Bank Secrecy Act (BSA)

On October 3, 2018, the Financial Crimes Enforcement Network (FinCEN), the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), and the Office of the Comptroller of the Currency (OCC) (collectively, “the Agencies”) issued a statement addressing instances in which banks can collaborate with each other and share resources to manage their Bank Secrecy Act (BSA) and anti-money laundering (AML) obligations more efficiently and effectively. This may involve pooling human, technology, or other resources to reduce costs, increase efficiency, and leverage specialized expertise. The statement indicates that such collaborative arrangements are generally are most suitable for community banks with simple operations and lower risk for money laundering and terrorist financing. The statement does not apply to collaborative arrangements for the purpose of sharing information under Section 314(b) of the USA PATRIOT Act.

The statement provides several non-exhaustive examples of how banks may collaborate:

Internal Controls

Two or more banks may share resources to conduct internal control functions such as: (1) reviewing, updating, and drafting BSA/AML policies and procedures; (2) reviewing and developing risk-based customer identification and account monitoring processes; and (3) tailoring monitoring systems and reports for the risks posed.

Independent Testing

Personnel at one bank may be used to conduct the BSA/AML independent test at another bank within a collaborative arrangement.

BSA/AML Training

A collaborative arrangement may allow for the hiring of a qualified instructor to conduct the BSA/AML training across multiple banks.

In certain instances it may not be appropriate to share resources under a collaborative arrangement. For instance, it may not be appropriate for banks to share a BSA officer due to the confidential nature of SARs filed and the potential impact on the ability of the BSA officer to effectively manage each bank’s daily BSA/AML compliance.  Further, banks should be careful when considering entering into arrangements due to potential privacy concerns, regulatory requirements specific to third parties, oversight issues, and more. Any arrangement should be documented with a contract and evaluated on a periodic basis. It is also important that banks tailor any agreements to meet their specific risk profile for money laundering and terrorist financing. Finally, each bank remains individually responsible for ensuring compliance with BSA requirements.

The statement appears to reflect an acknowledgement by regulators of the increasing amount of financial and human resources that banks are obligated to invest in AML compliance and the growing dichotomy in the ability of large versus smaller banks to maintain complex AML programs.

Practical Considerations

Banks considering such arrangements may wish to consider incorporating into these agreements other types of collaboration allowed by BSA rules. For example, although the statement does not govern sharing under Section 314(b) of the USA PATRIOT Act, such arrangements could be combined with section 314(b) relationships where appropriate to help banks improve the quality of their SAR reporting. Likewise, banks have the option under BSA rules to enter into agreements to rely on other banks to perform customer identification and collect beneficial ownership information on shared customers, which could be combined with the new collaborative arrangements.

Of course, banks should be careful when entering into such arrangements to ensure regulatory and other concerns are met. Any collaborative arrangement should be fully documented, reviewed periodically, and commensurate with the banks’ risk profiles.

 

Finally, the statement encourages banks to engage with their primary federal regulators when first considering collaborative arrangements to ensure that regulators understand the nature and extent of the proposed collaboration and have an opportunity to provide feedback.

On September 28, 2018, the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, and Office of the Comptroller of the Currency (collectively the Federal Banking Agencies or FBAs), with the concurrence of the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), issued an interagency order (the Order) exempting premium finance lenders from the requirements of the customer identification program (CIP) rules imposed by the Bank Secrecy Act (BSA). The exemption applies to banks and their subsidiaries subject to the FBAs’ jurisdiction who offer loans to commercial customers (i.e., corporations, partnerships, sole proprietorships, and trusts) to facilitate purchases of property and casualty insurance policies (herein referred to as premium finance loans or premium finance lending). The FBAs based their exemption on FinCEN’s conclusion that certain structural aspects of such loans make them a low risk for money laundering or terrorist financing, and also on their conclusion that such lending did not present a safety or soundness issue.

The structural aspects of these loans that make them low risk include (1) the fact that loan proceeds typically are remitted to the insurance company directly or through a broker or agent, and not to the borrower; (2) property and casualty insurance policies have no investment value; and (3) borrowers cannot use these accounts to purchase other merchandise, deposit or withdraw cash, write checks, or transfer funds.

The FBAs found no safety and soundness issue because: (1) in the event of default by the borrower, the insurance company is legally obligated to return unearned premiums to the lender; and (2) most bank-affiliated lenders will finance premiums only for insurance issued by creditworthy insurers.

The order builds on FinCEN’s previous determination, in its 2016 customer due diligence rule, to exempt premium finance accounts from the requirement to collect beneficial ownership information on legal entity customers based on the low money laundering risk associated with such lending. The continued application of CIP requirements to banks and bank-affiliated premium finance companies for such accounts despite FinCEN’s finding of negligible money laundering risk put these companies at a competitive disadvantage against non-bank affiliated premium finance lenders that are not subject to regulation under the BSA. In particular, such entities are not required to obtain and verify customer identifying information such as social security numbers, allowing them to process loan requests more quickly and less intrusively.  This led a consortium of bank-affiliated premium finance lenders to petition FinCEN for a change in the rules to harmonize its approach to this issue across both CIP and beneficial ownership rules. Although it took the FBAs more than two years to respond to this request with an exemption, it shows a welcome and thoughtful flexibility in the administration of the BSA and related AML rules that could provide a useful model in other contexts. It also appears to represent only the second time that a categorical exemption to CIP rules has been granted. (FinCEN previously granted an exemption for certain state address confidentiality programs).

Practical Considerations

The exemption applies only to CIP requirements, and banks must continue to comply with various other BSA requirements for such accounts, including the requirement to file suspicious activity reports (SARs). Accordingly, although their obligations will be easier than for typical accounts, banks should continue to provide in their AML programs for the collection of basic information as needed to establish a customer risk profile, to understand the nature and purpose of such accounts, and to update customer information on a risk-basis, so as to allow them to file SARs or take other action when necessary. Automated commercial diligence services likely will be helpful in this regard.

 

 

On September 7, 2018, the Financial Crimes Enforcement Network (FinCEN) granted exceptive relief to “covered financial institutions”—banks, broker-dealers, mutual funds, and introducing brokers in commodities—from the requirement to identify and verify the identity of the beneficial owner(s) of their legal entity customers when those customers open a new account as a result of the following:

  • A rollover of a certificate of deposit (CD).
  • A renewal, modification, or extension of a loan (e.g., setting a later payoff date) that does not require underwriting review and approval.
  • A renewal, modification, or extension of a commercial line of credit or credit card account (e.g., a later payoff date is set) that does not require underwriting review and approval.
  • A renewal of a safe deposit box rental.

This exceptive relief applies only to the rollover, renewal, modification, or extension of any of these types of accounts on or after May 11, 2018 (the date on which covered financial institutions became obligated to collect and verify beneficial ownership information), and does not apply to the initial opening of such accounts. The exceptive relief does not affect the other obligations that covered financial institutions have under the Bank Secrecy Act (BSA) and its implementing regulations with respect to such accounts. This includes, in particular, the obligation that covered financial institutions have to understand the “nature and purpose” of customer relationships, and to “conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.”

For more information, please see Crowell’s Client Alert.

 

 

 

On April 19, Crowell & Moring’s International Trade Attorneys hosted a webinar on “Trade in 2018 – What’s Ahead?”

Please click here to register and view the webinar on demand.

Summary

From the Section 232 national security tariffs on steel and aluminum imports to the ongoing NAFTA re-negotiation, the Trump administration is seeking to implement significant changes in international trade policy and enforcement. Economic sanctions on Russia continue to expand, the future is far from clear regarding Iran, and perhaps North Korea is coming into focus. A new Asia trade agreement without the United States, and a bumpy road ahead for Brexit all make for uncertainty and the need for enhanced trade risk management. Join us as we identify the international trade risks and opportunities likely to continue and grow in 2018.

Our Crowell & Moring team discussed predictions for the remainder of the year, with cross-border insights from our practitioners in the U.S., London, and Brussels. Topics included likely trends and issues in the U.S. and EU including:

  • Trade policy developments: Section 232, NAFTA renegotiation, and trade remedies
  • Sanctions in Year Two of the Trump Administration: Russia, Iran, North Korea, and beyond
  • Anti-money laundering (AML) and beneficial ownership
  • Supply chain risk management: blockchain, forced labor, the U.K. Modern Slavery Act, and GDPR
  • Europe: Brexit, the EU’s 4th AML Directive, and the EU/U.K. AML enforcement
  • CFIUS: how significant is the new legislation?
  • Export controls: Wither reform?
  • Import and customs

On February 15, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), in coordination with the Office of the Comptroller of the Currency (OCC), and the U.S. Department of Justice (DOJ), announced the assessment of a $185 million civil money penalty against U.S. Bank for willful violations of several provisions of the Bank Secrecy Act (BSA).

According to FinCEN’s press release, since 2011, U.S. Bank willfully violated the BSA’s program and reporting requirements by failing to establish and implement an adequate anti-money laundering program (AML), failing to report suspicious activity, and failing to adequately report currency transactions.

Banks are required to conduct risk-based monitoring to sift through transactions and to alert staff to potentially suspicious activity. Instead of this, U.S. Bank:

  • Capped the number of alerts its automated transaction monitoring system would generate to identify only a predetermined number of transactions for further investigation, without regard for the legitimate alerts that would be lost due to the cap.
  • Systemically and continually devoted an inadequate amount of resources to its AML program.
    • Internal testing by U.S. Bank showed that alert capping caused it to fail to investigate and report thousands of suspicious transactions.
    • It also allowed, and failed to monitor, non-customers conducting millions of dollars of risky currency transfers at its branches through a large money transmitter.
    • In addition, the bank filed over 5,000 Currency Transaction Reports (CTRs) with incomplete or inaccurate information, impeding law enforcement’s ability to identify and track potentially unlawful behavior.

U.S. Bank also had an inadequate process to handle high-risk customers. As a result:

  • Customers whom the bank identified or should have identified as high-risk were free to conduct transactions through the bank, with little or no bank oversight.
  • By not having an adequate process in place to address high-risk customers, U.S. Bank failed to appropriately analyze or report the illicit financial risks of its customer base.

FinCEN noted these failures precluded the bank from addressing the risks that such customers posed, which included not filing timely suspicious activity reports (SAR) used by law enforcement investigators to recognize and to pursue financial criminals.