Update, we have examined and relied upon the laws of the United States of America, including but not limited to:

The Bank Secrecy Act, 31 USC 5311 et. seq. (“BSA”);

The Money Laundering Control Act of 1986 (“Money Laundering Act”),

The Currency and Foreign Transactions Reporting Act of 1970 (“CFTRA”),

The Federal Deposit Insurance Act (“FDI Act”),

The Securities Exchange Act of 1934 (“Exchange Act”),

The International Emergency Economic Powers Act (“IEEPA”),

The New York State Long-Arm Statute, N.Y. C.P.L.R. § 302(a)(1), as well as various executive orders issued by the Presidents of the United States and the designations of the Office of Foreign Assets Control (“OFAC”) of the U.S. Department of the Treasury (“DoT”).

We have also relied upon certain laws of the United Arab Emirates, specifically Federal Decree Law No. 20 of 2018, on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations (the “UAE AML Law”).

I. OVERVIEW

   In the U.S., when a bank identifies a transaction which raises suspicion, the bank is required to file a suspicious activity report (“SAR”) with the Financial Crimes Enforcement Network (“FinCEN”). A SAR generally contains basic information about the client, the transaction, as well as a short narrative written by those at the bank in charge of identifying financial crimes. There are no hard rules as to what constitutes a “suspicious transaction” therefore different banks have developed their own criteria upon which they rely.  FinCEN analyzes all SARs submitted, identifies those which are deemed noteworthy, and forwards them to the relevant law enforcement authorities, including the Federal Bureau of Investigation (“FBI”) or the local police department in the corresponding region for further investigation. 

II. DOES THE U.S. GOVERNMENT HAVE JURISDICTION OVER  A UAE BANK WITHOUT A BRANCH IN THE U.S.

The short answer is “Yes”

1.Relevant New York State Statutes and Common Law Cases

   The New York State long-arm statute, N.Y. C.P.L.R. §302(a)(1), provides, in relevant part, that “a court may exercise personal jurisdiction over any non-domiciliary . . . who in person or through an agent . . . transacts any business within the state” as long as the “cause of action arise[s] from” that transaction. Thus, a court must decide the following issues: (1) whether a defendant “transacts any business” in New York and, if so, (2) whether the plaintiff’s cause of action “arises from” such a business transaction.

   In a precedent setting Opinion, The New York Court of Appeals (the highest Court in the State of New York) held that a foreign bank submitted to “personal jurisdiction” as a consequence of its intentional and repeated use of New York correspondent bank accounts in connection with a money laundering scheme. Rashid v. Pictet & Cie, Ct. App. N.Y. (November 22, 2016).  Under Rashid, the Court held that in order to maintain a claim against the defendant bank in New York, plaintiff was required to demonstrate that there existed “long-arm” jurisdiction under both New York State and Federal law. In the Rashid case, the Court reasoned that: “the quantity and quality of a foreign bank’s contacts with the correspondent bank must demonstrate more than banking by happenstance.” The court found that the correspondent account was crucial to a course of repeated banking activity and was not merely “adventitious.” Therefore, the correspondent banking activity was sufficient to establish a purposeful course of dealing constituting the transaction of business within the State of New York pursuant to CPLR 302(a)(1).

   Moreover, a purposeful course of dealing must also involve a cause of action where there was an “articulable nexus or substantial relationship between the business transaction and the claim asserted.” The court noted that the claim need only be “in some way arguably connected to the transaction.” In the Rashid case, the money laundering could not have proceeded without the use of the correspondent bank account through which the laundered funds passed and the bribes and kickbacks were paid. Thus, the cause of action arose from contacts with New York.

   Next, the exercise of personal jurisdiction under the New York “long-arm” statute must comport with federal due process requirements. The “minimum contacts” test under federal law rests on whether a defendant’s conduct and connection with New York are such that it should reasonably anticipate “being hailed into a court here”. The Court held that in this case defendant’s maintenance and repeated use of a New York correspondent bank account “to achieve the wrong complained of in this suit satisfies the minimum contacts component of the due process inquiry.” Also, the maintenance of the suit in New York would not “offend traditional notions of fair play and substantial justice” because the “burden of litigation in New York is reduced by ‘modern communication and transportation,'” the complaint implicates the fraudulent use of New York’s banking system of great importance to the State, and New York courts provide plaintiff a greater possibility of relief.

