Is Your Business a Financial Institution?

Nothing more underscores the seriousness of governmental efforts to prevent money laundering than the parade of fines against and settlements by banks and other financial services companies than U.S. Bancorp’s recent agreement to pay $613 million to the U.S. Treasury Department’s Office of Comptroller of the Currency and the Federal Reserve for inadequate anti-money laundering program after U.S. Bancorp failed to detect many suspicious transactions and later sought to conceal its mistakes from regulators. Banks and other financial institutions worldwide now operate in a zero-tolerance regulatory world where governments increasingly demand robust due diligence on prospective and established clients to fight the IMF-estimated $600 billion in yearly global money laundering supporting terrorism, criminal fraud, graft, slavery, and other illegal activity.

 Increasing Regulatory Scrutiny-Opaque Ownership Targeted

The zero-tolerance regulatory world, with international coordination through the Basel Committee on Banking Regulation and Supervisory Practices and the Financial Action Task Force on Money Laundering, has now attacked opaque ownership structures, like beneficial and nominee ownership arrangements, trusts, and bearer securities behind which funds can be more easily laundered “by criminals, kleptocrats, and others looking to hide ill-gotten proceeds to access the financial system anonymously”, according to FinCEN in implementing its new regulations under America’s Bank Secrecy Act. Country regulations, as typified by FinCEN’s “Customer Due Diligence Requirements for Financial Institutions”, now scheduled for implementation May 11, 2018, set increasingly tight standards for identifying owners of such beneficial and nominee owner entities, and mandate customer risk profiles in an effort to stop money laundering.

Increasing AML (anti-money-laundering) and KYC (know your customer) standards make cross-border financial services yet more compliance-challenging when financial institutions (“FI”) follow or accept customers into new national or regional markets with different customs, cultures, laws, and individuals from FI’s traditional markets. Such new markets also invoke additional agency KYC requirements like the Internal Revenue Service’s qualified intermediary withholding agreements involving other countries. AML and KYC requirements therefore greatly and necessarily complicate the expansion of global financial services by adding a significant risk assessment quotient.

 The Definition of a Financial Institution-Broader Than Banks

The definition of financial services providers subject to AML and KYC requirements is broad. That expansive definition means some such covered entities contemplating expansion into other countries or regions may not know they are subject to AML and KYC requirements. Besides the predictable classification of commercial and private banks and trust companies, the requirements also apply to credit unions, thrift institutions, brokers or dealers in securities, insurance companies, investment banks and investment companies, and surprisingly, to travel agencies, pawn brokers, and dealers in precious metals, stones, and jewels, and to auto dealerships and real estate brokers. 

 Best Practices in New Markets

Local customs, practices, and personalities in new jurisdictions where existing or prospective customers operate by acquisitions, mergers, or other business entry strategies, present a more formidable challenge to increasingly strict anti-money-laundering regulation and the KYC requirements designed to identify questionable financial services customers. Compliance professionals must therefore implement and follow ever-evolving best practices. FinCEN has determined such best practices meeting minimum customer due diligence (“CDD”) criteria, include:

 ·    Identifying and verifying the customer’s identity;

·    Identifying and verifying the identity of beneficial owners of a minimum 25 percent individual ownership of legal entity customers (viz., the natural persons who own or control legal entities);

·     Understanding the nature and purpose of the customer relationship; and

·      Conducting continuing monitoring of the customer.

Implementing the CDD criteria against prospective and existing customers presents a practical challenge. FI’s must:

 ·     verify customers’ identity through collection and validation;

·  screen customers’ and associated parties’ names against adverse information databases, including politically exposed persons (“PEP”) and sanctions lists;

·      identify the Ultimate Beneficial Owner (“UBO”) and senior management persons;

·      publish customer records with risk rankings based on strict verification, screening, and validation pro bycesses; and

·      automatically and regularly screen existing customers, and investigate any changes like mergers or acquisition of businesses in such customers’ records.

 Mandatory Risk Assessments in New Markets

Once identified KYC requirements must assess the customer’s AML risk by considering the complexity of the customer’s ownership structure, whether the customer operates in a closely regulated industry like aviation, where the customer is based, and whether that jurisdiction has robust AML regulations or known levels of corruption, whether the customer’s business is cash-based, whether the customer’s ownership structure includes hidden ownership through trusts, nominees, or bearer shares, and whether the FI has a direct, face-to-face relationship with the customer or its ownership.

 The Customer Conundrum

The foregoing CDD and KYC requirements can be time-consuming and difficult for customers to understand and accept. Thomson Reuters’ KYC challenges in 2017: A focus on the impact of global regulations in the United States reported an average 27 days for a Financial Institution to accept a new customer while 12 percent of the survey respondents reported changing banks after experiencing KYC issues, and 26 percent of the respondents criticized “inconsistent requests for information and documents” while 37 percent decried the lack of any common standard during the CDD effort. At bottom, FI’s bear the brunt of much customer frustration.

Besides better communicating the regulatory reasons for such delays and complexity, FI’s must pursue the most effective and efficient CDD processes in their AML and KYC compliance efforts.

 The Future of Compliance

Automation, through algorithmic applications, should inevitably shorten time-consuming CDD procedures. FI’s must, however, regularly monitor such applications while keeping abreast of ever-expanding regulatory requirements in the never-ending cat-and-mouse dynamic between established governments and corrupt individuals, organizations, and rogue regimes. Such efforts, and the predictable complications virtual currencies will generate, require continuing and costly investments in staffing and training. FI’s may take some comfort in knowing robust compliance programs are effectively barriers to entry that help create valuable franchises.  

Although time-consuming and exacting, the CDD and KYC requirements can benefit compliant customers. A rigorous CDD program can help identify customer compliance issues, risks, and other concerns, including Foreign Corrupt Practice Act issues and their counterpart requirements in other jurisdictions, embezzlement, fraud, and other criminal and civil damage.

Originally published by ThomsonReuters © ThomsonReuters.