Financial Crimes Enforcement Network; Customer Identification Programs, Anti-Money Laundering Programs, and Beneficial Ownership Requirements for Banks Lacking a Federal Functional Regulator, 57129-57138 [2020-20325]
Download as PDF
<![CDATA[
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
foreign persons that, in the aggregate,
holds, a voting interest for purposes of
critical technology mandatory
declarations in a person described in
paragraphs (c)(1)(i) through (iv) of this
section.
(2) For purposes of paragraph (c)(1) of
this section, whether a U.S. regulatory
authorization would be required for the
export, reexport, transfer (in-country), or
retransfer of a critical technology to a
person described in paragraphs (c)(1)(i)
through (v) of this section shall be
determined:
(i) Without giving effect to any license
exemption available under the ITAR or
license exception available under the
EAR except as described paragraph in
(e)(6) of this section;
(ii) Based on such person’s principal
place of business (for entities) as
defined in § 800.239, or such person’s
nationality or nationalities (for
individuals) under the relevant U.S.
regulatory authorization, as applicable;
and
(iii) As if such person is an ‘‘end
user’’ under the relevant U.S. regulatory
authorization, as applicable.
(3) For purposes of paragraph (c)(1) of
this section, the assessment of what
constitutes a critical technology shall be
as of the first date on which one of the
conditions set forth in § 800.104(b)(1)
through (4) is met with respect to a
covered transaction. (See the example in
paragraph (j)(6) of this section.)
*
*
*
*
*
(e) * * *
(6) A covered transaction described in
paragraph (c)(1) of this section involving
critical technology for which the export,
reexport, transfer (in-country), or
retransfer to any of the persons
described in paragraphs (c)(1)(i) through
(v) of this section would require one or
more U.S. regulatory authorizations and
each such critical technology and
person, considered as if in the context
of an export, reexport, or transfer, is
eligible for at least one of the following
license exceptions under the EAR, as
applicable:
(i) 15 CFR 740.13;
(ii) 15 CFR 740.17(b); or
(iii) 15 CFR 740.20(c)(1).
jbell on DSKJLSW7X2PROD with RULES
Note 1 to § 800.401(e)(6): To be ‘‘eligible’’
for a license exception refers to any
requirements imposed by the EAR that must
be satisfied prior to export even if no export
is to occur.
critical technology controlled under the
EAR. A foreign national of Country G
owns 25 percent of the voting shares of
Corporation A. Under the EAR, a license
is required to export the critical
technology to Country G but not
Country F. Assuming no other relevant
facts, the acquisition of Corporation Y is
subject to a mandatory declaration.
(5) Example 5. Corporation B, a
foreign entity with its principal place of
business in Country G, makes a covered
investment in Corporation Z, a U.S.
business that designs a critical
technology controlled under the EAR.
Under the EAR, a license is required to
export the critical technology to Country
G. The license exception at 15 CFR
740.4 authorizes Corporation Z to export
the critical technology to Country G
without a license. Assuming no other
relevant facts, the covered investment is
subject to a mandatory declaration.
(6) Example 6. Corporation A, a
foreign person, and Corporation B, a
U.S. business, execute a binding written
agreement pursuant to which
Corporation A will acquire a 10 percent
equity interest in Corporation B and will
be afforded the right to appoint two
members of Corporation B’s board of
directors. As of the date of the
agreement, none of the items that
Corporation B manufactures constitutes
a critical technology. After the
agreement is executed, but prior to the
completion of the transaction, a product
manufactured by Corporation B is
included as a defense article on the
USML. Assuming no other relevant
facts, under paragraph (c)(3) of this
section, the transaction is not subject to
a requirement to submit a declaration to
the Committee. However for purposes of
§ 800.211, the transaction may be a
covered investment.
Appendix B to Part 800 [Removed]
■
8. Remove appendix B to part 800.
Dated: August 18, 2020.
Thomas Feddo,
Assistant Secretary for Investment Security.
[FR Doc. 2020–18454 Filed 9–11–20; 4:15 pm]
BILLING CODE 4810–25–P
*
*
*
*
*
(j) * * *
(4) Example 4. Corporation A, a
foreign entity with its principal place of
business in Country F, acquires 100
percent of the interests of Corporation
Y, a U.S. business that manufactures a
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
PO 00000
Frm 00053
Fmt 4700
Sfmt 4700
57129
DEPARTMENT OF THE TREASURY
31 CFR Parts 1010 and 1020
RIN 1506–AB28
Financial Crimes Enforcement
Network; Customer Identification
Programs, Anti-Money Laundering
Programs, and Beneficial Ownership
Requirements for Banks Lacking a
Federal Functional Regulator
Financial Crimes Enforcement
Network (‘‘FinCEN’’), Treasury.
ACTION: Final rule.
AGENCY:
FinCEN is issuing a final rule
implementing sections 352, 326 and 312
of the Uniting and Strengthening
America by Providing Appropriate
Tools Required to Intercept and
Obstruct Terrorism Act of 2001 (‘‘USA
PATRIOT Act’’) and removing the antimoney laundering program exemption
for banks that lack a Federal functional
regulator, including, but not limited to,
private banks, non-federally insured
credit unions, and certain trust
companies. The Final Rule requires
minimum standards for anti-money
laundering programs for banks without
a Federal functional regulator to ensure
that all banks, regardless of whether
they are subject to Federal regulation
and oversight, are required to establish
and implement anti-money laundering
programs, and extends customer
identification program requirements and
beneficial ownership requirements to
those banks not already subject to these
requirements.
DATES: Effective Date: November 16,
2020.
Compliance Date: The compliance
date for anti-money laundering
programs, customer identification
programs, and beneficial ownership
requirements for banks that lack a
Federal functional regulator is March
15, 2021.
FOR FURTHER INFORMATION CONTACT: The
FinCEN Resource Center at (800) 767–
2825 or email frc@fincen.gov.
SUPPLEMENTARY INFORMATION:
SUMMARY:
I. Background
A. Statutory Provisions
FinCEN exercises its regulatory
functions primarily under the Currency
and Financial Transactions Reporting
Act of 1970, as amended by the Uniting
and Strengthening America by
Providing Appropriate Tools Required
to Intercept and Obstruct Terrorism Act
of 2001 (‘‘USA PATRIOT Act’’) (Public
Law 107–56) and other legislation. This
legislative framework is commonly
referred to as the ‘‘Bank Secrecy Act’’
E:\FR\FM\15SER1.SGM
15SER1
57130
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
jbell on DSKJLSW7X2PROD with RULES
(‘‘BSA’’).1 The Secretary of the Treasury
(‘‘Secretary’’) has delegated to the
Director of FinCEN the authority to
implement, administer, and enforce
compliance with the BSA and
associated regulations.2 Pursuant to this
authority, FinCEN may issue regulations
requiring financial institutions to keep
records and file reports that ‘‘have a
high degree of usefulness in criminal,
tax, or regulatory investigations or
proceedings, or in the conduct of
intelligence or counterintelligence
activities, including analysis, to protect
against international terrorism.’’ 3
Additionally, FinCEN is authorized to
impose anti-money laundering (‘‘AML’’)
program requirements for financial
institutions.4
Section 352 of the USA PATRIOT Act
requires financial institutions to
establish AML programs that, at a
minimum, include: (1) The
development of internal policies,
procedures, and controls; (2) the
designation of a compliance officer; (3)
an ongoing employee training program;
and (4) an independent audit function
to test programs.5 Section 352 of the
USA PATRIOT Act authorizes FinCEN,
in consultation with the appropriate
Federal functional regulator (as defined
by 15 U.S.C. 6809), to prescribe
minimum standards for AML programs.
In developing this Final Rule, FinCEN
consulted with the Federal functional
regulators defined in 15 U.S.C. 6809, as
well as the Commodity Futures Trading
Commission (‘‘CFTC’’) (collectively
referred to as ‘‘Federal functional
regulators’’).6 In addition, FinCEN
consulted with the Internal Revenue
Service (‘‘IRS’’), which is the examining
authority for all institutions regulated
by FinCEN that do not have a Federal
functional regulator. FinCEN also
consulted with state bank supervisory
authorities. Consultations with these
Federal and state regulatory and
supervisory agencies assisted FinCEN in
determining the appropriate scope and
nature of banks that are not directly
1 The BSA is codified at 12 U.S.C. 1829b, 12
U.S.C. 1951–1959, 31 U.S.C. 5311–5314 and 5316–
5332, and notes thereto, with implementing
regulations at 31 CFR Chapter X. See 31 CFR
1010.100(e).
2 Treasury Order 180–01 (Jan. 14, 2020).
3 31 U.S.C. 5311.
4 31 U.S.C. 5318(h).
5 Id.
6 31 CFR 1010.100(r) (defining Federal functional
regulator to include the Board of Governors of the
Federal Reserve System; the Office of the
Comptroller of the Currency; the Board of Directors
of the Federal Deposit Insurance Corporation; the
Office of Thrift Supervision (which was merged
into other regulatory agencies and ceased to exist
in 2011); the National Credit Union Administration;
the Securities and Exchange Commission; and the
Commodity Futures Trading Commission).
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
regulated by Federal functional
regulators and to adequately consider
appropriate regulatory coverage for such
institutions.
When prescribing minimum
standards for AML programs, FinCEN
must ‘‘consider the extent to which the
requirements imposed [under section
352 of the USA PATRIOT Act] are
commensurate with the size, location,
and activities of the financial
institutions to which [the standards]
apply.’’ 7 In addition, FinCEN may
‘‘prescribe an appropriate exemption
from a requirement [in the BSA] or
regulations [issued under the BSA].’’ 8
FinCEN used this authority in 2002 to
temporarily defer the requirement to
establish an AML program for certain
financial institutions identified in
section 352 of the USA PATRIOT Act.
The purpose of the temporary deferral
was to give FinCEN and Treasury time
to continue to study the money
laundering risks posed by such financial
institutions in order to develop
appropriate AML program requirements.
Section 326 of the USA PATRIOT Act
requires FinCEN to prescribe regulations
that require financial institutions to
establish procedures for account
opening that, at a minimum, include: (1)
Verifying the identity of any person
seeking to open an account, to the
extent reasonable and practicable; (2)
maintaining records of the information
used to verify the person’s identity,
including name, address, and other
identifying information; and (3)
determining whether the person appears
on any lists of known or suspected
terrorists or terrorist organizations
provided to the financial institution by
any government agency.9 These
programs are referred to as Customer
Identification Programs (‘‘CIPs’’).
When prescribing CIP regulations for
financial institutions, FinCEN is
required to do so jointly with the
appropriate Federal functional
regulator.10 The appropriate Federal
7 Public
Law 107–56, title III, Sec. 352(c), 115
Stat. 322, codified at 31 U.S.C. 5318 note.
8 31 U.S.C. 5318(a)(6).
9 31 U.S.C. 5318(l); see also Joint Final Rule—
Customer Identification Programs for Banks,
Savings Associations, Credit Unions and Certain
Non-Federally Regulated Banks, 68 FR 25103 (May
9, 2003) (codified at 31 CFR 1020.220(a)(4)) (‘‘The
CIP must include procedures for determining
whether the customer appears on any list of known
or suspected terrorists or terrorist organizations
issued by any Federal government agency and
designated as such by Treasury in consultation with
the Federal functional regulators.’’).
10 31 U.S.C. 5318(l)(4) (‘‘Certain financial
institutions.—In the case of any financial institution
the business of which is engaging in financial
activities described in section 4(k) of the Bank
Holding Company Act of 1956 (including financial
activities subject to the jurisdiction of the
PO 00000
Frm 00054
Fmt 4700
Sfmt 4700
functional regulator with which to
promulgate joint CIP regulations is the
particular agency that regulates and
supervises the affected financial
institutions.11 Because the financial
institutions covered under this Final
Rule do not have a Federal functional
regulator, and there is no other Federal
agency with comparable direct
supervisory authority over such
financial institutions, there is no other
appropriate Federal agency with which
FinCEN is required to issue the CIP
rules jointly.12 Accordingly, FinCEN is
issuing the CIP rule set forth here under
its sole authority.
Section 312 of the USA PATRIOT Act
requires each U.S. financial institution
that establishes, maintains, administers,
or manages a correspondent account or
a private banking account in the United
States for a non-U.S. person to subject
such accounts to certain AML
measures.13 In particular, financial
institutions must establish appropriate,
specific, and, where necessary,
enhanced due diligence policies,
procedures, and controls that are
reasonably designed to enable the
financial institution to detect and report
instances of money laundering through
these accounts. In addition to the
general due diligence requirements,
which apply to all correspondent
accounts for non-U.S. persons, section
5318(i)(2) of the BSA specifies
additional standards for correspondent
accounts maintained for certain foreign
banks. Section 5318(i) also sets forth
minimum due diligence requirements
for private banking accounts for nonU.S. persons. Specifically, a covered
financial institution must take
reasonable steps to ascertain the identity
of the nominal and beneficial owners of,
and the source of funds deposited into,
private banking accounts, as necessary
to guard against money laundering and
to report suspicious transactions. The
institution must also conduct enhanced
Commodity Futures Trading Commission), the
regulations prescribed by the Secretary under
paragraph (1) shall be prescribed jointly with each
Federal functional regulator (as defined in section
509 of the Gramm-Leach-Bliley Act, including the
Commodity Futures Trading Commission)
appropriate for such financial institution.’’). The
financial institutions subject to the CIP rule that
will be covered by this Final Rule engage in
financial activities within the meaning of 12 U.S.C.
1843(k), in particular lending money and providing
financial advisory services. See 12 U.S.C.
1843(k)(4)(A) and (C).
11 See, e.g., 31 CFR 1020.210(a).
12 See Notice of Proposed Rulemaking—Customer
Identification Programs for Certain Banks Lacking a
Federal Functional Regulator, 68 FR 25163 (May 9,
2003).
13 These requirements are set forth and crossreferenced in sections 31 CFR1020.610 (crossreferencing to 31 CFR 1010.610) and 31 CFR
1020.620 (cross-referencing to 31 CFR 1010.620).
E:\FR\FM\15SER1.SGM
15SER1
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
scrutiny of private banking accounts
requested or maintained for, or on
behalf of, senior foreign political figures
(which includes family members or
close associates). Enhanced scrutiny
must be reasonably designed to detect
and report transactions that may involve
the proceeds of foreign corruption.
B. Regulatory Background
The following information describes
the effect of certain previous
rulemakings on banks, and specifically
on banks lacking a Federal functional
regulator.
AML Program Requirements
jbell on DSKJLSW7X2PROD with RULES
Most banks became subject to an AML
program requirement under the BSA
when FinCEN issued an Interim Final
Rule on April 29, 2002 (‘‘Interim Final
Rule’’).14 The Interim Final Rule stated
that an institution regulated by a
Federal functional regulator ‘‘shall be
deemed to satisfy the requirements of 31
U.S.C. 5318(h)(1) if it implements and
maintains an [AML] program that
complies with the regulation of its
Federal functional regulator governing
such programs.’’ 15 ‘‘Federal functional
regulator’’ is defined at 31 CFR
1010.100(r) to include each of the
Federal banking agencies, as well as the
SEC and the CFTC.16
The Interim Final Rule temporarily
deferred AML program requirements for
certain financial institutions, including
‘‘private bankers.’’ 17 On November 6,
2002, FinCEN amended the Interim
Final Rule to extend the exemption from
the requirement to establish an AML
program indefinitely for private bankers
and to expand the exemption to other
financial institutions, including any
14 See Interim Final Rule—Anti-Money
Laundering Programs for Financial Institutions, 67
FR 21110 (Apr. 29, 2002). In 1987, Federal banking
regulators issued regulations requiring federally
insured depository institutions and credit unions to
have anti-money laundering programs ‘‘to assure
and monitor compliance with the requirements of
subchapter II of chapter 53 of Title 31, United States
Code.’’ Final Rule—Procedures for Monitoring Bank
Secrecy Act Compliance, 52 FR 2858 (Jan. 27,
1987). The USA PATRIOT Act made developing
and implementing an AML program a statutory
requirement under the BSA in 2001.
