On August 4 2014 the Financial Crimes Enforcement Network (FinCEN) published a notice of proposed rulemaking in the Federal Register pertaining to the development of customer due diligence requirements that would apply to banks (including branches and agencies of foreign banks in the United States), broker dealers, mutual funds and futures commission merchants and introducing brokers in commodities (known collectively as 'covered financial institutions').(1) The proposed rule focuses on what FinCEN describes as the four core elements of customer due diligence. The most notable of these is a requirement for covered financial institutions to identify and verify the identity of beneficial owners of clients that are legal entities, subject to certain exemptions. The other three core elements addressed by the proposed rule are:
- identifying and verifying the identity of customers (already required by FinCEN regulation);
- understanding the nature and purpose of customer relationships; and
- conducting ongoing monitoring of customer relationships.
FinCEN's view is that the latter two are implied in the requirement of covered financial institutions to identify suspicious activity and file reports thereon.
The proposed rule follows a March 2012 Advanced Notice of Proposed Rulemaking pertaining to enhanced customer due diligence requirements in which FinCEN outlined the same four core elements.(2) After publication of the advanced notice, FinCEN received approximately 90 comments and held five public hearings around the United States. The four core elements from the advanced notice remain the same in the proposed rule. However, based on feedback and outreach, FinCEN has taken a different approach to some of the core elements, especially with respect to the clarifying the beneficial ownership test.
Comments on the proposed rule are due no later than October 3 2014. The proposed rule will apply initially only to covered financial institutions, in large part due to the fact that the rules rely on customer identification programmes already in place at these covered financial institutions. However, FinCEN notes that it may consider expanding the proposed rule in the future to apply to other financial institutions not currently subject to customer identification programmes (eg, money services businesses, including providers of prepaid access, casinos, insurance companies and other entities subject to FinCEN regulation).
This update outlines the basic requirements of the proposed rule and highlights some of the issues regarding those requirements on which FinCEN has solicited comments. Financial institutions that are, or could potentially be, covered by the proposed rule should review their existing customer identification programmes and anti-money laundering policies and procedures to assess whether existing business practices and compliance programmes would enable them to meet the elements of the proposed rule.
The first element of customer due diligence set out by FinCEN in the proposed rule is the identification of customers and verification of customer identity by a covered financial institution. FinCEN notes that this requirement is addressed in existing customer identification programmes regulations applicable to covered financial institutions. Therefore, the proposed rule does not contain any further requirements concerning this element of customer due diligence.
Beneficial owners of legal entity customers
The second element of customer due diligence in the proposed rule requires covered financial institutions to identify and verify the identity of beneficial owners of legal entity customers. Existing FinCEN regulations require that covered financial institutions take reasonable steps to identify beneficial owners only in two limited situations; thus, this element of the proposed rule would impose a new regulatory obligation on covered financial institutions.(3)
As with the advanced notice, the proposed rule contains a definition of 'beneficial owner' that consists of two prongs:
- the ownership prong; and
- the control prong.
In an effort to clarify the requirements of the definition and provide flexibility to covered financial institutions, FinCEN has simplified the definition by creating bright-line rules for each prong, rather than the more subjective comparative analysis discussed in the advanced notice.
The ownership prong requires identification of each individual who, directly or indirectly (including through intermediate holding companies), owns 25% or more of the equity interests of a legal entity customer.(4) This prong requires identification of no more than four individuals. If no individual meets the 25% threshold, no individuals need to be identified. The control prong requires identification of one individual with significant responsibility to control, manage or direct a legal entity customer, including:
- an executive officer or senior manager (eg, a chief executive officer, chief financial officer, chief operating officer, managing member, general partner, president, vice president or treasurer); or
- any other individual who regularly performs similar functions.
In cases where an individual satisfies the requirements of both the ownership and control prongs, the same individual could be identified under both prongs.
The advanced notice includes no discussion of a proposed definition of 'legal entity customers'. The proposed rule defines 'legal entity customers' to include corporations, limited liability companies, partnerships or other similar business entities (whether formed under the laws of a state or of the United States or a foreign jurisdiction) that open a new account, meaning that the obligation would apply only after the regulations become effective and not retroactively to existing account holders. This would include all entities that are formed by a filing with the secretary of state or other similar office in any jurisdiction, as well as general partnerships and unincorporated non-profit associations, but would exclude trusts not formed through a filing.
