Alert August 12, 2014

FINCEN Issues Proposed Revisions to its Regulations That Would Enhance Financial Institutions’ Customer Due Diligence Requirements

The U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) has proposed revisions (the “Proposal”) to its rules implementing the Bank Secrecy Act (the “BSA”) that would spell out specific anti-money laundering (“AML”) program requirements for financial institutions and that would require financial institutions to verify the identity of certain beneficial owners of legal entity customers, subject to certain exceptions.  The Proposal follows an advanced notice of proposed rulemaking (the “ANPRM”) released by FinCEN in February 2012 relating to similar proposed revisions and guidance that FinCEN jointly released with the federal banking agencies, the National Credit Union Administration and the Securities and Exchange Commission (the “SEC”) in 2010 relating to obtaining beneficial ownership information concerning legal entity customers.  The Proposal would affect financial institutions that are currently subject to a customer identification program requirement under existing FinCEN rules, which consists of banks (including savings associations, credit unions and U.S. branches and agencies of foreign banks), brokers-dealers, mutual funds, futures commission merchants and introducing brokers in commodities (“Covered Financial Institutions”).   However, FinCEN suggested that it may be considering expanding customer due diligence requirements to other types of financial institutions, including money services business, casinos and insurance companies.  FinCEN indicated that it would address the status of the 2010 guidance at the time it issues a final rule.  Comments on the Proposal may be submitted for 60 days following publication of the Proposal in the Federal Register.  If adopted, the Proposal would become effective one year from the date a final rule is issued.

AML Program Requirements

The Proposal would amend FinCEN’s BSA regulations to spell out an explicit requirement that a Covered Financial Institution’s AML program should enable the financial institution to: (1) identify and verify the identity of customers; (2) identify and verify the identity of beneficial owners of legal entity customers (i.e., the natural persons who own or control legal entities); (3) understand the nature and purpose of customer relationships; and (4) conduct ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.

Although the Proposal would add these requirements to FinCEN’s AML program rules for Covered Financial Institutions, the explanatory preamble that accompanied the Proposal (the “Preamble”) points out that, except for the requirement to verify the identity of beneficial owners of legal entity customers, all of these components of an AML program are either already required by existing FinCEN rules and related guidance or necessary to ensure compliance with such rules.  For instance, FinCEN has already prescribed customer identification program requirements for Covered Financial Institutions that require such institutions to use documentary or non-documentary methods, as appropriate, to verify the identity of their customers.  Similarly, guidance provided by FinCEN and other regulators makes it clear that Covered Financial Institutions must understand the nature and purpose of their customer relationships and monitor customer activity on a risk-based basis in order to fulfill the requirement to identify and report to law enforcement suspicious activity.   In the Preamble, FinCEN explained that the requirement to periodically update customer information does not impose a “categorical requirement” to periodically update or refresh information provided by the customer at account opening but, instead, requires the financial institution to update the customer’s relevant information if the financial institution becomes aware of information relevant to assessing the customer’s AML risk in the course of monitoring customer activity.  FinCEN also pointed out throughout the Preamble that the requirements it proposes to add to its AML program rules for Covered Financial Institutions are merely minimum requirements for an effective AML program.

Identification of Beneficial Owners

As noted, the Proposal would add for the first time an explicit requirement that Covered Financial Institutions verify the identity of certain beneficial owners of certain legal entity customers.   Covered Financial Institutions would comply with this requirement at the time a legal entity customer establishes a new account by obtaining a certification form from the customer, in the form prescribed by FinCEN, in which the customer would identify its beneficial owners.  Covered Financial Institutions would not be required to obtain a certification form from legal entity customers with respect to their existing accounts.  However, if an existing legal entity customer establishes a new account, a Covered Financial Institution would need to obtain a certification form from the customer at that time.

For purposes of the legal entity beneficial owner identification requirement, the Proposal defines a “beneficial owner” as: (1) each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25% or more of the equity interests of a legal entity customer; and (2) a single individual with significant responsibility to control, manage, or direct a legal entity customer, including (i) an executive officer or senior manager (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer); or (ii) any other individual who regularly performs similar functions.  The two prongs of this definition operate independently, meaning that Covered Financial Institutions could be required to verify the identity of up to four individuals, if any, each of whom directly or indirectly is the beneficial owner of 25% or more of the equity interests of a legal entity customer and, in addition, one individual (who might also be a 25% or more beneficial owner) who has significant responsibility to control, manage, or direct a legal entity customer.

The definition of “beneficial owner” in the Proposal is somewhat narrower than the definition FinCEN initially described in the ANPRM, which would have required a Covered Financial Institution to verify the identity of  “the individual with greater responsibility than any other individual for managing or directing the regular affairs of the entity.”  Also, in the ANPRM, FinCEN suggested the possibility that the definition of beneficial owner could be relevant with respect to certain types of intermediated accounts, such as omnibus accounts.  However, the Proposal would not impose any additional obligation on a financial institution to verify the identity persons or entities having an interest in an account held by a financial institution’s customer acting as an intermediary for third parties.   Nevertheless, FinCEN noted in the Preamble that a financial institution’s AML program should include risk-based policies, procedures and controls for assessing the AML risk posed by underlying clients of a financial intermediary.

A Covered Financial Institution would not be responsible for verifying the status of an individual as a 25% or more beneficial owner or as a person who has control of a legal entity customer and may rely on the certification form provided by its legal entity customer for purposes of identifying the universe of relevant individuals.  However, the Covered Financial Institution would be required to form a reasonable belief that it knows the true identity of the beneficial owners by employing risk-based procedures to the extent reasonable and practicable that, at a minimum, are the same as the Covered Financial Institution’s Customer Identification Program procedures for verifying individual customers.  The Proposal would permit a Covered Financial Institution to rely upon another financial for purposes of verifying the identity of the beneficial owners of a legal entity customer consistent with existing rules and guidance relating to reliance for purposes of customer identification program requirements generally.

Definition of Legal Entity Customer

The Proposal defines a “legal entity customer” as a domestic or foreign corporation, limited liability company, partnership or other similar business entity that opens a new account at a covered financial institution.  Under the proposed definition of legal entity customer, trusts other than statutory trusts would generally not be treated as legal entity customers.  The definition of legal entity customer would expressly exclude certain entities, including the types of entities that are not treated as customers for purposes of the current customer identification program requirement.  Specifically, the Proposal would exclude the following types of entities:

  • A financial institution regulated by a federal functional regulator (e.g., another Covered Financial Institution) or a bank regulated by a state bank regulator;
  • A department or agency of the U.S. government or a state and any political subdivision of a state;
  • Certain entities established under federal or state law that exercise governmental authority;
  • Certain entities listed on the New York Stock Exchange or the NASDAQ Stock Market and majority owned subsidiaries of such entities;
  • An issuer of a class of securities registered under section 12 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”) or that is required to file reports under section 15(d) of the Exchange Act;
  • An investment company, as defined in section 3 of the Investment Company Act of 1940, as amended (the “Investment Company Act”), that is registered with the SEC under the Investment Company Act;
  • An investment adviser, as defined in section 202(a)(11) of the Investment Advisers Act of 1940, as amended (the “Advisers Act”) that is registered with the SEC under the Advisers Act;
  • An exchange or clearing agency, as defined in section 3 of the Exchange Act, that is registered under section 6 or 17A of the Exchange Act;
  • Any other entity registered with the SEC under the Exchange Act;
  • A registered entity, commodity pool operator, commodity trading advisor, retail foreign exchange dealer, swap dealer, or major swap participant, each as defined in section 1a of the Commodity Exchange Act, that is registered with the Commodity Futures Trading Commission;
  • A public accounting firm registered under section 102 of the Sarbanes–Oxley Act; and
  • A charity or nonprofit entity that is described in sections 501(c), 527, or 4947(a)(1) of the Internal Revenue Code of 1986, has not been denied tax exempt status, and is required to and has filed the most recently due annual information return with the Internal Revenue Service.

Aside from mutual funds, the Proposal does not carve out from the definition of “legal entity customer” pooled investment vehicles such as hedge funds.  However, FinCEN noted in the Preamble that it is considering whether nonexempt pooled investment vehicles, including those operated by financial institutions that are excepted from the definition of legal entity customer, should be subject to modified requirements.

Should you have questions regarding the Proposal please contact the author of this article, Bill Stern.