15 67 FR at 21113. Since the issuance of the 2002
Interim Final Rule, FinCEN has reorganized its
regulations under 31 CFR Chapter X. See Final
Rule—Transfer and Reorganization of Bank Secrecy
Act Regulations, 75 FR 65806 (Oct. 26, 2010). The
cited AML program requirement can currently be
found at 31 CFR 1020.210, with an added crossreference to enhanced due diligence requirements
imposed by rulemakings later than the Interim Final
Rule.
16 See supra note 6.
17 ‘‘Private banker’’ is included in the list of
financial institutions set out in the BSA. 12 U.S.C.
5312(a)(2)(C).
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
bank ‘‘that is not subject to regulation by
a Federal functional regulator.’’ 18
Although banks that lack a Federal
functional regulator are exempt from the
requirement to establish an AML
program, they are required to comply
with many other BSA requirements. For
example, FinCEN regulations require all
banks, regardless of whether they have
a Federal functional regulator, to file
currency transaction reports (‘‘CTRs’’)
and suspicious activity reports
(‘‘SARs’’), as well as to make and
maintain certain records.19 In addition,
like other covered financial institutions,
banks that lack a Federal functional
regulator are prohibited from
maintaining correspondent accounts for
foreign shell banks and are required to
obtain and retain information on the
ownership of foreign banks.20
FinCEN has incrementally eliminated
the Interim Final Rule’s temporary
exemption and promulgated AML
program rules for certain other
institutions, including insurance
companies, certain loan or finance
companies, and dealers in precious
metals, precious stones, or jewels.
FinCEN determined that the gap in AML
coverage between banks with and
without a Federal functional regulator
presented a vulnerability to the U.S.
financial system that could be exploited
by bad actors, prompting this
rulemaking. In the 2016 U.S. Mutual
Evaluation, the Financial Action Task
Force (FATF) recommended that three
categories of non-Federal state-chartered
banks be subject to an AML program
requirement in addition to their
18 Amendment of Interim Final Rule—AntiMoney Laundering Programs for Financial
Institutions, 67 FR 67547 (Nov. 6, 2002) (codified
at 31 CFR 1010.205).
19 See 31 CFR 1010.306–315 (CTRs); 31 CFR
1020.320 (SAR rule for banks); 31 CFR 1010.410
(records to be made and retained by financial
institutions).
20 31 CFR 1010.630 (governing prohibitions
against establishing, maintaining, administering, or
managing correspondent accounts for foreign shell
companies and records required for correspondent
accounts); 31 CFR 1010.670 (governing summons or
subpoena of foreign bank records and termination
of correspondent relationships); 31 CFR
1010.605(e)(2) (defining covered financial
institutions to include institutions not regulated by
a Federal functional regulator, including private
banks, trust companies, and credit unions). By
contrast, covered financial institutions for purposes
of due diligence program requirements for
correspondent accounts and private banking
accounts do not include private banks. Rather, such
due diligence program requirements apply only to
federally insured banks and credit unions, as well
as certain trust companies that are federally
regulated and subject to an anti-money laundering
program requirement. See 31 CFR 1010.605(e)(1)
(covered financial institution); 31 CFR 1010.610
(correspondent accounts); 31 CFR 1010.620 (private
banking accounts).
PO 00000
Frm 00055
Fmt 4700
Sfmt 4700
57131
reporting obligations.21 The rulemaking
covers non-Federal state chartered
banks. Further, subsequent to the 2016
notice of proposed rulemaking to amend
the AML, CIP, and beneficial ownership
regulations to include coverage for
banks lacking a Federal functional
regulator, and according to the 2020
National Strategy for Combatting
Terrorist and Other Illicit Financing,
law enforcement identified specific
instances of illicit actors taking
advantage of this lack of regulatory
coverage.22
Customer Identification Program
Requirements
CIP requirements were finalized,
through a joint final rule, for banks,
savings associations, credit unions, and
certain non-federally regulated banks on
May 9, 2003. With this action, certain
banks that lack a Federal functional
regulator—namely, private banks, nonfederally insured credit unions and trust
companies lacking a federal functional
regulator—were required to comply
with CIP requirements.23 On the same
day, FinCEN published a notice of
proposed rulemaking (‘‘NPRM’’) that
would have imposed CIP requirements
on all other banks without a Federal
functional regulator that were not
already included in the joint rule.24 The
2003 NPRM was never finalized.
Beneficial Ownership Requirement
On May 11, 2016, FinCEN published
a final rule (‘‘CDD Rule’’) 25 to clarify
and strengthen customer due diligence
requirements for certain financial
institutions, including federally
regulated banks. Specifically, the CDD
Rule requires these financial institutions
to identify and verify the identity of the
beneficial owners of their legal entity
customers, subject to certain exclusions
and exemptions. The CDD Rule also
amended the AML program
requirements for these financial
institutions. For purposes of regulatory
consistency and for the reasons noted
above, FinCEN believes it is necessary
that these requirements apply to nonfederally regulated banks as well.
21 See page 136 of the 2016 U.S. Mutual
Evaluation at https://www.fatf-gafi.org/media/fatf/
documents/reports/mer4/MER-United-States2016.pdf.
22 See page 41 of the 2020 National Strategy for
Combatting Terrorist and Other Illicit Financing at
https://home.treasury.gov/system/files/136/
National-Strategy-to-Counter-Illicit-Financev2.pdf.
23 See 68 FR 25090 (May 9, 2003) (codified at 31
CFR 1020.220).
24 See supra note 12.
25 See Customer Due Diligence Requirements for
Financial Institutions, 81 FR 29398 (May 11, 2016)
(codified at 31 CFR 1010.230).
E:\FR\FM\15SER1.SGM
15SER1
57132
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
jbell on DSKJLSW7X2PROD with RULES
II. Notice of Proposed Rulemaking
On August 25, 2016, FinCEN issued
an NPRM proposing to amend certain
definitions and to amend the AML, CIP,
and beneficial ownership regulations to
include coverage for banks lacking a
Federal functional regulator.26 FinCEN
proposed amending the definition of
‘‘bank’’ in 31 CFR 1020 specifically to
include, at a minimum, the following
categories: (1) State-chartered nondepository trust companies; (2) nonfederally insured credit unions; (3)
private banks; (4) non-federally insured
state banks and savings associations;
and (5) international banking entities. In
the NPRM, FinCEN noted that the gap
in AML coverage between banks with
and without a Federal functional
regulator presented a vulnerability to
the U.S. financial system that could be
exploited by bad actors, prompting this
rulemaking. Subsequent to the NPRM,
law enforcement has identified to
FinCEN specific instances of illicit
actors taking advantage of this lack of
coverage. This activity has involved
different types of institutions that would
be subject to this rule, and includes
multiple investigations related to
terrorist financing, espionage, narcotics
trafficking, and public corruption.
FinCEN further proposed technical
amendments to the definition of the
term ‘‘bank’’ to create one standard
definition to be used throughout the
regulations. FinCEN did not propose
any amendments to the definition of
‘‘financial institution,’’ because the
amendments proposed in the NPRM
would not impact how that term is
defined in 31 CFR 1010.100(t).
In addition, FinCEN proposed
amending the existing rules to impose
standards and requirements for banks
lacking a Federal functional regulator
that are identical to those in FinCEN’s
AML, CIP, and beneficial ownership
regulations for banks with a Federal
functional regulator. Specifically, the
NPRM proposed requiring any entity
meeting the definition of ‘‘bank’’ in 31
CFR 1010.100(d), whether or not
regulated by a Federal functional
regulator, to establish AML and CIP
programs and to comply with beneficial
ownership requirements.
Finally, because there would no
longer be a need to exclude banks
without a Federal functional regulator
from AML and CIP requirements if the
proposal were finalized, FinCEN also
proposed removing 31 CFR 1020.100(b)
and (d). FinCEN also invited comment
on all aspects of the NPRM.
26 See
81 FR 58425 (Aug. 25, 2016).
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
III. Comments on the NPRM—Overview
and General Issues
The comment period on the NPRM
ended on October 24, 2016. FinCEN
received eight comments. Comments
were submitted by one anonymous
source, three industry representatives,
and four trade associations. FinCEN has
reviewed and considered all the
comments to the extent they addressed
aspects of the proposed rulemaking. All
the comments supported the issuance of
this Final Rule. The Final Rule adopts
the proposal in its entirety, but
establishes a later date by which
affected banks must be in compliance.
One commenter requested a two-year
implementation period. Another
suggested an implementation date in
May 2018, to coincide with that of the
CDD Rule. A third commenter suggested
an implementation period of six months
to a year, and a fourth commenter
suggested a minimum of six months.
As FinCEN emphasized in the NPRM,
and described in more detail above,
banks lacking a Federal functional
regulator are already obligated to
comply with a number of BSA
regulations. In addition, banks lacking a
Federal functional regulator generally
are required by state banking regulation
and guidance to have policies,
management oversight, personnel
training, and internal compliance
review and various procedures and
systems in place to comply with
regulation and guidance. Even banks not
subject to these state regulatory
requirements must develop such
policies and procedures to properly
function and comply with their BSA
obligations and state banking
regulations. FinCEN views the existence
of such policies and procedures as
minimizing the amount of time needed
to prepare for implementation of the
Final Rule’s requirements. Accordingly,
FinCEN does not expect the transition to
compliance with the Final Rule to be
unreasonably difficult or costly, and
does not believe a two-year
implementation period is needed or
warranted. However, in light of these
comments, FinCEN has determined that
it would be appropriate to provide
affected banks more time to comply
with the Final Rule. Banks lacking a
Federal functional regulator, therefore,
will have 180 days from the day the
Final Rule is published to be in
compliance. FinCEN believes that this
time frame is reasonable and adequate
to ensure compliance with these
requirements, given the framework that
these banks are expected to already have
in place.
PO 00000
Frm 00056
Fmt 4700
Sfmt 4700
IV. Section-by-Section Analysis
A. Section 1010.100
Definitions
General
Because the definition of bank in Part
1010 makes no distinction as to whether
a bank has a Federal functional
regulator, FinCEN did not propose any
changes to the definition of bank in
paragraph 1010.100(d). Likewise, there
were no proposed changes to the general
definition of financial institution in
paragraph 1010.100(t). Because these
existing definitions do not make
distinctions based on whether a bank
has a Federal functional regulator, they
will be used for Part 1020. There were
no objections to this general
formulation, and FinCEN is adopting it
as proposed.
B. Section 1010.605
Definition
The beneficial ownership rule refers
to the definition of covered financial
institution set forth in paragraph
1010.605(e)(1), which excludes certain
financial institutions lacking a Federal
functional regulator. To ensure that all
banks are subject to the beneficial
ownership requirements under section
1010.230, FinCEN proposed amending
the definition in paragraph
1010.605(e)(1) by replacing paragraphs
(i) through (vii) with a single paragraph
(e)(1)(i) to include all banks within the
rule’s definition of ‘‘covered financial
institution.’’ With these changes, all
banks will now be required to comply
with the beneficial ownership
requirements to identify and verify the
beneficial owners of legal entity
customers, regardless of whether they
are federally regulated. As with the
previous sections, there were no
objections to this general formulation,
and FinCEN is adopting it as proposed.
C. Section 1020.100
Definitions
FinCEN proposed removing paragraph
1020.100(b), because the definition of
bank for purposes of complying with
CIP requirements only included banks
subject to regulation by a Federal
functional regulator. There were no
objections to this general formulation,
and FinCEN is removing the definition
as proposed.
Likewise, FinCEN proposed removing
paragraphs 1020.100(d)(1) and (2),
because the definitions of financial
institution for purposes of complying
with AML and CIP requirements only
included banks subject to regulation by
a Federal functional regulator. There
were no objections to this general
formulation, and FinCEN is removing
these paragraphs as proposed.
E:\FR\FM\15SER1.SGM
15SER1
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
D. Amendments to Section 1010.205
FinCEN proposed amending section
1010.205 to reflect the removal of: (1)
The exemption for private bankers
(paragraph 1010.205(b)(1)(vi)); (2) the
broader exemption for banks that lack a
Federal functional regulator (paragraph
1010.205(b)(2)); and (3) the exemption
for persons subject to supervision by a
state banking authority (paragraph
1010.205(b)(3)). There were no
objections to this amendment, and
FinCEN is adopting it as proposed.
jbell on DSKJLSW7X2PROD with RULES
E. Amendments to Section 1020.210
FinCEN proposed amending the title
for this section to reflect that all banks,
regardless of whether they are subject to
Federal regulation and oversight, are
required to establish and implement
AML programs. There were no
objections to this amendment, and
FinCEN is adopting it as proposed. The
title for this section now reads: ‘‘Antimoney laundering program
requirements for banks.’’
FinCEN proposed amending the
introductory paragraph in 1020.210 and
redesignating the introductory
paragraph as paragraph (a) in order to
detail the AML program requirements
specific to banks regulated only by a
Federal functional regulator, including
banks, savings associations, and credit
unions. FinCEN also proposed removing
from the introductory paragraph in
1020.210 the reference to regulation by
a self-regulatory organization. There
were no objections to these
amendments, and FinCEN is adopting
them as proposed.
FinCEN proposed adding new
paragraph 1020.210(b) to detail the AML
program requirements specific to banks
that lack a Federal functional regulator,
including, but not limited to, private
banks, non-federally insured credit
unions, and certain trust companies.
Paragraph 1020.210(b)(2) requires banks
that lack a Federal functional regulator
to establish and implement AML
programs under the specified minimum
standards. Paragraph 1020.210(b)(3)
requires banks that lack a Federal
functional regulator to obtain approval
of the AML program by their board of
directors, or an equivalent governing
body, and to make the AML program
available to FinCEN or its designee
upon request. There were no objections
to these amendments, and FinCEN is
adopting them as proposed.
F. Amendments to Section 1020.220
FinCEN proposed amending the title
for this section to reflect that, going
forward, CIP requirements would apply
to all banks. There were no objections
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
to this amendment, and FinCEN is
adopting it as proposed.
V. Final Regulatory Flexibility Act
Analysis
When an agency issues a rulemaking
proposal, the Regulatory Flexibility Act
(‘‘RFA’’) requires the agency to ‘‘prepare
and make available for public comment
an initial regulatory flexibility analysis’’
that will ‘‘describe the impact of the
proposed rule on small entities.’’ 5
U.S.C. 603(a). Section 605 of the RFA
allows an agency to certify a rule, in lieu
of preparing an analysis, if the proposed
rulemaking is not expected to have a
significant economic impact on a
substantial number of small entities.
A. Reasons Why Action by the Agency
Is Being Considered
The Anti-Money Laundering Program
The statutory mandate that all
financial institutions establish AML
programs is a key element in the
national effort to prevent and detect
money laundering and the financing of
terrorism. Banks without a Federal
functional regulator are at least as
vulnerable to the risks of money
laundering and terrorist financing as
banks with one. The Final Rule
eliminates the present regulatory gap in
AML coverage between banks with and
without a Federal functional regulator.
FinCEN expects that uniform regulatory
requirements for all banks will reduce
the opportunity for criminals to seek out
and exploit banks subject to less
rigorous AML requirements.
Customer Identification Program
For the reasons of regulatory
consistency and protection against the
systemic vulnerability discussed above
in connection with AML programs,
FinCEN believes that CIP requirements
should also apply to all banks,
regardless of whether they are federally
regulated. In May 2003, FinCEN issued
a Notice of Proposed Rulemaking to
ensure that there would be no gaps in
the scope of the CIP obligations as they
apply to banks. However, this proposal
was never finalized.
Beneficial Ownership Requirements
As noted above, the beneficial
ownership requirements of the CDD
Rule require that from and after May 11,
2018, federally regulated banks and
certain other financial institutions
identify, and verify the identity of, the
beneficial owners of their legal entity
customers, as set forth in section
1010.230. For purposes of regulatory
consistency, and protection against the
systemic vulnerability discussed above
in connection with AML programs,
PO 00000
Frm 00057
Fmt 4700
Sfmt 4700
57133
FinCEN believes that this requirement
should apply to non-federally regulated
banks as well.
B. Objectives of, and Legal Basis for, the
Final Rule
Section 352 of the USA PATRIOT Act
requires financial institutions to
establish AML programs that, at a
minimum, include: (1) The
development of internal policies,
procedures, and controls; (2) the
designation of a compliance officer; (3)
an ongoing employee training program;
and (4) an independent audit function
to test programs. In addition, the CDD
Rule described above added an explicit
requirement to understand the nature
and purpose of customer relationships;
to conduct ongoing monitoring to
identify and report suspicious
transactions; and, on a risk basis, to
maintain and update customer
information.27
Section 326 of the USA PATRIOT Act
requires FinCEN to prescribe regulations
that require financial institutions to
establish programs for account opening
that, at a minimum, include: (1)
Verifying the identity of any person
seeking to open an account, to the
extent reasonable and practicable; (2)
maintaining records of the information
used to verify the person’s identity,
including name, address, and other
identifying information; and (3)
determining whether the person appears
on any lists of known or suspected
terrorists or terrorist organizations
provided to the financial institution by
any government agency.
Section 312 of the USA PATRIOT Act
requires each U.S. financial institution
that establishes, maintains, administers,
or manages a correspondent account or
a private banking account in the United
States for a non-U.S. person to subject
such accounts to certain AML measures.
C. Small Entities Subject to the Final
Rule
Based upon available data, for the
purposes of the RFA, FinCEN estimates
that these rules will impact
approximately 297 state-chartered nondepository trust companies, 228 nonfederally insured credit unions, 12 nonfederally insured state-chartered banks
and savings and loan or building and
loan associations, 1 private bank, and 29
international banking entities.28
27 31
CFR 1020.210(b)(5).
Small Business Administration (‘‘SBA’’)
size standards define a trust company as a small
business if it has assets of $38.5 million or less. The
SBA defines a depository institution (including a
credit union) as a small business if it has assets of
$550 million or less. FinCEN was unable to find an
28 The
E:\FR\FM\15SER1.SGM
Continued
15SER1
57134
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
FinCEN’s expectation, as expressed in
the NPRM, is that many of the banks
without a Federal functional regulator
are small entities. No comments
received in response to the NPRM
indicated anything to the contrary.
Therefore, FinCEN concludes that the
Final Rule applies to a substantial
number of small entities.
jbell on DSKJLSW7X2PROD with RULES
D. Projected Reporting, Recordkeeping,
and Other Compliance Requirements of
the Final Rule
The Final Rule prescribes minimum
standards for AML programs for banks
without a Federal functional regulator to
ensure that all banks, regardless of
whether they are subject to Federal
regulation and oversight, are required to
establish and implement written AML
programs, including conducting ongoing
customer due diligence, and to identify
and verify the identity of the beneficial
owners of their legal entity customers.
The changes also extend customer
identification program requirements to
those banks not already subject to these
requirements.
Banks lacking a Federal functional
regulator are currently required to
comply with many existing
requirements under the BSA. All banks,
including those not subject to Federal
supervision, are already required to file
CTRs and SARs, which necessarily
requires a bank to establish a process to
detect unusual activity. In addition,
certain banks lacking a Federal
functional regulator—namely, private
banks, non-federally insured credit
unions, and certain trust companies—
must maintain CIPs.29
With respect to the beneficial
ownership requirement, the Final Rule
requires banks lacking a Federal
functional regulator to obtain and
maintain identifying information for
each beneficial owner from each legal
entity customer that opens a new
account, including name, address, date
of birth, and identification number. The
financial institution is also required to
verify the identity of such persons by
documentary or non-documentary
methods and to maintain in its records
for five years a description of (i) any
document relied on for verification, (ii)
any such non-documentary methods
and results of such measures
undertaken, and (iii) the resolution of
any substantive discrepancies
discovered in verifying the
identification information.
authoritative figure on the number of non-federally
regulated depository institutions that would meet
the definition of small entity.
29 See 31 CFR 1020.220.
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
The burden on a small non-federally
regulated bank at account opening
resulting from the Final Rule would be
a function of the number of beneficial
owners of each legal entity customer
opening a new account, the additional
time required to identify and verify each
beneficial owner, and the number of
new accounts opened for legal entities
by the small banks during a specified
period.
None of the small businesses that
commented on the CDD Rule’s Initial
Regulatory Flexibility Analysis
(‘‘IRFA’’) included an estimate of the
amount of time to open a legal entity
account; rather, only one noted the
number of such accounts it opens per
year (70). As a result of the comments
FinCEN received to the CDD Rule’s
regulatory impact assessment (‘‘RIA’’),
FinCEN concluded in its Final
Regulatory Flexibility Analysis
(‘‘FRFA’’) 30 that the estimated time for
financial institutions to open accounts
ranges from 20 to 40 minutes.31 On
December 30, 2019, FinCEN published
in the Federal Register a notice of intent
to renew without change, information
collection requirements in connection
with beneficial ownership requirements
for legal entity customers.32 As a result
of public comments received on the
notice, FinCEN increased its estimate of
the burden from an average of 30
minutes to an average of 80 minutes per
new account opened for a legal entity
customer.
E. Overlapping or Conflicting Federal
Rules
FinCEN is unaware of any existing
Federal regulations that would overlap
or conflict with the Final Rule.
F. Consideration of Significant
Alternatives
FinCEN has not identified any
alternative means for bringing these
categories of non-Federally regulated
banks into compliance with the same
standards as all other banks in the
United States. Were FinCEN to exempt
small entities from this requirement,
those entities would potentially be at
greater risk of abuse by criminals,
terrorists, and other bad actors and
would expose the U.S. financial system
to money laundering, terrorist financing,
proliferation financing, and other
serious illicit finance threats.
81 FR at 29448.
id. As a result of the comments FinCEN
received to the draft RIA from other commenters,
FinCEN increased the estimated time for financial
institutions to open accounts, from a range of 15 to
30 minutes in the IRFA, to a range of 20 to 40
minutes.
32 See 84 FR 72137 (Dec. 30, 2019).
With respect to beneficial ownership
requirements in the CDD Rule, FinCEN
considered several alternatives to the
requirements proposed. As described in
greater detail in the preamble to the
final CDD Rule,33 these alternatives
included exempting small financial
institutions below a certain asset or
legal entity customer threshold from the
requirements, as well as utilizing a
lower or higher threshold for the
minimum level of equity ownership for
the definition of beneficial owner.
FinCEN determined, however, that
identifying the beneficial owner of a
financial institution’s legal entity
customers and verifying that identity are
necessary requirements to strengthen
financial transparency and to combat
the misuse of companies to engage in
illicit activities. Were FinCEN to exempt
from this requirement small entities or
entities that establish a limited number
of accounts for legal entities, those
financial institutions would be at greater
risk of abuse by criminals, terrorists,
and other bad actors and would expose
the U.S. financial system to money
laundering, terrorist financing,
proliferation financing, and other
serious illicit finance threats.
FinCEN also considered increasing
the threshold for ownership of equity
interests in the definition of beneficial
ownership to 50 percent or more of the
equity interests. Although this higher
threshold would reduce the maximum
number of individuals whose identity
would need to be verified from five to
three, thus reducing marginally the
onboarding time, this change would not
impact the training or IT costs and,
therefore, would not substantially
reduce the overall costs of the rule and
also would provide less useful
information. After considering all the
alternatives, FinCEN concluded that an
ownership threshold of 25 percent is
appropriate to maximize the benefits of
the requirement while minimizing the
burden.34
To minimize burden to covered
financial institutions, which would
apply to banks covered under this Final
Rule, FinCEN did exempt such financial
institutions from the beneficial
ownership requirements in connection
with legal entity customers opening
certain low risk accounts.35
FinCEN believes, based on its
exposure to other similarly regulated
businesses that are required to comply
30 See
31 See
PO 00000
Frm 00058
Fmt 4700
Sfmt 4700
33 See
81 FR at 29450.
at 29410.
35 31 CFR 1010.230(h); see also FIN–2018–R004,
‘‘Exceptive Relief from Beneficial Ownership
Requirements for Legal Entity Customers of
Rollovers, Renewals, Modifications, and Extensions
of Certain Accounts,’’ (Sept. 7, 2018).
34 Id.
E:\FR\FM\15SER1.SGM
15SER1
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
jbell on DSKJLSW7X2PROD with RULES
with AML and CIP programs and
beneficial ownership requirements, that
banks lacking a Federal functional
regulator will be able to build on their
existing compliance policies and
procedures and prudential business
practices to ensure compliance with this
Final Rule with relatively minimal cost
and effort. As FinCEN has done with the
other industries subject to the
requirements of the BSA, FinCEN will
actively engage with banks lacking a
Federal functional regulator to provide
guidance and feedback, and endeavor to
make compliance with the regulations
as cost-effective and efficient as possible
for all affected banks.
FinCEN believes that the flexibility
incorporated into the Final Rule permits
each bank lacking a Federal functional
regulator to take a risk-based approach
to tailor its AML and CIP programs to
fit its own size, needs, and operational
risks. In this regard, FinCEN believes
that expenditures associated with
establishing and implementing an AML
program will be commensurate with a
bank’s size, complexity, and risk profile.
Based on inherent risks, some banks
may deem it appropriate to implement
more comprehensive policies,
procedures, and internal controls than
others. FinCEN does not intend for each
bank lacking a Federal functional
regulator to have identical policies and
procedures for their AML and CIP
programs. The AML regulations are riskbased. Accordingly, each bank has
broad discretion to design and
implement programs that reflect and
respond to the bank’s unique money
laundering, terrorist and proliferation
financing, and other serious illicit
finance risks. As with other financial
institutions subject to the requirements
of the BSA, if a bank lacking a Federal
functional regulator is small or does not
have high-risk customers, or does not
engage in high-risk transactions, the
burden to comply with the Final Rule
likely will be commensurately minimal.
FinCEN anticipates that the impact of
the AML and CIP program and
beneficial ownership requirements and
the assessment of associated risks will
not be significant for covered banks
lacking a Federal functional regulator.
G. Certification
The additional burden under the
Final Rule is a requirement to maintain
AML and CIP programs and comply
with beneficial ownership requirements.
As discussed above, FinCEN anticipates
that the impact from these requirements
will not be significant. Accordingly,
FinCEN certifies that the Final Rule will
not have a significant economic impact
on small entities.
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
VI. Unfunded Mandates Act
Section 202 of the Unfunded
Mandates Reform Act of 1995
(‘‘Unfunded Mandates Act’’), Public
Law 104–4 (March 22, 1995), requires
that an agency prepare a budgetary
impact statement before promulgating a
rule that may result in expenditure by
State, local, and tribal governments, in
the aggregate, or by the private sector, of
$100 million or more in any one year.
If a budgetary impact statement is
required, section 202 of the Unfunded
Mandates Act also requires an agency to
identify and consider a reasonable
number of regulatory alternatives before
promulgating a rule. Taking into
account the factors noted above and
using conservative estimates of average
labor costs in evaluating the cost of the
burden imposed by the proposed
regulation, FinCEN has determined that
it is not required to prepare a written
statement under section 202.
VII. Executive Orders 13563 and 12866
Executive Orders 13563 and 12866
direct agencies to assess costs and
benefits of available regulatory
alternatives and, if regulation is
necessary, to select regulatory
approaches that maximize net benefits
(including potential economic,
environmental, public health and safety
effects, distributive impacts, and
equity). Executive Order 13563
emphasizes the importance of
quantifying both costs and benefits, of
reducing costs, of harmonizing rules,
and of promoting flexibility. This Final
Rule has been designated a ‘‘significant
regulatory action,’’ although not
economically significant, under section
3(f) of Executive Order 12866.
Accordingly, the Final Rule has been
reviewed by the Office of Management
and Budget (‘‘OMB’’). As noted above,
FinCEN believes the new requirements
imposed on banks without a Federal
functional regulator, as a result of this
Final Rule, will result in a minimal
additional compliance burden for such
banks for the following reasons:
• Banks lacking a Federal functional
regulator are currently required to
comply with many existing
requirements under the BSA, including
the requirements to file CTRs and SARs,
which necessarily require a bank to
establish a process to detect unusual
activity.
• Certain banks lacking a Federal
functional regulator—namely, private
banks, non-federally insured credit
unions, and certain trust companies—
must maintain CIPs.
• Banks lacking a Federal functional
regulator generally are required by state
PO 00000
Frm 00059
Fmt 4700
Sfmt 4700
57135
banking regulation and guidance to have
policies, management oversight,
personnel training, internal compliance
review, and various procedures and
systems in place to comply with
regulation and guidance. Even banks not
subject to these state regulatory
requirements must develop such
policies and procedures to properly
function and comply with their BSA
obligations and state banking
regulations.
VIII. Paperwork Reduction Act
The collections of information
contained in the Final Rule were
submitted to OMB for review in
accordance with the Paperwork
Reduction Act of 1995 (‘‘PRA’’).36 The
information collections have been
approved under OMB control numbers
1506–0035 (Anti-money laundering
program requirements for banks), 1506–
0026 (Customer identification program
requirements for banks), and 1506–0070
(Beneficial ownership requirements for
legal entity customers).
In accordance with the requirements
of the PRA, and its implementing
regulations, 5 CFR part 1320, the
following information concerning the
collection of information is presented.
The information collections in this Final
Rule are contained in 31 CFR 1020.210
(Anti-money laundering program
requirements for banks), 31 CFR
1020.220 (Customer identification
program requirements for banks), and 31
CFR 1010.230 (Beneficial ownership
requirements for legal entity customers).
The information will be used by
examining agencies to verify
compliance with these provisions. The
collection of information is mandatory.
Records required to be retained under
the BSA must be retained for five years.
a. 31 CFR 1020.210—Anti-Money
Laundering Program Requirements for
Banks
Under this Final Rule, banks that lack
a Federal functional regulator are
required to establish and implement
written AML programs under the
specified minimum standards. All
financial institutions are required to
document their AML programs and are
permitted to use the method most
suitable to their requirements. In
addition, banks that lack a Federal
functional regulator are required to
obtain approval of their AML program
by their board of directors, or an
equivalent governing body.
Description of Recordkeepers: Banks
that lack a Federal functional regulator,
including, but not limited to, state36 44
E:\FR\FM\15SER1.SGM
U.S.C. 3507(d).
15SER1
57136
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
chartered non-depository trust
companies, non-federally insured credit
unions, non-federally insured statechartered banks and savings and loan or
building and loan associations, private
banks, and international banking
entities.
Estimated Number of Recordkeepers:
567 financial institutions.37
Estimated Annual Records: 567 AML
programs.
Estimated Annual Burden Hours:
1,134 hours.38
Estimated Total Annual Burden for
AML Program Requirements: 1,134
hours.
This burden is added to the existing
burden listed under OMB control
number 1506–0035 currently titled
‘‘Anti-Money Laundering Programs for
Insurance Companies and Non-Bank
Residential Mortgage Lenders and
Originators.’’ The new title for this
control number will be ‘‘Anti-Money
Laundering Programs for Insurance
Companies, Non-Bank Residential
Mortgage Lenders and Originators, and
Banks Lacking a Federal Functional
Regulator.’’ The new total estimated
annual burden for this control number
is 33,334 hours.39
b. 31 CFR 1020.220—Customer
Identification Program Requirements for
Banks
Under the CIP requirements, financial
institutions are required to implement
risk-based, written CIPs that address the
jbell on DSKJLSW7X2PROD with RULES
37 Approximately
297 state-chartered nondepository trust companies, 228 non-federally
insured credit unions, 12 non-federally insured
state-chartered banks and savings and loan or
building and loan associations, 1 private bank, and
29 international banking entities will be required to
implement written AML programs as a result of this
Final Rule.
38 The estimated average burden associated with
the development of a written AML program is one
hour per recordkeeper annually. Although this is a
new requirement for banks lacking a Federal
functional regulator, they are already obligated to
comply with a number of BSA regulations and state
banking regulations. For example, FinCEN
regulations require all banks, regardless of whether
they have a Federal functional regulator, to file
CTRs and SARs, as well as to make and maintain
certain records. These banks likely maintain
procedures to comply with such BSA and state
banking regulations. For that reason, FinCEN
estimates that the burden associated with the
development of a written AML program is one hour
because the impacted financial institutions will be
able to incorporate existing applicable procedures.
In addition, the estimated average burden
associated with obtaining board approval of the
AML program is one hour per recordkeeper
annually. This equates to 2 hours of annual burden
per impacted financial institution to comply with
these requirements (567 financial institutions × 2
hours = 1,134 hours).
39 The current annual burden hours estimate for
OMB control number 1506–0035 is 32,200. One
thousand one hundred thirty four (1,134) burden
hours will be added to this control number as a
result of this Final Rule (32,200 + 1,134 = 33,334).
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
following: (1) Procedures for verifying
the identify of each new customer; (2)
procedures for making and maintaining
a record of all information obtained
under the customer identification
program; (3) procedures for determining
whether a new customer appears on any
list of known or suspected terrorist
organizations issued by the Federal
government; and (4) procedures for
providing customers adequate notice
that the financial institution is
requesting information to verify their
identities.
Description of Recordkeepers: Banks
that lack a Federal functional regulator,
such as non-federally insured statechartered banks and savings and loan or
building and loan associations, and
international banking entities.40
1. Implementing Written CIP Procedures
Estimated Number of Recordkeepers:
41 financial institutions. 41
Estimated Annual Records: 41 written
CIP programs.
Estimated Annual Burden Hours: 41
hours.42
2. Recording Information Required To
Identify and Verify New Customers
Estimated Number of Recordkeepers:
41 financial institutions.
Estimated Annual Records: 30,750
records on new accounts.43
Estimated Annual Burden Hours:
2,563 hours.44
40 FinCEN has previously implemented CIP
requirements for credit unions, private banks, and
trust companies that do not have a Federal
functional regulator. See 31 CFR 1020.220. For that
reason, the CIP requirements in this Final Rule only
apply to the non-federally insured state-chartered
banks and savings and loan or building and loan
associations and international banking entities.
41 Approximately 12 non-federally insured statechartered banks and savings and loan or building
and loan associations and 29 international banking
entities depository institutions will be required to
implement CIP requirements as a result of this Final
Rule.
42 The estimated average burden associated with
the development of written CIP procedures is one
hour per recordkeeper annually. Although this is a
new requirement for some banks lacking a Federal
functional regulator, they are already obligated to
comply with a number of BSA regulations and state
banking regulations. These banks likely maintain
procedures to comply with such BSA and state
banking regulations. Further, certain identity
verification documents for new customers are
collected as standard practice for the financial
industry. For that reason, FinCEN estimates that the
burden associated with the development of written
CIP procedures is one hour because it will
incorporate existing applicable procedures.
43 FinCEN estimates that, on average, small
financial institutions, such as those covered by this
Final Rule, will open approximately 3 new
accounts per business day. There are 250 business
days per year. (41 financial institutions × 3 accounts
per day × 250 business days = 30,750 records per
year).
44 In past PRA burden analysis, FinCEN estimated
that the burden to collect account information as a
PO 00000
Frm 00060
Fmt 4700
Sfmt 4700
3. Providing Customers Notice of
Identification Requirements
Estimated Number of Recordkeepers:
41 financial institutions.
Estimated Annual Records: 41
disclosure notices.
Estimated Annual Burden Hours: 41
hours.45
4. Total Annual Burden Applicable to
CIP Requirements
Estimated Total Annual Burden
Hours for CIP Requirements: 2,645
hours (41 + 2,563 + 41).
• 41 hours—Implementing written
CIP procedures.
• 2,563 hours—Recording
information required to identify and
verify new customers.
• 41 hours—Providing customers
notice of identification requirements.
This burden is added to the existing
burden listed under OMB control
number 1506–0026 currently titled
‘‘Customer Identification Programs for
Banks, Savings Associations, Credit
Unions, and Certain Non-Federally
Regulated Banks.’’ The new title for this
control number will be ‘‘Customer
Identification Program Requirements for
Banks.’’ The new total estimated annual
burden for this control number is
178,205 hours.46
c. 31 CFR 1010.230—Beneficial
Ownership Requirements for Legal
Entity Customers
Under 31 CFR 1010.230, financial
institutions are required to establish and
maintain written procedures that are
reasonably designed to identify and
verify beneficial owners of new
accounts opened by legal entity
customers and to include such
procedures in their AML programs.
Financial institutions may obtain the
required identifying information by
either using the optional certification
form from the individual opening the
account on behalf of a legal entity
result of CIP requirements for other types of
financial institutions was 2 minutes per new
account. However, because CIP is a new regulatory
requirement for the financial institutions impacted
by this Final Rule, FinCEN will conservatively
estimate that the time it takes to collect and
document identification and verification
information for purposes of CIP is 5 minutes per
new account opened. (30,750 records on new
accounts × 5 minutes per account and converted to
hours = 2,563 annual burden hours).
45 FinCEN estimates that it will take each
financial institutions impacted by this Final Rule 1
hour to draft and post a CIP disclosure notification
for customers (41 financial institutions × 1 hour =
41 hours).
46 The current annual burden hours estimate for
OMB control number 1506–0026 is 175,560, and
2,645 burden hours will be added to this control
number as a result of this rulemaking (175,560 +
2,645 = 178,205).
E:\FR\FM\15SER1.SGM
15SER1
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
customer, or by obtaining from the
individual the information required by
the form by another means, provided
the individual certifies the accuracy of
the information. Financial institutions
must also maintain a record of the
identifying information obtained, as
well as a description of any document
relied on, of any non-documentary
methods and results of any measures
undertaken, and the resolutions of
substantive discrepancies.
Description of Recordkeepers: Banks
that lack a Federal functional regulator,
including, but not limited to, statechartered non-depository trust
companies, non-federally insured credit
unions, non-federally insured statechartered banks and savings and loan or
building and loan associations, private
banks, and international banking
entities.
1. Develop and Maintain Beneficial
Ownership Identification Procedures
Estimated Number of Recordkeepers:
567 financial institutions.47
Estimated Annual Records: 567
beneficial ownership identification
procedures.
Estimated Annual Burden Hours:
22,680 hours.48
jbell on DSKJLSW7X2PROD with RULES
2. Customer Identification, Verification,
and Review and Recordkeeping of the
Beneficial Ownership Information
Estimated Number of Recordkeepers:
567 financial institutions.
Estimated Annual Records: 212,625
beneficial ownership identification
records.49
47 Approximately 297 state-chartered nondepository trust companies, 228 non-federally
insured credit unions, 12 non-federally insured
state-chartered banks and savings and loan or
building and loan associations, 1 private bank, and
29 international banking entities will be required to
implement beneficial ownership identification
procedures as a result of this Final Rule.
48 The beneficial ownership final rule recognized
a burden of 56 hours to develop the initial
procedures (40 hours for small entities). See 81 FR
at 29451. Based on FinCEN’s data, banks lacking a
Federal functional regulator are generally
considered small entities. For that reason, FinCEN
estimates it will take 40 hours for financial
institutions impacted by this Final Rule to develop
and document initial beneficial ownership
identification procedures. (567 × 40 = 22,680).
49 The beneficial ownership final rule recognized
a burden of 20 to 40 minutes (average of 30
minutes) to obtain identification records for each
legal entity customer. The final rule also estimated
that a financial institution would open 1.5 new
legal entity accounts per business day. There are
250 business days per year. See id. at 29451 n.191.
On December 30, 2019, FinCEN published in the
Federal Register a notice of intent to renew without
change, information collection requirements in
connection with beneficial ownership requirements
for legal entity customers. See supra note 30. As a
result of public comments received on the notice,
FinCEN increased its estimate of the burden from
an average of 30 minutes to an average of 80
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
Estimated Annual Burden Hours:
283,500 hours.50
3. Total Annual Burden Applicable to
Beneficial Ownership Requirements
Estimated Total Annual Burden
Hours for Beneficial Ownership
Requirements: 306,180 hours (22,680 +
283,500).
• 22,680 hours—Develop and
maintain beneficial ownership
identification procedures.
• 283,500 hours—Customer
identification, verification, and review
and recordkeeping of the beneficial
ownership information.
This burden is added to the existing
burden listed under OMB control
number 1506–0070 titled Beneficial
Ownership Requirements for Legal
Entity Customers. The new total
estimated annual burden for this control
number is 12,190,880 hours.51
Total Estimated Annual Burden
Hours as a Result of this Final Rule:
309,959 hours (1,134 + 2,645 + 306,180).
• Anti-money laundering program
requirements for banks—1,134 hours.
• Customer identification program
requirements for banks—2,645 hours.
• Beneficial ownership requirements
for legal entity customers—306,180
hours.
List of Subjects in 31 CFR Parts 1010
and 1020
Administrative practice and
procedure, Banks, Banking, Currency,
Foreign banking, Foreign currencies,
Investigations, Penalties, Reporting and
recordkeeping requirements, Terrorism.
Authority and Issuance
For the reasons set forth in the
preamble, Parts 1010 and 1020 of
Chapter X of Title 31 of the Code of
Federal Regulations are amended as
follows:
PART 1010—GENERAL PROVISIONS
1. The authority citation for part 1010
continues to read as follows:
■
Authority: 12 U.S.C. 1829b and 1951–
1959; 31 U.S.C. 5311–5314 and 5316–5332;
title III, sec. 314, Pub. Law 107–56, 115 Stat.
307; sec. 701, Pub. L. 114–74, 129 Stat. 599.
minutes per new account opened for a legal entity
customer. (1.5 accounts per day × 250 days per year
= 375 accounts per financial institution). (567
financial institutions × 375 accounts per year =
212,625 accounts per year).
50 (212,625 accounts × 80 minutes per account
and converted to hours = 283,500 hours).
51 The current annual burden hours estimate for
OMB control number 1506–0070 is 11,884,700.
306,180 burden hours will be added to this control
number as a result of this Final Rule (11,884,700 +
306,180 = 12,190,880).
PO 00000
Frm 00061
Fmt 4700
Sfmt 4700
§ 1010.205
57137
[Amended]
2. Section 1010.205 is amended by:
a. Removing paragraph (b)(1)(vi);
b. Redesignating paragraphs (b)(1)(vii)
through (ix) as paragraphs (b)(1)(vi)
through (viii); and
■ c. Removing and reserving paragraphs
(b)(2) and (b)(3).
■ 3. Section 1010.605 is amended by:
■ a. Revising paragraph (e)(1)(i);
■ b. Removing paragraphs (e)(1)(ii)
through (vii); and
■ c. Redesignating paragraphs (e)(1)(viii)
through (x) as paragraphs (e)(1)(ii)
through (iv).
The revision reads as follows:
■
■
■
§ 1010.605
Definitions
*
*
*
*
*
(e) * * *
(1) * * *
(i) A bank required to have an antimoney laundering compliance program
under the regulations implementing 31
U.S.C. 5318(h), 12 U.S.C. 1818(s), or 12
U.S.C. 1786(q)(1);
*
*
*
*
*
PART 1020—RULES FOR BANKS
4. The authority citation for part 1020
continues to read as follows:
■
Authority: 12 U.S.C. 1829b and 1951–
1959; 31 U.S.C. 5311–5314 and 5316–5332;
title III, sec. 314, Pub. Law 107–56, 115 Stat.
307.
§ 1020.100
[Amended]
5. Section 1020.100 is amended by:
a. Removing paragraphs (b) and (d);
and
■ b. Redesignating paragraph (c) as
paragraph (b).
■ 6. Section 1020.210 is revised to read
as follows:
■
■
§ 1020.210 Anti-money laundering
program requirements for banks.
(a) Anti-money laundering program
requirements for banks regulated by a
Federal functional regulator, including
banks, savings associations, and credit
unions. A bank regulated by a Federal
functional regulator shall be deemed to
satisfy the requirements of 31 U.S.C.
5318(h)(1) if it implements and
maintains an anti-money laundering
program that:
(1) Complies with the requirements of
§§ 1010.610 and 1010.620 of this
chapter;
(2) Includes, at a minimum:
(i) A system of internal controls to
assure ongoing compliance;
(ii) Independent testing for
compliance to be conducted by bank
personnel or by an outside party;
(iii) Designation of an individual or
individuals responsible for coordinating
and monitoring day-to-day compliance;
E:\FR\FM\15SER1.SGM
15SER1
jbell on DSKJLSW7X2PROD with RULES
57138
Federal Register / Vol. 85, No. 179 / Tuesday, September 15, 2020 / Rules and Regulations
(iv) Training for appropriate
personnel; and
(v) Appropriate risk-based procedures
for conducting ongoing customer due
diligence, to include, but not be limited
to:
(A) Understanding the nature and
purpose of customer relationships for
the purpose of developing a customer
risk profile; and
(B) Conducting ongoing monitoring to
identify and report suspicious
transactions and, on a risk basis, to
maintain and update customer
information. For purposes of this
paragraph, customer information shall
include information regarding the
beneficial owners of legal entity
customers (as defined in § 1010.230 of
this chapter); and
(3) Complies with the regulation of its
Federal functional regulator governing
such programs.
(b) Anti-money laundering program
requirements for banks lacking a
Federal functional regulator including,
but not limited to, private banks, nonfederally insured credit unions, and
certain trust companies. A bank lacking
a Federal functional regulator shall be
deemed to satisfy the requirements of 31
U.S.C. 5318(h)(1) if the bank establishes
and maintains a written anti-money
laundering program that:
(1) Complies with the requirements of
§§ 1010.610 and 1010.620 of this
chapter; and
(2) Includes, at a minimum:
(i) A system of internal controls to
assure ongoing compliance with the
Bank Secrecy Act and the regulations
set forth in 31 CFR Chapter X;
(ii) Independent testing for
compliance to be conducted by bank
personnel or by an outside party;
(iii) Designation of an individual or
individuals responsible for coordinating
and monitoring day-to-day compliance;
(iv) Training for appropriate
personnel; and
(v) Appropriate risk-based procedures
for conducting ongoing customer due
diligence, to include, but not be limited
to:
(A) Understanding the nature and
purpose of customer relationships for
the purpose of developing a customer
risk profile; and
(B) Conducting ongoing monitoring to
identify and report suspicious
transactions and, on a risk basis, to
maintain and update customer
information. For purposes of this
paragraph, customer information shall
include information regarding the
beneficial owners of legal entity
customers (as defined in § 1010.230);
and
VerDate Sep<11>2014
16:15 Sep 14, 2020
Jkt 250001
(3) Is approved by the board of
directors or, if the bank does not have
a board of directors, an equivalent
governing body within the bank. The
bank shall make a copy of its antimoney laundering program available to
the Financial Crimes Enforcement
Network or its designee upon request.
■ 7. Amend § 1020.220 by revising the
section heading and paragraph (a)(1) to
read as follows:
§ 1020.220 Customer identification
program requirements for banks.
(a) * * *
(1) In general. A bank required to
have an anti-money laundering
compliance program under the
regulations implementing 31 U.S.C.
5318(h), 12 U.S.C. 1818(s), or 12 U.S.C.
1786(q)(1) must implement a written
Customer Identification Program (CIP)
appropriate for the bank’s size and type
of business that, at a minimum, includes
each of the requirements of paragraphs
(a)(1) through (5) of this section. The
CIP must be a part of the anti-money
laundering compliance program.
*
*
*
*
*
Michael Mosier,
Deputy Director, Financial Crimes
Enforcement Network.
[FR Doc. 2020–20325 Filed 9–14–20; 8:45 am]
BILLING CODE 4810–02–P
DEPARTMENT OF EDUCATION
34 CFR Chapter VI
[Docket ID ED–2020–OPE–0031]
Final Priorities, Requirements, and
Definitions—Fund for the Improvement
of Postsecondary Education—Open
Textbooks Pilot Program
Office of Postsecondary
Education, Department of Education.
ACTION: Final priorities, requirements,
and definitions.
AGENCY:
The Assistant Secretary for
Postsecondary Education announces
priorities, requirements, and definitions
for the Open Textbooks Pilot (OTP)
program conducted under the Fund for
the Improvement of Postsecondary
Education (FIPSE), CFDA number
84.116T. The Assistant Secretary may
use one or more of these priorities,
requirements, and definitions for
competitions in fiscal year (FY) 2020
and later years. We take this action to
focus Federal financial assistance on the
creation of new open textbooks (as
defined in this notice) and to expand
the use of open textbooks in courses that
are part of a degree-granting program,
SUMMARY:
PO 00000
Frm 00062
Fmt 4700
Sfmt 4700
particularly those with high
enrollments. We intend this action to
further develop and identify programs
and practices that improve instruction
and student learning outcomes, as well
as increase access, affordability, and
completion rates, for students seeking
postsecondary education degrees
through the development, enhancement,
and use of open textbooks.
DATES: These priorities, requirements,
and definitions are effective October 15,
2020.
FOR FURTHER INFORMATION CONTACT:
Stacey Slijepcevic, U.S. Department of
Education, 400 Maryland Avenue SW,
Room 268–34, Washington, DC 20202.
Telephone: (202) 453–6150. Email:
stacey.slijepcevic@ed.gov.
If you use a telecommunications
device for the deaf (TDD) or a text
telephone (TTY), call the Federal Relay
Service (FRS), toll free, at 1–800–877–
8339.
SUPPLEMENTARY INFORMATION:
Purpose of Program: The OTP
program supports projects at institutions
of higher education (IHEs) that create
new open textbooks and expand the use
of open textbooks in courses that are
part of a degree-granting program,
particularly those with high
enrollments. Applicants are encouraged
to develop projects that demonstrate the
greatest potential to achieve the highest
level of savings for students through
sustainable, expanded use of open
textbooks in high-enrollment courses (as
defined in this notice) or in programs
that prepare individuals for in-demand
fields.
Program Authority: 20 U.S.C. 1138–
1138d.
We published a notice of proposed
priorities, requirement, and definitions
(NPP) for this program in the Federal
Register on March 31, 2020 (85 FR
17805). That document contained
background information and our reasons
for proposing the particular proposed
priorities, requirement, and definitions.
There are differences between the
proposed priorities, requirement, and
definitions and the final priorities,
requirements, and definitions as
discussed in the Analysis of Comments
and Changes section elsewhere in this
document.
Public Comment: In response to our
invitation in the NPP, 78 parties
submitted comments on the proposed
priorities, requirement, and definitions.
We group major issues according to
subject. We discuss other substantive
issues under the title of the item to
which they pertain. Generally, we do
not address technical and other minor
changes, or suggested changes the law
E:\FR\FM\15SER1.SGM
15SER1
]]>Agencies
[Federal Register Volume 85, Number 179 (Tuesday, September 15, 2020)]
[Rules and Regulations]
[Pages 57129-57138]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-20325]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Parts 1010 and 1020
RIN 1506-AB28
Financial Crimes Enforcement Network; Customer Identification
Programs, Anti-Money Laundering Programs, and Beneficial Ownership
Requirements for Banks Lacking a Federal Functional Regulator
AGENCY: Financial Crimes Enforcement Network (``FinCEN''), Treasury.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: FinCEN is issuing a final rule implementing sections 352, 326
and 312 of the Uniting and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct Terrorism Act of
2001 (``USA PATRIOT Act'') and removing the anti-money laundering
program exemption for banks that lack a Federal functional regulator,
including, but not limited to, private banks, non-federally insured
credit unions, and certain trust companies. The Final Rule requires
minimum standards for anti-money laundering programs for banks without
a Federal functional regulator to ensure that all banks, regardless of
whether they are subject to Federal regulation and oversight, are
required to establish and implement anti-money laundering programs, and
extends customer identification program requirements and beneficial
ownership requirements to those banks not already subject to these
requirements.
DATES: Effective Date: November 16, 2020.
Compliance Date: The compliance date for anti-money laundering
programs, customer identification programs, and beneficial ownership
requirements for banks that lack a Federal functional regulator is
March 15, 2021.
FOR FURTHER INFORMATION CONTACT: The FinCEN Resource Center at (800)
767-2825 or email [email protected].
SUPPLEMENTARY INFORMATION:
I. Background
A. Statutory Provisions
FinCEN exercises its regulatory functions primarily under the
Currency and Financial Transactions Reporting Act of 1970, as amended
by the Uniting and Strengthening America by Providing Appropriate Tools
Required to Intercept and Obstruct Terrorism Act of 2001 (``USA PATRIOT
Act'') (Public Law 107-56) and other legislation. This legislative
framework is commonly referred to as the ``Bank Secrecy Act''
[[Page 57130]]
(``BSA'').\1\ The Secretary of the Treasury (``Secretary'') has
delegated to the Director of FinCEN the authority to implement,
administer, and enforce compliance with the BSA and associated
regulations.\2\ Pursuant to this authority, FinCEN may issue
regulations requiring financial institutions to keep records and file
reports that ``have a high degree of usefulness in criminal, tax, or
regulatory investigations or proceedings, or in the conduct of
intelligence or counterintelligence activities, including analysis, to
protect against international terrorism.'' \3\ Additionally, FinCEN is
authorized to impose anti-money laundering (``AML'') program
requirements for financial institutions.\4\
---------------------------------------------------------------------------
\1\ The BSA is codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959,
31 U.S.C. 5311-5314 and 5316-5332, and notes thereto, with
implementing regulations at 31 CFR Chapter X. See 31 CFR
1010.100(e).
\2\ Treasury Order 180-01 (Jan. 14, 2020).
\3\ 31 U.S.C. 5311.
\4\ 31 U.S.C. 5318(h).
---------------------------------------------------------------------------
Section 352 of the USA PATRIOT Act requires financial institutions
to establish AML programs that, at a minimum, include: (1) The
development of internal policies, procedures, and controls; (2) the
designation of a compliance officer; (3) an ongoing employee training
program; and (4) an independent audit function to test programs.\5\
Section 352 of the USA PATRIOT Act authorizes FinCEN, in consultation
with the appropriate Federal functional regulator (as defined by 15
U.S.C. 6809), to prescribe minimum standards for AML programs. In
developing this Final Rule, FinCEN consulted with the Federal
functional regulators defined in 15 U.S.C. 6809, as well as the
Commodity Futures Trading Commission (``CFTC'') (collectively referred
to as ``Federal functional regulators'').\6\ In addition, FinCEN
consulted with the Internal Revenue Service (``IRS''), which is the
examining authority for all institutions regulated by FinCEN that do
not have a Federal functional regulator. FinCEN also consulted with
state bank supervisory authorities. Consultations with these Federal
and state regulatory and supervisory agencies assisted FinCEN in
determining the appropriate scope and nature of banks that are not
directly regulated by Federal functional regulators and to adequately
consider appropriate regulatory coverage for such institutions.
---------------------------------------------------------------------------
\5\ Id.
\6\ 31 CFR 1010.100(r) (defining Federal functional regulator to
include the Board of Governors of the Federal Reserve System; the
Office of the Comptroller of the Currency; the Board of Directors of
the Federal Deposit Insurance Corporation; the Office of Thrift
Supervision (which was merged into other regulatory agencies and
ceased to exist in 2011); the National Credit Union Administration;
the Securities and Exchange Commission; and the Commodity Futures
Trading Commission).
---------------------------------------------------------------------------
When prescribing minimum standards for AML programs, FinCEN must
``consider the extent to which the requirements imposed [under section
352 of the USA PATRIOT Act] are commensurate with the size, location,
and activities of the financial institutions to which [the standards]
apply.'' \7\ In addition, FinCEN may ``prescribe an appropriate
exemption from a requirement [in the BSA] or regulations [issued under
the BSA].'' \8\ FinCEN used this authority in 2002 to temporarily defer
the requirement to establish an AML program for certain financial
institutions identified in section 352 of the USA PATRIOT Act. The
purpose of the temporary deferral was to give FinCEN and Treasury time
to continue to study the money laundering risks posed by such financial
institutions in order to develop appropriate AML program requirements.
---------------------------------------------------------------------------
\7\ Public Law 107-56, title III, Sec. 352(c), 115 Stat. 322,
codified at 31 U.S.C. 5318 note.
\8\ 31 U.S.C. 5318(a)(6).
---------------------------------------------------------------------------
Section 326 of the USA PATRIOT Act requires FinCEN to prescribe
regulations that require financial institutions to establish procedures
for account opening that, at a minimum, include: (1) Verifying the
identity of any person seeking to open an account, to the extent
reasonable and practicable; (2) maintaining records of the information
used to verify the person's identity, including name, address, and
other identifying information; and (3) determining whether the person
appears on any lists of known or suspected terrorists or terrorist
organizations provided to the financial institution by any government
agency.\9\ These programs are referred to as Customer Identification
Programs (``CIPs'').
---------------------------------------------------------------------------
\9\ 31 U.S.C. 5318(l); see also Joint Final Rule--Customer
Identification Programs for Banks, Savings Associations, Credit
Unions and Certain Non-Federally Regulated Banks, 68 FR 25103 (May
9, 2003) (codified at 31 CFR 1020.220(a)(4)) (``The CIP must include
procedures for determining whether the customer appears on any list
of known or suspected terrorists or terrorist organizations issued
by any Federal government agency and designated as such by Treasury
in consultation with the Federal functional regulators.'').
---------------------------------------------------------------------------
When prescribing CIP regulations for financial institutions, FinCEN
is required to do so jointly with the appropriate Federal functional
regulator.\10\ The appropriate Federal functional regulator with which
to promulgate joint CIP regulations is the particular agency that
regulates and supervises the affected financial institutions.\11\
Because the financial institutions covered under this Final Rule do not
have a Federal functional regulator, and there is no other Federal
agency with comparable direct supervisory authority over such financial
institutions, there is no other appropriate Federal agency with which
FinCEN is required to issue the CIP rules jointly.\12\ Accordingly,
FinCEN is issuing the CIP rule set forth here under its sole authority.
---------------------------------------------------------------------------
\10\ 31 U.S.C. 5318(l)(4) (``Certain financial institutions.--In
the case of any financial institution the business of which is
engaging in financial activities described in section 4(k) of the
Bank Holding Company Act of 1956 (including financial activities
subject to the jurisdiction of the Commodity Futures Trading
Commission), the regulations prescribed by the Secretary under
paragraph (1) shall be prescribed jointly with each Federal
functional regulator (as defined in section 509 of the Gramm-Leach-
Bliley Act, including the Commodity Futures Trading Commission)
appropriate for such financial institution.''). The financial
institutions subject to the CIP rule that will be covered by this
Final Rule engage in financial activities within the meaning of 12
U.S.C. 1843(k), in particular lending money and providing financial
advisory services. See 12 U.S.C. 1843(k)(4)(A) and (C).
\11\ See, e.g., 31 CFR 1020.210(a).
\12\ See Notice of Proposed Rulemaking--Customer Identification
Programs for Certain Banks Lacking a Federal Functional Regulator,
68 FR 25163 (May 9, 2003).
---------------------------------------------------------------------------
Section 312 of the USA PATRIOT Act requires each U.S. financial
institution that establishes, maintains, administers, or manages a
correspondent account or a private banking account in the United States
for a non-U.S. person to subject such accounts to certain AML
measures.\13\ In particular, financial institutions must establish
appropriate, specific, and, where necessary, enhanced due diligence
policies, procedures, and controls that are reasonably designed to
enable the financial institution to detect and report instances of
money laundering through these accounts. In addition to the general due
diligence requirements, which apply to all correspondent accounts for
non-U.S. persons, section 5318(i)(2) of the BSA specifies additional
standards for correspondent accounts maintained for certain foreign
banks. Section 5318(i) also sets forth minimum due diligence
requirements for private banking accounts for non-U.S. persons.
Specifically, a covered financial institution must take reasonable
steps to ascertain the identity of the nominal and beneficial owners
of, and the source of funds deposited into, private banking accounts,
as necessary to guard against money laundering and to report suspicious
transactions. The institution must also conduct enhanced
[[Page 57131]]
scrutiny of private banking accounts requested or maintained for, or on
behalf of, senior foreign political figures (which includes family
members or close associates). Enhanced scrutiny must be reasonably
designed to detect and report transactions that may involve the
proceeds of foreign corruption.
---------------------------------------------------------------------------
\13\ These requirements are set forth and cross-referenced in
sections 31 CFR1020.610 (cross-referencing to 31 CFR 1010.610) and
31 CFR 1020.620 (cross-referencing to 31 CFR 1010.620).
---------------------------------------------------------------------------
B. Regulatory Background
The following information describes the effect of certain previous
rulemakings on banks, and specifically on banks lacking a Federal
functional regulator.
AML Program Requirements
Most banks became subject to an AML program requirement under the
BSA when FinCEN issued an Interim Final Rule on April 29, 2002
(``Interim Final Rule'').\14\ The Interim Final Rule stated that an
institution regulated by a Federal functional regulator ``shall be
deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if it
implements and maintains an [AML] program that complies with the
regulation of its Federal functional regulator governing such
programs.'' \15\ ``Federal functional regulator'' is defined at 31 CFR
1010.100(r) to include each of the Federal banking agencies, as well as
the SEC and the CFTC.\16\
---------------------------------------------------------------------------
\14\ See Interim Final Rule--Anti-Money Laundering Programs for
Financial Institutions, 67 FR 21110 (Apr. 29, 2002). In 1987,
Federal banking regulators issued regulations requiring federally
insured depository institutions and credit unions to have anti-money
laundering programs ``to assure and monitor compliance with the
requirements of subchapter II of chapter 53 of Title 31, United
States Code.'' Final Rule--Procedures for Monitoring Bank Secrecy
Act Compliance, 52 FR 2858 (Jan. 27, 1987). The USA PATRIOT Act made
developing and implementing an AML program a statutory requirement
under the BSA in 2001.
\15\ 67 FR at 21113. Since the issuance of the 2002 Interim
Final Rule, FinCEN has reorganized its regulations under 31 CFR
Chapter X. See Final Rule--Transfer and Reorganization of Bank
Secrecy Act Regulations, 75 FR 65806 (Oct. 26, 2010). The cited AML
program requirement can currently be found at 31 CFR 1020.210, with
an added cross-reference to enhanced due diligence requirements
imposed by rulemakings later than the Interim Final Rule.
\16\ See supra note 6.
---------------------------------------------------------------------------
The Interim Final Rule temporarily deferred AML program
requirements for certain financial institutions, including ``private
bankers.'' \17\ On November 6, 2002, FinCEN amended the Interim Final
Rule to extend the exemption from the requirement to establish an AML
program indefinitely for private bankers and to expand the exemption to
other financial institutions, including any bank ``that is not subject
to regulation by a Federal functional regulator.'' \18\
---------------------------------------------------------------------------
\17\ ``Private banker'' is included in the list of financial
institutions set out in the BSA. 12 U.S.C. 5312(a)(2)(C).
\18\ Amendment of Interim Final Rule--Anti-Money Laundering
Programs for Financial Institutions, 67 FR 67547 (Nov. 6, 2002)
(codified at 31 CFR 1010.205).
---------------------------------------------------------------------------
Although banks that lack a Federal functional regulator are exempt
from the requirement to establish an AML program, they are required to
comply with many other BSA requirements. For example, FinCEN
regulations require all banks, regardless of whether they have a
Federal functional regulator, to file currency transaction reports
(``CTRs'') and suspicious activity reports (``SARs''), as well as to
make and maintain certain records.\19\ In addition, like other covered
financial institutions, banks that lack a Federal functional regulator
are prohibited from maintaining correspondent accounts for foreign
shell banks and are required to obtain and retain information on the
ownership of foreign banks.\20\
---------------------------------------------------------------------------
\19\ See 31 CFR 1010.306-315 (CTRs); 31 CFR 1020.320 (SAR rule
for banks); 31 CFR 1010.410 (records to be made and retained by
financial institutions).
\20\ 31 CFR 1010.630 (governing prohibitions against
establishing, maintaining, administering, or managing correspondent
accounts for foreign shell companies and records required for
correspondent accounts); 31 CFR 1010.670 (governing summons or
subpoena of foreign bank records and termination of correspondent
relationships); 31 CFR 1010.605(e)(2) (defining covered financial
institutions to include institutions not regulated by a Federal
functional regulator, including private banks, trust companies, and
credit unions). By contrast, covered financial institutions for
purposes of due diligence program requirements for correspondent
accounts and private banking accounts do not include private banks.
Rather, such due diligence program requirements apply only to
federally insured banks and credit unions, as well as certain trust
companies that are federally regulated and subject to an anti-money
laundering program requirement. See 31 CFR 1010.605(e)(1) (covered
financial institution); 31 CFR 1010.610 (correspondent accounts); 31
CFR 1010.620 (private banking accounts).
---------------------------------------------------------------------------
FinCEN has incrementally eliminated the Interim Final Rule's
temporary exemption and promulgated AML program rules for certain other
institutions, including insurance companies, certain loan or finance
companies, and dealers in precious metals, precious stones, or jewels.
FinCEN determined that the gap in AML coverage between banks with and
without a Federal functional regulator presented a vulnerability to the
U.S. financial system that could be exploited by bad actors, prompting
this rulemaking. In the 2016 U.S. Mutual Evaluation, the Financial
Action Task Force (FATF) recommended that three categories of non-
Federal state-chartered banks be subject to an AML program requirement
in addition to their reporting obligations.\21\ The rulemaking covers
non-Federal state chartered banks. Further, subsequent to the 2016
notice of proposed rulemaking to amend the AML, CIP, and beneficial
ownership regulations to include coverage for banks lacking a Federal
functional regulator, and according to the 2020 National Strategy for
Combatting Terrorist and Other Illicit Financing, law enforcement
identified specific instances of illicit actors taking advantage of
this lack of regulatory coverage.\22\
---------------------------------------------------------------------------
\21\ See page 136 of the 2016 U.S. Mutual Evaluation at https://www.fatf-gafi.org/media/fatf/documents/reports/mer4/MER-United-States-2016.pdf.
\22\ See page 41 of the 2020 National Strategy for Combatting
Terrorist and Other Illicit Financing at https://home.treasury.gov/system/files/136/National-Strategy-to-Counter-Illicit-Financev2.pdf.
---------------------------------------------------------------------------
Customer Identification Program Requirements
CIP requirements were finalized, through a joint final rule, for
banks, savings associations, credit unions, and certain non-federally
regulated banks on May 9, 2003. With this action, certain banks that
lack a Federal functional regulator--namely, private banks, non-
federally insured credit unions and trust companies lacking a federal
functional regulator--were required to comply with CIP
requirements.\23\ On the same day, FinCEN published a notice of
proposed rulemaking (``NPRM'') that would have imposed CIP requirements
on all other banks without a Federal functional regulator that were not
already included in the joint rule.\24\ The 2003 NPRM was never
finalized.
---------------------------------------------------------------------------
\23\ See 68 FR 25090 (May 9, 2003) (codified at 31 CFR
1020.220).
\24\ See supra note 12.
---------------------------------------------------------------------------
Beneficial Ownership Requirement
On May 11, 2016, FinCEN published a final rule (``CDD Rule'') \25\
to clarify and strengthen customer due diligence requirements for
certain financial institutions, including federally regulated banks.
Specifically, the CDD Rule requires these financial institutions to
identify and verify the identity of the beneficial owners of their
legal entity customers, subject to certain exclusions and exemptions.
The CDD Rule also amended the AML program requirements for these
financial institutions. For purposes of regulatory consistency and for
the reasons noted above, FinCEN believes it is necessary that these
requirements apply to non-federally regulated banks as well.
---------------------------------------------------------------------------
\25\ See Customer Due Diligence Requirements for Financial
Institutions, 81 FR 29398 (May 11, 2016) (codified at 31 CFR
1010.230).
---------------------------------------------------------------------------
[[Page 57132]]
II. Notice of Proposed Rulemaking
On August 25, 2016, FinCEN issued an NPRM proposing to amend
certain definitions and to amend the AML, CIP, and beneficial ownership
regulations to include coverage for banks lacking a Federal functional
regulator.\26\ FinCEN proposed amending the definition of ``bank'' in
31 CFR 1020 specifically to include, at a minimum, the following
categories: (1) State-chartered non-depository trust companies; (2)
non-federally insured credit unions; (3) private banks; (4) non-
federally insured state banks and savings associations; and (5)
international banking entities. In the NPRM, FinCEN noted that the gap
in AML coverage between banks with and without a Federal functional
regulator presented a vulnerability to the U.S. financial system that
could be exploited by bad actors, prompting this rulemaking. Subsequent
to the NPRM, law enforcement has identified to FinCEN specific
instances of illicit actors taking advantage of this lack of coverage.
This activity has involved different types of institutions that would
be subject to this rule, and includes multiple investigations related
to terrorist financing, espionage, narcotics trafficking, and public
corruption. FinCEN further proposed technical amendments to the
definition of the term ``bank'' to create one standard definition to be
used throughout the regulations. FinCEN did not propose any amendments
to the definition of ``financial institution,'' because the amendments
proposed in the NPRM would not impact how that term is defined in 31
CFR 1010.100(t).
---------------------------------------------------------------------------
\26\ See 81 FR 58425 (Aug. 25, 2016).
---------------------------------------------------------------------------
In addition, FinCEN proposed amending the existing rules to impose
standards and requirements for banks lacking a Federal functional
regulator that are identical to those in FinCEN's AML, CIP, and
beneficial ownership regulations for banks with a Federal functional
regulator. Specifically, the NPRM proposed requiring any entity meeting
the definition of ``bank'' in 31 CFR 1010.100(d), whether or not
regulated by a Federal functional regulator, to establish AML and CIP
programs and to comply with beneficial ownership requirements.
Finally, because there would no longer be a need to exclude banks
without a Federal functional regulator from AML and CIP requirements if
the proposal were finalized, FinCEN also proposed removing 31 CFR
1020.100(b) and (d). FinCEN also invited comment on all aspects of the
NPRM.
III. Comments on the NPRM--Overview and General Issues
The comment period on the NPRM ended on October 24, 2016. FinCEN
received eight comments. Comments were submitted by one anonymous
source, three industry representatives, and four trade associations.
FinCEN has reviewed and considered all the comments to the extent they
addressed aspects of the proposed rulemaking. All the comments
supported the issuance of this Final Rule. The Final Rule adopts the
proposal in its entirety, but establishes a later date by which
affected banks must be in compliance. One commenter requested a two-
year implementation period. Another suggested an implementation date in
May 2018, to coincide with that of the CDD Rule. A third commenter
suggested an implementation period of six months to a year, and a
fourth commenter suggested a minimum of six months.
As FinCEN emphasized in the NPRM, and described in more detail
above, banks lacking a Federal functional regulator are already
obligated to comply with a number of BSA regulations. In addition,
banks lacking a Federal functional regulator generally are required by
state banking regulation and guidance to have policies, management
oversight, personnel training, and internal compliance review and
various procedures and systems in place to comply with regulation and
guidance. Even banks not subject to these state regulatory requirements
must develop such policies and procedures to properly function and
comply with their BSA obligations and state banking regulations. FinCEN
views the existence of such policies and procedures as minimizing the
amount of time needed to prepare for implementation of the Final Rule's
requirements. Accordingly, FinCEN does not expect the transition to
compliance with the Final Rule to be unreasonably difficult or costly,
and does not believe a two-year implementation period is needed or
warranted. However, in light of these comments, FinCEN has determined
that it would be appropriate to provide affected banks more time to
comply with the Final Rule. Banks lacking a Federal functional
regulator, therefore, will have 180 days from the day the Final Rule is
published to be in compliance. FinCEN believes that this time frame is
reasonable and adequate to ensure compliance with these requirements,
given the framework that these banks are expected to already have in
place.
IV. Section-by-Section Analysis
A. Section 1010.100 General Definitions
Because the definition of bank in Part 1010 makes no distinction as
to whether a bank has a Federal functional regulator, FinCEN did not
propose any changes to the definition of bank in paragraph 1010.100(d).
Likewise, there were no proposed changes to the general definition of
financial institution in paragraph 1010.100(t). Because these existing
definitions do not make distinctions based on whether a bank has a
Federal functional regulator, they will be used for Part 1020. There
were no objections to this general formulation, and FinCEN is adopting
it as proposed.
B. Section 1010.605 Definition
The beneficial ownership rule refers to the definition of covered
financial institution set forth in paragraph 1010.605(e)(1), which
excludes certain financial institutions lacking a Federal functional
regulator. To ensure that all banks are subject to the beneficial
ownership requirements under section 1010.230, FinCEN proposed amending
the definition in paragraph 1010.605(e)(1) by replacing paragraphs (i)
through (vii) with a single paragraph (e)(1)(i) to include all banks
within the rule's definition of ``covered financial institution.'' With
these changes, all banks will now be required to comply with the
beneficial ownership requirements to identify and verify the beneficial
owners of legal entity customers, regardless of whether they are
federally regulated. As with the previous sections, there were no
objections to this general formulation, and FinCEN is adopting it as
proposed.
C. Section 1020.100 Definitions
FinCEN proposed removing paragraph 1020.100(b), because the
definition of bank for purposes of complying with CIP requirements only
included banks subject to regulation by a Federal functional regulator.
There were no objections to this general formulation, and FinCEN is
removing the definition as proposed.
Likewise, FinCEN proposed removing paragraphs 1020.100(d)(1) and
(2), because the definitions of financial institution for purposes of
complying with AML and CIP requirements only included banks subject to
regulation by a Federal functional regulator. There were no objections
to this general formulation, and FinCEN is removing these paragraphs as
proposed.
[[Page 57133]]
D. Amendments to Section 1010.205
FinCEN proposed amending section 1010.205 to reflect the removal
of: (1) The exemption for private bankers (paragraph
1010.205(b)(1)(vi)); (2) the broader exemption for banks that lack a
Federal functional regulator (paragraph 1010.205(b)(2)); and (3) the
exemption for persons subject to supervision by a state banking
authority (paragraph 1010.205(b)(3)). There were no objections to this
amendment, and FinCEN is adopting it as proposed.
E. Amendments to Section 1020.210
FinCEN proposed amending the title for this section to reflect that
all banks, regardless of whether they are subject to Federal regulation
and oversight, are required to establish and implement AML programs.
There were no objections to this amendment, and FinCEN is adopting it
as proposed. The title for this section now reads: ``Anti-money
laundering program requirements for banks.''
FinCEN proposed amending the introductory paragraph in 1020.210 and
redesignating the introductory paragraph as paragraph (a) in order to
detail the AML program requirements specific to banks regulated only by
a Federal functional regulator, including banks, savings associations,
and credit unions. FinCEN also proposed removing from the introductory
paragraph in 1020.210 the reference to regulation by a self-regulatory
organization. There were no objections to these amendments, and FinCEN
is adopting them as proposed.
FinCEN proposed adding new paragraph 1020.210(b) to detail the AML
program requirements specific to banks that lack a Federal functional
regulator, including, but not limited to, private banks, non-federally
insured credit unions, and certain trust companies. Paragraph
1020.210(b)(2) requires banks that lack a Federal functional regulator
to establish and implement AML programs under the specified minimum
standards. Paragraph 1020.210(b)(3) requires banks that lack a Federal
functional regulator to obtain approval of the AML program by their
board of directors, or an equivalent governing body, and to make the
AML program available to FinCEN or its designee upon request. There
were no objections to these amendments, and FinCEN is adopting them as
proposed.
F. Amendments to Section 1020.220
FinCEN proposed amending the title for this section to reflect
that, going forward, CIP requirements would apply to all banks. There
were no objections to this amendment, and FinCEN is adopting it as
proposed.
V. Final Regulatory Flexibility Act Analysis
When an agency issues a rulemaking proposal, the Regulatory
Flexibility Act (``RFA'') requires the agency to ``prepare and make
available for public comment an initial regulatory flexibility
analysis'' that will ``describe the impact of the proposed rule on
small entities.'' 5 U.S.C. 603(a). Section 605 of the RFA allows an
agency to certify a rule, in lieu of preparing an analysis, if the
proposed rulemaking is not expected to have a significant economic
impact on a substantial number of small entities.
A. Reasons Why Action by the Agency Is Being Considered
The Anti-Money Laundering Program
The statutory mandate that all financial institutions establish AML
programs is a key element in the national effort to prevent and detect
money laundering and the financing of terrorism. Banks without a
Federal functional regulator are at least as vulnerable to the risks of
money laundering and terrorist financing as banks with one. The Final
Rule eliminates the present regulatory gap in AML coverage between
banks with and without a Federal functional regulator. FinCEN expects
that uniform regulatory requirements for all banks will reduce the
opportunity for criminals to seek out and exploit banks subject to less
rigorous AML requirements.
Customer Identification Program
For the reasons of regulatory consistency and protection against
the systemic vulnerability discussed above in connection with AML
programs, FinCEN believes that CIP requirements should also apply to
all banks, regardless of whether they are federally regulated. In May
2003, FinCEN issued a Notice of Proposed Rulemaking to ensure that
there would be no gaps in the scope of the CIP obligations as they
apply to banks. However, this proposal was never finalized.
Beneficial Ownership Requirements
As noted above, the beneficial ownership requirements of the CDD
Rule require that from and after May 11, 2018, federally regulated
banks and certain other financial institutions identify, and verify the
identity of, the beneficial owners of their legal entity customers, as
set forth in section 1010.230. For purposes of regulatory consistency,
and protection against the systemic vulnerability discussed above in
connection with AML programs, FinCEN believes that this requirement
should apply to non-federally regulated banks as well.
B. Objectives of, and Legal Basis for, the Final Rule
Section 352 of the USA PATRIOT Act requires financial institutions
to establish AML programs that, at a minimum, include: (1) The
development of internal policies, procedures, and controls; (2) the
designation of a compliance officer; (3) an ongoing employee training
program; and (4) an independent audit function to test programs. In
addition, the CDD Rule described above added an explicit requirement to
understand the nature and purpose of customer relationships; to conduct
ongoing monitoring to identify and report suspicious transactions; and,
on a risk basis, to maintain and update customer information.\27\
---------------------------------------------------------------------------
\27\ 31 CFR 1020.210(b)(5).
---------------------------------------------------------------------------
Section 326 of the USA PATRIOT Act requires FinCEN to prescribe
regulations that require financial institutions to establish programs
for account opening that, at a minimum, include: (1) Verifying the
identity of any person seeking to open an account, to the extent
reasonable and practicable; (2) maintaining records of the information
used to verify the person's identity, including name, address, and
other identifying information; and (3) determining whether the person
appears on any lists of known or suspected terrorists or terrorist
organizations provided to the financial institution by any government
agency.
Section 312 of the USA PATRIOT Act requires each U.S. financial
institution that establishes, maintains, administers, or manages a
correspondent account or a private banking account in the United States
for a non-U.S. person to subject such accounts to certain AML measures.
C. Small Entities Subject to the Final Rule
Based upon available data, for the purposes of the RFA, FinCEN
estimates that these rules will impact approximately 297 state-
chartered non-depository trust companies, 228 non-federally insured
credit unions, 12 non-federally insured state-chartered banks and
savings and loan or building and loan associations, 1 private bank, and
29 international banking entities.\28\
[[Page 57134]]
FinCEN's expectation, as expressed in the NPRM, is that many of the
banks without a Federal functional regulator are small entities. No
comments received in response to the NPRM indicated anything to the
contrary. Therefore, FinCEN concludes that the Final Rule applies to a
substantial number of small entities.
---------------------------------------------------------------------------
\28\ The Small Business Administration (``SBA'') size standards
define a trust company as a small business if it has assets of $38.5
million or less. The SBA defines a depository institution (including
a credit union) as a small business if it has assets of $550 million
or less. FinCEN was unable to find an authoritative figure on the
number of non-federally regulated depository institutions that would
meet the definition of small entity.
---------------------------------------------------------------------------
D. Projected Reporting, Recordkeeping, and Other Compliance
Requirements of the Final Rule
The Final Rule prescribes minimum standards for AML programs for
banks without a Federal functional regulator to ensure that all banks,
regardless of whether they are subject to Federal regulation and
oversight, are required to establish and implement written AML
programs, including conducting ongoing customer due diligence, and to
identify and verify the identity of the beneficial owners of their
legal entity customers. The changes also extend customer identification
program requirements to those banks not already subject to these
requirements.
Banks lacking a Federal functional regulator are currently required
to comply with many existing requirements under the BSA. All banks,
including those not subject to Federal supervision, are already
required to file CTRs and SARs, which necessarily requires a bank to
establish a process to detect unusual activity. In addition, certain
banks lacking a Federal functional regulator--namely, private banks,
non-federally insured credit unions, and certain trust companies--must
maintain CIPs.\29\
---------------------------------------------------------------------------
\29\ See 31 CFR 1020.220.
---------------------------------------------------------------------------
With respect to the beneficial ownership requirement, the Final
Rule requires banks lacking a Federal functional regulator to obtain
and maintain identifying information for each beneficial owner from
each legal entity customer that opens a new account, including name,
address, date of birth, and identification number. The financial
institution is also required to verify the identity of such persons by
documentary or non-documentary methods and to maintain in its records
for five years a description of (i) any document relied on for
verification, (ii) any such non-documentary methods and results of such
measures undertaken, and (iii) the resolution of any substantive
discrepancies discovered in verifying the identification information.
The burden on a small non-federally regulated bank at account
opening resulting from the Final Rule would be a function of the number
of beneficial owners of each legal entity customer opening a new
account, the additional time required to identify and verify each
beneficial owner, and the number of new accounts opened for legal
entities by the small banks during a specified period.
None of the small businesses that commented on the CDD Rule's
Initial Regulatory Flexibility Analysis (``IRFA'') included an estimate
of the amount of time to open a legal entity account; rather, only one
noted the number of such accounts it opens per year (70). As a result
of the comments FinCEN received to the CDD Rule's regulatory impact
assessment (``RIA''), FinCEN concluded in its Final Regulatory
Flexibility Analysis (``FRFA'') \30\ that the estimated time for
financial institutions to open accounts ranges from 20 to 40
minutes.\31\ On December 30, 2019, FinCEN published in the Federal
Register a notice of intent to renew without change, information
collection requirements in connection with beneficial ownership
requirements for legal entity customers.\32\ As a result of public
comments received on the notice, FinCEN increased its estimate of the
burden from an average of 30 minutes to an average of 80 minutes per
new account opened for a legal entity customer.
---------------------------------------------------------------------------
\30\ See 81 FR at 29448.
\31\ See id. As a result of the comments FinCEN received to the
draft RIA from other commenters, FinCEN increased the estimated time
for financial institutions to open accounts, from a range of 15 to
30 minutes in the IRFA, to a range of 20 to 40 minutes.
\32\ See 84 FR 72137 (Dec. 30, 2019).
---------------------------------------------------------------------------
E. Overlapping or Conflicting Federal Rules
FinCEN is unaware of any existing Federal regulations that would
overlap or conflict with the Final Rule.
F. Consideration of Significant Alternatives
FinCEN has not identified any alternative means for bringing these
categories of non-Federally regulated banks into compliance with the
same standards as all other banks in the United States. Were FinCEN to
exempt small entities from this requirement, those entities would
potentially be at greater risk of abuse by criminals, terrorists, and
other bad actors and would expose the U.S. financial system to money
laundering, terrorist financing, proliferation financing, and other
serious illicit finance threats.
With respect to beneficial ownership requirements in the CDD Rule,
FinCEN considered several alternatives to the requirements proposed. As
described in greater detail in the preamble to the final CDD Rule,\33\
these alternatives included exempting small financial institutions
below a certain asset or legal entity customer threshold from the
requirements, as well as utilizing a lower or higher threshold for the
minimum level of equity ownership for the definition of beneficial
owner. FinCEN determined, however, that identifying the beneficial
owner of a financial institution's legal entity customers and verifying
that identity are necessary requirements to strengthen financial
transparency and to combat the misuse of companies to engage in illicit
activities. Were FinCEN to exempt from this requirement small entities
or entities that establish a limited number of accounts for legal
entities, those financial institutions would be at greater risk of
abuse by criminals, terrorists, and other bad actors and would expose
the U.S. financial system to money laundering, terrorist financing,
proliferation financing, and other serious illicit finance threats.
---------------------------------------------------------------------------
\33\ See 81 FR at 29450.
---------------------------------------------------------------------------
FinCEN also considered increasing the threshold for ownership of
equity interests in the definition of beneficial ownership to 50
percent or more of the equity interests. Although this higher threshold
would reduce the maximum number of individuals whose identity would
need to be verified from five to three, thus reducing marginally the
onboarding time, this change would not impact the training or IT costs
and, therefore, would not substantially reduce the overall costs of the
rule and also would provide less useful information. After considering
all the alternatives, FinCEN concluded that an ownership threshold of
25 percent is appropriate to maximize the benefits of the requirement
while minimizing the burden.\34\
---------------------------------------------------------------------------
\34\ Id. at 29410.
---------------------------------------------------------------------------
To minimize burden to covered financial institutions, which would
apply to banks covered under this Final Rule, FinCEN did exempt such
financial institutions from the beneficial ownership requirements in
connection with legal entity customers opening certain low risk
accounts.\35\
---------------------------------------------------------------------------
\35\ 31 CFR 1010.230(h); see also FIN-2018-R004, ``Exceptive
Relief from Beneficial Ownership Requirements for Legal Entity
Customers of Rollovers, Renewals, Modifications, and Extensions of
Certain Accounts,'' (Sept. 7, 2018).
---------------------------------------------------------------------------
FinCEN believes, based on its exposure to other similarly regulated
businesses that are required to comply
[[Page 57135]]
with AML and CIP programs and beneficial ownership requirements, that
banks lacking a Federal functional regulator will be able to build on
their existing compliance policies and procedures and prudential
business practices to ensure compliance with this Final Rule with
relatively minimal cost and effort. As FinCEN has done with the other
industries subject to the requirements of the BSA, FinCEN will actively
engage with banks lacking a Federal functional regulator to provide
guidance and feedback, and endeavor to make compliance with the
regulations as cost-effective and efficient as possible for all
affected banks.
FinCEN believes that the flexibility incorporated into the Final
Rule permits each bank lacking a Federal functional regulator to take a
risk-based approach to tailor its AML and CIP programs to fit its own
size, needs, and operational risks. In this regard, FinCEN believes
that expenditures associated with establishing and implementing an AML
program will be commensurate with a bank's size, complexity, and risk
profile. Based on inherent risks, some banks may deem it appropriate to
implement more comprehensive policies, procedures, and internal
controls than others. FinCEN does not intend for each bank lacking a
Federal functional regulator to have identical policies and procedures
for their AML and CIP programs. The AML regulations are risk-based.
Accordingly, each bank has broad discretion to design and implement
programs that reflect and respond to the bank's unique money
laundering, terrorist and proliferation financing, and other serious
illicit finance risks. As with other financial institutions subject to
the requirements of the BSA, if a bank lacking a Federal functional
regulator is small or does not have high-risk customers, or does not
engage in high-risk transactions, the burden to comply with the Final
Rule likely will be commensurately minimal. FinCEN anticipates that the
impact of the AML and CIP program and beneficial ownership requirements
and the assessment of associated risks will not be significant for
covered banks lacking a Federal functional regulator.
G. Certification
The additional burden under the Final Rule is a requirement to
maintain AML and CIP programs and comply with beneficial ownership
requirements. As discussed above, FinCEN anticipates that the impact
from these requirements will not be significant. Accordingly, FinCEN
certifies that the Final Rule will not have a significant economic
impact on small entities.
VI. Unfunded Mandates Act
Section 202 of the Unfunded Mandates Reform Act of 1995 (``Unfunded
Mandates Act''), Public Law 104-4 (March 22, 1995), requires that an
agency prepare a budgetary impact statement before promulgating a rule
that may result in expenditure by State, local, and tribal governments,
in the aggregate, or by the private sector, of $100 million or more in
any one year. If a budgetary impact statement is required, section 202
of the Unfunded Mandates Act also requires an agency to identify and
consider a reasonable number of regulatory alternatives before
promulgating a rule. Taking into account the factors noted above and
using conservative estimates of average labor costs in evaluating the
cost of the burden imposed by the proposed regulation, FinCEN has
determined that it is not required to prepare a written statement under
section 202.
VII. Executive Orders 13563 and 12866
Executive Orders 13563 and 12866 direct agencies to assess costs
and benefits of available regulatory alternatives and, if regulation is
necessary, to select regulatory approaches that maximize net benefits
(including potential economic, environmental, public health and safety
effects, distributive impacts, and equity). Executive Order 13563
emphasizes the importance of quantifying both costs and benefits, of
reducing costs, of harmonizing rules, and of promoting flexibility.
This Final Rule has been designated a ``significant regulatory
action,'' although not economically significant, under section 3(f) of
Executive Order 12866. Accordingly, the Final Rule has been reviewed by
the Office of Management and Budget (``OMB''). As noted above, FinCEN
believes the new requirements imposed on banks without a Federal
functional regulator, as a result of this Final Rule, will result in a
minimal additional compliance burden for such banks for the following
reasons:
Banks lacking a Federal functional regulator are currently
required to comply with many existing requirements under the BSA,
including the requirements to file CTRs and SARs, which necessarily
require a bank to establish a process to detect unusual activity.
Certain banks lacking a Federal functional regulator--
namely, private banks, non-federally insured credit unions, and certain
trust companies--must maintain CIPs.
Banks lacking a Federal functional regulator generally are
required by state banking regulation and guidance to have policies,
management oversight, personnel training, internal compliance review,
and various procedures and systems in place to comply with regulation
and guidance. Even banks not subject to these state regulatory
requirements must develop such policies and procedures to properly
function and comply with their BSA obligations and state banking
regulations.
VIII. Paperwork Reduction Act
The collections of information contained in the Final Rule were
submitted to OMB for review in accordance with the Paperwork Reduction
Act of 1995 (``PRA'').\36\ The information collections have been
approved under OMB control numbers 1506-0035 (Anti-money laundering
program requirements for banks), 1506-0026 (Customer identification
program requirements for banks), and 1506-0070 (Beneficial ownership
requirements for legal entity customers).
---------------------------------------------------------------------------
\36\ 44 U.S.C. 3507(d).
---------------------------------------------------------------------------
In accordance with the requirements of the PRA, and its
implementing regulations, 5 CFR part 1320, the following information
concerning the collection of information is presented. The information
collections in this Final Rule are contained in 31 CFR 1020.210 (Anti-
money laundering program requirements for banks), 31 CFR 1020.220
(Customer identification program requirements for banks), and 31 CFR
1010.230 (Beneficial ownership requirements for legal entity
customers). The information will be used by examining agencies to
verify compliance with these provisions. The collection of information
is mandatory. Records required to be retained under the BSA must be
retained for five years.
a. 31 CFR 1020.210--Anti-Money Laundering Program Requirements for
Banks
Under this Final Rule, banks that lack a Federal functional
regulator are required to establish and implement written AML programs
under the specified minimum standards. All financial institutions are
required to document their AML programs and are permitted to use the
method most suitable to their requirements. In addition, banks that
lack a Federal functional regulator are required to obtain approval of
their AML program by their board of directors, or an equivalent
governing body.
Description of Recordkeepers: Banks that lack a Federal functional
regulator, including, but not limited to, state-
[[Page 57136]]
chartered non-depository trust companies, non-federally insured credit
unions, non-federally insured state-chartered banks and savings and
loan or building and loan associations, private banks, and
international banking entities.
Estimated Number of Recordkeepers: 567 financial institutions.\37\
---------------------------------------------------------------------------
\37\ Approximately 297 state-chartered non-depository trust
companies, 228 non-federally insured credit unions, 12 non-federally
insured state-chartered banks and savings and loan or building and
loan associations, 1 private bank, and 29 international banking
entities will be required to implement written AML programs as a
result of this Final Rule.
---------------------------------------------------------------------------
Estimated Annual Records: 567 AML programs.
Estimated Annual Burden Hours: 1,134 hours.\38\
---------------------------------------------------------------------------
\38\ The estimated average burden associated with the
development of a written AML program is one hour per recordkeeper
annually. Although this is a new requirement for banks lacking a
Federal functional regulator, they are already obligated to comply
with a number of BSA regulations and state banking regulations. For
example, FinCEN regulations require all banks, regardless of whether
they have a Federal functional regulator, to file CTRs and SARs, as
well as to make and maintain certain records. These banks likely
maintain procedures to comply with such BSA and state banking
regulations. For that reason, FinCEN estimates that the burden
associated with the development of a written AML program is one hour
because the impacted financial institutions will be able to
incorporate existing applicable procedures. In addition, the
estimated average burden associated with obtaining board approval of
the AML program is one hour per recordkeeper annually. This equates
to 2 hours of annual burden per impacted financial institution to
comply with these requirements (567 financial institutions x 2 hours
= 1,134 hours).
---------------------------------------------------------------------------
Estimated Total Annual Burden for AML Program Requirements: 1,134
hours.
This burden is added to the existing burden listed under OMB
control number 1506-0035 currently titled ``Anti-Money Laundering
Programs for Insurance Companies and Non-Bank Residential Mortgage
Lenders and Originators.'' The new title for this control number will
be ``Anti-Money Laundering Programs for Insurance Companies, Non-Bank
Residential Mortgage Lenders and Originators, and Banks Lacking a
Federal Functional Regulator.'' The new total estimated annual burden
for this control number is 33,334 hours.\39\
---------------------------------------------------------------------------
\39\ The current annual burden hours estimate for OMB control
number 1506-0035 is 32,200. One thousand one hundred thirty four
(1,134) burden hours will be added to this control number as a
result of this Final Rule (32,200 + 1,134 = 33,334).
---------------------------------------------------------------------------
b. 31 CFR 1020.220--Customer Identification Program Requirements for
Banks
Under the CIP requirements, financial institutions are required to
implement risk-based, written CIPs that address the following: (1)
Procedures for verifying the identify of each new customer; (2)
procedures for making and maintaining a record of all information
obtained under the customer identification program; (3) procedures for
determining whether a new customer appears on any list of known or
suspected terrorist organizations issued by the Federal government; and
(4) procedures for providing customers adequate notice that the
financial institution is requesting information to verify their
identities.
Description of Recordkeepers: Banks that lack a Federal functional
regulator, such as non-federally insured state-chartered banks and
savings and loan or building and loan associations, and international
banking entities.\40\
---------------------------------------------------------------------------
\40\ FinCEN has previously implemented CIP requirements for
credit unions, private banks, and trust companies that do not have a
Federal functional regulator. See 31 CFR 1020.220. For that reason,
the CIP requirements in this Final Rule only apply to the non-
federally insured state-chartered banks and savings and loan or
building and loan associations and international banking entities.
---------------------------------------------------------------------------
1. Implementing Written CIP Procedures
Estimated Number of Recordkeepers: 41 financial institutions. \41\
---------------------------------------------------------------------------
\41\ Approximately 12 non-federally insured state-chartered
banks and savings and loan or building and loan associations and 29
international banking entities depository institutions will be
required to implement CIP requirements as a result of this Final
Rule.
---------------------------------------------------------------------------
Estimated Annual Records: 41 written CIP programs.
Estimated Annual Burden Hours: 41 hours.\42\
---------------------------------------------------------------------------
\42\ The estimated average burden associated with the
development of written CIP procedures is one hour per recordkeeper
annually. Although this is a new requirement for some banks lacking
a Federal functional regulator, they are already obligated to comply
with a number of BSA regulations and state banking regulations.
These banks likely maintain procedures to comply with such BSA and
state banking regulations. Further, certain identity verification
documents for new customers are collected as standard practice for
the financial industry. For that reason, FinCEN estimates that the
burden associated with the development of written CIP procedures is
one hour because it will incorporate existing applicable procedures.
---------------------------------------------------------------------------
2. Recording Information Required To Identify and Verify New Customers
Estimated Number of Recordkeepers: 41 financial institutions.
Estimated Annual Records: 30,750 records on new accounts.\43\
---------------------------------------------------------------------------
\43\ FinCEN estimates that, on average, small financial
institutions, such as those covered by this Final Rule, will open
approximately 3 new accounts per business day. There are 250
business days per year. (41 financial institutions x 3 accounts per
day x 250 business days = 30,750 records per year).
---------------------------------------------------------------------------
Estimated Annual Burden Hours: 2,563 hours.\44\
---------------------------------------------------------------------------
\44\ In past PRA burden analysis, FinCEN estimated that the
burden to collect account information as a result of CIP
requirements for other types of financial institutions was 2 minutes
per new account. However, because CIP is a new regulatory
requirement for the financial institutions impacted by this Final
Rule, FinCEN will conservatively estimate that the time it takes to
collect and document identification and verification information for
purposes of CIP is 5 minutes per new account opened. (30,750 records
on new accounts x 5 minutes per account and converted to hours =
2,563 annual burden hours).
---------------------------------------------------------------------------
3. Providing Customers Notice of Identification Requirements
Estimated Number of Recordkeepers: 41 financial institutions.
Estimated Annual Records: 41 disclosure notices.
Estimated Annual Burden Hours: 41 hours.\45\
---------------------------------------------------------------------------
\45\ FinCEN estimates that it will take each financial
institutions impacted by this Final Rule 1 hour to draft and post a
CIP disclosure notification for customers (41 financial institutions
x 1 hour = 41 hours).
---------------------------------------------------------------------------
4. Total Annual Burden Applicable to CIP Requirements
Estimated Total Annual Burden Hours for CIP Requirements: 2,645
hours (41 + 2,563 + 41).
41 hours--Implementing written CIP procedures.
2,563 hours--Recording information required to identify
and verify new customers.
41 hours--Providing customers notice of identification
requirements.
This burden is added to the existing burden listed under OMB
control number 1506-0026 currently titled ``Customer Identification
Programs for Banks, Savings Associations, Credit Unions, and Certain
Non-Federally Regulated Banks.'' The new title for this control number
will be ``Customer Identification Program Requirements for Banks.'' The
new total estimated annual burden for this control number is 178,205
hours.\46\
---------------------------------------------------------------------------
\46\ The current annual burden hours estimate for OMB control
number 1506-0026 is 175,560, and 2,645 burden hours will be added to
this control number as a result of this rulemaking (175,560 + 2,645
= 178,205).
---------------------------------------------------------------------------
c. 31 CFR 1010.230--Beneficial Ownership Requirements for Legal Entity
Customers
Under 31 CFR 1010.230, financial institutions are required to
establish and maintain written procedures that are reasonably designed
to identify and verify beneficial owners of new accounts opened by
legal entity customers and to include such procedures in their AML
programs. Financial institutions may obtain the required identifying
information by either using the optional certification form from the
individual opening the account on behalf of a legal entity
[[Page 57137]]
customer, or by obtaining from the individual the information required
by the form by another means, provided the individual certifies the
accuracy of the information. Financial institutions must also maintain
a record of the identifying information obtained, as well as a
description of any document relied on, of any non-documentary methods
and results of any measures undertaken, and the resolutions of
substantive discrepancies.
Description of Recordkeepers: Banks that lack a Federal functional
regulator, including, but not limited to, state-chartered non-
depository trust companies, non-federally insured credit unions, non-
federally insured state-chartered banks and savings and loan or
building and loan associations, private banks, and international
banking entities.
1. Develop and Maintain Beneficial Ownership Identification Procedures
Estimated Number of Recordkeepers: 567 financial institutions.\47\
---------------------------------------------------------------------------
\47\ Approximately 297 state-chartered non-depository trust
companies, 228 non-federally insured credit unions, 12 non-federally
insured state-chartered banks and savings and loan or building and
loan associations, 1 private bank, and 29 international banking
entities will be required to implement beneficial ownership
identification procedures as a result of this Final Rule.
---------------------------------------------------------------------------
Estimated Annual Records: 567 beneficial ownership identification
procedures.
Estimated Annual Burden Hours: 22,680 hours.\48\
---------------------------------------------------------------------------
\48\ The beneficial ownership final rule recognized a burden of
56 hours to develop the initial procedures (40 hours for small
entities). See 81 FR at 29451. Based on FinCEN's data, banks lacking
a Federal functional regulator are generally considered small
entities. For that reason, FinCEN estimates it will take 40 hours
for financial institutions impacted by this Final Rule to develop
and document initial beneficial ownership identification procedures.
(567 x 40 = 22,680).
---------------------------------------------------------------------------
2. Customer Identification, Verification, and Review and Recordkeeping
of the Beneficial Ownership Information
Estimated Number of Recordkeepers: 567 financial institutions.
Estimated Annual Records: 212,625 beneficial ownership
identification records.\49\
---------------------------------------------------------------------------
\49\ The beneficial ownership final rule recognized a burden of
20 to 40 minutes (average of 30 minutes) to obtain identification
records for each legal entity customer. The final rule also
estimated that a financial institution would open 1.5 new legal
entity accounts per business day. There are 250 business days per
year. See id. at 29451 n.191. On December 30, 2019, FinCEN published
in the Federal Register a notice of intent to renew without change,
information collection requirements in connection with beneficial
ownership requirements for legal entity customers. See supra note
30. As a result of public comments received on the notice, FinCEN
increased its estimate of the burden from an average of 30 minutes
to an average of 80 minutes per new account opened for a legal
entity customer. (1.5 accounts per day x 250 days per year = 375
accounts per financial institution). (567 financial institutions x
375 accounts per year = 212,625 accounts per year).
---------------------------------------------------------------------------
Estimated Annual Burden Hours: 283,500 hours.\50\
---------------------------------------------------------------------------
\50\ (212,625 accounts x 80 minutes per account and converted to
hours = 283,500 hours).
---------------------------------------------------------------------------
3. Total Annual Burden Applicable to Beneficial Ownership Requirements
Estimated Total Annual Burden Hours for Beneficial Ownership
Requirements: 306,180 hours (22,680 + 283,500).
22,680 hours--Develop and maintain beneficial ownership
identification procedures.
283,500 hours--Customer identification, verification, and
review and recordkeeping of the beneficial ownership information.
This burden is added to the existing burden listed under OMB
control number 1506-0070 titled Beneficial Ownership Requirements for
Legal Entity Customers. The new total estimated annual burden for this
control number is 12,190,880 hours.\51\
---------------------------------------------------------------------------
\51\ The current annual burden hours estimate for OMB control
number 1506-0070 is 11,884,700. 306,180 burden hours will be added
to this control number as a result of this Final Rule (11,884,700 +
306,180 = 12,190,880).
---------------------------------------------------------------------------
Total Estimated Annual Burden Hours as a Result of this Final Rule:
309,959 hours (1,134 + 2,645 + 306,180).
Anti-money laundering program requirements for banks--
1,134 hours.
Customer identification program requirements for banks--
2,645 hours.
Beneficial ownership requirements for legal entity
customers--306,180 hours.
List of Subjects in 31 CFR Parts 1010 and 1020
Administrative practice and procedure, Banks, Banking, Currency,
Foreign banking, Foreign currencies, Investigations, Penalties,
Reporting and recordkeeping requirements, Terrorism.
Authority and Issuance
For the reasons set forth in the preamble, Parts 1010 and 1020 of
Chapter X of Title 31 of the Code of Federal Regulations are amended as
follows:
PART 1010--GENERAL PROVISIONS
0
1. The authority citation for part 1010 continues to read as follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314
and 5316-5332; title III, sec. 314, Pub. Law 107-56, 115 Stat. 307;
sec. 701, Pub. L. 114-74, 129 Stat. 599.
Sec. 1010.205 [Amended]
0
2. Section 1010.205 is amended by:
0
a. Removing paragraph (b)(1)(vi);
0
b. Redesignating paragraphs (b)(1)(vii) through (ix) as paragraphs
(b)(1)(vi) through (viii); and
0
c. Removing and reserving paragraphs (b)(2) and (b)(3).
0
3. Section 1010.605 is amended by:
0
a. Revising paragraph (e)(1)(i);
0
b. Removing paragraphs (e)(1)(ii) through (vii); and
0
c. Redesignating paragraphs (e)(1)(viii) through (x) as paragraphs
(e)(1)(ii) through (iv).
The revision reads as follows:
Sec. 1010.605 Definitions
* * * * *
(e) * * *
(1) * * *
(i) A bank required to have an anti-money laundering compliance
program under the regulations implementing 31 U.S.C. 5318(h), 12 U.S.C.
1818(s), or 12 U.S.C. 1786(q)(1);
* * * * *
PART 1020--RULES FOR BANKS
0
4. The authority citation for part 1020 continues to read as follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314
and 5316-5332; title III, sec. 314, Pub. Law 107-56, 115 Stat. 307.
Sec. 1020.100 [Amended]
0
5. Section 1020.100 is amended by:
0
a. Removing paragraphs (b) and (d); and
0
b. Redesignating paragraph (c) as paragraph (b).
0
6. Section 1020.210 is revised to read as follows:
Sec. 1020.210 Anti-money laundering program requirements for banks.
(a) Anti-money laundering program requirements for banks regulated
by a Federal functional regulator, including banks, savings
associations, and credit unions. A bank regulated by a Federal
functional regulator shall be deemed to satisfy the requirements of 31
U.S.C. 5318(h)(1) if it implements and maintains an anti-money
laundering program that:
(1) Complies with the requirements of Sec. Sec. 1010.610 and
1010.620 of this chapter;
(2) Includes, at a minimum:
(i) A system of internal controls to assure ongoing compliance;
(ii) Independent testing for compliance to be conducted by bank
personnel or by an outside party;
(iii) Designation of an individual or individuals responsible for
coordinating and monitoring day-to-day compliance;
[[Page 57138]]
(iv) Training for appropriate personnel; and
(v) Appropriate risk-based procedures for conducting ongoing
customer due diligence, to include, but not be limited to:
(A) Understanding the nature and purpose of customer relationships
for the purpose of developing a customer risk profile; and
(B) Conducting ongoing monitoring to identify and report suspicious
transactions and, on a risk basis, to maintain and update customer
information. For purposes of this paragraph, customer information shall
include information regarding the beneficial owners of legal entity
customers (as defined in Sec. 1010.230 of this chapter); and
(3) Complies with the regulation of its Federal functional
regulator governing such programs.
(b) Anti-money laundering program requirements for banks lacking a
Federal functional regulator including, but not limited to, private
banks, non-federally insured credit unions, and certain trust
companies. A bank lacking a Federal functional regulator shall be
deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if the bank
establishes and maintains a written anti-money laundering program that:
(1) Complies with the requirements of Sec. Sec. 1010.610 and
1010.620 of this chapter; and
(2) Includes, at a minimum:
(i) A system of internal controls to assure ongoing compliance with
the Bank Secrecy Act and the regulations set forth in 31 CFR Chapter X;
(ii) Independent testing for compliance to be conducted by bank
personnel or by an outside party;
(iii) Designation of an individual or individuals responsible for
coordinating and monitoring day-to-day compliance;
(iv) Training for appropriate personnel; and
(v) Appropriate risk-based procedures for conducting ongoing
customer due diligence, to include, but not be limited to:
(A) Understanding the nature and purpose of customer relationships
for the purpose of developing a customer risk profile; and
(B) Conducting ongoing monitoring to identify and report suspicious
transactions and, on a risk basis, to maintain and update customer
information. For purposes of this paragraph, customer information shall
include information regarding the beneficial owners of legal entity
customers (as defined in Sec. 1010.230); and
(3) Is approved by the board of directors or, if the bank does not
have a board of directors, an equivalent governing body within the
bank. The bank shall make a copy of its anti-money laundering program
available to the Financial Crimes Enforcement Network or its designee
upon request.
0
7. Amend Sec. 1020.220 by revising the section heading and paragraph
(a)(1) to read as follows:
Sec. 1020.220 Customer identification program requirements for
banks.
(a) * * *
(1) In general. A bank required to have an anti-money laundering
compliance program under the regulations implementing 31 U.S.C.
5318(h), 12 U.S.C. 1818(s), or 12 U.S.C. 1786(q)(1) must implement a
written Customer Identification Program (CIP) appropriate for the
bank's size and type of business that, at a minimum, includes each of
the requirements of paragraphs (a)(1) through (5) of this section. The
CIP must be a part of the anti-money laundering compliance program.
* * * * *
Michael Mosier,
Deputy Director, Financial Crimes Enforcement Network.
[FR Doc. 2020-20325 Filed 9-14-20; 8:45 am]
BILLING CODE 4810-02-P
