Monthly Regulatory Summary (May 2025)
As the regulatory landscape is constantly evolving, Compliance Risk Concepts (“CRC”) is issuing its monthly review and summary of various FINRA, SEC, NFA, and FinCEN publications to assist our clients in keeping abreast of notable regulatory developments and deadlines in an effort to strengthen their compliance and regulatory initiatives.
Regulatory Notices
There were no Regulatory Notices in May.
Final Rules
There were no final rules in May.
Proposed Rules
There were no proposed rules in May.
Interim Final Rules
There were no interim final rules in May.
Interpretive Releases
There were no interpretive releases in May.
There were no policy statements in May.
Notices to Members
There were no Notices to Members in May.
NFA News Releases
May 29, 2025
NFA orders New York, N.Y. retail foreign exchange dealer OANDA Corporation to pay a $600,000 fine
May 29, Chicago—NFA has ordered OANDA Corporation (OANDA), an NFA Member retail foreign exchange (forex) dealer and futures commission merchant headquartered in New York, N.Y., to pay a $600,000 fine.
The Decision, issued by NFA's Business Conduct Committee (BCC), is based on a Complaint issued by the BCC and a settlement offer submitted by OANDA, in which the firm neither admitted nor denied the allegations in the Complaint.
The BCC charged OANDA with failing to increase the firm's net capital by 10% of all liabilities owed to an eligible contract participant counterparty, improperly offsetting the foreign currency exposure on transactions executed with an affiliate to determine net capital positions and required capital deductions, and failing to collect required security deposits from an affiliate on its forex transactions with the firm, which resulted in OANDA failing to maintain minimum net capital. As a result, the BCC charged OANDA with violations of NFA Financial Requirements Sections 11(a), 11(c) and 12(a).
The BCC also charged OANDA with failing to collect the correct security deposits from customers for certain transactions, in further violation of NFA Financial Requirements Section 12(a), failing to observe just and equitable principles due to a pricing display issue that affected certain customers, using deficient promotional material, and failing to supervise, in violation of NFA Compliance Rules 2-36(c), 2-36(g) and 2-36(e), respectively.
In its Decision, the BCC found that OANDA violated NFA Financial Requirements Sections 11(a), 11(c) and 12(a), and NFA Compliance Rules 2-36(c), 2-36(g) and 2-36(e). The BCC also ordered OANDA to pay restitution to certain customers, in addition to the monetary fine.
The complete text of the Complaint and Decision can be viewed on NFA's website.
May 29, 2025
NFA orders Chicago, Ill. futures commission merchant NinjaTrader Clearing LLC to pay a $250,000 fine
May 29, Chicago—NFA has ordered NinjaTrader Clearing LLC (NinjaTrader) to pay a $250,000 fine. NinjaTrader is an NFA Member futures commission merchant in Chicago, Ill.
The Decision, issued by an NFA Hearing Panel, is based on a Complaint issued by NFA's Business Conduct Committee (BCC) and a settlement offer submitted by NinjaTrader, in which the firm neither admitted nor denied the allegations in the Complaint. The BCC alleged that NinjaTrader failed to implement an adequate anti-money laundering program, in violation of NFA Compliance Rule 2-9(c), and failed to supervise, in violation of NFA Compliance Rule 2-9(a).
In its Decision, the Hearing Panel found that NinjaTrader violated NFA Compliance Rules 2-9(a) and (c).
The complete text of the Complaint and Decision can be viewed on NFA's website.
FinCEN News Releases
FinCEN Issues Alert on Oil Smuggling Schemes on the U.S. Southwest Border Associated with Mexico-Based Cartels
May 01, 2025
Today, the Financial Crimes Enforcement Network (FinCEN) is issuing an Alert in coordination with the Department of the Treasury's Office of Foreign Assets Control (OFAC) and the U.S. Drug Enforcement Administration, Federal Bureau of Investigation, and Homeland Security Investigations, urging financial institutions to be vigilant in detecting, identifying, and reporting suspicious activity connected to the Jalisco New Generation Cartel (CJNG), Sinaloa Cartel, Gulf Cartel, and other Mexico-based transnational criminal organizations smuggling stolen crude oil from Mexico across the U.S. southwest border into the United States. In recent years, fuel theft in Mexico, including crude oil smuggling, has become the most significant non-drug illicit revenue source for the Cartels. According to U.S. law enforcement authorities, the Cartels are using complicit Mexican brokers in the oil and natural gas industry to smuggle and sell crude oil stolen from Mexico’s Petróleos Mexicanos (Pemex) to complicit, small U.S.-based oil and natural gas companies operating near the U.S. southwest border. As part of these schemes, the Cartels are stealing billions of dollars of crude oil, fueling rampant violence and corruption across Mexico, and undercutting legitimate oil and natural gas companies in the United States.
