United States: Fincen Proposes Fifth BSA Pillar

On July 30, 2014, The Financial Crimes Enforcement Network (Fincen) Issued A Notice Of Proposed Rulemaking (The Proposed Rule) To Clarify And Strengthen Customer Due Diligence (CDD) Requirements As A Fifth Pillar Under The Bank Secrecy Act (BSA) For Banks And Other Covered Financial Institutions. Under The Proposed Rule, Covered Financial Institutions Would Be Required For The First Time To Identify And Collect Information On The Beneficial Owners Of Their Legal Entity Customers.

U.S. Policymakers, Including Treasury,1. Seeking To Balance Privacy2 Concerns With Transparency And Alignment With The Financial Action Task Force (FATF) Recommendations,3 United States G-8 Action Plan For Transparency Of Company Ownership And Control4 And Pending Rulemaking At The European Union,5 Have Proposed A Risk-Based Approach, To Be Adopted By A Covered Financial Institution's Board Of Directors. The Four Elements Of The CDD In The Proposed Rule Align With The Approach Set Out In The FATF Recommendations.

The Proposed Rule Follows The March 5, 2012 Issuance Of An Advance Notice Of Proposed Rulemaking By Fincen Regarding CDD, And Included Input From The Financial Services Industry, Lawmakers And Policymakers. The Proposed Rule, And Related Guidance That Followed, Make It Clear That The Financial Industry Must Cooperate In Illuminating The Less-Than-Transparent World Of Corporate Ownership. The Proposed Rule And Subsequent Guidance Make It Clear That The Board Of Directors And Senior Executive Officers Of A Covered Financial Institution Are Responsible For Adopting CDD Procedures That Are Efficacious With Respect To The Institution's Current Mix Of Products, Services And Customers, And That Those Procedures Must Be Tested By An Independent And Competent Party. Before A Board Approves The Distribution Of A New Line Of Products And Services, Or The Acquisition Of An Entity That Has A Mix Of Products, Services, And Customers That Represent A New Level Of Risk, It Must Independently Test The Current AML System And Controls To Confirm That The Existing Control Environment Is Sufficiently Robust To Handle The New Risks.

The Key Thrust Of The Proposed Rule Is That, For The First Time, U.S. Banks, Brokers, Dealers, Mutual Funds, Commodity Futures Merchants And Introducing Brokers Must Have Systems In Place To: (I) Collect Information And (Ii) Maintain Records Of The Information On Individuals Who Hold 25 Percent Or More Of An Interest In A Customer Or Who Otherwise Control The Customer. Bank Customers Should Be Prepared To Cooperate Regarding Information Requests That Are Or Will Be Made By Covered Financial Institutions.

In Promulgating The Proposed Rule, Fincen Designates Four Core Elements As Being Critical To CDD Within An Effective BSA/AML Program:

  1. Identifying And Verifying The Identity Of Customers
  2. Identifying And Verifying The Beneficial Owners Of Legal Entity Customers
  3. Understanding The Nature And Purpose Of Customer Relationships, And
  4. Conducting Ongoing Monitoring To Maintain And Update Customer Information And Identify And Report Suspicious Transactions.

Fincen Acknowledges That The First, Third And Fourth Elements Are Already Addressed By The Customer Identification Program (CIP) And Other Regulatory Requirements Imposed Under Current BSA/AML Regulations, And It Makes A Pointed Effort To Reinforce Their Importance. The Second Element Commands More Of Fincen's Attention Because It Would Be Established Under A New Section Of The BSA/AML Regulations. For Compliance With The Second Element, The Proposed Rule Would Require Covered Financial Institutions To Revise Onboarding Procedures Covering Legal Entity Customers To Identify Their Beneficial Owners And, To The Extent Practicable, Verify The Identities Of Those Owners By The Same Risk-Based Methodology Employed For Verifying Customers Who Are Individuals.

In The Interest Of Reducing Compliance Burden, The Proposed Rule Includes In An Appendix A Standard Certification Form For Verifying The Identity Of Beneficial Owners. This Certification Regarding Beneficial Owners Of Legal Entity Customers Would Standardize Collection Of Beneficial Ownership Information And Permit Reliance On The Information Obtained From An Individual When The Financial Institution Opens A New Account For A Legal Entity Customer.