The proposed rule will also create an exemption for certain entities from the beneficial ownership requirements. The first set of exempt entities includes those that are exempt from customer identification programme requirements under the existing regulations, for example:
- financial institutions regulated by a federal functional regulator (ie, federally regulated banks, broker dealers, mutual funds, futures commission merchants and introducing brokers in commodities);
- publicly held companies traded on certain US stock exchanges;
- domestic government agencies; and
- instrumentalities and certain legal entities that exercise governmental authority.
FinCEN has also proposed creating exemptions for entities that meet certain registration requirements and for which information is available from other credible sources, such as through public filings made with the Securities and Exchange Commission (SEC).(5) Notably, FinCEN has not yet determined whether to extend the exemption to non-exempt pooled investment vehicles that are operated or advised by financial institutions where the financial institutions themselves would be exempt.(6) If these investment vehicles are not exempt, FinCEN will consider whether it would be a reasonable approach to require identification of beneficial owners only under the control prongs. FinCEN has invited comments on these issues.
Of interest to issuers of prepaid cards and other financial institutions that hold assets in omnibus or other intermediated accounts, FinCEN has expressly stated that if the financial institution has no customer identification programme obligations with respect to the intermediary's underlying clients, the financial institution should treat the intermediary as the legal entity customer, not the intermediary's underlying clients. Existing FinCEN guidance related to customer identification programme practices applies in determining the financial institutions' beneficial ownership obligations in these circumstances. This aspect of the proposed rule derives from several comments that FinCEN received on the advanced notice, particularly from the securities and derivatives industries, cautioning that a contrary result would have significant detrimental consequences to the efficiency of the US financial markets because financial institutions would be required to modify longstanding practices.
FinCEN has proposed that a covered financial institution must satisfy the requirement to identify beneficial owners by obtaining, at the time a new account is opened, a standard certification form attached to the proposed rule (and also available in Appendix A). FinCEN expects covered financial institutions to rely generally on the representations of the customer when completing the certification.
The proposed rule would require covered financial institutions to verify the identity of beneficial owners of legal entity customers that open new accounts using their existing risk-based customer identification programme practices. In the advanced notice, FinCEN had considered requiring financial institutions to verify that individuals who are identified as beneficial owners are indeed beneficial owners. However, comments suggested that such a requirement would be prohibitively costly and impracticable in many circumstances. In response to these concerns, under the proposed rule, FinCEN does not impose this requirement and allows covered financial institutions to rely generally on the representations of their customers when answering questions about the individuals behind the entity, including the status of such individuals as beneficial owners.
Nature and purpose of customer relationships
The third element of customer due diligence set out in the proposed rule requires covered financial institutions to understand the nature and purpose of customer relationships. In the preamble to the proposed rule, FinCEN expressed the view that covered financial institutions already obtain information that allows them to understand the customer relationship, because such information is necessary to effectively satisfy the legal obligation to report suspicious activities, even in the absence of an explicit requirement. Therefore, FinCEN does not intend for this requirement necessarily to cause covered financial institutions to modify existing practices or customer onboarding procedures or ask new customers for a statement as to the nature and purpose of the relationship. In FinCEN's view, the proposed rule merely clarifies this necessary facet of an existing anti-money laundering requirement. The only changes to the existing regulations in the proposed rule to address this element of customer due diligence are modifications to FinCEN's anti-money laundering programme requirements for each type of covered financial institution, which would expressly state the need for financial institutions to understand customer relationships.(7)
The fourth element of customer due diligence requires covered financial institutions to conduct ongoing monitoring of customer relationships. As with the third element, FinCEN believes that financial institutions should already be conducting ongoing reviews of customer information under existing anti-money laundering guidance, as a matter of compliance with internal policies regarding the obligation to file suspicious activity reports. Once again, there is no express requirement in existing FinCEN regulations; thus, the proposed rule would amend the same anti-money laundering programme requirements to state explicitly that financial institutions must undertake ongoing monitoring efforts.
In addition to the aspects of the proposed rule, FinCEN has specifically asked for comments on certain issues. Some of the items for which FinCEN is soliciting input include whether:
- the beneficial ownership obligations should be broadened to apply retroactively with respect to legal entity customer accounts established before the new rule takes effect;
- financial institutions will be able to incorporate the proposed standard certification form for beneficial ownership identification into their account opening processes; and
- an effective date of one year from the issuance of a final rule is sufficient time to enable financial institutions to incorporate any necessary changes into their practices.
All comments on the proposed rule must be submitted to FinCEN on or before October 3 2014.
Joel D Feinberg, David E Teitelbaum, Stanley J Boris and Connie M Friesen
This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.