The National Defense Authorization Act, a 4,517-page bill that contains a sweeping overhaul of the Bank Secrecy Act (BSA) and other requirements under U.S. anti-money laundering laws, is expected to become law next week if the U.S. House of Representatives and the U.S. Senate override a veto by President Trump. Once law, it will represent the most significant set of BSA/AML reforms since the USA PATRIOT Act.

A major focus of the Act is to modernize the U.S. BSA/AML regime to respond to new and emerging threats, to improve coordination and information sharing among various governmental agencies, and to fundamentally alter existing practices relating to the collection and reporting of beneficial ownership information.

Below is a summary of key changes. A more comprehensive review will follow on certain components of the Act, including on the beneficial ownership and whistleblower provisions and related rulemakings to be issued by the U.S. Treasury Department.

Collection of Beneficial Ownership Information

Perhaps the most important feature of the Act's BSA/AML overhaul is the modernization of how beneficial ownership information is to be collected and reported. According to the “sense of Congress” included in the legislation, most states do not require information about the beneficial owners of entities formed under their laws; money launderers and other “malign actors” use shell companies and investment conduits to evade detection, layering themselves “much like Russian nesting ‘Matryoshka' dolls”; and a federal approach is necessary to protect vital U.S. national security interests and “bring the United States into compliance with international anti-money laundering and countering the financing of terrorism standards.”

The Act will fundamentally alter existing practices, which have effectively required banks and other financial institutions to serve as information-gathering middlemen between their customers and law enforcement agencies.

  • FinCEN Database of Beneficial Owners—The Act requires certain U.S. companies (e.g., corporations, limited liability companies, or similar entities) and companies doing business in the United States (collectively, “reporting companies”) to report information regarding their beneficial ownership to Treasury's Financial Crimes Enforcement Network (FinCEN). Newly formed companies would report such information at the time of incorporation. Reporting companies that subsequently experience a change in beneficial ownership would have to provide FinCEN with updated information within one year.
    • Reporting Companies; Exclusions—The Act excludes a range of companies from the reporting requirements, including public companies, as well as companies that meet the following criteria: (i) have more than 20 full-time employees, (ii) report more than $5 million in yearly revenue to the Internal Revenue Service, and (iii) have an operating presence at a physical office within the United States. Other entities excluded are banking organizations (e.g., banks, credit unions, bank holding companies, savings and loan holding companies), FinCEN-registered money transmitters, SEC-registered broker-dealers, SEC-registered investment companies and investment advisers, and insurance companies. A pooled investment vehicle (which includes a fund or other vehicle that would be an investment company, but for the exclusion under Section 3(c)(1) or Section 3(c)(7) of the Investment Company Act of 1940 and which is identified by name in its investment adviser's SEC Form ADV) is excluded from the reporting company definition if it is operated or advised by a bank or credit union, an SEC-registered broker-dealer, or an SEC-registered investment company or investment adviser.
    • Beneficial Owners—A “beneficial owner” is any person who, directly or indirectly, (i) owns 25% of the equity interests or (ii) exercises substantial control over the entity. What constitutes “substantial control” is unclear, as the term is not defined by the Act. It is also unclear whether the term will be interpreted similar to FinCEN's current Beneficial Ownership Rule, which finds control exists where there is a “a single individual with significant responsibility to control, manage, or direct a legal entity customer.”
    • Required Information—For reporting companies, information to be reported includes the names, dates of birth, addresses, and unique identifying numbers (e.g., driver's license or passport numbers) of their beneficial owners.
  • Usage and Disclosure—FinCEN will maintain a non-public database of the beneficial ownership information collected. An individual or entity that provides beneficial ownership information to FinCEN may request the issuance of a “FinCEN identifier,” which may be supplied to a reporting company for its use in reports to FinCEN. The Act sets forth a number of provisions relating to authorized disclosure by FinCEN of beneficial ownership information. For example, FinCEN may, with the consent of a reporting company, disclose beneficial ownership information to a financial institution to facilitate such institution's compliance with customer due diligence requirements.

Whistleblower Program for BSA/AML Violations

The Act creates a whistleblower reward program with new incentives and protections for the reporting of potential BSA/AML violations to the U.S. government. It is generally similar to the Securities and Exchange Commission's whistleblower program established under the Dodd-Frank Act.

  • Whistleblowers—Rewards will be offered to whistleblowers who voluntarily provide original information to their employer, Treasury, or DOJ on possible BSA violations, provided that tips lead to successful enforcement actions and where the monetary sanctions exceed $1 million. Whistleblowers may report violations anonymously and qualify for rewards if represented by counsel.
  • Award Amounts—Whistleblowers can receive up to 30% of the monetary penalties collected in an enforcement action brought by Treasury or DOJ and from related actions. Prior to the Act, rewards were completely discretionary and capped at the lesser of $150,000 or 25% of the fine or penalty. Reward amounts will be determined by various factors, such as the significance of the information and the degree of assistance from the tipster.
  • Protection and Remedies—The Act prohibits various retaliatory acts by employers, including demotion, suspension, and industry blacklisting. The Act creates a private right of action for whistleblowers who have suffered retaliation for disclosing potential BSA violations. A prevailing whistleblower is entitled to reinstatement; double back pay with interest; uncapped compensatory damages, which includes emotional distress damages; and reasonable attorney fees and litigation expenses; and any other appropriate remedy with respect to the conduct that is the subject of the complaint or action. Notably, the Act's anti-retaliation provision does not apply to employers subject to the whistleblower protection provisions of Section 33 of the Federal Deposit Insurance Act (applicable to insured depository institutions) or Section 213 or 214 of the Federal Credit Union Act (applicable to credit unions).

Stricter Penalties for BSA/AML Violations

The Act imposes significant penalties for companies and individuals violating BSA/AML requirements:

  • Return of Profits and Bonuses—Persons who are convicted of violating a BSA provision or rule shall be, in addition to any other fine imposed, fined in an amount “equal to the profit gained by such person by reason” of the violation. In addition, if the person is a director, officer, partner, or employee of a U.S. financial institution at the time the violation occurred, then such person must repay any bonus paid out during the calendar year in which the violation occurred or the following calendar year.
  • Repeat Offenders—The Act authorizes Treasury to impose an additional civil penalty for each additional violation of any BSA provision or rule (but only if occurring after the date on which the Act is enacted) of the greater of (i) three times the profit gained or loss avoided as a result of the violation (if practicable to calculate) or (ii) two times the applicable maximum penalty for the violation.
  • Egregious Violations—Persons determined to have engaged in “egregious” violations of the BSA/AML laws would be barred from serving on the board of directors of a U.S. financial institution for 10 years from the date of the conviction or judgment reflecting the relevant determination. For this purpose, egregious violations are those for which an individual is convicted where the maximum term of imprisonment is more than one year, and a civil violation where the individual willfully committed a violation and such violation facilitated money laundering or the financing of terrorism.
  • Concealment Violations—The Act prohibits persons from knowingly concealing, falsifying, or misrepresenting, or attempting to conceal, falsify, or misrepresent, from or to a financial institution, a material fact concerning (i) the ownership or control of assets involved in a monetary transaction if the persons or entities owning or controlling the assets are senior foreign political figures (or any immediate family member or close associate of such persons) and the aggregate value of the assets involved is at least $1 million, or (ii) the source of funds in a monetary transaction involving an entity of primary money laundering concern and violating prohibitions or conditions under 31 U.S.C. § 5318A(b)(5). In such cases, penalties for violating the prohibitions include imprisonment for up to 10 years, fines up to $1 million, or both.

Suspicious Activity Reporting (SAR) and Currency Transaction Reporting (CTR)

The Act contains a number of provisions on suspicious activity reports and currency transaction reports:

  • Streamlining and Improving SARs and CTRs—In imposing any requirement to submit SARs, Treasury must consider the burdens to reporters and the benefits derived from such reports. The Act requires FinCEN, in consultation with other regulators, to establish streamlined, including automated, processes to permit the filing of noncomplex SARs by financial institutions. In addition, Treasury must undertake a formal review of SAR and CTR requirements and current reporting thresholds, including a review of possible exemptions to reduce reports that may be of little or no value to law enforcement agencies. The Act also requires FinCEN to publish, at least semiannually, information on threats and threat patterns to assist in the preparation, use, and value of SARs and other reports.
  • Sharing of SAR Information with Foreign Offices—The Act requires Treasury to issue rules establishing a program in which financial institutions will be permitted to share information contained in SARs, including the fact that a SAR has been filed, with its foreign branches, subsidiaries, and affiliates. However, a financial institution will not be permitted to share SAR information with offices located in China, Russia, and certain other jurisdictions.

Greater Information Sharing and Coordination

Several provisions of the Act are designed to improve information sharing:

  • FinCEN Exchange—The Act establishes the “FinCEN Exchange” to facilitate a voluntary public-private information sharing partnership among law enforcement agencies, national security agencies, financial institutions, and FinCEN.
  • Rotations, Attaches, Liaisons, etc.—The Act directs Treasury to take steps relating to a personnel rotation program between regulators and law enforcement agencies and appoint various Treasury attachés and domestic liaisons to improve coordination and consistency of supervisory and enforcement goals.
  • State Participation—The Act requires Treasury, as appropriate, to invite state banking supervisors to participate in the interagency consultation and coordination with federal depository institution regulators regarding the development of regulations.

The importance of information sharing was highlighted by FinCEN Director Kenneth Blanco in a speech on December 10, 2020, at a virtual conference of the American Bankers and American Bar Associations. Mr. Blanco announced an update to FinCEN's fact sheet on Section 314(b) of the USA PATRIOT Act, which provides a safe harbor for circumstances in which financial institutions share information with one another. The fact sheet expands the types of information that can be shared under Section 314(b), including information related to activities that may involve possible terrorist activity or money laundering even if such activities do not constitute a “transaction.”

Expansion of the BSA's Coverage and Priorities

The Act makes a number of changes to the BSA's coverage and related supervisory priorities:

  • Virtual Currency—The Act includes important amendments to the BSA to capture virtual currencies and other digital non-cash substitutes within various definitions, including by expanding the BSA's money transmitter registration requirements to encompass the transmission of “value that substitutes for currency.”
  • Antiquities—Dealers in antiquities (including advisors, consultants, or other persons who engage as a business in the solicitation or the sale of antiquities) will be subject to the BSA by being included within the definition of “financial institution.” The change would be effective upon Treasury's issuance of final rules. The Act also requires Treasury to conduct a study of the facilitation of money laundering through the trade in works of art.
  • Foreign Bank Records—The Act grants Treasury and DOJ broad authority to subpoena records from any foreign bank that maintains a correspondent account in the United States that are the subject of any investigation of a criminal nature or investigation into certain BSA/AML violations. While under existing law, subpoenas may be issued to any foreign bank that maintains a U.S. correspondent account for records related to such account, the Act expands existing authority to include “any records relating to the correspondent account or any account at the foreign bank, including records maintained outside the United States” (emphasis added). The Act prohibits various persons associated with a foreign bank from notifying any account holder involved or any person named in such subpoena.
  • National Exam and Supervision Priorities—The Act requires Treasury, in consultation with DOJ, federal functional regulators, relevant state financial regulators, and relevant national security agencies, to publish AML/CFT priorities within 180 days of the Act's enactment. These priorities, which would be aligned with national security priorities, are to be updated at least every four years and incorporated into financial institutions' AML/CFT compliance programs.
  • No-Action Letters—The Act directs FinCEN to assess whether it should establish a no-action letter process for responding to inquiries on the application of BSA/AML laws or regulations to specific conduct.
  • Mandated Studies and Reports—The Act requires several studies and reports on topics of emerging importance, including on the role emerging technologies can play in assisting with and potentially enabling the laundering of proceeds from trafficking, illicit financing risks emanating from China, and trade-based money laundering. The Act also requires a report on the drivers and adverse consequences of “de-risking” in the financial services sector.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.