The Proposed Rule Is Open For A 60-Day Comment Period, Beginning August 4, 2014, And Fincen Particularly Seeks Comment From The Financial Services Industry Concerning:

  • Whether Financial Institutions Should Be Subject To A Mandated Timeframe For Updating Beneficial Ownership Information, And
  • If A Definition Of A "Customer-Risk Profile" Is Needed.

The Effective Date Of The Proposed Rule, Once Adopted, Is Expected To Be One Year From The Publication Of The Final Rule.

Pepper Points

  • Bank Customers Should Anticipate That A Covered Institution's Due Diligence Process Will Become More Rigorous Even Before The Rule Becomes Final. State And Federal Prosecutors Have Recently Been Critical Of Opaque Corporate Structures That Have Obscured The True Ownership Of Corporate Entities, Particularly In Business Lines That Regulators Consider As High Risk. Prosecutors Have Complained That Such Structures Have Hindered Their Ability To Track Down And Prosecute The Individuals That Control Corporate Entities In High-Risk Businesses. As A Result, Some Covered Financial Institutions Have Begun Increasing Their Due Diligence.
  • Independent And Competent Testing Of A Covered Financial Institution's BSA/AML Compliance Program Is Mandatory. When Embarking On Distribution Of New Products And Services Or Acquisition Of An Entity That Distributes Products And Services With A Riskier Profile, It Is Mandatory To Conduct Independent Testing Of The Control Environment To Confirm That Controls Are In Place Before The Covered Entity Assumes Responsibility For Distributing Products With A Riskier Profile.
  • CDD, Along With Collection Of Customer Information And Monitoring Of Accounts And Relationships, Has Always Been Part Of An AML Program. We Suspect The Elevation Of CDD To A Fifth Pillar Is Meant To Suggest To Senior Executives And Board Members That CDD Is Now An Explicit Requirement Subject To Enforcement If CDD Program Failure Occurs.
  • Fincen's Proposed Rule Will Require Changes To Legal Entity Customer Onboarding Procedures At Financial Institutions At A Time When Other Regulatory Agencies Are Also Taking Actions Affecting The Onboarding Of Certain Customers. For Example, The OCC Recently Revised Certain Of Its Guidance To Clarify Financial Institutions' Onboarding Procedures For Third-Party Payment Processor Customers.
  • A CIP-Exempt Customer Must Be Monitored, As The Customer's Activity And Risk Level Can Change Over Time.
  • One Major Concern Expressed By Many Financial Institutions In Hearings And Comments Leading Up To The Issuance Of The Proposed Rule Was That Verifying The Status Of A Person As A Beneficial Owner Of An Entity Would Often Be Prohibitively Costly And Impracticable. Fincen Has Accommodated This Concern By Requiring Financial Institutions Solely To Verify The Identity Of Beneficial Owners Consistent With Existing CIP Practices.
  • Just As A Financial Institution May Rely On Another Financial Institution To Conduct CIP Procedures For A Shared Customer, So The Proposed Rule Allows Similar Reliance For Identification And Verification Of Beneficial Owners, Including Completion Of The Standard Certification Form.
  • The Proposed Rule Would Apply Only To Legal Entity Customers That Open New Accounts After The Effective Date (I.E., One Year After The Final Regulation Is Published) And Would Not Require Financial Institutions To Look Back At Pre-Existing Accounts. However, If The Risk Profile Of An Existing Customer Changes And Requires Enhanced Due Diligence (EDD), It Would Be Prudent To Go Back And Complete The New Form And Then Move On To Perform EDD On The Customer.
  • Tracking Existing CIP Guidance, Fincen Has Decided To Exempt From The Beneficial Owner Requirements Accounts Maintained By Trusts, As Well As Accounts Maintained By Intermediaries For The Primary Benefit Of Others. However, Fincen Appears To Be Inclined To Apply Those Requirements, At Least In Some Modified Form, To Pooled Investment Vehicles, Such As Hedge Funds.
  • Pepper Lawyers Have Been Very Active In Counseling And Defending Clients With Respect To The Bank Secrecy Act.
  • Freeh Group International Solutions, LLC Has Significant Experience Designing AML Systems As Well As Performing Independent Review And Monitoring Of AML Systems Including AML System "Look Back" Reviews Required By Prudential Regulators.


