Compliance Blog

Dec 13, 2021
Categories: BSA

'Tis the Season for BSA Updates

Season greetings, compliance folks! December is already shaping up to be a busy month in terms of Bank Secrecy Act (BSA) updates from the regulatory agencies. Let’s review some recent changes to the BSA landscape:

FFIEC Manual Updates

On December 1, 2021, the Federal Financial Institutions Examination Council (FFIEC) announced changes to their BSA/AML examination manual. The update includes a new section, as well as updates to three existing sections. The FFIEC’s press release states that these updates “should not be interpreted as new requirements or as a new or increased focus on certain areas.”

The new section included in the update is an introduction on customers, which reminds examiners that no specific type of customer “automatically presents a higher risk” of money laundering or terrorist financing (ML/TF) or other illicit financial activity. The section notes that credit unions are not prohibited or discouraged from providing financial services to any class or type of customer. Instead, the FFIEC encourages credit unions to manage and mitigate risks unique to each customer rather than declining to provide services to entire categories of customers. For example, some financial institutions choose not to do business with marijuana related businesses (MRBs) rather than attempting to manage the BSA risks posed by those customers. The new section encourages credit unions to consider if they can manage and mitigate the risks posed by each customer relationship, rather than categorically avoiding entire groups of customers. The manual also states that no particular group or type of customer automatically requires additional customer identification requirements or customer due diligence (CDD) steps. Instead, whether certain customers should be subject to those additional steps will depend on the risk posed by the customer, determined based on gathering information and creating a customer risk profile.

Aside from that new section, the FFIEC also updated sections discussing charities and nonprofit organizations, independent ATM owners/operators, and politically exposed persons. These updated sections include reminders that no particular class or type of customer automatically presents a higher ML/TF risk. They remind examiners that the risks posed will vary from one customer to the next, depending on the facts and circumstances, and that the risks posed by any customer can potentially be managed or mitigated by a credit union through proper BSA policies and procedures.  

FinCEN’s ANPRM on Real Estate

Last week, FinCEN published an Advanced Notice of Proposed Rulemaking (ANPRM) relating to real estate transactions. The regulation does not discuss new requirements for credit unions, and instead discusses imposing BSA requirements on real estate participants who are predominantly exempted from current BSA regulations. Nevertheless, it is still an interesting development. 

The ANPRM noted that the U.S. real estate industry is a target for money laundering, as many participants in the industry are not subject to BSA recordkeeping or reporting requirements. While financial institutions – including credit unions – are subject to FinCEN’s regulatory requirements, the ANPRM specifically discusses “non-financed purchases” of real estate, such as those in which the property is purchased with cash and there is no mortgage or financial institution involved. In those situations, many of the participants in the transaction – such as the real estate agents, settlement attorneys, and more – are not subject to BSA requirements, which means those non-financed purchases could involve money laundering that goes undetected.

The letter discusses how FinCEN’s Geographic Targeting Orders (GTOs) do require title companies in certain geographic areas to report on real estate transactions. However, the ANPRM makes clear that FinCEN is considering expanding the scope of its BSA reporting requirements for the real estate industry beyond just title companies and to apply nationwide.

The ANPRM solicits comments – which are due by early February 2022 – about how rules for the real estate industry should be structured. For example, FinCEN would like to know if the rules should apply to both commercial and residential real estate, which legal entities should be covered, which real estate professionals should be subject to the new rules, whether overlapping requirements should apply to multiple participants in a single transaction or whether only one person should have responsibility for the transaction as determined through a “cascading hierarchy,” and more.

FinCEN’s NPRM on Beneficial Ownership

FinCEN also published last week a Notice of Proposed Rulemaking (NPRM) relating to beneficial ownership requirements. The Proposed Rule spans over 180 pages and implements provisions of the Corporate Transparency Act (CTA), which became law despite a presidential veto back in January 2021. The rule announces that FinCEN plans to issue three separate rulemakings relating to the CTA – one requiring companies to report beneficial ownership information to FinCEN, one implementing other parts of the CTA relating to the creation of a database to store the information reported, and one amending current beneficial ownership regulatory requirements. This NPRM provides the first of those three proposed rulemakings, and thus does not create the FinCEN database or amend the current beneficial ownership rules applicable to credit unions.

The rule will require companies – both domestic companies formed in the U.S., as well as foreign companies that register to do business in the U.S. – to report beneficial ownership and company applicant information to FinCEN. The rules keep the current definition of “beneficial ownership” – that is, a person who either (1) has an ownership interest of 25 percent or more in the company; or (2) exercises “substantial control” over the company. The regulations also add a requirement for companies to report the “company applicant” – that is, the person who files the document which forms the entity (for domestic companies) or who files to register the entity (for foreign companies). Existing companies will be given one year from the effective date of the final regulation to submit their reports to FinCEN. New companies which are formed or registered after the effective date will be given 14 calendar days from the date of formation or registration to report to FinCEN. Changes in the information reported will require an updated report to be filed within 30 calendar days. The proposed rule would provide an exemption for a number of entities, including credit unions, banks, government authorities, money services businesses (MSBs) registered with FinCEN, companies registered with the Securities and Exchange Commission, and more.

Credit unions can expect FinCEN to take further steps to implement the CTA and the Anti-Money Laundering Act of 2020 in the new year. Keep checking the Compliance Blog for additional developments.   


Regulatory Agencies Release Rulemaking Agendas

On Friday, regulatory agencies across the federal government released their Fall 2021 Rulemaking Agendas. These agendas will be covered in more detail in a future post in the Compliance Blog. For now, here are the links:

About the Author

Nick St. John, NCCO, NCBSO, Director of Regulatory Compliance, NAFCU

Nick St. John, Regulatory Compliance Counsel, NAFCUNick St. John, was named Director of Regulatory Compliance in August 2022. In this role, Nick helps credit unions with a variety of compliance issues.

Read full bio