United States: FinCEN Adopts Customer Due Diligence Requirements For Financial Institutions (Fed. Reg.)

On May 11, 2016, the Financial Crimes Enforcement Network ("FinCEN") issued the final version of the long-awaited "Customer Due Diligence Rules," which now require covered financial institutions to identify and then verify the identities of the beneficial owners of legal entities customers.

The Customer Due Diligence Rules, which were proposed initially in August 2014, clarify and strengthen customer due diligence requirements for (i) banks, (ii) brokers or dealers in securities, (iii) mutual funds, and (iv) futures commission merchants and introducing brokers in commodities. The rules that were issued in the final version will become effective as of July 11, 2016, although covered financial institutions are not required to comply with them until May 11, 2018.

Specifically, the final rules regarding beneficial ownership now require financial institutions to:

• identify and verify the identities of the beneficial owners of all legal entity customers (other than those that are excluded) at the time when a new account is opened (with the exception of exempted accounts);
• maintain records of obtained beneficial ownership information that comply with their customer identification program ("CIP") rule and are as extensive as other required records under that rule; and
• use beneficial ownership information in the same ways in which they use other information regarding customers (e.g., through compliance with CIP requirements), including using the information to (i) comply with the Office of Foreign Assets Control regulations, and (ii) meet currency transaction reporting aggregation requirements.

The rules also amend anti-money laundering program requirements for each category of covered financial institutions in order to include explicit risk-based procedures for conducting ongoing customer due diligence. These due diligence amendments require covered financial institutions to (1) understand the nature and purpose of customer relationships in order to develop customer risk profiles, and (2) conduct ongoing monitoring in order to report suspicious transactions, and to maintain and update customer information. FinCEN emphasized that these provisions do not impose the categorical requirement that financial institutions update customer information on a continuous or periodic basis. Instead, the updating requirement is event-driven and should occur as the result of normal monitoring.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.