InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Buckley Sandler Insights: FinCEN updates FAQs regarding customer due diligence requirements for financial institutions
On April 3, the Financial Crimes Enforcement Network released an update to its FAQs in advance of the upcoming Customer Due Diligence Requirements for Financial Institutions final rule (issued in 2016 and amended last September for various technical corrections) that goes into effect May 11. As previously covered in InfoBytes, the final rule imposes standardized customer due diligence (CDD) requirements under the Bank Secrecy Act for covered financial institutions and requires financial institutions to identify and verify beneficial owners of legal entity customers, subject to certain exclusions and exemptions. The supplemental FAQs (see InfoBytes coverage on an earlier set of FAQs issued in 2016) assist covered financial institutions in understanding the scope of their CDD requirements, as well as the CDD rule’s impact on broader anti-money laundering (AML) program obligations, and cover a broad range of interpretations including the following:
- Question 1 specifies covered financial institutions will satisfy the requirements to identify and verify beneficial owners of legal entity customers by collecting and verifying the identity of individuals who directly or indirectly own 25 percent or more of the equity interests in a legal entity customer, as well as “one individual who has managerial control of a legal entity customer.” However, they may choose to implement stricter written internal policies and procedures and expand their information collection to include more than one individual with managerial control or persons owning a lower percentage of equity interests.
- Question 3 clarifies that covered financial institutions may reasonably rely on a legal entity customer to provide the identities of individuals who satisfy the definition of beneficial ownership, whether indirectly or directly, and “need not independently investigate the legal entity customer’s ownership structure.”
- Question 7 states that for existing customers, a covered financial institution may rely on information in its possession subject to its Customer Identification Program (CIP) to fulfill the beneficial ownership identification and verification requirements, “provided the existing information is up-to-date, accurate, and the legal entity customer’s representative certifies or confirms (verbally or in writing) the accuracy of the pre-existing CIP information.”
- Question 10 states that if a legal entity customer opens multiple accounts, the covered financial institution may rely on information obtained from a previously issued certification form (or equivalent), provided the legal entity customer certifies or confirms—verbally or in writing—that such information is up-to-date and accurate at the time each subsequent account is opened. Records of such certification or confirmation must also be maintained.
- Question 12 confirms that covered financial institutions seeking to renew a loan or roll over a certificate of deposit must treat these as new accounts and require their legal entities customers to certify or confirm beneficial owners, “even if the legal entity is an existing customer.”
- Question 18 stipulates that covered financial institutions are not required to identify and verify the identity of beneficial owners that own 25 percent or more of the equity interests of a pooled investment vehicle, whether or not such vehicle is managed by a “financial institution,” due to the typical fluctuation of ownership. However, Question 18 notes that covered financial entities must collect beneficial ownership information for an individual who has significant control or management over the vehicle as required under the control prong to comply with the CDD rule.
- Question 19 concerns trusts overseen by multiple trustees and states that in circumstances where a trust owns 25 percent or more of the equity interests of a legal entity customer, covered financial institutions are required, at a minimum, to collect beneficial ownership information on a single trustee but may choose to identify additional co-trustees based on risk assessment or a risk profile.
- Question 21 specifies that a covered financial institution may rely on information provided by a legal entity customer to determine eligibility for exclusion from the definition of a legal entity customer, provided the financial institution has no knowledge of facts that would reasonably call into question the reliability of such information. Covered financial institutions should also ensure that their risk-based written policies and procedures address and specify the type of information to be used when reasonably determining exclusion eligibility.
- Question 28 stipulates which non-U.S. governmental entities qualify for exclusion from the definition of a legal entity customer. It specifies that state-owned enterprises that engage in profit-seeking activities, such as sovereign wealth funds, airlines, and oil companies, are not excluded from the definition of a legal entity.
- Questions 29-31 provide guidance on account level beneficial owner exceptions related to (i) point of sale products for certain low-risk retail credit accounts; and (ii) certain equipment finance and lease accounts with low money laundering risks. Question 31 also stipulates that an equipment lease and purchase exemption would apply in circumstances where a customer leases necessary equipment directly from a covered financial institution.
- Questions 32-33 provide guidance on circumstances where beneficial ownership information should be aggregated for purposes of complying with Currency Transaction Report (CTR) requirements, and state that “absent indications that the businesses are not operating independently . . . , financial institutions should not aggregate transactions involving those businesses with those of each other or with those of the common owner for CTR filing.” Furthermore, covered financial institutions are generally not required to list beneficial owners on a CTR.
- Question 35 specifies what information covered financial institutions should collect and consider as part of on-going CDD when developing customer risk profiles. Specifically, covered financial institutions should develop an understanding of the “nature and purpose of a customer relationship,” and review information obtained at the opening of an account such as type of customer, account, service, or product.
FinCEN Launches New Exchange to Enhance Information Sharing
On December 4, the Financial Crimes Enforcement Network (FinCEN) announced the release of the “FinCEN Exchange” program, which establishes regular briefings between FinCEN, law enforcement, and financial institutions to share high-priority information regarding potential national security threats and illicit financial transactions. Although private sector participation in the program is voluntary, FinCEN encourages involvement because the briefings may help financial institutions better identify risks and incorporate appropriate information into Suspicious Activity Reports (SARs). In addition, FinCen’s receipt of information will support its efforts to combat financial crimes, including money laundering.
