Tag Archives: Roberto J. Gonzalez

CFPB Issues Final “Open Banking” Rule Requiring Covered Entities to Provide Consumers Access and Transferability of Financial Data

by Jarryd Anderson, Jessica S. Carey, John P. Carlin, Roberto J. Gonzalez, Brad S. Karp, and Kannon Shanmugam

Photos of authors

Top Left to Right: Jarryd Anderson, Jessica Carey, and John Carlin. Bottom Left to Right: Roberto Gonzalez, Brad Karp, and Kannon Shanmugam. (photos courtesy of Paul Weiss)

On October 22, 2024, the Consumer Financial Protection Bureau (“CFPB” or “Bureau”) published a 594-page Notice of Final Rulemaking for its “Personal Financial Data Rights” rule, commonly known as the “Open Banking” rule, which will require covered entities—generally, providers of checking and prepaid accounts, credit cards, digital wallets, and other payment facilitators—to provide consumers and consumer-authorized third parties with access to consumers’ financial data free of charge.[1] Covered entities are required to comply with uniform standards to provide access to this financial data through consumer and developer interfaces.[2] The rule imposes requirements on authorized third parties (such as fintechs), as well as data aggregators that facilitate access to consumers’ data, including required disclosures to consumers regarding the third parties’ use and retention of the requested data and a requirement that the data only be used in a manner reasonably necessary to provide the requested product or service (thus foreclosing selling the data or using it for targeted advertising or cross selling purposes).[3]

Continue reading

FinCEN and BIS Issue Joint Notice Emphasizing That Financial Institutions Should Monitor for Possible Export Control Violations

by Jessica S. CareyJohn P. Carlin, Roberto J. Gonzalez, Brad S. KarpRichard S. ElliottDavid Fein, David KesslerNathan Mitchell, and Jacobus J. Schutte

photos of the authors

Top left to right: Jessica S. Carey, John P. Carlin, Roberto J. Gonzalez, Brad S. Karp, and Richard S. Elliott.              Bottom left to right: David Fein, David Kessler, Nathan Mitchell, and Jacobus J. Schutte. (Photos courtesy of Paul, Weiss, Rifkind, Wharton & Garrison LLP)

On November 6, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) jointly issued a notice (the “Notice”) announcing a new Suspicious Activity Report (“SAR”) key term, “FIN-2023-GLOBALEXPORT,” that financial institutions should reference when reporting potential efforts by individuals or entities seeking to evade U.S. export controls.[1]

Continue reading

CFPB Issues Policy Statement Taking Expansive View of “Abusive” Practices

by Susanna M. Buergel, Roberto J. Gonzalez, Brad S. Karp, Loretta E. Lynch, Elizabeth M. Sacksteder, Kannon K. Shanmugam, Alexander Beer, and O’Ryan H. Moore

Author photographs

Top row from left to right: Susanna M. Buergel, Roberto J. Gonzalez, Brad S. Karp, and Loretta E. Lynch. Bottom row from left to right: Elizabeth M. Sacksteder, Kannon K. Shanmugam, Alexander Beer, and O’Ryan H. Moore (Photos courtesy of Paul, Weiss, Rifkind, Wharton & Garrison LLP)

On April 3, 2023, the Consumer Financial Protection Bureau (“CFPB”) released a policy statement (the “Policy Statement”) outlining its broad interpretation of the “abusive” component of the prohibition on unfair, deceptive, or abusive acts and practices (“UDAAP”).[1] The Policy Statement replaces a prior statement that adopted a restrained posture towards enforcing the prohibition on abusive acts and practices, which the CFPB rescinded in March 2021.[2]

Continue reading

DOJ and FinCEN Take Coordinated Action Against Bitzlato Cryptocurrency Exchange and Its Owner

by Jessica S. Carey, John P. Carlin, Roberto J. Gonzalez, David Kessler, and Simona Xu.

Photographs of post authors

From left to right: Jessica S. Carey, John P. Carlin, Roberto J. Gonzalez, David Kessler, and Simona Xu.

On January 18, 2023, federal authorities in Miami arrested Anatoly Legkdymov, founder and majority owner of Bitzlato Ltd, a peer-to-peer, global cryptocurrency exchange registered in Hong Kong. Bitzlato had processed approximately $4.58 billion worth of cryptocurrency transactions since May 3, 2018.[1] Legkdymov was charged by a complaint in the Eastern District of New York (“EDNY”) with knowingly conducting a money transmitting business that transmitted illicit funds for ransomware actors in Russia and failing to implement an effective anti-money-laundering (“AML”) program. On the same day, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued an order pursuant to Section 9714(a) of the Combating Russian Money Laundering Act[2] — the first one of its kind — identifying Bitzlato as a “primary money laundering concern” and prohibiting U.S. financial institutions from transacting with Bitzlato, effective on February 1, 2023 (the “Bitzlato Order”).[3] Concurrently, law enforcement authorities in Europe shut down Bitzlato’s digital platform, hosted on servers in France, seized $19.5 million of its cryptocurrency assets and arrested four more Bitzlato executives in Cyprus and Spain.[4]

Continue reading

OFAC Enforcement Action Against U.S. Payments Company Shows the Importance of Robust Sanctioned Person and Location Screening

by Jessica S. Carey, Christopher D. Frey, Michael E. GertzmanRoberto J. GonzalezBrad S. Karp, Richard S. ElliottRachel Fiorill, and Joshua R. Thompson