1.See: Fincen Advisory To United States Financial Institutions On Promoting A Culture Of Compliance. On August 11, 2014, Fincen Further Sharpened Its Focus On Eradicating Shortcomings In BSA/AML Compliance Programs By Issuing Advisory FIN-2014-A007, Which Encourages Financial Institutions To Strengthen Their BSA/AML Compliance Culture Through Promotion Of Active Leadership, Elevation Of Deficiency Mitigation Over Revenue Interests, Sharing Of Relevant Departmental Information With Compliance Staff, Adequate Funding Of The Compliance Function, Independent And Competent Testing Of The Compliance Program, And Thorough Training Of All Personnel.Http://Www.Fincen.Gov/Statutes_Regs/Guidance/Pdf/FIN-2014-A007.Pdf.

Also See: August 12, 2014 Remarks Of Jennifer Shasky Calvery, Director, Fincen To 2014 Mid-Atlantic AML Conference, Washington, DC (Http://Www.Fincen.Gov/News_Room/Speech/Pdf/20140812.Pdf).

Also See: Comment By FDIC's Associate Director Of AML, Lisa Arquette (August 12, 2014): "Searching For Revenue, Banks Are Taking On Products And Services, Even Acquisitions That They Don't Have AML Controls In Place To Handle."

Also See: Pepper Hamilton Financial Services Client Alert: "One Big Misunderstanding: FDIC Clarifies That Caution On Higher-Risk Activity Is Not A Prohibition On Third-Party Payment Processor Relationships" (August 5, 2014).

2.Fincen Has Decided To Exempt From The Beneficial Owner Requirements Accounts Maintained By Trusts, As Well As Accounts Maintained By Intermediaries For The Primary Benefit Of Others. However, Fincen Appears To Be Inclined To Apply Those Requirements, At Least In Some Modified Form, To Pooled Investment Vehicles, Such As Hedge Funds. The Debate Over The Degree Of Transparency That Should Be Accorded Beneficial Ownership Is Not New. Its Roots Reach Back At Least As Far As The Evolution Of The Privacy Provisions Of The Gramm-Leach-Bliley Act, Which Witnessed A Concerted Effort To Balance The Need To Have Financial Institutions Inform Trust Beneficiaries Of Their Right To Privacy As "Customers" Of A Bank, Therefore Requiring A Bank To Issue Privacy Notices And "Opt Out Rights," Against The Recognition That Such An Approach Might Violate The Good And Legal Purpose The Trust Settlor Had In Mind In Concealing From The Beneficiaries The Existence Of The Trust.

3. FATF Is An Independent Inter-Governmental Body That Includes The United States As A Member. FATF Is Due To Evaluate The United States In Late 2015 Or 2016, Respecting United States Standards Of Anti-Money Laundering And Counter-Terrorist Financing. In 2006, FATF Found That The United States Did Not Have Appropriate Requirements In Place To Require Covered Financial Institutions To Assess The Risk Of The Business Relationships Of Customers Or Beneficial Owners Of Customers To Prevent The Misuse Of The Financial System And That The United States Should Strengthen Its Customer Identification Requirements, Particularly In The Identification Of Beneficial Owners.

4. United States G-8 Action Plan For Transparency Of Company Ownership And Control (White House Press Release, June 18, 2013).

5. The European Parliament On March 11, 2014 Adopted The EU's Proposed Fourth Anti-Money Laundering Directive, Which Will Require The Ultimate Owners Of Companies And Trusts To Be Listed In Public Registers In EU Countries.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Richard P. Eckman
Frank A. Mayer, III
Walter Donaldson, II
Similar Articles
Relevancy Powered by MondaqAI
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions