FinCEN's Advance Notice of Proposed Rulemaking on Possible Customer Due Diligence Obligation for Financial Institutions
[25960]
March 5, 2012
TO: AML COMPLIANCE WORKING GROUP No. 3-12TRANSFER AGENT ADVISORY COMMITTEE No. 14-12
BROKER/DEALER ADVISORY COMMITTEE No. 13-12
BANK, TRUST AND RETIREMENT ADVISORY COMMITTEE No. 10-12 RE: FINCEN'S ADVANCE NOTICE OF PROPOSED RULEMAKING ON POSSIBLE CUSTOMER DUE DILIGENCE OBLIGATION FOR FINANCIAL INSTITUTIONS
On February 29, 2012, the Financial Crimes Enforcement Network (“FinCEN”) issued an advance notice of proposed rulemaking (“ANPRM”) to solicit public comment on a wide range of questions pertaining to the possible application of an explicit customer due diligence (“CDD”) obligation on financial institutions, including a requirement for financial institutions to identify beneficial ownership of their customers. [1] The scope of the ANPRM includes all of the industries that have anti-money laundering (“AML”) program requirements under FinCEN’s regulations. As an initial matter, FinCEN is considering developing a CDD rule to cover banks, brokers or dealers in securities, mutual funds, futures commission merchants, and introducing brokers in commodities. [2]
Comments are due by May 4, 2012. The Institute intends to submit a comment letter.
Background
FinCEN is authorized to impose AML program requirements on financial institutions, [3] as well as to require financial institutions to maintain procedures to ensure compliance with the Bank Secrecy Act (“BSA”). [4] In March 2010, FinCEN, the Securities and Exchange Commission (“SEC”), and certain other federal financial regulators issued guidance regarding customer due diligence and beneficial ownership information, Guidance on Obtaining and Retaining Beneficial Ownership Information (the “Guidance”). [5] The stated purpose of the Guidance was to clarify and consolidate existing regulatory expectations for obtaining beneficial ownership information for certain accounts and customer relationships” under the AML rules issued pursuant to the BSA. [6]
In a June 2010 letter (the “Letter”), the ICI, the Securities Industry and Financial Markets Association, and the Futures Industry Association (the “Associations”) expressed concerns with certain aspects of the Guidance. [7] In the Letter, the Associations noted that the concept of CDD, as described in the Guidance, was not addressed in the BSA rules applicable to the securities and futures industries, and that the CDD expectations had not been previously communicated to the industry. [8]
In the ANPRM, FinCEN states that the cornerstone of a strong BSA/AML compliance program is the adoption and implementation of internal controls, which include comprehensive CDD policies, procedures, and processes for all customers.” [9] FinCEN believes that the requirement that a financial institution know its customers, and the risks presented by its customers, is basic and fundamental to an effective BSA/AML compliance program. FinCEN believes that, despite an implicit CDD obligation in BSA requirements (e.g., the AML program and suspicious activity reporting (SAR) rules), issuing an express CDD rule with an obligation to obtain beneficial ownership information may be necessary to protect the United States financial system from criminal abuse and to guard against terrorist financing, money laundering and other financial crimes. In addition, FinCEN is concerned that there is a lack of uniformity and consistency in the way financial institutions address the implicit CDD obligations and collect beneficial ownership information. FinCEN also believes that the absence of a broad definition for the term “beneficial owner” is problematic. [10]
FinCEN identifies following reasons for the importance of CDD: [11]
- Assisting in criminal investigations;
- Facilitating tax reporting, investigations and compliance; [12]
- For promoting financial transparency and protecting the financial system from abuse consistent with international standards.