On July 23, 2021, the U.S. Department of the Treasury’s Office of Assets Control (“OFAC”) announced a $1,400,301 settlement agreement with a New York-based online money transmitter and provider of prepaid access, Payoneer Inc. (“Payoneer”), to resolve 2,260 apparent violations of multiple OFAC sanctions programs.[1]  OFAC determined that Payoneer’s sanctions compliance program—in particular its sanctioned person and location screening procedures—had several deficiencies that allowed persons located in sanctioned jurisdictions and persons on OFAC’s Specially Designation Nationals and Blocked Persons List (the “SDN List”) to engage in approximately $802,117 worth of transactions via Payoneer’s services. Continue reading

NYDFS Fines First Unum and Paul Revere Insurance Companies $1.8 Million for Violations Arising Out of Data Breaches

by H. Christopher Boehning, Michael E. Gertzman, Roberto J. Gonzalez, Jeannie S. Rhee, Richard C. Tarlowe, Steven C. Herzog, and Cole A. Rabinowitz 

On May 13, 2021, the New York Department of Financial Services (“NYDFS”) announced a consent order with First Unum Life Insurance Company of America (“First Unum”) and Paul Revere Life Insurance Company (“Paul Revere”) (collectively the “Companies”), which imposed a $1.8 million penalty for violations of NYDFS’s Cybersecurity Regulation (23 NYCRR 500) (“Part 500”), including false certifications of compliance under 23 NYCRR 500.17. Continue reading

DOJ Announces First False Claims Act Settlement with Borrower and Its CEO for PPP Fraud

by Jessica S. Carey, Michael E. Gertzman, Roberto J. Gonzalez, Loretta E. Lynch, Carl L. Reisner, Jeannie S. Rhee, Richard C. Tarlowe, Jacob A. Braly, and Dana L. Kennedy

On January 12, 2021, the U.S. Attorney’s Office for the Eastern District of California announced the first civil settlement with a borrower for allegedly committing fraud in obtaining a Paycheck Protection Program (PPP) loan, in violation of the False Claims Act (FCA) and the Financial Institutions Reform, Recovery and Enforcement Act (FIRREA).[1] DOJ alleged that the borrower, SlideBelts Inc., and its president and CEO falsely stated in their PPP applications that the company was not “presently involved in any bankruptcy,” which was a condition of PPP eligibility.[2] The settlement was for $100,000, and the company also previously repaid the $350,000 PPP loan. Continue reading

Update on Communist Chinese Military Companies (CCMCs) Sanctions (Part II of II)

by H. Christopher Boehning, Jessica S. Carey, Christopher D. Frey, Michael E. Gertzman, Roberto J. Gonzalez, Brad S. Karp, Xiaoyu Greg Liu, Richard S. Elliott, Rachel M. Fiorill, and Karen R. King

In response to the Trump administration’s CCMC sanctions (discussed in Part I of this post), the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) has released additional guidance and its first two general licenses. The U.S. Department of Commerce also responded to the sanctions; it published on December 21, 2020 the first ever Military End User List pursuant to the Export Administration Regulations as well as a warning that exports to CCMCs will raise red flags and require due diligence. Continue reading

Update on Communist Chinese Military Companies (CCMCs) Sanctions (Part I of II)

by H. Christopher Boehning, Jessica S. Carey, Christopher D. Frey, Michael E. Gertzman, Roberto J. Gonzalez, Brad S. Karp, Xiaoyu Greg Liu, Richard S. Elliott, Rachel M. Fiorill, and Karen R. King

On November 12, 2020, President Trump issued an Executive Order titled “Addressing the Threat from Securities Investments that Finance Communist Chinese Military Companies” (the “Order”), which went into effect on January 11, 2021 (after a 60-day grace period).[1] The Order prohibits U.S. persons[2] from engaging in transactions in publicly traded securities (or any securities that are derivative or otherwise designed to provide investment exposure to such publicly traded securities) of any identified “Communist Chinese Military Companies” (“CCMCs”). In the Order, President Trump cited the national security threat posed by the People’s Republic of China’s (the “PRC”) national strategy of Military-Civil Fusion, and, specifically, the threat posed by PRC companies that sell securities to U.S. investors and then invest this capital to finance the development and modernization of the Chinese military. Continue reading

United States Imposes Sanctions on Turkey under CAATSA Section 231 for Purchase of Russian Missile System

by H. Christopher Boehning, Jessica S. Carey,  Christopher D. Frey, Michael E. Gertzman, Roberto J. Gonzalez, Brad S. Karp, Mark F. Mendelsohn, Richard S. Elliott, Rachel Fiorill, Karen R. King, and Maria E. Eliot

On December 14, 2020, the U.S. imposed sanctions on the Republic of Turkey’s Presidency of Defense Industries (“SSB”) pursuant to Section 231 of the Countering America’s Adversaries Through Sanctions Act (“CAATSA”), which mandates the imposition of sanctions against non-U.S. persons who conduct “significant” transactions with Russia’s defense or intelligence sectors.[1] The U.S. State Department determined that SSB’s acquisition of a Russian S-400 surface-to-air missile from Rosoboronexport (“ROE”) qualified as a significant transaction under Section 231. Continue reading