The Federal Financial Institutions Examination Council (FFIEC) is releasing the customer due diligence and beneficial ownership sections of the FFIEC Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual.
Customer due diligence and beneficial ownership represent expansions to requirements under BSA/AML to what banks are currently doing. Both aspects have a compliance date of May 11, 2018. The manual is intended to provide information to help assist with BSA compliance and safeguard operations from money laundering and other illicit financial transactions. These will be incorporated into the next manual upssdate.
Customer Due Diligence
The final CDD rule became effective July 11, 2016, with a compliance date of May 11, 2018. The rule codifies existing supervisory expectations and practices; and, in accordance with regulatory requirements, all banks must develop and implement appropriate risk-based procedures for conducting ongoing customer due diligence.
The guidance states that, “The cornerstone of a strong BSA/AML compliance program is the adoption and implementation of risk-based CDD policies, procedures, and processes for all customers, particularly those that present a higher risk for money laundering and terrorist financing. The objective of CDD is to enable the bank to understand the nature and purpose of customer relationships, which may include understanding the types of transactions in which a customer is likely to engage.”
The central component is having risk-based procedures and methods to effectively ascertain customer risk profiles. These processes assist the bank in determining when transactions are potentially suspicious.
The bank should gather sufficient information about the customer to form an understanding of the nature and purpose of customer relationships at the time of account opening. This understanding may be based on assessments of individual customers or on categories of customers. An understanding based on “categories of customers” means that for certain lower-risk customers, the bank’s understanding of the nature and purpose of a customer relationship can be developed by inherent or self-evident information such as the type of customer, the type of account opened, or the service or product offered.
The examination procedures indicate that components of the review will include evaluation of policies, procedures, practices, as well as transaction testing.
Beneficial Ownership Requirements for Legal Entity Customers
Under the Beneficial Ownership Rule, a bank must establish and maintain written procedures that are reasonably designed to identify and verify beneficial owner(s) of legal entity customers and to include such procedures in its anti-money laundering compliance program.
The belief is that requiring legal entity customers seeking access to banks to disclose identifying information, such as the name, date of birth, and Social Security number of natural persons who own or control them will make such entities more transparent and, thus, less attractive to criminals and those who assist them.
Banks should define in their policies, procedures, and processes how beneficial ownership information will be used to meet other regulatory requirements. For the purposes of the Beneficial Ownership Rule, a legal entity customer is defined as a corporation, limited liability company, or other entity that is created by the filing of a public document with a Secretary of State or other similar office, a general partnership, and any similar entity formed under the laws of a foreign jurisdiction that opens an account. A number of types of business entities are excluded from the definition of legal entity customer under the Beneficial Ownership rule. (see Appendix I, https://www.fdic.gov/news/news/financial/2018/fil18026b.pdf).
Beneficial ownership is determined under both a control prong and an ownership prong. Under the control prong, the beneficial owner is a single individual with significant responsibility to control, manage or direct a legal entity customer. Under the ownership prong, a beneficial owner is each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25 percent or more of the equity interests of a legal entity customer.
A bank must establish and maintain written procedures detailing the identifying information that must be obtained for each beneficial owner of a legal entity customer opening a new account after May 11, 2018. At a minimum, the bank must obtain the name, date of birth, address, and identification number (such as tax identification number) for each beneficial owner of a legal entity customer.
Banks are not required to conduct retroactive reviews to obtain beneficial ownership information on legal entity customers that were existing customers as of May 11, 2018. However, the bank may need to obtain (and thereafter update) beneficial ownership information for existing legal entity customers based on its ongoing monitoring.
Examination procedures indicate that policies and procedures will be examined as well as transaction testing during the course of an examination.
Further information including the exam procedures can be accessed here: https://www.fdic.gov/news/news/financial/2018/fil18026.html?source=govdelivery&utm_medium=email&utm_source=govdelivery.