FinCEN drops new marijuana-related business banking data
The Financial Crimes Enforcement Network (FinCEN) is a bureau in the U.S. Department of Treasury. Last week, it published updated Marijuana Related Business (MRB) Metrics. The metrics are current through December 2024. The update was a little surprising, in the sense that FinCEN seemed to abandon its regular reporting of quarterly statistics back in 2022. It could be less surprising if you consider that these publications have always been FOIA-driven. Likely, FinCEN is just catching up on some compliance obligations.
The reporting obligations re: cannabis transactions seem pointless
The FinCEN metrics aggregate data in the form of "suspicious activity reports" from banks and credit unions, with respect to MRBs. As I've explained elsewhere:
The term "MRB" is used pervasively in cannabis banking, yet this term is not defined in the moldering 2014 Financial Crimes Enforcement Network "FinCEN" Guidance. It's also not defined in the 2020 National Credit Union Administration Guidance on banking hemp-related business (which my law firm helped create) or the 2020 FinCEN Guidance on that related topic.
That snippet is two years old; however, the FinCEN Guidance is still moldering today. Consider that when it was published, only four U.S. states had voted to legalize recreational marijuana, and few, if any, financial institutions ("FIs") were openly banking the industry. I know this because we set up the first credit union MRB program in Washington State, back in 2015. So maybe "moldering" is a euphemistic term for the FinCEN guidance.... Really, it's old as dirt.
Anyway, the FinCEN Guidance gives directives to financial institutions that wish to bank MRBs, consistent with the Department of Justice's 2014 Guidance Regarding Marijuana Related Federal Crimes. Specifically, FinCEN directed these financial institutions to detect, monitor and report specific transactions.
The federal government has put FIs in a truly awkward position on MRBs. Bank Secrecy Act / Anti-Money Laundering ("BSA/AML") compliance is a significant undertaking for FIs even outside the cannabis space. However, the FinCEN Guidance bumps things up a level by essentially deputizing FIs as federal law enforcement auditors. FinCEN requires FIs to monitor their MRB customers and members, including what they sell and to whom, and to watch for indicia of adverse information.
These FI obligations commence immediately and ensue perpetually. Specifically, the FI is required to file an initial [Suspicious Activity Report] within 30 days of onboarding an MRB. The FI must also file continuing SARs every 90 days after that, in addition to "marijuana limited", "marijuana priority" and "marijuana termination" SAR filings, as needed, based on any number of events – or suspected events – set forth in the 2014 FinCEN Guidance. To say nothing of all the currency transaction reports ("CTRs").
These filing obligations, and all of the software and training that goes with them, are frequently cited by FIs as a primary justification for the increased fees paid by MRBs. Law enforcement may hardly be acting on them, but FIs need to comply regardless.
I want to emphasize that last sentence today, because it becomes more relevant with each passing year. Law enforcement doesn't appear to act on any of this MRB data, now or historically. That begs two, related questions for me: 1) Why are FIs still required to do this reporting, 11 years on?, and 2) Why hasn't the FinCEN Guidance been updated, or rescinded?
Those questions are rhetorical, of course, unless you are Treasury official, in which case I really want to know! I'm guessing bank shareholders and credit union members would also like to know, because all of this paper pushing likely has no effect beyond downward pressure on margins. Cannabis businesses would definitely like to know, because it's a big expense driver for them.
What the recent FinCEN data actually says
While we wait to hear back from someone at the Treasury, I should also take this opportunity to explain what FinCEN's latest dump reveals. These reports have always been somewhat helpful as a snapshot of the MRB banking market, although that was not their intended purpose.
Here are three key takeaways, for me:
- Roughly 80% of SARs are "marijuana limited" SARs, where the FI is not reporting suspicious activities. The FI is just saying "hey, FinCEN, here is a marijuana transaction!" And FinCEN is doing jack-all about it.
- Roughly 13% of SARs are "marijuana termination" SARs. This is a filing that indicates an FI has de-banked someone. The FI is supposed to indicate in a narrative portion of the SAR exactly why the client or member has been de-banked (which they generally do, so that FinCEN can do jack-all about it). Further, if the FI becomes aware that the MRB is trying to move to another FI, it is supposed to consider alerting that second institution under the Patriot Act's 314(b) voluntary information sharing. I'm not sure if anyone is doing that.
- Overall, the number of SARs filed by FIs continues to rise, essentially doubling from 2015 to 2024. The number of FIs in the cannabis space has also risen, but far less dramatically. Still, we're at 182 credit unions filing SARs in 2024, and 816 banks going into 2025. This lends credence to my long-standing argument that (basic) banking services are available to pretty much everyone in the state-level marijuana space who actually wants them, and the bigger problem is payment processing.
Cannabis Banking: Thoughts on FinCEN's Latest Report
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
