Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FinCEN issues extension to continue suspension of beneficial ownership requirements for automatic renewal products

    Financial Crimes

    On August 8, FinCEN issued a notice to provide an additional 30 days of limited exceptive relief for covered financial institutions that are required to obtain and verify the identity of beneficial owners of legal entity customers with respect to certificate of deposit rollovers and loans that renew automatically. As previously covered in InfoBytes, the extension—which was set to expire August 9 and applies to qualified products and services that were established before the Beneficial Ownership Rule’s May 11 compliance date—will now continue until September 8. FinCEN noted it will continue to evaluate the requirement to determine whether additional relief is needed.

    Find continuing InfoBytes coverage on beneficial ownership and customer due diligence requirements here.

    Financial Crimes FinCEN Beneficial Ownership Customer Due Diligence CDD Rule

    Share page with AddThis
  • FINRA amends anti-money laundering rule to comply with FinCEN’s CDD rule

    Financial Crimes

    On May 3, FINRA issued a Regulatory Notice 18-19 amending Rule 3310—Anti-Money Laundering (AML) Compliance Program rule—to reflect FinCEN’s final rule concerning customer due diligence requirements for covered financial institutions (CDD rule), which becomes applicable on May 11. According to Regulatory Notice 18-19, member firms should ensure that their AML programs are updated to include, among other things, appropriate risk-based procedures for conducting ongoing customer due diligence including (i) “understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile,” and (ii) “conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.” The announcement also makes reference to FINRA’s Regulatory Notice 17-40, issued last November, which provides additional guidance for member firms complying with the CDD rule. (See previous InfoBytes coverage here.). The notice further states that the “provisions are not new and merely codify existing expectations for firms.”

    Financial Crimes FINRA CDD Rule Anti-Money Laundering FinCEN Department of Treasury Customer Due Diligence

    Share page with AddThis
  • House Financial Services Committee holds hearing on FinCEN’s CDD rule

    Federal Issues

    On April 27, the House Financial Services Committee’s Subcommittee on Financial Institutions and Consumer Credit held a hearing entitled “Implementation of FinCEN's Customer Due Diligence Rule—Financial Institution Perspective” to discuss challenges facing financial institutions when complying with FinCEN’s Customer Due Diligence Rule (CDD Rule). As previously covered in InfoBytes, the CDD Rule takes effect May 11, and imposes standardized customer due diligence (CDD) requirements under the Bank Secrecy Act (BSA) for covered financial institutions, including the identification and verification of the beneficial owners of legal entity customers. The hearing’s four witnesses expressed certain concerns regarding the effects of implementation on financial institutions, as well as the timing of additional guidance released April 3 in the form of frequently asked questions.

    In prepared remarks, Executive Director of The Financial Accounting and Corporate Transparency (FACT) Coalition, Gary Kalman, commented that the CDD Rule, which calls for additional AML requirements, is a “positive step forward but falls short of what is needed to protect the integrity of [the] financial system”—particularly in terms of what defines a “beneficial owner.” Greg Baer, President of The Clearing House Association, expressed concerns that the CDD Rule (i) requires financial institutions to verify beneficial owners for each account that is opened, instead of verifying on a per-customer basis; and (ii) does not explicitly state in its preamble that FinCEN possesses sole authority to set CDD standards, which may present opportunities for examiners to make ad hoc interpretations.

    Additionally, Executive Vice President of the International Bank of Commerce Dalia Martinez, observed, among other things, that compliance with the CDD Rule is costly and burdensome, and that banks have not been provided with the tools or guidance to determine whether the information provided by legal entity customers is accurate when verifying beneficial owners. The “gray areas” within the CDD Rule, Martinez noted, present challenges for compliance. A fourth witness, Carlton Green, a partner at Crowell & Morning, expressed concerns with the relationship between FinCEN and the federal functional regulators, stating that because FinCEN has delegated examination authority to these regulators, there is a chance regulators will “create and enforce their own interpretations of or additions to BSA rules” that may “diverge from FinCEN’s priorities.”

    Federal Issues House Financial Services Committee FinCEN Customer Due Diligence Financial Crimes CDD Rule

    Share page with AddThis
  • Federal Reserve issues cease and desist order against Taiwanese bank for BSA/AML deficiencies

    Financial Crimes

    On April 19, the Federal Reserve Board (Fed) issued a cease and desist order against a Taiwanese bank and its New York agency in connection with alleged Bank Secrecy Act and anti-money laundering (BSA/AML) violations. According to the Fed’s order, a recent examination conducted by the Federal Reserve Bank of New York (Reserve Bank) and the NYDFS identified “significant deficiencies” in the agency’s BSA/AML compliance and risk management controls. The order requires, among other things, that the bank and agency submit within 60 days: (i) a written governance plan to strengthen the board of director’s oversight of BSA/AML compliance; (ii) a written program to achieve compliance with BSA/AML requirements; (iii) an enhanced, written customer due diligence program plan; and (iv) a revised  program to ensure compliant suspicious activity monitoring and reporting. The bank and agency are further required to engage an independent third party acceptable to the Reserve Bank to conduct a review of certain wire transactions to determine whether “suspicious activity involving high risk customers or transactions” was properly identified and reported in accordance with applicable regulations. The order imposes no financial penalty.

    Financial Crimes Federal Reserve NYDFS Bank Secrecy Act Anti-Money Laundering Enforcement Customer Due Diligence

    Share page with AddThis
  • FINRA revises anti-money laundering template for small firms

    Agency Rule-Making & Guidance

    On April 4, the Financial Industry Regulatory Authority (FINRA) released a revised template to assist FINRA-registered small firms in developing and implementing risk-based anti-money laundering (AML) programs as required by the Bank Secrecy Act and FINRA Rule 3310. Changes to the template reflect FinCEN’s final rule concerning customer due diligence requirements for covered financial institutions (CDD rule), which goes into effect May 11. (See previous InfoBytes coverage on the CDD rule here.) The CDD rule requires covered financial institutions, including FINRA-registered firms, to identify the beneficial owners of legal entity customers who open new accounts.

    Agency Rule-Making & Guidance FINRA FinCEN Anti-Money Laundering Customer Due Diligence Department of Treasury Bank Secrecy Act Financial Crimes CDD Rule

    Share page with AddThis
  • Buckley Sandler Insights: FinCEN updates FAQs regarding customer due diligence requirements for financial institutions

    Agency Rule-Making & Guidance

    On April 3, FinCEN released an update to its FAQs in advance of the upcoming Customer Due Diligence Requirements for Financial Institutions final rule (issued in 2016 and amended last September for various technical corrections) that goes into effect May 11. As previously covered in InfoBytes, the final rule imposes standardized customer due diligence (CDD) requirements under the Bank Secrecy Act for covered financial institutions and requires financial institutions to identify and verify beneficial owners of legal entity customers, subject to certain exclusions and exemptions. The supplemental FAQs (see InfoBytes coverage on an earlier set of FAQs issued in 2016) assist covered financial institutions in understanding the scope of their CDD requirements, as well as the CDD rule’s impact on broader anti-money laundering (AML) program obligations, and cover a broad range of interpretations including the following:

    • Question 1 specifies covered financial institutions will satisfy the requirements to identify and verify beneficial owners of legal entity customers by collecting and verifying the identity of individuals who directly or indirectly own 25 percent or more of the equity interests in a legal entity customer, as well as “one individual who has managerial control of a legal entity customer.” However, they may choose to implement stricter written internal policies and procedures and expand their information collection to include more than one individual with managerial control or persons owning a lower percentage of equity interests.
    • Question 3 clarifies that covered financial institutions may reasonably rely on a legal entity customer to provide the identities of individuals who satisfy the definition of beneficial ownership, whether indirectly or directly, and “need not independently investigate the legal entity customer’s ownership structure.”
    • Question 7 states that for existing customers, a covered financial institution may rely on information in its possession subject to its Customer Identification Program (CIP) to fulfill the beneficial ownership identification and verification requirements, “provided the existing information is up-to-date, accurate, and the legal entity customer’s representative certifies or confirms (verbally or in writing) the accuracy of the pre-existing CIP information.”
    • Question 10 states that if a legal entity customer opens multiple accounts, the covered financial institution may rely on information obtained from a previously issued certification form (or equivalent), provided the legal entity customer certifies or confirms—verbally or in writing—that such information is up-to-date and accurate at the time each subsequent account is opened. Records of such certification or confirmation must also be maintained.
    • Question 12 confirms that covered financial institutions seeking to renew a loan or roll over a certificate of deposit must treat these as new accounts and require their legal entities customers to certify or confirm beneficial owners, “even if the legal entity is an existing customer.”
    • Question 18 stipulates that covered financial institutions are not required to identify and verify the identity of beneficial owners that own 25 percent or more of the equity interests of a pooled investment vehicle, whether or not such vehicle is managed by a “financial institution,” due to the typical fluctuation of ownership. However, Question 18 notes that covered financial entities must collect beneficial ownership information for an individual who has significant control or management over the vehicle as required under the control prong to comply with the CDD rule.
    • Question 19 concerns trusts overseen by multiple trustees and states that in circumstances where a trust owns 25 percent or more of the equity interests of a legal entity customer, covered financial institutions are required, at a minimum, to collect beneficial ownership information on a single trustee but may choose to identify additional co-trustees based on risk assessment or a risk profile.
    • Question 21 specifies that a covered financial institution may rely on information provided by a legal entity customer to determine eligibility for exclusion from the definition of a legal entity customer, provided the financial institution has no knowledge of facts that would reasonably call into question the reliability of such information. Covered financial institutions should also ensure that their risk-based written policies and procedures address and specify the type of information to be used when reasonably determining exclusion eligibility. 
    • Question 28 stipulates which non-U.S. governmental entities qualify for exclusion from the definition of a legal entity customer. It specifies that state-owned enterprises that engage in profit-seeking activities, such as sovereign wealth funds, airlines, and oil companies, are not excluded from the definition of a legal entity.
    • Questions 29-31 provide guidance on account level beneficial owner exceptions related to (i) point of sale products for certain low-risk retail credit accounts; and (ii) certain equipment finance and lease accounts with low money laundering risks. Question 31 also stipulates that an equipment lease and purchase exemption would apply in circumstances where a customer leases necessary equipment directly from a covered financial institution.
    • Questions 32-33 provide guidance on circumstances where beneficial ownership information should be aggregated for purposes of complying with Currency Transaction Report (CTR) requirements, and state that “absent indications that the businesses are not operating independently . . . , financial institutions should not aggregate transactions involving those businesses with those of each other or with those of the common owner for CTR filing.” Furthermore, covered financial institutions are generally not required to list beneficial owners on a CTR.
    • Question 35 specifies what information covered financial institutions should collect and consider as part of on-going CDD when developing customer risk profiles. Specifically, covered financial institutions should develop an understanding of the “nature and purpose of a customer relationship,” and review information obtained at the opening of an account such as type of customer, account, service, or product.

    Agency Rule-Making & Guidance FinCEN Bank Secrecy Act Anti-Money Laundering Customer Due Diligence Department of Treasury CDD Rule Beneficial Ownership

    Share page with AddThis
  • OCC announces March 2018 enforcement actions and terminations

    Federal Issues

    On March 16, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such parties. The new enforcement actions include a cease and desist order, a civil money penalty order, notices filed, and recently terminated enforcement actions. Two notable actions are as follows:

    Cease and Desist Consent Order. On February 12, the OCC issued a consent order against a New Jersey-based bank for deficiencies related to its Bank Secrecy Act/Anti-Money Laundering (BSA/AML) rules and regulations. Among other things, the consent order requires the bank to (i) appoint an independent third-party consultant to conduct a review of the bank’s BSA/AML compliance program; (ii) review and update a comprehensive BSA/AML compliance action plan and monitoring system; (iii) create a comprehensive training program for “appropriate operational and supervisory personnel, and the Board of Directors, to ensure their awareness of their responsibility for compliance with” the BSA; (iv) develop policies and procedures related to the collection of customer due diligence and enhanced due diligence when opening accounts; (v) appoint a BSA officer; (vi) develop and conduct ongoing BSA/AML risk assessments to monitor accounts for “high-risk customers”; and (vii) conduct a “Look-Back” plan to determine whether suspicious activity was timely identified and reported by the bank and whether additional SARs should be filed for previously unreported suspicious activity. Furthermore, the bank is prohibited from opening new accounts for commercial customers designated as “medium risk or higher” in areas such as “money services businesses, foreign or domestic correspondent banks, payment processors, or cash-intensive businesses” without prior authorization. The bank, while agreeing to the terms of the consent order, has neither admitted nor denied any wrongdoing.