FinCEN's Alert provides an overview of methodologies and financial typologies associated with the Cartels’ oil smuggling operations, highlights red flag indicators, and reminds financial institutions of their reporting requirements under the Bank Secrecy Act. This Alert was issued concurrently with an OFAC sanctions action against Mexican individuals and companies linked to CJNG’s fuel theft and oil smuggling operations on the U.S. southwest border.
FinCEN Alert (FIN-2025-Alert002): https://www.fincen.gov/sites/default/files/shared/FinCEN-Alert-Oil-Smuggling-FINAL-508C.pdf
Treasury Press Release: https://home.treasury.gov/news/press-releases/sb0125
FinCEN Finds Cambodia-Based Huione Group to be of Primary Money Laundering Concern, Proposes a Rule to Combat Cyber Scams and Heists
May 01, 2025
WASHINGTON — Today, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a finding and notice of proposed rulemaking (NPRM) pursuant to Section 311 of the USA PATRIOT Act that identifies Cambodia-based Huione Group as a financial institution of primary money laundering concern and proposes to sever its access to the U.S. financial system.
Huione Group serves as a critical node for laundering proceeds of cyber heists carried out by the Democratic People’s Republic of Korea (DPRK), and for transnational criminal organizations (TCOs) in Southeast Asia perpetrating convertible virtual currency (CVC) investment scams, commonly known as “pig butchering” scams, as well as other types of CVC-related scams. Given the money laundering risk posed by Huione Group, FinCEN is proposing to prohibit U.S. financial institutions from opening or maintaining correspondent or payable-through accounts for or on behalf of Huione Group.
“Huione Group has established itself as the marketplace of choice for malicious cyber actors like the DPRK and criminal syndicates, who have stolen billions of dollars from everyday Americans,” said Secretary of the Treasury Scott Bessent. “Today’s proposed action will sever Huione Group’s access to correspondent banking, degrading these groups’ ability to launder their ill-gotten gains. Treasury remains committed to disrupting any attempt by malicious cyber actors to secure revenue from or for their criminal schemes.”
As described in the NPRM, for years, Huione Group has laundered proceeds of CVC scams, including CVC investment scams, and heists. Huione Group has set up a network of businesses, each playing a different role in its money laundering enterprise, that includes Huione Pay PLC, a payment services institution; Huione Crypto, a virtual assets service provider (VASP); and Haowang Guarantee, an online marketplace offering illicit goods and services. This network offers services ranging from an online marketplace selling items useful for carrying out cyber scams, to payment services in fiat currency and CVC frequently used for money laundering, as well as a recently developed stablecoin. FinCEN’s investigation identified that, in aggregate, Huione Group laundered at least $4 billion worth of illicit proceeds between August 2021 and January 2025. Of the $4 billion worth of illicit proceeds, FinCEN found that Huione Group laundered at least $37 million worth of CVC stemming from DPRK cyber heists, at least $36 million from CVC investment scams, and $300 million worth of CVC from other cyber scams.
The risks presented by Huione Group’s association with illicit actors and transactions linked to illicit activity are compounded by either an absence of, or ineffective, anti-money laundering/know your customer (AML/KYC) policies and procedures among Huione Group’s components. Despite publicly available information describing the use of Huione Group’s various services by TCOs for scam activity, none of the three Huione Group components had published AML/KYC policies. Huione Group itself has even recognized this deficiency, detecting that the company’s KYC capabilities were seriously insufficient after failing to identify that one of its components indirectly received funds from a DPRK heist.
The NPRM is available here. Written comments on the NPRM may be submitted within 30 days of publication of the NPRM in the Federal Register.
FinCEN Exceptive Relief to Financial Institutions Regarding Commercial Bank of Syria
May 23, 2025
FinCEN Exceptive Relief to Financial Institutions Regarding Commercial Bank of Syria
Treasury Issues Immediate Sanctions Relief for Syria
On May 27, 2025, the SEC’s Division of Investment Management announced it will host the third annual Conference on Emerging Trends in Asset Management on Thursday, June 5, 2025. The conference will bring together a variety of asset management industry participants, regulators, and academics to discuss emerging trends in asset management. The full agenda, with a list of speakers, is available at the conference’s webpage.
Conference sessions will include:
SEC Commissioner Hester Peirce, Investment Management Division Director Natasha Vij Greiner, division staff, and panelists from outside the SEC will participate in the conference.
The conference is open to the public both in person at SEC Headquarters and via live webcast at www.sec.gov from 9 a.m. to 4:15 p.m. ET. Individuals planning to attend the conference in person should register, but registration is not necessary for those attending virtually. The conference will be archived on SEC.gov for later viewing.
We believe that staying informed is critical to a proactive regulatory compliance program, but we appreciate the challenge of balancing this commitment with day-to-day business execution, particularly in a period of heightened regulatory flux and quickly shifting political priorities. CRC staff can serve as overflow executives, acting as an extension of your in-house team to review and ensure compliance is working properly, manage spikes in workload or address under-served areas of the business.
For more information, please contact:
Mitch Avnet
p. (646) 346-2468
David Amster
p. (917) 568-6470
Sources:
