Irish Police: Reported Money Laundering Crimes in Ireland More Than Doubled Since 2019

Over the past five years, Ireland has shown that it is dedicated to combating money laundering and terrorist financing.  On the Basel Institute of Governance’s AML Index, Ireland is ranked 106, which compares favorably with the United States (100) and the United Kingdom (116).  As a European Union Member State, it has transposed EU anti-money laundering (AML) directives into national law, most recently in the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021, which was just signed into law.  In addition, on April 19 the Irish Minister of Justice, Helen McEntee, issued a 22-point cross-government plan to address economic crime and corruption that would include capacity-building to combat money laundering and other economic crime.

A recent Irish Times article, however, contains several indications of the challenges that Ireland continues to face in rooting out money laundering.  According to information from An Garda Síochána (Garda), the Irish national police force:

  • The number of money laundering crimes recorded in Ireland in 2020 (524) more than doubled from 2019 (234), and increase more than 630 percent from 2018 (83).   Police believe that some of that increase “related to drug gangs being forced to pursue higher-risk money-laundering strategies because the cash businesses they usually run cash through were closed or operating with reduced cashflows due to the Covid-19 pandemic.”
  • In 2020, Dutch banks filed with the Garda and Irish Revenue Commissioners 28,865 suspicious transaction reports (STRs), which often relate to money laundering — an increase of 13 percent over the total STR filed in 2019s.
  • These trends “reflect the changing face of crime in Ireland, more of which is taking place online, and a culture shift in policing with extra resources being dedicated to white-collar and cyber crime.”  The Garda also reported “a significant surge in cyber frauds, which are often based on scam emails and texts being sent to unsuspecting victims.”

In addition, Garda detectives said that “there was now a major focus on investigating money-laundering by drug dealers and organised crime gangs in addition to their more traditional activities.”

These developments strongly indicate that the Government’s 22-point plan needs to be implemented in ways that provide the Garda’s National Economic Crime Bureau and the Dutch Office of the Director of Public Prosecutions with appropriate resources and training dedicated to money laundering investigation and prosecutions, as well as effective information-exchange mechanisms to facilitate information sharing between Dutch law enforcement and regulatory agencies for money laundering enforcement.  As money laundering organizations have become increasingly sophisticated and complex in their techniques, including trade-based money laundering and greater use of technology to facilitate international funds transfers, Irish authorities will need to keep pace if they are to identify and pursue such organizations successfully.

London School of Economics Received £350,000 in Cash from Students in 2015-2019

Since 2019, a series of media reports have highlighted the fact that universities in Canada and the United Kingdom have been willing to accept cash payments from ostensible students for student fees, despite the risk that accepting such payments could implicate those universities in possible money laundering activity.  In the United Kingdom’s case, an investigation by The Times found that at least 49 British universities let students use banknotes to pay £52 million in fees.

A new report yesterday by The Times disclosed that a leading United Kingdom university, the London School of Economics (LSE), accepted £350,000 in cash from students between 2015 and 2019 despite the risks of association with money laundering.  Although other United Kingdom universities accepted larger amounts of cash from students between 2015 and 2019 – notably Queen Mary University of London, which took in £7 million, and Teesside University, which took in £1.2 million – LSE had been the target of substantial criticism in 2011 when it accepted a £1.5 million donation from a son of the late Libyan dictator Muammar Qaddafi for training “future leaders” of the Libyan government.

An LSE spokesperson stated that “LSE stopped accepting cash as a form of payment for tuition from summer 2019,” and “has a robust ethics code and process for all potential grants and donations, which is kept under regular review.”  Nonetheless, Members of Parliament on the Education Select Committee reportedly called “for a complete ban on higher education institutions taking cash.”

In view of these continuing revelations, there is no point in any university, whether in the United Kingdom or elsewhere, continuing to allow students to pay cash for tuition or, for that matter, any university service other than de minimis cash purchases of meals or incidentals.  No college or university needs to take the risk of becoming a conduit for criminal proceeds, and it can only ease the compliance obligations of universities to refrain from accepting any amounts of cash that could be reportable under anti-money laundering regulations.

U.S. Department of Justice Creates Ransomware Task Force

Since its initial appearance “in the wild” in 1989, ransomware has become what one analysis called “one of the most intractable — and common — (cybercrime) threats facing organizations across all industries and geographies.”  State actors and other cybercriminals behind ransomware attacks have made highly effective use of what Crowdstrike termed “increasingly damaging tactics, techniques and procedures”, even as various stakeholders have failed to adapt to and remain abreast of those tactics, techniques, and procedures.

