On July 30, 2014, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued proposed regulations seeking to clarify and strengthen the customer due diligence obligations of certain types of financial institutions aimed at preventing money laundering in the U.S. financial sector.1 The proposed regulations would apply to banks, securities broker-dealers, mutual funds, futures commission merchants and introducing brokers in commodities (which are referred to as “covered financial institutions”).2
One of the proposals is to amend the existing Bank Secrecy Act regulations to require covered financial institutions to identify the natural persons who own, control, and profit from legal entity customers serviced by covered financial institutions. This new “beneficial ownership” requirement, coupled with the proposed enhancements to its anti-money laundering (AML) rule, is intended to help FinCEN track down the individuals behind anonymous companies that use the U.S. financial sector to launder illicit gains from illegal activity.
Four Key Elements of Customer Due Diligence
The proposed beneficial ownership requirement is one of four key elements identified by FinCEN as comprising the minimum standard of customer due diligence to be conducted under a covered financial institution’s AML program:
- identifying and verifying the identity of customers;
- identifying and verifying the identity of beneficial owners of legal entity customers (i.e., the natural persons who own or control legal entities);
- understanding the nature and purpose of customer relationships; and
- conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.
FinCEN’s proposed regulations would amend FinCEN’s existing rules so that each of these four elements is explicitly referenced in a corresponding requirement within FinCEN’s AML program rules. FinCEN notes that the first element is already satisfied by existing customer identification program (CIP) requirements. Accordingly, the rule changes proposed by FinCEN, which are described in greater detail below, relate to the other three elements.
Identifying and Verifying Beneficial Owners of Legal Entity Customers (Element 2)
Beneficial Owners. FinCEN proposes a two prong definition of “beneficial owner” for the purposes of identifying the natural persons who own or control legal entities.
- Under the ownership prong of the proposed rule, each individual who owns 25% or more of the equity interests in the covered financial institution’s legal entity customer is a beneficial owner.
- Under the control prong, an individual with significant responsibility to control, manage, or direct a legal entity customer, such as an executive officer, senior manager, or any other individual who performs similar functions, must be identified as a beneficial owner.
Up to four individuals can be identified under the ownership prong and at least one individual must be identified under the control prong.3 The same individual may be identified as a beneficial owner under both prongs.
FinCEN acknowledges that identifying which individuals own, directly or indirectly, 25% or more of the equity interests of a legal entity customer may not be easy, noting that the process may require several intermediate analytical steps (e.g., piercing the corporate veil, perhaps at multiple levels) before a natural person can be identified. FinCEN does not expect covered financial institutions to undergo complicated and exhaustive analysis to confirm with legal certainty that an individual is in fact the beneficial owner. Instead, a covered financial institution would be able to rely generally on the representations provided by their customers concerning the status of such individuals (as provided in the standard certification form described below). However, a covered financial institution will need to implement risk-based procedures that comply with CIP requirements to verify the identity of customers who are natural persons. In addition, a covered financial institution must include procedures for responding to circumstances in which it cannot form a reasonable belief that it knows the true identity of the beneficial owner, as required under current CIP rules.
Legal Entity Customers. The proposed definition of “legal entity customers” includes corporations, limited liability companies, partnerships and other business entities (whether domestic or foreign) that open a new account4 with a covered financial institution after the implementation date of these proposed regulations. The definition does not include trusts, other than those created through a state filing (e.g., statutory business trusts). FinCEN has proposed to exempt from the beneficial ownership requirement all entities that are currently exempt from complying with CIP requirements. These include entities whose beneficial ownership is generally available from other credible resources, such as publicly traded companies, majority-owned domestic subsidiaries of publicly traded companies, registered investment companies, registered investment advisers, exchanges and clearing agencies, other SEC-registered entities, commodity pool operators, commodity trading advisors, retail foreign exchange dealers, registered swap dealers, major swap participants, public accounting firms, and certain charities and non-profits.
Intermediated Account Relationships. FinCEN notes in its proposal that a covered financial institution would not be required to identify the beneficial owners of an intermediary’s own underlying clients if the covered financial institution has no CIP obligation under existing guidance with respect to those underlying clients. Covered financial institutions would only need to identify the beneficial owners of the intermediary (i.e., the direct customer). For example, when a broker-dealer establishes an omnibus account for an investment adviser that, in turn, establishes sub-accounts for its clients, the broker-dealer would need to identify the beneficial owners of the investment adviser, but not the sub-account holders or their beneficial owners. FinCEN noted, however, that consistent with the other elements of customer due diligence, a covered financial institution’s AML program should contain risk-based policies, procedures and controls for assessing the money laundering risk posed by underlying clients of a financial intermediary, as well as monitoring and mitigating that risk and reporting suspicious activity.5
Standard Certification Form. FinCEN included a standard certification form in Appendix A to the proposed regulations that would standardize the collection of beneficial ownership information and permit reliance on the information provided. Under the proposed regulations, covered financial institutions would be required to obtain the information on the form from legal entity customers at the time a new account is opened. Legal entity customers would be required to certify that the information provided on the form is true and accurate to the best of their knowledge. Although covered financial institutions would not be required to update or refresh this information periodically, FinCEN noted that covered financial institutions should keep customer due diligence information, including beneficial ownership information, as current as possible and that it should be updated as appropriate if risks are identified (e.g., if a customer is identified as having engaged in suspicious activity or triggering a red flag).
Reliance on Other Financial Information. In response to comments, FinCEN has proposed extending the CIP reliance provisions to the beneficial ownership requirement. In general, a covered financial institution may rely upon the CIP conducted by another financial institution with respect to a shared customer if: (i) such reliance is reasonable; (ii) the other financial institution is subject to an AML program rule and is regulated by a federal functional regulator; and (iii) the other financial institution enters into a contract and provides annual certifications regarding its AML program and CIP requirements. The proposed rule would permit the same reliance with respect to the beneficial ownership requirement if the same three conditions are met.
Amendments to AML Program Requirements (Elements 3 and 4)
With respect to the third and fourth elements of customer due diligence, FinCEN proposes amending its AML program rules to require explicitly that covered financial institutions (i) understand the nature and purpose of customer relationships for the purpose of developing a customer risk profile and (ii) conduct ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.
Understanding the Nature and Purpose of Customer Relationships. In response to industry concerns, FinCEN notes that this third element does not require modifications to existing practices or customer onboarding procedures aimed at gaining a better understanding of customer activity that might be considered suspicious. Further, FinCEN does not expect covered financial institutions to collect any information from its customers that it does not already collect. FinCEN states that the amendment to the AML program rule that incorporates this element is intended solely to clarify existing expectations that covered financial institutions understand customer relationships for the purpose of identifying suspicious transactions and developing customer risk profiles.
Ongoing Monitoring. FinCEN notes that it does not expect this fourth element to require any change to a covered financial institution’s current suspicious activity reporting procedures or AML program. The amendment to the AML program rule that incorporates this element is intended solely to codify these supervisory and regulatory expectations as explicit requirements within FinCEN’s AML program and to make clear that the minimum standards of customer due diligence include ongoing monitoring of all transactions by, at, or through the covered financial institution. As with the beneficial ownership requirement, the fourth element does not impose a categorical requirement that a covered financial institution periodically update or refresh customer information obtained during the opening process. Rather, when in the course of monitoring, a covered financial institution becomes aware of information relevant to assessing the risk posed by a customer, the covered financial institution is expected to update the customer’s relevant information as part of its monitoring obligation.
Rule Timing and Effective Date
Although FinCEN does not believe incorporating the third and fourth elements into a covered financial institution’s AML program will require any additional activities or operations beyond updating written policies and procedures, FinCEN recognizes that covered financial institutions will need to modify their existing customer onboarding processes to incorporate the beneficial ownership requirement. As a result, FinCEN has proposed an effective date of one year from the date the final rule is issued. Written comments in response to the proposed regulations must be received by FinCEN on or before October 3, 2014.
The FinCEN Notice of Proposed Rulemaking described in this alert may be viewed at http://www.gpo.gov/fdsys/pkg/FR-2014-08-04/pdf/2014-18036.pdf.