The federal government recently expanded the Bank Secrecy Act to require firms that lack a federal functional regulator (FFR)—including private banks, trust companies, and non-federally insured credit unions, known as non-FFR institutions—to adhere to the same anti-money laundering (AML) regulations that apply to FDIC regulated institutions, including the creation and maintenance of AML and customer identification programs, as well as beneficial ownership requirements. The final rule took effect on November 16, giving these firms a limited window of 120 days to comply.
Before these new rules were approved, non-FFR institutions were simply required to make and maintain certain records, file reports for transactions of more than $10,000 in currency, and file suspicious activity reports. Trust companies, private banks, and credit unions also had to conduct formal customer identification procedures (CIP) for all clients, though other non-FFR institutions did not have to meet this CIP requirement.
Under the new rules, compliance teams must analyze the impacts of these new regulations on existing customer verification programs, as well as beneficial ownership requirements. They must ensure procedures for determining if a new customer appears on federal terrorism watch lists are correct. They must not only maintain a record of customer identifying information and descriptions of sources and methods, but prove that the record is maintained. They must also have adequate communication procedures for notifying clients in advance of identity verification data requests.
While planning and executing all of this, compliance teams also must get an AML program that meets the federal government’s minimum standards approved by the firm’s governing body. Each AML program is required to include the following “Five Pillars”:
- internal controls systematically designed to enable ongoing compliance with the Bank Secrecy Act;
- independent compliance testing conducted periodically by the firm or an outside party;
- a qualified AML officer designated as responsible for coordinating and monitoring Bank Secrecy Act compliance on a day-to-day basis;
- appropriate personnel training; and
- an adequate risk-based method for conducting ongoing due diligence of customers, which includes, but is not limited to, continuous monitoring for suspicious transactions to be reported upon identification and maintaining up-to-date customer data regarding the beneficial ownership of legal entity customers on a risk basis.
For example, according to the new rules surrounding due diligence for private bank accounts opened by non-U.S. citizens, firms “must take reasonable steps to ascertain the identity of the nominal and beneficial owners of, and the source of funds deposited into, private banking accounts, as necessary to guard against money laundering and to report suspicious transactions.” Politically exposed persons (PEP) due diligence appears to be needed under these rules too, as the requirements state these firms “must also conduct enhanced scrutiny of private banking accounts requested or maintained for, or on behalf of, senior foreign political figures (which includes family members or close associates). Enhanced scrutiny must be reasonably designed to detect and report transactions that may involve the proceeds of foreign corruption.”
Where do these firms start? This multifaceted challenge requires governance, compliance, technology, and logistics. Vcheck Global’s experienced team of investigators have worked with hundreds of firms over the years to establish and strengthen due diligence programs for risk management and corporate compliance, including many in financial services. Our team closely follows the latest announcements and changes proposed and enacted by regulatory bodies, and brings that knowledge to every investigation we conduct for our clients.
It is our goal to establish trusted partnerships with our clients to provide the expert due diligence and background investigation services they need to stay compliant and mitigate risk. Contact us here to learn more.