The January 2021 enactment of the Anti-Money Laundering Act (AMLA) and Corporate Transparency Act (CTA) ushered in the most significant reform to U.S. money laundering laws since the U.S. Patriot Act of 2001. Both will have a lasting impact on the way financial institutions execute their anti-money laundering (AML) and countering the financing of terrorism (CFT) compliance programs.
With the Treasury Department required to issue implementing regulations by the end of this year, financial institutions need to immediately begin planning changes to ensure their AML/CFT programs can adapt when the new rules go live. Necessary steps to accommodate new national priorities will range from a thorough review of your risk assessment methodology to revisions of policies, procedures, and controls.
Setting AML/CFT Goals for National Security
The changes to the current regulatory framework set forth in the AMLA and CTA reemphasize that combating money laundering is not only an end in itself but a key tool in meeting national security objectives.
With this in mind, the AMLA’s primary goals are:
- Strengthening the Treasury Department’s programs for financial intelligence, AML, and CFT by promoting risk-based approaches and by promulgating rules addressing emerging threats;
- Modernizing and strengthening the AML/CFT system;
- Improving coordination, information sharing, oversight, and processes among financial crimes regulators and financial institutions; and
- Promoting corporate transparency by establishing a beneficial ownership database and reporting requirements.
Establishing Priorities for Government and Industry
Changes that would strengthen financial intelligence, AML, and CFT programs include:
- A clear delineation of national priorities that will allow covered institutions to streamline their allocation of resources and take a fully risk-based approach to AML/CFT compliance. Published in June by the Treasury Department, in consultation with the Attorney General and other federal regulators, these national priorities include corruption, cybercrime (including cybersecurity and cryptocurrency considerations), terrorist financing, international terrorism, domestic terrorism, fraud, transnational criminal organization activity, drug trafficking organization activity, human trafficking and smuggling, and financing the proliferation of nuclear and other weapons. Treasury will be required to promulgate implementing regulations, guidance and compliance requirements for these priorities, which are to be updated at least every four years, by December 31, 2021;
- Mandating that financial institutions incorporate the new requirements into their risk-based AML/CFT programs, policies, and procedures. Their ability to effectively implement these priorities will become a key supervisory focus and be a core element of regulatory examinations;
- Aligning Treasury’s priorities with key wording changes to the Bank Secrecy Act’s (BSA) records and reports provisions, which, among others, replace “international terrorism” simply with “terrorism”;
- Expanding the Financial Crimes Enforcement Network’s (FinCEN) scope through revisions to BSA definitions and money transmitter registration requirements that specifically include “value that substitutes for currency.” This acknowledges the potential AML/CFT risk of virtual currencies and makes it a top priority to update the AML/CFT regulatory framework to combat their illicit use;
- Similarly, the AMLA heralds regulations subjecting dealers in antiquities, including advisors and consultants, to the BSA’s definition of “financial institution,” thereby recognizing the susceptibility of such high-value transactions to AML/CFT schemes. The AMLA goes further by requiring Treasury to assess applicability of the BSA to art dealers and conduct a study of money laundering through the art trade in conjunction with the Attorney General, Federal Bureau of Investigation (FBI), and Department of Homeland Security; and
- Strengthened FinCEN through the establishment of domestic liaisons to perform outreach to financial institutions, as well as foreign financial intelligence unit liaisons.
Modernizing the AML/CFT System
Changes to strengthen the AML/CFT system include:
- Annual reporting by the Attorney General to Treasury on the use of information derived from BSA reporting by financial institutions, for consideration in future revisions to BSA reporting requirements;
- Additional considerations for suspicious activity report (SAR) requirements, including the stipulation that reports requested by Treasury and submitted by financial institutions be guided by Treasury’s priorities and financial institutions’ AML/CFT program priorities and risk assessments;
- A requirement for Treasury to submit a report to Congress by January 1, 2022, evaluating changes to reduce unnecessarily burdensome currency transaction (CTR) and SAR reporting requirements;
- A second report from Treasury by the same date to evaluate whether transaction amounts and aggregate dollar thresholds for CTRs and SARs should be adjusted;
- A semi-annual report from FinCEN about the preparation, use, and value of BSA reports including SARs and CTRs;
- Establishment of a “Subcommittee on Innovation and Technology” and issuance by Treasury, at a date to be determined, of rules guiding financial institutions’ testing of their BSA compliance, resulting in an update to the Federal Financial Institutions Examination Council Manual;
- Issuance of a rule by January 1, 2022, establishing a pilot program for the sharing of SARs within a financial group; and
- Formal review of the BSA by Treasury resulting in a report to Congress by January 1, 2022, on the need for changes to regulations and guidance.
Strengthening Coordination and Enforcement
Changes to improve coordination, information sharing, oversight, and processes among financial crimes regulators and financial institutions include:
- Improving interagency consultation and coordination by inviting state bank and credit union supervisors to participate in the development of rules and regulations alongside federal depository insurance regulators;
- Amending the FinCEN director’s duties to emphasize consistent communication with federal regulators while creating a feedback loop with financial institutions and state banking regulatory authorities;
- Requiring the FinCEN director to assess whether to implement a formal process for issuing no-action letters1 in response to inquiries about application of AML laws or regulations to specific conduct, to foster timely and efficient coordination between FinCEN and federal regulators;
- Setting annual mandatory training requirements for BSA federal examiners to ensure their alignment with Treasury regarding potential AML/CFT findings including risk profiles and warning signs, financial crimes patterns and trends, the need for AML/CFT programs, and the risks they are intended to mitigate;
- Empowering the Treasury Department and Attorney General to issue subpoenas for financial information to any foreign bank with a correspondent account in the U.S. and request records relating to any account at the foreign bank (versus the need for protracted requests under mutual legal assistance treaties);
- Allowing for additional damages for repeat BSA offenders; and
- Updating whistleblower protection and incentives from a previous cap of $150,000 to up to 30% of the monetary sanctions imposed, a significant change that may spark a surge of whistleblower complaints within financial institutions akin to the wave seen by the Securities and Exchange Commission in the last decade.
Collecting Beneficial Ownership Information
The establishment of a beneficial ownership database and reporting requirements shifts focus from registered agents to beneficial owners to address the use of shell companies as conduits for money laundering and terrorist financing. The change responds to several congressional concerns, including these conclusions:
- Most or all states do not require beneficial ownership information at time of incorporation;
- Illicit activity is facilitated through the concealment of beneficial ownership by “malign actors”;
- Financial criminals and those financing terrorism through commercial activity evade detection by conducting transactions through complex corporate structures; and
- Federal legislation is needed to protect U.S. national security interests by collecting beneficial ownership information for corporations, limited liability companies, and other entities.
The CTA, contained within the AMLA, aims to increase corporate transparency and bring the U.S. into compliance with international AML/CFT standards by:
- Calling for Treasury to promulgate regulations governing the reporting of beneficial ownership information by January 1, 2022, and revise FinCEN’s customer due diligence rules within two years;
- Requiring reporting companies to provide FinCEN identifying information for any individual who, directly or indirectly, owns or controls 25% of the company’s ownership interests or otherwise exercises “substantial control” over the company, within two years of the effective date of Treasury’s beneficial ownership rules. This requirement excludes financial institutions and primarily affects smaller corporations with less than 20 employees and annual revenues under $5 million;
- Requiring that newly incorporated companies report beneficial information upon incorporation and mandating that updates to beneficial ownership information be made as they occur; and
- Calling for information to be provided in a consolidated manner, to be classified in a database maintained by FinCEN. The database will not be made publicly available although FinCEN may share information with law enforcement and financial institutions, at their request.
The Takeaway
The AMLA and CTA aim to remove barriers that have impeded investigations into money laundering and terrorism financing by fostering more collaboration and robust reporting. The extensive provisions highlighted above illustrate the various ways AML/CFT regulations will be updated to ensure they effectively adapt to the continually changing financial and national security landscapes. In anticipation of these changes, it is critical for financial institutions to prepare themselves and their stakeholders, including boards of directors, foreign affiliates, and BSA/AML compliance personnel, for impacts at every level.
Taking Proactive Steps
Treliant can assist your organization in conducting an AML/CFT National Priority Health Check by:
- Ensuring the national priorities are incorporated into your risk assessment methodology and effectively documenting their relevance to your risk profile;
- Updating language in your policies and procedures to communicate the perceived level of risk for each national priority and documenting associated internal controls. These efforts may include, e.g., incorporating anti-corruption measures into your risk-based AML/CFT program;
- Evaluating the underlying data sources, algorithms, and models of your suspicious activity monitoring system to ensure the incorporation of relevant typologies and patterns of suspicious activity for newly elevated priorities such as cybercrime (including cybersecurity, ransomware, and convertible virtual currencies), human trafficking, and domestic terrorism. This may include designing in-house solutions to mitigate risks unique to your organization;
- Revising your alert resolution and suspicious activity reporting procedures to provide adequate guidance for the investigation and reporting of illicit activity relating to the national priorities;
- Designing and providing role-specific training across all levels to communicate updates to your organization’s risk assessment, policies, and/or procedures enterprise-wide; and
- Reviewing audit methodology and internal audit plans to ensure proper integration and testing of relevant national priorities.
____________________________________________________
1 A no-action letter describes the request, analyzes the particular facts and circumstances involved, discusses applicable laws and rules, and, if the staff grants the request for no action, concludes that the staff would not recommend enforcement action.