The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has proposed requiring banks without a federal functional regulator to implement AML programs that meet certain minimum standards.
Most banks are subject to an AML program requirement and other requirements under the Bank Secrecy Act (the BSA), as amended by the USA PATRIOT Act. However, FinCEN’s BSA regulations currently except banks that are not subject to regulation by a federal functional regulator from the AML program requirement. These types of banks include state chartered non-depository trust companies, non-federally chartered credit unions, private banks, and state chartered banks and savings and loan or building and loan associations that operate without federal deposit insurance. If adopted, the FinCEN proposal would close this “gap” and subject these institutions to the same AML program requirement as federally regulated banks.
Even though banks that do not have a federal functional regulator are not subject to an AML program requirement, they are currently subject to certain requirements under FinCEN’s rules implementing the BSA. In particular, credit unions, private banks and trust companies must implement a written CIP approved by the board of directors (or equivalent governing body) that includes risk-based procedures to identify customers. All banks are subject to currency transaction reporting requirements with respect to transactions in currency having a value in excess of $10,000, are required to file suspicious activity reports with FinCEN in certain circumstances, and must maintain certain records with respect to funds transfers and other transactions, including records required by FinCEN’s joint travel and recordkeeping rules. Furthermore, commercial banks, trust companies, private banks and credit unions, regardless of whether they have a federal functional regulator, are also prohibited from maintaining correspondent accounts for foreign shell banks and must obtain beneficial ownership information with respect to non-publicly traded foreign banks for which they provide correspondent account services.
State chartered non-depository trust companies and other banks that do not have a federal functional regulator often have AML-related procedures to assist them in complying with the BSA. However, the FinCEN proposal would mandate that these institutions adopt an AML program that meets the following minimum requirements:
- A system of internal controls to assure ongoing compliance;
- Independent testing for compliance to be conducted by bank personnel or by an outside party;
- Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;
- Training for appropriate personnel; and
- Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to: (i) understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and (ii) conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
The AML program would need to be in writing and approved by the institution’s board of directors or equivalent governing body. Furthermore, the FinCEN proposal would extend the CIP requirement to all banks without a federal functional regulator and not just federally regulated banks and other institutions (credit unions, private banks and trust companies) covered under existing regulations. Banks without a federal functional regulator would also be required to perform due diligence before opening a correspondent account for a foreign financial institution and maintain a due diligence program related to private banking accounts, including enhanced due diligence with respect to private banking accounts for which a senior foreign political figure (including an immediate family member or close associate of a senior foreign political figure) is a nominal or beneficial owner. These institutions would also be required to verify the identity of beneficial owners of legal entity customers as required for covered financial institutions under the customer due diligence rules that FinCEN adopted in May of this year (as covered in our May 19, 2016 client alert).
Comments on the proposal are due October 24, 2016.