FinCEN Issues Final Customer Due Diligence Rules for Financial Institutions; Member Call Scheduled for May 26

[29912]

May 16, 2016

TO: AML COMPLIANCE WORKING GROUP No. 2-16
BROKER/DEALER ADVISORY COMMITTEE No. 15-16
INVESTMENT ADVISERS COMMITTEE No. 8-16
OPERATIONS COMMITTEE No. 11-16
SEC RULES COMMITTEE No. 23-16
SMALL FUNDS COMMITTEE No. 14-16
TRANSFER AGENT ADVISORY COMMITTEE No. 19-16 RE: FINCEN ISSUES FINAL CUSTOMER DUE DILIGENCE RULES FOR FINANCIAL INSTITUTIONS; MEMBER CALL SCHEDULED FOR MAY 26

 

The Financial Crimes Enforcement Network (“FinCEN”) has issued final rules to strengthen and clarify customer due diligence (“CDD”) requirements under the Bank Secrecy Act (“BSA”) for banks; broker-dealers; mutual funds; and futures commission merchants and introducing brokers in commodities. [1]

The final rules require financial institutions (including mutual funds) (“FIs”) to identify beneficial owners of “legal entity customers.” FinCEN explains that this rule “will assist law enforcement in financial investigations, help prevent evasion of targeted financial sanctions, improve the ability of financial institutions to assess risk, facilitate tax compliance, and advance U.S. compliance with international standards and commitments.” [2] The rules also make explicit FIs’ obligations with respect to (i) understanding the nature and purpose of customer relationships, and (ii) conducting ongoing monitoring and updating customer information. The compliance date is May 11, 2018. [3]

On May 26 at 3:00 pm (ET), we will be holding a member call to discuss the final rules. The dial-in information is:

Number: 1-800-369-1156; Participant passcode: 3777738

Background

Over the past several years, there have been significant discussions regarding CDD and beneficial owners in the U.S. and globally, including through organizations like the Financial Action Task Force (“FATF”), of which the U.S. is a member. ICI has followed and actively participated in these discussions.

Federal Financial Regulator Guidance (2010). In March 2010, FinCEN, the SEC, and certain other federal financial regulators issued guidance regarding CDD and beneficial ownership information. [4] Its stated purpose was to clarify and consolidate existing regulatory expectations for obtaining beneficial ownership information for certain accounts and customer relationships under the anti-money laundering (“AML”) rules issued pursuant to the BSA. ICI and other trade associations submitted a letter expressing substantial concerns with the Guidance. [5]

Advance Notice of Proposed CDD Rulemaking (2012). FinCEN then issued an advance notice of proposed rulemaking (“ANPRM”) in 2012 to solicit comment on a wide range of questions pertaining to CDD, including a requirement for FIs to identify beneficial ownership of accountholders. [6] ICI submitted a comment letter raising numerous and significant concerns. [7]

Notice of Proposed Rulemaking (2014). FinCEN issued proposed CDD rules in 2014. [8] ICI submitted a comment letter in response, noting that the proposal addressed a number of concerns raised by ICI and others following the issuance of the ANPRM and offering additional comments. [9]

Summary of Final Rules

FinCEN states that CDD consists of the following four core elements, all of which are or will become explicit AML requirements: 

1. customer identification and verification;

2. beneficial ownership identification and verification;

3. understanding the nature and purpose of customer relationships to develop a customer risk profile; and

4. ongoing monitoring for reporting suspicious transactions and, on a risk-basis, maintaining and updating customer information.

The existing customer identification program (“CIP”) requirements satisfy the first element. [10] FinCEN has enacted the second element through a new rule. [11] FinCEN has enacted the third and fourth elements through amendments to the existing AML program rules. [12]

Beneficial Ownership Requirements for Legal Entity Customers

General requirements. Under the new beneficial ownership rule, covered FIs (i.e., those subject to CIP requirements, including mutual funds) will be required to establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of legal entity customers and to include such procedures in their AML compliance programs. FinCEN notes that FIs should use the beneficial ownership information obtained as they use other information (e.g., that obtained through compliance with CIP requirements), including for compliance with the Office of Foreign Assets Control (“OFAC”) regulations and the currency transaction reporting (“CTR”) aggregation requirements.

Legal Entity Customer Defined. “Legal entity customer” means “a corporation, limited liability company, or other entity that is created by the filing of a public document with a Secretary of State or similar office, a general partnership, and any similar entity formed under the laws of a foreign jurisdiction that opens an account.” [13] The rule provides a number of exclusions to this definition. [14]

Beneficial Owner Defined. “Beneficial owner” means:

1. Each individual, if any, who, directly or indirectly, owns 25% or more of the equity interests of a legal entity customer (the “ownership prong”); [15] and

2. A single individual with significant responsibility to control, manage, or direct a legal entity customer, including an executive officer or senior manager, or any other individual who regularly performs similar functions (the “control prong”).

Thus, the number of beneficial owners identified for each legal entity customer will vary, and range from one (in the case of an entity with no individual with an equity interest of at least 25%, no individual would be identified under the definition’s ownership prong, and only one individual would be identified under the control prong) to five (in the case of an entity with four individuals with an equity interest of exactly 25%, plus one individual under the control prong).

Intermediated Account Relationships. In the 2014 proposal, FinCEN indicated that if an intermediary is the customer and the FI has no CIP obligation with respect to the intermediary’s underlying clients under existing guidance, the FI can treat the intermediary, and not the intermediary’s clients, as its legal entity customer. FinCEN has confirmed this approach in the Preamble, stating, “To the extent that existing guidance provides that, for purposes of the CIP rules, a financial institution shall treat an intermediary (and not the intermediary’s customers) as its customer, the financial institution should treat the intermediary as its customer for purposes of this final rule.” [16]

Identification and Verification of Beneficial Owners. An FI must identify the beneficial owner(s) of each legal entity customer at the time a new account (i.e., each account opened at an FI by a legal entity customer on or after May 11, 2018) [17] is opened (unless the customer is otherwise excluded or the account is exempted). The FI may do so either by obtaining the required information on a standard FinCEN certification form [18] or by any other means that comply with the requirements.

The FI also must verify the identity of each beneficial owner identified to the FI, according to risk-based procedures. At a minimum, these procedures must contain the elements required for verifying the identity of individuals under the existing CIP requirements. [19] The FI may rely on the information supplied by the legal entity customer regarding the identity of its beneficial owner(s), provided that it has no knowledge of facts that would reasonably call into question its reliability. [20] Consequently, this provision generally requires FIs to verify the identity of the individual identified as a beneficial owner (i.e., the individual’s existence), and not his or her status as a beneficial owner.

Miscellaneous Items. FIs are exempt from the identification and verification requirements for certain select account types. [21] The recordkeeping requirements match the CIP recordkeeping requirements. Finally, FIs may rely on the performance by other FIs (including affiliates) under the same conditions as those set forth in the CIP rules.

Understanding the Nature and Purpose of Customer Relationships

The mutual fund AML program rule as amended will require funds to “[u]nderstand[ ] the nature and purpose of customer relationships for the purpose of developing a customer risk profile... .”

In the Preamble, FinCEN notes that a relatively small portion of a mutual fund’s underlying customers purchase shares directly from the fund; that a significant number of a fund’s legal entity customers are regulated intermediaries; and that these direct customers and intermediaries would be subject to different risk assessments for due diligence purposes. Echoing the ICI comment letter, FinCEN also notes that “mutual funds are best understood as a form of financial product rather than as an institution providing financial services or investment advice. We understand that much of a mutual fund’s understanding of the nature and purpose of a customer relationship arises predominantly from the customer’s initial decision to invest in a mutual fund, as reflected largely by the customer’s choice of product.” [22]

The upshot, according to FinCEN, is that “we would not generally expect such firms to change their practices in order to comply with this requirement. … we expect mutual funds to utilize the customer risk profile as necessary or appropriate during the course of complying with their SAR requirements—as we understand is consistent with the general current practice—in order to determine whether a particular transaction is suspicious.” [23]

Conducting Ongoing Monitoring and Updating Customer Information

The mutual fund AML program rule as amended will require funds to “[c]onduct[ ] ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”

In the Preamble, FinCEN reiterates that this is not intended to impose a categorical requirement to update customer information on a continuous or ongoing basis. Rather, FinCEN characterizes the updating requirement as “event-driven,” and states that “when mutual funds detect information relevant to assessing the risk of a customer relationship during the course of their normal monitoring, they would then be expected to update customer information.” [24]

 

Matthew Thornton
Assistant General Counsel

endnotes

[1] Customer Due Diligence Requirements for Financial Institutions, Financial Crimes Enforcement Network, 81 Fed. Reg. 29398 (May 11, 2016) (“Preamble to the Final Rules,” or “Preamble”), available at www.gpo.gov/fdsys/pkg/FR-2016-05-11/pdf/2016-10567.pdf.

[2] Preamble to the Final Rules at 29398.

[3] ICI requested an implementation period of at least two years in its comment letter.

[4] Policy Statement on Obtaining and Retaining Beneficial Ownership Information for Anti-Money Laundering Purposes, SEC Release No. 34-61651 (Mar. 5, 2010) (the “Guidance”).

[5] Joint Association (ICI, SIFMA and FIA) Letter on the Guidance (June 9, 2010), available at www.ici.org/pdf/24354.pdf. The letter stated that the concept of CDD described in the Guidance was not addressed in the BSA rules applicable to the securities and futures industries, and that the CDD expectations had not been previously communicated to the industry. The letter also observed that certain aspects of the Guidance appeared to conflict with CDD expectations embodied in FATF standards and CDD guidance previously provided to the banking industry.

[6] The ANPRM is available at www.fincen.gov/statutes_regs/frn/pdf/1506-AB15_CDD%20ANPRM.pdf.

[7] ICI’s comment letter on the ANPRM is available at www.ici.org/pdf/26148.pdf. Following the ANPRM, FinCEN hosted several hearings and roundtables around the country seeking public input and discussion on the ANPRM. Members and/or ICI participated in all five of these hearings.

[8] The 2014 CDD rule proposal is available at www.gpo.gov/fdsys/pkg/FR-2014-08-04/pdf/2014-18036.pdf. See Institute Memorandum No. 28307, dated August 11, 2014, for a summary of the proposal.

[9] See Institute Memorandum No. 28441, dated October 9, 2015, for a copy and summary of ICI’s comment letter.

[10] See, e.g., 31 CFR 1024.220 (“Customer identification programs for mutual funds”).

[11] 31 CFR 1010.230 (“Beneficial ownership requirements for legal entity customers”).

[12] See, e.g., 31 CFR 1024.210 (“Anti-money laundering program requirements for mutual funds”).

[13] The definition does not include trusts, other than statutory trusts created by a filing with a secretary of state or similar office.

[14] The definition of “legal entity customer” excludes, among many others, financial institutions regulated by a federal functional regulator or banks regulated by a state bank regulator; issuers of a class of securities registered under section 12 of the Securities Exchange Act of 1934 (the “1934 Act”) or that are required to file reports under section 15(d) of that Act; any other entities registered with the SEC under the 1934 Act; investment companies registered under the Investment Company Act of 1940; investment advisers registered under the Investment Advisers Act of 1940; and pooled investment vehicles that are operated or advised by excluded legal entity customers (ICI recommended this last exclusion in its comment letter).

[15] If a trust owns, directly or indirectly, 25% or more of the equity interests of a legal entity customer, the beneficial owner for purposes of this ownership prong is the trustee.

[16] Preamble to the Final Rules at 29415-29416. This was a point of emphasis in the ICI comment letter.

[17] The newly added definition of “account” is that found in the CIP rules. The ICI comment letter recommended this addition, and also emphasized the need to make any new requirements applicable prospectively, rather than to all existing accounts.

[18] The form is an appendix to the new beneficial ownership rule.

[19] Additionally, an FI may use photocopies or other reproductions of government-issued identification, such as a driver's license or passport.

[20] The ICI comment letter requested that either the preamble or rule text address FIs’ ability to rely on the beneficial ownership information they receive when accounts are opened.

[21] These include private label credit accounts established at the point of sale, accounts established for the purchase and financing of postage, commercial accounts to finance insurance premiums, and accounts to finance the purchase or lease of equipment.

[22] Preamble to the Final Rules at 29424.

[23] Id.

[24] Id.