FinCEN notes that the possibility of an express CDD program rule is one element of their efforts to combat financial crime. FinCEN also is seeking to improve the availability of beneficial ownership information as well as facilitating the global implementation of international standards regarding beneficial ownership. [13]
Elements of CDD
FinCEN states that an effective CDD program includes the following:
- Conducting initial due diligence on customers, which includes identifying the customer, and verifying that customer’s identity as appropriate on a risk basis, at the time of account opening;
- Understanding the purpose and intended nature of the account, and expected activity associated with the account for the purpose of assessing risk and identifying and reporting suspicious activity;
- Except as otherwise provided, identifying the beneficial owner(s) of all customers, and verifying the beneficial owner(s)’ identity pursuant to a risk-based approach; and
- Conducting ongoing monitoring of the customer relationship and conducting additional CDD as appropriate, based on such monitoring and scrutiny, for the purposes of identifying and reporting suspicious activity. [14]
Identification and Verification of Customers
Consistent with existing customer identification program (“CIP”) requirements and guidance, FinCEN is considering an express customer identification and risk-based verification component of CDD, which it states does not create a new CIP obligation, but would be satisfied by compliance with a financial institution’s current CIP obligations. FinCEN states that if a financial institution is compliant with its current CIP obligations, a financial institution would be compliant with this part of a CDD program rule and therefore there would be no new or additional regulatory requirement. However, for customers exempt from CIP (e.g., certain existing customers, federally regulated banks, governmental entities and publicly traded companies), those customers would not be exempt from the requirements to understand the nature and purpose of the account and to conduct ongoing monitoring. FinCEN seeks comment on whether the beneficial ownership requirement should apply to the exempt customers. [15]
Understanding the Nature and Purpose of the Account
Consistent with the SAR obligation and related regulatory guidance, FinCEN is considering an express obligation to understand the nature and purpose of an account or customer relationship as part of a CDD program rule. FinCEN states that since a financial institution must understand the nature and purpose of an account in order to assess risk and satisfy its obligation to appropriately detect and report suspicious activity, FinCEN does not believe that this will impose a new or additional requirement. [16]
Obtaining Beneficial Ownership Information
FinCEN notes that under existing FinCEN regulation there are two limited situations where certain financial institutions are required to take reasonable steps to obtain beneficial ownership information. Those two situations are in the context of private banking accounts and correspondent accounts. Under the CIP rules, a financial institution’s CIP also must address situations where, based on a financial institution’s risk assessment of a new account opened by a customer that is not an individual, the financial institution will obtain information about individuals with authority over the account. FinCEN states that consistent with the existing explicit and implicit beneficial ownership information obligations that it describes in the ANPRM, FinCEN is considering expanding the requirement to obtain beneficial ownership information to all customers.
FinCEN states that it anticipates providing additional guidance regarding customers that may be considered low risk, and therefore exempt from the beneficial ownership requirement, as well as identifying types of customers that may necessitate identification of the beneficial owner, and those that are of heightened risk requiring both identification and verification of the beneficial owner. Similar to CIP, FinCEN anticipates that it would provide guidance to financial institutions on what they should do in the event they are unable to identify or verify a beneficial owner. FinCEN acknowledges that this component of a CDD program rule would create a new regulatory obligation to obtain beneficial ownership information. [17]
Definition of Beneficial Owner
In the context of special due diligence rules for correspondent and private banking accounts, FinCEN has defined the beneficial owner of an account as an individual who has a level of control over, or entitlement to, the funds or assets in the account that, as a practical matter, enables the individual, directly or indirectly, to control, manage or direct the account. [18] FinCEN states that this definition may not be useful for a wider range of accounts and there may be other approaches that are more helpful. FinCEN is considering the following definition for legal entities (other than for purposes of 31 CFR §1010.610 and §1010.620):
(1) either:
(a) each of the individual(s) who, directly or indirectly, through any contract, arrangement, understanding, relationship, intermediary, tiered entity, or otherwise, owns more than 25 percent of the equity interests in the entity; or
(b) if there is no individual who satisfies (a), then the individual who, directly or indirectly, through any contract, arrangement, understanding, relationship, intermediary, tiered entity, or otherwise, has at least as great an equity interest in the entity as any other individual, and
(2) the individual with greater responsibility than any other individual for managing or directing the regular affairs of the entity.
