Self-Regulatory Organizations; Cboe BZX Exchange, Inc.; Notice of Filing and Immediate Effectiveness of a Proposed Rule Change To Reflect the Financial Crimes Enforcement Network's Adoption of a Final Rule on Customer Due Diligence Requirements for Financial Institutions, 69810-69812 [2019-27347]
Download as PDF
69810
Federal Register / Vol. 84, No. 244 / Thursday, December 19, 2019 / Notices
For the Commission, by the Division of
Trading and Markets, pursuant to delegated
authority.35
J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2019–27349 Filed 12–18–19; 8:45 am]
BILLING CODE 8011–01–P
SECURITIES AND EXCHANGE
COMMISSION
[Release No. 34–87745; File No. SR–
CboeBZX–2019–103
Self-Regulatory Organizations; Cboe
BZX Exchange, Inc.; Notice of Filing
and Immediate Effectiveness of a
Proposed Rule Change To Reflect the
Financial Crimes Enforcement
Network’s Adoption of a Final Rule on
Customer Due Diligence Requirements
for Financial Institutions
December 13, 2019.
Pursuant to Section 19(b)(1) of the
Securities Exchange Act of 1934 (the
‘‘Act’’),1 and Rule 19b–4 thereunder,2
notice is hereby given that on December
5, 2019, Cboe BZX Exchange, Inc. (the
‘‘Exchange’’ or ‘‘BZX’’) filed with the
Securities and Exchange Commission
(the ‘‘Commission’’) the proposed rule
change as described in Items I, II, and
III below, which Items have been
prepared by the Exchange. The
Exchange filed the proposal as a ‘‘noncontroversial’’ proposed rule change
pursuant to Section 19(b)(3)(A)(iii) of
the Act 3 and Rule 19b–4(f)(6)
thereunder.4 The Commission is
publishing this notice to solicit
comments on the proposed rule change
from interested persons.
lotter on DSKBCFDHB2PROD with NOTICES
I. Self-Regulatory Organization’s
Statement of the Terms of Substance of
the Proposed Rule Change
Cboe BZX Exchange, Inc. (‘‘BZX’’ or
the ‘‘Exchange’’) is filing with the
Securities and Exchange Commission
(the ‘‘Commission’’), the proposed rule
change as described in Items I, II, and
III below, which Items have been
prepared by the Exchange, to reflect the
Financial Crimes Enforcement
Network’s (‘‘FinCEN’’) adoption of a
final rule on Customer Due Diligence
Requirements for Financial Institutions
(‘‘CDD Rule’’). The text of the proposed
rule change is provided in Exhibit 5.
The text of the proposed rule change
is also available on the Exchange’s
website (https://markets.cboe.com/us/
equities/regulation/rule_filings/bzx/), at
the Exchange’s Office of the Secretary,
and at the Commission’s Public
Reference Room.
II. Self-Regulatory Organization’s
Statement of the Purpose of, and
Statutory Basis for, the Proposed Rule
Change
In its filing with the Commission, the
Exchange included statements
concerning the purpose of and basis for
the proposed rule change and discussed
any comments it received on the
proposed rule change. The text of these
statements may be examined at the
places specified in Item IV below. The
Exchange has prepared summaries, set
forth in sections A, B, and C below, of
the most significant aspects of such
statements.
A. Self-Regulatory Organization’s
Statement of the Purpose of, and
Statutory Basis for, the Proposed Rule
Change
1. Purpose
I. Background
The Bank Secrecy Act 5 (‘‘BSA’’),
among other things, requires financial
institutions,6 including broker-dealers,
to develop and implement AML
programs that, at a minimum, meet the
statutorily enumerated ‘‘four pillars.’’ 7
These four pillars currently require
broker-dealers to have written AML
programs that include, at a minimum:
• The establishment and
implementation of policies, procedures
and internal controls reasonably
designed to achieve compliance with
the applicable provisions of the BSA
and implementing regulations;
• independent testing for compliance
by broker-dealer personnel or a
qualified outside party;
• designation of an individual or
individuals responsible for
implementing and monitoring the
operations and internal controls of the
AML program; and
• ongoing training for appropriate
persons.8
In addition to meeting the BSA’s
requirements with respect to AML
programs, Exchange Members 9 must
also comply with Exchange Rule 5.6,
which incorporates the BSA’s four
pillars, as well as requires Members’
AML programs to establish and
implement policies and procedures that
can be reasonably expected to detect
5 31
U.S.C. 5311, et seq.
U.S.C. 5312(a)(2) (defining ‘‘financial
institution’’).
7 31 U.S.C. 5318(h)(1).
8 31 CFR 1023.210(b).
9 See Exchange Rule 1.5(n).
6 See
1 15
U.S.C. 78s(b)(1).
CFR 240.19b–4.
3 15 U.S.C. 78s(b)(3)(A)(iii).
4 17 CFR 240.19b–4(f)(6).
2 17
VerDate Sep<11>2014
19:13 Dec 18, 2019
Jkt 250001
PO 00000
Frm 00091
Fmt 4703
Sfmt 4703
and cause the reporting of suspicious
transactions.
