Written by Bernadette Clair, Senior Regulatory Compliance Counsel
FinCEN recently issued a proposed rule that would amend its existing rules to include explicit customer due diligence (CDD) requirements, including a requirement to identify beneficial owners of legal entity customers. This proposal has been in the works for some time – back in March 2012 FinCEN issued an advance notice of proposed rulemaking (ANPR) and held roundtable discussions seeking input from interested parties. For additional background information, see our previous blogs on this topic here, here, and here.
The proposed rule is intended to clarify and strengthen CDD within the Bank Secrecy Act (BSA) regime, with an aim towards enhancing financial transparency and safeguarding the financial system from illicit use by making sure “financial institutions perform effective CDD so that they know their customers – both who they are and what transactions they conduct.”
In the preamble to the proposed rule, FinCEN discusses what it believes are the minimum key elements of CDD. These include:
“(i) Identifying and verifying the identity of customers;
(ii) identifying and verifying the identity of beneficial owners of legal entity customers (i.e., the natural persons who own or control legal entities);
(iii) understanding the nature and purpose of customer relationships; and
(iv) conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.”
FinCEN notes that the requirement to identify and verify the identity of customers (the first element above) is already included in the existing regulatory requirement to have a customer identification program (CIP). As a result, the proposed rule adds explicit requirements addressing the remaining three elements.
Under proposed section 1010.230, financial institutions would have to identify and verify the identity of the natural persons who are beneficial owners, as defined in the rule, for their legal entity customers, with some exceptions. The proposal contains a Certification of Beneficial Owner(s) form in Appendix A that would be used for this purpose.
Another highlight that caught my eye is that FinCEN is proposing to add an explicit reference to CDD requirements for understanding the nature and purpose of customer relationships and conducting ongoing monitoring in proposed changes to section 1020.210, which as amended would read:
“§ 1020.210 Anti-money laundering program requirements for financial institutions regulated only by a Federal functional regulator, including banks, savings associations, and credit unions.
A financial institution regulated by a Federal functional regulator that is not subject to the regulations of a self-regulatory organization shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if the financial institution implements and maintains an anti-money laundering program that:
(a) Complies with the requirements of §§ 1010.610 and 1010.620 of this chapter;
(b) Includes, at a minimum:
(1) A system of internal controls to assure ongoing compliance;
(2) Independent testing for compliance to be conducted by bank personnel or by an outside party;
(3) Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;
(4) Training for appropriate personnel; and
(5) Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:
(i) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and
(ii) Conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions; and
(c) Complies with the regulation of its Federal functional regulator governing such programs.”
FinCEN indicates that this explicit reference to CDD requirements is not intended to change existing practices but rather to clarify existing practices. However, this is one area that generated a lot of comments when the ANPR was issued because of concerns that this might necessitate asking targeted questions at account opening for every new customer about the nature and purpose of the account.
FinCEN discusses some of these concerns in the preamble, stating in part that it “believes that in some circumstances an understanding of the nature and purpose of a customer relationship can also be developed by inherent or self-evident information about the product or customer type, or basic information about the customer. FinCEN recognizes that inherent information about a customer relationship, such as the type of customer, the type of account opened, or the service or product offered, may be sufficient to understand the nature and purpose of the relationship. Obtaining basic information about the customer, such as annual income, net worth, domicile, or principal occupation or business, may similarly be relevant depending on the facts and circumstances.”
These are just a couple of highlights from the proposed rule – for complete details, it may be found in its entirety here. Comments on the proposal are due to the agency on or before October 3, 2014. NAFCU’s Regulatory Affairs team is preparing a Regulatory Alert for NAFCU members, which will be available here.