U.S. and other law enforcement authorities have had isolated, through often significant, successes against ransomware.  For example, on January 27, 2021, eight countries collaborated in disrupting the infrastructure of the Emotet botnet, which cybercriminals frequently used to disseminate ransomware and other types of malware.  That same day, the U.S. Department of Justice announced that it had successfully disrupted NetWalker, a sophisticated form of ransomware-as-a-service, and charged a Canadian national in relation to NetWalker attacks.

Isolated successes, however, have failed to stem the problem.  There is certainly no lack of relevant expertise in the Department’s Computer Crime and Intellectual Property Section and United States Attorneys’ Offices across the country, as well as the FBI and the United States Secret Service, to investigate ransomware operations.  What the Department has lacked to date are a comprehensive anti-ransomware strategy and sufficient resources to combat the ransomware threat in accordance with that strategy.

That state of affairs may be changing.  On April 21, the Wall Street Journal reported that the Justice Department has formed a task force “to curtail the proliferation of ransomware cyberattacks.”  The task force’s basic approach is to target the “the entire digital ecosystem” that supports such attacks.

In an internal Department memorandum issued last week, Acting Deputy Attorney General John Carlin reportedly said that ransomware poses not just an economic threat to businesses but “jeopardizes the safety and health of Americans.”  The memorandum also indicated that the task force “will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, and work to identify ‘links between criminal actors and nation-states’.”

The principal issue for federal prosecutors and agents will not be identifying in broad terms which state actors and cybercriminals are behind specific ransomware attacks.  Law enforcement agencies and cybersecurity firms are already well aware of specific state actors and cybercriminal groups, such as the North Korean Lazarus Group and the Chinese organization APT 41, that have been successfully using ransomware.

There are two more critical questions for the Department in implementing its anti-ransomware strategy.  The first will be whether it can locate key ringleaders of the leading ransomware organizations, amass enough evidence to tie those ringleaders to specific cyberattacks, and secure their extradition to the United States.  If those ringleaders are based inside authoritarian regimes that have shown political hostility to the United States, the best that the Justice Department may be able to do in this Administration, as it did in the Trump Administration, is to obtain indictments that “name and shame” individual participants in a cybercrime organization within countries such as China and Russia, with no realistic hope of obtaining their extradition.  Ringleaders in third countries may be more reachable, although much will depend on timely cooperation by numerous governments to obtain the necessary evidence.

The second question will be whether the Department can persuade entities in both the private and public sectors – and not just corporate cybersecurity teams within those organizations – to take more stringent measures to safeguard their operations from ransomware attacks.  While chief information security officers and chief security officers recognize the magnitude of the threat that ransomware poses to their organizations, the increased incidence and prevalence of ransomware attacks indicate how far behind companies and government agencies are in responding to that threat.

U.S. Supreme Court Holds That Federal Trade Commission Lacks Authority to Seek Restitution or Disgorgement

As the principal federal agency responsible for consumer protection, the Federal Trade Commission has long relied on the use of equitable remedies, such as restitution for injured consumers and disgorgement of unjust enrichment, as part of its arsenal to combat fraudulent and deceptive practices.   In enforcing its “Do Not Call” Registry against telemarketing operations, for example, the FTC’s resolutions of enforcement actions resulted in $112 million in restitution or disgorgement – nearly two-thirds as much as the more than $178 million that the FTC recovered in civil penalties.

On April 22, the U.S. Supreme Court, in AMG Capital Management LLC v. Federal Trade Commission, unanimously held that section 13(b) of the Federal Trade Commission (FTC) Act, which authorizes the FTC to seek permanent injunctions, does not authorize the FTC to seek, or a court to award, equitable monetary relief such as restitution or disgorgement.  Justice Breyer, writing for the Court, stated that while “the Commission presently uses §13(b) to win equitable monetary relief directly in court with great frequency,” the language of section 13(b) contained no language explicitly authorizing the Commission to obtain such relief directly from courts.

Justice Breyer took note of sections 5(l) and 19 of the Act, which gives federal district courts explicit authority to impose limited monetary penalties and to award monetary relief in cases where the Commission has engaged in administrative proceedings (i.e., issued cease and desist orders).  He contrasted those sections with section 13(b), which lacked such explicit authorizing language.  He noted that Congress “likely did not intend for §13(b)’s more cabined ‘permanent injunction’ language to have similarly broad scope.”

In his conclusion, Justice Breyer observed that nothing that the Court’s opinion said

“prohibits the Commission from using its authority under §5 and §19 to obtain restitution on behalf of consumers. If the Commission believes that authority too cumbersome or otherwise inadequate, it is, of course, free to ask Congress to grant it further remedial authority.  Indeed, the Commission has recently [in 2020] asked Congress for that very authority, . . . and Congress has considered at least one bill that would do so . . . .”

The Court’s decision undoubtedly came as a blow to the FTC.  Even so, there is reason to expect that Congress will respond to the decision by amending the FTC Act to provide specific textual language to authorize restitution and disgorgement.  The FTC’s use of restitution is popular with the general public, and the Biden Administration is certain to support such remedial language to reinforce the FTC’s consumer protection authority.

Russian Antitrust Regulator Initiates Proceedings Against Yandex, Google

Since 2019, a growing number of countries have set their sights on reining in the allegedly anticompetitive practices of Big Tech companies.  The United States has been conducting investigations and filing suit against multiple leading technology companies, the European Union and the United Kingdom announced proposed legislation to open such companies up to greater competition, and China sanctioned Chinese technology companies Alibaba, Tencent, ByteDance, Baidu, and Didi for anti-monopoly violations.

The latest country to enter the lists against Big Tech is Russia.  Within the past week, the Russian Federal Antimonopoly Service announced that it was taking action against two major technology companies for alleged competition law violations.

First, on April 13, the FAS announced that it had initiated a case against the Russian technology company Yandex for allegedly discriminatory conditions in the web search market.  The FAS stated that in February 2021, it had warned Yandex “to ensure equal conditions for the demonstration of the services on the pages of search engines, including market participants and competitors of the Yandex group,” and set a deadline of April 1.  Although Yandex reportedly requested additional time in April to respond to the accusations, the FAS chose not to grant that time.

The FAS said that as part of its consideration of the case, it would “investigate possible anticompetitive practices for promoting the services of the Yandex group in search results, as well as assess the consequences that such practices have led to (could lead to).”   it would investigate possible anti-competitive practices by Yandex and assess the consequences of those practices. It also noted that Yandex could be subject to a turnover-based fine if the FAS finds evidence that the company was restricting competition.

Second, on April 19, the FAS announced that it had initiated a case against Google for allegedly abusing of its dominant market position in YouTube video hosting services.  The FAS stated that the basis for its investigation was a complaint by the Regional Public Organization “Center for Internet Technologies” (ROCIT) about “Google’s actions of sudden blocking, deleting user accounts and content on the YouTube video hosting.”  It also said that it

has established that the rules related to the formation, suspension, blocking of accounts and the circulation of user content on YouTube are non-transparent, non-objective and unpredictable. This leads to sudden blocking and deletion of user accounts without warning and justification of actions. The FAS Russia believes that such behavior may lead to infringement of the interests of users, as well as to restriction of competition in related markets.

It also stated that as part of its consideration of the case, it “will assess the actions of Google LLC and consequences for users and content creators.”

Antitrust and competition compliance teams at technology companies doing business in Russia should regard the FAS actions with concern.  These proceedings should be viewed against the backdrop of last month’s actions by Russian authorities against Facebook, Google, Telegram, TikTok, and Twitter, for failing to delete posts urging children to take part in allegedly illegal protests of the imprisonment of Russian anti-corruption activist Alexei Navalny.

The fines against several of the companies in the March proceedings would be miniscule.  Nonetheless, there should be no doubt that the interests of Russian President Vladimir Putin and the Russian government extend well beyond promoting fair competition by technology companies.  A government committed to the speedy imprisonment of Navalny and mass arrests of protestors supporting Navalny can be counted on to exert systematic pressure on technology companies to bend to the government’s will, including suppression of free speech and criticism that those companies facilitate.

In a February 2021 meeting with U.S. Secretary of State Antony Blinken, Russian Foreign Affairs Minister Sergei Lavrov publicly insisted on “the need to respect (Russia’s) legislation and judicial system.”  Technology companies should expect that the Russian government will seek to compel that respect from them in matters extending well beyond competition law.