   Additionally, in the 2012, seminal case Licci v. Lebanese Canadian Bank, SAL (N.Y. Nov. 20, 2012), the New York Court of Appeals ruled that maintenance of a correspondent bank account at a financial institution in New York satisfies the “transacting business” requirement of the state’s long-arm jurisdiction statute, NY CPLR 302(a)(1).  The Licci Court further held that international funds transfers processed through a New York correspondent bank constitute a sufficient nexus in order to satisfy the second element of CPLR 302(a)(1), i.e., that plaintiff’s cause of action arises from a NY-based transaction.  

   In summary, a routine practice such as clearing U.S. dollar transactions for non-U.S. customers is sufficient to establish jurisdiction over a non-US bank, even over a foreign bank which does not have branches in the U.S.  

2. U.S. Federal Statutes

   Furthermore, the U.S. Federal District Courts have the authority to exercise jurisdiction over non-U.S. financial institutions if that financial institution maintains a bank account at a bank in the United States.

“(2) Jurisdiction over foreign persons.—For purposes of adjudicating an action filed or enforcing a penalty ordered under this section, the district courts shall have jurisdiction over any foreign person, including any financial institution authorized under the laws of a foreign country, against whom the action is brought, if service of process upon the foreign person is made under the Federal Rules of Civil Procedure or the laws of the country in which the foreign person is found, and—

(A) the foreign person commits an offense under subsection (a) involving a financial transaction that occurs in whole or in part in the United States;

(B) the foreign person converts, to his or her own use, property in which the United States has an ownership interest by virtue of the entry of an order of forfeiture by a court of the United States, or

(C) the foreign person is a financial institution that maintains a bank account at a financial institution in the United States.” (emphasis added)

 In summary, foreign financial institutions which utilize the correspondent banking system in New York, are subject to prosecution in both New York State Courts as well as U.S. Federal Courts, if a claim arise from use of that banking system.

III. PENALTIES FOR VIOLATION OF U.S. LAWS 

1. Fines and Monetary Penalties

   UAE banks with substantial business interests in the U.S., or which maintain funds in U.S. interbank accounts, face considerable civil and criminal law risks if they are deemed by the U.S. authorities to have violated provisions of the AML or OFAC regimes.   Section 353 intensified the issue by increasing civil and criminal penalties for violations of any orders made under the BSA. Civil and criminal penalties were also recently increased for violations of regulations prescribed under Section 21 of the Federal Deposit Insurance Act, and Section 123 of Public Law 91-508. Section 123 of Public Law 91-508 specifies regulations that govern recordkeeping for uninsured banks or institutions, or any other institution defined in 12 U.S.C. § 1953(b), while Section 21 of the Federal Deposit Insurance Act specifies regulations that govern recordkeeping for insured depository institutions.  Furthermore, Section 363 gave the Secretary of the Treasury the authority to issue money penalties in an amount not less than two times the amount of the transaction.

   Penalties can be extreme depending upon the nature of the violation and are increasing in size.  Regulators fined banks a total of US$10 billion in penalties during a 15-month period through the end of 2019, and the figure is expected to increase in 2020². The significant increase in fines imposed during the recent 15-month period demonstrates a considerable escalation in aggressive action being taken by U.S. regulators.  By comparison, the total dollar value of fines for the previous decade, 2008 – 2018 amounted to approximately US$26 billion.

 

2. Seizure of Funds

   Foreign banks deemed by the U.S. authorities to have violated provisions of the AML or OFAC rules risk seizure of funds.  In summary, U.S. regulations provides the Federal Courts exercising long-arm jurisdiction with express authority to issue injunctions, ordering a receiver to take custody of the assets held by a foreign bank under certain circumstances, such as when a foreign bank is involved in money laundering. Assets subject to this authority may be located either inside or outside of the United States.

 

3. Asset Forfeiture

   Furthermore, the U.S. Regulations employs what is considered by many U.S. legal experts to be a “legal fiction”, in order to give U.S. authorities seizure power over the funds of foreign banks held in U.S. interbank accounts. In summary, if the U.S. government believes that illegal proceeds have been deposited in the foreign account of a foreign bank, it will “assume” that those proceeds to have been deposited in an interbank account held in the United States by such foreign bank. The U.S. government then has the authority to seize the funds from the interbank account. The U.S. government need not establish that the funds are directly traceable, in any way, to funds deposited into the foreign financial institution from whose account they were seized.

4. Subpoena Powers

 

   U.S. Regulations authorizes the Secretary of the Treasury and the U.S. Attorney General to subpoena records from any UAE bank which maintains a correspondent account with a U.S. bank. The records must relate to the correspondent account, however they may be held outside the United State and may include information about deposits into the foreign bank. Under U.S. regulations, the U.S. bank that maintains the relevant correspondent account must terminate the account if the foreign bank fails to comply with the subpoena.

 

5. Required Termination of Relationship with Foreign Bank 

   Under U.S. Regulations, if the Secretary of the Treasury determines that a UAE bank has engaged in illegal activities, such as money laundering, it may require U.S. banks to terminate their relationships with such UAE bank. Failures on the part of the U.S. bank to comply will likely result in formal enforcement actions, including substantial civil monetary penalties. Any U.S. bank which fails to terminate a correspondent account at the instruction of the Secretary of the Treasury, is subject to a daily US$10,000 penalty. Additionally, even harsher may be “no growth” restrictions imposed upon banks deemed to be noncompliant. 

   Therefore, UAE banks, including those without a business presence in the U.S. which are party to the U.S. Dollar clearing system, face the risk of being penalized by measures such as asset freeze and seizure/forfeiture, subpoena, penalties, and enhanced supervision if they fail to comply with U.S. AML/CFT regulations or unilaterally imposed financial sanctions. 

   In summary, the U.S. government is extremely aggressive in its extraterritorial reach, and any party which engages in a transaction which “touches” U.S. soil, including movement of funds through a financial institution in the United States, is subject to U.S. prosecution and penalties.

 

IV. ARE NON-U.S. BANKS REQUIRED TO REPORT TO US REGULATORS AND FILE SARs?

   Article 12 CFR §21.11, subsection (a) of the Bank Secrecy Act, entitled “Suspicious Activity Report” states that only U.S. national banks and Federal branches and agencies of foreign banks licensed or chartered by the Office of the Comptroller of the Currency (“OCC”) are required to file SARs.  The relevant code section is reproduced below for your convenience.

(a) Purpose and scope. This section ensures that national banks file a Suspicious Activity Report when they detect a known or suspected violation of Federal law or a suspicious transaction related to a money laundering activity or a violation of the Bank Secrecy Act. This section applies to all national banks as well as any Federal branches and agencies of  foreign banks licensed or chartered by the OCC.

   Although UAE banks without a physical branch in the U.S. are not technically obligated to file SARs with FinCEN, it may still be in the banks best interests to voluntarily comply with reporting requirements to U.S. regulators, for the reasons discussed more fully in Section VI, below.

V. U.A.E. AML LAWS ARE CONSISTENT WITH U.S. AML LAWS

   On October 30, 2018, the UAE issued by Federal Decree, Law No. 20 of 2018 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organizations (the “UAE AML Law”).  The UAE AML Law introduced a number of concepts recommended by the intergovernmental organization Financial Action Task Force (“FATF”) designed to enhance the UAE’s effectiveness in identifying and preventing attempts at money laundering and terror financing. Specifically:

  • Article 1 of the UAE AML Law imposes AML/CFT compliance obligations on all financial institutions. Banks are required to conduct risk-based assessments of their business activities and possible exposure to financial crimes, and to implement adequate preventative systems and controls.
  • Article 2 of the UAE AML Law defines a “perpetrator” of the crime of money laundering and includes as one of the offenses simply “gaining” or “possessing” illegal proceeds (Article 2.1(c)). Moreover, the AML Law states that money laundering offenses are independent of the predicate offense. This means that a conviction of the predicate offense does not preclude the prosecution of a money laundering offense; nor is a conviction of the predicate offense necessary to prove the illegality of the source of proceeds (Articles 2.2 and 2.3).
  • Article 9 of the UAE AML Law requires the creation of an independent Financial Information Unit (“FIU”), to which suspicious activity/transaction reports are to be sent, and which is empowered and able to exchange information with comparable units in other countries (Article 9.2) (emphasis added).
  • Article 14 of the UAE AML Law empowers the authorities to impose continuing reporting obligations on financial institutions, which can be in addition to the levy of administrative penalties, the arrest of responsible individuals, and the disqualification of activities or operations.
  • At Article 15 of the UAE AML Law requires financial institutions to prepare and file promptly with the FIU detailed suspicious activity/transaction reports upon the identification of any plausible reasons to suspect money laundering or terror financing.
  • Article 15 of the UAE AML Law also introduces, for the first time in the UAE, a legal and professional privilege exception to the reporting obligation, applicable to lawyers, notaries, and other legal professionals and independent legal auditors.
  • Articles 18 and 19 of the UAE AML Law requires requests for international cooperation related to money laundering and terror financing to be prioritized and executed urgently (Article 19.1). In particular, local authorities are required to assist with document collection, witness interrogation, and extradition of suspects. Moreover, requests for international cooperation should not be refused if the crime is under investigation and/or prosecution locally as well as internationally (except where cooperation would hinder the local investigation and/or prosecution), or because of confidentiality restrictions on the relevant financial institution (except where the restrictions are imposed by UAE law) (Article 19.2). Notably, the UAE AML Law includes no time bar on the prosecution of money laundering and terror financing.

   The UAE AML law strongly complies with international best practices on financial crime prevention, and are generally consistent with U.S. AML laws, rules and regulations, as discussed herein.  Notwithstanding the foregoing, however, U.S. laws are far more extensive than U.A.E. laws in this area, therefore UAE banks confront a dilemma when they participate in the U.S. Dollar clearing system for payment and settlement of their cross-border transactions.  Specifically, UAE banks are required to comply with regulations and unilateral financial sanctions enforced within the jurisdiction of the U.S., some of which have no direct equivalent in the relevant laws and regulations of the UAE.

   Therefore, UAE banks including those without a business presence in the U.S., which are party to the U.S. Dollar clearing system face the risk of being penalized by measures such as asset freeze and seizure/forfeiture, subpoena, penalties, and enhanced supervision if they fail to comply with U.S. AML/CFT regulations or unilaterally imposed financial sanctions.  We would therefore strongly recommend a detailed analysis of all applicable U.A.E. laws, rules and regulations, including but not limited to privacy/data protection laws, in order to ensure that voluntary compliance with U.S. laws will not result in violation of U.A.E. laws.

 

VI. U.S. JURISDICTION OVER UAE BANKS

   The U.S. government has long employed various strategies and tactics in order to pressure non-U.S. banks to comply with U.S. laws, rules and regulations relating to anti-money laundering, including asset freezes and/or blocks of U.S. Dollar transfers, even transfers occurring outside of its borders. In those situations where the U.S. government cannot directly impose sanctions on foreign financial institutions suspected of money laundering, regulations allow the U.S. government to sanction the intermediaries used by foreign persons and institutions to access U.S. markets.  

   Additionally, funds connected to transactions involving counterparties identified as “risky” are subject to asset seizure and forfeiture procedures in the U.S. if such transactions are reported to, or detected by, the U.S. authorities (irrespective of whether the funds are denominated in AED and kept out of the U.S. clearing sphere). This is due to the legal fiction employed by U.S. authorities according to which such funds are assumed to have been deposited in a correspondent account held in the U.S.

   Therefore, if it is determined by U.S. authorities that a UAE bank engaged in activities which are prohibited by U.S. laws, then U.S. authorities cannot only take action directly against the UAE bank, but can also take action against the correspondent U.S. bank as well.  In such a case, the U.S. correspondent bank can then take action directly against the UAE bank in order to recover any fines, penalties and/or sanctions it is required to pay to the U.S. government, and can file such action in a New York court, which has jurisdiction over the matter.

 

VII. RECOMMENDATIONS TO PROTECT UAE BANKS 

   U.S. laws affecting foreign banks largely center around correspondent account transactions and clearing issues. Foreign banks, including those without branches in the U.S., are subject to U.S. government subpoenas and seizures of funds held in interbank accounts as the U.S. government has significantly increased the tools available to U.S. authorities seeking information about terrorist and money laundering activities.  For these reasons, we recommend the following measure be taken by all UAE banks:

 

1. Mitigating Risk of Action by the U.S. Government against UAE Banks

   Article 31 USC 5311 et. seq., of the BSA establishes recordkeeping and reporting requirements for national banks, federal savings associations, as well as federal branches and agencies of foreign banks. Additionally, the BSA was amended to incorporate the provisions which requires every bank to adopt a customer identification program as part of its BSA compliance program.

   Although UAE banks without branches in the US are technically not required to submit SARs, or to comply with this provision of the BSA, the U.S. government engages in an aggressive approach to enforcing it laws extraterritorially, using a variety of methods and tools including: “long arm statutes”, “legal fictions” as well as threats of seizure of funds, asset forfeitures, required termination of relationships with U.S. banks, and civil and criminal fines and penalties.  For these reasons, we would strongly recommend that UAE bank voluntarily establish, implement and maintain a new, stringent AML program, consistent with both U.S. AML Laws and the U.A.E. AML Law, which at a minimum includes the following: (a) establish internal policies, procedures, and controls designed to guard against money laundering; (b) designate an individual or individuals to coordinate and monitor day-to-day compliance with BSA and AML requirements; (c) implement an ongoing employee training program; (d) establish an independent audit function to test compliance programs; and (e) implement a system of recordkeeping and reporting requirements which are consistent with those obligations imposed upon a foreign bank with branches in the U.S. 

   In addition, we recommend that UAE banks establish appropriate, specific, and risk-based due diligence policies, procedures and controls reasonably designed to detect and report known or suspected money laundering activity.  Furthermore, suspected account should be periodically reviewed to determine that information obtained during due diligence is consistent with the type, purpose, and activity of the account. 

 

2. Mitigating Risk of Action by UAE Bank Customers 

   To mitigate against risk of legal actions by clients of a UAE bank, we recommend that the banks embark on a policy of introducing contractual safeguards in connection with transactions involving risky counterparties. These safeguards consist mainly of contractual clauses that explain to customers various risks and protective measures taken by the bank, including:

  • The potential freeze, seizure, and legal risks faced by a customer insisting on a U.S. Dollar denominated transaction involving a counterparty identified as uncooperative by the U.S.;
  • The indemnity of a UAE bank against any liability charges brought forward by the customer in the event of a freeze or seizure of funds enforced by U.S. authorities in connection with U.S. Dollar denominated transactions involving U.S. blacklisted counterparties; and
  • The right of a UAE bank to have recourse to the customer’s funds in the event of such an enforced freeze or seizure of the bank’s funds maintained in its U.S. correspondent bank account which is related to the customer’s transaction.

   The inclusion of contractual safeguards is also necessary in order to effectively prevent civil law claims and lawsuits in the UAE. In case of an asset freeze and seizure imposed by the U.S. government, a UAE bank could be potentially confronted with liability issues if it is established that the bank, due to gross negligence, failed to inform its customer of the aforementioned risks associated with U.S. Dollar denominated transactions involving U.S. blacklisted counterparties.

 
 
Written Dr. John J. Maalouf – Strategic Partner at Bin Mes’har & Co. 

PRIVACY POLICY

Our website address is: https://www.binmeshar.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements