-
Start Preamble
AGENCY:
Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION:
Advance notice of proposed rulemaking (ANPRM).
SUMMARY:
This document seeks public comment on potential regulatory amendments to establish that all covered financial institutions subject to an anti-money laundering program requirement must maintain an “effective and reasonably designed” anti-money laundering program. Any such amendments would be expected to further clarify that such a program assesses and manages risk as informed by a financial institution's risk assessment, including consideration of anti-money laundering priorities to be issued by FinCEN consistent with the proposed amendments; provides for compliance with Bank Secrecy Act requirements; and provides for the reporting of information with a high degree of usefulness to government authorities. The regulatory amendments under consideration are intended to modernize the regulatory regime to address the evolving threats of illicit finance, and provide financial institutions with greater flexibility in the allocation of resources, resulting in the enhanced effectiveness and efficiency of anti-money laundering programs.
DATES:
Written comments are welcome, and must be received on or before November 16, 2020.
ADDRESSES:
Comments may be submitted, identified by Regulatory Identification Number (RIN) 1506-AB44, by any of the following methods:
- Federal E-rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments. Include RIN 1506-AB44 in the submission. Refer to Docket Number FINCEN-2020-0011.
- Mail: Financial Crimes Enforcement Network, P.O. Box 39, Vienna, VA 22183. Include 1506-AB44 in the body of the text. Refer to Docket Number FINCEN-2020-0011.
Please submit comments by one method only. All comments submitted in response to this ANPRM will become a matter of public record. Therefore, you should submit only information that you wish to make publicly available.
Start Further InfoFOR FURTHER INFORMATION CONTACT:
The FinCEN Regulatory Support Section at 1-800-767-2825 or electronically at frc@fincen.gov.
End Further Info End Preamble Start Supplemental InformationSUPPLEMENTARY INFORMATION:
I. Scope of ANPRM
The scope of program rules under consideration for amendment in this ANPRM includes those applicable to all of the industries that have anti-money laundering (AML) program requirements under FinCEN's regulations, including banks (which includes credit unions and other depository institutions, as defined in 31 CFR 1010.100(d)); casinos and card clubs; money services businesses; brokers or dealers in securities; mutual funds; insurance companies; futures commission merchants and introducing brokers in commodities; dealers in precious metals, precious stones, or jewels; operators of credit card systems; loan or finance companies; and housing government sponsored enterprises.[1] FinCEN particularly requests comment regarding any industry-specific considerations that FinCEN should evaluate with regard to the scope of possible rulemaking described in this ANPRM.
II. Background
A. History of the Bank Secrecy Act (BSA)
The Currency and Foreign Transactions Reporting Act of 1970, generally referred to as the BSA,[2] authorizes the Secretary of the U.S. Department of the Treasury (Secretary) to require financial institutions to keep records and file reports that “have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence Start Printed Page 58024activities, including analysis to protect against international terrorism.” [3] The Secretary has delegated to the Director of FinCEN the authority to implement, administer, and enforce compliance with the BSA and its related authorities.[4] As a result, FinCEN may require financial institutions to maintain procedures to ensure compliance with the BSA and its related regulations and to guard against money laundering, including AML program requirements.[5]
The Money Laundering Control Act of 1986 (MLCA) [6] made money laundering a Federal crime. It also amended the BSA, underscoring the importance of reporting information with a high degree of usefulness to government authorities. For example, Section 1359 of the MLCA amended section 8 of the Federal Deposit Insurance Act [7] and section 206 of the Federal Credit Union Act,[8] among other similar statutes, to require the Federal Banking Agencies [9] to issue regulations for covered financial institutions to “establish and maintain procedures reasonably designed to assure and monitor the compliance” of such institutions with the reporting and some recordkeeping requirements of the BSA.
The Annunzio-Wylie Anti-Money Laundering Act of 1992 (Annunzio-Wylie) amended the BSA [10] by strengthening the sanctions for BSA violations and Treasury's role.[11] Annunzio-Wylie authorized Treasury to issue regulations requiring all financial institutions, as defined in BSA regulations, to maintain “minimum standards” of an AML program.[12] The minimum standards set forth in the statute were substantially similar to the standards set forth by the Federal Banking Agencies in their BSA compliance program regulations, which required depository institutions under their supervision to establish and maintain procedures “reasonably designed” to assure and monitor compliance with the requirements of the BSA.[13]
The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act) further amended the BSA, reinforcing the framework established earlier by Annunzio-Wylie, to require, among other things, customer identification requirements and Treasury's further expansion of AML program rules to cover certain other industries.[14] In 2003, FinCEN and the Federal Banking Agencies issued a joint final rule on customer identification program (CIP) requirements.[15] The USA PATRIOT Act also ushered in an expanded role for AML and other financial and economic measures in countering threats to U.S. national security and protecting the U.S. financial system. The range of authorities and measures introduced in Title III were intended to, among other purposes, “increase the strength of United States measures to prevent, detect, and prosecute international money laundering and the financing of terrorism.” [16]
FinCEN's most recent significant change to BSA regulations was the implementation of customer due diligence and beneficial ownership requirements in 2016. These rules resulted in: (i) The expansion of FinCEN's AML program rules for financial institutions regulated by a Federal functional regulator to expressly incorporate the minimum statutory elements of an AML program prescribed by 31 U.S.C. 5318(h)(1); and (ii) the incorporation of minimum standards for customer due diligence and the collection of beneficial ownership information for depository institutions, broker-dealers, mutual funds, and futures commission merchants and introducing brokers in commodities.[17]
B. Recent Efforts To Modernize the National AML Regime
Over the past several years, there have been significant innovations in the financial sector and the development of new business models, products, and services, fueled in part by rapid technological change. As a result, financial institutions have confronted new opportunities and challenges in meeting BSA compliance obligations and providing information with a high degree of usefulness to government authorities in an efficient manner. FinCEN seeks to ensure that the BSA's AML regime adapts to address the evolving threats of illicit finance, such as money laundering, terrorist financing, and related crimes—some of which have changed considerably in scope, nature, and impact since the initial passage of the BSA—while simultaneously providing financial institutions with additional flexibility in addressing these threats. FinCEN, in collaboration with supervisory partners, law enforcement, and, where appropriate, the financial industry, has undertaken recent initiatives that collectively re-examine the BSA regulatory framework and the broader national AML regime. The overall goal of these initiatives is to upgrade and modernize the national AML regime, where appropriate, and to facilitate the ability of the financial industry and corresponding supervisory authorities to leverage new technologies and risk-management techniques, share information, discard inefficient and unnecessary practices, and focus resources on fulfilling the BSA's stated purpose of providing information with a high degree of usefulness to government authorities. This ANPRM is intended to further these efforts.
1. The Bank Secrecy Act Advisory Group's AML Effectiveness Working Group and Recommendations
Annunzio-Wylie required the Secretary to establish a Bank Secrecy Act Advisory Group (BSAAG).[18] The statutory purposes of the BSAAG are to keep private sector representatives informed on a regular basis of the ways in which BSA reports filed by financial institutions, including suspicious Start Printed Page 58025activity reports (SARs), are being used, and to receive advice regarding the modification of those reporting requirements to enhance the ability of law enforcement agencies to use the information provided for law enforcement purposes. The Director of FinCEN chairs the BSAAG, and its membership includes representatives from financial institutions, Federal and state regulatory and law enforcement agencies, and trade groups whose members are subject to the requirements of the BSA and its regulations, or Section 6050I of the Internal Revenue Code of 1986. The purposes and membership of the BSAAG make it an important forum for understanding stakeholder views in efforts to reform and modernize the national AML regime.
The BSAAG created an Anti-Money-Laundering Effectiveness Working Group (AMLE WG) in June 2019 to develop recommendations for strengthening the national AML regime by increasing its effectiveness and efficiency. Member stakeholders worked collaboratively throughout 2019 and into 2020 to identify regulatory initiatives that would allow financial institutions to reallocate resources to better focus on national AML priorities set by government authorities, increase information sharing and public-private partnerships, and leverage new technologies and risk-management techniques—and thus increase the efficiency and effectiveness of the nation's AML regime.
The resulting recommendations, summarized below in broad categories, are a collective set of complementary efforts.[19] The October 2019 BSAAG plenary received and endorsed the recommendations from the AMLE WG. This ANPRM is a result of FinCEN's evaluation of those recommendations and a step toward considering their implementation. FinCEN anticipates taking additional steps, such as issuing guidance where appropriate, as FinCEN continues to evaluate the full set of BSAAG recommendations.
a. Developing and Focusing on AML Priorities
The AMLE WG recommended that stakeholders refocus the national AML regime to place greater emphasis on providing information with a high degree of usefulness to government authorities based on national AML priorities, in order to promote effective outputs over auditable processes and to ensure clearer standards for measuring effectiveness in evaluating AML programs. The AMLE WG recommended that the relevant government agencies consider:
- Publishing a regulatory definition of AML program effectiveness;
- Developing and communicating national AML priorities as set by government authorities; and
- Issuing clarifying guidance for financial institutions on the elements of an effective AML program.
b. Reallocation of Compliance Resources
The AMLE WG recommended that stakeholders facilitate BSA compliance resource reallocation by reducing or eliminating activities that are not required by law or regulation, make limited contributions to meeting risk-management objectives, and supply less useful information to government authorities. Resources freed from these activities could be reallocated to address areas of risk and national AML priorities. The AMLE WG recommended that the relevant government agencies consider:
- Clarifying current requirements and supervisory expectations with respect to risk assessments, negative media searches, customer risk categories, and initial and ongoing customer due diligence; and
- Revising existing guidance or regulations in areas such as Politically Exposed Persons and the application of existing model-risk-management guidance to AML systems, in order to improve clarity, effectiveness, and compliance.
c. Monitoring and Reporting
The AMLE WG recommended that AML monitoring and reporting practices be modernized and streamlined to maximize efficiency, quality, and speed of providing data to government authorities with due consideration for privacy and data security. The AMLE WG recommended that the relevant government agencies consider:
- Clarifying expectations and updating practices for keep-open letters and suspicious activity monitoring, investigation, and reporting, including SARs based on grand jury subpoenas or negative media; and
- Supporting potential automation opportunities for high-frequency/low-complexity SARs and currency transaction reports (CTRs), and exploring the possibility of streamlined SARs on continuing activity.
d. Enhancing Information Sharing
Information sharing among financial institutions, regulators, and law enforcement through partnerships and other existing mechanisms is a key component of an effective BSA/AML regime. The AMLE WG recommended steps for enhancing information sharing mechanisms to communicate national AML priorities, related typologies, and emerging threats, such as:
- Forming a BSAAG-established working group with members from law enforcement agencies, regulators, and financial institutions to identify, prioritize, and recommend national AML priorities and advise on opportunities to communicate typologies, red flags, and other information related to national AML priorities;
- Leveraging existing information-sharing initiatives between the public and private sectors, including enhanced use of the BSA's information sharing provisions, sections 314(a) and (b) of the USA PATRIOT Act, and sharing with foreign affiliates and global institutions, as appropriate; and
- Assessing options for FinCEN and law enforcement agencies to provide more feedback to financial institutions related to the use and utility of BSA reports.
e. Advance Regulatory Innovations
The AMLE WG recommended the continued enhancement of the national AML regime to promote the use of responsible innovations to address new and emerging money laundering and terrorist financing risks and the evolving industry landscape, as well as to encourage financial institutions to pursue more effective and efficient BSA compliance practices. Measures recommended include steps that financial institutions could take to better use responsible innovation in meeting CIP requirements—such as third-party software and service providers—and studying the impact of financial technology and other emerging non-bank financial service providers on the AML regime.
III. Elements of an “Effective and Reasonably Designed” AML Program
FinCEN, after consulting with the staffs of various supervisory agencies, and having considered the BSAAG recommendations and other BSA modernization efforts, is publishing this ANPRM seeking comment on whether it is appropriate to clearly define a requirement for an “effective and reasonably designed” AML program in BSA regulations. Increasing the Start Printed Page 58026“effectiveness” of the national AML regime is a core objective of recent AML modernization efforts. This term often refers to the implementation and maintenance of a compliant AML program, but has no specific, consistent definition in existing regulation. FinCEN believes that incorporating an “effective and reasonably designed” AML program requirement with a clear definition of “effectiveness” [20] would allow financial institutions to more efficiently allocate resources and would impose minimal additional burden on existing AML programs that already comply under the existing supervisory approach. This requirement would also seek to implement a common understanding between supervisory agencies and their supervised financial institutions on the necessary AML program elements.
Specifically, FinCEN is considering regulatory amendments that would explicitly define an “effective and reasonably designed” AML program as one that:
- Identifies, assesses, and reasonably mitigates the risks resulting from illicit financial activity—including terrorist financing, money laundering, and other related financial crimes—consistent with both the institution's risk profile and the risks communicated by relevant government authorities as national AML priorities;
- Assures and monitors compliance with the recordkeeping and reporting requirements of the BSA; and
- Provides information with a high degree of usefulness to government authorities consistent with both the institution's risk assessment and the risks communicated by relevant government authorities as national AML priorities.
As explained in more detail in the sections that follow, this ANPRM also seeks comment on whether the AML program regulations [21] should be amended to establish an explicit requirement for a risk-assessment process, as well as whether the Director of FinCEN should issue every two years a list of national AML priorities, to be called FinCEN's “Strategic Anti-Money Laundering Priorities.”
A. Identifying and Assessing Risks
The current AML program rules generally require each financial institution to implement a system of internal controls to “assure ongoing compliance” [22] with the BSA. This system of internal controls includes the policies, procedures, and processes that not only mitigate the risks associated with the products and services the financial institution offers and the customers it serves, but also ensures the financial institution meets regulatory requirements under the BSA. Under current practice for most financial institutions, the design of an AML program is based on the risks identified and assessed by the financial institution through a risk-assessment process. FinCEN and other supervisory agencies have traditionally viewed a risk assessment as a critical element of a reasonably designed program, because a program cannot be considered reasonably designed to achieve compliance with the recordkeeping and reporting requirements of the BSA unless the institution understands its risk profile.
Even though a financial institution's risk-assessment process is key to ensuring an effective AML program, it is not an explicit regulatory requirement for all types of institutions. Given the importance of the risk-assessment process to establishing an “effective and reasonably designed” AML program, FinCEN believes that it warrants explicit incorporation. FinCEN is considering whether its AML program regulations should be amended to require the establishment of a risk-assessment process that includes the identification and analysis of money laundering, terrorist financing, and other illicit financial activity risks faced by the financial institution based on an evaluation of various factors, including its business activities, products, services, customers, and geographic locations in which the financial institution does business or services customers.
FinCEN and the Federal Banking Agencies issued a Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision in 2019 that underscored the importance of a risk-based approach. The statement clarifies that these agencies' long-standing supervisory approach to examining for compliance with the BSA considers a financial institution's risk profile and notes that “[a] risk-based [AML] compliance program enables a bank to allocate compliance resources commensurate with its risk.” [23] It further clarifies that a well-developed risk-assessment process assists examiners in understanding a bank's risk profile and evaluating the adequacy of its AML program. The statement also explains that, as part of their risk-focused approach, examiners review a bank's risk-management practices to evaluate whether a bank has developed and implemented a reasonable and effective process to identify, measure, monitor, and control risks. Recognizing that many financial institutions are conducting risk assessments, FinCEN seeks comment on the effect to financial institutions' efforts to comply with AML program requirements of adding a regulatory requirement to conduct a risk assessment, and the effect, if any, on burden to financial institutions' processes for complying with AML program requirements.
B. Consideration of the Strategic AML Priorities in the Risk-Assessment Process
This ANPRM also seeks comment on whether regulatory amendments should be made so that an “effective and reasonably designed” AML program would require financial institutions to consider and integrate national AML priorities into their risk-assessment processes, as appropriate. FinCEN is considering whether the Director of FinCEN should issue national AML priorities, to be called its “Strategic Anti-Money Laundering Priorities,” every two years (or more frequently as appropriate to inform the public and private sector of new priorities). This ANPRM also seeks comment on whether these priorities should be considered, among other information, in a financial institution's risk assessment.
FinCEN does not expect that its Strategic AML Priorities would capture the universe of all AML priorities, nor would they be intended to serve as the only priorities informing a risk-assessment process. Rather, they would seek to articulate FinCEN's existing AML priorities, informed by a wide range of government and private sector stakeholders, leveraging the broader priorities established by the National Start Printed Page 58027Illicit Finance Strategy as determined by the Secretary of the Treasury—in consultation with the Departments of Justice, State, and Homeland Security, the Office of the Director of National Intelligence, the Office of Management and Budget, and the staffs of the Federal functional regulators—to better aid U.S. institutions in effectively complying with BSA obligations. Other relevant information that the Director of FinCEN may consider in determining Strategic AML Priorities includes, for example, FinCEN Advisories to financial institutions, which identify emerging risks and provide red flags and typologies that assist financial institutions in identifying and reporting suspicious activity; other relevant Treasury Department communications, including the National Risk Assessments; and information from law enforcement and other government agencies, and others.
C. Risk Management and Mitigation Informed by Strategic AML Priorities
Building upon the prior two concepts—an explicit risk-assessment requirement and the publication of Strategic AML Priorities—this ANPRM also seeks comment as to whether an “effective and reasonably designed” AML program should require that financial institutions reasonably manage and mitigate the risks identified in the risk-assessment process by taking into consideration the Strategic AML Priorities, as appropriate and among other relevant information. FinCEN believes that the vast majority of financial institutions are effectively and reasonably managing and mitigating the risks that they have identified. Under any proposal to incorporate a requirement for an “effective and reasonably designed” AML program, FinCEN understands that institutions may reallocate resources from other lower-priority risks or practices to manage and mitigate higher-priority risks, including any identified as Strategic AML Priorities.
Financial institutions may consider how FinCEN's Strategic AML Priorities impact and inform the risk assessment based on the institution's size, complexity, business activities, products, services, customers, and geographic locations in which the financial institution does business or services customers. This might enhance the financial institution's engagement with law enforcement and FinCEN to provide information with a high degree of usefulness to government authorities. In addition, a financial institution may be better able to engage with the appropriate level of Federal, state, or local law enforcement and other government officials to better understand and address risks within that jurisdiction. This might improve information sharing, to include requests from FinCEN or other government authorities, as well as participation in public-private information sharing forums.
FinCEN recognizes that financial institutions may utilize different means to demonstrate effectiveness and anticipates that some financial institutions may determine that their AML programs already sufficiently assess and mitigate the risks identified as Strategic AML Priorities. FinCEN also anticipates that many financial institutions may determine that their business models and risk profiles reflect limited exposure to risks posed by the threats identified as Strategic AML Priorities, but may reflect greater exposure to significant and legitimate risks that may not be identified as Strategic AML Priorities. FinCEN recognizes and appreciates financial institutions must continue to identify, reasonably manage, and mitigate these risks consistent with financial institutions' risk-management processes.
D. Assuring and Monitoring Compliance With the Recordkeeping and Reporting Requirements of the BSA
FinCEN does not expect that any regulatory changes made in response to this ANPRM would alter the recordkeeping and reporting requirements contained in existing BSA regulations. However, this ANPRM seeks comment as to whether financial institutions' AML program obligations should be based on the risks identified by the financial institution, to include consideration of Strategic AML Priorities, where appropriate and among other information. For example, a financial institution's process for the implementation of certain requirements, such as monitoring for suspicious activity, is based on risk. Making clear that compliance with this aspect of the AML program requirement is risk-based is consistent with the objectives of increasing effectiveness and efficiency. It also reflects long-standing supervisory approaches and expectations.
E. Providing Information With a High Degree of Usefulness
FinCEN believes that the proposed regulatory approach in this ANPRM furthers the statutory BSA purpose of providing information with a high degree of usefulness to government authorities. These regulatory amendments would explicitly define as a goal of the AML program that financial institutions provide information with a high degree of usefulness to government authorities consistent with the financial institution's risk assessment and Strategic AML Priorities, among other relevant information. FinCEN recognizes that many financial institutions have developed specialized units that focus on complex investigations. In addition, financial institutions of all sizes may collaborate with Federal, state, and local law enforcement, receive outreach from the government's SAR Review Teams, and often be willing to engage on relevant issues in their community. FinCEN expects that any future regulatory amendments to incorporate a requirement for an “effective and reasonably designed” AML program would seek to provide a framework to recognize that these and other collaborative efforts may provide information with a high degree of usefulness to government authorities. This recognition, in turn, may provide further incentive for financial institutions to undertake and apply resources towards these important initiatives to combat money laundering, terrorist financing, and other related illicit financial crime. Such an approach has the potential to increase the overall effectiveness of the national AML regime by better enabling law enforcement and other users of BSA reporting to address priority threats to the U.S. financial system.
IV. Issues for Comment
Based on the foregoing, FinCEN is seeking comment from the public, including industry, law enforcement, regulators, other consumers of BSA data, and any other interested parties, concerning a potential rulemaking to incorporate a requirement for an “effective and reasonably designed” AML program into AML program regulations and to provide clarity on its application. Specifically, FinCEN requests public comment on the following:
Question 1: Does this ANPRM make clear the concept that FinCEN is considering for an “effective and reasonably designed” AML program through regulatory amendments to the AML program rules? If not, how should the concept be modified to provide greater clarity?
Question 2: Are this ANPRM's three proposed core elements and objectives of an “effective and reasonably designed” AML program appropriate? Should FinCEN make any changes to the three proposed elements of an “effective and reasonably designed” Start Printed Page 58028AML program in a future notice of proposed rulemaking?
As described above, FinCEN is considering regulatory amendments that would define an “effective and reasonably designed” program as one that:
- Identifies, assesses, and reasonably mitigates the risks resulting from illicit financial activity, including terrorist financing, money laundering, and other related financial crimes, consistent with both the institution's risk profile and the risks communicated by relevant government authorities as national AML priorities;
- Assures and monitors compliance with the recordkeeping and reporting requirements of the BSA; and
- Provides information with a high degree of usefulness to government authorities consistent with both the institution's risk assessment and the risks communicated by relevant government authorities as national AML priorities.
Question 3: Are the changes to the AML regulations under consideration in this ANPRM an appropriate mechanism to achieve the objective of increasing the effectiveness of AML programs? If not, what different or additional mechanisms should FinCEN consider?
Question 4: Should regulatory amendments to incorporate the requirement for an “effective and reasonably designed” AML program be proposed for all financial institutions currently subject to AML program rules? Are there any industry-specific issues that FinCEN should consider in a future notice of proposed rulemaking to further define an “effective and reasonably designed” AML program?
FinCEN notes that, as regulations for different segments of the financial industry have been promulgated at different times in the past, such AML program regulations have evolved and, consequently, contain provisions that differ among the various industries subject to AML program requirements. For example, the AML program requirement for money services businesses (31 CFR 1022.210(a)) already contains an effectiveness component.[24] FinCEN invites comments from all covered industries subject to AML program regulations as to how a requirement for an “effective and reasonably designed” AML program would impact their industry. Furthermore, FinCEN invites comment as to whether any industry-specific modifications would be appropriate to consider in future rulemaking.
Question 5: Would it be appropriate to impose an explicit requirement for a risk-assessment process that identifies, assesses, and reasonably mitigates risks in order to achieve an “effective and reasonably designed” AML program? If not, why? Are there other alternatives that FinCEN should consider? Are there factors unique to how certain institutions or industries develop and apply a risk assessment that FinCEN should consider? Should there be carve-outs or waivers to this requirement, and if so, what factors should FinCEN evaluate to determine the application thereof?
Question 6: Should FinCEN issue Strategic AML Priorities, and should it do so every two years or at a different interval? Is an explicit requirement that risk assessments consider the Strategic AML Priorities appropriate? If not, why? Are there alternatives that FinCEN should consider?
Question 7: Aside from policies and procedures related to the risk-assessment process, what additional changes to AML program policies, procedures, or processes would financial institutions need to implement if FinCEN implemented regulatory changes to incorporate the requirement for an “effective and reasonably designed” AML program, as described in this ANPRM? Overall, how long of a period should FinCEN provide for implementing such changes?
FinCEN seeks comment on specific programmatic changes. For example, how might the allocation of personnel change because of the possible regulatory amendments discussed in this ANPRM, and what processes would be required to reallocate AML compliance resources for different responsibilities? How long would such programmatic changes take to conceive, test, and implement? Would this vary by size of institution or across industry segments? If so, how? In addition to due diligence and monitoring processes, what other methods to mitigate risks are financial institutions engaged in? Should FinCEN add via future regulation more specific risk-mitigation requirements to ensure that controls are commensurate with the risks undertaken, and how might these risk-mitigation requirements vary by industry?
Question 8: As financial institutions vary widely in business models and risk profiles, even within the same category of financial institution, should FinCEN consider any regulatory changes to appropriately reflect such differences in risk profile? For example, should regulatory amendments to incorporate the requirement for an “effective and reasonably designed” AML program be proposed for all financial institutions within each industry type, or should this requirement differ based on the size or operational complexity of these financial institutions, or some other factors? Should smaller, less complex financial institutions, or institutions that already maintain effective BSA compliance programs with risk assessments that sufficiently manage and mitigate the risks identified as Strategic AML Priorities, have the ability to “opt in” to making changes to AML programs as described in this ANPRM?
FinCEN appreciates that financial institutions vary considerably in size and complexity, and even well-intentioned regulatory actions that impact such a diverse collection of financial institutions can result in unintended consequences. Accordingly, FinCEN specifically requests comment on how the practical impact of the regulatory proposals described in this ANPRM could vary in implementation for institutions of differing size and complexity, and whether changes in approach—such as an opt-in decision—would be advisable. If greater flexibility is recommended, FinCEN requests comments as to whether any resultant divergence in AML program implementation might present financial crime vulnerabilities, and if so, how such vulnerabilities could be mitigated. If different requirements are recommended based on the size and/or operational complexity of financial institutions, please describe what thresholds and parameters might be appropriate, and why.
Question 9: Are there ways to articulate objective criteria and/or a rubric for examination of how financial institutions would conduct their risk-assessment processes and report in accordance with those assessments, based on the regulatory proposals under consideration in this ANPRM?
FinCEN appreciates that, in order for the regulatory proposals as described in this ANPRM to achieve the objective of increased effectiveness of the overall U.S. AML regime, the supervisory process must support and reinforce this objective. Indeed, FinCEN has consulted with the staffs of various Federal supervisory agencies in developing this ANPRM, and FinCEN requests comments on how the supervisory regime could best support the objectives as identified in this ANPRM.Start Printed Page 58029
Question 10: Are there ways to articulate objective criteria and/or a rubric for independent testing of how financial institutions would conduct their risk-assessment processes and report in accordance with those assessments, based on the regulatory proposals under consideration in this ANPRM?
FinCEN appreciates that the regulatory proposals described in this ANPRM may require changes in the implementation of independent testing by financial institutions in order to achieve the objectives as described in this ANPRM. Therefore, FinCEN also seeks comments on how a future rulemaking could best facilitate effective independent testing of risk assessments and other financial institution processes, as may be revised consistent with the proposals set forth in this ANPRM.
Question 11: A core objective of the incorporation of a requirement for an “effective and reasonably designed” AML program would be to provide financial institutions with greater flexibility to reallocate resources towards Strategic AML Priorities, as appropriate. FinCEN seeks comment on whether such regulatory changes would increase or decrease the regulatory burden on financial institutions. How can FinCEN, through future rulemaking or any other mechanisms, best ensure a clear and shared understanding in the financial industry that AML resources should not merely be reduced as a result of such regulatory amendments, but rather should, as appropriate, be reallocated to higher priority areas?
FinCEN specifically encourages commenters to provide quantifiable data, if available, that supports any views on whether the regulatory proposals under consideration would impact financial institutions' regulatory burden. FinCEN also invites comment with regard to how FinCEN and other supervisory authorities could best reinforce the importance of maintaining an appropriate level of BSA compliance resources if regulatory amendments are promulgated as described in this ANPRM.
V. Conclusion
With this ANPRM, FinCEN is seeking input on the questions set forth above. FinCEN is soliciting comments on the impact to the public, including industry, law enforcement, regulators, other consumers of BSA data, and any other interested parties, and welcomes comments on all aspects of the ANPRM. All interested parties are encouraged to provide their views.
VI. Special Analysis
This advance notice of proposed rulemaking is a significant regulatory action under Executive Order 12866 and has been reviewed by the Office of Management and Budget.
Start SignatureDated: September 14, 2020.
Michael Mosier,
Deputy Director, Financial Crimes Enforcement Network.
Footnotes
1. See 31 CFR 1020.210 (banks); 31 CFR 1021.210 (casinos and card clubs); 31 CFR 1022.210 (money services businesses); 31 CFR 1023.210 (brokers or dealers in securities); 31 CFR 1024.210 (mutual funds); 31 CFR 1025.210 (insurance companies); 31 CFR 1026.210 (futures commission merchants and introducing brokers in commodities); 31 CFR 1027.210 (dealers in precious metals, precious stones, or jewels); 31 CFR 1028.210 (operators of credit card systems); 31 CFR 1029.210 (loan or finance companies); and 31 CFR 1030.210 (housing government sponsored enterprises).
Back to Citation2. 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5314; 5316-5332.
Back to Citation4. Treasury Order 180-01 (Jan. 14, 2020).
Back to Citation5. 31 U.S.C. 5318(a)(2), (h)(2).
Back to Citation6. Public Law 99-570, 100 Stat. 3207 (Oct. 27, 1986).
Back to Citation9. The Federal Banking Agencies include the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration, and the Office of the Comptroller of the Currency.
Back to Citation10. Title XV of Public Law 102-550, 106 Stat. 3672 (Oct. 28, 1992).
Back to Citation11. See Title XV, sec. 1503 (authorizing the termination of FDIC insurance of insured depository institutions convicted of a criminal violation of the BSA), sec. 1504 (authorizing the removal officers or directors of such institutions found to have violated a BSA requirement), and sec. 1517 (authorizing Treasury to require the reporting of suspicious transactions) of Public Law 102-550.
Back to Citation12. Title XV, sec. 1517 of Public Law 102-550.
Back to Citation13. The minimum standards for an AML program set forth in Annunzio-Wylie, and codified at 31 U.S.C. 5318(h), include: “(A) the development of internal policies, procedures, and controls, (B) the designation of a compliance officer, (C) an ongoing employee training program, and (D) an independent audit function to test programs.”
Back to Citation14. Public Law 107-56, 115 Stat. 272 (Oct. 26, 2001). FinCEN issued interim final AML program rules for financial institutions regulated by a Federal functional regulator, money services businesses, mutual funds, and operators of credit card systems. 67 FR 21113 (Apr. 29, 2002). FinCEN's rule originally cross-referenced the regulations of the Federal functional regulator and provided that satisfaction of the Federal functional regulator's AML program rule requirements would be deemed to satisfy the requirements of Treasury's rule.
Back to Citation15. 68 FR 25090 (May 9, 2003). FinCEN issued joint CIP rules separately with the U.S. Securities and Exchange Commission, 68 FR 25113 (May 9, 2003) (brokers or dealers in securities) and 68 FR 25131 (May 9, 2003) (mutual funds), and the U.S. Commodity Futures Trading Commission, 68 FR 25149 (May 9, 2003) (futures commission merchants and introducing brokers).
Back to Citation16. Title III, sec. 302(b)(1) of Public Law 107-56.
Back to Citation17. 81 FR 29398 (May 11, 2016).
Back to Citation18. Title XV, sec. 1564 of Public Law 102-550.
Back to Citation19. The subsections which follow summarize recommendations issued by the BSAAG and do not necessarily reflect current regulatory initiatives, nor do they imply endorsement of, nor commitment by, the relevant government agencies to implement these recommendations.
Back to Citation20. There is some variance in the specific AML program requirements for different types of financial institutions, but current AML program regulations for most financial institutions subject to such requirements contain a requirement that either the AML program as a whole, or the implementation of internal controls, is “reasonably designed.” In addition, current AML program requirements vary as to whether a financial institution must implement an AML program that is “reasonably designed” to achieve compliance with the BSA, “reasonably designed” to prevent money laundering or terrorist financing, or both.
Back to Citation21. See supra note 1.
Back to Citation22. See, e.g., 31 CFR 1020.210(b)(1).
Back to Citation23. See Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Financial Crimes Enforcement Network, National Credit Union Administration, and Office of the Comptroller of the Currency, Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision (July 22, 2019), available at https://www.fincen.gov/sites/default/files/2019-10/Joint%20Statement%20on%20Risk-Focused%20Bank%20Secrecy%20Act-Anti-Money%20Laundering%20Supervision%20FINAL1.pdf.
Back to Citation24. Specifically it provides that each money services business, as defined by § 1010.100(ff), shall develop, implement, and maintain an effective anti-money laundering program. An effective anti-money laundering program is one that is reasonably designed to prevent the money services business from being used to facilitate money laundering and the financing of terrorist activities.
Back to Citation[FR Doc. 2020-20527 Filed 9-16-20; 8:45 am]
BILLING CODE 4810-02-P
Document Information
- Published:
- 09/17/2020
- Department:
- Financial Crimes Enforcement Network
- Entry Type:
- Proposed Rule
- Action:
- Advance notice of proposed rulemaking (ANPRM).
- Document Number:
- 2020-20527
- Dates:
- Written comments are welcome, and must be received on or before November 16, 2020.
- Pages:
- 58023-58029 (7 pages)
- Docket Numbers:
- Docket No. FinCEN-2020-0011
- RINs:
- 1506-AB44: Anti-Money Laundering Program Effectiveness
- RIN Links:
- https://www.federalregister.gov/regulations/1506-AB44/anti-money-laundering-program-effectiveness
- PDF File:
- 2020-20527.pdf
- Supporting Documents:
- » Anti-Money Laundering Program Effectiveness
- CFR: (1)
- 31 CFR None