The new beneficial ownership requirement and definition would not be intended to supercede existing BSA obligations. [19]
Potential Exemptions from Beneficial Ownership Information Requirement
FinCEN states that it recognizes that there may be instances where obtaining beneficial ownership information may not be warranted. For example, it is considering whether legal entity customers that are exempt from identification under the CIP rules should also be exempt from the beneficial ownership requirement. FinCEN seeks comment on such a potential exemption. FinCEN also is considering how a requirement would apply to existing customers and is considering a risk-based approach (similar to that used for the CIP rules) for the beneficial ownership requirement and new customers. More specifically, FinCEN is seeking comment on how the beneficial ownership requirement could be phased into ongoing CDD with respect to existing customers. [20]
Beneficial Owners of Assets in Accounts Held by Intermediaries
FinCEN seeks comment on potential definitions of “beneficial owner” in cases where obtaining information about beneficial owners of accounts may be warranted. FinCEN recognizes that there may be impediments to identifying beneficial owners in certain cases such as in omnibus accounts or other intermediated accounts. FinCEN seeks information on the difficulties associated with identifying beneficial owners of assets in such accounts. FinCEN seeks comment on whether the explicit obligation to identify beneficial owners in an account should be based on a risk assessment or whether a more specific obligation would be appropriate. [21]
Customer as Agent for Others
FinCEN is considering how to best address the vulnerability presented by an account established by an individual or entity which could be acting on behalf of others without disclosing the fact. FinCEN believes one solution is to require the individual or entity opening the account to state whether he, she or it is acting on behalf of another person. In such a case, the beneficial ownership element of a CDD program rule would apply to the person on whose behalf the account is being opened. FinCEN seeks comment on this approach. [22]
Verifying Beneficial Ownership Information
FinCEN anticipates that in general the individual opening an account for an entity will identify its beneficial owner and that financial institutions will be able to rely on the beneficial ownership information presented by the customer (absent information that indicates a reason to question the veracity of the information or an elevated risk of money laundering or terrorist financing).
FinCEN states that verification of the beneficial owner could have two possible meanings. One meaning would require verifying the identity of the individual identified as the beneficial owner of the account, i.e., verifying the existence of the identified beneficial owner, using procedures similar to those currently required pursuant to the CIP rules (e.g., obtaining a copy of a government issued identity document of the individual), but applied to the identified beneficial owner rather than to an individual customer. The second possible meaning would require that the financial institution verify that the individual identified by the customer as the beneficial owner, is indeed the beneficial owner of the customer, i.e., to verify the status of the identified individual. FinCEN is considering that, in each case the required procedures would need to be reasonable and practicable, and sufficient to form a reasonable belief that the financial institution knows the identity or status, as the case may be, of the beneficial owner. FinCEN seeks comment on these two possible meanings, including their appropriateness and challenges. [23]
Conducting Ongoing CDD
FinCEN states that CDD is an ongoing obligation requiring policies and procedures to maintain the accuracy of customer risk profiles and risk assessments. FinCEN states that the element of an ongoing CDD monitoring requirement is already implicit in the AML program and SAR rules and therefore would not be a new or additional requirement. [24]
Issues for Comment
FinCEN states that existing CDD requirements are an implicit, but essential, part of complying with AML program regulations. Nevertheless, FinCEN is considering expressly requiring that financial institutions conduct CDD as part of their existing AML program requirements, and as part of this requirement, to collect beneficial ownership information for all customers, with limited exceptions.
Consequently, FinCEN is seeking comment concerning the implementation of CDD programs in general under existing rules and guidance. In addition, FinCEN is interested in better understanding what types of CDD information are currently collected, specifically regarding beneficial ownership information, and under what circumstances the information is collected. FinCEN asks the following specific questions: [25]
1.Aside from policies and procedures with respect to beneficial ownership, what changes would be required in a financial institution’s CDD processes as a result of the adoption by FinCEN of an express CDD rule as described in this ANPRM? FinCEN is seeking input on additional burdens as well as costs, given its belief that the changes should not be onerous since it believes certain elements of CDD are already implicit or explicit regulatory obligations.
2. What changes would be required in a financial institution’s CDD process, as a result of the adoption by FinCEN of a categorical requirement to obtain (and in some cases verify) beneficial ownership information, as described in this ANPRM? Is FinCEN’s suggested alternate definition of “beneficial owner,” a clear and easily understood definition for the purpose of obtaining beneficial ownership information for legal entities in the context of complying with a CDD obligation? If not, would you suggest a better definition? In addition, how do financial institutions currently address the money laundering risks that might be presented by the beneficial owners of assets in an account held by an intermediary, what difficulties are presented in this regard, would further guidance or regulation be appropriate, should any requirement in this area be risk-based, and how should FinCEN define beneficial ownership for this purpose? FinCEN is also interested in the costs of complying with a beneficial ownership requirement.
3. Under what circumstances does a financial institution currently obtain beneficial ownership information on a customer or accountholder?
4.How do financial institutions currently obtain beneficial ownership information?
