New measures around money laundering and payment fraud have set the stage for the U.S. to implement the biggest changes to Bank Secrecy Act requirements since the Patriot Act passed in 2001.
Congress recently added four titles to the Defense Authorization Act, each updating and strengthening anti-money-laundering controls in the U.S. financial sector.
Many of the provisions will directly affect financial institutions in the U.S. and are aimed to assist the “establishment by financial institutions of reasonably designed risk-based programs to combat money laundering and the financing of terrorism.” There will be new regulations that financial institutions will have to address, but many requirements of the new laws are aimed at helping the government and financial institutions streamline current practices and optimize results.
Up front, financial institutions should be aware of the increase in potential fines and penalties and the strengthening of whistleblower provisions that make reporting much more likely. Penalties for repeat violators will be up to three times the profit gained or loss avoided as a result of the violation or two times the maximum penalty with respect to the violation. And whistleblowers are now entitled to up to 30% of sanctions more than $1 million instead of a maximum of $150,000.
It is too early to tell exactly what will be required by the new law. The Treasury Department will be issuing new guidelines to financial institutions that will likely affect their AML risk-based compliance programs. The new law requires the Treasury to supervise and examine financial institutions on their compliance with those new regulations. It also directs FinCEN, the Financial Crimes Enforcement Network, to develop regulations to implement the provisions of the law. In particular, FinCEN is to look into how the use of cryptocurrency can be regulated to prevent money laundering. FinCEN is also directed to enhance the FinCEN Exchange to facilitate communication of information including to and from financial institutions.
Technology is a key area in which the new law demands first study and then testing of financial institutions' implementation of any new technological standards. The Treasury Department will establish standards that will include “specific standards for a risk governance framework for financial institutions to provide oversight and to prudently evaluate and monitor systems and testing processes both pre- and post-implementation ... .”
This legislation also increases personnel at Treasury whose jobs will be to strengthen AML enforcement in the U.S. Some of these new roles are domestic liaisons at Treasury, who will work with BSA officers at financial institutions, among others. The law also provides for increased cooperation of Treasury and FinCEN with foreign regulators and to reach out to foreign financial institutions.
One area that may result in less burden and better processing for U.S. financial institutions is a review of currency transaction reports and suspicious activity reports. Reporting obligations may be overhauled in an effort to streamline reporting so as to achieve real-time use of the information contained in them by law enforcement and national security authorities. There is a sense that the current reporting structure is not the most useful for those purposes.
New provisions in the legislation make it easier to subpoena foreign banks that maintain correspondent accounts in the U.S. The process is much simpler to get records outside of the U.S. that relate to a criminal violation, violation of the Bank Secrecy Act, or a civil forfeiture action. In addition, foreign banks will have to maintain records in the U.S. that identify the beneficial and record owners of the foreign bank and the location of a person in the U.S. who is authorized to accept service of the subpoena.
Finally, the Corporate Transparency Act will require “reporting companies” organized under U.S. state laws or registered to do business in the U.S. (with a host of exceptions) to provide directly to FinCEN beneficial ownership information (25% equity stake or substantial control). This will not replace financial institutions’ duty to conduct know-your-customer assessments of companies doing business with them, but will be a resource for financial institutions to verify the information that they have collected.
The passage of these amendments will focus government attention on enforcement of anti-money-laundering laws. Financial institutions will need to keep up with regulations issued by Treasury and FinCEN relating to their AML duties. Yet many of the changes may make their compliance programs more efficient and in the end strengthen them.