On May 11, 2016, FinCEN, the bureau
of the Department of the Treasury
responsible for administering the BSA
and its implementing regulations,
issued the CDD Rule 10 to clarify and
strengthen customer due diligence for
covered financial institutions,11
including broker-dealers. In its CDD
Rule, FinCEN identifies four
components of customer due diligence:
(1) Customer identification and
verification; (2) beneficial ownership
identification and verification; (3)
understanding the nature and purpose
of customer relationships; and (4)
ongoing monitoring for reporting
suspicious transactions and, on a risk
basis, maintaining and updating
customer information.12 As the first
component is already required to be part
of a broker-dealers AML program under
the BSA, the CDD Rule focuses on the
other three components.
Specifically, the CDD Rule focuses
particularly on the second component
by adding a new requirement that
covered financial institutions identify
and verify the identity of the beneficial
owners of all legal entity customers at
the time a new account is opened,
subject to certain exclusions and
exemptions.13 The CDD Rule also
addresses the third and fourth
components, which FinCEN states ‘‘are
already implicitly required for covered
financial institutions to comply with
their suspicious activity reporting
requirements,’’ by amending the
existing AML program rules for covered
financial institutions to explicitly
require these components to be
included in AML programs as a new
‘‘fifth pillar.’’
On November 21, 2017, FINRA
published Regulatory Notice 17–40 to
provide guidance to member firms
regarding their obligations under FINRA
Rule 3310 in light of the adoption of
10 FinCEN Customer Due Diligence Requirements
for Financial Institutions; CDD Rule, 81 FR 29397
(May 11, 2016) (CDD Rule Release); 82 FR 45182
(September 28, 2017) (making technical correcting
amendments to the final CDD Rule published on
May 11, 2016). FinCEN is authorized to impose
AML program requirements on financial
institutions and to require financial institutions to
maintain procedures to ensure compliance with the
BSA and associated regulations. 31 U.S.C.
5318(h)(2) and (a)(2). The CDD Rule is the result of
the rulemaking process FinCEN initiated in March
2012. See 77 FR 13046 (March 5, 2012) (Advance
Notice of Proposed Rulemaking) and 79 FR 45151
(Aug. 4, 2014) (Notice of Proposed Rulemaking).
11 See 31 CFR 1010.230(f) (defining ‘‘covered
financial institution’’).
12 See CDD Rule Release at 29398.
13 See 31 CFR 1010.230(d) (defining ‘‘beneficial
owner’’) and 31 CFR 1010.230(e) (defining ‘‘legal
entity customer’’).
E:\FR\FM\19DEN1.SGM
19DEN1
Federal Register / Vol. 84, No. 244 / Thursday, December 19, 2019 / Notices
FinCEN’s CDD Rule. In addition, the
Notice summarized the CDD Rule’s
impact on member firms, including the
addition of the new fifth pillar required
for member firms’ AML programs.
FINRA also amended FINRA Rule 3310
to explicitly incorporate the fifth
pillar.14 This proposed rule change
amends BZX Rule 5.6 to harmonize it
with the FINRA rule and incorporate the
fifth pillar.
lotter on DSKBCFDHB2PROD with NOTICES
II. Exchange Rule 5.6 and Amendment
To Minimum Requirements for
Members’ AML Programs
Section 352 of the USA PATRIOT Act
of 2001 15 amended the BSA to require
broker-dealers to develop and
implement AML programs that include
the four pillars mentioned above.
Consistent with Section 352 of the
PATRIOT Act, and incorporating the
four pillars, BZX Rule 5.6 requires each
Member to develop and implement a
written AML program reasonably
designed to achieve and monitor the
Member’s compliance with the BSA and
implementing regulations. Among other
requirements, BZX Rule 5.6 requires
that each Member firm, at a minimum:
(1) Establish and implement policies
and procedures that can be reasonably
expected to detect and cause the
reporting of suspicious transactions; (2)
establish and implement policies,
procedures, and internal controls
reasonably designed to achieve
compliance with the BSA and
implementing regulations; (3) provide
independent testing for compliance to
be conducted by Member personnel or
a qualified outside party; (4) designate
and identify to BZX an individual or
individuals (i.e., AML compliance
person(s)) who will be responsible for
implementing and monitoring the dayto-day operations and internal controls
of the AML program and provide
prompt notification to the Exchange of
any changes to the designation; and (5)
provide ongoing training for appropriate
persons.
FinCEN’s CDD Rule does not change
the requirements of Exchange Rule 5.6,
and Members must continue to comply
with its requirements.16 However,
FinCEN’s CDD Rule amends the
14 See Securities Exchange Act Release No. 83154
(May 2, 2018), 83 FR 20906 (May 8, 2018) (File No.
SR–FINRA–2018–016).
15 Uniting and Strengthening America by
Providing Appropriate Tools Required to Intercept
and Obstruct Terrorism Act of 2001, Public Law
107–56, 115 Stat. 272 (2001).