5.Is the current, primarily risk-based, approach to a CDD program requirement resulting in varied approaches across industries or varied approaches within industries?
6.Are there other elements of CDD that would be more effective in facilitating compliance with AML program requirements and other obligations under FinCEN’s regulations?
7. What information should be required in order to identify, and verify on a risk basis, the identity of the beneficial owner? FinCEN asks whether required identification of beneficial owners should be consistent with information already required under CIP rules or if additional information should be required. FinCEN seeks input on challenges posed by verification.
8.Are there any products and services, or customers that should be exempted from the requirement to obtain beneficial ownership information due to there being (i) substantially less risk of money laundering or terrorist financing associated with the account;(ii) limited value associated with the beneficial ownership information in mitigating money laundering/terrorist financing risk; or (iii) an inability to obtain the required information due to other legal requirements? For example, FinCEN asks if customers exempt from CIP should be exempt from beneficial ownership identification.
9.What financial institutions should not be covered by a CDD rule based on products and services offered?
10.What would be the impact on consumers or other customers of a CDD program including the elements identified above?
If you have any questions or comments, you can contact Susan Olson (solson@ici.org; 202-326-5813) or Eva Mykolenko (emykolenko@ici.org; 202-326-5837).
Susan Olson
Senior Counsel - International Affairs
endnotes
[1]The ANPRM is available at http://www.fincen.gov/statutes_regs/frn/pdf/1506-AB15_CDD%20ANPRM.pdf (or at 77 FR 13046 (March 5, 2102), available at http://www.gpo.gov/fdsys/pkg/FR-2012-03-05/pdf/2012-5187.pdf).
[2]Although the ANPRM is focused on only certain institutions, FinCEN believes that a CDD rule may be appropriate for all financial institutions subject to FinCEN’s regulations, and will consider extending such a rule to other financial institutions in the future and is seeking comment from other institutions. ANPRM at 2.
[3]31 U.S.C. § 5318(h)(2).
[4]The BSA is codified at 12 U.S.C. § 1829b, 12 U.S.C. §§ 1951–1959, 18 U.S.C. §§ 1956, 1957, and 1960,and 31 U.S.C. §§ 5311–5314 and 5316–5332 and notes thereto, with implementing regulations at 31 CFR Chapter X. See 31 CFR § 1010.100(e). The Secretary of the Treasury has delegated to the Director of FinCEN the authority to implement, administer and enforce compliance with the BSA and associated regulations. Treasury Order 180-01 (Sept. 26, 2002).
[5]Policy Statement on Obtaining and Retaining Beneficial Ownership Information for Anti-Money Laundering Purposes, SEC Release No. 34-61651 (Mar. 5, 2010).
[6]31 U.S.C. §§ 5311 et seq.
[7]Joint Association (ICI, SIFMA and FIA) Letter on the Guidance (June 9, 2010), available at http://www.ici.org/pdf/24354.pdf.
[8]Ongoing discussions between industry and regulators continued following the Letter, including the possibility of additional regulatory guidance.
[9]ANPRM at 4, citing the Guidance. See also Federal Financial Institution Examination Council Bank Secrecy Act Anti-Money Laundering Examination Manual (2010) (“FFIEC Manual”), available at http://www.ffiec.gov/bsa_aml_infobase/documents/BSA_AML_Man_2010.pdf; Financial Industry Regulatory Authority, Updated AML Template for Small Firms (Jan. 2010) (“FINRA Small Firm Template”), available at http://www.finra.org/Industry/Issues/AML/p006340; National Association of Securities Dealers, Notice to Members 02-21at 7 (Apr. 2002) (“NASD NTM 02-21”).
[10]ANPRM at 4-5.
[11]ANPRM at 11-14.
[12] As part of U.S. efforts to combat cross-border tax evasion and other crimes, FinCEN also notes the reporting provisions for the Foreign Account Tax Compliance Act and the need to identify U.S. account holders.
[13]ANPRM at 6-7.
[14] ANPRM at 17.
[15] ANPRM at 17-20.
[16]ANPRM at 20-21.
[17]ANPRM at 21-23.
[18] 31 CFR § 1010.605(a).
[19] ANPRM at 23-25.
[20] ANPRM at 26-27.
[21]ANPRM at 26-27.
[22]ANPRM at 27-28.
[23]ANPRM at 28-29.
[24]ANPRM at 29-30.
[25]ANPRM at 30-36.