Skip to Content

We invite you to try out our new beta eCFR site at https://ecfr.federalregister.gov. We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Help' button on the bottom right of each page!

Rule

Financial Crimes Enforcement Network; Customer Identification Programs, Anti-Money Laundering Programs, and Beneficial Ownership Requirements for Banks Lacking a Federal Functional Regulator

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Enhanced Content

Relevant information about this document from Regulations.gov provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Financial Crimes Enforcement Network (“FinCEN”), Treasury.

ACTION:

Final rule.

SUMMARY:

FinCEN is issuing a final rule implementing sections 352, 326 and 312 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (“USA PATRIOT Act”) and removing the anti-money laundering program exemption for banks that lack a Federal functional regulator, including, but not limited to, private banks, non-federally insured credit unions, and certain trust companies. The Final Rule requires minimum standards for anti-money laundering programs for banks without a Federal functional regulator to ensure that all banks, regardless of whether they are subject to Federal regulation and oversight, are required to establish and implement anti-money laundering programs, and extends customer identification program requirements and beneficial ownership requirements to those banks not already subject to these requirements.

DATES:

Effective Date: November 16, 2020.

Compliance Date: The compliance date for anti-money laundering programs, customer identification programs, and beneficial ownership requirements for banks that lack a Federal functional regulator is March 15, 2021.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

The FinCEN Resource Center at (800) 767-2825 or email frc@fincen.gov.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

I. Background

A. Statutory Provisions

FinCEN exercises its regulatory functions primarily under the Currency and Financial Transactions Reporting Act of 1970, as amended by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (“USA PATRIOT Act”) (Public Law 107-56) and other legislation. This legislative framework is commonly referred to as the “Bank Secrecy Act” Start Printed Page 57130(“BSA”).[1] The Secretary of the Treasury (“Secretary”) has delegated to the Director of FinCEN the authority to implement, administer, and enforce compliance with the BSA and associated regulations.[2] Pursuant to this authority, FinCEN may issue regulations requiring financial institutions to keep records and file reports that “have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism.” [3] Additionally, FinCEN is authorized to impose anti-money laundering (“AML”) program requirements for financial institutions.[4]

Section 352 of the USA PATRIOT Act requires financial institutions to establish AML programs that, at a minimum, include: (1) The development of internal policies, procedures, and controls; (2) the designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs.[5] Section 352 of the USA PATRIOT Act authorizes FinCEN, in consultation with the appropriate Federal functional regulator (as defined by 15 U.S.C. 6809), to prescribe minimum standards for AML programs. In developing this Final Rule, FinCEN consulted with the Federal functional regulators defined in 15 U.S.C. 6809, as well as the Commodity Futures Trading Commission (“CFTC”) (collectively referred to as “Federal functional regulators”).[6] In addition, FinCEN consulted with the Internal Revenue Service (“IRS”), which is the examining authority for all institutions regulated by FinCEN that do not have a Federal functional regulator. FinCEN also consulted with state bank supervisory authorities. Consultations with these Federal and state regulatory and supervisory agencies assisted FinCEN in determining the appropriate scope and nature of banks that are not directly regulated by Federal functional regulators and to adequately consider appropriate regulatory coverage for such institutions.

When prescribing minimum standards for AML programs, FinCEN must “consider the extent to which the requirements imposed [under section 352 of the USA PATRIOT Act] are commensurate with the size, location, and activities of the financial institutions to which [the standards] apply.” [7] In addition, FinCEN may “prescribe an appropriate exemption from a requirement [in the BSA] or regulations [issued under the BSA].” [8] FinCEN used this authority in 2002 to temporarily defer the requirement to establish an AML program for certain financial institutions identified in section 352 of the USA PATRIOT Act. The purpose of the temporary deferral was to give FinCEN and Treasury time to continue to study the money laundering risks posed by such financial institutions in order to develop appropriate AML program requirements.

Section 326 of the USA PATRIOT Act requires FinCEN to prescribe regulations that require financial institutions to establish procedures for account opening that, at a minimum, include: (1) Verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency.[9] These programs are referred to as Customer Identification Programs (“CIPs”).

When prescribing CIP regulations for financial institutions, FinCEN is required to do so jointly with the appropriate Federal functional regulator.[10] The appropriate Federal functional regulator with which to promulgate joint CIP regulations is the particular agency that regulates and supervises the affected financial institutions.[11] Because the financial institutions covered under this Final Rule do not have a Federal functional regulator, and there is no other Federal agency with comparable direct supervisory authority over such financial institutions, there is no other appropriate Federal agency with which FinCEN is required to issue the CIP rules jointly.[12] Accordingly, FinCEN is issuing the CIP rule set forth here under its sole authority.

Section 312 of the USA PATRIOT Act requires each U.S. financial institution that establishes, maintains, administers, or manages a correspondent account or a private banking account in the United States for a non-U.S. person to subject such accounts to certain AML measures.[13] In particular, financial institutions must establish appropriate, specific, and, where necessary, enhanced due diligence policies, procedures, and controls that are reasonably designed to enable the financial institution to detect and report instances of money laundering through these accounts. In addition to the general due diligence requirements, which apply to all correspondent accounts for non-U.S. persons, section 5318(i)(2) of the BSA specifies additional standards for correspondent accounts maintained for certain foreign banks. Section 5318(i) also sets forth minimum due diligence requirements for private banking accounts for non-U.S. persons. Specifically, a covered financial institution must take reasonable steps to ascertain the identity of the nominal and beneficial owners of, and the source of funds deposited into, private banking accounts, as necessary to guard against money laundering and to report suspicious transactions. The institution must also conduct enhanced Start Printed Page 57131scrutiny of private banking accounts requested or maintained for, or on behalf of, senior foreign political figures (which includes family members or close associates). Enhanced scrutiny must be reasonably designed to detect and report transactions that may involve the proceeds of foreign corruption.

B. Regulatory Background

The following information describes the effect of certain previous rulemakings on banks, and specifically on banks lacking a Federal functional regulator.

AML Program Requirements

Most banks became subject to an AML program requirement under the BSA when FinCEN issued an Interim Final Rule on April 29, 2002 (“Interim Final Rule”).[14] The Interim Final Rule stated that an institution regulated by a Federal functional regulator “shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if it implements and maintains an [AML] program that complies with the regulation of its Federal functional regulator governing such programs.” [15] “Federal functional regulator” is defined at 31 CFR 1010.100(r) to include each of the Federal banking agencies, as well as the SEC and the CFTC.[16]

The Interim Final Rule temporarily deferred AML program requirements for certain financial institutions, including “private bankers.” [17] On November 6, 2002, FinCEN amended the Interim Final Rule to extend the exemption from the requirement to establish an AML program indefinitely for private bankers and to expand the exemption to other financial institutions, including any bank “that is not subject to regulation by a Federal functional regulator.” [18]

Although banks that lack a Federal functional regulator are exempt from the requirement to establish an AML program, they are required to comply with many other BSA requirements. For example, FinCEN regulations require all banks, regardless of whether they have a Federal functional regulator, to file currency transaction reports (“CTRs”) and suspicious activity reports (“SARs”), as well as to make and maintain certain records.[19] In addition, like other covered financial institutions, banks that lack a Federal functional regulator are prohibited from maintaining correspondent accounts for foreign shell banks and are required to obtain and retain information on the ownership of foreign banks.[20]

FinCEN has incrementally eliminated the Interim Final Rule's temporary exemption and promulgated AML program rules for certain other institutions, including insurance companies, certain loan or finance companies, and dealers in precious metals, precious stones, or jewels. FinCEN determined that the gap in AML coverage between banks with and without a Federal functional regulator presented a vulnerability to the U.S. financial system that could be exploited by bad actors, prompting this rulemaking. In the 2016 U.S. Mutual Evaluation, the Financial Action Task Force (FATF) recommended that three categories of non-Federal state-chartered banks be subject to an AML program requirement in addition to their reporting obligations.[21] The rulemaking covers non-Federal state chartered banks. Further, subsequent to the 2016 notice of proposed rulemaking to amend the AML, CIP, and beneficial ownership regulations to include coverage for banks lacking a Federal functional regulator, and according to the 2020 National Strategy for Combatting Terrorist and Other Illicit Financing, law enforcement identified specific instances of illicit actors taking advantage of this lack of regulatory coverage.[22]

Customer Identification Program Requirements

CIP requirements were finalized, through a joint final rule, for banks, savings associations, credit unions, and certain non-federally regulated banks on May 9, 2003. With this action, certain banks that lack a Federal functional regulator—namely, private banks, non-federally insured credit unions and trust companies lacking a federal functional regulator—were required to comply with CIP requirements.[23] On the same day, FinCEN published a notice of proposed rulemaking (“NPRM”) that would have imposed CIP requirements on all other banks without a Federal functional regulator that were not already included in the joint rule.[24] The 2003 NPRM was never finalized.

Beneficial Ownership Requirement

On May 11, 2016, FinCEN published a final rule (“CDD Rule”) [25] to clarify and strengthen customer due diligence requirements for certain financial institutions, including federally regulated banks. Specifically, the CDD Rule requires these financial institutions to identify and verify the identity of the beneficial owners of their legal entity customers, subject to certain exclusions and exemptions. The CDD Rule also amended the AML program requirements for these financial institutions. For purposes of regulatory consistency and for the reasons noted above, FinCEN believes it is necessary that these requirements apply to non-federally regulated banks as well.

Start Printed Page 57132

II. Notice of Proposed Rulemaking

On August 25, 2016, FinCEN issued an NPRM proposing to amend certain definitions and to amend the AML, CIP, and beneficial ownership regulations to include coverage for banks lacking a Federal functional regulator.[26] FinCEN proposed amending the definition of “bank” in 31 CFR 1020 specifically to include, at a minimum, the following categories: (1) State-chartered non-depository trust companies; (2) non-federally insured credit unions; (3) private banks; (4) non-federally insured state banks and savings associations; and (5) international banking entities. In the NPRM, FinCEN noted that the gap in AML coverage between banks with and without a Federal functional regulator presented a vulnerability to the U.S. financial system that could be exploited by bad actors, prompting this rulemaking. Subsequent to the NPRM, law enforcement has identified to FinCEN specific instances of illicit actors taking advantage of this lack of coverage. This activity has involved different types of institutions that would be subject to this rule, and includes multiple investigations related to terrorist financing, espionage, narcotics trafficking, and public corruption. FinCEN further proposed technical amendments to the definition of the term “bank” to create one standard definition to be used throughout the regulations. FinCEN did not propose any amendments to the definition of “financial institution,” because the amendments proposed in the NPRM would not impact how that term is defined in 31 CFR 1010.100(t).

In addition, FinCEN proposed amending the existing rules to impose standards and requirements for banks lacking a Federal functional regulator that are identical to those in FinCEN's AML, CIP, and beneficial ownership regulations for banks with a Federal functional regulator. Specifically, the NPRM proposed requiring any entity meeting the definition of “bank” in 31 CFR 1010.100(d), whether or not regulated by a Federal functional regulator, to establish AML and CIP programs and to comply with beneficial ownership requirements.

Finally, because there would no longer be a need to exclude banks without a Federal functional regulator from AML and CIP requirements if the proposal were finalized, FinCEN also proposed removing 31 CFR 1020.100(b) and (d). FinCEN also invited comment on all aspects of the NPRM.

III. Comments on the NPRM—Overview and General Issues

The comment period on the NPRM ended on October 24, 2016. FinCEN received eight comments. Comments were submitted by one anonymous source, three industry representatives, and four trade associations. FinCEN has reviewed and considered all the comments to the extent they addressed aspects of the proposed rulemaking. All the comments supported the issuance of this Final Rule. The Final Rule adopts the proposal in its entirety, but establishes a later date by which affected banks must be in compliance. One commenter requested a two-year implementation period. Another suggested an implementation date in May 2018, to coincide with that of the CDD Rule. A third commenter suggested an implementation period of six months to a year, and a fourth commenter suggested a minimum of six months.

As FinCEN emphasized in the NPRM, and described in more detail above, banks lacking a Federal functional regulator are already obligated to comply with a number of BSA regulations. In addition, banks lacking a Federal functional regulator generally are required by state banking regulation and guidance to have policies, management oversight, personnel training, and internal compliance review and various procedures and systems in place to comply with regulation and guidance. Even banks not subject to these state regulatory requirements must develop such policies and procedures to properly function and comply with their BSA obligations and state banking regulations. FinCEN views the existence of such policies and procedures as minimizing the amount of time needed to prepare for implementation of the Final Rule's requirements. Accordingly, FinCEN does not expect the transition to compliance with the Final Rule to be unreasonably difficult or costly, and does not believe a two-year implementation period is needed or warranted. However, in light of these comments, FinCEN has determined that it would be appropriate to provide affected banks more time to comply with the Final Rule. Banks lacking a Federal functional regulator, therefore, will have 180 days from the day the Final Rule is published to be in compliance. FinCEN believes that this time frame is reasonable and adequate to ensure compliance with these requirements, given the framework that these banks are expected to already have in place.

IV. Section-by-Section Analysis

A. Section 1010.100 General Definitions

Because the definition of bank in Part 1010 makes no distinction as to whether a bank has a Federal functional regulator, FinCEN did not propose any changes to the definition of bank in paragraph 1010.100(d). Likewise, there were no proposed changes to the general definition of financial institution in paragraph 1010.100(t). Because these existing definitions do not make distinctions based on whether a bank has a Federal functional regulator, they will be used for Part 1020. There were no objections to this general formulation, and FinCEN is adopting it as proposed.

B. Section 1010.605 Definition

The beneficial ownership rule refers to the definition of covered financial institution set forth in paragraph 1010.605(e)(1), which excludes certain financial institutions lacking a Federal functional regulator. To ensure that all banks are subject to the beneficial ownership requirements under section 1010.230, FinCEN proposed amending the definition in paragraph 1010.605(e)(1) by replacing paragraphs (i) through (vii) with a single paragraph (e)(1)(i) to include all banks within the rule's definition of “covered financial institution.” With these changes, all banks will now be required to comply with the beneficial ownership requirements to identify and verify the beneficial owners of legal entity customers, regardless of whether they are federally regulated. As with the previous sections, there were no objections to this general formulation, and FinCEN is adopting it as proposed.

C. Section 1020.100 Definitions

FinCEN proposed removing paragraph 1020.100(b), because the definition of bank for purposes of complying with CIP requirements only included banks subject to regulation by a Federal functional regulator. There were no objections to this general formulation, and FinCEN is removing the definition as proposed.

Likewise, FinCEN proposed removing paragraphs 1020.100(d)(1) and (2), because the definitions of financial institution for purposes of complying with AML and CIP requirements only included banks subject to regulation by a Federal functional regulator. There were no objections to this general formulation, and FinCEN is removing these paragraphs as proposed.Start Printed Page 57133

D. Amendments to Section 1010.205

FinCEN proposed amending section 1010.205 to reflect the removal of: (1) The exemption for private bankers (paragraph 1010.205(b)(1)(vi)); (2) the broader exemption for banks that lack a Federal functional regulator (paragraph 1010.205(b)(2)); and (3) the exemption for persons subject to supervision by a state banking authority (paragraph 1010.205(b)(3)). There were no objections to this amendment, and FinCEN is adopting it as proposed.

E. Amendments to Section 1020.210

FinCEN proposed amending the title for this section to reflect that all banks, regardless of whether they are subject to Federal regulation and oversight, are required to establish and implement AML programs. There were no objections to this amendment, and FinCEN is adopting it as proposed. The title for this section now reads: “Anti-money laundering program requirements for banks.”

FinCEN proposed amending the introductory paragraph in 1020.210 and redesignating the introductory paragraph as paragraph (a) in order to detail the AML program requirements specific to banks regulated only by a Federal functional regulator, including banks, savings associations, and credit unions. FinCEN also proposed removing from the introductory paragraph in 1020.210 the reference to regulation by a self-regulatory organization. There were no objections to these amendments, and FinCEN is adopting them as proposed.

FinCEN proposed adding new paragraph 1020.210(b) to detail the AML program requirements specific to banks that lack a Federal functional regulator, including, but not limited to, private banks, non-federally insured credit unions, and certain trust companies. Paragraph 1020.210(b)(2) requires banks that lack a Federal functional regulator to establish and implement AML programs under the specified minimum standards. Paragraph 1020.210(b)(3) requires banks that lack a Federal functional regulator to obtain approval of the AML program by their board of directors, or an equivalent governing body, and to make the AML program available to FinCEN or its designee upon request. There were no objections to these amendments, and FinCEN is adopting them as proposed.

F. Amendments to Section 1020.220

FinCEN proposed amending the title for this section to reflect that, going forward, CIP requirements would apply to all banks. There were no objections to this amendment, and FinCEN is adopting it as proposed.

V. Final Regulatory Flexibility Act Analysis

When an agency issues a rulemaking proposal, the Regulatory Flexibility Act (“RFA”) requires the agency to “prepare and make available for public comment an initial regulatory flexibility analysis” that will “describe the impact of the proposed rule on small entities.” 5 U.S.C. 603(a). Section 605 of the RFA allows an agency to certify a rule, in lieu of preparing an analysis, if the proposed rulemaking is not expected to have a significant economic impact on a substantial number of small entities.

A. Reasons Why Action by the Agency Is Being Considered

The Anti-Money Laundering Program

The statutory mandate that all financial institutions establish AML programs is a key element in the national effort to prevent and detect money laundering and the financing of terrorism. Banks without a Federal functional regulator are at least as vulnerable to the risks of money laundering and terrorist financing as banks with one. The Final Rule eliminates the present regulatory gap in AML coverage between banks with and without a Federal functional regulator. FinCEN expects that uniform regulatory requirements for all banks will reduce the opportunity for criminals to seek out and exploit banks subject to less rigorous AML requirements.

Customer Identification Program

For the reasons of regulatory consistency and protection against the systemic vulnerability discussed above in connection with AML programs, FinCEN believes that CIP requirements should also apply to all banks, regardless of whether they are federally regulated. In May 2003, FinCEN issued a Notice of Proposed Rulemaking to ensure that there would be no gaps in the scope of the CIP obligations as they apply to banks. However, this proposal was never finalized.

Beneficial Ownership Requirements

As noted above, the beneficial ownership requirements of the CDD Rule require that from and after May 11, 2018, federally regulated banks and certain other financial institutions identify, and verify the identity of, the beneficial owners of their legal entity customers, as set forth in section 1010.230. For purposes of regulatory consistency, and protection against the systemic vulnerability discussed above in connection with AML programs, FinCEN believes that this requirement should apply to non-federally regulated banks as well.

B. Objectives of, and Legal Basis for, the Final Rule

Section 352 of the USA PATRIOT Act requires financial institutions to establish AML programs that, at a minimum, include: (1) The development of internal policies, procedures, and controls; (2) the designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. In addition, the CDD Rule described above added an explicit requirement to understand the nature and purpose of customer relationships; to conduct ongoing monitoring to identify and report suspicious transactions; and, on a risk basis, to maintain and update customer information.[27]

Section 326 of the USA PATRIOT Act requires FinCEN to prescribe regulations that require financial institutions to establish programs for account opening that, at a minimum, include: (1) Verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency.

Section 312 of the USA PATRIOT Act requires each U.S. financial institution that establishes, maintains, administers, or manages a correspondent account or a private banking account in the United States for a non-U.S. person to subject such accounts to certain AML measures.

C. Small Entities Subject to the Final Rule

Based upon available data, for the purposes of the RFA, FinCEN estimates that these rules will impact approximately 297 state-chartered non-depository trust companies, 228 non-federally insured credit unions, 12 non-federally insured state-chartered banks and savings and loan or building and loan associations, 1 private bank, and 29 international banking entities.28 Start Printed Page 57134FinCEN's expectation, as expressed in the NPRM, is that many of the banks without a Federal functional regulator are small entities. No comments received in response to the NPRM indicated anything to the contrary. Therefore, FinCEN concludes that the Final Rule applies to a substantial number of small entities.

D. Projected Reporting, Recordkeeping, and Other Compliance Requirements of the Final Rule

The Final Rule prescribes minimum standards for AML programs for banks without a Federal functional regulator to ensure that all banks, regardless of whether they are subject to Federal regulation and oversight, are required to establish and implement written AML programs, including conducting ongoing customer due diligence, and to identify and verify the identity of the beneficial owners of their legal entity customers. The changes also extend customer identification program requirements to those banks not already subject to these requirements.

Banks lacking a Federal functional regulator are currently required to comply with many existing requirements under the BSA. All banks, including those not subject to Federal supervision, are already required to file CTRs and SARs, which necessarily requires a bank to establish a process to detect unusual activity. In addition, certain banks lacking a Federal functional regulator—namely, private banks, non-federally insured credit unions, and certain trust companies—must maintain CIPs.[29]

With respect to the beneficial ownership requirement, the Final Rule requires banks lacking a Federal functional regulator to obtain and maintain identifying information for each beneficial owner from each legal entity customer that opens a new account, including name, address, date of birth, and identification number. The financial institution is also required to verify the identity of such persons by documentary or non-documentary methods and to maintain in its records for five years a description of (i) any document relied on for verification, (ii) any such non-documentary methods and results of such measures undertaken, and (iii) the resolution of any substantive discrepancies discovered in verifying the identification information.

The burden on a small non-federally regulated bank at account opening resulting from the Final Rule would be a function of the number of beneficial owners of each legal entity customer opening a new account, the additional time required to identify and verify each beneficial owner, and the number of new accounts opened for legal entities by the small banks during a specified period.

None of the small businesses that commented on the CDD Rule's Initial Regulatory Flexibility Analysis (“IRFA”) included an estimate of the amount of time to open a legal entity account; rather, only one noted the number of such accounts it opens per year (70). As a result of the comments FinCEN received to the CDD Rule's regulatory impact assessment (“RIA”), FinCEN concluded in its Final Regulatory Flexibility Analysis (“FRFA”) [30] that the estimated time for financial institutions to open accounts ranges from 20 to 40 minutes.[31] On December 30, 2019, FinCEN published in the Federal Register a notice of intent to renew without change, information collection requirements in connection with beneficial ownership requirements for legal entity customers.[32] As a result of public comments received on the notice, FinCEN increased its estimate of the burden from an average of 30 minutes to an average of 80 minutes per new account opened for a legal entity customer.

E. Overlapping or Conflicting Federal Rules

FinCEN is unaware of any existing Federal regulations that would overlap or conflict with the Final Rule.

F. Consideration of Significant Alternatives

FinCEN has not identified any alternative means for bringing these categories of non-Federally regulated banks into compliance with the same standards as all other banks in the United States. Were FinCEN to exempt small entities from this requirement, those entities would potentially be at greater risk of abuse by criminals, terrorists, and other bad actors and would expose the U.S. financial system to money laundering, terrorist financing, proliferation financing, and other serious illicit finance threats.

With respect to beneficial ownership requirements in the CDD Rule, FinCEN considered several alternatives to the requirements proposed. As described in greater detail in the preamble to the final CDD Rule,[33] these alternatives included exempting small financial institutions below a certain asset or legal entity customer threshold from the requirements, as well as utilizing a lower or higher threshold for the minimum level of equity ownership for the definition of beneficial owner. FinCEN determined, however, that identifying the beneficial owner of a financial institution's legal entity customers and verifying that identity are necessary requirements to strengthen financial transparency and to combat the misuse of companies to engage in illicit activities. Were FinCEN to exempt from this requirement small entities or entities that establish a limited number of accounts for legal entities, those financial institutions would be at greater risk of abuse by criminals, terrorists, and other bad actors and would expose the U.S. financial system to money laundering, terrorist financing, proliferation financing, and other serious illicit finance threats.

FinCEN also considered increasing the threshold for ownership of equity interests in the definition of beneficial ownership to 50 percent or more of the equity interests. Although this higher threshold would reduce the maximum number of individuals whose identity would need to be verified from five to three, thus reducing marginally the onboarding time, this change would not impact the training or IT costs and, therefore, would not substantially reduce the overall costs of the rule and also would provide less useful information. After considering all the alternatives, FinCEN concluded that an ownership threshold of 25 percent is appropriate to maximize the benefits of the requirement while minimizing the burden.[34]

To minimize burden to covered financial institutions, which would apply to banks covered under this Final Rule, FinCEN did exempt such financial institutions from the beneficial ownership requirements in connection with legal entity customers opening certain low risk accounts.[35]

FinCEN believes, based on its exposure to other similarly regulated businesses that are required to comply Start Printed Page 57135with AML and CIP programs and beneficial ownership requirements, that banks lacking a Federal functional regulator will be able to build on their existing compliance policies and procedures and prudential business practices to ensure compliance with this Final Rule with relatively minimal cost and effort. As FinCEN has done with the other industries subject to the requirements of the BSA, FinCEN will actively engage with banks lacking a Federal functional regulator to provide guidance and feedback, and endeavor to make compliance with the regulations as cost-effective and efficient as possible for all affected banks.

FinCEN believes that the flexibility incorporated into the Final Rule permits each bank lacking a Federal functional regulator to take a risk-based approach to tailor its AML and CIP programs to fit its own size, needs, and operational risks. In this regard, FinCEN believes that expenditures associated with establishing and implementing an AML program will be commensurate with a bank's size, complexity, and risk profile. Based on inherent risks, some banks may deem it appropriate to implement more comprehensive policies, procedures, and internal controls than others. FinCEN does not intend for each bank lacking a Federal functional regulator to have identical policies and procedures for their AML and CIP programs. The AML regulations are risk-based. Accordingly, each bank has broad discretion to design and implement programs that reflect and respond to the bank's unique money laundering, terrorist and proliferation financing, and other serious illicit finance risks. As with other financial institutions subject to the requirements of the BSA, if a bank lacking a Federal functional regulator is small or does not have high-risk customers, or does not engage in high-risk transactions, the burden to comply with the Final Rule likely will be commensurately minimal. FinCEN anticipates that the impact of the AML and CIP program and beneficial ownership requirements and the assessment of associated risks will not be significant for covered banks lacking a Federal functional regulator.

G. Certification

The additional burden under the Final Rule is a requirement to maintain AML and CIP programs and comply with beneficial ownership requirements. As discussed above, FinCEN anticipates that the impact from these requirements will not be significant. Accordingly, FinCEN certifies that the Final Rule will not have a significant economic impact on small entities.

VI. Unfunded Mandates Act

Section 202 of the Unfunded Mandates Reform Act of 1995 (“Unfunded Mandates Act”), Public Law 104-4 (March 22, 1995), requires that an agency prepare a budgetary impact statement before promulgating a rule that may result in expenditure by State, local, and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year. If a budgetary impact statement is required, section 202 of the Unfunded Mandates Act also requires an agency to identify and consider a reasonable number of regulatory alternatives before promulgating a rule. Taking into account the factors noted above and using conservative estimates of average labor costs in evaluating the cost of the burden imposed by the proposed regulation, FinCEN has determined that it is not required to prepare a written statement under section 202.

VII. Executive Orders 13563 and 12866

Executive Orders 13563 and 12866 direct agencies to assess costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). Executive Order 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This Final Rule has been designated a “significant regulatory action,” although not economically significant, under section 3(f) of Executive Order 12866. Accordingly, the Final Rule has been reviewed by the Office of Management and Budget (“OMB”). As noted above, FinCEN believes the new requirements imposed on banks without a Federal functional regulator, as a result of this Final Rule, will result in a minimal additional compliance burden for such banks for the following reasons:

  • Banks lacking a Federal functional regulator are currently required to comply with many existing requirements under the BSA, including the requirements to file CTRs and SARs, which necessarily require a bank to establish a process to detect unusual activity.
  • Certain banks lacking a Federal functional regulator—namely, private banks, non-federally insured credit unions, and certain trust companies—must maintain CIPs.
  • Banks lacking a Federal functional regulator generally are required by state banking regulation and guidance to have policies, management oversight, personnel training, internal compliance review, and various procedures and systems in place to comply with regulation and guidance. Even banks not subject to these state regulatory requirements must develop such policies and procedures to properly function and comply with their BSA obligations and state banking regulations.

VIII. Paperwork Reduction Act

The collections of information contained in the Final Rule were submitted to OMB for review in accordance with the Paperwork Reduction Act of 1995 (“PRA”).[36] The information collections have been approved under OMB control numbers 1506-0035 (Anti-money laundering program requirements for banks), 1506-0026 (Customer identification program requirements for banks), and 1506-0070 (Beneficial ownership requirements for legal entity customers).

In accordance with the requirements of the PRA, and its implementing regulations, 5 CFR part 1320, the following information concerning the collection of information is presented. The information collections in this Final Rule are contained in 31 CFR 1020.210 (Anti-money laundering program requirements for banks), 31 CFR 1020.220 (Customer identification program requirements for banks), and 31 CFR 1010.230 (Beneficial ownership requirements for legal entity customers). The information will be used by examining agencies to verify compliance with these provisions. The collection of information is mandatory. Records required to be retained under the BSA must be retained for five years.

a. 31 CFR 1020.210—Anti-Money Laundering Program Requirements for Banks

Under this Final Rule, banks that lack a Federal functional regulator are required to establish and implement written AML programs under the specified minimum standards. All financial institutions are required to document their AML programs and are permitted to use the method most suitable to their requirements. In addition, banks that lack a Federal functional regulator are required to obtain approval of their AML program by their board of directors, or an equivalent governing body.

Description of Recordkeepers: Banks that lack a Federal functional regulator, including, but not limited to, state-Start Printed Page 57136chartered non-depository trust companies, non-federally insured credit unions, non-federally insured state-chartered banks and savings and loan or building and loan associations, private banks, and international banking entities.

Estimated Number of Recordkeepers: 567 financial institutions.[37]

Estimated Annual Records: 567 AML programs.

Estimated Annual Burden Hours: 1,134 hours.[38]

Estimated Total Annual Burden for AML Program Requirements: 1,134 hours.

This burden is added to the existing burden listed under OMB control number 1506-0035 currently titled “Anti-Money Laundering Programs for Insurance Companies and Non-Bank Residential Mortgage Lenders and Originators.” The new title for this control number will be “Anti-Money Laundering Programs for Insurance Companies, Non-Bank Residential Mortgage Lenders and Originators, and Banks Lacking a Federal Functional Regulator.” The new total estimated annual burden for this control number is 33,334 hours.[39]

b. 31 CFR 1020.220—Customer Identification Program Requirements for Banks

Under the CIP requirements, financial institutions are required to implement risk-based, written CIPs that address the following: (1) Procedures for verifying the identify of each new customer; (2) procedures for making and maintaining a record of all information obtained under the customer identification program; (3) procedures for determining whether a new customer appears on any list of known or suspected terrorist organizations issued by the Federal government; and (4) procedures for providing customers adequate notice that the financial institution is requesting information to verify their identities.

Description of Recordkeepers: Banks that lack a Federal functional regulator, such as non-federally insured state-chartered banks and savings and loan or building and loan associations, and international banking entities.[40]

1. Implementing Written CIP Procedures

Estimated Number of Recordkeepers: 41 financial institutions.[41]

Estimated Annual Records: 41 written CIP programs.

Estimated Annual Burden Hours: 41 hours.[42]

2. Recording Information Required To Identify and Verify New Customers

Estimated Number of Recordkeepers: 41 financial institutions.

Estimated Annual Records: 30,750 records on new accounts.[43]

Estimated Annual Burden Hours: 2,563 hours.[44]

3. Providing Customers Notice of Identification Requirements

Estimated Number of Recordkeepers: 41 financial institutions.

Estimated Annual Records: 41 disclosure notices.

Estimated Annual Burden Hours: 41 hours.[45]

4. Total Annual Burden Applicable to CIP Requirements

Estimated Total Annual Burden Hours for CIP Requirements: 2,645 hours (41 + 2,563 + 41).

  • 41 hours—Implementing written CIP procedures.
  • 2,563 hours—Recording information required to identify and verify new customers.
  • 41 hours—Providing customers notice of identification requirements.

This burden is added to the existing burden listed under OMB control number 1506-0026 currently titled “Customer Identification Programs for Banks, Savings Associations, Credit Unions, and Certain Non-Federally Regulated Banks.” The new title for this control number will be “Customer Identification Program Requirements for Banks.” The new total estimated annual burden for this control number is 178,205 hours.[46]

c. 31 CFR 1010.230—Beneficial Ownership Requirements for Legal Entity Customers

Under 31 CFR 1010.230, financial institutions are required to establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of new accounts opened by legal entity customers and to include such procedures in their AML programs. Financial institutions may obtain the required identifying information by either using the optional certification form from the individual opening the account on behalf of a legal entity Start Printed Page 57137customer, or by obtaining from the individual the information required by the form by another means, provided the individual certifies the accuracy of the information. Financial institutions must also maintain a record of the identifying information obtained, as well as a description of any document relied on, of any non-documentary methods and results of any measures undertaken, and the resolutions of substantive discrepancies.

Description of Recordkeepers: Banks that lack a Federal functional regulator, including, but not limited to, state-chartered non-depository trust companies, non-federally insured credit unions, non-federally insured state-chartered banks and savings and loan or building and loan associations, private banks, and international banking entities.

1. Develop and Maintain Beneficial Ownership Identification Procedures

Estimated Number of Recordkeepers: 567 financial institutions.[47]

Estimated Annual Records: 567 beneficial ownership identification procedures.

Estimated Annual Burden Hours: 22,680 hours.[48]

2. Customer Identification, Verification, and Review and Recordkeeping of the Beneficial Ownership Information

Estimated Number of Recordkeepers: 567 financial institutions.

Estimated Annual Records: 212,625 beneficial ownership identification records.[49]

Estimated Annual Burden Hours: 283,500 hours.[50]

3. Total Annual Burden Applicable to Beneficial Ownership Requirements

Estimated Total Annual Burden Hours for Beneficial Ownership Requirements: 306,180 hours (22,680 + 283,500).

  • 22,680 hours—Develop and maintain beneficial ownership identification procedures.
  • 283,500 hours—Customer identification, verification, and review and recordkeeping of the beneficial ownership information.

This burden is added to the existing burden listed under OMB control number 1506-0070 titled Beneficial Ownership Requirements for Legal Entity Customers. The new total estimated annual burden for this control number is 12,190,880 hours.[51]

Total Estimated Annual Burden Hours as a Result of this Final Rule: 309,959 hours (1,134 + 2,645 + 306,180).

  • Anti-money laundering program requirements for banks—1,134 hours.
  • Customer identification program requirements for banks—2,645 hours.
  • Beneficial ownership requirements for legal entity customers—306,180 hours.
Start List of Subjects

List of Subjects in 31 CFR Parts 1010 and 1020

  • Administrative practice and procedure
  • Banks
  • Banking
  • Currency
  • Foreign banking
  • Foreign currencies
  • Investigations
  • Penalties
  • Reporting and recordkeeping requirements
  • Terrorism
End List of Subjects

Authority and Issuance

For the reasons set forth in the preamble, Parts 1010 and 1020 of Chapter X of Title 31 of the Code of Federal Regulations are amended as follows:

Start Part

PART 1010—GENERAL PROVISIONS

End Part Start Amendment Part

1. The authority citation for part 1010 continues to read as follows:

End Amendment Part Start Authority

Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314 and 5316-5332; title III, sec. 314, Pub. Law 107-56, 115 Stat. 307; sec. 701, Pub. L. 114-74, 129 Stat. 599.

End Authority
[Amended]
Start Amendment Part

2. Section 1010.205 is amended by:

End Amendment Part Start Amendment Part

a. Removing paragraph (b)(1)(vi);

End Amendment Part Start Amendment Part

b. Redesignating paragraphs (b)(1)(vii) through (ix) as paragraphs (b)(1)(vi) through (viii); and

End Amendment Part Start Amendment Part

c. Removing and reserving paragraphs (b)(2) and (b)(3).

End Amendment Part Start Amendment Part

3. Section 1010.605 is amended by:

End Amendment Part Start Amendment Part

a. Revising paragraph (e)(1)(i);

End Amendment Part Start Amendment Part

b. Removing paragraphs (e)(1)(ii) through (vii); and

End Amendment Part Start Amendment Part

c. Redesignating paragraphs (e)(1)(viii) through (x) as paragraphs (e)(1)(ii) through (iv).

End Amendment Part

The revision reads as follows:

Definitions
* * * * *

(e) * * *

(1) * * *

(i) A bank required to have an anti-money laundering compliance program under the regulations implementing 31 U.S.C. 5318(h), 12 U.S.C. 1818(s), or 12 U.S.C. 1786(q)(1);

* * * * *
Start Part

PART 1020—RULES FOR BANKS

End Part Start Amendment Part

4. The authority citation for part 1020 continues to read as follows:

End Amendment Part Start Authority

Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314 and 5316-5332; title III, sec. 314, Pub. Law 107-56, 115 Stat. 307.

End Authority
[Amended]
Start Amendment Part

5. Section 1020.100 is amended by:

End Amendment Part Start Amendment Part

a. Removing paragraphs (b) and (d); and

End Amendment Part Start Amendment Part

b. Redesignating paragraph (c) as paragraph (b).

End Amendment Part Start Amendment Part

6. Section 1020.210 is revised to read as follows:

End Amendment Part
Anti-money laundering program requirements for banks.

(a) Anti-money laundering program requirements for banks regulated by a Federal functional regulator, including banks, savings associations, and credit unions. A bank regulated by a Federal functional regulator shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if it implements and maintains an anti-money laundering program that:

(1) Complies with the requirements of §§ 1010.610 and 1010.620 of this chapter;

(2) Includes, at a minimum:

(i) A system of internal controls to assure ongoing compliance;

(ii) Independent testing for compliance to be conducted by bank personnel or by an outside party;

(iii) Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;Start Printed Page 57138

(iv) Training for appropriate personnel; and

(v) Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:

(A) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and

(B) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph, customer information shall include information regarding the beneficial owners of legal entity customers (as defined in § 1010.230 of this chapter); and

(3) Complies with the regulation of its Federal functional regulator governing such programs.

(b) Anti-money laundering program requirements for banks lacking a Federal functional regulator including, but not limited to, private banks, non-federally insured credit unions, and certain trust companies. A bank lacking a Federal functional regulator shall be deemed to satisfy the requirements of 31 U.S.C. 5318(h)(1) if the bank establishes and maintains a written anti-money laundering program that:

(1) Complies with the requirements of §§ 1010.610 and 1010.620 of this chapter; and

(2) Includes, at a minimum:

(i) A system of internal controls to assure ongoing compliance with the Bank Secrecy Act and the regulations set forth in 31 CFR Chapter X;

(ii) Independent testing for compliance to be conducted by bank personnel or by an outside party;

(iii) Designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance;

(iv) Training for appropriate personnel; and

(v) Appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to:

(A) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and

(B) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph, customer information shall include information regarding the beneficial owners of legal entity customers (as defined in § 1010.230); and

(3) Is approved by the board of directors or, if the bank does not have a board of directors, an equivalent governing body within the bank. The bank shall make a copy of its anti-money laundering program available to the Financial Crimes Enforcement Network or its designee upon request.

Start Amendment Part

7. Amend § 1020.220 by revising the section heading and paragraph (a)(1) to read as follows:

End Amendment Part
Customer identification program requirements for banks.

(a) * * *

(1) In general. A bank required to have an anti-money laundering compliance program under the regulations implementing 31 U.S.C. 5318(h), 12 U.S.C. 1818(s), or 12 U.S.C. 1786(q)(1) must implement a written Customer Identification Program (CIP) appropriate for the bank's size and type of business that, at a minimum, includes each of the requirements of paragraphs (a)(1) through (5) of this section. The CIP must be a part of the anti-money laundering compliance program.

* * * * *
Start Signature

Michael Mosier,

Deputy Director, Financial Crimes Enforcement Network.

End Signature End Supplemental Information

Footnotes

1.  The BSA is codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, 31 U.S.C. 5311-5314 and 5316-5332, and notes thereto, with implementing regulations at 31 CFR Chapter X. See 31 CFR 1010.100(e).

Back to Citation

2.  Treasury Order 180-01 (Jan. 14, 2020).

Back to Citation

6.  31 CFR 1010.100(r) (defining Federal functional regulator to include the Board of Governors of the Federal Reserve System; the Office of the Comptroller of the Currency; the Board of Directors of the Federal Deposit Insurance Corporation; the Office of Thrift Supervision (which was merged into other regulatory agencies and ceased to exist in 2011); the National Credit Union Administration; the Securities and Exchange Commission; and the Commodity Futures Trading Commission).

Back to Citation

7.  Public Law 107-56, title III, Sec. 352(c), 115 Stat. 322, codified at 31 U.S.C. 5318 note.

Back to Citation

9.  31 U.S.C. 5318(l); see also Joint Final Rule—Customer Identification Programs for Banks, Savings Associations, Credit Unions and Certain Non-Federally Regulated Banks, 68 FR 25103 (May 9, 2003) (codified at 31 CFR 1020.220(a)(4)) (“The CIP must include procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations issued by any Federal government agency and designated as such by Treasury in consultation with the Federal functional regulators.”).

Back to Citation

10.  31 U.S.C. 5318(l)(4) (“Certain financial institutions.—In the case of any financial institution the business of which is engaging in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (including financial activities subject to the jurisdiction of the Commodity Futures Trading Commission), the regulations prescribed by the Secretary under paragraph (1) shall be prescribed jointly with each Federal functional regulator (as defined in section 509 of the Gramm-Leach-Bliley Act, including the Commodity Futures Trading Commission) appropriate for such financial institution.”). The financial institutions subject to the CIP rule that will be covered by this Final Rule engage in financial activities within the meaning of 12 U.S.C. 1843(k), in particular lending money and providing financial advisory services. See 12 U.S.C. 1843(k)(4)(A) and (C).

Back to Citation

11.  See, e.g., 31 CFR 1020.210(a).

Back to Citation

12.  See Notice of Proposed Rulemaking—Customer Identification Programs for Certain Banks Lacking a Federal Functional Regulator, 68 FR 25163 (May 9, 2003).

Back to Citation

13.  These requirements are set forth and cross-referenced in sections 31 CFR1020.610 (cross-referencing to 31 CFR 1010.610) and 31 CFR 1020.620 (cross-referencing to 31 CFR 1010.620).

Back to Citation

14.  See Interim Final Rule—Anti-Money Laundering Programs for Financial Institutions, 67 FR 21110 (Apr. 29, 2002). In 1987, Federal banking regulators issued regulations requiring federally insured depository institutions and credit unions to have anti-money laundering programs “to assure and monitor compliance with the requirements of subchapter II of chapter 53 of Title 31, United States Code.” Final Rule—Procedures for Monitoring Bank Secrecy Act Compliance, 52 FR 2858 (Jan. 27, 1987). The USA PATRIOT Act made developing and implementing an AML program a statutory requirement under the BSA in 2001.

Back to Citation

15.  67 FR at 21113. Since the issuance of the 2002 Interim Final Rule, FinCEN has reorganized its regulations under 31 CFR Chapter X. See Final Rule—Transfer and Reorganization of Bank Secrecy Act Regulations, 75 FR 65806 (Oct. 26, 2010). The cited AML program requirement can currently be found at 31 CFR 1020.210, with an added cross-reference to enhanced due diligence requirements imposed by rulemakings later than the Interim Final Rule.

Back to Citation

16.  See supra note 6.

Back to Citation

17.  “Private banker” is included in the list of financial institutions set out in the BSA. 12 U.S.C. 5312(a)(2)(C).

Back to Citation

18.  Amendment of Interim Final Rule—Anti-Money Laundering Programs for Financial Institutions, 67 FR 67547 (Nov. 6, 2002) (codified at 31 CFR 1010.205).

Back to Citation

19.  See 31 CFR 1010.306-315 (CTRs); 31 CFR 1020.320 (SAR rule for banks); 31 CFR 1010.410 (records to be made and retained by financial institutions).

Back to Citation

20.  31 CFR 1010.630 (governing prohibitions against establishing, maintaining, administering, or managing correspondent accounts for foreign shell companies and records required for correspondent accounts); 31 CFR 1010.670 (governing summons or subpoena of foreign bank records and termination of correspondent relationships); 31 CFR 1010.605(e)(2) (defining covered financial institutions to include institutions not regulated by a Federal functional regulator, including private banks, trust companies, and credit unions). By contrast, covered financial institutions for purposes of due diligence program requirements for correspondent accounts and private banking accounts do not include private banks. Rather, such due diligence program requirements apply only to federally insured banks and credit unions, as well as certain trust companies that are federally regulated and subject to an anti-money laundering program requirement. See 31 CFR 1010.605(e)(1) (covered financial institution); 31 CFR 1010.610 (correspondent accounts); 31 CFR 1010.620 (private banking accounts).

Back to Citation

22.  See page 41 of the 2020 National Strategy for Combatting Terrorist and Other Illicit Financing at https://home.treasury.gov/​system/​files/​136/​National-Strategy-to-Counter-Illicit-Financev2.pdf.

Back to Citation

23.  See 68 FR 25090 (May 9, 2003) (codified at 31 CFR 1020.220).

Back to Citation

24.  See supra note 12.

Back to Citation

25.  See Customer Due Diligence Requirements for Financial Institutions, 81 FR 29398 (May 11, 2016) (codified at 31 CFR 1010.230).

Back to Citation

26.  See 81 FR 58425 (Aug. 25, 2016).

Back to Citation

28.  The Small Business Administration (“SBA”) size standards define a trust company as a small business if it has assets of $38.5 million or less. The SBA defines a depository institution (including a credit union) as a small business if it has assets of $550 million or less. FinCEN was unable to find an authoritative figure on the number of non-federally regulated depository institutions that would meet the definition of small entity.

Back to Citation

30.  See 81 FR at 29448.

Back to Citation

31.  See id. As a result of the comments FinCEN received to the draft RIA from other commenters, FinCEN increased the estimated time for financial institutions to open accounts, from a range of 15 to 30 minutes in the IRFA, to a range of 20 to 40 minutes.

Back to Citation

32.  See 84 FR 72137 (Dec. 30, 2019).

Back to Citation

33.  See 81 FR at 29450.

Back to Citation

34.  Id. at 29410.

Back to Citation

35.  31 CFR 1010.230(h); see also FIN-2018-R004, “Exceptive Relief from Beneficial Ownership Requirements for Legal Entity Customers of Rollovers, Renewals, Modifications, and Extensions of Certain Accounts,” (Sept. 7, 2018).

Back to Citation

37.  Approximately 297 state-chartered non-depository trust companies, 228 non-federally insured credit unions, 12 non-federally insured state-chartered banks and savings and loan or building and loan associations, 1 private bank, and 29 international banking entities will be required to implement written AML programs as a result of this Final Rule.

Back to Citation

38.  The estimated average burden associated with the development of a written AML program is one hour per recordkeeper annually. Although this is a new requirement for banks lacking a Federal functional regulator, they are already obligated to comply with a number of BSA regulations and state banking regulations. For example, FinCEN regulations require all banks, regardless of whether they have a Federal functional regulator, to file CTRs and SARs, as well as to make and maintain certain records. These banks likely maintain procedures to comply with such BSA and state banking regulations. For that reason, FinCEN estimates that the burden associated with the development of a written AML program is one hour because the impacted financial institutions will be able to incorporate existing applicable procedures. In addition, the estimated average burden associated with obtaining board approval of the AML program is one hour per recordkeeper annually. This equates to 2 hours of annual burden per impacted financial institution to comply with these requirements (567 financial institutions × 2 hours = 1,134 hours).

Back to Citation

39.  The current annual burden hours estimate for OMB control number 1506-0035 is 32,200. One thousand one hundred thirty four (1,134) burden hours will be added to this control number as a result of this Final Rule (32,200 + 1,134 = 33,334).

Back to Citation

40.  FinCEN has previously implemented CIP requirements for credit unions, private banks, and trust companies that do not have a Federal functional regulator. See 31 CFR 1020.220. For that reason, the CIP requirements in this Final Rule only apply to the non-federally insured state-chartered banks and savings and loan or building and loan associations and international banking entities.

Back to Citation

41.  Approximately 12 non-federally insured state-chartered banks and savings and loan or building and loan associations and 29 international banking entities depository institutions will be required to implement CIP requirements as a result of this Final Rule.

Back to Citation

42.  The estimated average burden associated with the development of written CIP procedures is one hour per recordkeeper annually. Although this is a new requirement for some banks lacking a Federal functional regulator, they are already obligated to comply with a number of BSA regulations and state banking regulations. These banks likely maintain procedures to comply with such BSA and state banking regulations. Further, certain identity verification documents for new customers are collected as standard practice for the financial industry. For that reason, FinCEN estimates that the burden associated with the development of written CIP procedures is one hour because it will incorporate existing applicable procedures.

Back to Citation

43.  FinCEN estimates that, on average, small financial institutions, such as those covered by this Final Rule, will open approximately 3 new accounts per business day. There are 250 business days per year. (41 financial institutions × 3 accounts per day × 250 business days = 30,750 records per year).

Back to Citation

44.  In past PRA burden analysis, FinCEN estimated that the burden to collect account information as a result of CIP requirements for other types of financial institutions was 2 minutes per new account. However, because CIP is a new regulatory requirement for the financial institutions impacted by this Final Rule, FinCEN will conservatively estimate that the time it takes to collect and document identification and verification information for purposes of CIP is 5 minutes per new account opened. (30,750 records on new accounts × 5 minutes per account and converted to hours = 2,563 annual burden hours).

Back to Citation

45.  FinCEN estimates that it will take each financial institutions impacted by this Final Rule 1 hour to draft and post a CIP disclosure notification for customers (41 financial institutions × 1 hour = 41 hours).

Back to Citation

46.  The current annual burden hours estimate for OMB control number 1506-0026 is 175,560, and 2,645 burden hours will be added to this control number as a result of this rulemaking (175,560 + 2,645 = 178,205).

Back to Citation

47.  Approximately 297 state-chartered non-depository trust companies, 228 non-federally insured credit unions, 12 non-federally insured state-chartered banks and savings and loan or building and loan associations, 1 private bank, and 29 international banking entities will be required to implement beneficial ownership identification procedures as a result of this Final Rule.

Back to Citation

48.  The beneficial ownership final rule recognized a burden of 56 hours to develop the initial procedures (40 hours for small entities). See 81 FR at 29451. Based on FinCEN's data, banks lacking a Federal functional regulator are generally considered small entities. For that reason, FinCEN estimates it will take 40 hours for financial institutions impacted by this Final Rule to develop and document initial beneficial ownership identification procedures. (567 × 40 = 22,680).

Back to Citation

49.  The beneficial ownership final rule recognized a burden of 20 to 40 minutes (average of 30 minutes) to obtain identification records for each legal entity customer. The final rule also estimated that a financial institution would open 1.5 new legal entity accounts per business day. There are 250 business days per year. See id. at 29451 n.191. On December 30, 2019, FinCEN published in the Federal Register a notice of intent to renew without change, information collection requirements in connection with beneficial ownership requirements for legal entity customers. See supra note 30. As a result of public comments received on the notice, FinCEN increased its estimate of the burden from an average of 30 minutes to an average of 80 minutes per new account opened for a legal entity customer. (1.5 accounts per day × 250 days per year = 375 accounts per financial institution). (567 financial institutions × 375 accounts per year = 212,625 accounts per year).

Back to Citation

50.  (212,625 accounts × 80 minutes per account and converted to hours = 283,500 hours).

Back to Citation

51.  The current annual burden hours estimate for OMB control number 1506-0070 is 11,884,700. 306,180 burden hours will be added to this control number as a result of this Final Rule (11,884,700 + 306,180 = 12,190,880).

Back to Citation

[FR Doc. 2020-20325 Filed 9-14-20; 8:45 am]

BILLING CODE 4810-02-P