The Financial Crimes Enforcement Network (“FinCEN”) issued a long anticipated second list of Frequently Asked Questions (“FAQs”) on April 3, 2018. These FAQs address some but not all of the financial industries’ concerns relating to the implementation of the Customer Due Diligence Requirements for Financial Institutions (“CDD Rule”). The final deadline for implementation is May 11, 2018.

Below are some highlights from the FAQs. For complete information, please click here for FinCEN Guidance FIN-2018-G001.

Question 2: Interaction of the beneficial ownership threshold with other AML program obligations

“Are there circumstances where covered financial institutions should consider collecting beneficial ownership information at a lower equity interest threshold under the anti-money laundering (AML) program rules with regard to certain customers?”

Answer: Yes – based on an institution’s own assessment of risk relating to customers, there may be times where collection and verification of beneficial ownership information may be warranted at a lower threshold.

Question 3: Collection of beneficial ownership information for direct and indirect owners: legal entity customers with complex ownership structures

“When a legal entity is identified as owning 25 percent or more of a legal entity customer that is opening an account, is it necessary for a covered financial institution to request beneficial ownership information on the legal entity identified as an owner?”

Answer: There is no need for a covered financial institution to independently investigate a legal entity customer’s ownership structure, UNLESS there is knowledge of some information that would reasonably call into question the reliability of the information. Barring the additional information, an institution is allowed to accept and reasonably rely on beneficial owner information supplied by the legal entity customers.

Question 6: Identification and verification: legal entity customer representative

“What process should a covered financial institution use to identify and verify the identity of a beneficial owner of a legal entity customer when the beneficial owner is unavailable to appear in person during the opening of a new account and chooses to provide to the legal entity’s representative a copy of a driver’s license?”

Answer: Institutions may identify the beneficial owner(s) of legal entity customers either through obtaining a Certification Form or equivalent information from a legal entity customer’s representative, provided there is no additional information that would reasonably call into question the reliability of the information. Institutions can also verify identities of beneficial owners who do not appear in person through a photocopy/other reproduction of a valid ID.

Question 7: Identification and verification: existing customers as beneficial owner of new legal entity customer accounts “If an individual named as a beneficial owner of a new legal entity account is an existing customer of the covered financial institution subject to the financial institutions CIP, is a covered financial institution still required to identify and verify the identity of this individual, or may it rely on the CIP identification and verification of the individual that it previously performed?” Answer: If an identified beneficial owner is an existing customer of the institution and is subject to CIP, the institution may rely on information in its possession to fulfill the identification and verification requirements. Information must be current, accurate and certified/confirmed by the legal entity customer’s representative (verbally or in writing).

Question 9: Retention of beneficial ownership information: multiple sets of beneficial ownership certification documents

“If a covered financial institution has updated the beneficial ownership information on the account(s) of a legal entity customer, and subsequently a new account is opened on behalf of the same legal entity customer, is the institution required to retain all sets of beneficial ownership documentation, thereby retaining up to three sets of information: the original set collected at account opening, the updated set, and a third, a duplicate of the second (updated) set for the new account?”

Answer: Institutions are required to retain ALL beneficial ownership information gathered about a legal entity customer. Institutions should maintain the original records of any pre-existing identifying beneficial ownership information, along with any updated information (including records of any additional verbal or written confirmations), until five years after the closing of the new account in order to comply with the recordkeeping requirements in the regulation.

Question 10: Identification and verification: certification when a single legal entity customer opens multiple accounts

“If a legal entity customer opens multiple accounts at a covered financial institution (whether or not simultaneously), must the financial institution identify and verify the customer’s beneficial ownership for each account?”

Answer: Institutions that have already obtained a Certifications Form (or its equivalent) for the beneficial owner(s) of the legal entity customer may rely on that information for opening subsequent accounts, provided there is no information available that would reasonably call into question the reliability of the information. The customer must certify/confirm (verbally or in writing) that the information is current and accurate for each subsequent account. Question 11: Identification and verification: accounts for internal recordkeeping or operational purposes “FinCEN understands that after a covered financial institution (particularly in the securities and futures industries) opens a new account for a legal entity customer and identifies its beneficial ownership, the financial institution may subsequently open one or more additional accounts or subaccounts for that customer – for the institution’s own recordkeeping or operational purposes and not at the customer’s specific request – so that the customer may, for example invest in particular products or implement particular trading strategies. Would such accounts fall within the definition of “new accounts” for purposes of the beneficial ownership requirement?”

Answer: Accounts or subaccounts relating to legal entity customers will not be considered a “new account” or an “account” for purposes of the CDD Rule when created for the institutions own administrative/operational purposes (i.e., not at the customer’s request). This is dependent, however, on the institution having already collected beneficial ownership information on the legal entity customer.

