Anti-Money Laundering Program Effectiveness, 58023-58029 [2020-20527]

Download as PDF jbell on DSKJLSW7X2PROD with PROPOSALS Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules (5) If the Commission determines that a dispute exists regarding the authority to make submissions on behalf of a filer, the Commission may prevent a filer’s ability to make submissions until the dispute is resolved by the disputing parties or by a court of competent jurisdiction; (6) If the Commission has reason to believe that an attempted submission may be misleading or manipulative, the Commission may prevent acceptance or dissemination of the submission while evaluating the circumstances surrounding the submission. The Commission may allow acceptance or dissemination if its concerns are satisfactorily addressed; (7) If the Commission has reason to believe that a filer has made an unauthorized submission or attempted to make an unauthorized submission, the Commission may prevent any further submissions by the filer or otherwise remove the filer’s access to EDGAR; and (8) If the Commission otherwise has reason to believe that, to promote the reliability and integrity of submissions made through EDGAR, it must address a submission issue that cannot be addressed solely by filer corrective disclosure or by the actions set forth in paragraphs (a)(1) through (7) above, the Commission may take such further steps as are appropriate to address the matter and communicate as necessary with the filer regarding the submission. (b) The Commission may act under paragraph (a) without providing advance notice to the filer or any other person. As soon as reasonably practicable after taking action under paragraph (a), the Commission will provide written notice and a brief factual statement of the basis for the action to the filer and any other person the Commission determines is relevant to the matter (‘‘relevant persons’’). The Commission will send the notice and factual statement by electronic mail to the email address on record in the filer’s EDGAR account, and to the email address of any relevant persons. The Commission may also send, if necessary, the notice and factual statement by registered, certified, or express mail to the physical address on record in the filer’s EDGAR account and the physical address of any relevant persons. (c) Nothing in this rule prevents a filer from addressing an error or mistake in the filer’s submission by making a filer corrective disclosure. By the Commission. VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 Dated: August 21, 2020. Vanessa A. Countryman, Secretary. [FR Doc. 2020–18825 Filed 9–16–20; 8:45 am] BILLING CODE P DEPARTMENT OF THE TREASURY Financial Crimes Enforcement Network 31 CFR Chapter X [Docket No. FinCEN–2020–0011] RIN 1506–AB44 Anti-Money Laundering Program Effectiveness Financial Crimes Enforcement Network (FinCEN), Treasury. ACTION: Advance notice of proposed rulemaking (ANPRM). AGENCY: This document seeks public comment on potential regulatory amendments to establish that all covered financial institutions subject to an anti-money laundering program requirement must maintain an ‘‘effective and reasonably designed’’ anti-money laundering program. Any such amendments would be expected to further clarify that such a program assesses and manages risk as informed by a financial institution’s risk assessment, including consideration of anti-money laundering priorities to be issued by FinCEN consistent with the proposed amendments; provides for compliance with Bank Secrecy Act requirements; and provides for the reporting of information with a high degree of usefulness to government authorities. The regulatory amendments under consideration are intended to modernize the regulatory regime to address the evolving threats of illicit finance, and provide financial institutions with greater flexibility in the allocation of resources, resulting in the enhanced effectiveness and efficiency of anti-money laundering programs. DATES: Written comments are welcome, and must be received on or before November 16, 2020. ADDRESSES: Comments may be submitted, identified by Regulatory Identification Number (RIN) 1506– AB44, by any of the following methods: • Federal E-rulemaking Portal: http:// www.regulations.gov. Follow the instructions for submitting comments. Include RIN 1506–AB44 in the submission. Refer to Docket Number FINCEN–2020–0011. • Mail: Financial Crimes Enforcement Network, P.O. Box 39, Vienna, VA SUMMARY: PO 00000 Frm 00026 Fmt 4702 Sfmt 4702 58023 22183. Include 1506–AB44 in the body of the text. Refer to Docket Number FINCEN–2020–0011. Please submit comments by one method only. All comments submitted in response to this ANPRM will become a matter of public record. Therefore, you should submit only information that you wish to make publicly available. FOR FURTHER INFORMATION CONTACT: The FinCEN Regulatory Support Section at 1–800–767–2825 or electronically at frc@fincen.gov. SUPPLEMENTARY INFORMATION: I. Scope of ANPRM The scope of program rules under consideration for amendment in this ANPRM includes those applicable to all of the industries that have anti-money laundering (AML) program requirements under FinCEN’s regulations, including banks (which includes credit unions and other depository institutions, as defined in 31 CFR 1010.100(d)); casinos and card clubs; money services businesses; brokers or dealers in securities; mutual funds; insurance companies; futures commission merchants and introducing brokers in commodities; dealers in precious metals, precious stones, or jewels; operators of credit card systems; loan or finance companies; and housing government sponsored enterprises.1 FinCEN particularly requests comment regarding any industry-specific considerations that FinCEN should evaluate with regard to the scope of possible rulemaking described in this ANPRM. II. Background A. History of the Bank Secrecy Act (BSA) The Currency and Foreign Transactions Reporting Act of 1970, generally referred to as the BSA,2 authorizes the Secretary of the U.S. Department of the Treasury (Secretary) to require financial institutions to keep records and file reports that ‘‘have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence 1 See 31 CFR 1020.210 (banks); 31 CFR 1021.210 (casinos and card clubs); 31 CFR 1022.210 (money services businesses); 31 CFR 1023.210 (brokers or dealers in securities); 31 CFR 1024.210 (mutual funds); 31 CFR 1025.210 (insurance companies); 31 CFR 1026.210 (futures commission merchants and introducing brokers in commodities); 31 CFR 1027.210 (dealers in precious metals, precious stones, or jewels); 31 CFR 1028.210 (operators of credit card systems); 31 CFR 1029.210 (loan or finance companies); and 31 CFR 1030.210 (housing government sponsored enterprises). 2 12 U.S.C. 1829b, 12 U.S.C. 1951–1959, and 31 U.S.C. 5311–5314; 5316–5332. E:\FR\FM\17SEP1.SGM 17SEP1 58024 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules activities, including analysis to protect against international terrorism.’’ 3 The Secretary has delegated to the Director of FinCEN the authority to implement, administer, and enforce compliance with the BSA and its related authorities.4 As a result, FinCEN may require financial institutions to maintain procedures to ensure compliance with the BSA and its related regulations and to guard against money laundering, including AML program requirements.5 The Money Laundering Control Act of 1986 (MLCA) 6 made money laundering a Federal crime. It also amended the BSA, underscoring the importance of reporting information with a high degree of usefulness to government authorities. For example, Section 1359 of the MLCA amended section 8 of the Federal Deposit Insurance Act 7 and section 206 of the Federal Credit Union Act,8 among other similar statutes, to require the Federal Banking Agencies 9 to issue regulations for covered financial institutions to ‘‘establish and maintain procedures reasonably designed to assure and monitor the compliance’’ of such institutions with the reporting and some recordkeeping requirements of the BSA. The Annunzio-Wylie Anti-Money Laundering Act of 1992 (AnnunzioWylie) amended the BSA 10 by strengthening the sanctions for BSA violations and Treasury’s role.11 Annunzio-Wylie authorized Treasury to issue regulations requiring all financial institutions, as defined in BSA regulations, to maintain ‘‘minimum standards’’ of an AML program.12 The minimum standards set forth in the statute were substantially similar to the standards set forth by the Federal Banking Agencies in their BSA compliance program regulations, which required depository institutions under 3 31 U.S.C. 5311. Order 180–01 (Jan. 14, 2020). 5 31 U.S.C. 5318(a)(2), (h)(2). 6 Public Law 99–570, 100 Stat. 3207 (Oct. 27, 1986). 7 12 U.S.C. 1818. 8 12 U.S.C. 1786. 9 The Federal Banking Agencies include the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration, and the Office of the Comptroller of the Currency. 10 Title XV of Public Law 102–550, 106 Stat. 3672 (Oct. 28, 1992). 11 See Title XV, sec. 1503 (authorizing the termination of FDIC insurance of insured depository institutions convicted of a criminal violation of the BSA), sec. 1504 (authorizing the removal officers or directors of such institutions found to have violated a BSA requirement), and sec. 1517 (authorizing Treasury to require the reporting of suspicious transactions) of Public Law 102–550. 12 Title XV, sec. 1517 of Public Law 102–550. jbell on DSKJLSW7X2PROD with PROPOSALS 4 Treasury VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 their supervision to establish and maintain procedures ‘‘reasonably designed’’ to assure and monitor compliance with the requirements of the BSA.13 The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act) further amended the BSA, reinforcing the framework established earlier by Annunzio-Wylie, to require, among other things, customer identification requirements and Treasury’s further expansion of AML program rules to cover certain other industries.14 In 2003, FinCEN and the Federal Banking Agencies issued a joint final rule on customer identification program (CIP) requirements.15 The USA PATRIOT Act also ushered in an expanded role for AML and other financial and economic measures in countering threats to U.S. national security and protecting the U.S. financial system. The range of authorities and measures introduced in Title III were intended to, among other purposes, ‘‘increase the strength of United States measures to prevent, detect, and prosecute international money laundering and the financing of terrorism.’’ 16 FinCEN’s most recent significant change to BSA regulations was the implementation of customer due diligence and beneficial ownership requirements in 2016. These rules resulted in: (i) The expansion of FinCEN’s AML program rules for financial institutions regulated by a Federal functional regulator to expressly incorporate the minimum statutory elements of an AML program prescribed by 31 U.S.C. 5318(h)(1); and (ii) the 13 The minimum standards for an AML program set forth in Annunzio-Wylie, and codified at 31 U.S.C. 5318(h), include: ‘‘(A) the development of internal policies, procedures, and controls, (B) the designation of a compliance officer, (C) an ongoing employee training program, and (D) an independent audit function to test programs.’’ 14 Public Law 107–56, 115 Stat. 272 (Oct. 26, 2001). FinCEN issued interim final AML program rules for financial institutions regulated by a Federal functional regulator, money services businesses, mutual funds, and operators of credit card systems. 67 FR 21113 (Apr. 29, 2002). FinCEN’s rule originally cross-referenced the regulations of the Federal functional regulator and provided that satisfaction of the Federal functional regulator’s AML program rule requirements would be deemed to satisfy the requirements of Treasury’s rule. 15 68 FR 25090 (May 9, 2003). FinCEN issued joint CIP rules separately with the U.S. Securities and Exchange Commission, 68 FR 25113 (May 9, 2003) (brokers or dealers in securities) and 68 FR 25131 (May 9, 2003) (mutual funds), and the U.S. Commodity Futures Trading Commission, 68 FR 25149 (May 9, 2003) (futures commission merchants and introducing brokers). 16 Title III, sec. 302(b)(1) of Public Law 107–56. PO 00000 Frm 00027 Fmt 4702 Sfmt 4702 incorporation of minimum standards for customer due diligence and the collection of beneficial ownership information for depository institutions, broker-dealers, mutual funds, and futures commission merchants and introducing brokers in commodities.17 B. Recent Efforts To Modernize the National AML Regime Over the past several years, there have been significant innovations in the financial sector and the development of new business models, products, and services, fueled in part by rapid technological change. As a result, financial institutions have confronted new opportunities and challenges in meeting BSA compliance obligations and providing information with a high degree of usefulness to government authorities in an efficient manner. FinCEN seeks to ensure that the BSA’s AML regime adapts to address the evolving threats of illicit finance, such as money laundering, terrorist financing, and related crimes—some of which have changed considerably in scope, nature, and impact since the initial passage of the BSA—while simultaneously providing financial institutions with additional flexibility in addressing these threats. FinCEN, in collaboration with supervisory partners, law enforcement, and, where appropriate, the financial industry, has undertaken recent initiatives that collectively re-examine the BSA regulatory framework and the broader national AML regime. The overall goal of these initiatives is to upgrade and modernize the national AML regime, where appropriate, and to facilitate the ability of the financial industry and corresponding supervisory authorities to leverage new technologies and riskmanagement techniques, share information, discard inefficient and unnecessary practices, and focus resources on fulfilling the BSA’s stated purpose of providing information with a high degree of usefulness to government authorities. This ANPRM is intended to further these efforts. 1. The Bank Secrecy Act Advisory Group’s AML Effectiveness Working Group and Recommendations Annunzio-Wylie required the Secretary to establish a Bank Secrecy Act Advisory Group (BSAAG).18 The statutory purposes of the BSAAG are to keep private sector representatives informed on a regular basis of the ways in which BSA reports filed by financial institutions, including suspicious 17 81 FR 29398 (May 11, 2016). XV, sec. 1564 of Public Law 102–550. 18 Title E:\FR\FM\17SEP1.SGM 17SEP1 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules jbell on DSKJLSW7X2PROD with PROPOSALS activity reports (SARs), are being used, and to receive advice regarding the modification of those reporting requirements to enhance the ability of law enforcement agencies to use the information provided for law enforcement purposes. The Director of FinCEN chairs the BSAAG, and its membership includes representatives from financial institutions, Federal and state regulatory and law enforcement agencies, and trade groups whose members are subject to the requirements of the BSA and its regulations, or Section 6050I of the Internal Revenue Code of 1986. The purposes and membership of the BSAAG make it an important forum for understanding stakeholder views in efforts to reform and modernize the national AML regime. The BSAAG created an Anti-MoneyLaundering Effectiveness Working Group (AMLE WG) in June 2019 to develop recommendations for strengthening the national AML regime by increasing its effectiveness and efficiency. Member stakeholders worked collaboratively throughout 2019 and into 2020 to identify regulatory initiatives that would allow financial institutions to reallocate resources to better focus on national AML priorities set by government authorities, increase information sharing and public-private partnerships, and leverage new technologies and risk-management techniques—and thus increase the efficiency and effectiveness of the nation’s AML regime. The resulting recommendations, summarized below in broad categories, are a collective set of complementary efforts.19 The October 2019 BSAAG plenary received and endorsed the recommendations from the AMLE WG. This ANPRM is a result of FinCEN’s evaluation of those recommendations and a step toward considering their implementation. FinCEN anticipates taking additional steps, such as issuing guidance where appropriate, as FinCEN continues to evaluate the full set of BSAAG recommendations. a. Developing and Focusing on AML Priorities The AMLE WG recommended that stakeholders refocus the national AML regime to place greater emphasis on providing information with a high degree of usefulness to government authorities based on national AML 19 The subsections which follow summarize recommendations issued by the BSAAG and do not necessarily reflect current regulatory initiatives, nor do they imply endorsement of, nor commitment by, the relevant government agencies to implement these recommendations. VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 priorities, in order to promote effective outputs over auditable processes and to ensure clearer standards for measuring effectiveness in evaluating AML programs. The AMLE WG recommended that the relevant government agencies consider: • Publishing a regulatory definition of AML program effectiveness; • Developing and communicating national AML priorities as set by government authorities; and • Issuing clarifying guidance for financial institutions on the elements of an effective AML program. b. Reallocation of Compliance Resources The AMLE WG recommended that stakeholders facilitate BSA compliance resource reallocation by reducing or eliminating activities that are not required by law or regulation, make limited contributions to meeting riskmanagement objectives, and supply less useful information to government authorities. Resources freed from these activities could be reallocated to address areas of risk and national AML priorities. The AMLE WG recommended that the relevant government agencies consider: • Clarifying current requirements and supervisory expectations with respect to risk assessments, negative media searches, customer risk categories, and initial and ongoing customer due diligence; and • Revising existing guidance or regulations in areas such as Politically Exposed Persons and the application of existing model-risk-management guidance to AML systems, in order to improve clarity, effectiveness, and compliance. c. Monitoring and Reporting The AMLE WG recommended that AML monitoring and reporting practices be modernized and streamlined to maximize efficiency, quality, and speed of providing data to government authorities with due consideration for privacy and data security. The AMLE WG recommended that the relevant government agencies consider: • Clarifying expectations and updating practices for keep-open letters and suspicious activity monitoring, investigation, and reporting, including SARs based on grand jury subpoenas or negative media; and • Supporting potential automation opportunities for high-frequency/lowcomplexity SARs and currency transaction reports (CTRs), and exploring the possibility of streamlined SARs on continuing activity. PO 00000 Frm 00028 Fmt 4702 Sfmt 4702 58025 d. Enhancing Information Sharing Information sharing among financial institutions, regulators, and law enforcement through partnerships and other existing mechanisms is a key component of an effective BSA/AML regime. The AMLE WG recommended steps for enhancing information sharing mechanisms to communicate national AML priorities, related typologies, and emerging threats, such as: • Forming a BSAAG-established working group with members from law enforcement agencies, regulators, and financial institutions to identify, prioritize, and recommend national AML priorities and advise on opportunities to communicate typologies, red flags, and other information related to national AML priorities; • Leveraging existing informationsharing initiatives between the public and private sectors, including enhanced use of the BSA’s information sharing provisions, sections 314(a) and (b) of the USA PATRIOT Act, and sharing with foreign affiliates and global institutions, as appropriate; and • Assessing options for FinCEN and law enforcement agencies to provide more feedback to financial institutions related to the use and utility of BSA reports. e. Advance Regulatory Innovations The AMLE WG recommended the continued enhancement of the national AML regime to promote the use of responsible innovations to address new and emerging money laundering and terrorist financing risks and the evolving industry landscape, as well as to encourage financial institutions to pursue more effective and efficient BSA compliance practices. Measures recommended include steps that financial institutions could take to better use responsible innovation in meeting CIP requirements—such as third-party software and service providers—and studying the impact of financial technology and other emerging non-bank financial service providers on the AML regime. III. Elements of an ‘‘Effective and Reasonably Designed’’ AML Program FinCEN, after consulting with the staffs of various supervisory agencies, and having considered the BSAAG recommendations and other BSA modernization efforts, is publishing this ANPRM seeking comment on whether it is appropriate to clearly define a requirement for an ‘‘effective and reasonably designed’’ AML program in BSA regulations. Increasing the E:\FR\FM\17SEP1.SGM 17SEP1 58026 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules jbell on DSKJLSW7X2PROD with PROPOSALS ‘‘effectiveness’’ of the national AML regime is a core objective of recent AML modernization efforts. This term often refers to the implementation and maintenance of a compliant AML program, but has no specific, consistent definition in existing regulation. FinCEN believes that incorporating an ‘‘effective and reasonably designed’’ AML program requirement with a clear definition of ‘‘effectiveness’’ 20 would allow financial institutions to more efficiently allocate resources and would impose minimal additional burden on existing AML programs that already comply under the existing supervisory approach. This requirement would also seek to implement a common understanding between supervisory agencies and their supervised financial institutions on the necessary AML program elements. Specifically, FinCEN is considering regulatory amendments that would explicitly define an ‘‘effective and reasonably designed’’ AML program as one that: • Identifies, assesses, and reasonably mitigates the risks resulting from illicit financial activity—including terrorist financing, money laundering, and other related financial crimes—consistent with both the institution’s risk profile and the risks communicated by relevant government authorities as national AML priorities; • Assures and monitors compliance with the recordkeeping and reporting requirements of the BSA; and • Provides information with a high degree of usefulness to government authorities consistent with both the institution’s risk assessment and the risks communicated by relevant government authorities as national AML priorities. As explained in more detail in the sections that follow, this ANPRM also seeks comment on whether the AML program regulations 21 should be amended to establish an explicit requirement for a risk-assessment process, as well as whether the Director of FinCEN should issue every two years a list of national AML priorities, to be 20 There is some variance in the specific AML program requirements for different types of financial institutions, but current AML program regulations for most financial institutions subject to such requirements contain a requirement that either the AML program as a whole, or the implementation of internal controls, is ‘‘reasonably designed.’’ In addition, current AML program requirements vary as to whether a financial institution must implement an AML program that is ‘‘reasonably designed’’ to achieve compliance with the BSA, ‘‘reasonably designed’’ to prevent money laundering or terrorist financing, or both. 21 See supra note 1. VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 called FinCEN’s ‘‘Strategic Anti-Money Laundering Priorities.’’ A. Identifying and Assessing Risks The current AML program rules generally require each financial institution to implement a system of internal controls to ‘‘assure ongoing compliance’’ 22 with the BSA. This system of internal controls includes the policies, procedures, and processes that not only mitigate the risks associated with the products and services the financial institution offers and the customers it serves, but also ensures the financial institution meets regulatory requirements under the BSA. Under current practice for most financial institutions, the design of an AML program is based on the risks identified and assessed by the financial institution through a risk-assessment process. FinCEN and other supervisory agencies have traditionally viewed a risk assessment as a critical element of a reasonably designed program, because a program cannot be considered reasonably designed to achieve compliance with the recordkeeping and reporting requirements of the BSA unless the institution understands its risk profile. Even though a financial institution’s risk-assessment process is key to ensuring an effective AML program, it is not an explicit regulatory requirement for all types of institutions. Given the importance of the risk-assessment process to establishing an ‘‘effective and reasonably designed’’ AML program, FinCEN believes that it warrants explicit incorporation. FinCEN is considering whether its AML program regulations should be amended to require the establishment of a risk-assessment process that includes the identification and analysis of money laundering, terrorist financing, and other illicit financial activity risks faced by the financial institution based on an evaluation of various factors, including its business activities, products, services, customers, and geographic locations in which the financial institution does business or services customers. FinCEN and the Federal Banking Agencies issued a Joint Statement on Risk-Focused Bank Secrecy Act/AntiMoney Laundering Supervision in 2019 that underscored the importance of a risk-based approach. The statement clarifies that these agencies’ longstanding supervisory approach to examining for compliance with the BSA considers a financial institution’s risk profile and notes that ‘‘[a] risk-based 22 See, PO 00000 e.g., 31 CFR 1020.210(b)(1). Frm 00029 Fmt 4702 Sfmt 4702 [AML] compliance program enables a bank to allocate compliance resources commensurate with its risk.’’ 23 It further clarifies that a well-developed risk-assessment process assists examiners in understanding a bank’s risk profile and evaluating the adequacy of its AML program. The statement also explains that, as part of their riskfocused approach, examiners review a bank’s risk-management practices to evaluate whether a bank has developed and implemented a reasonable and effective process to identify, measure, monitor, and control risks. Recognizing that many financial institutions are conducting risk assessments, FinCEN seeks comment on the effect to financial institutions’ efforts to comply with AML program requirements of adding a regulatory requirement to conduct a risk assessment, and the effect, if any, on burden to financial institutions’ processes for complying with AML program requirements. B. Consideration of the Strategic AML Priorities in the Risk-Assessment Process This ANPRM also seeks comment on whether regulatory amendments should be made so that an ‘‘effective and reasonably designed’’ AML program would require financial institutions to consider and integrate national AML priorities into their risk-assessment processes, as appropriate. FinCEN is considering whether the Director of FinCEN should issue national AML priorities, to be called its ‘‘Strategic Anti-Money Laundering Priorities,’’ every two years (or more frequently as appropriate to inform the public and private sector of new priorities). This ANPRM also seeks comment on whether these priorities should be considered, among other information, in a financial institution’s risk assessment. FinCEN does not expect that its Strategic AML Priorities would capture the universe of all AML priorities, nor would they be intended to serve as the only priorities informing a riskassessment process. Rather, they would seek to articulate FinCEN’s existing AML priorities, informed by a wide range of government and private sector stakeholders, leveraging the broader priorities established by the National 23 See Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Financial Crimes Enforcement Network, National Credit Union Administration, and Office of the Comptroller of the Currency, Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision (July 22, 2019), available at https://www.fincen.gov/sites/default/files/2019-10/ Joint%20Statement%20on%20Risk-Focused %20Bank%20Secrecy%20Act-Anti-Money %20Laundering%20Supervision%20FINAL1.pdf. E:\FR\FM\17SEP1.SGM 17SEP1 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules jbell on DSKJLSW7X2PROD with PROPOSALS Illicit Finance Strategy as determined by the Secretary of the Treasury—in consultation with the Departments of Justice, State, and Homeland Security, the Office of the Director of National Intelligence, the Office of Management and Budget, and the staffs of the Federal functional regulators—to better aid U.S. institutions in effectively complying with BSA obligations. Other relevant information that the Director of FinCEN may consider in determining Strategic AML Priorities includes, for example, FinCEN Advisories to financial institutions, which identify emerging risks and provide red flags and typologies that assist financial institutions in identifying and reporting suspicious activity; other relevant Treasury Department communications, including the National Risk Assessments; and information from law enforcement and other government agencies, and others. C. Risk Management and Mitigation Informed by Strategic AML Priorities Building upon the prior two concepts—an explicit risk-assessment requirement and the publication of Strategic AML Priorities—this ANPRM also seeks comment as to whether an ‘‘effective and reasonably designed’’ AML program should require that financial institutions reasonably manage and mitigate the risks identified in the risk-assessment process by taking into consideration the Strategic AML Priorities, as appropriate and among other relevant information. FinCEN believes that the vast majority of financial institutions are effectively and reasonably managing and mitigating the risks that they have identified. Under any proposal to incorporate a requirement for an ‘‘effective and reasonably designed’’ AML program, FinCEN understands that institutions may reallocate resources from other lower-priority risks or practices to manage and mitigate higher-priority risks, including any identified as Strategic AML Priorities. Financial institutions may consider how FinCEN’s Strategic AML Priorities impact and inform the risk assessment based on the institution’s size, complexity, business activities, products, services, customers, and geographic locations in which the financial institution does business or services customers. This might enhance the financial institution’s engagement with law enforcement and FinCEN to provide information with a high degree of usefulness to government authorities. In addition, a financial institution may be better able to engage with the appropriate level of Federal, state, or VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 local law enforcement and other government officials to better understand and address risks within that jurisdiction. This might improve information sharing, to include requests from FinCEN or other government authorities, as well as participation in public-private information sharing forums. FinCEN recognizes that financial institutions may utilize different means to demonstrate effectiveness and anticipates that some financial institutions may determine that their AML programs already sufficiently assess and mitigate the risks identified as Strategic AML Priorities. FinCEN also anticipates that many financial institutions may determine that their business models and risk profiles reflect limited exposure to risks posed by the threats identified as Strategic AML Priorities, but may reflect greater exposure to significant and legitimate risks that may not be identified as Strategic AML Priorities. FinCEN recognizes and appreciates financial institutions must continue to identify, reasonably manage, and mitigate these risks consistent with financial institutions’ risk-management processes. D. Assuring and Monitoring Compliance With the Recordkeeping and Reporting Requirements of the BSA FinCEN does not expect that any regulatory changes made in response to this ANPRM would alter the recordkeeping and reporting requirements contained in existing BSA regulations. However, this ANPRM seeks comment as to whether financial institutions’ AML program obligations should be based on the risks identified by the financial institution, to include consideration of Strategic AML Priorities, where appropriate and among other information. For example, a financial institution’s process for the implementation of certain requirements, such as monitoring for suspicious activity, is based on risk. Making clear that compliance with this aspect of the AML program requirement is risk-based is consistent with the objectives of increasing effectiveness and efficiency. It also reflects long-standing supervisory approaches and expectations. E. Providing Information With a High Degree of Usefulness FinCEN believes that the proposed regulatory approach in this ANPRM furthers the statutory BSA purpose of providing information with a high degree of usefulness to government authorities. These regulatory amendments would explicitly define as a goal of the AML program that financial PO 00000 Frm 00030 Fmt 4702 Sfmt 4702 58027 institutions provide information with a high degree of usefulness to government authorities consistent with the financial institution’s risk assessment and Strategic AML Priorities, among other relevant information. FinCEN recognizes that many financial institutions have developed specialized units that focus on complex investigations. In addition, financial institutions of all sizes may collaborate with Federal, state, and local law enforcement, receive outreach from the government’s SAR Review Teams, and often be willing to engage on relevant issues in their community. FinCEN expects that any future regulatory amendments to incorporate a requirement for an ‘‘effective and reasonably designed’’ AML program would seek to provide a framework to recognize that these and other collaborative efforts may provide information with a high degree of usefulness to government authorities. This recognition, in turn, may provide further incentive for financial institutions to undertake and apply resources towards these important initiatives to combat money laundering, terrorist financing, and other related illicit financial crime. Such an approach has the potential to increase the overall effectiveness of the national AML regime by better enabling law enforcement and other users of BSA reporting to address priority threats to the U.S. financial system. IV. Issues for Comment Based on the foregoing, FinCEN is seeking comment from the public, including industry, law enforcement, regulators, other consumers of BSA data, and any other interested parties, concerning a potential rulemaking to incorporate a requirement for an ‘‘effective and reasonably designed’’ AML program into AML program regulations and to provide clarity on its application. Specifically, FinCEN requests public comment on the following: Question 1: Does this ANPRM make clear the concept that FinCEN is considering for an ‘‘effective and reasonably designed’’ AML program through regulatory amendments to the AML program rules? If not, how should the concept be modified to provide greater clarity? Question 2: Are this ANPRM’s three proposed core elements and objectives of an ‘‘effective and reasonably designed’’ AML program appropriate? Should FinCEN make any changes to the three proposed elements of an ‘‘effective and reasonably designed’’ E:\FR\FM\17SEP1.SGM 17SEP1 58028 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules jbell on DSKJLSW7X2PROD with PROPOSALS AML program in a future notice of proposed rulemaking? As described above, FinCEN is considering regulatory amendments that would define an ‘‘effective and reasonably designed’’ program as one that: • Identifies, assesses, and reasonably mitigates the risks resulting from illicit financial activity, including terrorist financing, money laundering, and other related financial crimes, consistent with both the institution’s risk profile and the risks communicated by relevant government authorities as national AML priorities; • Assures and monitors compliance with the recordkeeping and reporting requirements of the BSA; and • Provides information with a high degree of usefulness to government authorities consistent with both the institution’s risk assessment and the risks communicated by relevant government authorities as national AML priorities. Question 3: Are the changes to the AML regulations under consideration in this ANPRM an appropriate mechanism to achieve the objective of increasing the effectiveness of AML programs? If not, what different or additional mechanisms should FinCEN consider? Question 4: Should regulatory amendments to incorporate the requirement for an ‘‘effective and reasonably designed’’ AML program be proposed for all financial institutions currently subject to AML program rules? Are there any industry-specific issues that FinCEN should consider in a future notice of proposed rulemaking to further define an ‘‘effective and reasonably designed’’ AML program? FinCEN notes that, as regulations for different segments of the financial industry have been promulgated at different times in the past, such AML program regulations have evolved and, consequently, contain provisions that differ among the various industries subject to AML program requirements. For example, the AML program requirement for money services businesses (31 CFR 1022.210(a)) already contains an effectiveness component.24 FinCEN invites comments from all covered industries subject to AML program regulations as to how a requirement for an ‘‘effective and reasonably designed’’ AML program 24 Specifically it provides that each money services business, as defined by § 1010.100(ff), shall develop, implement, and maintain an effective antimoney laundering program. An effective antimoney laundering program is one that is reasonably designed to prevent the money services business from being used to facilitate money laundering and the financing of terrorist activities. VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 would impact their industry. Furthermore, FinCEN invites comment as to whether any industry-specific modifications would be appropriate to consider in future rulemaking. Question 5: Would it be appropriate to impose an explicit requirement for a risk-assessment process that identifies, assesses, and reasonably mitigates risks in order to achieve an ‘‘effective and reasonably designed’’ AML program? If not, why? Are there other alternatives that FinCEN should consider? Are there factors unique to how certain institutions or industries develop and apply a risk assessment that FinCEN should consider? Should there be carveouts or waivers to this requirement, and if so, what factors should FinCEN evaluate to determine the application thereof? Question 6: Should FinCEN issue Strategic AML Priorities, and should it do so every two years or at a different interval? Is an explicit requirement that risk assessments consider the Strategic AML Priorities appropriate? If not, why? Are there alternatives that FinCEN should consider? Question 7: Aside from policies and procedures related to the riskassessment process, what additional changes to AML program policies, procedures, or processes would financial institutions need to implement if FinCEN implemented regulatory changes to incorporate the requirement for an ‘‘effective and reasonably designed’’ AML program, as described in this ANPRM? Overall, how long of a period should FinCEN provide for implementing such changes? FinCEN seeks comment on specific programmatic changes. For example, how might the allocation of personnel change because of the possible regulatory amendments discussed in this ANPRM, and what processes would be required to reallocate AML compliance resources for different responsibilities? How long would such programmatic changes take to conceive, test, and implement? Would this vary by size of institution or across industry segments? If so, how? In addition to due diligence and monitoring processes, what other methods to mitigate risks are financial institutions engaged in? Should FinCEN add via future regulation more specific risk-mitigation requirements to ensure that controls are commensurate with the risks undertaken, and how might these riskmitigation requirements vary by industry? Question 8: As financial institutions vary widely in business models and risk profiles, even within the same category of financial institution, should FinCEN PO 00000 Frm 00031 Fmt 4702 Sfmt 4702 consider any regulatory changes to appropriately reflect such differences in risk profile? For example, should regulatory amendments to incorporate the requirement for an ‘‘effective and reasonably designed’’ AML program be proposed for all financial institutions within each industry type, or should this requirement differ based on the size or operational complexity of these financial institutions, or some other factors? Should smaller, less complex financial institutions, or institutions that already maintain effective BSA compliance programs with risk assessments that sufficiently manage and mitigate the risks identified as Strategic AML Priorities, have the ability to ‘‘opt in’’ to making changes to AML programs as described in this ANPRM? FinCEN appreciates that financial institutions vary considerably in size and complexity, and even wellintentioned regulatory actions that impact such a diverse collection of financial institutions can result in unintended consequences. Accordingly, FinCEN specifically requests comment on how the practical impact of the regulatory proposals described in this ANPRM could vary in implementation for institutions of differing size and complexity, and whether changes in approach—such as an opt-in decision— would be advisable. If greater flexibility is recommended, FinCEN requests comments as to whether any resultant divergence in AML program implementation might present financial crime vulnerabilities, and if so, how such vulnerabilities could be mitigated. If different requirements are recommended based on the size and/or operational complexity of financial institutions, please describe what thresholds and parameters might be appropriate, and why. Question 9: Are there ways to articulate objective criteria and/or a rubric for examination of how financial institutions would conduct their riskassessment processes and report in accordance with those assessments, based on the regulatory proposals under consideration in this ANPRM? FinCEN appreciates that, in order for the regulatory proposals as described in this ANPRM to achieve the objective of increased effectiveness of the overall U.S. AML regime, the supervisory process must support and reinforce this objective. Indeed, FinCEN has consulted with the staffs of various Federal supervisory agencies in developing this ANPRM, and FinCEN requests comments on how the supervisory regime could best support the objectives as identified in this ANPRM. E:\FR\FM\17SEP1.SGM 17SEP1 Federal Register / Vol. 85, No. 181 / Thursday, September 17, 2020 / Proposed Rules Question 10: Are there ways to articulate objective criteria and/or a rubric for independent testing of how financial institutions would conduct their risk-assessment processes and report in accordance with those assessments, based on the regulatory proposals under consideration in this ANPRM? FinCEN appreciates that the regulatory proposals described in this ANPRM may require changes in the implementation of independent testing by financial institutions in order to achieve the objectives as described in this ANPRM. Therefore, FinCEN also seeks comments on how a future rulemaking could best facilitate effective independent testing of risk assessments and other financial institution processes, as may be revised consistent with the proposals set forth in this ANPRM. Question 11: A core objective of the incorporation of a requirement for an ‘‘effective and reasonably designed’’ AML program would be to provide financial institutions with greater flexibility to reallocate resources towards Strategic AML Priorities, as appropriate. FinCEN seeks comment on whether such regulatory changes would increase or decrease the regulatory burden on financial institutions. How can FinCEN, through future rulemaking or any other mechanisms, best ensure a clear and shared understanding in the financial industry that AML resources should not merely be reduced as a result of such regulatory amendments, but rather should, as appropriate, be reallocated to higher priority areas? FinCEN specifically encourages commenters to provide quantifiable data, if available, that supports any views on whether the regulatory proposals under consideration would impact financial institutions’ regulatory burden. FinCEN also invites comment with regard to how FinCEN and other supervisory authorities could best reinforce the importance of maintaining an appropriate level of BSA compliance resources if regulatory amendments are promulgated as described in this ANPRM. jbell on DSKJLSW7X2PROD with PROPOSALS V. Conclusion With this ANPRM, FinCEN is seeking input on the questions set forth above. FinCEN is soliciting comments on the impact to the public, including industry, law enforcement, regulators, other consumers of BSA data, and any other interested parties, and welcomes comments on all aspects of the ANPRM. All interested parties are encouraged to provide their views. VerDate Sep<11>2014 16:42 Sep 16, 2020 Jkt 250001 VI. Special Analysis This advance notice of proposed rulemaking is a significant regulatory action under Executive Order 12866 and has been reviewed by the Office of Management and Budget. Dated: September 14, 2020. Michael Mosier, Deputy Director, Financial Crimes Enforcement Network. [FR Doc. 2020–20527 Filed 9–16–20; 8:45 am] BILLING CODE 4810–02–P DEPARTMENT OF HEALTH AND HUMAN SERVICES Administration for Children and Families 45 CFR Part 302 RIN 0970–AC81 Optional Exceptions to the Prohibition Against Treating Incarceration as Voluntary Unemployment Under Child Support Guidelines Office of Child Support Enforcement (OCSE), Administration for Children and Families (ACF), Department of Health and Human Services (HHS). ACTION: Notice of proposed rulemaking. AGENCY: The Office of Child Support Enforcement proposes to provide States the flexibility to incorporate in their State child support guidelines two optional exceptions to the prohibition against treating incarceration as voluntary unemployment. Under the proposal, States have the option to exclude cases where the individual is incarcerated due to intentional nonpayment of child support resulting from a criminal case or civil contempt action in accordance with guidelines established by the state and/or incarceration for any offense of which the individual’s dependent child or the child support recipient was a victim. The State may apply the second exception to the individual’s other child support cases. DATES: Consideration will be given to written comments on this notice of proposed rulemaking (NPRM) received on or before November 16, 2020. ADDRESSES: You may submit comments, identified by [docket number ACF– 2020–0002 and/or Regulatory Information Number (RIN) number 0970–AC81], by one of the following methods: • Federal eRulemaking Portal: http:// www.regulations.gov. Follow the instructions for submitting comments. SUMMARY: PO 00000 Frm 00032 Fmt 4702 Sfmt 4702 58029 • Mail: Written comments may be submitted to: Office of Child Support Enforcement, Attention: Director of Policy and Training, 330 C Street SW, Washington, DC 20201. Instructions: All submissions received must include the agency name and docket number or RIN for this rulemaking. All comments received will be posted without change to https:// www.regulations.gov, including any personal information provided. FOR FURTHER INFORMATION CONTACT: Anne Miller, Division of Policy and Training, OCSE, telephone (202) 401– 1467. Email inquiries to ocse.dpt@ acf.hhs.gov. Deaf and hearing impaired individuals may call the Federal Dual Party Relay Service at 1–800–877–8339 between 8 a.m. and 7 p.m. Eastern Time. SUPPLEMENTARY INFORMATION: Submission of Comments Comments should be specific, address issues raised by the proposed rule, and explain reasons for any objections or recommended changes. Additionally, we will be interested in comments that indicate agreement with the proposals. We will not acknowledge receipt of the comments we receive. However, we will review and consider all comments that are germane and are received during the comment period. We will respond to these comments in the preamble to the final rule. Statutory Authority This NPRM is published under the authority granted to the Secretary of Health and Human Services by section 1102 of the Social Security Act (the Act) (42 U.S.C. 1302). Section 1102 of the Act authorizes the Secretary to publish regulations, not inconsistent with the Act, as may be necessary for the efficient administration of the functions with which the Secretary is responsible under the Act. Background The purpose of the Flexibility, Efficiency and Modernization in Child Support Programs (FEM) final rule published in the Federal Register on December 20, 2016 (81 FR 93492) was to make Child Support Enforcement program operations and enforcement procedures more flexible, more effective, and more efficient by building on the strengths of existing State enforcement programs, recognizing advancements in technology, and incorporating technical fixes. The final rule was intended to improve and simplify program operations and remove outmoded limitations to program innovations, in order to better serve families. E:\FR\FM\17SEP1.SGM 17SEP1

Agencies

[Federal Register Volume 85, Number 181 (Thursday, September 17, 2020)]
[Proposed Rules]
[Pages 58023-58029]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-20527]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

Financial Crimes Enforcement Network

31 CFR Chapter X

[Docket No. FinCEN-2020-0011]
RIN 1506-AB44


Anti-Money Laundering Program Effectiveness

AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.

ACTION: Advance notice of proposed rulemaking (ANPRM).

-----------------------------------------------------------------------

SUMMARY: This document seeks public comment on potential regulatory 
amendments to establish that all covered financial institutions subject 
to an anti-money laundering program requirement must maintain an 
``effective and reasonably designed'' anti-money laundering program. 
Any such amendments would be expected to further clarify that such a 
program assesses and manages risk as informed by a financial 
institution's risk assessment, including consideration of anti-money 
laundering priorities to be issued by FinCEN consistent with the 
proposed amendments; provides for compliance with Bank Secrecy Act 
requirements; and provides for the reporting of information with a high 
degree of usefulness to government authorities. The regulatory 
amendments under consideration are intended to modernize the regulatory 
regime to address the evolving threats of illicit finance, and provide 
financial institutions with greater flexibility in the allocation of 
resources, resulting in the enhanced effectiveness and efficiency of 
anti-money laundering programs.

DATES: Written comments are welcome, and must be received on or before 
November 16, 2020.

ADDRESSES: Comments may be submitted, identified by Regulatory 
Identification Number (RIN) 1506-AB44, by any of the following methods:
     Federal E-rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments. Include RIN 1506-AB44 
in the submission. Refer to Docket Number FINCEN-2020-0011.
     Mail: Financial Crimes Enforcement Network, P.O. Box 39, 
Vienna, VA 22183. Include 1506-AB44 in the body of the text. Refer to 
Docket Number FINCEN-2020-0011.
    Please submit comments by one method only. All comments submitted 
in response to this ANPRM will become a matter of public record. 
Therefore, you should submit only information that you wish to make 
publicly available.

FOR FURTHER INFORMATION CONTACT: The FinCEN Regulatory Support Section 
at 1-800-767-2825 or electronically at [email protected].

SUPPLEMENTARY INFORMATION:

I. Scope of ANPRM

    The scope of program rules under consideration for amendment in 
this ANPRM includes those applicable to all of the industries that have 
anti-money laundering (AML) program requirements under FinCEN's 
regulations, including banks (which includes credit unions and other 
depository institutions, as defined in 31 CFR 1010.100(d)); casinos and 
card clubs; money services businesses; brokers or dealers in 
securities; mutual funds; insurance companies; futures commission 
merchants and introducing brokers in commodities; dealers in precious 
metals, precious stones, or jewels; operators of credit card systems; 
loan or finance companies; and housing government sponsored 
enterprises.\1\ FinCEN particularly requests comment regarding any 
industry-specific considerations that FinCEN should evaluate with 
regard to the scope of possible rulemaking described in this ANPRM.
---------------------------------------------------------------------------

    \1\ See 31 CFR 1020.210 (banks); 31 CFR 1021.210 (casinos and 
card clubs); 31 CFR 1022.210 (money services businesses); 31 CFR 
1023.210 (brokers or dealers in securities); 31 CFR 1024.210 (mutual 
funds); 31 CFR 1025.210 (insurance companies); 31 CFR 1026.210 
(futures commission merchants and introducing brokers in 
commodities); 31 CFR 1027.210 (dealers in precious metals, precious 
stones, or jewels); 31 CFR 1028.210 (operators of credit card 
systems); 31 CFR 1029.210 (loan or finance companies); and 31 CFR 
1030.210 (housing government sponsored enterprises).
---------------------------------------------------------------------------

II. Background

A. History of the Bank Secrecy Act (BSA)

    The Currency and Foreign Transactions Reporting Act of 1970, 
generally referred to as the BSA,\2\ authorizes the Secretary of the 
U.S. Department of the Treasury (Secretary) to require financial 
institutions to keep records and file reports that ``have a high degree 
of usefulness in criminal, tax, or regulatory investigations or 
proceedings, or in the conduct of intelligence or counterintelligence

[[Page 58024]]

activities, including analysis to protect against international 
terrorism.'' \3\ The Secretary has delegated to the Director of FinCEN 
the authority to implement, administer, and enforce compliance with the 
BSA and its related authorities.\4\ As a result, FinCEN may require 
financial institutions to maintain procedures to ensure compliance with 
the BSA and its related regulations and to guard against money 
laundering, including AML program requirements.\5\
---------------------------------------------------------------------------

    \2\ 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-
5314; 5316-5332.
    \3\ 31 U.S.C. 5311.
    \4\ Treasury Order 180-01 (Jan. 14, 2020).
    \5\ 31 U.S.C. 5318(a)(2), (h)(2).
---------------------------------------------------------------------------

    The Money Laundering Control Act of 1986 (MLCA) \6\ made money 
laundering a Federal crime. It also amended the BSA, underscoring the 
importance of reporting information with a high degree of usefulness to 
government authorities. For example, Section 1359 of the MLCA amended 
section 8 of the Federal Deposit Insurance Act \7\ and section 206 of 
the Federal Credit Union Act,\8\ among other similar statutes, to 
require the Federal Banking Agencies \9\ to issue regulations for 
covered financial institutions to ``establish and maintain procedures 
reasonably designed to assure and monitor the compliance'' of such 
institutions with the reporting and some recordkeeping requirements of 
the BSA.
---------------------------------------------------------------------------

    \6\ Public Law 99-570, 100 Stat. 3207 (Oct. 27, 1986).
    \7\ 12 U.S.C. 1818.
    \8\ 12 U.S.C. 1786.
    \9\ The Federal Banking Agencies include the Board of Governors 
of the Federal Reserve System, the Federal Deposit Insurance 
Corporation (FDIC), the National Credit Union Administration, and 
the Office of the Comptroller of the Currency.
---------------------------------------------------------------------------

    The Annunzio-Wylie Anti-Money Laundering Act of 1992 (Annunzio-
Wylie) amended the BSA \10\ by strengthening the sanctions for BSA 
violations and Treasury's role.\11\ Annunzio-Wylie authorized Treasury 
to issue regulations requiring all financial institutions, as defined 
in BSA regulations, to maintain ``minimum standards'' of an AML 
program.\12\ The minimum standards set forth in the statute were 
substantially similar to the standards set forth by the Federal Banking 
Agencies in their BSA compliance program regulations, which required 
depository institutions under their supervision to establish and 
maintain procedures ``reasonably designed'' to assure and monitor 
compliance with the requirements of the BSA.\13\
---------------------------------------------------------------------------

    \10\ Title XV of Public Law 102-550, 106 Stat. 3672 (Oct. 28, 
1992).
    \11\ See Title XV, sec. 1503 (authorizing the termination of 
FDIC insurance of insured depository institutions convicted of a 
criminal violation of the BSA), sec. 1504 (authorizing the removal 
officers or directors of such institutions found to have violated a 
BSA requirement), and sec. 1517 (authorizing Treasury to require the 
reporting of suspicious transactions) of Public Law 102-550.
    \12\ Title XV, sec. 1517 of Public Law 102-550.
    \13\ The minimum standards for an AML program set forth in 
Annunzio-Wylie, and codified at 31 U.S.C. 5318(h), include: ``(A) 
the development of internal policies, procedures, and controls, (B) 
the designation of a compliance officer, (C) an ongoing employee 
training program, and (D) an independent audit function to test 
programs.''
---------------------------------------------------------------------------

    The Uniting and Strengthening America by Providing Appropriate 
Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA 
PATRIOT Act) further amended the BSA, reinforcing the framework 
established earlier by Annunzio-Wylie, to require, among other things, 
customer identification requirements and Treasury's further expansion 
of AML program rules to cover certain other industries.\14\ In 2003, 
FinCEN and the Federal Banking Agencies issued a joint final rule on 
customer identification program (CIP) requirements.\15\ The USA PATRIOT 
Act also ushered in an expanded role for AML and other financial and 
economic measures in countering threats to U.S. national security and 
protecting the U.S. financial system. The range of authorities and 
measures introduced in Title III were intended to, among other 
purposes, ``increase the strength of United States measures to prevent, 
detect, and prosecute international money laundering and the financing 
of terrorism.'' \16\
---------------------------------------------------------------------------

    \14\ Public Law 107-56, 115 Stat. 272 (Oct. 26, 2001). FinCEN 
issued interim final AML program rules for financial institutions 
regulated by a Federal functional regulator, money services 
businesses, mutual funds, and operators of credit card systems. 67 
FR 21113 (Apr. 29, 2002). FinCEN's rule originally cross-referenced 
the regulations of the Federal functional regulator and provided 
that satisfaction of the Federal functional regulator's AML program 
rule requirements would be deemed to satisfy the requirements of 
Treasury's rule.
    \15\ 68 FR 25090 (May 9, 2003). FinCEN issued joint CIP rules 
separately with the U.S. Securities and Exchange Commission, 68 FR 
25113 (May 9, 2003) (brokers or dealers in securities) and 68 FR 
25131 (May 9, 2003) (mutual funds), and the U.S. Commodity Futures 
Trading Commission, 68 FR 25149 (May 9, 2003) (futures commission 
merchants and introducing brokers).
    \16\ Title III, sec. 302(b)(1) of Public Law 107-56.
---------------------------------------------------------------------------

    FinCEN's most recent significant change to BSA regulations was the 
implementation of customer due diligence and beneficial ownership 
requirements in 2016. These rules resulted in: (i) The expansion of 
FinCEN's AML program rules for financial institutions regulated by a 
Federal functional regulator to expressly incorporate the minimum 
statutory elements of an AML program prescribed by 31 U.S.C. 
5318(h)(1); and (ii) the incorporation of minimum standards for 
customer due diligence and the collection of beneficial ownership 
information for depository institutions, broker-dealers, mutual funds, 
and futures commission merchants and introducing brokers in 
commodities.\17\
---------------------------------------------------------------------------

    \17\ 81 FR 29398 (May 11, 2016).
---------------------------------------------------------------------------

B. Recent Efforts To Modernize the National AML Regime

    Over the past several years, there have been significant 
innovations in the financial sector and the development of new business 
models, products, and services, fueled in part by rapid technological 
change. As a result, financial institutions have confronted new 
opportunities and challenges in meeting BSA compliance obligations and 
providing information with a high degree of usefulness to government 
authorities in an efficient manner. FinCEN seeks to ensure that the 
BSA's AML regime adapts to address the evolving threats of illicit 
finance, such as money laundering, terrorist financing, and related 
crimes--some of which have changed considerably in scope, nature, and 
impact since the initial passage of the BSA--while simultaneously 
providing financial institutions with additional flexibility in 
addressing these threats. FinCEN, in collaboration with supervisory 
partners, law enforcement, and, where appropriate, the financial 
industry, has undertaken recent initiatives that collectively re-
examine the BSA regulatory framework and the broader national AML 
regime. The overall goal of these initiatives is to upgrade and 
modernize the national AML regime, where appropriate, and to facilitate 
the ability of the financial industry and corresponding supervisory 
authorities to leverage new technologies and risk-management 
techniques, share information, discard inefficient and unnecessary 
practices, and focus resources on fulfilling the BSA's stated purpose 
of providing information with a high degree of usefulness to government 
authorities. This ANPRM is intended to further these efforts.
1. The Bank Secrecy Act Advisory Group's AML Effectiveness Working 
Group and Recommendations
    Annunzio-Wylie required the Secretary to establish a Bank Secrecy 
Act Advisory Group (BSAAG).\18\ The statutory purposes of the BSAAG are 
to keep private sector representatives informed on a regular basis of 
the ways in which BSA reports filed by financial institutions, 
including suspicious

[[Page 58025]]

activity reports (SARs), are being used, and to receive advice 
regarding the modification of those reporting requirements to enhance 
the ability of law enforcement agencies to use the information provided 
for law enforcement purposes. The Director of FinCEN chairs the BSAAG, 
and its membership includes representatives from financial 
institutions, Federal and state regulatory and law enforcement 
agencies, and trade groups whose members are subject to the 
requirements of the BSA and its regulations, or Section 6050I of the 
Internal Revenue Code of 1986. The purposes and membership of the BSAAG 
make it an important forum for understanding stakeholder views in 
efforts to reform and modernize the national AML regime.
---------------------------------------------------------------------------

    \18\ Title XV, sec. 1564 of Public Law 102-550.
---------------------------------------------------------------------------

    The BSAAG created an Anti-Money-Laundering Effectiveness Working 
Group (AMLE WG) in June 2019 to develop recommendations for 
strengthening the national AML regime by increasing its effectiveness 
and efficiency. Member stakeholders worked collaboratively throughout 
2019 and into 2020 to identify regulatory initiatives that would allow 
financial institutions to reallocate resources to better focus on 
national AML priorities set by government authorities, increase 
information sharing and public-private partnerships, and leverage new 
technologies and risk-management techniques--and thus increase the 
efficiency and effectiveness of the nation's AML regime.
    The resulting recommendations, summarized below in broad 
categories, are a collective set of complementary efforts.\19\ The 
October 2019 BSAAG plenary received and endorsed the recommendations 
from the AMLE WG. This ANPRM is a result of FinCEN's evaluation of 
those recommendations and a step toward considering their 
implementation. FinCEN anticipates taking additional steps, such as 
issuing guidance where appropriate, as FinCEN continues to evaluate the 
full set of BSAAG recommendations.
---------------------------------------------------------------------------

    \19\ The subsections which follow summarize recommendations 
issued by the BSAAG and do not necessarily reflect current 
regulatory initiatives, nor do they imply endorsement of, nor 
commitment by, the relevant government agencies to implement these 
recommendations.
---------------------------------------------------------------------------

a. Developing and Focusing on AML Priorities
    The AMLE WG recommended that stakeholders refocus the national AML 
regime to place greater emphasis on providing information with a high 
degree of usefulness to government authorities based on national AML 
priorities, in order to promote effective outputs over auditable 
processes and to ensure clearer standards for measuring effectiveness 
in evaluating AML programs. The AMLE WG recommended that the relevant 
government agencies consider:
     Publishing a regulatory definition of AML program 
effectiveness;
     Developing and communicating national AML priorities as 
set by government authorities; and
     Issuing clarifying guidance for financial institutions on 
the elements of an effective AML program.
b. Reallocation of Compliance Resources
    The AMLE WG recommended that stakeholders facilitate BSA compliance 
resource reallocation by reducing or eliminating activities that are 
not required by law or regulation, make limited contributions to 
meeting risk-management objectives, and supply less useful information 
to government authorities. Resources freed from these activities could 
be reallocated to address areas of risk and national AML priorities. 
The AMLE WG recommended that the relevant government agencies consider:
     Clarifying current requirements and supervisory 
expectations with respect to risk assessments, negative media searches, 
customer risk categories, and initial and ongoing customer due 
diligence; and
     Revising existing guidance or regulations in areas such as 
Politically Exposed Persons and the application of existing model-risk-
management guidance to AML systems, in order to improve clarity, 
effectiveness, and compliance.
c. Monitoring and Reporting
    The AMLE WG recommended that AML monitoring and reporting practices 
be modernized and streamlined to maximize efficiency, quality, and 
speed of providing data to government authorities with due 
consideration for privacy and data security. The AMLE WG recommended 
that the relevant government agencies consider:
     Clarifying expectations and updating practices for keep-
open letters and suspicious activity monitoring, investigation, and 
reporting, including SARs based on grand jury subpoenas or negative 
media; and
     Supporting potential automation opportunities for high-
frequency/low-complexity SARs and currency transaction reports (CTRs), 
and exploring the possibility of streamlined SARs on continuing 
activity.
d. Enhancing Information Sharing
    Information sharing among financial institutions, regulators, and 
law enforcement through partnerships and other existing mechanisms is a 
key component of an effective BSA/AML regime. The AMLE WG recommended 
steps for enhancing information sharing mechanisms to communicate 
national AML priorities, related typologies, and emerging threats, such 
as:
     Forming a BSAAG-established working group with members 
from law enforcement agencies, regulators, and financial institutions 
to identify, prioritize, and recommend national AML priorities and 
advise on opportunities to communicate typologies, red flags, and other 
information related to national AML priorities;
     Leveraging existing information-sharing initiatives 
between the public and private sectors, including enhanced use of the 
BSA's information sharing provisions, sections 314(a) and (b) of the 
USA PATRIOT Act, and sharing with foreign affiliates and global 
institutions, as appropriate; and
     Assessing options for FinCEN and law enforcement agencies 
to provide more feedback to financial institutions related to the use 
and utility of BSA reports.
e. Advance Regulatory Innovations
    The AMLE WG recommended the continued enhancement of the national 
AML regime to promote the use of responsible innovations to address new 
and emerging money laundering and terrorist financing risks and the 
evolving industry landscape, as well as to encourage financial 
institutions to pursue more effective and efficient BSA compliance 
practices. Measures recommended include steps that financial 
institutions could take to better use responsible innovation in meeting 
CIP requirements--such as third-party software and service providers--
and studying the impact of financial technology and other emerging non-
bank financial service providers on the AML regime.

III. Elements of an ``Effective and Reasonably Designed'' AML Program

    FinCEN, after consulting with the staffs of various supervisory 
agencies, and having considered the BSAAG recommendations and other BSA 
modernization efforts, is publishing this ANPRM seeking comment on 
whether it is appropriate to clearly define a requirement for an 
``effective and reasonably designed'' AML program in BSA regulations. 
Increasing the

[[Page 58026]]

``effectiveness'' of the national AML regime is a core objective of 
recent AML modernization efforts. This term often refers to the 
implementation and maintenance of a compliant AML program, but has no 
specific, consistent definition in existing regulation. FinCEN believes 
that incorporating an ``effective and reasonably designed'' AML program 
requirement with a clear definition of ``effectiveness'' \20\ would 
allow financial institutions to more efficiently allocate resources and 
would impose minimal additional burden on existing AML programs that 
already comply under the existing supervisory approach. This 
requirement would also seek to implement a common understanding between 
supervisory agencies and their supervised financial institutions on the 
necessary AML program elements.
---------------------------------------------------------------------------

    \20\ There is some variance in the specific AML program 
requirements for different types of financial institutions, but 
current AML program regulations for most financial institutions 
subject to such requirements contain a requirement that either the 
AML program as a whole, or the implementation of internal controls, 
is ``reasonably designed.'' In addition, current AML program 
requirements vary as to whether a financial institution must 
implement an AML program that is ``reasonably designed'' to achieve 
compliance with the BSA, ``reasonably designed'' to prevent money 
laundering or terrorist financing, or both.
---------------------------------------------------------------------------

    Specifically, FinCEN is considering regulatory amendments that 
would explicitly define an ``effective and reasonably designed'' AML 
program as one that:
     Identifies, assesses, and reasonably mitigates the risks 
resulting from illicit financial activity--including terrorist 
financing, money laundering, and other related financial crimes--
consistent with both the institution's risk profile and the risks 
communicated by relevant government authorities as national AML 
priorities;
     Assures and monitors compliance with the recordkeeping and 
reporting requirements of the BSA; and
     Provides information with a high degree of usefulness to 
government authorities consistent with both the institution's risk 
assessment and the risks communicated by relevant government 
authorities as national AML priorities.
    As explained in more detail in the sections that follow, this ANPRM 
also seeks comment on whether the AML program regulations \21\ should 
be amended to establish an explicit requirement for a risk-assessment 
process, as well as whether the Director of FinCEN should issue every 
two years a list of national AML priorities, to be called FinCEN's 
``Strategic Anti-Money Laundering Priorities.''
---------------------------------------------------------------------------

    \21\ See supra note 1.
---------------------------------------------------------------------------

A. Identifying and Assessing Risks
    The current AML program rules generally require each financial 
institution to implement a system of internal controls to ``assure 
ongoing compliance'' \22\ with the BSA. This system of internal 
controls includes the policies, procedures, and processes that not only 
mitigate the risks associated with the products and services the 
financial institution offers and the customers it serves, but also 
ensures the financial institution meets regulatory requirements under 
the BSA. Under current practice for most financial institutions, the 
design of an AML program is based on the risks identified and assessed 
by the financial institution through a risk-assessment process. FinCEN 
and other supervisory agencies have traditionally viewed a risk 
assessment as a critical element of a reasonably designed program, 
because a program cannot be considered reasonably designed to achieve 
compliance with the recordkeeping and reporting requirements of the BSA 
unless the institution understands its risk profile.
---------------------------------------------------------------------------

    \22\ See, e.g., 31 CFR 1020.210(b)(1).
---------------------------------------------------------------------------

    Even though a financial institution's risk-assessment process is 
key to ensuring an effective AML program, it is not an explicit 
regulatory requirement for all types of institutions. Given the 
importance of the risk-assessment process to establishing an 
``effective and reasonably designed'' AML program, FinCEN believes that 
it warrants explicit incorporation. FinCEN is considering whether its 
AML program regulations should be amended to require the establishment 
of a risk-assessment process that includes the identification and 
analysis of money laundering, terrorist financing, and other illicit 
financial activity risks faced by the financial institution based on an 
evaluation of various factors, including its business activities, 
products, services, customers, and geographic locations in which the 
financial institution does business or services customers.
    FinCEN and the Federal Banking Agencies issued a Joint Statement on 
Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision in 2019 
that underscored the importance of a risk-based approach. The statement 
clarifies that these agencies' long-standing supervisory approach to 
examining for compliance with the BSA considers a financial 
institution's risk profile and notes that ``[a] risk-based [AML] 
compliance program enables a bank to allocate compliance resources 
commensurate with its risk.'' \23\ It further clarifies that a well-
developed risk-assessment process assists examiners in understanding a 
bank's risk profile and evaluating the adequacy of its AML program. The 
statement also explains that, as part of their risk-focused approach, 
examiners review a bank's risk-management practices to evaluate whether 
a bank has developed and implemented a reasonable and effective process 
to identify, measure, monitor, and control risks. Recognizing that many 
financial institutions are conducting risk assessments, FinCEN seeks 
comment on the effect to financial institutions' efforts to comply with 
AML program requirements of adding a regulatory requirement to conduct 
a risk assessment, and the effect, if any, on burden to financial 
institutions' processes for complying with AML program requirements.
---------------------------------------------------------------------------

    \23\ See Board of Governors of the Federal Reserve System, 
Federal Deposit Insurance Corporation, Financial Crimes Enforcement 
Network, National Credit Union Administration, and Office of the 
Comptroller of the Currency, Joint Statement on Risk-Focused Bank 
Secrecy Act/Anti-Money Laundering Supervision (July 22, 2019), 
available at https://www.fincen.gov/sites/default/files/2019-10/Joint%20Statement%20on%20Risk-Focused%20Bank%20Secrecy%20Act-Anti-Money%20Laundering%20Supervision%20FINAL1.pdf.
---------------------------------------------------------------------------

B. Consideration of the Strategic AML Priorities in the Risk-Assessment 
Process

    This ANPRM also seeks comment on whether regulatory amendments 
should be made so that an ``effective and reasonably designed'' AML 
program would require financial institutions to consider and integrate 
national AML priorities into their risk-assessment processes, as 
appropriate. FinCEN is considering whether the Director of FinCEN 
should issue national AML priorities, to be called its ``Strategic 
Anti-Money Laundering Priorities,'' every two years (or more frequently 
as appropriate to inform the public and private sector of new 
priorities). This ANPRM also seeks comment on whether these priorities 
should be considered, among other information, in a financial 
institution's risk assessment.
    FinCEN does not expect that its Strategic AML Priorities would 
capture the universe of all AML priorities, nor would they be intended 
to serve as the only priorities informing a risk-assessment process. 
Rather, they would seek to articulate FinCEN's existing AML priorities, 
informed by a wide range of government and private sector stakeholders, 
leveraging the broader priorities established by the National

[[Page 58027]]

Illicit Finance Strategy as determined by the Secretary of the 
Treasury--in consultation with the Departments of Justice, State, and 
Homeland Security, the Office of the Director of National Intelligence, 
the Office of Management and Budget, and the staffs of the Federal 
functional regulators--to better aid U.S. institutions in effectively 
complying with BSA obligations. Other relevant information that the 
Director of FinCEN may consider in determining Strategic AML Priorities 
includes, for example, FinCEN Advisories to financial institutions, 
which identify emerging risks and provide red flags and typologies that 
assist financial institutions in identifying and reporting suspicious 
activity; other relevant Treasury Department communications, including 
the National Risk Assessments; and information from law enforcement and 
other government agencies, and others.

C. Risk Management and Mitigation Informed by Strategic AML Priorities

    Building upon the prior two concepts--an explicit risk-assessment 
requirement and the publication of Strategic AML Priorities--this ANPRM 
also seeks comment as to whether an ``effective and reasonably 
designed'' AML program should require that financial institutions 
reasonably manage and mitigate the risks identified in the risk-
assessment process by taking into consideration the Strategic AML 
Priorities, as appropriate and among other relevant information. FinCEN 
believes that the vast majority of financial institutions are 
effectively and reasonably managing and mitigating the risks that they 
have identified. Under any proposal to incorporate a requirement for an 
``effective and reasonably designed'' AML program, FinCEN understands 
that institutions may reallocate resources from other lower-priority 
risks or practices to manage and mitigate higher-priority risks, 
including any identified as Strategic AML Priorities.
    Financial institutions may consider how FinCEN's Strategic AML 
Priorities impact and inform the risk assessment based on the 
institution's size, complexity, business activities, products, 
services, customers, and geographic locations in which the financial 
institution does business or services customers. This might enhance the 
financial institution's engagement with law enforcement and FinCEN to 
provide information with a high degree of usefulness to government 
authorities. In addition, a financial institution may be better able to 
engage with the appropriate level of Federal, state, or local law 
enforcement and other government officials to better understand and 
address risks within that jurisdiction. This might improve information 
sharing, to include requests from FinCEN or other government 
authorities, as well as participation in public-private information 
sharing forums.
    FinCEN recognizes that financial institutions may utilize different 
means to demonstrate effectiveness and anticipates that some financial 
institutions may determine that their AML programs already sufficiently 
assess and mitigate the risks identified as Strategic AML Priorities. 
FinCEN also anticipates that many financial institutions may determine 
that their business models and risk profiles reflect limited exposure 
to risks posed by the threats identified as Strategic AML Priorities, 
but may reflect greater exposure to significant and legitimate risks 
that may not be identified as Strategic AML Priorities. FinCEN 
recognizes and appreciates financial institutions must continue to 
identify, reasonably manage, and mitigate these risks consistent with 
financial institutions' risk-management processes.

D. Assuring and Monitoring Compliance With the Recordkeeping and 
Reporting Requirements of the BSA

    FinCEN does not expect that any regulatory changes made in response 
to this ANPRM would alter the recordkeeping and reporting requirements 
contained in existing BSA regulations. However, this ANPRM seeks 
comment as to whether financial institutions' AML program obligations 
should be based on the risks identified by the financial institution, 
to include consideration of Strategic AML Priorities, where appropriate 
and among other information. For example, a financial institution's 
process for the implementation of certain requirements, such as 
monitoring for suspicious activity, is based on risk. Making clear that 
compliance with this aspect of the AML program requirement is risk-
based is consistent with the objectives of increasing effectiveness and 
efficiency. It also reflects long-standing supervisory approaches and 
expectations.

E. Providing Information With a High Degree of Usefulness

    FinCEN believes that the proposed regulatory approach in this ANPRM 
furthers the statutory BSA purpose of providing information with a high 
degree of usefulness to government authorities. These regulatory 
amendments would explicitly define as a goal of the AML program that 
financial institutions provide information with a high degree of 
usefulness to government authorities consistent with the financial 
institution's risk assessment and Strategic AML Priorities, among other 
relevant information. FinCEN recognizes that many financial 
institutions have developed specialized units that focus on complex 
investigations. In addition, financial institutions of all sizes may 
collaborate with Federal, state, and local law enforcement, receive 
outreach from the government's SAR Review Teams, and often be willing 
to engage on relevant issues in their community. FinCEN expects that 
any future regulatory amendments to incorporate a requirement for an 
``effective and reasonably designed'' AML program would seek to provide 
a framework to recognize that these and other collaborative efforts may 
provide information with a high degree of usefulness to government 
authorities. This recognition, in turn, may provide further incentive 
for financial institutions to undertake and apply resources towards 
these important initiatives to combat money laundering, terrorist 
financing, and other related illicit financial crime. Such an approach 
has the potential to increase the overall effectiveness of the national 
AML regime by better enabling law enforcement and other users of BSA 
reporting to address priority threats to the U.S. financial system.

IV. Issues for Comment

    Based on the foregoing, FinCEN is seeking comment from the public, 
including industry, law enforcement, regulators, other consumers of BSA 
data, and any other interested parties, concerning a potential 
rulemaking to incorporate a requirement for an ``effective and 
reasonably designed'' AML program into AML program regulations and to 
provide clarity on its application. Specifically, FinCEN requests 
public comment on the following:
    Question 1: Does this ANPRM make clear the concept that FinCEN is 
considering for an ``effective and reasonably designed'' AML program 
through regulatory amendments to the AML program rules? If not, how 
should the concept be modified to provide greater clarity?
    Question 2: Are this ANPRM's three proposed core elements and 
objectives of an ``effective and reasonably designed'' AML program 
appropriate? Should FinCEN make any changes to the three proposed 
elements of an ``effective and reasonably designed''

[[Page 58028]]

AML program in a future notice of proposed rulemaking?
    As described above, FinCEN is considering regulatory amendments 
that would define an ``effective and reasonably designed'' program as 
one that:
     Identifies, assesses, and reasonably mitigates the risks 
resulting from illicit financial activity, including terrorist 
financing, money laundering, and other related financial crimes, 
consistent with both the institution's risk profile and the risks 
communicated by relevant government authorities as national AML 
priorities;
     Assures and monitors compliance with the recordkeeping and 
reporting requirements of the BSA; and
     Provides information with a high degree of usefulness to 
government authorities consistent with both the institution's risk 
assessment and the risks communicated by relevant government 
authorities as national AML priorities.
    Question 3: Are the changes to the AML regulations under 
consideration in this ANPRM an appropriate mechanism to achieve the 
objective of increasing the effectiveness of AML programs? If not, what 
different or additional mechanisms should FinCEN consider?
    Question 4: Should regulatory amendments to incorporate the 
requirement for an ``effective and reasonably designed'' AML program be 
proposed for all financial institutions currently subject to AML 
program rules? Are there any industry-specific issues that FinCEN 
should consider in a future notice of proposed rulemaking to further 
define an ``effective and reasonably designed'' AML program?
    FinCEN notes that, as regulations for different segments of the 
financial industry have been promulgated at different times in the 
past, such AML program regulations have evolved and, consequently, 
contain provisions that differ among the various industries subject to 
AML program requirements. For example, the AML program requirement for 
money services businesses (31 CFR 1022.210(a)) already contains an 
effectiveness component.\24\ FinCEN invites comments from all covered 
industries subject to AML program regulations as to how a requirement 
for an ``effective and reasonably designed'' AML program would impact 
their industry. Furthermore, FinCEN invites comment as to whether any 
industry-specific modifications would be appropriate to consider in 
future rulemaking.
---------------------------------------------------------------------------

    \24\ Specifically it provides that each money services business, 
as defined by Sec.  1010.100(ff), shall develop, implement, and 
maintain an effective anti-money laundering program. An effective 
anti-money laundering program is one that is reasonably designed to 
prevent the money services business from being used to facilitate 
money laundering and the financing of terrorist activities.
---------------------------------------------------------------------------

    Question 5: Would it be appropriate to impose an explicit 
requirement for a risk-assessment process that identifies, assesses, 
and reasonably mitigates risks in order to achieve an ``effective and 
reasonably designed'' AML program? If not, why? Are there other 
alternatives that FinCEN should consider? Are there factors unique to 
how certain institutions or industries develop and apply a risk 
assessment that FinCEN should consider? Should there be carve-outs or 
waivers to this requirement, and if so, what factors should FinCEN 
evaluate to determine the application thereof?
    Question 6: Should FinCEN issue Strategic AML Priorities, and 
should it do so every two years or at a different interval? Is an 
explicit requirement that risk assessments consider the Strategic AML 
Priorities appropriate? If not, why? Are there alternatives that FinCEN 
should consider?
    Question 7: Aside from policies and procedures related to the risk-
assessment process, what additional changes to AML program policies, 
procedures, or processes would financial institutions need to implement 
if FinCEN implemented regulatory changes to incorporate the requirement 
for an ``effective and reasonably designed'' AML program, as described 
in this ANPRM? Overall, how long of a period should FinCEN provide for 
implementing such changes?
    FinCEN seeks comment on specific programmatic changes. For example, 
how might the allocation of personnel change because of the possible 
regulatory amendments discussed in this ANPRM, and what processes would 
be required to reallocate AML compliance resources for different 
responsibilities? How long would such programmatic changes take to 
conceive, test, and implement? Would this vary by size of institution 
or across industry segments? If so, how? In addition to due diligence 
and monitoring processes, what other methods to mitigate risks are 
financial institutions engaged in? Should FinCEN add via future 
regulation more specific risk-mitigation requirements to ensure that 
controls are commensurate with the risks undertaken, and how might 
these risk-mitigation requirements vary by industry?
    Question 8: As financial institutions vary widely in business 
models and risk profiles, even within the same category of financial 
institution, should FinCEN consider any regulatory changes to 
appropriately reflect such differences in risk profile? For example, 
should regulatory amendments to incorporate the requirement for an 
``effective and reasonably designed'' AML program be proposed for all 
financial institutions within each industry type, or should this 
requirement differ based on the size or operational complexity of these 
financial institutions, or some other factors? Should smaller, less 
complex financial institutions, or institutions that already maintain 
effective BSA compliance programs with risk assessments that 
sufficiently manage and mitigate the risks identified as Strategic AML 
Priorities, have the ability to ``opt in'' to making changes to AML 
programs as described in this ANPRM?
    FinCEN appreciates that financial institutions vary considerably in 
size and complexity, and even well-intentioned regulatory actions that 
impact such a diverse collection of financial institutions can result 
in unintended consequences. Accordingly, FinCEN specifically requests 
comment on how the practical impact of the regulatory proposals 
described in this ANPRM could vary in implementation for institutions 
of differing size and complexity, and whether changes in approach--such 
as an opt-in decision--would be advisable. If greater flexibility is 
recommended, FinCEN requests comments as to whether any resultant 
divergence in AML program implementation might present financial crime 
vulnerabilities, and if so, how such vulnerabilities could be 
mitigated. If different requirements are recommended based on the size 
and/or operational complexity of financial institutions, please 
describe what thresholds and parameters might be appropriate, and why.
    Question 9: Are there ways to articulate objective criteria and/or 
a rubric for examination of how financial institutions would conduct 
their risk-assessment processes and report in accordance with those 
assessments, based on the regulatory proposals under consideration in 
this ANPRM?
    FinCEN appreciates that, in order for the regulatory proposals as 
described in this ANPRM to achieve the objective of increased 
effectiveness of the overall U.S. AML regime, the supervisory process 
must support and reinforce this objective. Indeed, FinCEN has consulted 
with the staffs of various Federal supervisory agencies in developing 
this ANPRM, and FinCEN requests comments on how the supervisory regime 
could best support the objectives as identified in this ANPRM.

[[Page 58029]]

    Question 10: Are there ways to articulate objective criteria and/or 
a rubric for independent testing of how financial institutions would 
conduct their risk-assessment processes and report in accordance with 
those assessments, based on the regulatory proposals under 
consideration in this ANPRM?
    FinCEN appreciates that the regulatory proposals described in this 
ANPRM may require changes in the implementation of independent testing 
by financial institutions in order to achieve the objectives as 
described in this ANPRM. Therefore, FinCEN also seeks comments on how a 
future rulemaking could best facilitate effective independent testing 
of risk assessments and other financial institution processes, as may 
be revised consistent with the proposals set forth in this ANPRM.
    Question 11: A core objective of the incorporation of a requirement 
for an ``effective and reasonably designed'' AML program would be to 
provide financial institutions with greater flexibility to reallocate 
resources towards Strategic AML Priorities, as appropriate. FinCEN 
seeks comment on whether such regulatory changes would increase or 
decrease the regulatory burden on financial institutions. How can 
FinCEN, through future rulemaking or any other mechanisms, best ensure 
a clear and shared understanding in the financial industry that AML 
resources should not merely be reduced as a result of such regulatory 
amendments, but rather should, as appropriate, be reallocated to higher 
priority areas?
    FinCEN specifically encourages commenters to provide quantifiable 
data, if available, that supports any views on whether the regulatory 
proposals under consideration would impact financial institutions' 
regulatory burden. FinCEN also invites comment with regard to how 
FinCEN and other supervisory authorities could best reinforce the 
importance of maintaining an appropriate level of BSA compliance 
resources if regulatory amendments are promulgated as described in this 
ANPRM.

V. Conclusion

    With this ANPRM, FinCEN is seeking input on the questions set forth 
above. FinCEN is soliciting comments on the impact to the public, 
including industry, law enforcement, regulators, other consumers of BSA 
data, and any other interested parties, and welcomes comments on all 
aspects of the ANPRM. All interested parties are encouraged to provide 
their views.

VI. Special Analysis

    This advance notice of proposed rulemaking is a significant 
regulatory action under Executive Order 12866 and has been reviewed by 
the Office of Management and Budget.

    Dated: September 14, 2020.
Michael Mosier,
Deputy Director, Financial Crimes Enforcement Network.
[FR Doc. 2020-20527 Filed 9-16-20; 8:45 am]
BILLING CODE 4810-02-P