16 FinCEN notes that broker-dealers must
continue to comply with FINRA Rules,
notwithstanding differences between the CDD Rule
and FINRA Rule 3310, which is substantially
identical to Exchange Rule 5.6. See CDD Rule
Release 29421, n. 85.
VerDate Sep<11>2014
19:13 Dec 18, 2019
Jkt 250001
69811
minimum regulatory requirements for
broker-dealers’ AML programs by
explicitly requiring such programs to
include risk-based procedures for
conducting ongoing customer due
diligence.17 Accordingly, the Exchange
is proposing to amend Exchange Rule
5.6 to incorporate this ongoing customer
due diligence element, or ‘‘fifth pillar’’
required for AML programs. Thus,
proposed Rule 5.6(b)(6) would provide
that the AML programs required by this
Rule shall, at a minimum include
appropriate risk-based procedures for
conducting ongoing customer due
diligence, to include, but not be limited
to: (A) Understanding the nature and
purpose of customer relationships for
the purpose of developing a customer
risk profile; and (B) conducting ongoing
monitoring to identify and report
suspicious transactions and, on a risk
basis, to maintain and update customer
information.
As stated in the CDD Rule, these
provisions are not new and merely
codify existing expectations for
Members to adequately identify and
report suspicious transactions as
required under the BSA and encapsulate
practices generally already undertaken
by securities firms to know and
understand their customers.18 The
proposed rule change simply
incorporates into Exchange Rule 5.6 the
ongoing customer due diligence
element, or ‘‘fifth pillar,’’ required for
AML programs by the CDD Rule to aid
Members in complying with the CDD
Rule’s requirements. However, to the
extent that these elements, which are
briefly summarized below, are not
already included in Members’ AML
programs, the CDD Rule requires
Members to update their AML programs
to explicitly incorporate them.
about a customer to form the baseline
against which customer activity is
assessed for suspicious transaction
reporting.20 Information relevant to
understanding the nature and purpose
of the customer relationship may be
self-evident and, depending on the facts
and circumstances, may include such
information as the type of customer,
account or service offered, and the
customer’s income, net worth, domicile,
or principal occupation or business, as
well as, in the case of existing
customers, the customer’s history of
activity.21 The CDD Rule also does not
prescribe a particular form of the
customer risk profile.22 Instead, the CDD
Rule states that depending on the firm
and the nature of its business, a
customer risk profile may consist of
individualized risk scoring, placement
of customers into risk categories or
another means of assessing customer
risk that allows firms to understand the
risk posed by the customer and to
demonstrate that understanding.23
The CDD Rule also addresses the
interplay of understanding the nature
and purpose of customer relationships
with the ongoing monitoring obligation
discussed below. The CDD Rule
explains that firms are not necessarily
required or expected to integrate
customer information or the customer
risk profile into existing transaction
monitoring systems (for example, to
serve as the baseline for identifying and
assessing suspicious transactions on a
contemporaneous basis).24 Rather,
FinCEN expects firms to use the
customer information and customer risk
profile as appropriate during the course
of complying with their obligations
under the BSA in order to determine
whether a particular flagged transaction
is suspicious.25
III. Summary of Fifth Pillar’s
Requirements
Conduct Ongoing Monitoring
Understanding the Nature and Purpose
of Customer Relationships
FinCEN states in the CDD Rule that
firms must necessarily have an
understanding of the nature and
purpose of the customer relationship in
order to determine whether a
transaction is potentially suspicious
and, in turn, to fulfill their SAR
obligations.19 To that end, the CDD Rule
requires that firms understand the
nature and purpose of the customer
relationship in order to develop a
customer risk profile. The customer risk
profile refers to information gathered
As with the requirement to
understand the nature and purpose of
the customer relationship, the
requirement to conduct ongoing
monitoring to identify and report
suspicious transactions and, on a risk
basis, to maintain and update customer
information, merely adopts existing
supervisory and regulatory expectations
as explicit minimum standards of
customer due diligence required for
firms’ AML programs.26 If, in the course
of its normal monitoring for suspicious
20 Id.
at 29422.
21 Id.
22 Id.
17 See
CDD Rule Release at 29420; 31 CFR
1023.210.
18 Id. at 29419.
19 Id. at 29421.
PO 00000
Frm 00092
Fmt 4703
Sfmt 4703
23 Id.
24 Id.
25 Id.
26 Id.
E:\FR\FM\19DEN1.SGM
at 29402.
19DEN1
69812
Federal Register / Vol. 84, No. 244 / Thursday, December 19, 2019 / Notices
activity, the Member detects
information that is relevant to assessing
the customer’s risk profile, the Member
must update the customer information,
including the information regarding the
beneficial owners of legal entity
customers.27 However, there is no
expectation that the Member update
customer information, including
beneficial ownership information, on an
ongoing or continuous basis.28
2. Statutory Basis
The Exchange believes that the
proposed rule change is consistent with
the provisions of Section 6(b) 29 of the
Act in general, and furthers the
objectives of Section 6(b)(5) of the Act 30
in particular, in that it is designed to
prevent fraudulent and manipulative
acts and practices, to promote just and
equitable principles of trade, to remove
impediments to and perfect the
mechanism of a free and open market
and a national market system, and, in
general, to protect investors and the
public interest. Specifically, the
Exchange believes the proposed rule
change will protect investors, because it
will aid Members in complying with the
CDD Rule’s requirement that Members’
AML programs include risk-based
procedures for conducting ongoing
customer due diligence by also
incorporating the requirement into
Exchange Rule 5.6.
lotter on DSKBCFDHB2PROD with NOTICES
B. Self-Regulatory Organization’s
Statement on Burden on Competition
The Exchange does not believe that
the proposed rule change will result in
any burden on competition that is not
necessary or appropriate in furtherance
of the purposes of the Act. The
proposed rule change simply
incorporates into Exchange Rule 5.6 the
ongoing customer due diligence
element, or ‘‘fifth pillar,’’ required for
AML programs by the CDD Rule.
Regardless of the proposed rule change,
to the extent that the elements of the
fifth pillar are not already included in
Members’ AML programs, the CDD Rule
requires Members to update their AML
programs to explicitly incorporate them.
In addition, as stated in the CDD Rule,
these elements are already implicitly
required for covered financial
institutions to comply with their
suspicious activity reporting
requirements. Further, all Exchange
Members that have customers are
27 Id. at 29420–21. See also FINRA Regulatory
Notice 17–40 (discussing identifying and verifying
the identity of beneficial owners of legal entity
customers).
28 Id.
29 15 U.S.C. 78f.
30 15 U.S.C. 78f(b)(5).
VerDate Sep<11>2014
19:13 Dec 18, 2019
Jkt 250001
required to be members of FINRA
pursuant to Rule 15b9–1 under the
Exchange Act,31 and are therefore
already subject to the requirements of
FINRA Rule 3310. Additionally, the
proposed rule change is virtually
identical 32 to FINRA Rule 3310. The
Exchange is not imposing any
additional direct or indirect burdens on
member firms or their customers
through this proposal, and as such, the
proposal imposes no new burdens on
competition.
C. Self-Regulatory Organization’s
Statement on Comments on the
Proposed Rule Change Received From
Members, Participants, or Others
Written comments were neither
solicited nor received.
III. Date of Effectiveness of the
Proposed Rule Change and Timing for
Commission Action
Because the foregoing proposed rule
change does not:
A. Significantly affect the protection
of investors or the public interest;
B. impose any significant burden on
competition; and
C. become operative for 30 days from
the date on which it was filed, or such
shorter time as the Commission may
designate, it has become effective
pursuant to Section 19(b)(3)(A) of the
Act 33 and Rule 19b–4(f)(6) 34
thereunder. At any time within 60 days
of the filing of the proposed rule change,
the Commission summarily may
temporarily suspend such rule change if
it appears to the Commission that such
action is necessary or appropriate in the
public interest, for the protection of
investors, or otherwise in furtherance of
the purposes of the Act. If the
Commission takes such action, the
Commission will institute proceedings
to determine whether the proposed rule
change should be approved or
disapproved.
IV. Solicitation of Comments
Interested persons are invited to
submit written data, views, and
arguments concerning the foregoing,
including whether the proposed rule
change is consistent with the Act.
Comments may be submitted by any of
the following methods:
Electronic Comments
• Use the Commission’s internet
comment form (https://www.sec.gov/
rules/sro.shtml); or
• Send an email to rule-comments@
sec.gov. Please include File Number SR–
CboeBZX–2019–103 on the subject line.
Paper Comments
• Send paper comments in triplicate
to Secretary, Securities and Exchange
Commission, 100 F Street NE,
Washington, DC 20549–1090.
All submissions should refer to File
Number SR–CboeBZX–2019–103. This
file number should be included on the
subject line if email is used. To help the
Commission process and review your
comments more efficiently, please use
only one method. The Commission will
post all comments on the Commission’s
internet website (https://www.sec.gov/
rules/sro.shtml). Copies of the
submission, all subsequent
amendments, all written statements
with respect to the proposed rule
change that are filed with the
Commission, and all written
communications relating to the
proposed rule change between the
Commission and any person, other than
those that may be withheld from the
public in accordance with the
provisions of 5 U.S.C. 552, will be
available for website viewing and
printing in the Commission’s Public
Reference Room, 100 F Street NE,
Washington, DC 20549 on official
business days between the hours of
10:00 a.m. and 3:00 p.m. Copies of the
filing also will be available for
inspection and copying at the principal
office of the Exchange. All comments
received will be posted without change.
Persons submitting comments are
cautioned that we do not redact or edit
personal identifying information from
comment submissions. You should
submit only information that you wish
to make available publicly.
All submissions should refer to File
Number SR–CboeBZX–2019–103 and
should be submitted on or before
January 9, 2020.