Question 12: Collection of beneficial ownership information: product or service renewals “Are financial institutions required to have their legal entity customers certify the beneficial owners for existing customers during the course of a financial product renewal (e.g., a loan renewal or certificate of deposit)?”

Answer: A formal banking relationship and a new account are established each time a loan is renewed or a certificate of deposit is rolled over. However, if the financial service or product remains the same, the legal entity customer certifies/confirms that the beneficial ownership information is current and accurate, and there is no other information that would call into question the facts on hand, an institution is not required to collect beneficial ownership information again.

Question 13: Collection of beneficial ownership information: existing accounts

“Are covered financial institutions required to collect or update beneficial ownership information on customers with accounts opened prior to May 11, 2018, the Rule’s applicability date?”

Answer: For accounts established before May 11, 2018, the obligation is triggered when a financial institution becomes aware of information about the customer during the course of normal monitoring relevant to assessing the risk posed by the customer, and such information indicates a possible change of beneficial ownership.

Question 14: Obligation to solicit or update beneficial ownership information absent specific risk-based concerns

“Are covered financial institutions required to obtain or update beneficial ownership information during routine periodic reviews of existing accounts, absent risk-based concerns; that is, are such reviews a trigger for the application of the Rule’s beneficial ownership requirements?”

Answer: There is no obligation to update beneficial ownership information during regular/periodic reviews absent specific risk-based concerns. Institutions must implement ongoing, risk-based customer due diligence procedures to, among other things, maintain and update customer information. As such, periodic reviews alone are not triggers to update beneficial ownership information.

Question 17: Beneficial ownership information: identifying and verifying at account opening compared to updating after a risk-related trigger

“Does FinCEN distinguish between the requirements for identifying and verifying beneficial owner information at the time of a new account opening and at the time of a triggering event?”

Answer: No. If a triggering event results in a finding that beneficial ownership may have changed, the identity of any new beneficial owner(s) must be collected, certified and verified, consistent with CFR section 1010.230(b).

Question 19: Collection of beneficial ownership information: trusts with multiple trustees “When 25 percent or more of the equity interests of a legal entity customer are owned by a trust that is overseen by co-trustees (multiple trustees), are covered financial institutions required to identify and verify the identity of all co-trustees?”

Answer: No. When there are multiple trustees/co-trustees, financial institutions are expected to collect and verify the identity of at least one co-trustee of a multi-trustee trust who owns 25% or more of the equity interests of a legal entity customer (that is not subject to an exclusion).

Question 20: Collection of beneficial ownership information: trustee entity as a beneficial owner “If a legal entity is the trustee (e.g., law firm, bank trust department, etc.) of a trust that owns 25 percent or more of the equity interests of a legal entity customer, can that entity be identified as a beneficial owner under the ownership/equity prong or does a natural person need to be so identified?”

Answer: If a trust owns 25% or more of the equity interests of a legal entity customer (directly or indirectly), the beneficial owner for purposes of the ownership/equity prong is the trustee. This is true regardless of whether the trustee is a natural person or a legal entity.

Question 24: Definition of legal entity customer: Publicly traded companies and entities listed on foreign exchanges “Are companies publicly traded in the United States and entities listed on foreign exchanges excluded from the definition of legal entity customer and, therefore, excluded by the Rule?” Answer: Publically traded companies in the U.S. are excluded from the definition of legal entity customer (NYSE, NYSE American, or NASDAQ listed), because they are subject to public disclosure/reporting requirements that provide information similar to what would be collected under the CDD Rule. Companies listed on foreign exchanges are NOT excluded from the definition of legal entity customer because they may not be subject to the same disclosure/reporting requirements as their U.S. counterparts. As such, the beneficial ownership requirements of the CDD Rule are applicable to entities listed on foreign exchanges.

Question 25: Collection of beneficial ownership information: legal entities listed on foreign exchanges

“May covered financial institutions take a risk-based approach for collecting beneficial ownership information from legal entity customers listed on foreign exchanges?”

Answer: Institutions may NOT take a risk-based approach to collecting required beneficial ownership information from legal entity customers that are listed on foreign exchanges. Such institutions are not excluded from the definition of legal entity customer.

Question 35: Documenting nature and purpose of customer relationship on a risk-basis

“The Rule requires financial institutions to understand ‘the nature and purpose of customer relationships to develop a customer risk profile.’ What type of information should financial institutions collect to satisfy this requirement and may the documentation of the nature and purpose of a customer relationship be made on a risk-basis?” Answer: For certain lower-risk customers an institution’s understanding of the nature and purpose of a customer relationship can be developed by inherent or self-evident information (i.e., type of customer, account, service, or product), or other basic information about the customer including information obtained at account opening.

Firms should carefully review the FinCEN FAQs and answers in their entirety. The guidance provided should be considered during the implementation of the new Customer Due Diligence Rule with regards to Firms’ AML programs.