The Cannabis Banking Guidance from California’s Department of Business Oversight (DBO) offers California-chartered financial institutions serving cannabis-related businesses assurances that the DBO will not bring enforcement actions based solely on such relationships.

The guidance also offers suggestions for banks, in the form of a questionnaire, on the compliance requirements of the Bank Secrecy Act (BSA) and the 2014 guidance by the Financial Crimes Enforcement Network (FinCEN) on cannabis banking. Obviously, the guidance does not change the federal law. As a result, California-chartered financial institutions remain at risk of potential enforcement action by their federal regulators. However, the guidance offers a comprehensive compliance framework for financial institutions and demonstrates that there is momentum around finding a workable solution to effectively provide banking services to cannabis-related businesses.

What happened

Following the 2018 passage of Proposition 64 in California, state-legal cannabis businesses have proliferated but face challenges in obtaining banking services. According to the DBO, a growing number of California-chartered banks and credit unions are beginning to establish relationships with cannabis-related businesses, leading to the new DBO guidance.

Perhaps the most noteworthy element of the guidance is that the DBO confirmed it will not bring enforcement action against institutions solely because they provide services to legitimate cannabis businesses. “The DBO will not bring regulatory actions against state-chartered banks or credit unions solely for establishing a banking relationship with licensed cannabis businesses,” the regulator said. “[H]owever, the DBO expects all financial institutions to comply with FinCEN’s BSA expectations, including the FinCEN guidance and priorities set forth in the Cole Memo, and identify, evaluate and manage risks appropriately.”

“This guidance is part of the DBO’s continued effort to support banks and credit unions that serve cannabis-related businesses in California and is intended to help financial institutions make appropriate risk assessments,” according to Manuel P. Alvarez, DBO commissioner. “By making this questionnaire available to licensees, the DBO hopes it will serve as an additional resource for banks and credit unions as they roll out their cannabis banking programs.”

The questionnaire tracks the FinCEN guidance, highlighting BSA compliance and governance policies that banks and credit unions should have in place, such as on customer due diligence, ongoing monitoring and Suspicious Activity Report (SAR) filing requirements, and identification of potential red flags.

It also refers financial institutions to the Cole Memorandum, a Department of Justice document rescinded in 2018 as well as a document issued in August by the Conference of State Bank Supervisors that is intended to aid bank examiners with examinations of institutions that may be providing banking services to cannabis-related businesses.

It also reminds financial institutions that they should have appropriate board-approved policies and procedures for how to handle marijuana accounts, including conducting site inspections, and how management will handle accounts that do not meet policy requirements.

Importantly, the questionnaire reminds financial institutions that the board, senior management and employees should receive sufficient training on marijuana-related BSA risks.

The guidance also emphasizes the need for conducting adequate due diligence on each marijuana-related business (MRB) account—including verifying the company’s license through the state licensing portal and establishing an understanding of the normal and expected activity for the business.

Monitoring to spot red flags—such as whether the MRB engages in rapid movement of funds (such as cash deposits followed by immediate cash withdrawals), receives substantially more revenue than may reasonably be expected given the relevant limitations imposed by the state in which it operates or submits financial statements that are inconsistent with actual account activity—should be a priority for financial institutions working with cannabis-related businesses.

Finally, the guidance reiterated the need to file SARs: either a “Marijuana Limited” based on customer due diligence that the MRB doesn’t implicate the Cole Memo priorities or violate state law or, in the alternative, a “Marijuana Priority” SAR, to be used when the financial institution detects changes in activity that potentially implicate one of the priorities or violate state law.

To read the DBO’s guidance, click here.

Why it matters

While the guidance for California-chartered banks and credit unions certainly will be helpful in developing a robust compliance program, the promise to refrain from enforcement action based solely on a bank’s relationship with a cannabis-related business will likely be the highlight of the guidance for financial institutions. Until there is a final resolution at the federal level, however—such as congressional passage and enactment into law of the SAFE Banking Act of 2019—financial institutions still may be reluctant to provide banking services to legitimate cannabis-related businesses.