31 17
For the Commission, by the Division of
Trading and Markets, pursuant to delegated
authority.35
J. Matthew DeLesDernier,
Assistant Secretary.
32 The
[FR Doc. 2019–27347 Filed 12–18–19; 8:45 am]
CFR 240.15b9–1.
Exchange notes that changes between the
proposed Rule and FINRA Rule 3310 are nonsubstantive and relate to cross references.
33 15 U.S.C. 78s(b)(3)(A).
34 17 CFR 240.19b–4(f)(6).
PO 00000
Frm 00093
Fmt 4703
Sfmt 4703
BILLING CODE 8011–01–P
35 17
E:\FR\FM\19DEN1.SGM
CFR 200.30–3(a)(12).
19DEN1
Agencies
[Federal Register Volume 84, Number 244 (Thursday, December 19, 2019)]
[Notices]
[Pages 69810-69812]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-27347]
-----------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
[Release No. 34-87745; File No. SR-CboeBZX-2019-103
Self-Regulatory Organizations; Cboe BZX Exchange, Inc.; Notice of
Filing and Immediate Effectiveness of a Proposed Rule Change To Reflect
the Financial Crimes Enforcement Network's Adoption of a Final Rule on
Customer Due Diligence Requirements for Financial Institutions
December 13, 2019.
Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934
(the ``Act''),\1\ and Rule 19b-4 thereunder,\2\ notice is hereby given
that on December 5, 2019, Cboe BZX Exchange, Inc. (the ``Exchange'' or
``BZX'') filed with the Securities and Exchange Commission (the
``Commission'') the proposed rule change as described in Items I, II,
and III below, which Items have been prepared by the Exchange. The
Exchange filed the proposal as a ``non-controversial'' proposed rule
change pursuant to Section 19(b)(3)(A)(iii) of the Act \3\ and Rule
19b-4(f)(6) thereunder.\4\ The Commission is publishing this notice to
solicit comments on the proposed rule change from interested persons.
---------------------------------------------------------------------------
\1\ 15 U.S.C. 78s(b)(1).
\2\ 17 CFR 240.19b-4.
\3\ 15 U.S.C. 78s(b)(3)(A)(iii).
\4\ 17 CFR 240.19b-4(f)(6).
---------------------------------------------------------------------------
I. Self-Regulatory Organization's Statement of the Terms of Substance
of the Proposed Rule Change
Cboe BZX Exchange, Inc. (``BZX'' or the ``Exchange'') is filing
with the Securities and Exchange Commission (the ``Commission''), the
proposed rule change as described in Items I, II, and III below, which
Items have been prepared by the Exchange, to reflect the Financial
Crimes Enforcement Network's (``FinCEN'') adoption of a final rule on
Customer Due Diligence Requirements for Financial Institutions (``CDD
Rule''). The text of the proposed rule change is provided in Exhibit 5.
The text of the proposed rule change is also available on the
Exchange's website (https://markets.cboe.com/us/equities/regulation/rule_filings/bzx/), at the Exchange's Office of the Secretary, and at
the Commission's Public Reference Room.
II. Self-Regulatory Organization's Statement of the Purpose of, and
Statutory Basis for, the Proposed Rule Change
In its filing with the Commission, the Exchange included statements
concerning the purpose of and basis for the proposed rule change and
discussed any comments it received on the proposed rule change. The
text of these statements may be examined at the places specified in
Item IV below. The Exchange has prepared summaries, set forth in
sections A, B, and C below, of the most significant aspects of such
statements.
A. Self-Regulatory Organization's Statement of the Purpose of, and
Statutory Basis for, the Proposed Rule Change
1. Purpose
I. Background
The Bank Secrecy Act \5\ (``BSA''), among other things, requires
financial institutions,\6\ including broker-dealers, to develop and
implement AML programs that, at a minimum, meet the statutorily
enumerated ``four pillars.'' \7\ These four pillars currently require
broker-dealers to have written AML programs that include, at a minimum:
---------------------------------------------------------------------------
\5\ 31 U.S.C. 5311, et seq.
\6\ See U.S.C. 5312(a)(2) (defining ``financial institution'').
\7\ 31 U.S.C. 5318(h)(1).
---------------------------------------------------------------------------
The establishment and implementation of policies,
procedures and internal controls reasonably designed to achieve
compliance with the applicable provisions of the BSA and implementing
regulations;
independent testing for compliance by broker-dealer
personnel or a qualified outside party;
designation of an individual or individuals responsible
for implementing and monitoring the operations and internal controls of
the AML program; and
ongoing training for appropriate persons.\8\
---------------------------------------------------------------------------
\8\ 31 CFR 1023.210(b).
---------------------------------------------------------------------------
In addition to meeting the BSA's requirements with respect to AML
programs, Exchange Members \9\ must also comply with Exchange Rule 5.6,
which incorporates the BSA's four pillars, as well as requires Members'
AML programs to establish and implement policies and procedures that
can be reasonably expected to detect and cause the reporting of
suspicious transactions.
---------------------------------------------------------------------------
\9\ See Exchange Rule 1.5(n).
---------------------------------------------------------------------------
On May 11, 2016, FinCEN, the bureau of the Department of the
Treasury responsible for administering the BSA and its implementing
regulations, issued the CDD Rule \10\ to clarify and strengthen
customer due diligence for covered financial institutions,\11\
including broker-dealers. In its CDD Rule, FinCEN identifies four
components of customer due diligence: (1) Customer identification and
verification; (2) beneficial ownership identification and verification;
(3) understanding the nature and purpose of customer relationships; and
(4) ongoing monitoring for reporting suspicious transactions and, on a
risk basis, maintaining and updating customer information.\12\ As the
first component is already required to be part of a broker-dealers AML
program under the BSA, the CDD Rule focuses on the other three
components.
---------------------------------------------------------------------------
\10\ FinCEN Customer Due Diligence Requirements for Financial
Institutions; CDD Rule, 81 FR 29397 (May 11, 2016) (CDD Rule
Release); 82 FR 45182 (September 28, 2017) (making technical
correcting amendments to the final CDD Rule published on May 11,
2016). FinCEN is authorized to impose AML program requirements on
financial institutions and to require financial institutions to
maintain procedures to ensure compliance with the BSA and associated
regulations. 31 U.S.C. 5318(h)(2) and (a)(2). The CDD Rule is the
result of the rulemaking process FinCEN initiated in March 2012. See
77 FR 13046 (March 5, 2012) (Advance Notice of Proposed Rulemaking)
and 79 FR 45151 (Aug. 4, 2014) (Notice of Proposed Rulemaking).
\11\ See 31 CFR 1010.230(f) (defining ``covered financial
institution'').
\12\ See CDD Rule Release at 29398.
---------------------------------------------------------------------------
Specifically, the CDD Rule focuses particularly on the second
component by adding a new requirement that covered financial
institutions identify and verify the identity of the beneficial owners
of all legal entity customers at the time a new account is opened,
subject to certain exclusions and exemptions.\13\ The CDD Rule also
addresses the third and fourth components, which FinCEN states ``are
already implicitly required for covered financial institutions to
comply with their suspicious activity reporting requirements,'' by
amending the existing AML program rules for covered financial
institutions to explicitly require these components to be included in
AML programs as a new ``fifth pillar.''
---------------------------------------------------------------------------
\13\ See 31 CFR 1010.230(d) (defining ``beneficial owner'') and
31 CFR 1010.230(e) (defining ``legal entity customer'').
---------------------------------------------------------------------------
On November 21, 2017, FINRA published Regulatory Notice 17-40 to
provide guidance to member firms regarding their obligations under
FINRA Rule 3310 in light of the adoption of
[[Page 69811]]
FinCEN's CDD Rule. In addition, the Notice summarized the CDD Rule's
impact on member firms, including the addition of the new fifth pillar
required for member firms' AML programs. FINRA also amended FINRA Rule
3310 to explicitly incorporate the fifth pillar.\14\ This proposed rule
change amends BZX Rule 5.6 to harmonize it with the FINRA rule and
incorporate the fifth pillar.
---------------------------------------------------------------------------
\14\ See Securities Exchange Act Release No. 83154 (May 2,
2018), 83 FR 20906 (May 8, 2018) (File No. SR-FINRA-2018-016).
---------------------------------------------------------------------------
II. Exchange Rule 5.6 and Amendment To Minimum Requirements for
Members' AML Programs
Section 352 of the USA PATRIOT Act of 2001 \15\ amended the BSA to
require broker-dealers to develop and implement AML programs that
include the four pillars mentioned above. Consistent with Section 352
of the PATRIOT Act, and incorporating the four pillars, BZX Rule 5.6
requires each Member to develop and implement a written AML program
reasonably designed to achieve and monitor the Member's compliance with
the BSA and implementing regulations. Among other requirements, BZX
Rule 5.6 requires that each Member firm, at a minimum: (1) Establish
and implement policies and procedures that can be reasonably expected
to detect and cause the reporting of suspicious transactions; (2)
establish and implement policies, procedures, and internal controls
reasonably designed to achieve compliance with the BSA and implementing
regulations; (3) provide independent testing for compliance to be
conducted by Member personnel or a qualified outside party; (4)
designate and identify to BZX an individual or individuals (i.e., AML
compliance person(s)) who will be responsible for implementing and
monitoring the day-to-day operations and internal controls of the AML
program and provide prompt notification to the Exchange of any changes
to the designation; and (5) provide ongoing training for appropriate
persons.
---------------------------------------------------------------------------
\15\ Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism Act of 2001,
Public Law 107-56, 115 Stat. 272 (2001).
---------------------------------------------------------------------------
FinCEN's CDD Rule does not change the requirements of Exchange Rule
5.6, and Members must continue to comply with its requirements.\16\
However, FinCEN's CDD Rule amends the minimum regulatory requirements
for broker-dealers' AML programs by explicitly requiring such programs
to include risk-based procedures for conducting ongoing customer due
diligence.\17\ Accordingly, the Exchange is proposing to amend Exchange
Rule 5.6 to incorporate this ongoing customer due diligence element, or
``fifth pillar'' required for AML programs. Thus, proposed Rule
5.6(b)(6) would provide that the AML programs required by this Rule
shall, at a minimum include appropriate risk-based procedures for
conducting ongoing customer due diligence, to include, but not be
limited to: (A) Understanding the nature and purpose of customer
relationships for the purpose of developing a customer risk profile;
and (B) conducting ongoing monitoring to identify and report suspicious
transactions and, on a risk basis, to maintain and update customer
information.
---------------------------------------------------------------------------
\16\ FinCEN notes that broker-dealers must continue to comply
with FINRA Rules, notwithstanding differences between the CDD Rule
and FINRA Rule 3310, which is substantially identical to Exchange
Rule 5.6. See CDD Rule Release 29421, n. 85.
\17\ See CDD Rule Release at 29420; 31 CFR 1023.210.
---------------------------------------------------------------------------
As stated in the CDD Rule, these provisions are not new and merely
codify existing expectations for Members to adequately identify and
report suspicious transactions as required under the BSA and
encapsulate practices generally already undertaken by securities firms
to know and understand their customers.\18\ The proposed rule change
simply incorporates into Exchange Rule 5.6 the ongoing customer due
diligence element, or ``fifth pillar,'' required for AML programs by
the CDD Rule to aid Members in complying with the CDD Rule's
requirements. However, to the extent that these elements, which are
briefly summarized below, are not already included in Members' AML
programs, the CDD Rule requires Members to update their AML programs to
explicitly incorporate them.
---------------------------------------------------------------------------
\18\ Id. at 29419.
---------------------------------------------------------------------------
III. Summary of Fifth Pillar's Requirements
Understanding the Nature and Purpose of Customer Relationships
FinCEN states in the CDD Rule that firms must necessarily have an
understanding of the nature and purpose of the customer relationship in
order to determine whether a transaction is potentially suspicious and,
in turn, to fulfill their SAR obligations.\19\ To that end, the CDD
Rule requires that firms understand the nature and purpose of the
customer relationship in order to develop a customer risk profile. The
customer risk profile refers to information gathered about a customer
to form the baseline against which customer activity is assessed for
suspicious transaction reporting.\20\ Information relevant to
understanding the nature and purpose of the customer relationship may
be self-evident and, depending on the facts and circumstances, may
include such information as the type of customer, account or service
offered, and the customer's income, net worth, domicile, or principal
occupation or business, as well as, in the case of existing customers,
the customer's history of activity.\21\ The CDD Rule also does not
prescribe a particular form of the customer risk profile.\22\ Instead,
the CDD Rule states that depending on the firm and the nature of its
business, a customer risk profile may consist of individualized risk
scoring, placement of customers into risk categories or another means
of assessing customer risk that allows firms to understand the risk
posed by the customer and to demonstrate that understanding.\23\
---------------------------------------------------------------------------
\19\ Id. at 29421.
\20\ Id. at 29422.
\21\ Id.
\22\ Id.
\23\ Id.
---------------------------------------------------------------------------
The CDD Rule also addresses the interplay of understanding the
nature and purpose of customer relationships with the ongoing
monitoring obligation discussed below. The CDD Rule explains that firms
are not necessarily required or expected to integrate customer
information or the customer risk profile into existing transaction
monitoring systems (for example, to serve as the baseline for
identifying and assessing suspicious transactions on a contemporaneous
basis).\24\ Rather, FinCEN expects firms to use the customer
information and customer risk profile as appropriate during the course
of complying with their obligations under the BSA in order to determine
whether a particular flagged transaction is suspicious.\25\
---------------------------------------------------------------------------
\24\ Id.
\25\ Id.
---------------------------------------------------------------------------
Conduct Ongoing Monitoring
As with the requirement to understand the nature and purpose of the
customer relationship, the requirement to conduct ongoing monitoring to
identify and report suspicious transactions and, on a risk basis, to
maintain and update customer information, merely adopts existing
supervisory and regulatory expectations as explicit minimum standards
of customer due diligence required for firms' AML programs.\26\ If, in
the course of its normal monitoring for suspicious
[[Page 69812]]
activity, the Member detects information that is relevant to assessing
the customer's risk profile, the Member must update the customer
information, including the information regarding the beneficial owners
of legal entity customers.\27\ However, there is no expectation that
the Member update customer information, including beneficial ownership
information, on an ongoing or continuous basis.\28\
---------------------------------------------------------------------------
\26\ Id. at 29402.
\27\ Id. at 29420-21. See also FINRA Regulatory Notice 17-40
(discussing identifying and verifying the identity of beneficial
owners of legal entity customers).
\28\ Id.
---------------------------------------------------------------------------
2. Statutory Basis
The Exchange believes that the proposed rule change is consistent
with the provisions of Section 6(b) \29\ of the Act in general, and
furthers the objectives of Section 6(b)(5) of the Act \30\ in
particular, in that it is designed to prevent fraudulent and
manipulative acts and practices, to promote just and equitable
principles of trade, to remove impediments to and perfect the mechanism
of a free and open market and a national market system, and, in
general, to protect investors and the public interest. Specifically,
the Exchange believes the proposed rule change will protect investors,
because it will aid Members in complying with the CDD Rule's
requirement that Members' AML programs include risk-based procedures
for conducting ongoing customer due diligence by also incorporating the
requirement into Exchange Rule 5.6.
---------------------------------------------------------------------------
\29\ 15 U.S.C. 78f.
\30\ 15 U.S.C. 78f(b)(5).
---------------------------------------------------------------------------
B. Self-Regulatory Organization's Statement on Burden on Competition
The Exchange does not believe that the proposed rule change will
result in any burden on competition that is not necessary or
appropriate in furtherance of the purposes of the Act. The proposed
rule change simply incorporates into Exchange Rule 5.6 the ongoing
customer due diligence element, or ``fifth pillar,'' required for AML
programs by the CDD Rule. Regardless of the proposed rule change, to
the extent that the elements of the fifth pillar are not already
included in Members' AML programs, the CDD Rule requires Members to
update their AML programs to explicitly incorporate them. In addition,
as stated in the CDD Rule, these elements are already implicitly
required for covered financial institutions to comply with their
suspicious activity reporting requirements. Further, all Exchange
Members that have customers are required to be members of FINRA
pursuant to Rule 15b9-1 under the Exchange Act,\31\ and are therefore
already subject to the requirements of FINRA Rule 3310. Additionally,
the proposed rule change is virtually identical \32\ to FINRA Rule
3310. The Exchange is not imposing any additional direct or indirect
burdens on member firms or their customers through this proposal, and
as such, the proposal imposes no new burdens on competition.
---------------------------------------------------------------------------
\31\ 17 CFR 240.15b9-1.
\32\ The Exchange notes that changes between the proposed Rule
and FINRA Rule 3310 are non-substantive and relate to cross
references.
---------------------------------------------------------------------------
C. Self-Regulatory Organization's Statement on Comments on the Proposed
Rule Change Received From Members, Participants, or Others
Written comments were neither solicited nor received.
III. Date of Effectiveness of the Proposed Rule Change and Timing for
Commission Action
Because the foregoing proposed rule change does not:
A. Significantly affect the protection of investors or the public
interest;
B. impose any significant burden on competition; and
C. become operative for 30 days from the date on which it was
filed, or such shorter time as the Commission may designate, it has
become effective pursuant to Section 19(b)(3)(A) of the Act \33\ and
Rule 19b-4(f)(6) \34\ thereunder. At any time within 60 days of the
filing of the proposed rule change, the Commission summarily may
temporarily suspend such rule change if it appears to the Commission
that such action is necessary or appropriate in the public interest,
for the protection of investors, or otherwise in furtherance of the
purposes of the Act. If the Commission takes such action, the
Commission will institute proceedings to determine whether the proposed
rule change should be approved or disapproved.
---------------------------------------------------------------------------
\33\ 15 U.S.C. 78s(b)(3)(A).
\34\ 17 CFR 240.19b-4(f)(6).
---------------------------------------------------------------------------
IV. Solicitation of Comments
Interested persons are invited to submit written data, views, and
arguments concerning the foregoing, including whether the proposed rule
change is consistent with the Act. Comments may be submitted by any of
the following methods:
Electronic Comments
Use the Commission's internet comment form (https://www.sec.gov/rules/sro.shtml); or
Send an email to [email protected]. Please include
File Number SR-CboeBZX-2019-103 on the subject line.
Paper Comments
Send paper comments in triplicate to Secretary, Securities
and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090.
All submissions should refer to File Number SR-CboeBZX-2019-103. This
file number should be included on the subject line if email is used. To
help the Commission process and review your comments more efficiently,
please use only one method. The Commission will post all comments on
the Commission's internet website (https://www.sec.gov/rules/sro.shtml).
Copies of the submission, all subsequent amendments, all written
statements with respect to the proposed rule change that are filed with
the Commission, and all written communications relating to the proposed
rule change between the Commission and any person, other than those
that may be withheld from the public in accordance with the provisions
of 5 U.S.C. 552, will be available for website viewing and printing in
the Commission's Public Reference Room, 100 F Street NE, Washington, DC
20549 on official business days between the hours of 10:00 a.m. and
3:00 p.m. Copies of the filing also will be available for inspection
and copying at the principal office of the Exchange. All comments
received will be posted without change. Persons submitting comments are
cautioned that we do not redact or edit personal identifying
information from comment submissions. You should submit only
information that you wish to make available publicly.
All submissions should refer to File Number SR-CboeBZX-2019-103 and
should be submitted on or before January 9, 2020.
For the Commission, by the Division of Trading and Markets,
pursuant to delegated authority.\35\
---------------------------------------------------------------------------
\35\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------
J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2019-27347 Filed 12-18-19; 8:45 am]
BILLING CODE 8011-01-P