    Termination of enforcement action. On February 14, the OCC terminated a 2002 consent order issued against a Texas-based payday lender after determining that “the safe and sound operation of the banking system does not require the continued existence of” previously issued restrictions. In 2002, the OCC claimed the payday lender engaged in “unsafe and unsound” practices, including violations of ECOA and TILA for failing to safeguard customers’ loan files. Among other things, the consent order fined the payday lender a $250,000 civil money penalty, imposed record-keeping requirements, and prohibited it from “entering into any kind of written or oral agreement to provide any services, including payday lending, to any national bank or its subsidiaries without the prior approval of the OCC.”

    Federal Issues OCC Enforcement Bank Secrecy Act Anti-Money Laundering Payday Lending Customer Due Diligence

    Share page with AddThis
  • Federal Reserve orders Chinese bank to correct BSA/AML controls

    Financial Crimes

    On March 12, the Federal Reserve Board (Fed) entered into a consent order with a Chinese bank (bank) and its New York branch (branch) in connection with alleged Bank Secrecy Act and anti-money laundering (BSA/AML) violations. According to the Fed’s order, a recent examination identified “significant deficiencies” in the branch’s BSA/AML compliance and risk management controls. The consent order requires, among other things, the bank and branch submit within 60 days: (i) a written governance plan to achieve compliance with BSA/AML requirements; (ii) a system to identify and assess risks associated with all products and customers, including “politically exposed persons”; (iii) an enhanced customer due diligence program plan; and (iv) a compliance program to ensure accurate suspicious activity monitoring and reporting. The bank and branch are further required to engage an independent third party acceptable to the Fed to review their dollar-clearing transaction activity in the second half of 2016 “to determine whether suspicious activity involving high-risk customers or transactions” was properly flagged. The order imposes no financial penalty.

    Financial Crimes Federal Reserve Bank Secrecy Act Anti-Money Laundering Bank Compliance International Customer Due Diligence

    Share page with AddThis
  • OCC announces enforcement action against Washington-based bank citing BSA/AML compliance deficiencies

    Financial Crimes

    On February 28, the OCC issued a consent order against a Washington-based bank for deficiencies related to its Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance program. The consent order requires the bank to, among other things, (i) maintain a Compliance Committee responsible for ensuring the bank adheres to the consent order’s provisions; (ii) appoint a BSA officer who will ensure compliance with the requirements of the BSA and the Office of Foreign Assets Control’s rules and regulations; (iii) implement an enhanced BSA/AML Risk Assessment Program, including the adoption of written policies to ensure the timely review of BSA/AML suspicious activity alerts and the implementation of an automated suspicious activity monitoring system; (iv) conduct a risk-based “Look-Back” to determine whether suspicious activity was timely identified and reported by the bank; (v) develop policies and procedures for enhanced customer due diligence to monitor information for risk; (vi) implement an independent BSA/AML audit program; and (vii) create a comprehensive training program for appropriate bank personnel. The bank did not admit to any wrongdoing in the consent order.

    Financial Crimes OCC Bank Secrecy Act Anti-Money Laundering Enforcement OFAC SARs Customer Due Diligence

    Share page with AddThis
  • GAO recommends the CFPB review the effectiveness of TRID guidance for small institutions

    Federal Issues

    On February 27, the U.S. Government Accountability Office (GAO) released a report of recommendations to financial regulators on actions to take related to the compliance burdens faced by certain small financial institutions. The report is the result of a study the GAO initiated with over 60 community banks and credit unions (collectively, “institutions”) regarding which financial regulations were viewed as the most burdensome. Among others, the report includes a recommendation to the CFPB that it should assess the effectiveness of its TILA/RESPA Integrated Disclosure Rule (TRID) guidance and take affirmative steps to address any issues that are necessary. In a response to the GAO that is included in the report, the CFPB Associate Director David Silberman said, “the Bureau agrees with this recommendation and commits to evaluating the effectiveness of its guidance and updating it as appropriate.” Among other recommendations, the GAO highlights the need for the CFPB to coordinate with the other financial regulators on their periodic Economic Growth and Regulatory Paperwork Reduction Act (EGRPRA) reviews.

    In addition to the compliance concerns with TRID disclosures, the GAO reports that the institutions also consider the data reporting requirements under HMDA, and the transaction reporting and customer due diligence requirements of the Bank Secrecy Act and related anti-money laundering laws the most burdensome. The GAO includes specific recommendations to the other financial regulators to strengthen and streamline regulations through the EGRPRA process.

    Federal Issues GAO CFPB Mortgages TRID HMDA Bank Secrecy Act Anti-Money Laundering EGRPRA Customer Due Diligence

    Share page with AddThis

Pages