The CDD Rule became effective on July 11, 2016, and member firms must comply by May 11, 2018. FINRA advises members firms to consult the CDD Rule, along with FinCEN's related FAQs, to ensure AML program compliance.
FINRA Provides Additional Guidance on AML Obligations
On November 21, the Financial Industry Regulatory Authority (FINRA) published additional guidance regarding member firms’ obligations under FINRA Rule 3310, which requires adoption of an anti-money laundering (AML) program. The guidance provided in Regulatory Notice 17-40 follows the Financial Crime Enforcement Network’s (FinCEN) 2016 adoption of a final rule on customer due diligence requirements for financial institutions (CDD Rule). Under the CDD Rule, member firms must now comply with a “fifth pillar,” which requires them to “identify and verify the identity of the beneficial owners of all legal entity customers” at the time when a new account is opened, subject to certain exclusions and exemptions. Additionally, the “fifth pillar” requires member firms to understand the nature and purpose of customer relationships, conduct ongoing monitoring to report suspicious activities and transactions, and maintain and update customer information “on a risk basis.”
The “fifth pillar” supplements the previously established Bank Secrecy Act AML program requirements, coined the “four pillars,” which require member firms to (i) establish policies and procedures to “achieve compliance”; (ii) conduct independent compliance testing; (iii) designate responsible individuals to implement and monitor AML compliance; and (iv) provide ongoing training.
The CDD Rule became effective on July 11, 2016, and member firms must comply by May 11, 2018. FINRA advises members firms to consult the CDD Rule, along with FinCEN's related FAQs, to ensure AML program compliance.
FinCEN Issues FAQs Regarding Customer Due Diligence Requirements
On July 19, FinCEN issued FAQs to clarify the scope of the May 2016 Customer Due Diligence (CDD) final rule. As previously covered by InfoBytes, and as outlined in Question 2 of the recently-released FAQs, the final rule imposes standardized CDD requirements for federally regulated banks and federally insured credit unions, mutual funds, brokers or dealers in securities, futures commission merchants, and introducing brokers in commodities (collectively, covered financial institutions). While the FAQs provide a detailed description of the CDD requirements, they state that, “[i]n short, covered financial institutions are now required to obtain, verify, and record the identities of the beneficial owners of legal entity customers.” Notably, Question 5 of the FAQs clarifies that the CDD rule amends the AML program requirements to explicitly require covered financial institutions to implement and maintain risk-based procedures for conducting ongoing customer due diligence, including, but not limited to, (i) understanding the nature and purpose of the customer relationship; and (ii) conducting ongoing monitoring to identify and report suspicious transactions, as well as maintain and update customer information on a risk basis. The FAQs also note that covered financial institutions must include CDD procedures in their AML compliance program. In addition to discussing definitions for certain terms within the CDD rule, such as “account” and “beneficial owner,” the FAQs outline, among other things, the type of beneficial ownership information that covered financial institutions must collect for legal entity customers. Finally, as reiterated in the FAQs, the CDD rule has an effective date of July 11, 2016 and an applicability date of May 11, 2018.
FinCEN Director Calvery Opines on Agency Efforts to Increase Financial Transparency
On May 24, FinCEN Director Calvery delivered remarks before the House Committee on Financial Services at a hearing entitled “Stopping Terror Finance: A Coordinated Government Effort.” Calvery noted FinCEN’s commitment to fostering an environment of financial transparency, and provided insight on the recent issuance of a final rule, issued on May 6, which clarified customer due diligence (CDD) requirements for financial institutions: “[w]e are confident that the CDD final rule will increase financial transparency and augment the ability of financial institutions and law enforcement to identify the assets and accounts of criminals and national security threats. We anticipate that the CDD rule will also facilitate compliance with sanctions programs and other measures that cut off financial flows to these actors.” Calvery further emphasized the significance of recently proposed beneficial ownership legislation, noting that it and the CDD rule “dovetail together.” Calvery opined that the level of transparency that the proposed legislation and the CDD rule offer would assist law enforcement in identifying who the “real people are that are involved in a transaction,” furthering its efforts to combat money laundering and terrorism, enforce sanctions, and prevent other unlawful abuses of the U.S. financial system. Finally, she noted that the beneficial ownership legislation, if enacted, would provide FinCEN with the ability to collect information on all funds transfers (instead of only monetary instruments, as currently authorized) through the use of geographic targeting orders.
FinCEN Deputy Director: Industry Collaboration Key to Finalizing Customer Due Diligence Rule
On May 16, FinCEN Deputy Director Jamal El-Hindi delivered remarks at the Institute of International Bankers (IIB) Annual Anti-Money Laundering Seminar in New York. The focal point of El-Hindi’s remarks were recent Treasury initiatives, including, (i) the final Customer Due Diligence (CDD) rule; (ii) draft beneficial ownership legislation; and (iii) FinCEN’s use of Geographical Targeting Orders, as addressed in the beneficial ownership draft legislation. The remarks provide an overarching summary of Treasury’s recent regulatory efforts and address the process by which Treasury developed the final CDD rule and the draft beneficial ownership legislation, specifically commenting on and emphasizing FinCEN’s collaborative rulemaking efforts with industry: “I encourage you to keep our conversation going—particularly with respect to support for the beneficial ownership legislation. . . .Please know that FinCEN depends on you, the institutions you represent, and the key feedback and financial intelligence they provide.”