Greetings, Compliance friends! Here in Virginia, it’s that time of year already – the kids have returned to school. Most students have a favorite subject – math, history, etc. When it comes to compliance, my favorite subject is the Bank Secrecy Act (BSA). Those who have been reading my blog posts for awhile likely know that I am a self-confessed Bank Secrecy Act (BSA) nerd. It’s been a few months since my last blog focusing on BSA, and a lot has happened in the interim. Let’s do a review of some recent BSA-focused developments:
Implementation of the Corporate Transparency Act
In recent years, the Financial Crimes Enforcement Network (FinCEN) has been hard at work implementing the Corporate Transparency Act (CTA) of 2020. As we’ve discussed in this previous post in the Compliance Blog, FinCEN has issued a final rule requiring “reporting companies” to report their beneficial ownership information (BOI) to FinCEN, and another final rule on how credit unions (and other financial institutions) will be able to access that BOI once it is stored in FinCEN’s database. Notably, the CTA does not remove the existing requirements for credit unions to obtain and verify beneficial ownership information of their legal entity members under section 1010.230 of the FinCEN regulations.
Credit unions have reached out to America’s Credit Unions with questions regarding whether they have a duty to inform their legal entity members about the reporting requirements under the CTA. Federal laws and regulations do not require credit unions to inform their members about the CTA’s reporting requirements. However, in July FinCEN published new guidance that credit unions may want to provide to their members. This Beneficial Ownership Information Reference Guide was written for customers of financial institutions, and compares the BOI reporting under the CTA with the beneficial ownership information a credit union is required to collect and verify under section 1010.230. The reference guide also includes a handy chart that highlights the differences between the two rules – for example, noting that a social security number (or other identification number) is required to be collected and verified under section 1010.230, but is not required to be reported to FinCEN under the CTA’s BOI reporting rule. Legal entity members might not understand that there are two different sets of rules and requirements relating to beneficial ownership, and thus having the reference guide, and the guide’s chart, may be a useful tool in explaining the ways in which the rules differ.
Recent Proposed Rule on AML/CFT Programs
In other news, FinCEN issued a proposed rule regarding Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) programs. This rulemaking was required by the Anti-Money Laundering Act (AMLA) of 2020. While this proposed rule was originally described as a rule regarding FinCEN’s AML/CFT National Priorities, the rule actually focuses very little on the national priorities. Instead, the rule changes the requirements relating to credit unions’ BSA programs. Importantly, the AMLA required FinCEN to switch terminology – BSA/AML programs will now be referred to as AML/CFT programs, BSA/AML officers will be referred to as AML/CFT officers, and so forth.
The proposed rule, if adopted without changes, would require credit unions to have a written AML/CFT program that addresses several components, such as having a system of internal controls, providing ongoing employee training, conducting independent testing, having one or more AML/CFT Officers, and conducting ongoing customer due diligence. According to the proposed rule, each credit union would be expected to have a written AML/CFT program that was approved by their board of directors, including receiving board approval of each component of the program.
This proposed rule would also impose a new regulatory requirement – under the proposal, credit unions would be required to conduct an AML/CFT risk assessment. Until now, risk assessments were generally viewed as a necessary exercise, but one which was not technically required by federal laws and regulations. Instead, risk assessments were considered to be a “best practice” or an examiner expectation. If the proposed rule is adopted, all credit unions would be required to conduct a risk assessment which considers FinCEN’s AML/CFT National Priorities, and which also reviews the credit union’s products, services, customers, geographic locations, distribution channels and intermediaries. The proposed rule would also require the risk assessment to be updated whenever there is a “material change” to the credit union’s money laundering or terrorist financing risks.
Shortly after FinCEN published the proposed rule, the federal functional regulators – including the National Credit Union Administration (NCUA) – issued an interagency statement. The statement declares that the federal financial regulators are supportive of FinCEN’s efforts to implement the AMLA, and that they plan to adjust their agency-specific BSA requirements to align with FinCEN’s requirements and create one unified standard for all financial institutions.
Other Rulemakings
Yesterday, FinCEN announced two new final rules. One of the new rules will require SEC-registered “investment advisers” to comply with AML/CFT requirements. The other rule would require reporting of non-financed transfers of real estate to trusts or other legal entities.
Other Developments
In addition to the developments discussed above, FinCEN also recently published the following guidance:
- Supplemental Advisory on the Illicit Procurement of Fentanyl Precursor Chemicals and Manufacturing Equipment;
- Supplemental Alert on Israel Extremist Violence in the West Bank;
- Notice on Timeshare Fraud Associated with Mexico-Based Transnational Criminal Organizations.
America’s Credit Unions will continue to monitor activity from FinCEN and will update readers of the Compliance Blog as developments occur.