29398 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

DEPARTMENT OF THE TREASURY verification, (2) beneficial ownership identity documents. Financial identification and verification, (3) institutions are required to maintain Financial Crimes Enforcement Network understanding the nature and purpose records of the beneficial ownership of customer relationships to develop a information they obtain, and may rely 31 CFR Parts 1010, 1020, 1023, 1024, customer risk profile, and (4) ongoing on another financial institution for the and 1026 monitoring for reporting suspicious performance of these requirements, in RIN 1506–AB25 transactions and, on a risk-basis, each case to the same extent as under maintaining and updating customer their CIP rule. Customer Due Diligence Requirements information. The first is already an AML The terms used for the purposes of for Financial Institutions program requirement and the second this final rule, including account, will be required by this final rule. The beneficial ownership, legal entity AGENCY: Financial Crimes Enforcement third and fourth elements are already customer, excluded legal entities, new Network (FinCEN), Treasury. implicitly required for covered financial account, and covered financial ACTION: Final rules. institutions to comply with their institution, are set forth in the final rule. suspicious activity reporting Financial institutions should use SUMMARY: FinCEN is issuing final rules requirements. The AML program rules beneficial ownership information as under the Bank Secrecy Act to clarify for all covered financial institutions are they use other information they gather and strengthen customer due diligence being amended by the final rule in order regarding customers (e.g., through requirements for: Banks; brokers or to include the third and fourth elements compliance with CIP requirements), dealers in securities; mutual funds; and as explicit requirements. including for compliance with the futures commission merchants and FinCEN has the legal authority for this Office of Foreign Assets Control (OFAC) introducing brokers in commodities. action in the Bank Secrecy Act (BSA), regulations, and the currency The rules contain explicit customer due which authorizes FinCEN to impose transaction reporting (CTR) aggregation diligence requirements and include a AML program requirements on all requirements. new requirement to identify and verify financial institutions 1 and to require the identity of beneficial owners of legal 2. Anti-Money Laundering Program financial institutions to maintain Rule Amendments entity customers, subject to certain procedures to ensure compliance with The AML program requirement for exclusions and exemptions. the BSA and its implementing each category of covered financial DATES: The final rules are effective July regulations or to guard against money institutions is being amended to 11, 2016. laundering.2 Applicability Date: Covered financial explicitly include risk-based procedures institutions must comply with these B. Summary of the Major Provisions of for conducting ongoing customer due rules by May 11, 2018. the Rulemaking diligence, to include understanding the nature and purpose of customer FOR FURTHER INFORMATION CONTACT: 1. Beneficial Ownership relationships for the purpose of FinCEN Resource Center at 1–800–767– Beginning on the Applicability Date, 2825. Email inquiries can be sent to frc@ developing a customer risk profile. covered financial institutions 3 must A customer risk profile refers to the fincen.gov. identify and verify the identity of the information gathered about a customer SUPPLEMENTARY INFORMATION: beneficial owners of all legal entity at account opening used to develop a I. Executive Summary customers (other than those that are baseline against which customer activity excluded) at the time a new account is is assessed for suspicious activity A. Purpose of This Regulatory Action opened (other than accounts that are reporting. This may include self-evident Covered financial institutions are not exempted). The financial institution information such as the type of presently required to know the identity may comply either by obtaining the customer or type of account, service, or of the individuals who own or control required information on a standard product. The profile may, but need not, their legal entity customers (also known certification form (Certification Form include a system of risk ratings or as beneficial owners). This enables (Appendix A)) or by any other means categories of customers. criminals, kleptocrats, and others that comply with the substantive In addition, customer due diligence looking to hide ill-gotten proceeds to requirements of this obligation. The also includes conducting ongoing access the financial system financial institution may rely on the monitoring to identify and report anonymously. The beneficial ownership beneficial ownership information suspicious transactions and, on a risk requirement will address this weakness supplied by the customer, provided that basis, to maintain and update customer and provide information that will assist it has no knowledge of facts that would information. For these purposes, law enforcement in financial reasonably call into question the customer information shall include investigations, help prevent evasion of reliability of the information. The information regarding the beneficial targeted financial sanctions, improve identification and verification owners of legal entity customers (as the ability of financial institutions to procedures for beneficial owners are defined in § 1010.230). The first clause assess risk, facilitate tax compliance, very similar to those for individual of paragraph (ii) sets forth the and advance U.S. compliance with customers under a financial institution’s requirement that financial institutions international standards and customer identification program (CIP),4 conduct monitoring to identify and commitments. except that for beneficial owners, the report suspicious transactions. Because FinCEN believes that there are four institution may rely on copies of this includes transactions that are not of core elements of customer due diligence the sort the customer would be normally (CDD), and that they should be explicit 1 31 U.S.C. 5318(h)(2). expected to engage, the customer risk requirements in the anti-money 2 31 U.S.C. 5318(a)(2). profile information is used (among other laundering (AML) program for all 3 The term ‘‘covered financial institution’’ refers sources) to identify such transactions. to: (i) Banks; (ii) brokers or dealers in securities; (iii) covered financial institutions, in order mutual funds; and (iv) futures commission This information may be integrated into to ensure clarity and consistency across merchants and introducing brokers in commodities. the financial institution’s automated sectors: (1) Customer identification and 4 31 CFR 1020.220, 1023.220, 1024.220, 1026.220. monitoring system, and may be used

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00002 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29399

after a potentially suspicious transaction rate) and $282 million (at a three B. The Importance of Customer Due has been identified, as one means of percent discount rate). Because the Diligence determining whether or not the benefits of the rule cannot be quantified, FinCEN, after consultation with the identified activity is suspicious. FinCEN has utilized a breakeven staffs of the Federal functional When a financial institution detects analysis to determine how large the regulators and the Department of information (including a change in final rule’s benefits would have to be in Justice, has determined that more beneficial ownership information) about order to justify its estimated costs. The explicit rules for covered financial the customer in the course of its normal RIA uses Treasury’s estimate of $300 institutions with respect to customer monitoring that is relevant to assessing billion in illicit proceeds generated due diligence (CDD) are necessary to or reevaluating the risk posed by the annually in the United States due to clarify and strengthen CDD within the customer, it must update the customer BSA regime, which in turn will enhance information, including beneficial financial crimes, to determine the financial transparency and help to ownership information. Such minimum level of effectiveness that the information could include, e.g., a final rule would need to achieve for the safeguard the financial system against significant and unexplained change in benefits to equal the costs. Based on this illicit use. Requiring financial the customer’s activity, such as analysis, using the upper bound of our institutions to perform effective CDD so executing cross-border wire transfers for cost assessment, FinCEN has concluded that they understand who their no apparent reason or a significant that the final rule would only have to customers are and what type of change in the volume of activity without reduce illicit activity by 0.6 percent to transactions they conduct is a critical explanation. It could also include yield a positive net benefit. The aspect of combating all forms of illicit information indicating a possible Treasury Department believes that the financial activity, from terrorist change in the customer’s beneficial final rule will reduce illicit activity by financing and sanctions evasion to more traditional financial crimes, including ownership, because such information a greater amount than this. could also be relevant to assessing the money laundering, fraud, and tax risk posed by the customer. This applies II. Background evasion. For FinCEN, the key elements of CDD include: (i) Identifying and to all legal entity customers, including A. The Bank Secrecy Act those existing on the Applicability Date. verifying the identity of customers; (ii) This provision does not impose a FinCEN exercises regulatory functions identifying and verifying the identity of categorical requirement that financial primarily under the Currency and beneficial owners of legal entity customers (i.e., the natural persons who institutions must update customer Foreign Transactions Reporting Act of own or control legal entities); (iii) information, including beneficial 1970, as amended by the USA PATRIOT understanding the nature and purpose ownership information, on a continuous Act of 2001 (PATRIOT Act) and other of customer relationships; and (iv) or periodic basis. Rather, the updating legislation, which legislative framework requirement is event-driven, and occurs conducting ongoing monitoring. is commonly referred to as the ‘‘Bank Collectively, these elements comprise as a result of normal monitoring. 6 Secrecy Act’’ (BSA). The BSA the minimum standard of CDD, which C. Costs and Benefits authorizes the Secretary of the Treasury FinCEN believes is fundamental to an This is a significant regulatory action (Secretary) to require financial effective AML program. pursuant to Executive Order 12866 institutions to keep records and file Clarifying and strengthening CDD (‘‘E.O. 12866’’) because it is likely to reports that ‘‘have a high degree of requirements for U.S. financial result in a final rule that may have an usefulness in criminal, tax, or regulatory institutions, including with respect to annual effect on the economy of $100 investigations or proceedings, or in the the identification of beneficial owners, million or more. Accordingly, FinCEN conduct of intelligence or advance the purposes of the BSA by: published for comment on December 24, counterintelligence activities, including (1) Enhancing the availability to law 2015 a preliminary Regulatory Impact analysis, to protect against international enforcement, as well as to the Federal Assessment (RIA) for the proposed rule terrorism.’’ 7 functional regulators and self-regulatory (80 FR 80308), which provided a The Secretary has delegated to the organizations (SROs), of beneficial quantitative estimate of the costs to the ownership information about legal Director of FinCEN the authority to private sector for which adequate data entity customers obtained by U.S. implement, administer, and enforce are available and a qualitative financial institutions, which assists law discussion of both the costs and benefits compliance with the BSA and 8 enforcement financial investigations for which data are not available. As a associated regulations. FinCEN is and a variety of regulatory examinations result of the comments submitted, authorized to impose anti-money and investigations; FinCEN revised the preliminary RIA to laundering (AML) program (2) Increasing the ability of financial include additional cost estimates 5 and requirements on financial institutions,9 institutions, law enforcement, and the is publishing with this final rule a final as well as to require financial intelligence community to identify the RIA. The annualized quantified costs institutions to maintain procedures to assets and accounts of terrorist (under low cost scenarios) are estimated ensure compliance with the BSA and organizations, corrupt actors, money to be $153 million (at a seven percent the regulations promulgated thereunder launderers, drug kingpins, proliferators discount rate) and $148 million (at a or to guard against money laundering.10 of weapons of mass destruction, and three percent discount rate). The other national security threats, which annualized quantified costs (under high 6 The BSA is codified at 12 U.S.C. 1829b, 12 strengthens compliance with sanctions cost scenarios) are estimated to be $287 U.S.C. 1951–1959, 18 U.S.C. 1956, 1957, and 1960, programs designed to undercut million (at a seven percent discount and 31 U.S.C. 5311–5314 and 5316–5332 and notes financing and support for such persons; thereto, with implementing regulations at 31 CFR chapter X. See 31 CFR 1010.100(e). (3) Helping financial institutions 5 In the final RIA, we estimate that 10-year 7 assess and mitigate risk, and comply quantifiable costs range from $1.15 billion to $2.15 31 U.S.C. 5311. billion in present value using a seven percent 8 Treasury Order 180–01 (July 1, 2014). with all existing legal requirements, discount rate, and from $1.3 billion to $2.5 billion 9 31 U.S.C. 5318(h)(2). including the BSA and related using a three percent discount rate. 10 31 U.S.C. 5318(a)(2). authorities;

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00003 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29400 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

(4) Facilitating reporting and defendants allegedly used the assets of use legal structures to conceal their investigations in support of tax the company to acquire shell illicit activity and assets. Moreover, compliance, and advancing companies, while other defendants are requiring legal entities seeking access to commitments made to foreign alleged to have further obscured the financial institutions to disclose counterparts in connection with the ownership of these companies through identifying information, such as the provisions commonly known as the complex legal structures involving other name, date of birth, and Social Security Foreign Account Tax Compliance Act shell companies.15 In 2006, prosecutors number of natural persons who own or (FATCA); 11 indicted a number of individuals for control them, will make such entities (5) Promoting consistency in their roles in supporting a long-running more transparent, and thus less implementing and enforcing CDD nationwide drug trafficking attractive to criminals and those who regulatory expectations across and organization. The proceeds generated by assist them. Even if an illicit actor tries within financial sectors; and this trafficking organization were to thwart such transparency by (6) Advancing Treasury’s broad laundered through numerous shell and providing false beneficial ownership strategy to enhance financial shelf 16 corporations created to provide information to a financial institution, transparency of legal entities. apparently legitimate fronts for this law enforcement has advised FinCEN 1. Assisting Financial Investigations by income. These legal entities were that such information can still be useful Law Enforcement further used to open accounts at in demonstrating unlawful intent and in financial institutions and hold title to generating leads to identify additional The abuse of legal entities to disguise property.17 Other examples cited by law evidence or co-conspirators. involvement in illicit financial activity enforcement officials include major is a longstanding vulnerability that drug trafficking organizations using 2. Advancing Counterterrorism and facilitates crime, threatens national shell companies to launder drug Broader National Security Interests security, and jeopardizes the integrity of proceeds.18 In 2011, a World Bank As noted, criminals often abuse legal the financial system. Criminals have report highlighted how corrupt actors entities to evade sanctions or other exploited the anonymity that use of consistently abuse legal entities to targeted financial measures designed to legal entities can provide to engage in conceal the proceeds of corruption, combat terrorism and other national money laundering, corruption, fraud, which the report estimates to aggregate security threats. The success of such terrorist financing, and sanctions at least $40 billion per year in illicit targeted financial measures depends, in evasion, among other financial crimes. activity.19 Other criminals also make There are numerous examples that part, on the ability of financial aggressive use of front companies,20 Treasury has tracked as a part of its which may also conduct legitimate institutions, law enforcement, and National Money Laundering Risk business activity, to disguise the intelligence agencies to identify a Assessment and Terrorist Financing deposit, withdrawal, or transfer of illicit target’s assets and accounts. These Risk Assessment.12 For example, in proceeds that are intermingled with measures are thwarted when legal 2013, prosecutors in New York indicted legitimate funds. entities are abused to obfuscate 34 alleged members of Russian- Strong CDD practices that include ownership interests. Effective CDD American organized crime groups, identifying and verifying the identity of helps prevent such abuses by requiring charging that they participated in a the natural persons who own or control the collection of critical information, range of racketeering activities. One of a legal entity—i.e., the beneficial including beneficial ownership the constituent racketeering enterprises owners—help defend against these information, which may be helpful in was alleged to have moved millions of abuses in a variety of ways. The implementing sanctions or other similar dollars in unlawful gambling proceeds measures. 13 collection of beneficial ownership through a network of shell companies information by financial institutions can in Cyprus and the United States.14 In 3. Improving a Financial Institution’s provide law enforcement with key Ability To Assess and Mitigate Risk 2011, Federal prosecutors indicted 13 details about suspected criminals who individuals for their alleged unlawful Explicit CDD requirements would also takeover and looting of a publicly-held 15 Id. enable financial institutions to assess mortgage company. Some of these 16 A shelf corporation is a legal entity that has and mitigate risk more effectively in been registered with a state but not yet used for any connection with existing legal 11 Officially the Hiring Incentives to Restore purpose; it has instead been kept on the ‘‘shelf’’ for Employment Act of 2010, Public Law 111–147, 124 a buyer who does not want to go through the requirements. It is through CDD that Stat. 71, Section 501(a). process of creating a new legal entity. Id. financial institutions are able to 12 U.S. Dep’t of the Treasury, National Money 17 Id. at 44. understand the risks associated with Laundering Risk Assessment (2015), available at 18 Combating Transnational Organized Crime: their customers, to monitor accounts http://www.treasury.gov/resource-center/terrorist- International Money Laundering as a Threat to Our illicit-finance/Documents/National%20Money%20 Financial System, Before the Subcommittee on more effectively, and to evaluate activity Laundering%20Risk%20 Crime, Terrorism, and Homeland Security, H. to determine whether it is unusual or Assessment%20%E2%80%93%2006-12-2015.pdf; Comm. on the Judiciary, 112th Cong. (February 8, suspicious, as required under U.S. Dep’t of the Treasury, National Terrorist 2012) (statement of Jennifer Shasky Calvery as suspicious activity reporting Financing Risk Assessment (2015), available at Chief, Asset Forfeiture and Money Laundering 21 http://www.treasury.gov/resource-center/terrorist- Section, Criminal Division of the U.S. Department obligations. Further, in the event that illicit-finance/Documents/National of Justice). a financial institution files a suspicious %20Terrorist%20Financing%20Risk%20 19 The Puppet Masters: How the Corrupt Use activity report (SAR), information Assessment%20%E2%80%93%2006-12-2015.pdf. Legal Structures to Hide Stolen Assets and What to gathered through CDD in many 13 A shell company is a legal entity that has been Do About It, The International Bank for registered with a state but has no physical Reconstruction and Development/The World Bank instances can enhance SARs, which in operations or assets. Shell companies can serve (2011). turn can help law enforcement, legitimate purposes, such as holding financial 20 A front company is a legitimate business that intelligence, national security, and tax assets or other property, but can also be used to combines illicit proceeds with earnings from its authorities investigate and pursue illicit conceal the source, ownership, or control of illegal legitimate operations, thereby obscuring the source financing activity. proceeds. U.S. Dep’t of the Treasury, National of the illegitimate funds. See U.S. Dep’t of the Money Laundering Risk Assessment at 43. Treasury, National Money Laundering Risk 14 Id. at 20. Assessment at 43. 21 See, e.g., 31 CFR 1020.320.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00004 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29401

4. Facilitating Tax Compliance commitment, and puts the United States effectively discourage best practices, Customer due diligence also in a better position to work with foreign because financial institutions with facilitates tax reporting, investigations governments to combat offshore tax robust compliance procedures may and compliance. For example, evasion and other financial crimes. believe that they risk losing customers to other institutions with more lax information held by banks and other 5. Promoting Clear and Consistent procedures. Greater consistency across financial institutions about the Expectations and Practices the financial system addresses this beneficial ownership of companies can Customer due diligence is universally competitive inequality. be used to assist law enforcement in recognized as fundamental to mitigating Providing a consolidated and clear identifying the true owners of assets and illicit finance risk, even though not all CDD framework will help address these their true tax liabilities. The United financial institutions use the specific issues. As part of this framework, States has long been a global leader in term ‘‘customer due diligence’’ to expressly stating CDD requirements in establishing and promoting the adoption describe their practices. While Treasury these regulations with respect to (i) of international standards for understands from its outreach to the understanding the nature and purpose transparency and information exchange private sector that financial institutions of customer relationships and (ii) to combat cross-border tax evasion and broadly accept this principle and conducting ongoing monitoring will other financial crimes. Strengthening implement CDD practices in some form facilitate more consistent CDD is an important part of that effort, under a risk-based approach, financial implementation, examination, and it will dovetail with other efforts to institutions have expressed disparate supervision and enforcement of these create greater transparency, some of views about what precise activities CDD expectations. With respect to the which are longstanding, such as the entails. At public hearings held after the beneficial ownership requirement, United States’ commitments to closing of the comment period to the requiring all covered financial exchanging information with other Advance Notice of Proposed institutions to identify and verify the jurisdictions under its tax treaties and Rulemaking (ANPRM),24 discussed identities of beneficial owners in the tax information exchange agreements, below, financial institutions described same manner and pursuant to the same and others of which are new, such as widely divergent CDD practices, definition also promotes consistency the information reporting requirements especially with respect to identifying across industry. Requiring covered under FATCA.22 FATCA requires and verifying the identities of beneficial financial institutions to operate under foreign financial institutions to identify owners outside of limited circumstances one clear CDD framework will promote U.S. account holders, including legal prescribed by statute.25 For example, a more level playing field across and entities with substantial U.S. during one of these hearings, FinCEN within financial sectors. ownership, and to report certain learned that some financial institutions information about those accounts to the already obtain beneficial ownership 6. Advancing Treasury’s Broad Strategy Internal Revenue Service (IRS).23 The information in all circumstances, while To Enhance Financial Transparency of United States has negotiated with others obtain this information only for Legal Entities foreign governments to enter into certain categories of customers or Finally, clarifying and strengthening intergovernmental agreements that following a triggering event. Institutions CDD is an important component of facilitate the effective implementation of also identified a range of practices, from Treasury’s broader three-part strategy to these requirements. These agreements varied percentage of ownership enhance financial transparency of legal allow foreign financial institutions to thresholds, to the extent of information entities. Other key elements of this rely on existing AML practices in a collected (e.g., only the name of the strategy include: (i) Increasing the number of circumstances, including, in beneficial owner(s) versus collection of transparency of U.S. legal entities the case of the intergovernmental additional information, such as through the collection of beneficial agreements, for purposes of determining addresses, etc.).26 ownership information at the time of the whether certain legal entity customers FinCEN believes that this disparity legal entity’s formation and (ii) are controlled by U.S. persons. Pursuant adversely affects efforts to mitigate risk facilitating global implementation of to many of these agreements, the United and can promote an uneven playing international standards regarding CDD States has committed to pursuing field across and within financial sectors. and beneficial ownership of legal equivalent levels of reciprocal automatic Financial institutions have noted that entities. information exchange with respect to unclear CDD expectations can result in This final rule thus complements the collecting and reporting to the inconsistent regulatory examinations, Administration’s ongoing work with authorities of the FATCA partner potentially causing them to devote their Congress to facilitate adoption of jurisdiction information on the U.S. limited resources to managing legislation that would require the financial accounts of residents of that derivative legal risk rather than collection of beneficial ownership jurisdiction. A general requirement for fundamental illicit finance risk. Private information at the time that legal U.S. financial institutions to obtain sector representatives have also noted entities are formed in the United States. beneficial ownership information for that inconsistent expectations can This final rule also advances Treasury’s AML purposes advances this ongoing work with the Group of Twenty 24 Financial Crimes Enforcement Network Finance Ministers and Central Bank 22 Hiring Incentives to Restore Employment Act (FinCEN), ‘‘Customer Due Diligence Requirements Governors (G–20), the Financial Action of 2010, Public Law 111–147, Section 501(a). for Financial Institutions,’’ 77 FR 13046 (March 5, Task Force (FATF), the Global Forum on 23 See generally Internal Revenue Service, 2012). Transparency and Exchange of ‘‘Regulations Relating to Information Reporting by 25 See, e.g., FinCEN, Summary of Public Hearing: Foreign Financial Institutions and Withholding on Advance Notice of Proposed Rulemaking on Information for Tax Purposes, and other Certain Payments to Foreign Financial Institutions Customer Due Diligence (October 5, 2012), available global partners, who have emphasized and Other Foreign Entities,’’ RIN 1545–BK68 at http://www.fincen.gov/whatsnew/html/ the importance of improving CDD (January 28, 2013), available at http://www.irs.gov/ 20121130NYC.html. (‘‘Participants expressed varied practices and requiring the disclosure of PUP/businesses/corporations/TD9610.pdf. For views as to whether, how and in what further updates on FATCA regulations, see http:// circumstances, financial institutions obtain beneficial ownership information at the www.irs.gov/Businesses/Corporations/Foreign- beneficial ownership information.’’). time of company formation or transfer. Account-Tax-Compliance-Act-(FATCA). 26 Id. Moreover, this proposal furthers the

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00005 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29402 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

United States’ Group of Eight (G–8) explicit codification of pre-existing maintain and update customer commitment as set forth in the United obligations. To better understand and information and to identify and report States G–8 Action Plan for Transparency address these concerns, Treasury held suspicious transactions. FinCEN viewed of Company Ownership and Control, five public hearings from July to this part of the rulemaking as not published on June 18, 2013.27 This December 2012 in Washington, DC, imposing new requirements, but rather Action Plan is in line with principles Chicago, New York, Los Angeles and making explicit the activities that agreed to by the G–8, which the Miami.31 At these meetings, participants covered financial institutions are Administration noted ‘‘are crucial to expressed their views on the ANPRM already expected to undertake, based on preventing the misuse of companies by and offered specific recommendations guidance and supervisory expectations, illicit actors.’’ 28 It is also found in the about how best to balance the benefits in order to satisfy their existing U.S. Action Plan to Implement the G– with the practical burdens associated obligations to detect and report 20 High Level Principles on Beneficial with obtaining beneficial ownership suspicious activities. Ownership, published on October 16, information. These discussions were D. Summary of Comments 2015.29 While these elements are all critical in the development of the Notice proceeding independently, together they of Proposed Rulemaking (NPRM) issued In response to the NPRM, FinCEN make up a comprehensive approach to on August 4, 2014 (79 FR 45151). received 141 comments from financial promoting financial transparency of The NPRM proposed a new institutions, trade associations, Federal legal entities. requirement for covered financial and State agencies, non-governmental institutions to identify the natural organizations, members of Congress, C. The Advance Notice and Notice of person or persons who are beneficial and other individuals. The great Proposed Rulemaking owners of legal entity customers majority of the private sector FinCEN initiated this rulemaking opening new accounts, subject to certain commenters, which were primarily process in March 2012 by issuing an exemptions, and to verify the identity of banks, credit unions, and their trade ANPRM that described FinCEN’s the natural person(s) identified. As associations, asserted that the proposed potential proposal for codifying explicit proposed, a covered financial institution beneficial ownership requirement CDD requirements, including customer would satisfy this requirement at the would be very burdensome to identification and verification, time a new account is opened by implement and require more than the understanding the nature and purpose obtaining information on a standard proposed 12 months, would be far more of accounts, ongoing monitoring, and certification form directly from the expensive than estimated by FinCEN, obtaining and verifying beneficial individual opening the new account on and would not achieve the proposal’s ownership information.30 FinCEN behalf of the legal entity customer, and expressed goals. received 90 comments, mostly from by verifying the identity of the natural The commenters addressed many banks, credit unions, securities and person(s) identified consistent with aspects of the proposed beneficial futures firms, mutual funds, casinos, existing customer identification ownership requirement, including the and money services businesses. In program (CIP) procedures for verifying use of the proposed certification form; general, these commenters raised the identity of customers who are the extent to which a covered financial concerns about the potential costs and natural persons. The NPRM thus sought institution may rely on the information practical challenges associated with a to facilitate this proposed new provided by the customer; the meaning categorical requirement to obtain requirement by leveraging the CIP of verification and the extent to which beneficial ownership information. They procedures that have been required of it would be required; the application of also expressed concerns with respect to all covered financial institutions since the requirement to existing customers; FinCEN’s articulation of the other 2003. The NPRM also proposed that the the extent to which the information components of CDD (understanding the AML program requirements for all types would need to be updated; and the nature and purpose of customer of covered financial institutions be definitions of beneficial ownership and relationships and ongoing monitoring), amended to include appropriate risk- legal entity customer and the proposed asserting that, contrary to FinCEN’s based procedures for conducting exclusions from those definitions. stated intention, these would in part be ongoing due diligence, to include: (i) Commenters raised a number of new requirements rather than an Understanding the nature and purpose questions regarding the proposed of customer relationships in order to certification form, including whether 27 United States G–8 Action Plan for develop a customer risk profile; and (ii) beneficial owner information must be Transparency of Company Ownership and Control, conducting ongoing monitoring to obtained through the certification form available at http://www.whitehouse.gov/the-press- or could be obtained by other means; office/2013/06/18/united-states-g-8-action-plan- 31 transparency-company-ownership-and-control. Summary of Public Hearing: Advance Notice of whether the certification form should be Proposed Rulemaking on Customer Due Diligence 28 White House Fact Sheet: U.S. National Action an official government form; and who is (July 31, 2012), available at http:// Plan on Preventing the Misuse of Companies and authorized to sign the certification form www.regulations.gov/#!documentDetail;D=FINCEN- Legal Arrangements (June 18, 2013), available at 2012-0001-0094; Summary of Public Hearing: on behalf of the customer. Many urged http://www.whitehouse.gov/the-press-office/2013/ Advance Notice of Proposed Rulemaking on FinCEN to treat the receipt of the 06/18/fact-sheet-us-national-action-plan- Customer Due Diligence (September 28, 2012), certification form as a ‘‘safe harbor,’’ preventing-misuse-companies-and-legal. available at http://www.fincen.gov/whatsnew/html/ 29 U.S. Action Plan to Implement the G–20 High 20121130CHI.html; Summary of Public Hearing: similar to the treatment of the Level Principles on Beneficial Ownership, available Advance Notice of Proposed Rulemaking on certification used for compliance with at https://www.whitehouse.gov/blog/2015/10/16/us- Customer Due Diligence (October 5, 2012), available the foreign shell bank regulation.32 action-plan-implement-g-20-high-level-principles- at http://www.fincen.gov/whatsnew/html/ Commenters submitted several other beneficial-ownership. 20121130NYC.html; Summary of Public Hearing: 30 Two years prior to that, in March 2010, Advance Notice of Proposed Rulemaking on comments and suggestions regarding the FinCEN, along with several other agencies, Customer Due Diligence (October 29, 2012), information to be included in the published Joint Guidance on Obtaining and available at http://www.fincen.gov/whatsnew/html/ certification form. Retaining Beneficial Ownership Information, FIN– 20121130LA.html; Summary of Public Hearing: Many commenters sought clarification 2010–G001 (March 5, 2010). Industry reaction to Advance Notice of Proposed Rulemaking on this guidance is one reason that FinCEN sought to Customer Due Diligence (December 3, 2012), regarding the verification requirement further clarify CDD requirements by making them available at http://www.fincen.gov/whatsnew/pdf/ explicit within FinCEN’s regulations. SummaryofHearing-MiamiDec3.pdf. 32 31 CFR 1010.630(b).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00006 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29403

and the extent to which a financial financial products that they contended E. General Comments institution may rely on the information presented a low risk of money Regulatory deference. Commenters submitted by its customer. Financial laundering. raised a number of general comments institutions also pointed out that there Many comments also addressed the regarding this rulemaking. Several would be difficulties with adopting proposed amendments to the AML commenters took issue with the ‘‘identical’’ procedures to those used for program rules, including urging FinCEN following statement in the NPRM verifying the identity of individual to clarify the proposed requirement to (which we reiterate here as modified for customers as done for CIP. Moreover, understand the nature and purpose of this final rule).33 many commenters noted the practical the customer relationship and the difficulties resulting from the fact that Nothing in this final rule is intended to there is no authoritative source for meaning of ‘‘customer risk profile’’ and lower, reduce, or limit the due diligence beneficial ownership information of of the proposed requirement to conduct expectations of the Federal functional legal entities, as there is no requirement ongoing monitoring to update customer regulators or in any way limit their existing information, separate from monitoring regulatory discretion. To clarify this point, for U.S. States to collect this the final rule incorporates the CDD elements information at the time a company is to detect and report suspicious activity. Some commenters representing the on nature and purpose and ongoing formed. Commenters also sought monitoring into FinCEN’s existing AML guidance regarding how they should securities and futures industries program requirements, which generally utilize the beneficial ownership asserted that, contrary to assumptions in provide that an AML program is adequate if, information once collected and how its the NPRM, these are not in fact existing among other things, the program complies availability would impact compliance requirements in those industries, and with the regulation of its Federal functional with other obligations. that such requirements would be regulator (or, where applicable, self- While many private sector burdensome and of little utility. Some regulatory organization (SRO)) governing 34 commenters noted that the proposed commenters also questioned statements such programs. In addition, the Treasury definition of beneficial owner was an Department intends for the requirements in the preamble that the proposed contained in the customer due diligence and improvement over the definition requirements would not reduce or limit beneficial ownership final rules to be discussed in the ANPRM, some sought the due diligence expectations of the consistent with, and not to supersede, any greater clarity about the meaning of Federal functional regulators or their regulations, guidance or authority of any ‘‘indirect’’ ownership and guidance regulatory discretion, asserting that such Federal banking agency, the Securities and regarding how the percentage of an approach would undermine the Exchange Commission (SEC), the Commodity ownership held indirectly should be clarity and consistency that FinCEN is Futures Trading Commission (CFTC), or of measured in specific situations, as well seeking to provide by the proposed any SRO relating to customer identification, as clarification of the meaning of including with respect to the verification of rules. Finally, a great majority of the the identities of legal entity customers. ‘‘equity interest.’’ They also suggested comments stated that the proposed 12- eliminating any reference to using a 10 month implementation period following These commenters contended, among percent threshold on a risk basis, so as issuance of a final rule would not be other things, that these statements were to reduce the likelihood of examiners adequate to implement the necessary unduly deferential to the Federal requiring a threshold lower than the 25 modifications to their data systems, functional regulators, and would serve percent specified in the proposed rule. customer on-boarding procedures, to undermine rather than promote clear On the other hand, non-governmental employee training, and other and consistent CDD standards across organizations and many individuals requirements, and sought a period of at financial sectors. They accordingly asserted that the proposed 25 percent least 18–24 months. urged FinCEN to strike this language ownership threshold is too high and from the final rulemaking. that it should be lowered to 10 percent Based on the comments addressing FinCEN appreciates the concerns (or eliminated entirely) in the final rule. the potential cost of implementing the about uneven and inconsistent A number of commenters urged requirement, FinCEN conducted application of CDD standards that clarification of the proposed definition outreach to a number of the financial underlie these comments, but of ‘‘legal entity customer,’’ and many institution commenters to obtain nevertheless believes that these urged expansion of the proposed additional information regarding the statements are an important articulation exclusions from the definition to anticipated costs of implementing the of FinCEN’s understanding of what it include, for example, accounts opened proposed requirements. As a result of is—and is not—accomplishing by this to participate in employee benefit plans the limited information received from rulemaking. At their core, these subject to the Employee Retirement these discussions, Treasury prepared a statements in the NPRM and this final Income Security Act of 1974 (ERISA) preliminary Regulatory Impact rule preamble articulate the nature of and accounts for foreign publicly traded Assessment (RIA) that was made the relationship of FinCEN’s rulemaking companies, regulated financial available for comment on December 24, authority with that of the Federal institutions, and governmental entities. 2015 (80 FR 80308). FinCEN received 38 functional regulators 35—that is, as with Many commenters also noted comments on this preliminary difficulties in applying the proposed assessment; a summary of the comments 33 The original statement can be found at 79 FR exclusion for nonprofits and urged we received and the final RIA is 45152 (Aug. 4, 2014). FinCEN to simplify it. Commenters also 34 See, e.g., 31 CFR 1020.210, which currently included in the Regulatory Analysis sought clarification regarding whether provides that a financial institution regulated by a section of this preamble. beneficial ownership would need to be Federal functional regulator that is not subject to All of the substantive comments the regulations of a self-regulatory organization obtained each time a legal entity shall be deemed to satisfy the requirements of 31 customer opens a new account after the received on the NPRM, FinCEN’s U.S.C. 5318(h)(1) if it implements and maintains an rule’s compliance deadline, and to what response, and resulting modifications to anti-money laundering program that complies with extent the information would need to be the final rule are discussed in detail in the regulation of its Federal functional regulator the following Section-by-Section governing such programs. (emphasis added). updated. Some commenters also sought 35 Where appropriate, working closely with to exempt from the beneficial ownership Analysis. However, we first address Federal functional regulators may involve requirement certain categories of certain general comments. Continued

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00007 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29404 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

all BSA rulemakings, FinCEN III. Section-by-Section Analysis In the NPRM, FinCEN proposed that determines the appropriate minimum the beneficial ownership requirement Section 1010.230 Beneficial regulatory standards that should apply would apply only with respect to legal Ownership Requirements for Legal across an industry. From that baseline, entity customers that open new Entity Customers the Federal functional regulators have accounts going forward from the date of authority to establish AML program Section 1010.230(a) In general. As implementation, noting that many requirements in addition to those proposed, this paragraph delineated in commenters to the ANPRM viewed a established by FinCEN that they broad terms the scope of the beneficial retroactive requirement to obtain determine are necessary and appropriate ownership obligation—i.e., that covered beneficial ownership information for all to address risk or vulnerabilities specific financial institutions are required to existing accounts as extremely to the financial institutions they establish and maintain written burdensome. We received comments regulate. This is particularly true within procedures reasonably designed to reflecting a wide range of views on this the context of separate but related identify and verify the identities of subject. The vast majority of concerns that exist for these institutions beneficial owners of legal entity commenters who addressed this issue beyond the strict scope of AML, such as customers. There were no significant reiterated this objection to retroactive in the area of safety and soundness. objections to this general formulation, application of the beneficial ownership These statements simply reflect this and we are adopting it as proposed, obligation. A few commenters, however, basic reality of the existing regulatory with the addition that the procedures urged FinCEN to require covered framework. Furthermore, as we have adopted will be included in the financial institutions to collect maintained throughout this rulemaking institution’s AML program. beneficial ownership information on process, one of our overarching goals Several commenters questioned the existing accounts on a categorical basis, efficacy of having financial institutions was to clarify and harmonize while some others thought that financial collect beneficial ownership expectations while at the same time institutions should collect this information, contending that State minimizing disruption to the greatest information retroactively for all higher government offices responsible for the extent possible. Accordingly, we believe risk customers. formation and registration of legal that it is critical to make clear— We decline to impose a categorical, entities and/or the IRS would be better especially with respect to the changes to retroactive requirement. Based on our suited to collect this information due to the AML program rules—that these understanding of the significant changes their roles in the company formation standards simply articulate current to processes and systems that will be process. Although FinCEN supports the practices pursuant to existing standards required to implement this requirement collection of beneficial ownership simply on a prospective basis, we and expectations, in order to facilitate information in these other implementation and minimize the believe that retroactive application circumstances as well, it does not would be unduly burdensome. As we burden on financial institutions. We believe that such collection would believe that leveraging the experience noted in the proposal, the absence of a replace the independent obligation of categorical mandate to apply the accrued from interpretation of and financial institutions to collect this compliance with prior regulations and requirement retroactively would not information. As described above, we preclude financial institutions from guidance that have already been issued view this rulemaking as but one part of in this space will be a net benefit to deciding that collecting beneficial Treasury’s comprehensive strategy to ownership information on some financial institutions. As FinCEN enhance financial transparency in the customers on a risk basis during the explained in the proposal, these U.S. financial system and worldwide, course of monitoring may be requirements represent a floor, not a and we believe the beneficial ownership appropriate for their institution. In our ceiling, and, consistent with the risk- requirement for financial institutions assessment, we have concluded that based approach, financial institutions would be necessary even if these other financial institutions should obtain may do more in circumstances of measures were already in place. One of beneficial ownership information from heightened risk, as well as to mitigate the principal rationales for this new customers existing on the Applicability risks generally. requirement is that financial institutions Date when, in the course of their normal Compliance Deadline. Most should know who their customers are to monitoring, the financial institution commenters strongly opposed FinCEN’s help them more effectively mitigate detects information relevant to assessing proposal for a compliance deadline of risks. This requirement is therefore or reevaluating the risk of such one year from the date the final rule is separate from a policy objective of customer (as more fully described in the issued, identifying a wide range of requiring States to obtain beneficial sections below addressing the amended changes to systems and processes that ownership information from the legal AML program requirements). would be required in order to entities they create at the time of Section 1010.230(b) Identification and implement the rule. Many of these formation and upon specified Verification. In the NPRM, FinCEN commenters requested that FinCEN circumstances thereafter (although none proposed that covered financial provide financial institutions two years currently have such requirements). institutions be required to develop to implement the final rule. Based on Presently, corporate laws and customer due diligence procedures that the well-founded, detailed explanations regulations differ from State to State, enabled institutions to (1) identify the put forth by these commenters of the and from FinCEN’s regulations, but beneficial owner(s) of legal entity difficulties that would arise from a one- generally do not require information customers by collecting a mandatory year implementation period, FinCEN is regarding beneficial ownership. Thus, certification form provided by the extending the period for the information that will be provided individual opening the account on implementation to two years from the under FinCEN’s regulations will behalf of the legal entity customer; and date this final rule is issued (the significantly augment information (2) verify the identity of the identified Applicability Date). presently available to law enforcement beneficial owner(s) according to risk- from State authorities, thereby based procedures that are, at a consulting with the applicable SROs in the improving the overall investigative, minimum, identical to the institutions’ securities and futures/commodities industries. regulatory, and prosecutorial processes. CIP procedures required for verifying

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00008 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29405

the identity of customers that are legal entity’s board or governing body. management of customer files, and individuals. These commenters thought that a covered financial institutions will have Section 1010.230(b)(1). The NPRM Certification Form without attestation flexibility in integrating the beneficial proposed to require the use of a requirements more substantial than ownership information requirement into standard certification form (Certification those in the proposal would reduce existing systems and processes. The Form) in order to, among other accountability for false representations certification of accuracy by the purposes, promote consistent practices on the Certification Form. individual submitting the information and regulatory expectations, reduce As noted above, a primary reason that may be obtained without use of the compliance burden, and provide a FinCEN proposed the Form was to Certification Form in the same way the uniform customer experience across balance the benefits and burdens of this financial institution obtains other much of the U.S. financial system. To new requirement to the financial information from its customers in facilitate institutions’ abilities to rely institution and its customers with the connection with its account opening upon the Certification Form, the benefits to law enforcement and procedures. FinCEN expects that such proposed Certification Form included a regulatory authorities. We also note that flexibility will facilitate the section that required the individual in the case of many legal entities that implementation of the beneficial opening the account on behalf of a legal are small businesses, the natural person ownership requirement—some entity customer to certify that the opening the account will often be one of commenters noted that giving financial information provided on the form is true the beneficial owners, who would have institutions flexibility in integrating this and accurate to the best of his or her direct knowledge of the beneficial requirement would substantially reduce knowledge. Commenters raised a ownership information of the legal resource outlays to change customer number of issues regarding this entity customer. FinCEN understands onboarding processes and to train front- proposed requirement. Some that many institutions obtain and line employees. In addition, to facilitate commenters asked whether the maintain customer data electronically use of the Certification Form by those Certification Form must be used to rather than in paper form to the greatest institutions that choose to utilize it, obtain the information, whether the extent possible, and that mandating the FinCEN will also make an electronic Certification Form should be an official use and retention of a specific form version available, although it will not be government form, and what individuals would require significant technological an official U.S. Government form. representing the customer would be and operational changes that could be Some commenters asked that FinCEN authorized to provide the Certification costly and challenging to implement for clarify who an appropriate individual to Form. Several commenters urged a some financial institutions. We have certify the identity of the beneficial variety of changes to the fields on the therefore amended the final rule to owners to the financial institution Certification Form in order to conform permit, but not require, financial would be, whether by signing the it more closely to current CIP institutions to use the Certification Certification Form or otherwise requirements, to otherwise facilitate use Form to collect beneficial ownership providing the beneficial ownership of the form, and to promote other information. Accordingly, in the final information in accordance with this regulatory goals. Some commenters also rule, § 1010.230(b)(1) is revised to state paragraph; some commenters also urged FinCEN to provide a safe harbor that covered financial institutions must questioned whether the individual to institutions that use the model identify the beneficial owner(s) of each opening an account could be a low-level Certification Form adopted in the final legal entity customer at the time a new employee without knowledge of the rule akin to, for example, the safe harbor account is opened, unless the customer entity’s owners. In this regard, FinCEN provided for foreign bank is otherwise excluded or the account is declines to impose specific account- certifications.36 exempted. A covered financial opening procedures on financial The comments FinCEN received institution may accomplish this either institutions, and believes that financial related to the Certification Form varied by obtaining certification in the form of institutions should be able to integrate widely. Some commenters urged appendix A of the section from the this new requirement into their FinCEN to make the Certification Form individual opening the account on institution’s existing procedures with an official U.S. Government document, behalf of the legal entity customer, or by little disruption. FinCEN understands with the certification made under the obtaining from the individual the that financial institutions generally have penalty of perjury (rather than only to information required by the form by long-standing policies and procedures, the best of the knowledge of the another means, provided the individual based on sound business practices and certifying party), and a few commenters certifies, to the best of the individual’s prudential considerations, governing the thought that the Certification Form knowledge, the accuracy of the documentation required to open an should be notarized. However, many information.37 account for a legal entity; these typically commenters requested that the proposed Thus, covered financial institutions include resolutions authorizing the Certification Form be permissive rather can satisfy this requirement through (1) entity to open an account at the than mandatory, and that financial the use of FinCEN’s Certification Form; institution and identifying the institutions be permitted to obtain the (2) the use of the financial institution’s authorized signatories. Such resolutions information through their standard own forms, so long as they meet the are typically certified by an appropriate account opening process without requirements of § 1010.230(b)(1); or (3) individual, e.g., the secretary or other utilizing the Certification Form. A few any other means that satisfy the officer of a corporation, a member or commenters thought that the person substantive requirements of manager of an LLC, or partner of a opening the account should be required § 1010.230(b)(1). These records may be partnership. It would be appropriate for to have actual personal knowledge of retained electronically and incorporated the same individual to certify the the information provided on the into existing databases as a part of identity of the beneficial owners. Such Certification Form, or that the financial institutions’ overall certification should take the form of a an individual would typically have at resolution ratified or adopted by the 37 This revision will also require a corresponding least some familiarity with the entity’s change to the Recordkeeping subsection, described owners and with individuals with 36 31 CFR 1010.630(b). in greater detail below. responsibility to control or manage the

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00009 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29406 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

entity, but may not have personal standards within and across industries new account is a relatively convenient knowledge of individuals having an for purposes of CDD. Thus, FinCEN and otherwise appropriate occasion to indirect ownership interest through, for declines to permit reliance solely upon obtain current information regarding a example, intermediate legal entities or previously gathered alternate sources of customer’s beneficial owners. contractual arrangements with nominal beneficial ownership information. Accordingly, FinCEN has added to the owners, and would have to rely on Several commenters raised specific final rule as § 1010.230(g) a definition others for any such information. questions regarding the information in for ‘‘new account’’. Therefore, while FinCEN anticipates the proposed Certification Form. One commenter urged FinCEN to that the certifying individual would FinCEN agrees with the suggestions mandate the use of the Legal Entity generally be able to provide accurate made by several commenters that the Identifier (LEI), a global standardized beneficial ownership information, it is title of the person with significant unique identifier for legal entities appropriate that it be provided to the management responsibility, as well as of engaged in financial transactions, on the best of such person’s knowledge, rather the person submitting the Certification proposed Certification Form. This than without qualification. Accordingly, Form or supplying the information, commenter noted that including such a FinCEN declines to require a heightened should be included and has made these requirement would further the goals of knowledge threshold, or notarization, or changes to the Form. We have also transparency and financial stability. board approval requirement for the added fields on the Certification Form FinCEN understands that the LEI was certification requirement, as some in which to identify the type of legal developed principally to aggregate data commenters suggested, as any such entity, and to note its address. Other from across markets, products, and requirement would increase the amount commenters noted that the address regions, giving global regulators a means of time to open an account, without fields as laid out in the proposed to quickly identify parties to financial commensurate benefit, and would be Certification Form, along with the transactions, in order to enhance inconsistent with FinCEN’s goal of description of the address requirement regulators’ ability to understand integrating this requirement into in the general instructions section, were systemic risks to the financial system existing financial institution onboarding not congruent with CIP’s address and act accordingly. Although this is an procedures to the greatest extent requirements, and accordingly asked important and laudable purpose, possible.38 FinCEN thus believes that FinCEN to confirm that the CIP rules’ FinCEN does not believe that mandating the certification requirement as address requirements remained the LEI’s inclusion on the beneficial described in the final rule provides the applicable. As described in greater ownership Certification Form would appropriate level of accountability given detail below, covered financial further this goal substantially. We the circumstances.39 institutions’ procedures for identifying believe that the overwhelming majority Some commenters urged FinCEN to and verifying beneficial owners must of legal entities subject to this permit financial institutions to rely contain all the elements of the requirement will be smaller or non- upon alternative sources, such as applicable CIP rule, including the financial entities that would not be previously collected customer address, date of birth, and Taxpayer typical applicants for LEIs in the first information in their databases, or the Identification Number requirements as instance, and that the costs of IRS Form W–8BEN, to satisfy the set forth therein. Accordingly, FinCEN mandating its use solely for the certification requirement. FinCEN has revised the Certification Form to purposes of the Certification Form recognizes that this could facilitate clarify this point, and notes that this would not be outweighed by the benefit. financial institutions’ ability to obtain information will be required whether or FinCEN also understands that the this information. However, to be of not the Certification Form is used. We authorized bodies that assign LEIs do greatest use, FinCEN believes that have also amended item ‘‘a’’ of the not require the beneficial owner to be a beneficial ownership information must Certification Form to clarify that the natural person, use a 50 (rather than 25) be, at the time of account opening, both name of the certifying party should be percent threshold, and do not verify the (1) current, and (2) certified by an that of a natural person authorized to identities of beneficial owners of legal individual authorized by the customer open the account (and not of the legal entities, thereby rendering the LEI’s to open accounts at financial entity itself). FinCEN also agrees with utility as a possible proxy or alternative institutions to be accurate to the best of the suggestion made by a number of source of verification minimal. For these his or her knowledge. Furthermore, commenters that the Certification Form reasons, FinCEN declines to mandate because FinCEN’s definition of state that the information in the the use of the LEI. We do, however, beneficial ownership does not align Certification Form is required by recognize that covered financial precisely with, for example, the IRS’s Federal regulation in order to explain to institutions may find such information definition in its Form W–8BEN, customers why this new requirement useful for enterprise-wide risk permitting reliance in some has been put in place; the Form has management or other purposes, and circumstances upon other agencies’ been edited appropriately. have accordingly included an optional forms would be at odds with FinCEN’s Several commenters sought LEI field on the Certification Form. goal of consistent beneficial ownership clarification as to whether a financial Several commenters urged FinCEN to institution must identify and verify a adopt an express safe harbor in the final 38 FinCEN notes that in cases where the legal entity customer’s beneficial rule deeming those financial institutions individual signing the documentation to open the owners each time it opens a new that use the Certification Form account (and identifying the legal entity’s beneficial account at the institution after the rule’s compliant with the beneficial owners) does not deliver such documentation to the compliance deadline, or whether the ownership requirement. A few financial institution, it may be appropriate that the individual’s signature be notarized. requirement applies only the first time commenters recommended that FinCEN 39 FinCEN also understands that in cases where it opens a new account at such model such an express safe harbor on a newly formed legal entity opens a financial institution. FinCEN has concluded that, the safe harbor for foreign bank institution account in order to commence business, while it is not requiring periodic certifications found in § 1010.630. Other the beneficial owner(s) would typically open the account in person and be the signatories on the updating of the beneficial ownership commenters opposed the notion of a account, and could readily certify their status as information of all legal entity customers safe harbor, contending that the beneficial owners at that time. at specified intervals, the opening of a Certification Form should serve as the

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00010 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29407

starting point for financial institutions’ slight, because, pursuant to CIP accuracy of the beneficial owner or risk-based due diligence into a legal requirements, they already have to owners identified by the legal entity entity’s beneficial ownership. As provide the same sensitive personal customer, absent the institution’s discussed in greater detail below, we information to financial institutions to knowledge to the contrary. FinCEN have included in § 1010.230(b)(2) of the open individual accounts and access the recognizes the necessity for permitting final rule a description of the extent to U.S. financial system. We note that reliance on the identification supplied which financial institutions can rely financial institutions are expected to by the legal entity customer, considering upon the beneficial ownership protect this information just as they do the fact the customer is generally the information provided by the person CIP information, as well as comply with best source of this information, and that opening the account. We decline, all applicable Federal and State privacy there is generally no other source of however, to include in the final rule a laws, including, but not limited to, the beneficial ownership information 40 blanket safe harbor triggered by the use Right to Financial Privacy Act and the available to covered financial 41 and collection of the standard Gramm-Leach-Bliley Act. institutions, aside from the legal entity Section 1010.230(b)(2). With respect Certification Form. itself. FinCEN believes that there are a to verification of identity, we proposed number of factors present in the context that verification meant that financial Several commenters sought of foreign bank certifications (but absent institutions were required to verify the clarification of the requirement as here) that make a blanket safe harbor identity of the individual identified as a described in the NPRM in proposed appropriate in that context. The foreign beneficial owner (i.e., to verify the § 1010.230(b)(2) that beneficial bank certification was used to satisfy individual’s existence), and not his or ownership information procedures be, several obligations arising under her status as a beneficial owner. We at a minimum, ‘‘identical’’ to the Sections 313 and 319(b) of the USA proposed that this verification be done existing CIP procedures for verifying the PATRIOT Act, including not only for via risk-based procedures that are identity of individual customers. Some the foreign bank to certify facts such as identical to the institutions’ CIP commenters noted that it would be its status and in certain cases its owners, procedures required for verifying the infeasible to simply replicate, without but also to set forth its agreement not to identity of customers that are modification, existing CIP procedures provide banking services to foreign shell individuals, to facilitate financial for individual customers to implement banks and to appoint a U.S. process institutions’ implementation of the the beneficial ownership verification agent. Moreover the foreign bank official requirement through leveraging existing requirement. They noted, for example, was required to certify that the procedures and systems. that because the beneficial owners will information in the document was true Many commenters sought clarification in many cases not be physically present and correct, whereas the beneficial of the meaning of the verification at the financial institution at account ownership information is to be provided requirement in proposed opening, an institution using to the best of the knowledge of the § 1010.230(b)(2) and the means by documentary verification may not have customer’s agent. In addition, the which it may be accomplished. Some access to the documents listed in the population of legal entities subject to pointed out the potential confusion relevant paragraph of the CIP rule, and the final rule is exponentially larger between two statements in the NPRM therefore may need to rely on a than that of foreign banks with U.S. discussing the distinction between photocopy or other reproduction of such correspondent accounts, and the verifying the identity of the beneficial document. Commenters also noted that proposed certification in the proposed 42 owner and verifying the status. In some current procedures for non- rule does not include affirmative order to resolve any potential confusion documentary verification of individual obligations. We believe that the regarding the beneficial ownership customers could not be applied to non- provision inserted into § 1010.230(b)(2) identification and verification obligation consenting beneficial owners, because of the final rule describing the extent to of financial institutions, FinCEN is of limitations on the use of credit which the financial institution may rely revising § 1010.230(b)(2) in the final reports imposed by the Fair Credit on the information provided by the rule to clarify that a covered financial Reporting Act.43 customer strikes the right balance institution may rely on the information between the need to minimize burden supplied by the legal entity customer FinCEN agrees that it would be upon covered financial institutions and regarding the identity of its beneficial impracticable for covered financial the risk of abuse of legal entities for owner or owners, provided that it has institutions to implement the beneficial illicit purposes. no knowledge of facts that would ownership verification requirement A few commenters raised concerns reasonably call into question the with procedures that are identical to the that the collection of sensitive personal reliability of such information. FinCEN institution’s existing CIP rule information of beneficial owners would anticipates that, in the overwhelming procedures for individual customers. impinge upon their privacy and increase majority of cases, a covered financial Accordingly, § 1010.230(b)(2) has been their vulnerability to identity theft. institution should be able to rely on the amended to require that at a minimum, FinCEN recognizes the critical these procedures must contain the importance of protecting individuals’ 40 12 U.S.C. 3401 et seq. elements 44 required for verifying the privacy interests, as well as the serious 41 15 U.S.C. 6801 et seq. identity of customers that are threat posed by cyberattacks and 42 FinCEN stated that ‘‘[i] n light of these individuals under paragraph (a)(2) of identity theft, particularly with respect considerations, FinCEN is not proposing that to the personal information held at financial institutions verify the status of a beneficial owner. Financial institutions may rely on the 43 15 U.S.C. 1681 et seq. financial institutions. These concerns, beneficial ownership information provided by the 44 The clause ‘‘in the covered financial while valid and significant, are customer on the standard certification form.’’ On institution’s Customer Identification Program insufficient to justify elimination of the the other hand, the proposal also states that its procedures’’ in the proposed rule text have been requirement. From both the privacy and procedures for verifying beneficial ownership deleted, because, for the reasons described above, ‘‘should enable the financial institution to form a the verification procedures for beneficial owners of identity-theft perspectives, the reasonable belief that it knows the true identity of legal entity customers may be different from the incremental impact upon the vast the beneficial owner of each legal entity customer.’’ procedures in the covered financial institution’s CIP majority of beneficial owners will be (79 FR 45162) that apply to individual customers.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00011 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29408 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

the applicable CIP rule,45 but are not example, a covered financial institution from identifying and verifying the required to be identical. In addition, the could determine that it will not accept identities of additional natural persons. final rule clarifies that in the case of reproductions below a certain optical However, we believe that the benefits of documentary verification, the financial resolution, or that it will not accept collecting this information, as described institution may use photocopies or other reproductions transmitted via facsimile, at greater length above and below, reproductions of the documents listed or that it will only accept digital outweigh these additional costs. FinCEN in paragraph (a)(2)(ii)(A)(1) 46 of the reproductions transmitted in certain file accordingly declines to alter the applicable CIP rule. formats. As with CIP, covered financial categorical nature of the requirement for Because the risk-based verification institutions are not required to maintain the final rule. procedures must contain the same these copies or reproductions, but only Several commenters questioned the elements as required by the applicable a description of any document upon utility of collecting this information in CIP rule to verify the identity of which the financial institution relied to the absence of an authoritative individual customers, verification must verify the identity of the beneficial centralized resource against which to be completed within a reasonable time owner. We note, however, that although verify beneficial ownership status. They after the account is opened. In addition, covered financial institutions are not contended that the limited benefit of the beneficial ownership identification required to maintain these this information would not outweigh procedures must address situations in reproductions, they are not prohibited the costs imposed by the requirement. which the financial institution cannot from keeping them in a manner Law enforcement commenters, however, form a reasonable belief that it knows consistent with all other applicable laws identified significant benefits to the the true identity of the beneficial owner or regulations. collection of beneficial ownership information, regardless of financial of a legal entity customer after following Some commenters urged FinCEN to 47 institutions’ ability to verify ownership the required procedures. It remains permit covered financial institutions to status. They noted that the identities of the case that covered financial take a risk-based, rather than verified natural persons linked to legal institutions may generally rely on categorical, approach to the entities of interest had significant value government-issued identification as identification and verification in law enforcement investigations, verification of an individual’s identity, requirements. Among the objections 48 whether or not those natural persons are absent obvious indications of fraud. lodged against a categorical requirement the actual beneficial owners, since at a FinCEN notes that such reliance is also were that: Conducting CIP procedures generally appropriate in the case of minimum they may have information on non-present beneficial owners would that can aid law enforcement in photocopies or other reproductions be too difficult; the benefit of a obtained pursuant to § 1010.230(b)(2). identifying the true beneficial owner(s). categorical requirement was outweighed Furthermore, false beneficial ownership However, given the vulnerabilities by the costs; and expanding the number inherent in the reproduction process, information is of significant use to of natural persons subject to CIP prosecutors in demonstrating covered financial institutions should procedures would increase costs, conduct their own risk-based analyses consciousness of guilt, as well as for particularly for institutions that rely impeachment purposes at trial. And law of the types of photocopies or upon vendors that charge on a per reproductions that they will accept in enforcement also noted the likely capita basis for CIP. FinCEN believes deterrent effect that a categorical accordance with this section, so that that categorical application of this such reliance is reasonable. For collection and verification requirement requirement across covered financial would have on illicit actors, by making institutions will reduce illicit actors’ 45 Paragraph (a)(2) of each of the CIP rules it more difficult for them to maintain requires that the relevant financial institution’s CIP opportunities to slip into the financial anonymity while opening accounts. For includes risk-based procedures to verify the identity system by masking their legal entities these reasons, FinCEN rejects the notion of each customer, to the extent reasonable and with markers indicative of a low risk that this requirement is of limited value. practicable. The elements of such program must profile. As to concerns about costs and include identifying the customer, verifying the A few commenters requested that customer’s identity (through documents or non- difficulties, we believe that the above- FinCEN eliminate the verification documentary methods), and procedures for described changes and clarifications requirement entirely, contending that circumstances where the institution cannot form a made to this paragraph have given verification of the identities of non- reasonable belief that it knows the true identity of financial institutions greater flexibility the individual. present beneficial owners would be too 46 Relevant documentation may include in determining how to implement the difficult and burdensome, especially for unexpired government-issued identification identification and verification smaller institutions. As described above, evidencing nationality or residence and bearing a requirements, thereby reducing their we are aware of the challenges photograph or similar safeguard, such as a driver’s impact. As described above, because associated with verifying the identities license or passport. See, e.g., 31 CFR 1020.220(a)(2)(ii)(A)(1). financial institutions will in most of non-present individuals and have 47 Under the CIP rules, a financial institution’s instances be able to rely upon the accordingly made changes to simplify CIP must include procedures for responding to information provided by the customer, the process for financial institutions, circumstances in which the financial institution FinCEN believes that financial which we expect will reduce the cannot form a reasonable belief that it knows the institutions generally will not expend burden. Importantly, collecting true identity of a customer. These procedures should describe: (A) When the institution should substantially greater resources by beneficial ownership information not open an account; (B) The terms under which a collecting and verifying the information without verifying the existence of the customer may use an account while the institution in all cases (subject to permitted named person would substantially attempts to verify the customer’s identity; (C) When exemptions) than by engaging in a risk diminish the value of the information, it should close an account, after attempts to verify a customer’s identity have failed; and (D) When it analysis to determine whether the and we therefore decline to eliminate should file a Suspicious Activity Report in beneficial ownership information the verification requirement. accordance with applicable law and regulation. See, should be collected and verified. We Some commenters asked FinCEN to e.g., 31 CFR 1020.220(a)(2)(iii). recognize that financial institutions that clarify what we expect financial 48 See, e.g., Customer Identification Programs for Banks, Savings Associations, Credit Unions and pay for systems and technology costs institutions to do with the beneficial Certain Non-Federally Regulated Banks, 68 FR associated with CIP procedures on a per ownership information that they collect 25090, 25099 (May 9, 2003). capita basis will face increased costs and verify. FinCEN generally expects

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00012 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29409

beneficial ownership information to be transactions are ‘‘by or on behalf of’’ the Section 1010.230(d) Beneficial Owner. treated like CIP and related information, same person. Thus, if a financial In the NPRM, we proposed two prongs and accordingly used to ensure that institution determines that a legal entity for the definition of beneficial owner: covered financial institutions comply customer or customers are not being Each individual, if any, who directly or with other requirements. For example, operated independently from each other indirectly owned 25 percent of the the Office of Foreign Assets Control or from their primary owner—e.g., the equity interests of a legal entity (OFAC) requires covered financial institution determines that legal entities customer (the ownership prong); and a institutions to block accounts (or other under common ownership have single individual with significant property and interests in property) of, common employees and are repeatedly responsibility to control, manage, or among others, persons appearing on the used to pay each other’s expenses or the direct a legal entity customer, including Specially Designated Nationals and personal expenses of their primary an executive officer or senior manager Blocked Persons List (SDN List), which owner—then the financial institution or any other individual who regularly includes any entity that is 50 percent or may determine that aggregating the performs similar functions (the control more owned, in the aggregate, by one or transactions of a legal entity or entities prong). We noted that the number of more blocked persons, regardless of and their primary owner would be beneficial owners identified would vary whether the entity is formally listed on appropriate.52 Under such from legal entity customer to legal entity the SDN List.49 Therefore, institutions circumstances, if a financial institution customer due to the ownership prong— should use beneficial ownership were aware that a beneficial owner there could be as few as zero and as information to help ensure that they do made a $5,000 cash deposit into his many as four individuals who satisfy not open or maintain an account, or personal account, and later the same this prong. All legal entities, however, otherwise engage in prohibited business day, he made a $6,000 cash would be required to identify one transactions or dealings involving deposit into the account of a legal entity beneficial owner under the control individuals or entities subject to OFAC- not being operated as an independent prong. We further noted that financial administered sanctions. Covered entity, the institution would be required institutions had the discretion to financial institutions should also to aggregate those transactions and file identify additional beneficial owners as develop risk-based procedures to a CTR.53 And to the extent that the appropriate based on risk. determine whether and/or when financial institution determined that Thus, in practice, the number of additional screening of these names such transactions had no other apparent beneficial owners identified will vary through, for example, negative media purpose than to avoid triggering a CTR based on the circumstances. For search programs, would be appropriate. filing, the financial institution would example: With respect to aggregation of need to consider whether filing a SAR • Mr. and Mrs. Smith each hold a 50 transactions for Currency Transaction about the transactions would be percent equity interest in ‘‘Mom & Pop, Reporting (CTR) purposes, FinCEN appropriate. LLC.’’ Mrs. Smith is President of Mom expects covered financial institutions to A few commenters asked FinCEN to & Pop, LLC and Mr. Smith is its Vice apply existing procedures consistent provide guidance as to how beneficial President. Mom & Pop, LLC is required with CTR regulations and applicable ownership information should be to provide the personal information of FinCEN guidance from 2001 and 2012.50 incorporated into processes for both Mr. & Mrs. Smith under the Thus, while financial institutions information sharing pursuant to USA ownership prong. Under the control should generally recognize the PATRIOT Act Section 314(a); one of prong, Mom & Pop, LLC is also required distinctness of the corporate form and these commenters asked FinCEN to to provide the personal information of not categorically impute the activities or declare such information per se outside one individual with significant transactions of a legal entity customer to of the scope of Section 314(a). FinCEN responsibility to control Mom & Pop, a beneficial owner, they must aggregate does not expect the information LLC; this individual could be either Mr. multiple currency transactions if the obtained pursuant to the beneficial or Mrs. Smith, or a third person who financial institution has knowledge that ownership requirement to add otherwise satisfies the definition. Thus, these transactions are by or on behalf of additional requirements with respect to in this scenario, Mom & Pop, LLC would any person and result in either cash in Section 314(a) for financial institutions. be required to identify at least two, but or cash out totaling more than $10,000 The rule implementing Section 314(a), up to three distinct individuals—both during any one business day.51 While set forth at 31 CFR 1010.520, does not Mr. & Mrs. Smith under the ownership the requirement to identify the authorize the reporting of beneficial prong, and either Mr. or Mrs. Smith beneficial owners of legal entity ownership information associated with under the control prong, or both Mr. & customers does not modify this existing an account or transaction matching a Mrs. Smith under the ownership prong, CTR aggregation requirement, the named subject. Under that rule, and a third person with significant beneficial ownership identification may financial institutions need only search responsibility under the control prong. provide financial institutions with their records for account or transactions • Acme, Inc. is a closely-held private information they did not previously matching a named subject, and report to corporation. John Roe holds a 35 have, in order to determine when FinCEN whether such a match exists percent equity stake; no other person using the identifying information that holds a 25 percent or higher equity 49 See generally 31 CFR part 500; see also, e.g., FinCEN provides. stake. Jane Doe is the President and 31 CFR 590.406 (Ukraine-related sanctions Section 1010.230(c) Account. See Chief Executive Officer. Acme, Inc. regulations); Office of Foreign Assets Control, discussion below under ‘‘Legal entity would be required to provide John Roe’s Frequently Asked Questions, available at http:// www.treasury.gov/resource-center/faqs/Sanctions/ customer.’’ beneficial ownership information under Pages/faq_general.aspx#50_percent. the ownership prong, as well as Jane 50 See 31 CFR 1010.313; FinCEN, Currency 52 In general, such aggregation would only be Doe’s (or that of another control person) Transaction Report Aggregation for Businesses with appropriate in cases where an individual owns all under the control prong. Common Ownership FIN–2012–G001, (Mar. 16, or substantially all of the legal entity’s equity • Quentin, Inc. is owned by the five 2012) (FIN–2012–G001); FinCEN, Currency interests. It is only in such cases that a transaction Transaction Reporting: Aggregation, FinCEN Ruling by a legal entity could be considered ‘‘by or on Quentin siblings, each of whom holds a 2001–2, (Aug. 23, 2001). behalf of’’ the owner of the entity (or vice versa). 20 percent equity stake. Its President is 51 31 CFR 1010.313. 53 See FIN–2012–G001 at 2. Benton Quentin, the eldest sibling, who

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00013 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29410 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

is the only individual at Quentin, Inc. ownership information at thresholds note accompanying the regulatory text with significant management lower than 25 percent. will aid them in doing so with respect responsibility. Quentin, Inc. would be FinCEN has considered all of the to their customers. required to provide Benton Quentin’s arguments in favor of lowering the Some commenters urged FinCEN to beneficial ownership information under ownership threshold to 10 percent, and include in the ownership prong a the control prong, but no other we decline to make this change in the ‘‘fallback provision’’ to require the beneficial ownership information under final rule. Although it is true that some collection of beneficial ownership the ownership prong, because no sibling financial institutions already collect information for at least one individual has a 25 percent stake or greater. beneficial ownership information at a with a significant equity stake in the One commenter raised a concern that threshold lower than 25 percent in some legal entity, even if no beneficial owner this obligation would effectively require cases, we do not believe that this meets the minimum ownership financial institutions to monitor the practice is widely established enough to threshold. Such a provision was equity interests and management team justify its categorical imposition for all initially discussed in the ANPRM for of legal entity customers on an ongoing legal entity customers across all covered this rulemaking but not included in the basis and continually update this financial institutions. As some NPRM in response to concerns information. FinCEN notes that it would proponents of the 10 percent threshold expressed by numerous commenters be impracticable for financial noted, this lower threshold would make that the approach was impracticable. As institutions to conduct this type of it more difficult for illicit actors to we noted in the NPRM, commenters inquiry, and emphasizes that this structure ownership interests to evade questioned the feasibility of engaging in obligation should be considered a the reporting threshold. However, it a comparative analysis of every owner snapshot, not a continuous obligation. would also require financial institutions to determine the individual who ‘‘has at As discussed more fully in the Section- to identify and verify as many as eleven least as great an equity interest in the by-Section Analysis addressing the beneficial owners (including the control entity as any other individual.’’ amendments to the AML program rules, prong). In FinCEN’s assessment, the Agreeing with that assessment, we FinCEN does expect financial incremental benefit of this approach removed this provision, and we do not institutions to update this information does not outweigh the burdens believe that any benefit from its based on risk, generally triggered by a associated with having to collect and reintroduction would outweigh the financial institution learning through its verify the identities of more than twice difficulties that customers and front-line normal monitoring of facts relevant to as many beneficial owners in some employees would face in implementing assessing the risk posed by the circumstances. Furthermore, the it. Although we have declined to customer. proposed 25 percent threshold is include this provision in the final rule, The Ownership Prong. Commenters consistent with that of many foreign financial institutions may determine, raised a number of points regarding the jurisdictions (including EU member pursuant to a risk-based approach for ownership prong. Several commenters states) and with the FATF standard, their institutions, that certain higher speculated on FinCEN’s intention with which in turn is used to define the risk circumstances may warrant the respect to this requirement. FinCEN controlling persons of an entity in the collection of beneficial ownership confirms here that by the phrase intergovernmental agreements that the information for at least one natural ‘‘directly or indirectly,’’ it intends that United States has entered into with person under the ownership prong even the financial institution’s customer more than 110 other jurisdictions in if no beneficial owner meets the 25 identify its ultimate beneficial owner or order to enforce the requirements of percent threshold. owners as defined in the rule and not FATCA. FinCEN continues to believe One commenter requested that their nominees or ‘‘straw men.’’ In that a 25 percent threshold strikes the FinCEN clarify whether covered addition, as described in appropriate balance between the benefit financial institutions had an obligation § 1010.230(b)(2), financial institutions of identifying key natural persons who to determine whether equity holders of may rely on information provided by have substantial ownership interests in a legal entity managed or structured the customer to identify and verify the the legal entity and the costs associated their holdings to evade the 25 percent beneficial owner. with implementing this information- threshold for reporting. FinCEN notes Many commenters supported collection requirement. that in most cases it would be FinCEN’s decision in the proposal to set We reiterate that the 25 percent impracticable for front-line employees the minimum threshold for equity threshold is the baseline regulatory to conduct this type of inquiry. Thus, holdings constituting ownership at 25 benchmark, but that covered financial FinCEN expects that financial percent. Some of these commenters institutions may establish a lower institutions will generally be able to rely requested that FinCEN affirm this percentage threshold for beneficial upon information about equity threshold as the regulatory expectation, ownership (i.e., one that regards owners ownership provided by the person notwithstanding our remarks in the of less than 25 percent of equity opening the account, and not to proposal that financial institutions, after interests as beneficial owners) based on affirmatively investigate whether equity their own assessment of risk, could their own assessment of risk in holders are attempting to avoid the determine that a lower threshold appropriate circumstances. As a general reporting threshold. However, financial percentage might be warranted. A few matter, FinCEN does not expect covered institution staff who know, suspect, or commenters, however, urged FinCEN to financial institutions’ compliance with have reason to suspect that such lower this threshold to 10 percent, this regulatory requirement to be behavior is occurring may, depending contending that the higher threshold assessed against a lower threshold. on the circumstances, be required to file would be too easy to evade and is Nevertheless, consistent with the risk- a SAR. inconsistent with international AML based approach, FinCEN anticipates that A few commenters sought norms and requirements of FATCA, and some financial institutions may clarification of the definition of ‘‘equity that the burden of a lower threshold determine that they should identify and interests’’ provided in the proposal—to would be minimal because some verify beneficial owners at a lower wit, an ownership interest in a business financial institutions as a matter of threshold in some circumstances; we entity—contending that although the practice already collect beneficial believe that making this clear in the proposed definition provided a great

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00014 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29411

deal of latitude and flexibility, it might FinCEN expects that financial contending that it would be difficult to also cause confusion due to its broad institutions will generally be able to rely identify a control person under such a sweep. Thus, commenters requested on the representations of the customer wide-ranging definition. We disagree. greater clarification and guidance in the when it identifies its beneficial owners. FinCEN proposed a broad definition to form of examples or additional We also note that it would not be give legal entities a wide range of commentary, to assist customers in unreasonable to expect that a legal options from which to choose. understanding and complying with the entity that has a complex structure Accordingly, the breadth of the requirements of the regulation as well as would have personnel who necessarily definition will facilitate, rather than employees in their determinations as to have a general understanding of the hinder, financial institutions’ ability to which types of ownership interests are ownership interests of the natural collect this information—because legal subject to this prong. FinCEN persons behind it for operational, entity customers are required to provide appreciates that some financial management, accounting, and other information on only one control person institutions may find it challenging in purposes. who satisfies the definition, legal some circumstances to determine Commenters also sought clarification entities should be able to readily whether a particular ownership interest regarding various scenarios where 25 identify at least one natural person qualifies as an ‘‘equity interest.’’ percent or greater equity interests of a within their management structure who However, as we noted in the proposal, legal entity customer are held in such a has significant management we deliberately avoided the use of more manner that the interest is not responsibility, consistent with the technical terms of art associated with ultimately owned, directly or indirectly, multiple examples of positions the exercise of control through by any individual. This could occur, for provided. Furthermore, there may be ownership; we did so in part based on example, where a 25 percent or greater legal entities for which there are no the preferences expressed by many ownership interest is held by an entity natural persons who satisfy the members of industry. The above- excluded from the legal entity customer ownership prong; without the control mentioned commenters urged FinCEN definition under paragraph (e)(2) or by prong, this would create a loophole for to avoid creating a definition using a trust. FinCEN notes that the legal entities seeking to obscure their technical and complex legal terms that exclusions in the proposed rule include beneficial ownership information. would also be difficult for customers any entity organized under the laws of Requiring the identification and and front-line employees to understand the United States or of any State at least verification of, at a minimum, one and apply. Beyond the general examples 51 percent of whose common stock or control person ensures that financial provided in the proposal, however, we analogous equity interests are held by institutions will have a record of at least are reluctant to provide additional an entity listed on a U.S stock exchange. one natural person associated with the narrower examples that could be FinCEN believes that this should legal entity, which will benefit law construed to limit a definition that we address the overwhelming majority of enforcement and regulatory intend to be broadly applicable, situations where an excluded entity is a investigations for reasons described particularly in light of the diversity of 25 percent or more shareholder. In previously. types of legal entities formed within the addition, in the relatively unusual A few commenters requested that United States and abroad. By the same situations where an excluded entity FinCEN provide additional information token, we also decline to provide a holds a 25 percent or greater equity about the types of persons who would interest that is not covered by the above- satisfy the control prong, contending formal guidance document listing the mentioned exclusion, FinCEN notes that that a level of detail similar to the types of documents that front-line covered financial institutions are not explanations provided for the employees should rely upon to required under the ownership prong to ownership prong would be helpful for demonstrate the existence of an equity identify and verify the identities of a implementation. We believe that such interest over the triggering threshold. natural person behind these entities; additional explanation is unnecessary. We reiterate that it is generally the this is because the definition of In contrast with the variety of possible responsibility of the legal entity ‘‘beneficial owner’’ under the ownership complicated scenarios that a financial customer (and its personnel) to make prong refers to ‘‘[e]ach individual, if institution might encounter when trying this determination and to identify the any, . . .’’, and in such a case there to determine beneficial ownership beneficial owners, and not front-line would not be any individual who is the under the ownership prong, the control employees at the financial institution, ultimate owner of such interest. On the prong provides for a straightforward unless the employees have reason to other hand, where 25 percent or more of test: The legal entity customer must question the accuracy of the information the equity interests of a legal entity provide identifying information for one presented. customer are owned by a trust (other person with significant managerial Some commenters noted that while than a statutory trust), covered financial control. It further provides as examples they approved of FinCEN’s general institutions would satisfy the ownership a number of common, well-understood approach to determining indirect prong of the beneficial ownership senior job titles, such as President, Chief ownership of legal entity customers— requirement by collecting and verifying Executive Officer, and others. Taken i.e., that FinCEN does not expect the identity of the trustee, and FinCEN together, FinCEN believes that these financial institutions or customers to has amended the definition consistent clauses provide ample information for undertake analyses to determine with this. For clarity, FinCEN notes that legal entity customers to easily identify whether an individual is a beneficial in any such case the legal entity a natural person that satisfies the owner under the definition—they customer would nonetheless be required definition of control person. nevertheless thought that FinCEN to identify an individual under the A few commenters requested that should provide additional guidance and control prong. FinCEN expand the reach of the control examples of how legal entity customers The Control Prong. Commenters also prong by, among other things, including should calculate ownership interests raised a variety of points regarding this within it the concept of ‘‘effective when natural persons have indirect element. control,’’ and proposing a variety of equity interests. As an initial matter, as A few commenters requested that we changes to mandate the identification of described above, we emphasize that narrow or eliminate the control prong, additional natural persons under this

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00015 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29412 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

prong, from all persons who exercise any other entity created in this manner, FinCEN noted in the proposal, it is our executive management and leadership, and general partnerships. (It would also understanding that where trusts are to all senior officials and all those who include similar entities formed under direct customers of financial exercise effective control over a legal the laws of other countries.) It would institutions, financial institutions entity. FinCEN declines to make any of not include, for example, sole generally also identify and verify the these changes to the control prong. proprietorships or unincorporated identity of trustees, because trustees While we recognize that our definition associations even though such will necessarily be signatories on trust does not encapsulate all possible businesses may file with the Secretary accounts (which in turn provides a concepts of control, including effective of State in order to, for example, register ready source of information for law control, we believe that our definition a trade name or establish a tax account. enforcement in the event of an strikes the appropriate balance between This is because neither a sole investigation). Furthermore, under including sufficiently senior leadership proprietorship nor an unincorporated supervisory guidance for banks, ‘‘in positions and practicability. As one of association is an entity with legal certain circumstances involving the proponents of including effective existence separate from the associated revocable trusts, the bank may need to control conceded, effective control can individual or individuals that in effect gather information about the settlor, be ‘‘difficult to determine.’’ We sought creates a shield permitting an individual grantor, trustee, or other persons with in our proposal to provide an easily to obscure his or her identity.54 The the authority to direct the trustee, and administrable definition to facilitate definition of ‘‘legal entity customer’’ who thus have authority or control over collection of this information for both also does not include natural persons the account, in order to establish the legal entities and financial institutions. opening accounts on their own behalf. true identity of the customer.’’ 56 We As to the identification of additional In the final rule, we remove the reiterate our understanding that, natural persons, we believe that the reference to a ‘‘new’’ account to consistent with existing obligations, challenges associated with identifying eliminate redundancies with other financial institutions are already taking and verifying additional natural persons paragraphs of this provision, and a risk-based approach to collecting outweigh any incremental benefit of the because this account status is not a information with respect to various information. relevant characteristic for defining a persons associated with trusts in order Section 1010.230(e) Legal Entity legal entity customer. to know their customer,57 and that we Customer. As proposed, this paragraph expect financial institutions to continue Trusts defined the term ‘‘legal entity customer’’ these practices as part of their overall and delineated a series of exclusions The definition would also not include efforts to safeguard against money from this definition. trusts (other than statutory trusts created laundering and terrorist financing.58 Section 1010.230(e)(1). In the by a filing with a Secretary of State or proposed rule, we to defined ‘‘legal similar office). This is because, unlike ‘‘Account’’ Definition entity customer’’ to mean a corporation, the legal entities that are subject to the FinCEN also notes that a legal entity limited liability company, partnership final rule, a trust is a contractual customer is defined as one that opens an or other similar business entity (whether arrangement between the person who account, but that the NPRM did not formed under the laws of a state or of provides the funds or other assets and define the term ‘‘account.’’ Several the United States or a foreign specifies the terms (i.e., the grantor or commenters requested that FinCEN jurisdiction) that opens a new account. settlor) and the person with control over provide a definition for this term and Many commenters raised questions the assets (i.e., the trustee), for the suggested using the definition from the about what entities and other businesses benefit of those named in the trust deed CIP rules. In order to maintain would be covered and requested that the (i.e., the beneficiaries). Formation of a consistency with the CIP rules, FinCEN proposed definition be clarified, trust does not generally require any is adding to the final rule the definition particularly the meaning of ‘‘other action by the state. As FinCEN noted in of the term ‘‘account’’ that is found in similar business entity.’’ Some the NPRM, identifying a ‘‘beneficial the CIP rules,59 which by its terms commenters urged us to include other owner’’ from among these parties, based excludes an account opened for the business forms, such as unincorporated on the definition in the proposed or purpose of participating in an employee associations and sole proprietorships, final rule, would not be possible. benefit plan established under the within the definition of legal entity FinCEN emphasizes that this does not Employee Retirement Income Security customer. and should not supersede existing Act of 1974. This added provision is not We agree that covered institutions obligations and practices regarding only consistent with CIP but also would benefit from a revised definition trusts generally. The preamble to each of appropriate for the final rule, inasmuch that further clarifies the entities that fall the CIP rules notes that, while financial as accounts established to enable within the definition of ‘‘legal entity institutions are not required to look customer.’’ Thus, for the purposes of the through a trust to its beneficiaries, they 56 Federal Financial Institutions Examination final rule, we state that a legal entity ‘‘may need to take additional steps to Council, Bank Secrecy Act/Anti-Money Laundering customer means a corporation, limited verify the identity of a customer that is Examination Manual 281 (2014) (FFIEC Manual). 57 FinCEN also understands that in order to liability company, or other entity that is not an individual, such as obtaining engage in the business of acting as a trustee, it is created by the filing of a public information about persons with control necessary for a trust company to be Federally- or document with a Secretary of State or over the account.’’ 55 Moreover, as State-chartered. Such entities are subject to BSA similar office, a general partnership, and obligations, which reduces the AML risk of such any similar entity formed under the 54 FinCEN notes that this is consistent with the trusts. 58 Also not covered by the final rule are accounts laws of a foreign jurisdiction, that opens CIP rules, which include as a customer ‘‘an individual who opens a new account for . . . (B) in the name of a deceased individual opened by a an account. This means that ‘‘legal an entity that is not a legal person, such as a civic court-appointed representative of the deceased’s entity customer’’ would include, in club.’’ In such a case, the individual opening the estate. addition to corporations and limited account, rather than the civic club, is the customer. 59 See, e.g., 31 CFR 1020.100(a)(2) (for banks); liability companies, limited See, e.g., 31 CFR 1020.100(c)(1)(ii)(B). 1023.100(a)(2) (for brokers or dealers in securities); 55 See, e.g., ‘‘Customer Identification Programs for 1024.100(a)(2) (for mutual funds); and partnerships, business trusts that are Broker-Dealers,’’ 68 FR at 25116 n.32. (May 9, 1026.100(a)(2) (for futures commission merchants created by a filing with a state office, 2003). or introducing brokers in commodities).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00016 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29413

employees to participate in retirement A person described in § 1020.315(b)(2) securities in periodic filings with the plans established under ERISA are of through (5) of this chapter— SEC, to the extent the information is extremely low money laundering risk. § 1010.230(e)(2)(ii) known to the issuer or can be 65 In this regard, commenters requested This includes the following: ascertained from public filings. In that FinCEN broaden the exemption for • A department or agency of the addition, beneficial owners of the ERISA plans to include other non- United States, of any State, or of any issuer’s securities may be subject to 66 ERISA retirement plans, based on their political subdivision of a State. FinCEN additional reporting requirements. low risk of money laundering, FinCEN has determined that this category is An investment company, as defined in notes that in the case of such non-ERISA appropriate for exclusion because such Section 3 of the Investment Company plans, the customer would generally entities have no equity owners and Act of 1940, that is registered with the either be the trust established to information regarding their management SEC under that Act— maintain the assets, or the employer that is readily available from public sources. § 1010.230(e)(2)(iv) contracts with the financial institution • Any entity established under the An investment adviser, as defined in to establish the account, and not the laws of the United States, of any State, section 202(a)(11) of the Investment underlying participants in or or of any political subdivision of any Advisers Act of 1940, that is beneficiaries of the account.60 State, or under an interstate compact registered with the SEC under that Accordingly, in the case where the between two or more States, that Act—§ 1010.230(e)(2)(v) customer would be the employer and exercises governmental authority on These entities are excluded because such employer is a legal entity, the behalf of the United States or of any registered investment companies and financial institution would be required such State or political subdivision. This registered investment advisers already to obtain the beneficial owners of the category is also appropriate for publicly report beneficial ownership in legal entity employer (unless such exclusion due to the amount of their filings with the SEC.67 employer is otherwise excluded from ownership and management the definition of legal entity customer). information that is publicly available An exchange or clearing agency, as We address other requests for about such entities. defined in section 3 of the Securities exemptions from the beneficial • Any entity (other than a bank) Exchange Act of 1934, that is ownership requirement in the whose common stock or analogous registered under section 6 or 17A of discussion of § 1010.230(h) below. equity interests are listed on the New that Act—§ 1010.230(e)(2)(vi) York, American,61 or NASDAQ stock Any other entity registered with the SEC Paragraph (c) of § 1010.230 of the final exchange. This exclusion is appropriate under the Securities and Exchange rule will accordingly read as set out in because such entities are required to Act of 1934—§ 1010.230(e)(2)(vii) the regulatory text at the end of this publicly disclose the beneficial owners document. These entities are excluded because of five percent or more of each class of the SEC registration process requires Section 1010.230(e)(2). The NPRM the issuer’s voting securities in periodic disclosure and regular updating of proposed ten exclusions from the legal filings with the SEC, to the extent the information about beneficial owners of entity customer definition. The first two information is known to the issuer or those entities, as well as senior categories are also for the most part can be ascertained from public filings.62 management and other control persons. excluded from the requirements of the In addition, beneficial owners of these A registered entity, commodity pool CIP rules. The final rule adopts all of issuers’ securities may be subject to operator, commodity trading advisor, those proposed exclusions, except as additional reporting requirements.63 retail foreign exchange dealer, swap discussed below under the heading, • Any entity organized under the laws dealer, or major swap participant, Charities and Nonprofit Entities. The of the United States or of any State at each as defined in section 1a of the final rule also adds a number of other least 51 percent of whose common stock Commodity Exchange Act, that is exclusions in response to comments. All or analogous equity interests are held by registered with the CFTC— of the exclusions are a result of an a listed entity. Because such § 1010.230(e)(2)(viii) assessment of the risks and subsidiaries of listed entities are determination that beneficial ownership controlled by their parent listed entity, These entities are excluded because information need not be obtained at information regarding control and the CFTC registration process requires account opening, because the management is publicly available. disclosure and regular updating of information is generally available from An issuer of a class of securities information about beneficial owners of other credible sources: registered under section 12 of the those entities, as well as senior A financial institution regulated by a Securities Exchange Act of 1934 or management and other control persons. that is required to file reports under Federal functional regulator or a bank A public accounting firm registered section 15(d) of that Act 64— regulated by a State bank regulator— under section 102 of the Sarbanes- § 1010.230(e)(2)(iii) 1010.230(e)(2)(i) Oxley Act—§ 1010.230(e)(2)(ix) These issuers are excluded because These entities are excluded because they are required to publicly disclose Such firms are those that audit they are subject to Federal or State the beneficial owners of five percent or publicly traded companies and SEC- regulation and information regarding more of each class of the issuer’s voting registered broker-dealers. These firms their beneficial ownership and are required to register with the Public management is available from the 61 Currently called NYSE MKT. Company Accounting Oversight Board relevant Federal or State agencies. 62 See, e.g., Item 12 of Form 10–K and Item 403 of Regulation S–K. 65 See, e.g., Item 12 of Form 10–K and Item 403 63 60 See FinCEN et al., Interagency Interpretive See Securities Exchange Act section 13(d) and of Regulation S–K. Guidance on Customer Identification Program Rules 13d–1 to 13d–102; Securities Exchange Act 66 See Securities Exchange Act section 13(d) and Requirements under Section 326 of the USA § 16(a) and Rules 16a–1 through 16a–13. Rules 13d–1 to 13d–102; Securities Exchange Act PATRIOT Act, FAQs: Final CIP Rule 6 April 28, 64 See Securities Exchange Act section 16(a) and § 16(a) and Rules 16a–1 through 16a–13. 2005, page 6, available at http://www.fincen.gov/ Rules 16a–1 through 16a–13 and Item 403 of 67 See, e.g., Item 17 of Form N–1A and Schedule statutes_regs/guidance/pdf/faqsfinalciprule.pdf. Regulation S–K. A to Part 1A of Form ADV.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00017 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29414 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

(PCAOB), a nonprofit corporation and all insurance companies regulated broker-dealer or adviser with an established by Congress to oversee the by a State of the United States, to those ownership interest of 25 percent or audits of publicly traded companies, insurance companies that own or more. FinCEN understands that in the and are required to file annual and control an SEC registered broker-dealer vast majority of cases, an insurance special reports with the PCAOB. In or SEC registered investment adviser. company that owns or controls a addition, States require public We address these proposals in turn. registered broker-dealer or investment accounting firms to register and to file The commenters who proposed to advisor would also be regulated by a annual reports identifying their exclude all insurance companies subject State. Accordingly, FinCEN believes members (e.g., partners, members, or to an AML program requirement and all that this additional exclusion would be shareholders).68 Such information is State-regulated insurance companies redundant. did not directly proffer a rationale for often available online. A financial market utility designated by Many commenters also urged that the their request. We presume that the the Financial Stability Oversight proposed exclusions from the legal commenters believe that insurance Council under Title VIII of the Dodd- entity customer definition be expanded companies subject to an AML program Frank Wall Street Reform and or clarified in certain respects. These requirement and to State regulation Consumer Protection Act of 2010— include, among others, exclusions for present a lower risk profile, and should § 1010.230(e)(2)(xiii) accounts for employee benefit plans therefore be excluded. As to insurance (addressed above), additional entities companies subject to an AML program One commenter requested that regulated by the United States or States requirement, such status alone does not FinCEN exclude designated financial of the United States, foreign require insurance companies to disclose market utilities from the definition of governments and agencies, foreign beneficial ownership information to legal entity customer, noting that such financial institutions, and nonprofits. their supervisors. Accordingly, an entities are already subject to extensive Commenters also sought clarity on how exclusion on that basis would not be regulation. FinCEN understands that certain types of entities and warranted. With respect to insurance entities designated as financial market relationships should be treated. companies regulated by a State of the utilities by the Financial Stability United States, these companies must Additional Regulated Entities Oversight Council pursuant to Title VIII disclose and regularly update their of the Dodd-Frank Wall Street Reform A bank holding company, as defined in beneficial owners, as well the identities and Consumer Protection Act of 2010 section 2 of the Bank Holding of senior management and other control are subject to extensive supervision and Company Act of 1956 (12 U.S.C. persons. For insurance firms that are a oversight by their Federal functional 1841), or savings and loan holding part of a publicly traded group, such regulators, including the disclosure of company, as defined in section 10(n) disclosures would also be found in beneficial ownership information. of the Home Owners’ Loan Act (12 annual SEC filings. All State-regulated Accordingly, FinCEN believes that it is U.S.C. 1467a(n))—§ 1010.230(e)(2)(x) insurance companies are required to file appropriate to exclude them from the At the suggestion of several an Annual Statement with their State definition. commenters, bank holding companies, regulators, identifying senior which include financial holding management, directors, and trustees. Excluded Foreign Entities companies, have been excluded from Schedule Y of this Statement shows the A foreign financial institution the beneficial ownership requirement in firm’s corporate structure, including established in a jurisdiction where the the final rule because the Federal direct and indirect parents and regulator of such institution Reserve Board maintains beneficial subsidiaries of the insurer. Form B, an maintains beneficial ownership ownership information on all of these annual registration statement filed with information regarding such companies. Savings and loan holding state regulators, shows the executive institution—§ 1010.230(e)(2)(xiv) officers, directors, and controlling companies are excluded for the same Numerous commenters urged FinCEN shareholders of insurance companies. In reason. to broaden the proposed exemptions for the case of mutual insurance companies, A pooled investment vehicle that is regulated financial institutions and which do not issue equity and are operated or advised by a financial publicly traded companies in the United instead owned as a whole by their institution excluded under this States to include their counterparts policyholders, Form B nevertheless paragraph—§ 1010.230(e)(2)(xi) outside of the United States. With shows their executive officers and In response to several commenters regard to regulated foreign financial directors. For these reasons, we believe who noted that beneficial ownership institutions, some commenters noted an exclusion for State-regulated information would be available that in the rules implementing section insurance companies is appropriate, and regarding the operator or adviser of such 312 of the USA PATRIOT Act, even in we have accordingly added to the final pooled vehicles, FinCEN has the case of foreign banks subject to rule an exclusion for an insurance determined that the pooled vehicle enhanced due diligence, a U.S. bank company that is regulated by a State as should also be excluded from this need obtain ownership information only paragraph (e)(2)(xii).69 requirement. if such foreign banks are not publicly Some commenters also sought an 70 An insurance company that is regulated exclusion for insurance companies that traded, and that it would be by a State—§ 1010.230(e)(2)(xii) own or control an SEC registered broker- inconsistent to impose a more A few commenters sought exclusion dealer or SEC registered investment burdensome requirement in the case of of insurance companies from the adviser, noting that their registration correspondent accounts for foreign definition of legal entity customer, with with the SEC results in the disclosure of banks (and arguably other foreign the requested exclusions ranging in all individuals and entities in the financial institutions) that are not scope from all insurance companies indirect chain of ownership of the subject to enhanced due diligence. subject to an AML program requirement FinCEN agrees with this analysis and 69 Because ‘‘State’’ is defined in 31 CFR has broadened the exclusions to the 68 See, e.g., New York State Education Law, 1010.100(vv), we have not included ‘‘of the United Article 149, Section 7408.3. States’’ in the rule text. 70 31 CFR 1010.610(b)(3).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00018 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29415

definition of legal entity customer in the stakes); thus, as in the case of other legal should require those financial final rule to include foreign financial entities lacking such interests, financial institutions to collect beneficial institutions established in jurisdictions institutions would be expected to ownership information of such entities where the regulator of such institution collect beneficial ownership under the control prong only. FinCEN maintains beneficial ownership information under the control prong agrees that, because of the limited utility information regarding such institution. only. and difficulty of collecting beneficial As with other exclusions described Any legal entity only to the extent that ownership information under the above, FinCEN has determined that it is it opens a private banking account ownership prong, in the case of pooled appropriate to exclude these entities, subject to 31 CFR 1010.620— investment vehicles whose operators or because information regarding their § 1010.230(e)(2)(xvi) advisers are not excluded from this beneficial ownership and management definition, such as non-U.S. managed is available from the relevant foreign A number of commenters requested mutual funds, hedge funds, and private regulator. that FinCEN clarify the treatment of equity funds, financial institutions beneficial owners of private banking A non-U.S. governmental department, would be required to collect beneficial accounts for non-U.S. persons that are agency or political subdivision that ownership information under the subject to FinCEN’s private banking engages only in governmental rather control prong only (e.g., an individual account rule,71 than commercial activities— which requires financial with significant responsibility to § 1010.230(e)(2)(xv) institutions maintaining such accounts control, manage, or direct the operator, to ascertain the identity of all beneficial Commenters also requested that adviser, or general partner of the owners of such accounts, but utilizes a vehicle). This treatment of nonexcluded certain departments, agencies, and different definition.72 Because covered political subdivisions of non-U.S. pooled investment vehicles is reflected financial institutions have established a in the final rule in § 1010.230(e)(3)(i). governments, as well as State-owned process for complying with the private enterprises and supranational banking account regulation, FinCEN has Intermediated Account Relationships organizations, should also be exempt determined that it is appropriate to In the NPRM, we proposed that if an from the beneficial ownership exclude such legal entity customers intermediary is the customer, and the requirement. The commenters pointed from the beneficial ownership financial institution has no CIP out that no such customers would have requirement only when they establish obligation with respect to the beneficial owners under the ownership such accounts. intermediary’s underlying clients prong, and any individual identified pursuant to existing guidance, a under the control prong would in most Nonexcluded Pooled Investment Vehicles financial institution should treat the cases not be in the United States, which intermediary, and not the intermediary’s would make verification of identity In the proposal, FinCEN sought underlying clients, as its legal entity more difficult. We agree that certain comment on the approach that it should customer. Thus, existing guidance departments, agencies, and political take towards pooled investment issued jointly by Treasury or FinCEN subdivisions of non-U.S. governments— vehicles that are operated or advised by and any of the Federal functional specifically, those that engage only in financial institutions that are not regulators for broker-dealers, mutual governmental (and not commercial) proposed to be excluded from the funds, and the futures industry related activities—should not fall within the definition of legal entity customer, i.e., to intermediated relationships would definition of legal entity customer, and whether they should also be excluded apply.73 Commenters from the should therefore be excluded from the from this requirement, or, if such securities, mutual fund, and futures requirement. Although this delineation vehicles are not excluded, whether industries strongly supported this between governmental and commercial covered financial institutions should be approach. FinCEN confirms that this activities arises out of well-recognized required to identify beneficial owners of principle will apply in interpreting the principles of sovereign immunity, such vehicles only under the control final rule, as follows: To the extent that FinCEN does not expect front-line prong of the beneficial ownership employees of covered financial definition. We noted that such entities 73 See, e.g., Guidance from the Staffs of the institutions to engage in any type of often have ownership interests that Department of the Treasury and the U.S. Securities legal analysis to determine the fluctuate, and that identifying beneficial and Exchange Commission, Questions and Answers applicability of this exclusion. Rather, owners of these entities based on a Regarding the Mutual Fund Customer Identification Rule, August 11, 2003, available at https:// FinCEN expects covered financial percentage ownership threshold www.sec.gov/divisions/investment/guidance/ institutions to rely upon the accordingly might create unreasonable qamutualfund.htm.; Guidance from the Staffs of the representations of such customers, operational challenges to collect Department of the Treasury and the U.S. Securities absent knowledge to the contrary. information that would only be accurate and Exchange Commission, Question and Answer Regarding the Broker-Dealer Customer Some commenters also requested an for a limited period of time. Identification Program Rule (31 CFR 103.122) exclusion for supranational Some commenters requested that (October 1, 2003), available at http:// organizations. FinCEN is not aware of a FinCEN exclude such pooled www.fincen.gov/statutes_regs/guidance/html/ well-established, widely accepted investment vehicles from the beneficial 20031001.html; Guidance from the Staffs of the Department of the Treasury and the U.S. definition of this term that could serve ownership requirement for several Commodity Futures Trading Commission, to clearly notify such entities of their reasons, including the logistical Frequently Asked Question regarding Customer eligibility to be excluded from this difficulties of maintaining the Identification Programs for Futures Commission requirement. Because of the information and possible limited Merchants and Introducing Brokers (31 CFR 103.123), available at http://www.fincen.gov/ administrative challenges associated duration of the accuracy of the statutes_regs/guidance/html/futures_omnibus_ with determining such eligibility in the information noted above. The account_qa_final.html; FinCEN, Application of the absence of a clear line, FinCEN declines commenters requested that, if such Regulations Requiring Special Due Diligence to include such an exclusion in the final vehicles are not excluded, then FinCEN Programs for Certain Foreign Accounts to the Securities and Futures Industries, FIN–2006–G009 rule. We recognize that many such (May 10, 2006), available at http://www.fincen.gov/ organizations would generally lack 71 31 CFR 1010.620. statutes_regs/guidance/html/312securities_futures_ equity interests (and accordingly, equity 72 31 CFR 1010.605(a). guidance.html.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00019 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29416 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

existing guidance provides that, for receipts.75 For these reasons, FinCEN FinCEN has considered the comments purposes of the CIP rules, a financial believes that attorney escrow and client addressing this proposed exclusion and institution shall treat an intermediary trust accounts should be treated like agrees that as proposed the exclusion (and not the intermediary’s customers) other intermediated accounts described would in many cases be difficult to as its customer, the financial institution above, and we accordingly deem such administer. Rather than limiting its should treat the intermediary as its escrow accounts intermediated accounts treatment of this category to entities that customer for purposes of this final rule. for purposes of the beneficial ownership are exempt from Federal tax and FinCEN also confirms that other requirement. requiring proof of such exemption, FinCEN has determined that it would be guidance issued jointly by FinCEN and Charities and Nonprofit Entities one or more Federal functional simpler, as well as more efficient and In the NPRM, we proposed an regulators relating to the application of more logical, to exclude all nonprofit exclusion from the definition of ‘‘legal the CIP rule will apply to this final rule, entities (whether or not tax-exempt) entity customer’’ for charities and from the ownership prong of the to the extent relevant.74 nonprofit entities that are described in requirement, particularly considering One commenter representing the legal sections 501(c), 527, or 4947(a)(1) of the the fact that nonprofit entities do not profession requested that escrow Internal Revenue Code of 1986, which have ownership interests, and require accounts established by lawyers to keep have not been denied tax exempt status, only that they identify an individual their clients’ funds in trust be given the and which are required to and have with significant responsibility to same treatment, due to lawyers’ filed the most recently due annual control, manage, or direct the customer. professional obligations to maintain information return with the Internal Accordingly, the final rule eliminates client confidentiality under State law Revenue Service. this proposed exclusion and instead and codes of professional conduct. This Commenters raised a number of issues includes as a type of legal entity commenter proposed that in the case of with this proposed exemption. These customer, subject only to the control such accounts, only the lawyers and law include the fact that, in order to qualify prong of the beneficial owner definition, firms establishing these accounts would for the exemption, the financial any legal entity that is established as a be deemed legal entity customers from institution would effectively need to nonprofit corporation or similar entity verify each of the following: which beneficial ownership information and has filed its organizational 1. That the customer qualifies for an would be collected. FinCEN documents with the appropriate State exemption under one of the three listed authority as necessary. understands that many attorneys sections of the Internal Revenue Code, maintain client trust or escrow accounts For purposes of this provision, a which would likely require that the nonprofit corporation or similar entity containing funds from multiple clients financial institution review the entity’s and other third parties in a single would include, among others, IRS documentation; charitable, nonprofit, not-for-profit, account. Funds flow in and out of these 2. That the exemption has not been accounts during the normal course of nonstock, public benefit or similar revoked; corporations. Such an organization business, and while these movements 3. That the entity is required to file an could establish that it is a qualifying may not be as frequent as those found annual information return; and entity by providing a certified copy of in, for example, pooled accounts in the 4. That the entity has in fact filed its certificate of incorporation or a securities and futures industries, they such return. certificate of good standing from the nevertheless create significant Commenters expressed concerns that appropriate State authority, which may operational challenges to collecting this these steps to verify a charitable already be required for a legal entity to information with reference to the organization’s eligibility for the open an account with a financial exemption would be unduly relevant clients and third parties. As in institution under its CIP.76 FinCEN also burdensome and difficult for frontline the case of nonexcluded pooled believes that identifying and verifying staff to administer. Several commenters investment vehicles, FinCEN believes an individual under the control prong is asked whether the financial institution that it would be unreasonable to impose not an onerous requirement, and could utilize the IRS’s search tool that such collection obligations for understands from its outreach that in enables taxpayers to confirm the tax information that would likely be the cases of many nonprofits such an exempt status of organizations, ‘‘EO accurate only for a limited period of individual is already identified to the Select Check,’’ in order to verify the time. FinCEN also understands that financial institution as a signatory. necessary information; others noted State bar associations impose extensive FinCEN also notes that as a general that, while this Web site confirms the recordkeeping requirements upon matter, small local community tax exempt status of organizations, it attorneys with respect to such accounts, organizations, such as Scout Troops and does not confirm that the organization generally including, among other things, youth sports leagues, are has filed its most recently due return. records tracking each deposit and unincorporated associations rather than Moreover, up-to-date information, withdrawal, including the source of legal entities and therefore not subject to particularly regarding a recently formed funds, recipient of funds, and purpose the beneficial ownership requirement. organization, may not be available. of payment; copies of statements to Commenters noted further that, unless Other Proposed Exclusions clients or other persons showing these issues can be addressed in a way A few commenters requested that we disbursements to them or on their that would facilitate the use of the expand the list of exclusions to include behalf; and bank statements and deposit exclusion, it would in many cases be all types of entities currently exempt simpler to ignore the exclusion and 74 from CTR reporting requirements. See, e.g., FinCEN, Application of the Customer obtain the beneficial ownership Although some of the exclusions to the Identification Program Rule to Future Commission information. Merchants Operating as Executing and Clearing definition of legal entity customer Brokers in Give-Up Arrangements, FIN–2007–G001 correspond to entities exempt from CTR (April 20, 2007), available at http:// 75 See, e.g., 22 N.Y.C.R.R. Part 1200, Rule 1.15; www.fincen.gov/statutes_regs/guidance/html/cftc_ California State Bar Rule of Professional Conduct 4– fincen_guidance.html; ‘‘FAQs: Final CIP Rule’’. 100. 76 See, e.g., 31 CFR 1020.220(a)(2)(ii)(A)(2).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00020 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29417

reporting requirements,77 we decline to AML regulatory structure across the mid-size business customers, including extend these exclusions to include all of financial system. commercial private label and co- the CTR exemptions. The CTR and A few commenters requested that branded credit cards and installment beneficial ownership requirements serve FinCEN exclude smaller financial loans, from the scope of coverage of the different purposes, and the principal institutions from the scope of coverage, beneficial ownership requirement. This underlying justification for many of the contending principally that such commenter noted that such accounts CTR exemptions—that the requirement institutions generally presented a lower presented a lower risk of money is not feasible or appropriate for cash- risk profile and that implementation of laundering due in large part to intensive low-risk businesses—does not the beneficial ownership requirement limitations on the use of those cards apply here. FinCEN has considered all would be unduly burdensome. We inherent in these customer the CTR exemptions and has included decline to categorically exclude smaller relationships. For example, because those that are logical in the context of institutions from the definition of private label credit cards can be used the beneficial ownership requirement, covered financial institution. As we only to purchase goods or services at the for the reasons articulated above. have noted, both in the proposal and specified retailer at which they are Some commenters also requested that above, one of the animating purposes of issued, they would not be an attractive FinCEN exclude other ‘‘low-risk’’ this rulemaking is to promote clear and vehicle to launder illicit proceeds. That entities from the definition of legal consistent expectations across and these accounts can only be used for entity customer. We have considered all within financial sectors, in order to domestic transactions, and generally commenters’ requests for exclusions to promote a more level playing field when have lower credit limits, are additional the definition and have incorporated it comes to AML/CFT compliance. factors that mitigate the risk of these only those that we have determined are Uniform application of the beneficial accounts. FinCEN has learned that legal appropriate in this context. ownership requirement would prevent entities without an established and Section 1010.230(f) Covered Financial the ‘‘competitive disadvantage’’ (cited verifiable credit history that seek such Institution. As proposed, this paragraph by one commenter seeking this accounts are generally required to defined covered financial institution exclusion) that would result if provide a personal guarantee by a through incorporation by reference of prospective customers were not natural person whose identity and credit history are verified. We agree that the definition set forth in required ‘‘to complete the same form at these characteristics and limitations § 1010.605(e)(1), thereby subjecting to . . . competitor financial institutions.’’ associated with private label credit card this requirement those financial And even though some smaller accounts that are used exclusively institutions already covered by CIP institutions might be lower risk, size within issuing retailers’ networks, requirements. FinCEN noted in the alone should not be a determinative significantly decrease these accounts’ proposal that it viewed the exercise of factor for a risk assessment, making it an susceptibility to abuse by money its discretion to limit the initial inappropriate basis for a categorical launderers and terrorist financers. Thus, application of this requirement to these exclusion. Indeed, a blanket size-based covered financial institutions are institutions as appropriate, because it is exclusion would provide a clear exempt from the beneficial ownership logical to minimize disruption and roadmap for illicit actors seeking an easy entry point into the financial requirement with respect to private burden to the extent possible by label credit card accounts to the limited commencing implementation with system. Finally, FinCEN appreciates the concerns raised about the burden of extent that they are established at the institutions already equipped to point-of-sale to obtain credit products, leverage CIP procedures. implementation expressed by commenters and, as described at length including commercial private label There were no significant objections above, has made numerous changes to credit cards, solely for the purchase of to limiting the scope of this requirement the proposal to reduce the burden upon retail goods and/or services at the in this manner, and we are accordingly financial institutions. We reiterate that, issuing retailer and have a credit limit adopting this definition as proposed. as with CIP, financial institutions are of no more than $50,000. We note generally that FinCEN received expected to implement procedures for In contrast, credit cards that are co- comments from institutions not subject collecting beneficial ownership branded with major credit card to CIP (nor therefore to the proposal), information ‘‘appropriate for [their] size associations do not possess the same urging us to engage in dialogue before and type of business.’’ 78 limitations and characteristics that determining whether to expand the Section 1010.230(g) New account. See would protect them from abuse. For beneficial ownership and CDD discussion above under ‘‘Identification example, co-branded credit cards can be requirements to their industries. and Verification.’’ used at any outlet or ATM that accepts FinCEN agrees that thoughtful Section 1010.230(h) Exemptions. In those associations’ cards. FinCEN engagement with all stakeholders is an the final rule, this paragraph exempts therefore believes that covered financial essential component of the rulemaking covered financial institutions from the institutions should obtain and verify process, and will continue to engage in beneficial ownership requirement with beneficial ownership information with outreach to inform our policy decisions respect to opening accounts for legal respect to opening accounts for legal and any future rulemakings. As we entity customers for certain specific entities involving such co-branded noted in the proposal, comments and activities and within certain limitations cards. discussions with these institutions for the reasons described below. during the course of this rulemaking Additional Exemptions have led us to believe that extending Private Label Retail Credit Accounts During the comment period to the CDD requirements in the future to these, Established at the Point-of-Sale RIA, several commenters sought to and potentially other types of financial One commenter requested that exempt certain limited purpose institutions, may ultimately promote a FinCEN exempt point-of-sale retail activities from the scope of the more consistent, reliable, and effective credit accounts provided to small to beneficial ownership requirement, principally on the grounds that such 77 See 31 CFR 1010.230(e)(2)(i), which includes 78 31 CFR 1020.220(a)(1); 31 CFR 1023.220(a)(1); accounts had an extremely low risk certain persons exempt from CTR reporting. 31 CFR 1024.220(a)(1); 31 CFR 1026.220(a)(1). profile for money laundering because of

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00021 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29418 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

inherent structural limitations to the insurance premiums and for which requirement has been drafted to give accounts and the purposes for which payments are remitted directly by the covered financial institutions flexibility such accounts are established. financial institution to the insurance in implementing this provision. provider or broker. Although this limitation applies broadly Accounts Established for the Purchase to accounts where there is the and Financing of Postage Accounts To Finance the Purchase or possibility of a refund, as a practical Lease of Equipment One such commenter was a limited matter, beneficial ownership purpose banking entity whose primary One commenter representing a bank information must only be collected business is to facilitate the purchase and that primarily provides financial when such a refund actually occurs. financing of postage. This commenter products for small business equipment Thus, covered financial institutions that noted that all the accounts at its leasing sought to exclude this activity offer such products do not have to institution exist solely for small from the beneficial ownership change their onboarding systems, and businesses, governments, and nonprofit requirement with the same basic FinCEN believes that in most cases, they organizations to prepay postage and rationale put forth by the commenters will not have to collect this information. earn interest (in the form of additional representing the commercial insurance Section 1010.230(i) Recordkeeping. In postage), or to finance postage through premium finance industry. Because the NPRM, we proposed a an unsecured revolving line of credit. FinCEN understands that these financial recordkeeping requirement identical to Clients of this institution cannot use products have similar structural the requirement for CIP, in order to these accounts to purchase characteristics that limit their utility as leverage existing standards and merchandise, deposit or withdraw cash, vehicles for money laundering, covered processes to facilitate financial write checks, or transfer funds. FinCEN financial institutions are exempt from institutions’ implementation of this agrees that these types of accounts the beneficial ownership requirement requirement. Thus, under the proposal, present a low risk of money laundering, with respect to accounts solely used to a financial institution must have both because of the purpose for which finance the purchase or leasing of procedures for maintaining a record of such accounts are established, as well as equipment and for which payments are all information obtained in connection the characteristics of these accounts remitted directly by the financial with identifying and verifying beneficial described above. Accordingly, covered institution to the vendor or lessor of this owners, including retention of the financial institutions are exempt from equipment. Certification Form and a record of any the beneficial ownership requirement Section 1010.230(h)(2) Limitations on other related identifying information with respect to accounts solely used to Exemptions. These three exemptions are reviewed or collected, for a period of finance the purchase of postage and for subject to further limitations to mitigate five years after the date the account is which payments are remitted directly by the remaining limited money laundering closed. Furthermore, we proposed that a the financial institution to the provider risks associated with them, as follows: financial institution must also retain • of the postage products. The exemptions identified in records for a period of five years after paragraphs (h)(1)(ii) through (iv) do not such record is made, including a Commercial Accounts To Finance apply to transaction accounts through Insurance Premiums description of every document relied on which a legal entity customer can make for verification, any non-documentary Several commenters representing the payments to, or receive payments from, methods and results of measures commercial insurance premium finance third parties. undertaken for verification, as well as • industry submitted a joint letter If there is the possibility of a cash the resolution of any substantive outlining the expected impact of the refund on the account activity identified discrepancies discovered in verifying beneficial ownership requirement on in paragraphs (h)(1)(ii) through (iv), the identification information. their industry, and the structural then beneficial ownership of the legal Because collection of the Certification characteristics of these financial entity customer must be identified and Form is no longer a requirement, we are products that make them a low risk of verified by the financial institution as making a corresponding change to the money laundering. They noted that required by this section, either at the recordkeeping requirement for the final borrowers seeking funds to finance time of initial remittance, or at the time rule. Section 1010.230(i)(1)(i) now states premiums for property and casualty such refund occurs. that at a minimum, the record must insurance do not receive these proceeds The first limitation reflects the include, for identification, any directly; instead, the funds are remitted additional structural limitation identifying information obtained by the directly to an insurance company, either described in our discussion of these covered financial institution pursuant to directly or through an insurance agent account types that makes them a low paragraph (b), including without or broker. As with the limited purpose risk of money laundering, and therefore limitation the certification (if obtained). postage accounts described above, a necessary characteristic to qualify for Most commenters who addressed this customers of premium finance these exclusions. The second limitation issue agreed with FinCEN’s decision to companies cannot use these accounts to serves to mitigate the principal money have recordkeeping requirements purchase merchandise, deposit or laundering vulnerability in some of identical to CIP. However, two withdraw cash, write checks, or transfer these accounts—to wit, the possibility of commenters who submitted largely funds. FinCEN agrees that these types of a cash refund—by requiring the identical letters objected to this accounts present a low risk of money identification and verification of approach, asserting that the CIP laundering, both because of the purpose beneficial ownership information when recordkeeping requirements did not for which such accounts are established, the initial remittance is made or when make sense in the context of beneficial as well as the characteristics of these a refund actually occurs. Based upon ownership information because such accounts that make them a poor vehicle the submissions from commenters, as information would likely change for money laundering. For these well as subsequent inquiry into these regularly for some legal entity reasons, covered financial institutions financial products, FinCEN understands customers, resulting in the are exempt from the beneficial that most of these exempted accounts accumulation of multiple iterations of ownership requirement with respect to would not be affected by such the Certification Form, all of which accounts solely used to finance limitation. Furthermore, this would have to be retained. Despite this

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00022 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29419

concern, we decline to alter the supporting the need for such Paragraphs (b)(1) through (4) correspond recordkeeping requirement. First, clarification, we have found no reason to the minimum statutory elements of because the Certification Form is no to provide any clarification addressing section 5318(h)(1), while proposed longer mandatory, financial institutions this issue. paragraph (b)(5) set forth the remaining not using it will not have to retain Another commenter requested that elements of CDD by requiring multiple Certification Forms, but will FinCEN amend the reliance provision to appropriate risk-based procedures for instead have flexibility to record any enable covered financial institutions to conducting ongoing customer due changes of beneficial ownership employ the services of non-financial diligence including, but not limited to, information in a manner that works best institution third parties as beneficial (i) understanding the nature and for their institution. And we believe the ownership pre-check service providers, purpose of customer relationships for benefit from leveraging existing to conduct beneficial ownership due the purpose of developing a customer procedures far outweighs any benefit diligence. This commenter contended risk profile, and (ii) conducting ongoing that might arise from a shorter that amending the proposal in this way monitoring to maintain and update recordkeeping standard, because might facilitate compliance by customer information and to identify creating a separate standard for permitting third parties specializing in and report suspicious transactions. We beneficial ownership information would beneficial ownership due diligence to described our understanding that these likely require new processes and fulfill the requirements of this section at third and fourth elements of CDD were necessitate training for employees, as scale, expediting legal entities’ ability to necessary and critical steps required to well as require line employees to open accounts. Thus, the commenter comply with the existing requirement consistently apply different standards proposed adding clauses to the reliance under the BSA to identify and report for beneficial ownership and CIP provision permitting such reliance on suspicious transactions. Thus, expressly information. these third parties if the reliance is incorporating the third and fourth Section 1010.230(j) Reliance on reasonable; the third party is voluntarily elements of CDD into the AML program Another Financial Institution. In the subject to a rule implementing 31 U.S.C. rules would serve to harmonize these NPRM, we proposed that financial 5318(h) and certified by Treasury or elements with existing AML obligations. institutions could rely on the FinCEN; and the third party certifies to Because the proposal sought only to performance by another financial the financial institution that it has clarify and explicitly state existing institution of the requirements of this implemented an AML program and that expectations and requirements, we section under the same conditions as set it will perform the requirements of emphasized that the proposal was not forth in the applicable CIP rules. section 1010.230. FinCEN declines to intended to lower, reduce, or limit the Commenters raised a few points make these changes. Currently, FinCEN due diligence expectations of the regarding the reliance provision as does not have an appropriate Federal functional regulators or limit proposed. A few requested that we mechanism to permit a third party to their existing regulatory discretion, nor lower the standard for reliance below voluntarily subject itself to an AML to create any new obligations. that articulated in the applicable CIP program requirement, nor to assess and With respect to the third element, rules, by permitting reliance without a certify that party’s compliance. We thus understanding the nature and purpose contract and annual certification, and believe that it would make more sense of customer relationships for the extending the reliance provisions to to postpone any consideration of this purpose of developing a customer risk regulated money services businesses approach until after FinCEN and the profile, we elaborated upon our and foreign affiliates of covered covered financial institutions have understanding of the manner in which financial institutions subject to a global gained experience and understanding current expectations satisfied this standard at least as rigorous as U.S. CIP from implementing section 1010.230. proposed requirement. We observed that and CDD standards. We decline to make Section 1020.210 Anti-money under the existing requirement for any of these proposed changes to the laundering program requirements for financial institutions to report reliance provision at this time. FinCEN financial institutions regulated only by suspicious activity, they must file SARs believes that there is significant value to a Federal functional regulator, including on a transaction that, among other financial institutions in terms of banks, savings associations, and credit things, has ‘‘no business or apparent account management in having uniform unions. In the NPRM, we proposed to lawful purpose or is not the sort in standards to the greatest extent possible, amend FinCEN’s existing AML program which the particular customer would and that having different reliance rules to expressly incorporate both the normally be expected to engage.’’ 80 standards for CIP and for beneficial minimum statutory elements of an AML Banks specifically are expected to ownership information might cause program prescribed by 31 U.S.C. ‘‘obtain information at account opening confusion and negatively impact 5318(h)(1), as well as the elements of sufficient to develop an understanding compliance. Thus, to the extent that we the minimum standard of CDD that are of normal and expected activity for the would make any of the proposed not otherwise already accounted for in customer’s occupation or business changes to the reliance provision, we either the existing AML regulatory operations.’’ 81 In short, to understand believe it would be important to make scheme (i.e., CIP) or in the proposed the types of transactions in which a the same changes concurrently to the 79 beneficial ownership requirement. particular customer would normally be applicable CIP provisions, which would expected to engage necessarily requires require joint rulemaking. 79 In the proposal, we described these elements, an understanding of the nature and One commenter requested that which we believe to be fundamental to an effective FinCEN clarify reliance responsibilities AML program, as follows: (i) Identifying and purpose of the customer relationship, verifying the identity of customers; (ii) identifying which informs the baseline against in the drafting of selling, clearing, or and verifying the identity of beneficial owners of counterparty agreements, without which aberrant, suspicious transactions legal entity customers (i.e., the natural persons who are identified. It was this fundamental further elaboration upon the type of own or control legal entities); (iii) understanding clarification sought or the need for such the nature and purpose of customer relationships; and (iv) conducting ongoing monitoring to maintain 80 31 CFR 1020.320(a)(2)(iii); see also 31 CFR clarification. We have considered this and update customer information and to identify 1023.320(a)(2)(iii), 1024.320(a)(2)(iii), and request, and in the absence of any and report suspicious transactions. See 79 FR at 1026.320(a)(2)(iii). specific and persuasive arguments 45152. 81 FFIEC Manual at 57.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00023 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29420 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

expectation that FinCEN sought to amendments to the program rules. A length above and below, FinCEN views encapsulate in its articulation of the few commenters expressed general the fifth pillar as nothing more than an third element. Moreover, as FinCEN approval of this approach but sought explicit codification of existing stated in the proposal, in some clarification of its application, while expectations; as these expectations circumstances an understanding of the other commenters opposed the should already be taken into account in nature and purpose of a customer codification of existing regulatory a bank’s internal controls, FinCEN relationship can also be developed by expectations, questioning the need to do would expect the confusion caused by inherent or self-evident information so in light of current regulatory this codification, if any, to be minimal. about the product or customer type, expectations. Some commenters raised Furthermore, FinCEN believes that, in such as the type of customer, the type concerns about FinCEN’s articulation of order to bring uniformity and of account opened, or the service or the ongoing monitoring requirement, consistency across sectors, it is product offered, or other basic contending that the element as proposed important that these due diligence information about the customer, and imposed an obligation to continuously elements be made explicit, and that they such information may be sufficient to update customer information. We be part of the AML program of understand the nature and purpose of address these comments and provide depository institutions (as well as of the the relationship. We further noted that, additional clarification for banks below. other covered financial institutions). We depending on the facts and A few commenters challenged believe that harmonizing these circumstances, other relevant facts FinCEN’s statutory authority to amend requirements across financial sectors could include basic information about the AML program rules in this fashion. will strengthen the system as a whole, the customer, such as annual income, They argued principally that FinCEN’s by further limiting opportunities for net worth, domicile, or principal actions exceeded the scope of its inconsistent application of unclear or occupation or business, as well as, in statutory authority because it proposed unexpressed expectations. The same the case of longstanding customers, the to incorporate into the regulations commenter also asserted that imposing customer’s history of activity. implementing the AML program, this requirement unilaterally ‘‘places Regarding the fourth element, elements not found in the authorizing FinCEN at odds with the prudential conducting ongoing monitoring to statute, 31 U.S.C. 5318(h). This regulators.’’ However, FinCEN notes maintain and update customer argument is not supported by a plain that the proposed CDD rule as well as information and to identify and report reading of the statutory text. Section this final rule, were issued after suspicious transactions, we noted our 5318(h)(1) provides in relevant part that consultation with the staffs of the understanding that, as with the third ‘‘each financial institution shall prudential regulators. element, current industry practice to establish anti-money laundering Most bank commenters did not raise comply with existing expectations for programs, including, at a minimum— objections to the concept of a customer SAR reporting should already satisfy [the four statutory pillars]. . . .’’ risk profile. The banks that commented this proposed requirement. Banks are (emphasis added). And section on this issue noted generally that they expected to have in place internal 5318(h)(2) further provides that ‘‘[t]he understood the concept as it applied to controls to ‘‘provide sufficient controls Secretary of the Treasury, after their industry. One commenter subject and monitoring systems for timely consultation with the appropriate to AML requirements for banks, broker- detection and reporting of suspicious Federal functional regulator . . . may dealers, mutual funds, and insurance activity.’’ 82 In short, the proposal prescribe minimum standards for companies raised concerns that the served to codify existing supervisory programs established under paragraph concept of a customer risk profile and regulatory expectations for banks as (1). . . .’’ The first clause by its terms implicated personal privacy interests explicit requirements within FinCEN’s does not limit an AML program and that information about personal AML program requirement in order to exclusively to the four enumerated attributes of customers could be used for make clear that the minimum standards statutory elements, and the statutory inappropriate profiling. We reiterate of CDD, as articulated, include ongoing scheme clearly vests the Secretary 83 here that for banks, the term ‘‘customer monitoring of all transactions by, at, or with discretion to adapt the AML risk profile’’ is used to refer to the through the financial institution. As program to changing circumstances as information gathered about a customer proposed, the obligation to update warranted after consultation with the to develop the baseline against which customer information as a result of Federal functional regulators. FinCEN’s customer activity is assessed for monitoring would generally only be actions today fall squarely within the suspicious transaction reporting. As triggered when the financial institution scope of its statutory delegation of such, we would not expect there to be becomes aware of information about the authority from the Secretary and the any significant changes to current customer in the course of normal plain language of Section 5318(h)(1). practice that is consistent with existing monitoring relevant to assessing the risk One commenter asserted that the expectations and requirements, and posed by a customer; it was not creation of this new ‘‘fifth pillar’’ certainly not in the form of intended to impose a categorical separate from the other elements of CDD inappropriate profiling. requirement to update customer that are already incorporated into the A few commenters raised objections information on a continuous or ongoing ‘‘internal controls’’ pillar, could to the ongoing monitoring element in basis using the Certification Form in complicate how existing internal the proposal, contending that, as Appendix A or by another means. controls are identified and managed, articulated, it was inconsistent with Commenters raised a number of possibly requiring the revision of current requirements or expectations points about FinCEN’s proposal to existing systems and programs, regarding the monitoring of customers expressly incorporate the third and including training and audit functions, and transactions and appeared to fourth elements of CDD as a ‘‘fifth thereby needlessly consuming banks’ impose a new requirement to monitor, pillar’’ into the AML program rules. AML resources. As described at greater maintain, and update customer Some questioned whether FinCEN had information on a continuous basis. the statutory authority to adopt these 83 As noted above, the Secretary has delegated to Commenters also requested that FinCEN the Director of FinCEN the authority to implement clarify the relationship between ongoing 82 Id. at 29–30. the BSA and associated regulations. monitoring and updating beneficial

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00024 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29421

ownership information, asserting that monitoring that the beneficial owner of about a possible change in beneficial the expectation articulated in the a legal entity customer may have ownership, and we are therefore proposal that financial institutions changed, it should identify the unwilling to categorically foreclose this should update beneficial ownership beneficial owner of such customer. For avenue of inquiry. However, there is no information in connection with ongoing example, we can envision a situation expectation that a financial institution monitoring was unclear. As we noted in where an unexpected transfer of all of obtain updated beneficial ownership the proposal and above, the purpose of the funds in a legal entity’s account to information from its customers on a articulating the requirement regarding a previously unknown individual would regular basis, whether by using the updating customer information was to trigger an investigation in which the Certification Form in Appendix A or by codify existing practice relating to bank learns that the funds transfer was any other means. ongoing monitoring, and not to impose directly related to a change in the This commenter also expressed a new categorical requirement to beneficial ownership of the legal concern about subjecting all account continuously update customer entity.84 FinCEN emphasizes that the relationships to the requirement to information. However, we agree with obligation to update customer monitor to identify and report the commenters that this element as information pursuant to this provision, suspicious transactions, contending that presented in the proposal could be including beneficial ownership this implied a uniform requirement for construed in this fashion. Thus, the information, is triggered only when, in monitoring transactions that was final rule amends the ongoing the course of its normal monitoring, the inconsistent with the risk-based monitoring prong to state that ongoing financial institution detects information approach. Therefore, the commenter monitoring is conducted to identify and relevant to assessing the risk posed by requested that FinCEN expressly report suspicious transactions and, on a the customer; it is not intended to articulate that ongoing monitoring be risk basis, to maintain and update impose a categorical requirement to conducted pursuant to the risk-based customer information. For these update customer or beneficial approach. We clarify first that our purposes, customer information shall ownership information on a continuous expectation that all accounts be subject include information regarding the or ongoing basis. to ongoing monitoring does not mean beneficial owners of legal entity One commenter asserted that it would that we expect all accounts to be subject customers (as defined in § 1010.230). be difficult to conceive of a scenario to a uniform level of scrutiny. Rather, where the ongoing monitoring of we fully expect financial institutions to We believe that this change to the transactions would provide information apply the risk-based approach in ongoing monitoring clause better to a financial institution indicating a determining the level of monitoring to encapsulates current practice in the potential change in beneficial which each account will be subjected. AML/CFT area, and therefore, the ownership. Accordingly, the commenter Thus, consistent with current practice, nature of the obligation—that is, suggested that we link the expectation we would expect the level of monitoring financial institutions are presently to update beneficial ownership to vary across accounts based on the expected to conduct a monitoring- information only to monitoring of the financial institution’s assessment of the triggered update of customer customer relationship. We generally risk associated with the customer and information when they detect agree with the notion that it is unlikely the account. We also noted that all information during the course of their that transaction monitoring will uncover account relationships would be subject normal monitoring relevant to assessing information suggestive of a change of to this requirement merely to reflect the or reevaluating the risk of a customer beneficial ownership, because such fact that all accounts must necessarily relationship. Such information could monitoring generally does not tend to be monitored in some form in order to include, e.g., a significant and provide insight into the transfer of comply with existing SAR requirements, unexplained change in customer ownership or operational control. and not only those subject to the CIP activity. It could also include Nevertheless, we do not believe that a rule. information indicating a possible categorical exclusion of beneficial Section 1023.210 Anti-money change in beneficial ownership, when ownership information from this laundering program requirements for such change might be relevant to element would be appropriate. First, brokers or dealers in securities. The assessing the risk posed by the FinCEN believes that the revision of the structural changes to this section, as customer. In any such event, it is ongoing monitoring element for the final well as the rationale for these appropriate to update the customer rule as described above largely amendments, are identical to those information accordingly. As we noted in addresses this concern—as we have articulated for banks above.85 the proposal, including the ongoing noted repeatedly, our requirement is As in the case of banks described monitoring element in the AML consistent with current practice, and we above, FinCEN emphasizes that the program rules serves to reflect existing expect monitoring-triggered updating of incorporation of these elements is practices to satisfy SAR reporting beneficial ownership information (as obligations. Although the beneficial 85 with other customer information) only As we noted in the proposal, FinCEN’s current ownership information collection AML program rule for broker-dealers differs from to occur on a risk basis when material requirement was not in place at the time the current program rule issued by FINRA, information about a change in beneficial of the proposal, this information may be principally because FINRA has included as a pillar ownership is uncovered during the within its AML program rule a requirement with relevant in assessing the risk posed by course of a bank’s normal monitoring respect to suspicious activity reporting. This the customer and in assessing whether integrated treatment of the SAR requirement also (whether of the customer relationship or a transaction is suspicious. Moreover, differs from the practice of the other financial of transactions). As noted in the FinCEN believes it is also consistent sectors covered by this rulemaking. We reiterate preceding paragraph, there may be that FinCEN is not proposing to incorporate, as that this updating requirement should unusual cases where transaction FINRA has done, a SAR reporting requirement as apply not only to customers with new a separate pillar within the AML program rules, as monitoring might lead to information accounts, but also to customers with the existing stand-alone SAR obligation within FinCEN’s regulations is sufficient. However, the accounts existing on the Applicability 84 The same changes are being made to the decision to not include a SAR requirement within Date. That is, should the financial ongoing monitoring provisions of the AML program the program rules is not meant to affect its institution learn as a result of its normal rules for the other covered financial institutions. treatment in any way within the FINRA rule.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00025 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29422 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

intended to explicitly articulate current determining whether a given transaction with banks, we do not expect the practices consistent with existing is one which would be expected from a customer risk profile to necessarily be regulatory and supervisory expectations. particular customer. It is these types of integrated into existing monitoring Thus, understanding the nature and current practices that FinCEN sought to systems to serve as the baseline for purpose of customer relationships encapsulate in its articulation of the identifying and assessing suspicious encapsulates practices already generally third element. transactions on a contemporaneous undertaken by securities firms to know Regarding the fourth element as basis. Rather, we expect broker-dealers and understand their customers. In the proposed in the NPRM, conducting to utilize the customer risk profile as proposal, we observed that under the ongoing monitoring to maintain and necessary or appropriate during the existing requirement for financial update customer information and to course of complying with their SAR institutions to report suspicious activity, identify and report suspicious requirements—as we understand is they must file SARs on a transaction transactions, we noted our consistent with the general current that, among other things, has no understanding and expectation that, as practice—in order to determine whether business or apparent lawful purpose or with the third element, current industry a particular transaction is suspicious. is not the sort in which the particular practice for SAR reporting should On a related note, commenters also customer would normally be expected already satisfy this proposed requested that FinCEN clarify the to engage.86 To understand the types of requirement. In short, the proposal was manner in which understanding the transactions in which a particular intended to codify existing supervisory nature and purpose of customer customer would normally be expected and regulatory expectations as explicit relationships would apply to broker- to engage necessarily requires an requirements within FinCEN’s AML dealers, particularly with respect to how understanding of the nature and program requirement, in order to make such information would relate to purpose of the customer relationship, clear that the minimum standards of existing transaction monitoring which informs the baseline against CDD, as articulated, include ongoing practices. They claimed that most which aberrant, suspicious transactions monitoring of all transactions by, at, or existing monitoring systems in the are identified. As described at greater through the financial institution. securities industry identify typologies of length below, however, we understand Securities industry commenters raised suspicious activity, such as market that this type of assessment may not a number of concerns about the manipulation or money movements, in necessarily be contemporaneous. proposed fifth pillar as it would apply a manner that does not depend on a For example, as a part of their due to their industry. A few commenters concurrent understanding of the diligence at account opening, broker- sought clarification of the concept of a customer to trigger an alert. dealers are expected to, inter alia, customer risk profile, as well as of how Accordingly, commenters stated that the nature and purpose of customer ‘‘inquire about the source of the because such customer information is relationships were to be understood for customer’s assets and income so that the not always necessary for the initial customers of broker-dealers. firm can determine if the inflow and recognition of suspicious activity, it is Commenters also requested that FinCEN outflow of money and securities is generally not integrated into these clarify the extent of the ongoing consistent with the customer’s financial monitoring systems. Thus, one monitoring requirement for the status,’’ as well as ‘‘gain an commenter asked FinCEN to clarify that securities industry. understanding of what the customer’s nature and purpose information would Commenters asked that FinCEN not be required for use in transaction likely trading patterns will be, so that clarify or define what constitutes a monitoring. any deviations from the patterns can be customer risk profile, noting that the 87 We note that understanding the detected later on, if they occur.’’ And term is not commonly used in the nature and purpose of customer as FinCEN stated in the proposal, in securities industry. One commenter relationships does not necessarily some circumstances an understanding noted that while some securities firms require broker-dealers to integrate of the nature and purpose of a customer assign risk scores to customers, the customer information into transaction relationship can also be developed by practice is not mandated by regulation monitoring systems in all instances. inherent or self-evident information and not widely adopted in the industry; Rather, as it relates to broker-dealers’ about the product or customer type, or thus, this commenter opposed imposing SAR requirements, we expect this basic information about the customer, such a categorical requirement. As it information to be used at least in some and such information may be sufficient does for banks, the term ‘‘customer risk cases in determining whether a to understand the nature and purpose of profile’’ is used to refer to the particular flagged transaction is the relationship. We further noted that, information gathered about a customer suspicious. As a part of broker-dealers’ depending on the facts and to develop the baseline against which SAR reporting obligations, they must circumstances, other relevant facts customer activity is assessed for necessarily have an understanding of could include basic information about suspicious transaction reporting. the nature and purpose of a customer the customer, such as annual income, Depending on the firm and the nature of relationship in order to determine net worth, domicile, or principal its business, it may appropriately take whether a transaction is not the sort in occupation or business, as well as, in the form of individualized risk scoring, which the particular customer would the case of longstanding customers, the placement of customers into risk normally be expected to engage.88 customer’s history of activity. For categories, or some other method of FinCEN understands that many broker- example, FinCEN understands that assessing customer risk. We note that dealers use this information during the some securities firms sometimes use neither the Federal securities laws nor course of an investigation into suitability information gathered FINRA rules explicitly require firms to suspicious activity triggered by pursuant to FINRA Rule 2111 in create a formal risk ‘‘score’’ for all transaction monitoring, i.e., after and customers. However there is a basic not necessarily concurrent with 86 31 CFR 1020.320(a)(2)(iii); see also 31 CFR expectation that members of the transaction monitoring; accordingly, 1023.320(a)(2)(iii), 1024.320(a)(2)(iii), and 1026.320(a)(2)(iii). industry understand the risks posed by based on our understanding of these 87 Nat’l Ass’n of Securities Dealers, Special NASD their customers and be able to Notice to Members 02–21 7 (Apr. 2002). demonstrate this understanding. As 88 31 CFR 1023.320(a)(2).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00026 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29423

practices, we generally do not expect As discussed above for banks, broker- these amendments, are identical to that such firms would need to change dealers are presently expected to those articulated for banks and broker- these practices in order to be in conduct a monitoring-triggered update dealers above. However, as an initial compliance with this requirement. of customer information when they matter, FinCEN notes that, unlike the One commenter questioned the need learn of material information relevant to situation for other covered financial to incorporate the nature and purpose assessing the risk of a customer institutions, a relatively small element into the AML program rules for relationship during the course of their proportion of a mutual fund’s broker-dealers if it is an inherent part of normal monitoring. Under this rule, underlying customers purchase their suspicious activity reporting. This financial institutions shall include shares directly from the fund. Rather, commenter noted its concern that beneficial ownership information in the the great majority of mutual fund express incorporation of this element customer information to be updated, in investors purchase shares through an into the AML program rules might cases where a change in such intermediary, such as a securities require changes to broker-dealers’ information could affect the risk broker-dealer, and therefore the mutual account opening procedures in order to presented by the customer, since such fund has no direct relationship with demonstrate compliance with this information could be relevant to them. In addition, of all the legal entity provision, and requested that FinCEN assessing customer risk. As we noted in customers of a mutual fund, a clarify its reasons for amending the the proposal, including the ongoing significant number are typically AML program rules in this way. As we monitoring element in the AML financial intermediaries (e.g., securities noted above, FinCEN believes that, in program rules served to reflect existing broker-dealers), most of which are order to bring uniformity and practices to satisfy SAR reporting regulated. Such intermediaries are consistency across sectors, it is obligations. Although the beneficial nonetheless subject to a mutual fund’s important that these due diligence ownership information collection AML program, which requires the elements be made explicit, and that they requirement was not in place at the time application of risk-based due diligence. be part of the AML program of broker- of the proposal, this information may be Of those legal entity customers that are dealers in securities (as well as of the relevant in assessing the risk posed by not financial intermediaries, a other covered financial institutions). We the customer and in assessing whether substantial number are in many cases believe that harmonizing these a transaction is suspicious. Moreover, corporations that are administering requirements across financial sectors FinCEN believes it is also consistent benefit plans for their employees (or will strengthen the system as a whole, that this requirement should apply not administrators doing this on behalf of by further limiting opportunities for only to customers with new accounts, such employers); these relationships are inconsistent application of unclear or but also to customers with accounts also subject to risk-based due diligence. unexpressed expectations. FinCEN existing on the Applicability Date. That Thus, FinCEN understands that any further expects that broker-dealers is, should the financial institution legal entities that are direct customers of would generally not need to alter their detect as a result of its normal a fund, and not any type of account opening procedures to satisfy monitoring that the beneficial owner of intermediary, would comprise a this requirement to the extent that a legal entity customer may have relatively small portion of its direct customers, and FinCEN expects that broker-dealers are compliant with changed, it should identify the such non-intermediary legal entity existing supervisory or regulatory beneficial owner of such customer, customers would be subject to a expectations as discussed herein. whether or not it has already done so. For example, we can envision a different risk assessment than Commenters also requested that situation where an unexpected transfer intermediary customers for due FinCEN clarify the nature of the ongoing of all of the funds in a legal entity’s diligence purposes. The following monitoring requirement. One account to a previously unknown discussion of mutual fund customer commenter urged FinCEN to remove the individual would trigger an relationships must be read in this clause pertaining to maintaining and investigation in which the financial context. updating customer information because institution learns that the funds transfer As in the case of banks and broker- securities firms do not currently have an was directly related to a change in the dealers as described above, FinCEN obligation to conduct ongoing beneficial ownership of the legal emphasizes that the incorporation of monitoring to update customer entity.89 FinCEN emphasizes that the these elements serves only to articulate information. Another urged FinCEN to obligation to update customer current practice consistent with existing limit the obligation to update customer information pursuant to this provision, regulatory and supervisory expectations. information to ‘‘negative-event’’ triggers including beneficial ownership Thus, understanding the nature and discovered during the course of information, is triggered only when, in purpose of customer relationships monitoring. We believe that the the course of its normal monitoring, the encapsulates practices already generally clarifying changes made to the ongoing financial institution detects information undertaken by mutual funds to know monitoring clause for the final AML relevant to assessing the risk posed by and understand their customers. In the program rules for all covered financial the customer; it is not intended to proposal, we observed that under the institutions and described above in the impose a categorical requirement to existing requirement for financial discussion of banks addresses these update customer or beneficial institutions to report suspicious activity, concerns. The final rule states that ownership information on a continuous they must file SARs on a transaction ongoing monitoring is conducted to or ongoing basis. that, among other things, has no identify and report suspicious Section 1024.210 Anti-money business or apparent lawful purpose or transactions and, on a risk basis, to laundering program requirements for is not the sort in which the particular maintain and update customer mutual funds. The structural changes to customer would normally be expected information. For these purposes, 90 this section, as well as the rationale for to engage. To understand the types of customer information shall include transactions in which a particular information regarding the beneficial 89 The same changes are being made to the customer would normally be expected owners of legal entity customers (as ongoing monitoring provisions of the AML program defined in § 1010.230). rules for the other covered financial institutions. 90 31 CFR 1024.320(a)(2)(iii).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00027 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29424 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

to engage necessarily requires an suspicious transaction reporting. We they would then be expected to update understanding of the nature and also do not expect the customer risk customer information. Consistent with purpose of the customer relationship, profile to necessarily be integrated into the new requirement to collect which informs the baseline against existing monitoring systems to serve as beneficial ownership information in this which aberrant, suspicious transactions the baseline for understanding rulemaking, such customer information are measured. As FinCEN stated in the suspicious transactions on a would include beneficial ownership proposal, depending on the facts and contemporaneous basis (as described information, and would apply to new circumstances, other relevant facts with regard to banks and broker- customers as well as those existing on could include basic information about dealers). Rather, we expect mutual the Applicability Date. the customer, such as annual income, funds to utilize the customer risk profile Section 1026.210 Anti-money net worth, domicile, or principal as necessary or appropriate during the laundering program requirements for occupation or business, as well as, in course of complying with their SAR futures commission merchants and the case of longstanding customers, the requirements—as we understand is introducing brokers in commodities. customer’s history of activity. consistent with the general current The structural changes to this section, as Furthermore, in some circumstances an practice—in order to determine whether well as the rationale for these understanding of the nature and a particular transaction is suspicious. amendments, are identical to those purpose of a customer relationship can Regarding the fourth element as articulated for other covered financial also be developed by inherent or self- proposed in the NPRM, conducting institutions described above. evident information about the product ongoing monitoring to maintain and As in the case of the other covered or customer type, or basic information update customer information and to financial institutions, FinCEN reiterates about the customer, and such identify and report suspicious that the incorporation of these elements information may be sufficient to transactions, we noted our is intended to explicitly articulate understand the nature and purpose of understanding that, as with the third current practices consistent with the relationship. element, current industry expectations existing regulatory and supervisory This final point is particularly for SAR reporting should already satisfy expectations. Thus, understanding the relevant for the mutual fund industry. this proposed requirement. In short, we nature and purpose of customer As commenters from the industry noted, intended the proposal to codify existing relationships encapsulates practices mutual funds are best understood as a supervisory and regulatory expectations already generally undertaken by futures form of financial product rather than as as explicit requirements within firms to know and understand their an institution providing financial FinCEN’s AML program requirement in customers. In the proposal, we observed services or investment advice. We order to make clear that the minimum that under the existing requirement for understand that much of a mutual standards of CDD, as articulated, financial institutions to report fund’s understanding of the nature and include ongoing monitoring of all suspicious activity, they must file SARs purpose of a customer relationship transactions by, at, or through the on a transaction that, among other arises predominantly from the financial institution. As proposed, the things, has no business or apparent customer’s initial decision to invest in obligation to update customer lawful purpose or is not the sort in a mutual fund, as reflected largely by information in the course of monitoring which the particular customer would the customer’s choice of product. As would generally only be triggered when normally be expected to engage.92 To with banks and broker-dealers, such the financial institution became aware understand the types of transactions in customer information is not necessarily of information as part of its normal which a particular customer would used as a contemporaneous point of monitoring relevant to assessing the risk normally be expected to engage comparison in monitoring systems. posed by a customer; it was not necessarily requires the futures However, as with banks and broker- intended to impose a categorical commission merchant or introducing dealers, we also understand that many requirement to update customer broker to have an understanding of the mutual funds use this information information on a continuous or ongoing nature and purpose of the customer during the course of an investigation basis. Because of the structural relationship, which informs the baseline into suspicious activity triggered by ambiguities in the proposal as against which aberrant, suspicious transaction monitoring, i.e., after and articulated above, we have also transactions are identified. As described not concurrent with transaction amended the ongoing monitoring prong at greater length below, we understand monitoring; we would not generally for the final rule for mutual funds. The that for the futures industry, this may expect such firms to change their final rule states that ongoing monitoring not necessarily be a contemporaneous practices in order to comply with this is conducted to identify and report assessment. requirement. It was this fundamental suspicious transactions and, on a risk For example, under the National established practice that FinCEN sought basis, to maintain and update customer Futures Association’s (NFA) AML information. For these purposes, to encapsulate in its articulation of the Interpretive Notice, futures commission customer information shall include third element. Accordingly, we expect merchants and introducing brokers are information regarding the beneficial this element to be construed fully expected to understand the nature and owners of legal entity customers (as consistently with the SAR rule and purpose of their customer relationships 91 defined in § 1010.230). to inform their suspicious activity associated guidance for mutual funds. As described above in the sections As with banks and broker-dealers, the reporting: ‘‘Recognizing suspicious addressing banks and broker-dealers, we transactions requires familiarity with term ‘‘customer risk profile’’ means believe that this change to the ongoing information gathered about a customer the firm’s customers, including the monitoring provision is more consistent customer’s business practices, trading to develop the baseline against which with current practice, and therefore, customer activity is assessed for activity and patterns. What constitutes a with the nature of the obligation—that suspicious transaction will vary is, when mutual funds detect 91 See 74 FR 26213, 26216 n.29 (May 4, 2006); Frequently Asked Questions, Suspicious Activity information relevant to assessing the 92 31 CFR 1020.320(a)(2)(iii); see also Report Requirements for Mutual Funds, FIN–2006– risk of a customer relationship during 1023.320(a)(2)(iii), 1024.320(a)(2)(iii), and G013 (Oct. 4, 2006). the course of their normal monitoring, 1026.320(a)(2)(iii).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00028 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29425

depending on factors such as the customer information in the course of with NFA Compliance Rule 2–9. identity of the customer and the nature monitoring would generally only be Recognition of the relevance of this of the particular transaction.’’ 93 And as triggered when the financial institution information is not tantamount to FinCEN stated in the proposal, in some became aware of information as a result mandating the inclusion of these other circumstances an understanding of the of its normal monitoring relevant to regulatory schemes into BSA nature and purpose of a customer assessing the risk posed by a customer; regulations. As we noted above, we relationship can also be developed by it was not intended to impose a understand that as a matter of practice inherent or self-evident information categorical requirement to update some futures firms use this information about the product or customer type, or customer information on a continuous to understand the nature and purpose of basic information about the customer, or ongoing basis. Because of the the customer relationship, but the fifth and such information may be sufficient structural ambiguities in the proposal as element does not require that such to understand the nature and purpose of articulated above, we have also information be integrated into futures the relationship. It also may vary amended the ongoing monitoring prong firms’ AML monitoring programs on a depending on the type of entity opening for the final rule for futures commission contemporaneous basis, as a matter of the account. For example, a clearing merchants and introducing brokers. The regulatory compliance or expectation. futures commission merchant at account final rules states that ongoing This commenter also requested that opening would be focused on the monitoring is conducted to identify and FinCEN clarify what constitutes a creditworthiness of the customer, and report suspicious transactions and, on a customer risk profile, noting that the not necessarily trading patterns, as the risk basis, to maintain and update term is not commonly used in the AML trades would be executed through an customer information. For these context in the futures industry. The executing futures commission merchant. purposes, customer information shall commenter urged FinCEN to remove The nature and purpose of the include information regarding the this term from the final rule or provide relationship for the clearing futures beneficial owners of legal entity additional opportunities for comment commission merchant would be a customers (as defined in § 1010.230). because of this lack of understanding. clearing account for futures and options As described in the sections above As it does for banks, broker-dealers, and transactions. We further noted and pertaining to banks, securities broker- mutual funds, the term ‘‘customer risk understand that, depending on the facts dealers, and mutual funds, we believe profile’’ refers to the information and circumstances, relevant information that this change better articulates gathered about a customer to develop current practice and, therefore, the regarding the customer obtained under the baseline against which customer nature of the obligation—that is, when NFA Compliance Rule 2–30 and CFTC activity is assessed for suspicious futures firms detect information relevant Rule 1.37(a)(1) could include basic transaction reporting. We note that to assessing the risk of a customer information about the customer such as neither the Federal futures laws nor the relationship during the course of their annual income, net worth, domicile, or National Futures Association’s rules normal monitoring, they then would be principal occupation or business, as explicitly require firms to create a expected to update customer well as, in the case of longstanding ‘‘customer risk profile’’ or a formal risk customers, the customer’s history of information. A commenter representing the futures ‘‘score’’ for all customers. However, activity. Such information could be there is a basic expectation that useful to understand the nature and industry raised a number of concerns about the third and fourth elements of members of the industry understand the purpose of the customer relationship, risks posed by their customers and be and to determine whether a given CDD as put forth in the proposal. The commenter challenged FinCEN’s able to demonstrate this understanding. transaction is one which would be As with banks, broker-dealers, and expected from a particular customer. It authority to amend the AML program rules in this fashion, contending mutual funds, we do not expect a is these types of current practices that customer risk profile to necessarily be FinCEN sought to encapsulate in its principally that it was outside FinCEN’s authority to incorporate non-BSA integrated into existing monitoring articulation of the third element. systems to serve as the baseline for Regarding the fourth element as regulatory schemes—specifically, suitability and know-your-customer understanding suspicious transactions proposed in the NPRM, conducting on a contemporaneous basis. Rather, we ongoing monitoring to maintain and rules that we cited in the proposal when describing current practices at futures expect futures commission merchants update customer information and to and introducing brokers to utilize the identify and report suspicious firms for understanding customers—into BSA regulations. First, FinCEN customer risk profile information as transactions, we noted our necessary or appropriate during the understanding and expectation that, as reaffirms, as described above, its general statutory authority to amend the AML course of complying with their SAR with the third element, current industry requirements—as we understand is practice for SAR reporting should program rules by adding elements beyond those specifically listed in the consistent with current practice—in already satisfy this proposed order to determine whether a particular requirement. In short, the proposal statute. We also reject the notion that amending the AML program rules in transaction is suspicious. Because of served to codify existing supervisory this, we do not believe it is necessary to and regulatory expectations as explicit this way is an incorporation-by- reference of other regulatory schemes eliminate the term nor provide requirements within FinCEN’s AML additional opportunity for comment. program requirement in order to make outside of the scope of FinCEN’s In addition, the commenter also clear that the minimum standards of statutory authority. Our citation to requested that FinCEN clarify the nature CDD, as articulated, include ongoing CFTC and NFA rules in the proposal of the ongoing monitoring requirement, monitoring of all transactions by, at, or served only to reflect that ‘‘this contending that it would be burdensome through the financial institution. As information could be relevant for if FinCEN intended by this element to proposed, the obligation to update understanding the nature and purpose of customer relationships,’’ 94 and require continuous monitoring for the 93 National Futures Association Compliance Rule would also be relevant for compliance purpose of updating customer 2–9: FCM and IB Anti-Money Laundering Program information. We believe that the Interpretive Notice. 94 79 FR at 45163 n.51. clarifying changes made to the ongoing

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00029 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29426 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

monitoring clause for the final rule, RIA, contending principally that 30 included in the RIA or costs that we had discussed above, address this concern. days was an inadequate amount of time overlooked and have since added (note Finally, the commenter requested that to gather additional data to respond to that we incorporated all relevant FinCEN clarify the significance of the the RIA’s analyses, especially in light of quantifiable data received from the distinction between the terms ‘‘account’’ its publication during the winter commenters into the updated RIA, and ‘‘customer’’ with respect to the holidays. FinCEN denied the requests, which upwardly adjusted its cost statement in the proposal that the fifth noting that we believed the time period calculations), have not significantly pillar not be limited only to customers to be sufficient, ‘‘particularly in light of impacted our results. for purpose of the CIP rules, but rather, the extensive comment period provided Some commenters took issue with the extend to all accounts established by the over the course of the CDD rulemaking, ‘‘academic’’ nature of the analysis set institution. This commenter urged which included industry’s views on the forth in the RIA, asserting that it was FinCEN to clarify this point particularly perceived costs and burdens regarding based on unfounded assumptions about with respect to guidance for the futures . . . CDD.’’ In the preamble to the final the impact of the rule upon the behavior industry, stating that CIP obligations do rule, we described the extensive, years- of illicit actors and therefore on not apply to executing brokers in give- long outreach conducted during the aggregate levels of crime. For example, up arrangements and omnibus course of this rulemaking, during which a few commenters challenged the notion relationships, concerned that the fifth time several commenters provided input that the beneficial ownership pillar might otherwise supersede the regarding costs that they expected to requirement would result in criminal guidance. We noted that all account incur implementing the rule. Of these actors actually providing information to relationships, and not only those which commenters, only a small portion financial institutions that would be are ‘‘accounts’’ within the CIP rule quantified these expected effects in a valuable to law enforcement agencies; definition, would be subject to this meaningful way. As described at greater these commenters noted that such actors requirement merely to reflect that all length below in the section addressing could simply provide false information, accounts must necessarily be monitored cost-related comments, FinCEN and or hire straw men for the sole purpose in some form in order to comply with Treasury’s Office of Economic Policy of opening accounts. We address the existing SAR requirements.95 (OEP) conducted substantial follow-up specific comments regarding the various IV. Regulatory Analysis with parties that provided such figures, assumptions underlying our analysis and determined that it was below. A. Executive Orders 13563 and 12866 impracticable to obtain the data As for the general comment that the It has been determined that this necessary to fully quantify the costs approach we took in the RIA was too regulation is an economically significant associated with implementing the CDD academic, we note first that OMB regulatory action as defined in section rule. This challenge, combined with the guidance recommends that an RIA 3(f)(1) of Executive Order (E.O.) 12866, difficulty of quantifying many of the should be ‘‘based on the best reasonably as amended. Accordingly, this final rule CDD rule’s expected benefits, led us to obtainable . . . economic information has been reviewed by the Office of rely predominantly upon the breakeven available. To achieve this, [agencies] Management and Budget (OMB). As a analysis 96 to assess the relative benefits should generally rely on peer-reviewed result of being an economically and costs of the CDD rule. The cost used literature, where available.’’ 97 significant regulatory action, FinCEN in the breakeven analysis includes an Unfortunately, there is not a body of prepared and made public a preliminary order-of-magnitude assessment of direct empirical evidence regarding RIA, along with an Initial Regulatory information technology (IT) upgrade criminals’ behavior in response to AML/ Flexibility Analysis (IRFA) pursuant to costs, identified by financial institutions CFT laws and regulations. In the the Regulatory Flexibility Act, discussed during the comment period and our absence of such analysis, and relatedly, below, on December 24, 2015. We subsequent outreach as the most the absence of any data on which to received 38 comments about the RIA substantial driver of implementation perform our own analysis, FinCEN and/or the IRFA, which we address costs. Because the RIA is meant to asserts that it is both reasonable and below. We have incorporated additional measure the expected costs and benefits appropriate to look to the academic data points, additional sources of costs, of the rule in aggregate, and given the literature on the economics of crime for and other points raised by commenters, data quality and quantity concerns, we a framework for formally thinking about directly into the final RIA itself, which conducted an order-of-magnitude how the CDD rule would potentially we publish below in its entirety, assessment. The conclusion of the affect criminal outcomes. In this less- following our narrative response to the order-of-magnitude assessment probably than-ideal situation where empirical remaining comments not addressed by would not be materially changed by estimates of the rule’s effects on crime these changes to the RIA. gathering additional data unless the are lacking, the canonical economic current data points are outliers. The model of crime at least provides useful 1. Discussion of Comments to the RIA conclusions of the primary cost insights into the mechanisms by which General Comments estimation would not be changed and the rule could affect crime, which can A few commenters sought an thereby would not materially affect the in turn be assessed on the grounds of extension of the comment period for the RIA’s ultimate conclusion. We did not their plausibility. Like any economic receive any substantive comment on the model, this one assumes that its actors 95 ‘‘Although a futures commission merchant’s IT cost during the comment period. The behave rationally, a premise that some customer identification program will not apply comments and any associated data commenters found objectionable and when it is operating solely as an executing broker points that we received, whether used to justify their protests of our use in a give-up arrangement, the futures commission pertaining to categories of 98 merchant’s anti-money laundering program should of any economic model of crime. On contain risk-based policies, procedures, and implementation costs that were already controls for assessing the money laundering risk 97 OMB Circular A–4, available at https:// posed by its operations, including its execution 96 As described at greater length in the RIA, a www.whitehouse.gov/omb/circulars_a004_a-4. brokerage activities; for monitoring and mitigating breakeven analysis asks how large the present value 98 More formally, an individual’s preferences are that risk; and for detecting and reporting suspicious of benefits has to be so that it is just equal to the rational if (1) she has a well-defined preference activity.’’ FIN–2007–G001. present value of costs. between any two possible alternatives and (2) her

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00030 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29427

this point—that criminals are not A few commenters took issue with the exempt smaller institutions from the economic actors and thus do not general approach of the regulatory rule, and requests to eliminate the respond to incentives—we strongly scheme, whereby the costs would be verification requirement; these issues disagree based on empirical evidence incurred almost entirely by financial have been addressed in the preamble to appearing in peer-reviewed academic institutions, while the benefits would the final rule. 99 accrue to society more broadly rather journals. Cost-Related Comments Some commenters asserted that than to financial institutions and their customers, specifically. In their view, Some commenters objected to our FinCEN and OEP took an inconsistent this made the CDD rule an overall approach to evaluating the approach towards assessing the impermissible tax upon financial expected costs associated with expected costs and benefits in the RIA. institutions. But this rule is not a tax. implementation of the CDD rule. A few These commenters contended that we Furthermore, we disagree with the of these commenters took issue with the included certain unquantified benefits characterization of this regulatory limited sample size of financial but excluded certain unquantified costs, scheme as improper or out of the institutions that provided the data rendering the analysis arbitrary. This ordinary. There are numerous Federal supporting our quantitative assessment RIA quantifies some of the cost regulatory schemes that have similar of the costs, and contended that we categories and qualitatively describes underlying assumptions, structures, and were required to undertake a fully the other cost categories and benefits impacts—for example, the costs of some quantified analysis using a large and consistent with OMB guidance. OMB environmental regulations fall representative sample of financial Circular A–4 directs agencies to predominantly (if not almost institutions. One commenter quantify both costs and benefits to the exclusively) on producers of emissions representing mid-sized banks stated that extent possible. Where we were ‘‘not (power plants, automobile the RIA was deficient because it only able to quantify the effects,’’ we manufacturers, etc.), while the benefits accounted for the impact of the CDD ‘‘present[ed] any relevant quantitative accrue to the members of society as a rule on covered financial institutions information along with a description of whole. Similar to environmental writ large, and did not allow for the the unquantified effects.’’ 100 Contrary to regulations, the CDD rule is meant to rule’s impact to differ based on a variety these commenters’ assertions, we did correct for a positive spillover that in of categories, such as size, business not selectively rely upon unquantified this case leads to a less-than-efficient lines, structure, geography, or customer benefits while ignoring unquantified level of investment in AML/CFT base. This commenter asserted that we costs. In the case of costs that were not security measures. Specifically, should have given additional initially accounted for in the RIA, but reductions in illicit activity from the consideration in the RIA to the impact later identified by commenters, we have collection of beneficial ownership of the CDD rule on small and mid-sized revised portions of the RIA to information will benefit all members of banks, provided additional data from incorporate them. As for the largest cost society, but financial institutions will mid-sized banks regarding the expected that we were unable to quantify, IT rationally only account for their own costs of implementing the CDD rule, and upgrade costs, we fully acknowledge benefits when making their investment identified additional expected sources and recognize the importance of decisions. By compelling financial of costs not included in the RIA. assessing this cost in the RIA and institutions to retrieve beneficial As to the assertion that it was describe the difficulties we encountered ownership information, the CDD rule’s inappropriate to rely upon such a small in trying to obtain meaningful data for intent is to increase investment in AML/ sample size in developing our cost data, these costs. We offer an order-of- CFT measures to a level that results in we agree that it might arguably have magnitude assessment in the qualitative higher overall wellbeing (even once been preferable to obtain specific, cost section and carry that analysis into costs to financial institutions are netted granular data from a large and diverse the breakeven analysis. out). Recognizing the costs of set of financial institutions. However, implementing the CDD rule, we have based on our outreach to financial preferences exhibit transitivity—for alternatives x, made numerous changes to the rule institutions and IT firms, we determined y, and z, if x is preferred to y and y is preferred itself, as described in the preamble that it would be impracticable to do so. to z, then x is preferred to z. See page 6 of Mas- above, so as to minimize as much as To further develop our cost data Colell, Andreu, Michael D. Whinston, and Jerry R. following the NPRM comment period, Green. Microeconomic Theory. New York: Oxford possible the impact of compliance upon University Press, 1995. covered financial institutions while still we identified and assessed all of the 99 The canonical model of the economics of crime furthering the purposes of the rule. comment letters that raised the cost predicts that the CDD rule would reduce illicit One commenter representing a issue with specificity, and substantiated activity by causing criminal actors to perceive a business formation agent reiterated the the assertion that FinCEN higher risk to setting up financial accounts in underestimated the costs associated support of their illegal activities. Analogously, recommendation proffered during the increased police presence deters criminal activity NPRM comment period to expand the with implementing the CDD rule with by increasing its perceived risk. A recent survey of reliance provision of the beneficial data or a narrative explanation. From empirical research on how different policing ownership requirement to include non- this initial review, FinCEN engaged in strategies deter crime states: ‘‘. . . there is robust outreach to many of these commenters evidence that crime responds to increases in police financial institutions, contending that manpower and to many varieties of police such an expansion would reduce the to determine their willingness to engage redeployments.’’ See Chalfin, Aaron and Justin costs of compliance. We decline to do in a more extensive voluntary McCrary, ‘‘Criminal Deterrence: A Review of the so for the reasons articulated in the discussion regarding the cost issues that Literature,’’ forthcoming, Journal of Economic they raised. To facilitate these Literature (2016). Importantly, the authors also preamble to the final rule. discuss their assessment that police tactics During the comment period to the commenters’ participation in this characterized by high visibility likely reduce crime RIA, a few commenters raised dialogue, FinCEN identified in advance more through deterrence than through substantive concerns about the rule a number of topics to guide the incapacitation. Therefore, we feel confident in itself that were essentially identical to discussion, including: assuming that potential criminal actors are rational • in thinking through how they would respond to the concerns identified by commenters A description of the commenting imposition of the CDD rule. during the NPRM comment period, such institution’s processes for onboarding 100 OMB Circular A–4. as, among other things, requests to legal entity customers and how that

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00031 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29428 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

information is used to comply with unable to provide any estimates about their existing onboarding systems to AML/CFT requirements; many of the other types of costs they comply with the beneficial ownership • the types of documentation expected to incur to implement the certification requirement. During the required to onboard legal entity proposed CDD rule, even when pressed NPRM comment period, some customers; to provide rough estimates, or even commenters identified additional • an estimate of the amount of time estimates within a broad range of categories of entities whose beneficial it takes to set up legal entity customer potential expected costs. Given this lack ownership information is otherwise accounts; of usable data, and because FinCEN available, and we excluded these • the approximate number of legal understands that the majority of categories from the definition of legal entity accounts established at the financial institutions purchase their entity customer, further reducing the commenting institution on an annual systems for entering and storing burden. In response to numerous basis; customer data rather than building the comments contending that the proposed • anticipated changes to onboarding systems internally, we also sought exclusion for charitable organizations procedures that would be necessary to similar information from several of the would be difficult to administer, and identify and verify beneficial owners, major vendors that provide these AML/ therefore burdensome, we simplified it. consistent with the requirement as CFT-compliant IT systems. As with the And importantly, in response to many proposed in the NPRM, and the financial institutions, we provided comments regarding the difficulties of approximate costs of such changes; participating IT vendors the same basic implementing the CDD rule within a • the frequency with which the topics to guide the discussion year of publication of the final rule, we commenting institution updates its (identified above), with modifications to increased the time for financial computerized onboarding system, as reflect the different role that these institutions to comply, to two years. As well as the base cost associated with vendors play in the onboarding and for the additional sources of cost and ‘‘opening’’ these systems for updates screening processes. Although we additional cost data provided by the and the approximate incremental costs obtained insight into the manner in commenters, we appreciate this associated with each substantive which many of the major IT vendors additional information and have change; work with financial institutions, none incorporated it, where appropriate, into • anticipated changes or updates to were able to provide meaningful our analysis in the RIA, as described other systems required to comply with quantified estimates of the expected below. the requirement as proposed in the costs associated with modifying their Some commenters asserted that we NPRM, and the approximate costs of systems, even when pressed for rough underestimated certain costs, and failed such changes; estimates or estimates within a wide to account for other steps that financial • the expected costs and logistical range of potential costs. For these institutions would have to take to difficulties associated with integrating reasons, we determined that it would comply with the proposed CDD rule in the Certification Form into the likely be futile to conduct a broader our cost analysis. We address these commenting institution’s operations; survey of financial institutions and comments here. • additional employee training vendors to support our analysis. Thus, Customer Onboarding. A few required to implement the requirement consistent with OMB guidance, we commenters asserted that our time as proposed in the NPRM, and how instead specified the expected sources estimates for onboarding were too low. those costs compare to total annual BSA of costs, and quantified these costs In response to these comments, we have training expenditures; and where possible. In order to assess the • made adjustments to the calculations in any additional costs associated with proposed rule, we relied upon the the RIA, as described in greater detail implementing the requirement as breakeven analysis, which used an therein. Some of these commenters also proposed in the NPRM that FinCEN did order-of-magnitude assessment of the IT asserted that our hourly wage figures for not take into account. upgrade costs, resulting in an upper ‘‘new account clerks’’ was too low, Because we understood that it was bound of $10 billion (identified by most noting that the average wage for their likely that such a discussion would commenters during the NPRM and RIA clerks was substantially higher. While necessarily require a detailed as by far the most substantial projected we certainly recognize that the wages description of proprietary business outlay) and the highest cost-scenarios earned by account clerks in large information, we noted that institutions’ for other significant costs quantified in metropolitan areas characterized by specific answers would not be made a the RIA. elevated cost of living will be higher part of the public record, but informed With respect to the concern that we than the average, those wage levels are participants that we might describe did not adequately account for the not representative of the wages for the responses in general terms without impact of the proposed CDD rule upon entire country (in the same way that attribution as a part of the rulemaking. mid-sized and smaller institutions, we wages for account clerks in rural areas During our outreach discussions, we note that throughout this rulemaking of the United States characterized by learned that each institution’s process, we have been cognizant of the very low cost of living would not onboarding process is different from the challenges that such institutions might accurately represent wages for the others, making it difficult to draw broad face when implementing the rule; these whole country). Given that the average conclusions about the types of things concerns contributed to shaping several occupational wages produced by the covered financial institutions would of the modifications we have made to Bureau of Labor Statistics use wage data have to do to implement the rule, from the rule in order to facilitate its from throughout the United States— which we could extrapolate generally implementation, as described at length taking into account variation in wages applicable cost estimates. More in the Section-by-Section Analysis for the same occupation across all of the importantly, while institutions were above. For example, in response to very different local labor markets—we generally able to provide estimates of comments to the NPRM, we determined believe that the national average for training-related and other expected that use of the Certification Form would account clerks is representative and human resources costs, several of the not be mandatory, and financial therefore decline to use a different wage institutions with which we spoke were institutions have the flexibility to utilize for these calculations.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00032 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29429

One commenter also asserted that we internal controls, including compliance an upper bound of $10 billion (derived mischaracterized the manner in which reviews, relating to the collection of from the rough estimates provided by this additional onboarding time would beneficial ownership information. As some financial institutions).101 be incorporated into the onboarding noted in the RIA, because of the lack of Costs Associated with Lost Business/ process, contending that our view was actual estimates of such costs, we have ‘‘De-Risking.’’ A few commenters took founded on ‘‘the plainly incorrect not included them in the aggregate issue with the decision not to include assumption that the additional quantified costs of the rule. We believe, costs associated with lost business documentation required under the however, that the actual additional costs attributable to either privacy-minded proposed CDD Rules can be collected in for internal controls will be small in owners of legal entity customers one (slightly longer) meeting.’’ Contrary comparison to the quantified costs declining to open accounts or financial to this notion, our assessment of the included in the RIA, particularly the institutions refusing to extend accounts additional incremental time for upper bound in the order-of-magnitude to legal entity customers for which they onboarding was not premised on this assessment for IT upgrade costs, and cannot obtain the owners’ personal assumption. Indeed, it has been our thus that not including these additional information. In the views of some understanding that, as this commenter internal control costs does not influence commenters, a substantial number of noted, ‘‘[f]inancial institutions typically the RIA’s conclusion. owners of small businesses would flee offer clients a period of time, such as 30 Costs Associated with Additional SAR to unregulated sources of financing days, to gather the appropriate account Investigation and Filing. A few because of their aversion to providing opening documentation, and the process commenters noted that there would personal information to covered routinely takes more than one meeting.’’ likely be additional costs for financial financial institutions during the This characterization of current institutions associated with account-opening process. To the same practices underscores one of our broader investigating and reporting SARs that effect, one commenter representing points about our expectation that the should have been accounted for in the banks asserted that the proposed CDD additional burden on prospective RIA. However, as described in the RIA, rule would ‘‘likely contribute to ‘de- customers after the final rule is in force given the difficulty of determining risking,’ as many financial institutions will be limited—that is, it is already the whether the final rule would result in will find it increasingly difficult to open case that prospective business additional costs of this nature and if so, accounts or extend credit where the risk customers who seek to open accounts at their amount, we have not attempted to of correctly identifying the beneficial financial institutions often do not have quantify such costs. owners cannot be managed to the on hand all the documentation required Employee Training Costs. One satisfaction of regulatory requirements.’’ (including CIP information), and that commenter representing banks asserted As for deposit or transaction accounts financial institutions have practices in that respondents to its survey about as well as most credit products, FinCEN place to inform these prospective implementation costs believed that on is not persuaded that the beneficial customers of the documentation they average, employees would require three ownership requirement would have a need to provide in order to open an times the amount of training identified meaningful effect on the behavior of the account. We would expect these by the RIA. This commenter did not, vast majority of owners of legal entities existing practices to be leveraged, and however, provide any explanation of the subject to it. Legitimate businesses need that an institution’s practices for basis for this estimate, the assumptions transaction accounts within the collection of this information for legal used to generate this estimate, nor any financial system to conduct their entity customers would not deviate dollar figure estimates. Nor did the business, and in many cases, it would substantially from those described commenter state whether this treble be extraordinarily difficult (as well as above. estimate pertained to the low or high far more risky and costly) to operate Developing and Conducting Employee end of the range described in the RIA solely using cash or through Training. A few commenters noted that (though we presume this multiplier unregulated entities. Furthermore, we we did not account for the costs applies to the high end of the range) or do not expect most owners of legal associated with designing and whether it applied to training in the first entity customers to be so averse to conducting training of employees on the year or to refresher training. All of the providing their personal information to new obligations in the CDD rule (as other commenters addressing this issue covered financial institutions that they distinct from the cost to financial articulated estimated costs that fell refuse to open an account, particularly institutions of employees’ time spent in within the range identified in the RIA. considering that they have to provide training, for which we did account in For this reason, we decline to alter the the same type of personal information to the RIA). In response to these estimated costs associated with open individual accounts at those comments, we have added a new employee training (except as described institutions. In any event, the cost of section incorporating these costs into above). such aversion—essentially being the RIA, as described in greater detail Information Technology Costs. One unbanked—would be high, for the therein. commenter representing banks reasons given above. Moreover, Revising Policies and Procedures. A contended that FinCEN did not irrespective of one’s views on the few commenters observed that the RIA adequately account for the costs disclosure of personal information in did not account for costs associated associated with IT upgrades in the RIA. business relationships, such information with revisions to policies and This assertion is an inaccurate procedures that would be necessary as characterization of our approach to IT 101 Some commenters to the preliminary RIA and a part of implementing the CDD rule. In costs. As described at length above, IRFA stated that they believed that they would need to install expensive IT upgrades in order to track response to these comments, we have FinCEN unsuccessfully attempted to changes in beneficial ownership information, in added a new section incorporating these obtain detailed figures for these upgrade order to comply with the requirements of the costs into the RIA, as described in costs, in part necessitating the order-of- proposed amendments to the respective AML greater detail therein. magnitude analysis. This analysis program rules. FinCEN believes that these comments are based on a misunderstanding of those Additional Costs for Internal Controls. directly accounted for IT upgrade costs proposed requirements. As a result, FinCEN has Some commenters noted that the RIA by assessing the order-of-magnitude revised this proposed requirement, as explained in did not account for additional costs for based on limited data, which resulted in the Section-by-Section Analysis.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00033 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29430 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

is routinely required for a variety of miscellaneous costs incurred will likely Justice has noted throughout this commercial interactions, such as be very small compared to the included rulemaking process, a falsified obtaining an insurance policy, or quantified costs in the RIA, in particular beneficial ownership identification verifying eligibility for employment in the improbably high value for IT would be valuable evidence in the United States via U.S. Customs and upgrade costs, we firmly believe that demonstrating criminal intent. Even the Immigration Services Form I–9. We excluding these miscellaneous costs verified identity of a natural person accordingly reject the contention put does not affect the RIA’s conclusion. whose status as a beneficial owner has forth by one commenter that it would be Benefit-Related Comments not been verified provides law ‘‘virtually impossible . . . to convince enforcement and regulatory authorities some beneficial owners to provide their Several commenters questioned the with an investigatory lead from whom personal information’’ on the grounds assumption that the beneficial they can develop an understanding of that many people are ‘‘especially ownership requirement would produce the legal entity. Although we accept that sensitive to disclosing personal useful information, contending, among it would be theoretically possible for an information’’ (although we recognize other things, that criminals would easily illicit actor to hire a random person to and appreciate this concern as a general avoid the requirement by simply lying set up an account for her shell company matter). on the Certification Form, or by at a covered financial institution, we For these same reasons, we do not employing an unaffiliated individual for question the wisdom and practicality of believe that the beneficial ownership the sole purpose of opening an account. effectively giving a stranger access and requirement would produce a They also questioned the value of the control, even if only for a limited time, significant ‘‘de-risking’’ effect as information provided when there are no to something as important as a financial identified by the commenter above. As means of verifying the person’s status as institution account. we note in the preamble to the final a beneficial owner. One commenter Along the line of these criticisms, suggested that illicit actors might evade rule, covered financial institutions will some of these commenters contended the requirement entirely by simply generally be allowed to rely upon the that we did not demonstrate a setting up a complex structure of shell representations of the legal entity sufficiently strong link between the companies. We address these customer regarding their ownership expected law enforcement and contentions in turn. structure, substantially mitigating what regulatory benefits and the reduction in this commenter identified as the We first accept the uncontroversial notion that criminal actors will illicit flows that we identified as the principal driver of ‘‘de-risking.’’ principal measure of benefit in our With respect to the issue of potential generally seek to evade legal and breakeven analysis. As described at lost business, while FinCEN believes it regulatory requirements as they carry length in the RIA, there are myriad is the case that legitimate businesses out their illicit schemes but stress that complex factors that contribute to need transaction accounts from banks, as the probability of detection in whether criminal and regulatory this is not necessarily the case with carrying out these schemes increases, investigations are initiated and pursued, respect to certain specialized types of some criminals would be less likely to credit products, which can also be engage in these illegal activities (at least and whether prosecutions are brought obtained from unregulated competitors. through the U.S. financial system). and successfully concluded, and it We have given careful consideration to While it is the case that clever illicit would not be possible to demonstrate the comments describing the expected actors can and sometimes do evade the causative effect of any single factor, impact of imposing this requirement many such requirements through deceit such as the introduction of the CDD upon specialized types of accounts in or trickery, ‘‘criminals will lie’’ is a rule, on these outcomes. We believe, for markets where the increased burden truism that could be used to justify the the reasons we describe in the RIA, that would likely drive prospective elimination of any number of criminal the beneficial ownership requirement customers into unregulated alternatives. and regulatory prohibitions, and is would reduce annual illicit flows in the As we describe in greater detail above insufficient justification here. This U.S. both by deterring their entry into in the Section-by-Section Analysis, we fundamental practice does not obviate the U.S. financial system, and stemming believe the policy reasons for exempting the significant benefits to law them entirely through convictions and these types of accounts from the scope enforcement and regulatory authorities forfeitures. of the rule proffered by commenters are associated with identifying and A few commenters challenged our compelling, and we have accordingly verifying the identity of at least one decision to identify compliance with exempted such accounts from the scope natural person associated with legal international standards as a benefit of the beneficial ownership entities later determined to be engaged weighed in the RIA. In response, we requirement. We therefore do not have in illicit activity. Illicit actors may well note that OMB guidance recognizes that to account for this type of possible flight set up complex webs of shell companies ‘‘[h]armonization of U.S. and as a cost of the rule. or structure their ownership so as to international rules may require a strong Other Miscellaneous Costs. Several increase the difficulty of determining Federal regulatory role.’’ 102 trade association commenters identified the individual who in fact owns the Other Issues a variety of sources of costs that were entity; it is because of this vulnerability not widely applicable to the institutions that legal entities are also required to A few commenters asserted that they represented. For example, one of provide the name of one natural person FinCEN’s consideration of regulatory these commenters who surveyed a under the control prong. And while a alternatives was inadequate. They group of banks noted that a few of these criminal may well lie regarding a legal thought, for example, that FinCEN banks identified costs, such as those entity’s beneficial ownership should consider requiring the collection accruing to one bank’s financial information, verification of the identity and verification of this information by investigative unit, that were not of the natural person(s) identified as a states at the time of company formation, identified by others. However, because beneficial owner will limit her ability to or that such information should be such costs cannot be quantified, they are do so in a meaningful way such that she collected by the IRS through the tax not included in the RIA. Yet because we could avoid scrutiny entirely. are confident that the actual Furthermore, as the Department of 102 OMB Circular A–4.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00034 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29431

filing system. We discuss these bound of IT upgrade costs are $0.38 and strengthen customer due diligence additional alternatives in the RIA. billion and $0.47 billion. (CDD) requirements for the following As noted above, several commenters This RIA argues, however, that both of financial institutions: Banks, brokers or requested that FinCEN exclude from the the above upper threshold estimates are dealers in securities, mutual funds, and scope of the beneficial ownership exceedingly conservative in that they futures commission merchants and requirement certain types of specialized are based on an upper bound for the introducing brokers in commodities. rule’s costs while not incorporating all The final rule contains explicit CDD accounts, such as accounts established 103 for the purpose of financing property of its benefits. Specifically, the provisions and a new regulatory and casualty insurance premiums; estimates: requirement to identify beneficial D Are based on an order-of-magnitude accounts established to finance the owners of legal entity customers. The cost assessment with an upper bound leasing of heavy machinery and beneficial owners are defined as each present value for 10-year IT upgrade equipment; and accounts established to individual who owns, directly or costs of $10 billion; finance postage and related items. These indirectly, 25 percent or more of the D incorporate the highest cost equity interests of the entity, and one requests have been addressed in the scenarios for the costs that are Section-by-Section Analysis above. individual with significant quantified in the RIA—financial responsibility to control, manage, or B. Final Regulatory Impact Assessment institution employee training (including direct the entity.104 the development of this training), new The final CDD rule is expected to 1. Executive Summary client onboarding, and the revision of contribute to a reduction in illicit The primary purpose of customer due policies and procedures; activity by providing easier access to diligence (CDD) requirements is to assist D are not in relation to, and therefore beneficial ownership information to financial investigations by law do not account for, all of the benefits support law enforcement investigations enforcement, with the goal being to that would be realized in the form of at the expense of additional costs to impair criminals’ ability to exploit the saved costs from crimes that would not gather and store the data on the anonymity provided by the use of legal occur in the presence of the rule beneficial owners of legal entity entities to engage in financial crimes because any reduction in illicit proceeds accounts. We expect that there will be including fraud and money laundering, would only reflect saved costs in the a meaningful impact on illicit activity and also terrorist financing, corruption, form of funds no longer involuntarily and law enforcement investigations, but and sanctions evasion. Treasury transferred from victims to offenders; these effects are notoriously difficult to presents expected cost estimates for the excluded benefits include, for quantify. Thus, we can only describe the some requirements and qualitative example, time not devoted to handling rule’s benefits qualitatively. We later assessment of other cost components the aftermath of—for example—fraud offer a conservative estimate of the and the benefits. In addition to the victimization, and psychological pain required minimum level of the rule’s qualitative benefit assessment, we and suffering not experienced due to effectiveness at which its benefits would present a breakeven analysis to assess those fraud victimizations avoided; and just offset its costs. D the level of benefits that would justify are not in relation to, and therefore We quantify certain costs to financial incurring the quantified costs associated do not account for, other effects institutions and their clients of with this rule. Treasury acknowledges discussed in the RIA, including complying with the final rule, specifically the value of additional time that there are uncertainties associated increased asset recovery, increased tax spent on these activities: Training with this assessment and discusses revenue due to stronger tools for financial institution staff, designing and those uncertainties in this Regulatory detecting and remediating under conducting staff trainings, revising Impact Assessment (RIA). Although data reporting and under payment of Federal compliance policies and procedures, and modeling limitations prevent us taxes, and reputational benefits to the and onboarding new accounts. from fully quantifying all costs and U.S. Government of meeting Throughout this analysis, we use a ‘‘no benefits attributable to the CDD rule, the international standards. Therefore, even though the RIA action’’ baseline, meaning that we U.S. Department of the Treasury assumes high IT costs, we find that the compute and discuss costs and benefits believes that the final rule would yield final CDD rule would still only need to of the final rule relative to a situation a positive net benefit to society. exhibit a modest level of effectiveness where the rule is not adopted. We The RIA employs a breakeven for its benefits to justify its costs as laid estimate that these first-year costs analysis that concludes that the CDD out in the RIA. It is the view of the would range from roughly $370 million rule would have to induce a modest Treasury Department that these to $520 million. Close to half of the reduction of between 0.16 and 0.6 reductions in illicit activity would be costs incurred over 10 years would be percent in annual U.S. real illicit achieved upon the implementation of borne by customers in additional time proceeds in each of ten years (2016– the CDD rule. spent opening accounts, with the other 2025) to achieve this positive net half due to additional staff time devoted benefit. If the definition of illicit 2. Introduction and Summary to training, compliance, and account proceeds is expanded to include money a. Overview of the RIA onboarding at the roughly 29,000 105 exchanged in illicit drug sales, which, The Financial Crimes Enforcement covered institutions. Training costs as described in the RIA, are not always Network (FinCEN) is publishing rules 104 included in such measurements, then under the Bank Secrecy Act to clarify Treasury’s Office of Economic Policy worked the analogous required reduction must with FinCEN to prepare this Assessment pursuant to Executive Orders 13563 and 12866 because the be between 0.12 and 0.47 percent. For 103 The estimated thresholds for the percent proposed rules have been determined by the Office either set of illicit activities, this would reduction in real illicit proceeds are assumed to be of Management and Budget (OMB) to be an correspond to a reduction in real constant across each year of the ten-year horizon for economically significant regulatory action. The proceeds ranging from $1.46 billion in the given set of illicit activities, and computed Notice of Proposed Rulemaking was published at 79 2016 to $1.81 billion in 2025, at the using an upper bound for costs based on estimated FR 45151 (August 4, 2014). and hypothetical values. At the threshold estimates, 105 The Treasury Department computed the upper bound for IT upgrade costs. The the present value of the rule’s benefits would just number of covered institutions based on analogous reductions at the lower be equal to the present value of its costs. Continued

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00035 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29432 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

would fall sharply after the first year as To summarize: This cost-benefit failure. Economists consider the the majority of first-year costs are due to analysis provides a qualitative presence of a market failure to be a time spent designing training modules discussion of the rule’s benefits and justification for policy intervention. The for employees, a cost that we assume some costs, and quantitative estimates final CDD rule intends to address two will not recur after the first year. We of those costs for which adequate data related market failures. Both of these are estimate that 10-year quantifiable costs are available. Due to the limited spillovers (also called externalities) in range from $1.15 billion to $2.15 billion availability of data on illicit activity and that the wellbeing of parties not buying in present value using a seven-percent in the absence of previous changes in or selling in a market is impacted by discount rate and from $1.3 billion to beneficial ownership disclosure policy, transactions in that market. Spillovers $2.5 billion using a three-percent the final rule’s effects in terms of can either be positive or negative. For discount rate. The annualized costs reducing such crime cannot be example, a positive spillover occurs in range from $153 million to $287 million estimated with sufficient accuracy to the market for influenza vaccinations: using a seven-percent discount rate; warrant quantitative assessment. In the Those who receive the vaccine reduce $148 million to $282 million using a absence of fully quantified benefits and the chances of others who do not three-percent discount rate. costs, we rely on a breakeven analysis receive the vaccine from catching the As described at greater length below to determine how large the final rule’s flu. From the perspective of society’s in the breakeven analysis, given even an benefits would have to be in order to overall wellbeing, the existence of a unrealistically high hypothetical value justify its costs. Given that the positive spillover implies that fewer for the rule’s total costs, the CDD rule breakeven analysis depends on an transactions are taking place in the would only have to reduce annual real argument about the final rule’s market in question than is socially illicit activity by between 0.16 percent effectiveness in generating benefits, and optimal. Conversely, in the case of a (roughly $0.38 billion in 2016, rising to that the benefit of a crime prevented is negative spillover, too many 0.47 billion in 2025) and 0.6 percent the inverse of that crime’s cost,108 we transactions occur, resulting in lower (roughly $1.46 billion in 2016, rising to need a value for the costs of the crimes societal wellbeing. For example, a paper $1.81 billion in 2025), to yield a positive that the rule would impact. For this mill that pollutes a river by releasing net benefit (the required reduction in specific regulation’s RIA, we choose to wastewater may negatively affect illicit proceeds would only be between utilize the Treasury Department’s recreational fishermen downstream who 0.12 percent and 0.47 percent if estimate of $300 billion in illicit may find fewer fish or be unable to eat proceeds from illicit drug sales are proceeds generated annually in the the fish they catch due to the included).106 107 United States due to financial crimes as pollution.110 We discuss the spillovers the basis for determining the rule’s addressed by the CDD rule in more information provided by the Federal Deposit minimum level of effectiveness in the detail below. Insurance Corporation, the National Credit Union breakeven analysis, at which benefits Illegal activities are social ‘‘bads’’ Administration, the Securities and Exchange Commission, and the Commodity Futures Trading would exactly justify costs. The whole rather than social goods. Because Commission. The Treasury Department did not of these proceeds must be laundered financial institutions bear the cost of conduct an incidence analysis as to whether the before they can re-enter the economy collecting the beneficial ownership regulated entities will be able to pass along the under a guise of legitimacy.109 information, they only take into account costs to their customers ultimately. their own benefit to doing so when 106 This calculation uses the $300 billion estimate The remainder of this section for annual illicit proceeds generated in the United provides the rationale for the CDD rule, selecting their level of investment in States on page 2 of U.S. Department of the Treasury. discusses regulatory alternatives, and crime-reducing security measures.111 Office of Terrorism and Financial Intelligence. summarizes the findings of the cost- The implication is that financial 2015. National Money Laundering Risk Assessment. benefit analysis. The second section institutions underinvest in such 107 The distinction between illicit proceeds that include and exclude money exchanged in illicit reports quantitative estimates of certain measures from the standpoint of society. drug sales matters for the interpretation of proceeds costs; the third section provides a If all members of society are potential as costs of crime. As discussed later, illicit proceeds qualitative discussion of benefits and victims of future criminal activity, then that are involuntarily transferred from victims to the prevention of financial crimes offenders—for example, via fraud—are naturally those costs that we cannot quantify; the counted among ‘‘external’’ costs of crime. On the fourth and final section employs a including money laundering and other hand, illicit proceeds from transactions that breakeven analysis to make the case for terrorist financing have the are arguably voluntary, like illicit drug sales, do not the adoption of the final rule. characteristics of public goods, meaning fit into the set of external costs so readily. To the that all citizens benefit from actions to extent that the size of proceeds from illicit drug b. Rationale for the CDD Rule sales are indicative of the costs to society of the drugs consumed from those transactions—loss of Under certain circumstances, markets 110 Whether the spillover is positive or negative, health and quality of life and lost labor market lead to socially desirable allocations of the market failure is attributable to the lack of a productivity, among many others—then this goods and services. Yet when all the second market that would allow participants and justifies using the broader measure of illicit activity nonparticipants in the market with the spillover to (i.e., including drug sales) for estimating the social necessary conditions are not met, a compensate one another so that the quantity benefits of reduced crime. Although in this instance market’s allocation of goods may not be produced and consumed is socially optimal in the we are not accounting for the effects of the efficient, a situation known as a market market with the spillover. For example, the proposed rule on other types of illicit activity (e.g., fishermen have no formal mechanism for paying the terrorist financing) in the breakeven analysis, the owners of the paper mill to produce less wastewater CDD rule would potentially impact the likelihood $9 billion. ‘‘Letter to President’s Working Group on by producing less paper. The implication of this of low probability, high impact events occurring. Financial Markets regarding Terrorism Risk ‘‘missing market’’ is that the overall wellbeing Such reductions have the potential to yield Analysis,’’ American Academy of Actuaries, April might be lower than what society would be willing significant benefits. For example, the costs of 21, 2006. to pay for, if it could. terrorism and financial crime can run into the 108 The terms ‘‘costs’’ and ‘‘benefits’’ can be 111 Even in the extreme case where financial billions of dollars in terms of property destruction, interchangeable depending on whether one is institutions could pass along the entire cost of foregone tax revenues, and loss of life. The examining the effect of crime or the effectiveness collecting this information, it does not follow that American Academy of Actuaries has estimated that of a crime reduction program. See page 276 of the resulting level of investment in crime-reducing a medium-impact scenario involving a chemical, Cohen, Mark A., ‘‘Measuring the Costs and Benefits security measures would maximize social nuclear, biological, or radiological attack in New of Crime and Justice,’’ Criminal Justice 4 (2000): wellbeing. Realistically, competition among York City could result in insured losses of over 263–315 (‘‘. . . the cost of a crime is the same as financial institutions for clients will limit the extent $445 billion, while a truck bomb attack in San the benefit of a crime that was prevented’’). to which they can pass these costs along to Francisco could result in insured losses of nearly 109 See footnote 106. customers.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00036 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29433

mitigate these activities regardless of fewer than a specified minimum number of reduced by this higher threshold for who pays for the prevention. legal entity accounts. disclosure but are confident that with Absent this final rule, financial Alternative 1, setting a 10 percent this threshold illicit actors would have institutions will continue to invest at beneficial ownership threshold, would greater ease in using legal entities to lower than efficient levels, in provide more information to potentially mask their financial activities than with accordance with their private interests, identify individuals involved in illicit the proposed threshold. neglecting the incremental positive financial activity. Collecting Alternative 3 would apply the same impact of each additional dollar spent information for a maximum of 11 beneficial ownership disclosure on security measures on broader social people 112 can potentially identify illicit threshold as the final rule to new welfare. This is especially true if financing through owners of stakes as accounts, but would also require financial institutions that are small as 10 percent. However, as a retroactive collection of beneficial considering collecting beneficial practical matter, we believe that this ownership information for existing ownership information perceive that threshold would predominantly impact accounts at the time the rule comes into they would lose business to competitors legitimate legal entities, and impose force. The increased costs from that do not require that information. By upon them a significant burden that complying with Alternative 3 would compelling universal compliance across would not be outweighed by the likely take the form of significant labor all covered institutions, implementation incremental benefit to law enforcement costs as financial institutions hired of the final rule would increase of additional identities of beneficial additional workers to gather beneficial ownership data from customers and beneficial ownership disclosure at owners. Such a change would also come input it into account databases. financial institutions, making illicit at higher costs in terms of more Alternative 3 would also impose costs activities more costly to commit. financial institution and client on existing customers of covered Without the final rule, the negative onboarding time (in some instances, up financial institutions. We do not foresee spillover arises because a country with to twice as much, since the maximum additional IT development costs beyond less stringent anti-money laundering number of beneficial owners would be those for the final rule. We expect that and countering the financing of more than doubled from a maximum of the above-described costs would be terrorism (AML/CFT) regulations may five to a maximum of eleven) and substantial. In the 2012 ANPRM, become a destination for the laundering additional data storage. In FinCEN’s FinCEN sought comments on whether to of proceeds generated by illicit activities assessment, the incremental benefit of committed in other countries. The require retroactive collection of this approach does not outweigh the beneficial ownership information for country with less stringent rules and burdens associated with having to regulations receives the inflow of capital existing accounts. Many commenters to collect and verify the identities of more the ANPRM viewed a retroactive without bearing the costs of the criminal than twice as many beneficial owners in offenses that created that inflow of requirement to obtain beneficial some circumstances. Incremental costs ownership information for all existing capital. International cooperation that to financial institutions for IT updates, harmonizes AML/CFT policies may accounts as extremely burdensome, and staff training, and internal controls, opposed such a requirement. In light of reduce this market failure. By helping to above and beyond those incurred for the harmonize U.S. standards with those of these representations about the burdens final rule, would likely be limited. associated with such a requirement, the global community, adopting this Alternative 2, setting a 50 percent final rule would make laundering the FinCEN proposed in the NPRM that the beneficial ownership threshold, is less beneficial ownership requirement proceeds in the United States from stringent, but provides less information illicit activities committed in the other would apply only with respect to legal to potentially identify those involved in entity customers that open new countries more costly and thereby illicit financing. Using a 50 percent mitigate the current negative spillover. accounts going forward from the threshold would forego information on Applicability Date. During the NPRM c. Discussion of Regulatory Alternatives owners of stakes as high as 49 percent. comment period, the vast majority of to the Final CDD Rule Furthermore, setting the threshold this commenters who addressed this issue In this section, we discuss five high would render the rule more reiterated this objection to retroactive alternatives to the final CDD rule, which susceptible to evasion, as beneficial application of the beneficial ownership will set a 25 percent beneficial owners of legal entities could more obligation. Alternative 3 may offer ownership disclosure threshold for new easily manage their ownership interests substantially larger benefits than the legal entity accounts. The first three to fall below this level than 25 percent. final rule because it would make Requiring personal information for a available beneficial ownership alternatives are variants of the CDD rule, 113 while the remaining two are alternative maximum of three people would information for far more accounts than regulatory approaches: somewhat reduce data collection costs the final rule, as the stock of existing to financial institutions and their accounts covered would greatly exceed Alternative 1: 10 percent beneficial customers’ costs. But, because major the flow of new accounts. The ownership disclosure threshold. cost elements such as IT updates, staff Alternative 2: 50 percent beneficial advantage in terms of greater beneficial ownership disclosure threshold. training, and internal controls would ownership information would fall over Alternative 3: Applying the proposed 25 still be incurred by financial time; the higher requirements of percent beneficial ownership disclosure institutions, overall savings would Alternative 3 may also require a later threshold to existing legal entity accounts, as probably be limited relative to the final deadline for compliance. well as to new accounts. rule. We cannot quantify how much the As to Alternative 4, many commenters Alternative 4: Collection and verification of benefit from the final rule would be stated that it would be more efficient, as the identities of beneficial owners by State well as more appropriate, to place the officials at the time of company formation. 112 Under the two elements of the definition of Alternative 5: Collection and verification of obligation to obtain beneficial beneficial owner described earlier, up to 10 ownership information on the States the identities of beneficial owners by the individuals under the ownership element and one Internal Revenue Service (IRS). individual under the control element. that create the entities rather than on Alternative 6: Exempt financial institutions 113 Two individuals under the ownership element financial institutions at the time that below a certain asset size, or that maintain and one individual under the control element. accounts are opened. While the

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00037 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29434 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

existence of such a requirement may incorporate in those States without such FinCEN to exempt small entities from reduce some costs that would be borne a requirement. Such gaps would obviate this requirement, or entities that by financial institutions under the rule, the benefit of such a requirement at the establish fewer than a limited number of Treasury believes that it would not State level. accounts for legal entities, those eliminate the need for an independent With respect to Alternative 5, some financial institutions would be at greater obligation of covered financial commenters also urged that beneficial risk of abuse by money launderers and institutions to collect and verify the ownership information could more other financial criminals, as criminals beneficial ownership information at the efficiently be collected by Federal would identify institutions without this time an account is opened. officials at the IRS through the process requirement. Additionally, as stated in the NPRM, the of obtaining Employer Identification d. Summary of Findings Administration supports the collection Numbers for legal entities, which would of this information at both the time of shift the costs from financial institutions i. Costs company formation and at the time an to government. For the reasons stated (1) Quantitative Assessment account is opened. There are important above, Treasury believes that collection reasons for this: (i) Company formation and verification of beneficial ownership In response to comments that our and account opening generally take information is necessary and valuable compliance cost estimates in the place at different points in time which both at the time of company formation proposed rule were unrealistically low, may result in the information changing; and at the time of account opening. we conducted telephone interviews and (ii) there is no requirement for a Moreover, FinCEN lacks the authority to with financial institutions that legal entity formed in the United States impose such an information collection submitted comments, as well as with IT to open a bank account in the United requirement upon the IRS, and because vendors which currently supply related States, nor is there a bar on non-U.S. of the sensitive nature of tax AML/CFT software to financial legal entities opening accounts in the information and the many statutory institutions.114 Using information from United States. Therefore it is important restrictions on the use of such those interviews, we estimate the cost to to have requirements that apply to both information in order to protect financial institutions and their clients of points of entry. In addition, there are taxpayers’ privacy, legislative changes the additional time required to open Constitutional impediments on the to the tax code would be required. new legal entity accounts under the manner and extent to which the Federal Regarding Alternative 6, FinCEN also CDD rule, and the costs to financial government could impose such a considered exempting small financial institution costs for employee training requirement on the States, as there is no institutions below a certain asset size or and the revision of AML program Constitutional provision authorizing the that have a minimal number of legal procedures. For a discount rate of seven Federal government to directly mandate entity accounts. In this regard, FinCEN percent, Table 1a lists the high-cost and that States collect such information. has determined that identifying the low-cost estimates for each of the Furthermore, without concerted action beneficial owner of a financial quantified categories of costs incurred on such a proposal by all 50 States and institution’s legal entity customers and in the first year alone, in the first ten the District of Columbia, we would verifying that identity is a necessary years in terms of present value, and on expect illicit actors to simply part of an effective AML program. Were annual basis over the first ten years.115

TABLE 1a—QUANTIFIED COSTS FOR 7% DISCOUNT RATE [Millions of USD]

Financial institution Training Onboarding Compliance Client Total

First-Year Costs: Low Estimate ...... $211 $45 $55 $61 $371 High Estimate ...... 256 89 55 121 521 Present Value of 10-Year Costs: Low Estimate ...... 264 353 55 477 1,149 High Estimate ...... 439 705 55 955 2,154 Annualized Costs: Low Estimate ...... 35 47 7 64 153 High Estimate ...... 59 94 7 127 287 Source: Treasury Department calculations. Note: First year of analysis is 2016. All figures in 2014 dollars.

We estimate that first-year costs billion in present value and that costs are unchanged, but we estimate would range from roughly $370 million annualized costs would range from that the 10-year cost range shifts up to to $520 million; training costs would be approximately $150 million to $290 roughly $1.3 billion to $2.5 billion lower in subsequent years. Furthermore, million. Table 1b reports the analogous while the annualized costs shift down we estimate that the 10-year costs range costs for a three-percent discount rate. slightly to a range of $150 million to from roughly $1.15 billion to $2.15 For this lower discount rate, first-year $290 million.

114 Treasury understands that most financial 115 The annualized cost value is the undiscounted 1a) and summed. For example, a 10-year stream of institutions do not build their own systems for constant annual cost incurred in each of the ten $59 million (the ‘‘High Estimate’’ annualized cost entering and storing data regarding their customers, years that, if it occurred, would yield the value for for training in Table 1a) has a present value of $439 but rather purchase such systems from third parties the corresponding ‘‘present value of 10-year costs’’ million using the seven-percent discount rate. that specialize in providing such products to entry in the table after the stream of costs were financial institutions. discounted (using the seven-percent rate in Table

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00038 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29435

TABLE 1b—QUANTIFIED COSTS FOR 3% DISCOUNT RATE [Millions of USD]

Financial institution Training Onboarding Compliance Client Total

First-Year Costs: Low Estimate ...... $211 $45 $55 $61 $371 High Estimate ...... 256 89 55 121 521 Present Value of 10-Year Costs: Low Estimate ...... 274 414 55 560 1,303 High Estimate ...... 476 827 55 1,120 2,479 Annualized Costs: Low Estimate ...... 31 47 6 64 148 High Estimate ...... 54 94 6 128 282 Source: Treasury Department calculations. Note: First year of analysis is 2016. All figures in 2014 dollars.

(2) Qualitative Assessment example, the Dodd-Frank Wall Street high-cost estimate assumes two-thirds of Reform and Consumer Protection Act of Several types of costs associated with covered institution employees receive 2010, add to the challenge of assessing the implementation of this rule cannot training, and one-time initial training the potential impacts of this final rule. be reliably quantified due to a lack of runs for one hour while subsequent Finally, changing external factors such data. For example, we provide annual refresher trainings last 15 as evolving AML/CFT policies of foreign qualitative discussions of information minutes. The low-cost estimates assume governments and management practices technology upgrades by covered one-third of employees are trained, the of overseas financial institutions may institutions and incremental costs to initial training takes 30 minutes, and the affect the level of illicit activities in the U.S. criminal investigations because the annual refresher trainings run 10 United States, including through cross- data are insufficient for quantitative minutes. border institutions. assessments. In both the high-cost and low-cost For all of the above reasons and estimates, we make four main ii. Benefits others, this cost-benefit analysis relies assumptions. First, we assume the extensively on a qualitative assessment The primary purpose of the final CDD opportunity cost of staff time spent in of potential effects, based on relevant rule is to reduce illicit activity, training is equal to the wage rate rather literature. Finally, while we believe that including financial crimes such as than total compensation (wage rate plus a significant increase in, for example, money laundering and terrorist benefits).117 Second, we apply the BLS the number of prosecutions for money financing. Yet, none of the benefits of 2012–22 projected employment growth laundering, following the CDD rule’s the final rule, in terms of reducing rate of 0.9 percent per year for Financial crime, can be measured with sufficient possible adoption would signal its effectiveness in diminishing the level of Activities to our 10-year time accuracy at this time to warrant horizon.118 Third, we use the aggregate quantitative assessment. Two primary criminal activity, given the time required to build and prosecute cases, annual real wage growth rate of 1.2 factors impede credible quantitative percent (rounded intermediate estimation of the rule’s benefits: Illicit that sort of quantitative assessment would not be possible for several years. assumption) from the 2015 Social activity is difficult to observe, meaning Security Trustees Report.119 Finally, we that reported measures are likely 3. Quantitative Estimates of Costs assume that staff turnover rates are unreliable, and there is no past variation a. Costs to Covered Institutions consistent with the rates provided in the in beneficial ownership requirements in Finance and Insurance sector in the BLS the United States from which to i. Employee Training estimate the effects on outcomes. We generate high- and low-cost working in business establishments in sectors Furthermore, estimation of effects of estimates of the training costs to covered having one of the following four-digit North policy changes using historical data is institutions based on input from the American Industry Classification System (NAICS) challenging in this context. Existing codes: 5221 (Depository Credit Intermediation), institutions and data from the Bureau of 5222 (Nondepository Credit Intermediation), 5223 AML/CFT regulations under the Bank Labor Statistics (BLS). These estimates (Activities Related to Credit Intermediation), or Secrecy Act and subsequent legislation pertain only to the training costs 5231 (Securities and Commodity Contracts already help mitigate financial crimes directly associated with the final rule, Intermediation and Brokerage). including money laundering and 117 This assumption results in a higher not the full set of training activities opportunity cost of training than might be terrorist financing. In addition, needed to address the broader set of warranted if employees’ brief time in training extensive changes in the United States AML/CFT regulations for financial mostly displaces less-than-fully productive and international regulatory regimes institutions. Based on the total number activities. 118 following the financial crisis of 2008 of employees and the employee- BLS. 2013. ‘‘Industry Employment and Output further complicate the estimation of Projections to 2022,’’ Monthly Labor Review. http:// weighted average hourly wage at www.bls.gov/opub/mlr/2013/article/industry- potential effects of any change in the covered institutions, we estimate high- employment-and-output-projections-to-2022.html. CDD rule, as even changes to non-AML/ and low-cost scenarios by varying the 119 The Board of Trustees, Federal Old-Age and CFT regulations may alter regulated share of employees receiving training Survivors Insurance and Federal Disability parties’ behavior in ways that make it 116 Insurance Trust Funds. 2015. The 2015 Annual and the length of that training. The Report of the Board of Trustees of the Federal Old- difficult to attribute potential effects to Age and Survivors Insurance and Federal Disability the CDD rule alone. Ongoing financial 116 To represent the workforce in covered Insurance Trust Funds. http://www.ssa.gov/oact/tr/ regulatory reforms, including for institutions, we use wage data for all employees 2015/tr2015.pdf.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00039 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29436 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

Job Openings and Turnover Survey.120 subsequent years for two reasons: All also assume that turnover rates are We believe this set of assumptions employees who receive training are equivalent for positions requiring and yields estimates that account for the given the longer initial training in the not requiring training. primary factors that may affect costs in first year, but take shorter refresher The present discounted values of our training in the following years, and the period of analysis. low- and high-cost scenarios over the Table 2 summarizes the estimated compliance staff must design the 10-year period range from roughly $265 costs. Estimated first year training costs training in the first year.121 We allow for range from roughly $210 million to $260 employee turnover by assuming that million to $440 million and from million depending on the share of new hires in positions requiring training roughly $275 million to $475 million employees trained and the duration of would be given the full initial training using the seven-percent and three- the training sessions. First-year costs are in their first years, and refresher percent discount rates, so much greater than the costs in trainings in each subsequent year. We respectively.122 123

TABLE 2—ESTIMATED TRAINING COSTS [Millions of USD, present value]

7% discount rate 3% discount rate Year Low estimate High estimate Low estimate High estimate

1 ...... $211.1 $256.0 $211.1 $256.0 2 ...... 7.0 24.4 7.3 25.3 3 ...... 6.7 23.3 7.2 25.1 4 ...... 6.4 22.2 7.2 24.9 5 ...... 6.1 21.2 7.1 24.7 6 ...... 5.9 20.2 7.0 24.5 7 ...... 5.5 19.3 7.0 24.3 8 ...... 5.3 18.4 6.9 24.1 9 ...... 5.1 17.6 6.9 23.8 10 ...... 4.8 16.8 6.8 23.6

Present Value ...... $263.8 $439.4 $274.4 $476.3 Source: Treasury Department calculations. Notes: Year 1 is 2016. Includes annual real wage growth rate based on aggregate intermediate rate in 2015 Social Security Annual Trustees Report. Mean industry wage rates are based on BLS Occupational Employment Statistics, May 2014 for NAIC–4 codes 5221, 5222, 5223, and 5231. Job turnover rates are a 5-year average from BLS total separations rates for the Finance and Insurance sector from Job Openings and Labor Turnover Survey, March 2015. Employment growth projections come from BLS Economic News Release, December 2013. Low estimate assumes one-third of employees are trained with a 30-minute initial training and 10-minute annual refreshers. High estimate assumes that two- thirds of employees are trained with a 1-hour initial training and 15-minute annual refreshers.

ii. Incremental Onboarding million new accounts per year, which $16.77, the average wage for ‘‘new takes into account all financial accounts account clerks’’ in the financial industry Financial institutions would that will be excluded or exempted from according to data furnished by the BLS. primarily satisfy the final CDD rule’s the rule. We consider a range of 20 to For a seven-percent discount rate, the requirement to collect beneficial 40 minutes of additional time on present value of onboarding costs has an ownership and control information average to open an account under the approximate range of $350 million to during the legal entity account opening CDD rule, based on a series of telephone $705 million; for a three-percent process. We estimate the incremental calls with covered institutions, and on discount rate, the present value of onboarding costs to institutions of the public comments received in response onboarding costs is roughly $410 CDD rule by multiplying the expected to both the NPRM and the preliminary million to $825 million. annual number of new legal entity version of the RIA published in Table 3 shows the estimated accounts by the value of the expected December 2015.125 We base a financial onboarding costs associated with the additional onboarding time due to the institution’s cost of the additional time final rule for the 10-year period of final rule.124 We use an estimate of 8 spent onboarding a single account on analysis.

120 BLS. 2015. Job Openings and Labor Turnover cost of designing trainings is the product of this one hour of initial training and subsequent annual Survey News Release. http://www.bls.gov/ wage, 200 (hours), and the number of financial refresher training of 15 minutes, then the present news.release/archives/ institutions. value of 10-year training costs would be $561 _ _ jolts 03102015.htm#jolts table9.f.2 122 For completeness, as per guidance from OMB, million. Although we think it is unlikely that labor We use the average of the 2010–14 total annual we estimate the 10-year present discounted values force training would need to be this widespread, separations rates for the Finance and Insurance using both 7-percent and 3-percent discount rates. this estimate provides an upper bound for total industry, provided in Table 16. The latter is generally appropriate for discounting training costs. 121 Using information provided in a comment by future consumption flows when a regulation a major trade association, we adopted 200 hours as primarily affects private consumption, while the 124 We expect that the tasks included in this the necessary amount of time to design training per former is more applicable for regulations affecting additional onboarding time would include financial institution. Furthermore, we use wage private-sector financial institutions. (See Office of collection and verification of beneficial ownership data from the May 2014 BLS Occupational Management and Budget (OMB), Regulatory Impact information, as well as associated recordkeeping. Analysis: A Primer, Aug. 15, 2011) Employment Statistics for ‘‘compliance officers’’ 125 In the preliminary RIA, we used 15 and 30 working in business establishments in sectors 123 One of the financial institutions we minutes for the low and high scenario average having one of the four-digit North American interviewed was a large bank whose representatives Industry Classification System (NAICS) codes stated that all of its employees would require increases, respectively, in onboarding time per mentioned in footnote 116; the average hourly wage training for one-half hour. In the above analysis, if account, but some commenters objected to these for these compliance officers is $34.03. The total all employees at all covered institutions required values as being too low.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00040 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29437

TABLE 3—ESTIMATED ONBOARDING COSTS FOR FINANCIAL INSTITUTIONS [Millions of USD, present value]

7% discount rate 3% discount rate

Year Low estimate High estimate Low estimate High estimate 20 Minutes 40 Minutes 20 Minutes 40 Minutes additional time additional time additional time additional time

1 ...... $44.7 $89.4 $44.7 $89.4 2 ...... 42.3 84.6 43.9 87.9 3 ...... 40.0 80.0 43.2 86.3 4 ...... 37.8 75.7 42.4 84.8 5 ...... 35.8 71.6 41.7 83.3 6 ...... 33.8 67.7 40.9 81.9 7 ...... 32.0 64.0 40.2 80.5 8 ...... 30.3 60.5 39.5 79.1 9 ...... 28.6 57.3 38.8 77.7 10 ...... 27.1 54.2 38.2 76.3

Present Value ...... $352.5 $705.0 $413.6 $827.2 Source: Treasury Department calculations. Notes: Year 1 is 2016. Includes annual real wage growth rate based on aggregate intermediate rate in 2015 Social Security Annual Trustees Report. Mean wage rates is based on BLS Occupational Employment Statistics, May 2014 for New Account Clerks. Based on expectation of 8 million legal entity accounts opened each year.

iii. Revising Policies and Procedures b. Additional Client Time in New of new accounts that would be opened, In order to ensure adherence to the Account Opening Process and an estimate of the value of client final CDD rule, compliance officers will Covered institution clients would also time. Also, for the sake of consistency have to revise their financial incur costs due to the additional with the computations for additional institution’s AML program procedures— onboarding time resulting from the final onboarding costs for financial for example, account onboarding—that rule (for covered institutions, we gave institutions, we necessarily assume that will be affected by the final rule. In consideration to this cost above). Based 8 million new legal entity accounts are comments submitted regarding the RIA, on a series of telephone conversations opened each year in calculating client a major trade association estimated that with covered institutions and public costs. We use $22.71 per hour, the this process would require an additional comments we received in response to weighted average hourly wage for all 56 hours of work per financial the NPRM and the preliminary version employees from the May 2014 National institution. Multiplying this additional of the RIA published in December 2015, Occupational Employment and Wage hours figure by the average wage of we estimate client costs. Our estimates Estimates report. Using a seven-percent compliance officers working in the assume the incremental time discount rate, the present value of the relevant industries ($34.03; see footnote requirements for clients opening new total additional cost to covered 122) by the number of covered legal entity accounts equal the institution clients opening a new institutions yields a total cost of $55 incremental onboarding time for account range from $475 million to $955 million for updating compliance institutions and are products of the million; the analogous figures for a procedures, which is only incurred in average additional time required to open three-percent discount rate are $560 the first year. an account, an estimate of the number million and $1.2 billion.

TABLE 4—ESTIMATED CLIENT COSTS [Millions of USD, present value]

7% discount rate 3% discount rate

Year Low estimate High estimate Low estimate High estimate 20 Minutes 40 Minutes 20 Minutes 40 Minutes additional time additional time additional time additional time

1 ...... $60.6 $121.1 $60.6 $121.1 2 ...... 57.3 114.6 59.5 119.0 3 ...... 54.2 108.3 58.5 116.9 4 ...... 51.2 102.5 57.4 114.9 5 ...... 48.5 96.9 56.4 112.9 6 ...... 45.8 91.7 55.5 110.9 7 ...... 43.3 86.7 54.5 109.0 8 ...... 41.0 82.0 53.5 107.1 9 ...... 38.8 77.6 52.6 105.2 10 ...... 36.7 73.3 51.7 103.3

Present Value ...... $477.3 $954.7 $560.1 $1,120.3 Source: Treasury Department calculations.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00041 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29438 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

Notes: Year 1 is 2016. Includes annual real value of time growth rate based on aggregate intermediate real wage growth rate in 2015 Social Security Annual Trustees Report. Real value of time rate is based on U.S. BLS Occupational Employment Statistics (2014) weighted average hourly wage rate for all occupations. Based on expectation of 8 million legal entity accounts opened each year.

4. Qualitative Discussion of Costs implementation of the final rule, but we number of SARs filed, and the resulting a. Incremental Costs to U.S. Criminal describe them briefly in the following Federal resources used for analysis, Investigations and the Justice System sections. As noted below, even however, are ambiguous. Of the SARs predicting the directions of the changes currently filed, a significant number The U.S. Department of the Treasury in law enforcement activity due to the involve transactions that financial believes the final rule may increase final rule can be difficult, so any institutions deem suspicious because costs for Federal financial intelligence attempt at estimating magnitudes would they are executed by or involve and criminal justice agencies because of be speculative. the additional resources needed to potential shell companies. Any increase in the number of SARs filed under the handle the potentially increased volume i. Suspicious Activity Report Processing of Suspicious Activity Reports (SARs), final rule would likely be offset by the investigations, prosecutions, and We expect that with adoption of the capacity of newly collected beneficial incarcerations triggered by the final rule final rule, SARs filed by covered ownership data to remove some flagged when adopted. These activities are part financial institutions will be transactions from suspicion. The new of the process of bringing financial increasingly likely to include beneficial information would result in some SARs criminals, money launderers, terrorist ownership information for legal entity not being filed that formerly would have financiers, and other national security accounts as, over time, the share of been. The number of initial SAR filings threats to justice, which confers benefits accounts on which beneficial ownership grew from 2010 to 2014, as shown in in the forms of reduced crime and information would be gathered at Table 6. Due to the uncertainties terrorist financing. We do not attempt to opening rises. This information would associated with attributing future quantify the scale of changes in these speed the identification of complicit changes in SAR filings to the final CDD law enforcement activities (and their individuals by law enforcement rule, we do not estimate the magnitude associated costs) attributable to agencies. The potential effects on the of this potential effect.

TABLE 6—INITITAL SUSPICIOUS ACTIVITY REPORTS (SARS) FILED IN THE UNITED STATES BY COVERED INSTITUTIONS [Sums of all reported types of intial SARs]

2010 2011 2012 2013 2014 5 Year average

690,603 ...... 798,780 842,947 1,000,074 909,371 848,355 Source: FinCEN’s System of Record. Note: Statistics are based on counts of SARs identified as initial filings with filing received dates in the indicated year, as of 10/8/2015.

ii. Investigations enforcement agencies to better target activity would increase the hours of their efforts, which could more than Federal staff and contractors engaged in The collection of beneficial offset the higher resource requirements this activity. The availability of ownership information on legal entities by increasing the rate at which beneficial ownership information, had by covered institutions may lead to investigations result in prosecutions. the final rule been in place, could have more Federal investigations of financial assisted in prosecution of several iii. Prosecutions crime and greater expense on such categories of crime; Table 7 shows the investigations. Improved access to The final rule may similarly facilitate number of prosecutions in each of those beneficial ownership information would the identification and prosecution of the categories for the last five years. Due to facilitate the process of ‘‘following the beneficial owners of a legal entity the uncertainties associated with money trail’’ of affiliated entities and involved in illicit activity, as well as attributing future changes in individuals associated with legal entity other key individuals associated with prosecutions to the final CDD rule, we accountholders, and may lead to the the legal entity, possibly resulting in do not estimate the magnitude of this discovery of previously unknown more instances where charges are potential effect, but even a hypothetical linkages to criminal activity. However, formally filed (compared to the number 1 percent increase on the five-year accessible beneficial ownership of cases brought if the final rule were average of about 46,000 would raise the information would also enable law not adopted). Growth in prosecution number of prosecutions by 460.

TABLE 7—FEDERAL PROSECUTIONS BY PROGRAM CATEGORY

Program category 2010 2011 2012 2013 2014 5 Year average

Drug Dealing and Posses- sion ...... 26,805 28,422 26,858 25,884 21,577 25,909 Government Regulatory ... 2,974 2,815 2,455 2,728 2,501 2,693 National Internal Security/ Terrorism ...... 365 319 267 269 212 286 Official Corruption ...... 727 585 633 636 524 621 Organized Crime ...... 572 582 363 390 316 445 Weapons ...... 7,614 7,465 7,774 7,136 6,632 7,324 White Collar Crime ...... 9,722 10,162 8,433 8,373 7,864 8,911

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00042 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29439

TABLE 7—FEDERAL PROSECUTIONS BY PROGRAM CATEGORY—Continued

Program category 2010 2011 2012 2013 2014 5 Year average

Total ...... 48,779 50,350 46,773 45,416 39,626 46,189 Source: TRACFed database.

iv. Incarcerations workspaces, training, and equipment). ownership information could have In principle, if incremental aided in prosecution. Due to the If the number of successful incarcerations attributable to the final uncertainties associated with attributing prosecutions increased due to the final rule are substantial enough that one or future changes in incarcerations to the rule, we expect that incarceration costs more new Federal institutions must be final CDD rule, we do not estimate the would rise. Increased incarcerations built and put into operation, then costs magnitude of this potential effect, but may incur greater variable costs (such as would likely rise further.126 Table 8 even a hypothetical 1 percent increase food, clothing, and dwellings), and shows the number of prison sentences on the five-year average of roughly personnel costs at Federal penitentiaries during 2010–14 for categories of crime 36,000 would raise the number of (guards and other staff, and their where the availability of beneficial incarcerations by 360.

TABLE 8—SENTENCED TO PRISON TERM FOR FEDERAL CRIME

Program category 2010 2011 2012 2013 2014 5 Year average

Drug Dealing and Posses- sion ...... 21,426 21,686 23,449 21,663 20,990 21,843 Government Regulatory ... 1,000 1,053 1,065 929 856 981 National Internal Security/ Terrorism ...... 198 186 154 177 176 178 Official Corruption ...... 357 343 358 339 373 354 Organized Crime ...... 340 367 363 252 248 314 Weapons ...... 6,594 6,428 6,553 6,311 5,981 6,373 White Collar Crime ...... 6,211 6,381 5,844 5,444 5,537 5,883

Total ...... 36,126 36,444 37,786 35,115 34,161 35,926 Source: TRACFed database.

b. Costs to Covered Institutions systems conform to the final rule by just implement changes to their IT systems i. Information Technology Upgrades upgrading the core platform’s software so that they maintain regulatory once, then there are economies of scale compliance on behalf of the financial The final CDD rule will require in producing CDD-compliant IT institution. During the term of a financial institutions to collect, house, systems. In other words, as the vendor contract, the vendor normally bears the and retrieve beneficial ownership data sells the compliant platform to another cost of the necessary changes to for new accountholders, meaning that client, the average cost of achieving maintain compliance. In discussions the rule would impact financial compliance falls for all clients with the Treasury Department, however, institutions’ IT systems. Financial purchasing that platform. This is in some vendors stated that the CDD rule institutions either build their IT contrast to a situation where the vendor would be too costly to implement under networks themselves ‘‘in-house’’ or incurs the same additional cost of the terms of these service contracts and procure these systems from third-party upgrading each client’s IT system in would likely result in additional charges vendors, with which they sign multiyear response to the final rule. In the to their clients. The magnitude of the service contracts for achieving and presence of economies of scale, the costs increase in IT costs from having to maintaining regulatory compliance. A incurred in terms of number of hours of comply with the final rule would also single vendor likely sells multiple core programmer labor to conform to the depend in part on how financial platforms, tailored to different types of final rule would be lower the smaller institutions are required to use the financial institutions (e.g., credit unions the number of core platforms used by collected beneficial ownership data. For instead of banks), to possibly hundreds covered financial institutions, all else example, merely electronically storing of financial institution clients. The equal. We can think of financial the information to be turned over to the vendor will then customize the institutions that build and maintain government upon request would be less purchased IT platform for the individual their networks in-house as vendors costly than requiring that financial financial institution. having a single client. institutions integrate that information If a vendor selling the same platform Under standard service contracts with with data from other databases. (with individual customizations) to financial institutions, third-party Even if we could accurately predict multiple clients can make all of these IT vendors monitor rules and then vendors’ additional charges to financial

126 It would be unlikely that prison potentially affected by the proposed rule may incarcerated for national security offenses.) Federal overpopulation would be attributable to the include (percent of total Federal inmates in Bureau of Prisons, Inmate Statistics—Offenses, proposed rule alone, but we mention this point for parentheses): Banking and insurance, available at http://www.bop.gov/about/statistics/ completeness. Currently, the Federal Bureau of counterfeiting, and embezzlement (0.3 percent); statistics_inmate_offenses.jsp (accessed October 15, Prisons operates or manages 141 institutions in the drug offenses (48.4 percent); extortion, fraud, and 2015). United States and the inmate population totals bribery (6.3 percent); and national security (0.0 approximately 194,000. By type of offense, those percent). (According to the data, 76 people are

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00043 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29440 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

institution clients in response to the institutions stated that the IT costs for will likely occur in the first year of the CDD rule’s implementation, these upgrading existing systems to comply implementation of the rule may be in values would not necessarily represent with the final CDD rule would be large, low to mid billion dollars. the full IT-related costs to society of although they generally did not cite The order-of-magnitude assessment of imposing the CDD rule. In addition to specific amounts. We were able, the IT cost should be understood the increased costs in terms of however, to obtain incremental IT cost carefully due to the information programmers’ hours, vendors also estimates specific to a few financial deficiencies. FinCEN only obtained five claimed that they would have to delay institutions during one-on-one calls. self-reported IT upgrade costs estimates the development work for other new Specifically, one large bank, one mid- with broad ranges. Some of the cost initiatives (e.g., developing further sized bank, and one smaller credit estimates provided seem to be functionality of existing platforms). In union reported expected IT upgrade contradictory since we expect larger principle, the full IT-related costs of the costs of $20 million, $3 million to $5 firms to incur larger costs. Because of CDD rule would equal the value of the million, and $50,000 to $70,000, the small self-selected sample, coupled hours of labor that vendors and respectively. Two larger credit unions with unknown data quality associated financial institutions performing IT reported estimated costs of $23,270 and with the per-firm cost information, we service in-house would have to hire in $11,500. Applying these per-firm data cannot reasonably extrapolate these per- order to both comply with the rule and points to the estimated number of firm estimates to the industry as a not delay any of their other affected banks and non-bank financial robust estimate of cost. We only present development initiatives. institutions to assess an order-of- these findings to provide the order-of- During the comment period following magnitude IT cost, Treasury believes magnitude information and to support the release of the NPRM, financial that the actual aggregate IT cost which the case for a breakeven analysis.

Per-firm average Total IT upgrade Number of banks IT upgrade costs costs for bin Total assets bin or institutions (based on data re- ($ Million except ceived) Total)

>$200 billion ...... 11 $20,000,000 $220 $10 billion–$200 billion ...... 74 3,000,000– 222–370 5,000,000 $1 billion–$10 billion ...... 473 11,500–23,270 5–11 <1 billion ...... 4,762 50,000–70,000 238–333 Non-bank Institutions (including credit unions) ...... 23,496 129,000–176,000 3,030–4,140

Total ...... 28,816 ...... $ Billions

ii. Suspicious Activity Report iii. Internal Control/Compliance implementation in 2007 could drive Generation and Transmittal The CDD rule would require some account holders to relocate their additional work for financial assets to foreign jurisdictions where the When a financial institution detects 128 institutions’ compliance officers, who policies do not apply, that seems suspected money laundering or fraud, ensure that procedures at their unlikely to occur if the United States its employees must investigate further to organizations adhere to the rule. implements the CDD rule. The CDD rule determine whether the activities According to phone conversations also appears unlikely to trigger a warrant filing a SAR with FinCEN. In between financial institutions and the diversion of legal entity accounts that many instances, financial institutions Treasury Department, the process of would have been opened at domestic decide that upon closer inspection the ensuring compliance with the CDD rule covered institutions, to be opened actions that were initially seen as would take the form of additional instead at uncovered domestic or foreign suspicious do not necessitate filing a procedures and reviews in audits of financial institutions. The Treasury Department supports SAR. The presence of these false work performed. One financial the perspective that beneficial positives implies that the ultimate institution stated that the addition of ownership disclosure is unlikely to number of SARs filed by a financial more audit functions might eventually trigger legitimate transaction account institution does not directly correspond necessitate hiring additional compliance holder closings or to dissuade legitimate to the labor resources expended on the staff. Given the uncertainty regarding would-be transaction account holders filing of SARs. In phone conversations how financial institutions would adjust with the Treasury Department, some compliance officer staffing in response 26, 2005 on the prevention of the use of the financial institutions stated they to the final CDD rule, we do not financial system for the purpose of money thought they would detect more quantify this cost. laundering and terrorist financing. It required suspicious activity under the final rule, member states to comply by December 15, 2007. iv. Potential Capital Loss (Accounts 128 Estimated capital loss is derived based on but that this increased detection would Moving Abroad) and Forgone Capital survey responses. One-third of National Bankers’ not necessarily lead to more SARs being (Accounts Not Opened) Associations respondents agreed that the beneficial transmitted. Given the difficulty of disclosure rule could lead to an increase in capital While a prospective study of the outflow from the national banking sector (p. 215). determining how the final rule will European Union’s beneficial ownership Transcrime. 2007. Cost Benefit Analysis of affect financial institutions’ labor needs Transparency Requirements in the Company/ disclosure rule 127 posited that its with regard to SAR generation and Corporate Field and Banking Sector Relevant for the Fight Against Money Laundering and Other transmittal, we do not attempt to 127 The rule is Directive 2005/60/EC of the Financial Crime. A study financed by the European quantify this cost. European Parliament and of the Council of October Commission.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00044 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29441

from opening new accounts. This view information, versus opening an account prosecution and incarceration. Since the has a three-part rationale: in the United States. expressed intent of the final rule is to increase the costs of criminal activity, (1) First, most businesses operating in c. Increased Costs Associated With Non- this variation in the cost of privacy loss the United States would have difficulty Criminal Activities 131 conducting basic functions (e.g., is consistent with the intended effect of i. Reduced Privacy accepting receivables and paying the final rule. We do not attempt to invoices) without a transaction account We expect financial institution clients estimate the value of privacy loss. at a domestic bank.129 would experience minimal costs with ii. Potential Impact on Clients, regard to the loss of privacy. Some costs (2) Second, Financial Action Task Including Access to Banking for the arise because the disclosure of Unbanked Force (FATF) recommendations call for beneficial ownership information may all member countries to require require the legal entity to reveal The ‘‘unbanked’’ population in the domestic financial institutions to previously undisclosed information, United States stood at 7.7 percent of all conduct customer due diligence, and for which is not required in any State at the households in 2013, according to a their law enforcement agencies to time of the legal entity’s formation. As Federal Deposit Insurance Corporation cooperate with other member country such, it is likely that many entities (FDIC) survey.135 Unbanked households enforcement agencies, which includes would report some previously do not have an account at an insured U.S. law enforcement. Unlike the undisclosed beneficial ownership financial institution. We see value in situation at the time of the 2007 EU information. developing a financial system whereby study referred to above, the majority of While findings of academic research ‘‘. . . banks effectively serve the FATF members (as well as many other may not strictly apply in the context of broadest possible set of consumers.’’ jurisdictions) are now in compliance this rule because disclosure would be If compliance costs faced by financial with the FATF customer due diligence legally required, that research suggests institutions are passed through to their standards; as a result of which there are that when individuals self-disclose clients (for example, through increased few safe havens in the world (not just personal information, they do so after minimum deposit levels and/or higher advanced economies) where financial weighing the expected benefits and any fees), this theoretically could raise institutions are not required to obtain negative consequences.132 Individuals clients’ barriers to entry, and may price beneficial ownership information about tend to readily disclose biographical some consumers out of participating in legal entities when they open an information in exchange for small (and the banking system.136 However, we account. often non-financial) benefits.133 The find no literature estimating the (3) Third, the Financial Account Tax willingness of individuals to share potential impact of AML/CFT on the Compliance Act (FATCA) requires information with organizations unbanked population in the United foreign financial institutions to report to increases if they trust the organization’s States, and we do not attempt to ability to store and use that information quantify its magnitude. Nonetheless, we the IRS identifying and income 134 information on accounts held by U.S. responsibly. Because the quantity of reason that since the costs incurred by beneficial ownership information is taxpayers.130 FATCA’s requirements financial institutions from the final rule small and its dissemination would be apply to all financial institutions appear to be relatively modest, and the limited to the financial institution (or worldwide; the United States has passed-through costs would be spread law enforcement pursuant to legal negotiated intergovernmental across a broad client base, we expect the process), we expect the cost to law- agreements with 112 jurisdictions to marginal effect on unbanked groups abiding individuals of disclosing private would likely be small. implement FATCA, and financial information to be quite low. institutions in jurisdictions without By contrast, we expect financial 5. Qualitative Discussion of the Benefits intergovernmental agreements are still criminals would bear much higher costs a. Reduced Crimes and Terrorist subject to FATCA’s reporting of revealing previously private Activity requirements. Because legal entities beneficial ownership information, as the opening an account in any of these 112 consequences of disclosure could The primary purpose of this final rule foreign jurisdictions would be required include denial of services by the is to reduce illicit activity. Yet credible to disclose U.S. beneficial ownership financial institutions, asset forfeiture, or quantitative estimates of how the CDD information, opening a bank account rule would affect these outcomes, on outside the United States would offer no 131 These costs would be over and above any which the benefit calculation in the material advantage, in terms of incremental compliance costs of the CDD rule cost-benefit analysis would be based, do concealing of beneficial ownership passed on to clients by financial institutions. not exist, for the reasons discussed 132 Varian, Hal. ‘‘Economic Aspects of Personal above. Therefore, this analysis provides Privacy,’’ In Internet Policy and Economics, edited 129 Some commenters stated that with regard to by W.H. Lehr and L.M. Pupillo, 101–109. New a qualitative assessment of potential certain specialized credit products, the beneficial York: Springer, 2009. See also: Hann, Il-Horn; Kai- reductions in illicit activity based on ownership requirement would be likely to cause Lung Hui, Tom Lee, and I Png. ‘‘Online Information relevant literature. businesses to utilize uncovered competitors. Privacy: Measuring the Cost-Benefit Trade-Off.’’ The National Money Laundering Risk Because FinCEN views such products as low risk ICIS 2002 Proceedings, Paper 1 (2002). Assessment 2015 estimated the annual for money laundering or terrorist financing, they 133 Grossklags, Jens, and Alessandro Acquisti. have been exempted from the beneficial ownership ‘‘What Can Behavioral Economics Teach Us about volume of money laundering in the requirement, subject to the satisfaction of certain Privacy?’’ In Digital Privacy: Theory, Technologies, United States at $300 billion. The same conditions. and Practices, edited by Acquisti, Alessandro, source notes that one of the key 130 Or certain foreign entities in which U.S. Stefanos Gritzalis, Costas Lambrinoudakis, and taxpayers are considered either ‘‘substantial U.S. Sabrina De Capitani di Vimercati, 363–377. Boca vulnerabilities exploited by money owners,’’ defined as having a 10 percent or greater Raton: Auerbach Publications, 2008. ownership stake in the entity, or, for financial 134 Dinev, Tamara and Paul Hart. ‘‘An Extended 135 Federal Deposit Insurance Corporation. 2014. institutions in jurisdictions with an Privacy Calculus Model for E-Commerce 2013 FDIC National Survey of Unbanked and intergovernmental agreement, ‘‘controlling Transactions.’’ Information Systems Research 17, Underbanked Households. persons,’’ defined in accordance with the FATF no. 1 (2006): 61–80. This study pre-dates the major 136 Reuter, Peter, and Edwin Truman. Chasing recommendations as the natural persons who IT data breaches at large firms and government Dirty Money: Progress on Anti-Money Laundering. exercise control over the entity. institutions that have occurred in recent years. Washington: Peterson Institute, 2004.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00045 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29442 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

launderers is ‘‘creating legal entities crime rates through some combination and can be thought of as transfers from without accurate information about the of incapacitation and deterrence.140 one individual to another. Therefore one identity of the beneficial owner.’’ 137 In principle, criminals could respond could reason that, unlike the victim’s The report suggests that the ease of by attempting to move their accounts to pain and suffering and lost time—losses concealment plays a primary role in the those countries that still have not which are not offset by gains to someone execution of many financial crimes.138 adopted beneficial ownership else—the value of stolen goods (or Therefore, the beneficial ownership identification and verification, although money) does not represent a social disclosure requirement in this final rule we consider this to be unlikely, because cost.142 This view is equivalent to the would likely have a mitigating effect on most of the world’s countries already inclusion of perpetrators’ wellbeing in a large share of financial crime in the require financial institutions to collect overall social welfare, for example, United States. and verify beneficial ownership of legal when evaluating a crime-reducing In the absence of direct empirical entity account holders. Criminals could policy. As a recent survey points out, estimates on the link between AML/CFT theoretically also reduce their beneficial however, ‘‘[i]n practice, researchers policy and illicit activity, we refer to the ownership shares below the disclosure have generally adopted the perspective literature on the economics of crime. threshold; we also view this response as that an offender’s utility ought not to This body of work, pioneered by Nobel unlikely, because of the practical count as part of society’s social welfare laureate Gary Becker, assumes criminals difficulties criminals would face function.’’ 143 We too adopt this make rational decisions based on their laundering money through a vehicle in approach in the RIA, using external expected costs and benefits of which they hold only a minority stake. costs as the relevant concept for the cost committing crime.139 In Becker’s Those criminals may incur the costs of of crime, meaning that any reduction in approach, an individual’s decision to taking those steps, and perhaps ongoing funds involuntarily transferred from commit a criminal offense is a function costs in the form of using less victim to offender would constitute a of the income associated with getting convenient and costlier financial benefit of the CDD rule. away with the crime, the probability of services. Combined, these higher costs A complete accounting of the value of conviction, the punishment if would reduce the expected returns to reduced crime and terrorist financing convicted, and earnings from legitimate crime, which we anticipate would would include the full value of harm to work. A rational individual chooses to therefore lower financial crime rates. victims averted by the reduction in commit a crime when it yields higher In order to compute the benefit of these activities. In addition to tangible expected wellbeing (accounting for risk reduced crime from the CDD rule, we costs such as financial losses (which, of conviction and the associated would need to know both the causal given the adoption of external costs in punishment) than does time spent in negative effect of the CDD rule on the our approach, would not be balanced by legitimate employment. level of illicit activity (discussed above) gains to criminals), research on the costs Applying Becker’s model to criminals and the costs imposed on society by the of crime finds intangible losses, allows us to evaluate how the new illicit activity that would not occur in including pain, suffering, and reduced policy would affect the level of illicit the presence of the rule. Enumerating quality of life, associated with criminal activity. By revealing more criminals’ these costs is not as straightforward as activity. Button et al. (2014) interviewed identities and therefore facilitating the it might appear, so we follow the cost- over 700 victims of financial fraud in linkage of criminal acts to perpetrators of-crime literature in distinguishing London. Among the effects reported by by financial intelligence and law between ‘‘social costs’’ and ‘‘external victims as important were ‘‘depression enforcement, the CDD rule would costs’’ of crime in order to be more or a mental disorder’’ (7 percent), increase the probability of conviction. precise regarding the potential benefits ‘‘psychological/emotional feelings, loss Therefore, in the context of Becker’s of the final rule.141 External costs are of trust, and so on’’ (37 percent), stress model, we expect that the CDD rule those that are involuntarily imposed on (44 percent), and anger (68 percent).144 would reduce the level of illicit activity. one individual (the victim) by another A national study of financial fraud in Subsequent incarceration would render individual (the offender). In the case of the United States by the National these criminals unable to engage in an automobile theft, for example, the Institute of Justice found that 14 percent illicit activity while serving their external costs could include the resale of fraud victims reported suffering sentences, a phenomenon known as the value of the vehicle, the value of items health or emotional problems related ‘‘incapacitation effect.’’ Higher rates of in the vehicle at the time of theft, the directly to their victimization.145 apprehension and conviction may also value of the victim’s time spent dealing However, we find no empirical deter potential criminals from with the aftermath of the crime, and any estimates of the psychological costs of committing crime. The large empirical psychological pain and suffering crime. Many studies of the costs of literature on the economics of crime experienced by the victim. Yet whether shows convincing evidence that higher the perpetrator keeps or sells the vehicle 142 Note that the social costs of crime are not a probabilities of apprehension and and the items therein, these are still subset of the external costs. Social costs of crime conviction (usually in the form of can also include any resources devoted to crime available for use by someone in society prevention by the public sector or private citizens stronger police presence) tend to reduce that could be more productively put to other uses 140 See, for example, Chalfin, Aaron and Justin and diminished economic opportunity in high 137 U.S. Department of the Treasury. Office of McCrary, ‘‘Criminal Deterrence: A Review of the crime areas where businesses choose not to locate. Terrorism and Financial Intelligence. 2015. Literature,’’ Paper prepared for the Journal of 143 See page 5 of Chalfin, Aaron. ‘‘The Economic National Money Laundering Risk Assessment. Economic Literature (2015). See also Nagin, Daniel, Cost of Crime.’’ Working paper, University of 138 U.S. Department of the Treasury concludes ‘‘Deterrence: A Review of the Evidence by a Cincinnati (2013). and articles cited within for that, ‘‘The potential for anonymity in financial Criminologist for Economists.’’ Annual Review of additional perspectives. transactions underlies most of the vulnerabilities in Economics 5 (2013): 83–105. 144 Button, Mark, Chris Lewis, and Jacki Tapley. this risk assessment.’’ See U.S. Department of the 141 The descriptions and examples of social and ‘‘Not a Victimless Crime: the Impact of Fraud on Treasury. Office of Terrorism and Financial external costs in this section closely follow the Individual Victims and their Families.’’ Security Intelligence. 2015. National Money Laundering Risk discussions in Chalfin, Aaron. ‘‘The Economic Cost Journal 27, no. 1 (2014): 36–54. Assessment. of Crime.’’ Working paper, University of Cincinnati 145 Titus, Richard, Fred Heinzelmann, and John 139 See Becker, Gary, ‘‘Crime and Punishment: an (2013). and Cohen, Mark A. ‘‘Measuring the Costs Boyle. ‘‘The Anatomy of Fraud: Report of a Economic Analysis.’’ Journal of Political Economy and Benefits of Crime and Justice.’’ Criminal Justice Nationwide Survey.’’ National Institute of Justice 78 (1968). 169–217. 4 (2000): 263–315. Journal (1995): 28–34.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00046 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29443

crime do not fully consider the time, as the share of accounts whose few safe havens in the world that permit psychological impact on its victims,146 beneficial ownership is disclosed financial institutions to open an account and therefore, the true economic value gradually rises.147 for a legal entity and not obtain the of averted crime may exceed estimates 6. Transfers entity’s beneficial ownership. (See derived from published studies of the discussion in section 4.b.iv.) costs of crime. In the next two sections, we identify a few potential effects that do not b. Increased Asset Recovery b. Law Enforcement Benefits conform to strictly-defined costs or benefits to society, but may have To the extent that the number of i. Reduced Cost of Beneficial Ownership successful prosecutions increases due to Searches impacts on selected stakeholders. These effects are not included as costs or the final rule, we expect that the A direct benefit of the final rule benefits. recovery of assets by Federal authorities would be the reduction in the cost to would rise. We would consider any law enforcement agencies of obtaining a. Lost Tax Revenue Due to Capital Loss increase in assets recovered due to the beneficial ownership information. The (Accounts Moving Abroad) final rule as transfers. Table 5 shows current system generally requires To the extent that financial accounts that the value of assets forfeited to the Federal investigators to expend at covered institutions generate taxable U.S. Department of Justice Forfeiture resources in search of beneficial income and that the decision to open Fund has exceeded $1.5 billion every ownership information when conditions these accounts is sensitive to the year from 2010 to 2014 and has warrant it. Adoption of the final rule collection of beneficial ownership exceeded $4 billion in two of those would reduce law enforcement information, the final CDD rule has the years,148 and that the value of assets agencies’ search costs because the potential to eliminate tax revenue that forfeited to the U.S. Department of the information would be collected by would otherwise be collected. However, Treasury Forfeiture Fund has been covered financial institutions for new from our perspective, beneficial greater than $500 million in every year legal entity accounts and become more ownership disclosure would have a over the same period.149 Due to the readily accessible to law enforcement negligible effect on the number of legal uncertainties associated with attributing agency investigators with a subpoena. In entity accounts because legal entities in future changes in asset recovery to the addition, SARs filed by the institutions the United States generally require bank final CDD rule, we do not estimate the would be increasingly likely to include accounts to operate their businesses. In magnitude of this potential effect, but beneficial ownership information, addition, the vast majority of the even a hypothetical 5 percent increase making it readily available to Federal world’s countries require financial on the five-year average of $2.9 billion authorities. We do not attempt to institutions to collect and verify for the DOJ forfeitures alone would estimate the value of this potential beneficial ownership of legal entity exceed $145 million in additional assets benefit, but we expect it to grow over accountholders. As a result, there are recovered.

TABLE 5—ASSETS OF DEPARTMENT OF JUSTICE FORFEITURE FUND AND SEIZED ASSETS DEPOSITS FUND AND TREASURY FORFEITURE FUND [U.S. Department of Justice, U.S. Department of the Treasury] [Millions of nominal USD]

2010 2011 2012 2013 2014 5 Year average

Forfeited to Department of Justice: $1,947 ...... $1,617 $4,453 $2,148 $4,551 $2,943 Forfeited to Treasury: 1,142 ...... 929 523 1,713 784 1,018 Sources: U.S. Department of Justice, Assets Forfeiture Program. Annual Reports to Congress (eds. 2004–2014). Adapted from ‘‘Assets For- feiture Fund and Seized Assets Deposits Fund—Method of Disposition of Forfeited Property’’ tables. http://www.justice.gov/afp/reports-congress, accessed October 8, 2015. Treasury Executive Office for Asset Forfeiture. Note: Current year revenue includes direct revenue and reverse asset sharing.

c. Potential Increased Tax Revenue legal entity accounts would result in information from covered financial Through Improved Tax Compliance new information being available to the institutions would help the IRS According to the U.S. Department of IRS during audits and investigations determine whether beneficial owners the Treasury, the collection of beneficial into civil and criminal tax are accurately reporting income from ownership information by covered noncompliance. Ready access to entities. Moreover, IRS access to this financial institutions for their domestic account beneficial ownership information would increase incentives

146 McCollister, Kathryn, Michael French, and Hai institutions. DOJ institutions: The Asset Forfeiture Department of Justice. 2015. Participants and Roles. Fang. ‘‘The Cost of Crime to Society: New Crime- and Money Laundering Section of the Criminal http://www.justice.gov/afp/participants-and-roles Specific Estimates for Policy and Program Division; Bureau of Alcohol, Tobacco, Firearms, (accessed September 14, 2015). Evaluation.’’ Drug and Alcohol Dependence 108 and Explosives; Drug Enforcement Administration; 149 Participating agencies include IRS Criminal Federal Bureau of Investigation; U.S. Marshals (2010): 98–109. Investigations Division, U.S. Immigration and Service; U.S. Attorneys’ Offices; and Asset 147 We expect this gradual increase in the share Forfeitures Management Staff. Institutions from Customs Enforcement, U.S. Customs and Border of accounts with disclosed beneficial ownership other U.S. Government agencies include: U.S. Protection, U.S. Secret Service, and U.S. Coast because only new legal entity accounts would Postal Inspection Service; Food and Drug Guard. Source: U.S. Department of the Treasury. require this information under the proposed rule. Administration; U.S. Department of Agriculture, 2015. Terrorism and Financial Intelligence. http:// 148 Based on statistics from the DOJ Asset Office of the Inspector General; Department of State, www.treasury.gov/about/organizational-structure/ Forfeiture Program. The DOJ Asset Forfeiture Bureau of Diplomatic Security; and Defense offices/Pages/The-Executive-Office-for-Asset- Program Web page lists the following participating Criminal Investigative Service. Source: U.S. Forfeiture.aspx (accessed October 8, 2015).

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00047 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29444 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

for voluntary tax compliance by clarifying and strengthening customer rule, may be viewed as less risky by beneficial owners of the accounts. Any due diligence standards for U.S. clients and investors, at least when increased tax revenue would be financial institutions.153 In October compared to non-complying considered a transfer. 2015, the U.S. G–20 Action Plan notes institutions. However, compliance with its engagement in developing a the CDD rule would likely do little to 7. Reputational Effects customer due diligence rule with distinguish any particular financial a. Reputational Effects of Meeting required beneficial ownership institution from its peers, since all International Policy Standards disclosure for financial institutions.154 covered institutions would be subject to FATF has set international standards Implementing the CDD rule would the same requirement, and compliance to enhance the collective effort to advance compliance by the United is expected to be universal. Therefore, combat money laundering and terrorist States with the FATF CDD standards in this context, we believe any potential financing. Widespread adoption of such and fulfill outstanding public reputational effect to institutions that international standards can raise the commitments. It would further enable comply with the rule would be cost of crime, by limiting criminals’ the United States to demonstrate negligible. progress at the FATF, and at other choices of where they can obtain 8. Breakeven Analysis and Conclusion accounts, and eliminate ‘‘safe havens’’ international bodies, and bilaterally to Ideally, a cost-benefit analysis for financial criminals seeking encourage other jurisdictions to comply quantifies all benefits and costs, jurisdictions with less rigorous laws or with the FATF standards and avoid accusations of hypocrisy due to its own converts them to present value, and enforcement. Recent reviews of U.S. compliance lack of compliance. We do not attempt then assesses whether the present value with international AML/CFT standards to quantify or monetize the magnitude of benefits exceeds the present value of have criticized the incomplete adoption of this potential reputational effect, costs. However, it is not uncommon for of the customer due diligence given the intangible nature of a rule to generate benefits and costs that framework. The 2006 FATF Mutual reputational effects, but assess it to be cannot be fully quantified, in which Evaluation Report (MER) found that the significant. The United States, which is case alternative methods can be used to 156 United States had implemented an generally considered a global leader in assess the rule. When such combating money laundering and AML/CFT system that was broadly unquantifiable benefits and costs are terrorist financing, is currently one of a consistent with the international likely to be important, one should carry very small number of FATF members standard. However, the report noted out a ‘‘threshold,’’ or ‘‘breakeven’’ that are not in compliance with its core shortcomings related to CDD in the U.S. analysis to evaluate their standard requiring that financial 157 framework, and rated it only ‘‘partially significance. Such an analysis asks institutions identify and verify the compliant’’ with the CDD how large the present value of benefits identity of the beneficial owners of legal recommendation, a significant reason has to be so that it is just equal to the entity accounts. We assess that this lack 158 being the lack of an explicit beneficial present value of costs. A credible of full compliance with the standard ownership identification claim that a rule change would generate with which the vast majority of the rest requirement.150 The International a discounted stream of benefits equal to of the world complies, undermines U.S. or greater than this breakeven level Monetary Fund (IMF) in 2010 found the leadership on illicit finance issues. United States had made ‘‘limited supports the argument that a rule 159 progress’’ since 2006 in strengthening b. Reputational Effects on Financial should be adopted. As we described requirements on identifying beneficial Institutions at length above, we expect there to be significant but unquantifiable benefits to owners of accounts.151 In its 2015 We believe the proposed CDD rule is Financial Sector Assessment of the this rule, necessitating the use of a unlikely to provide appreciable breakeven analysis. This analysis United States, the IMF acknowledged reputational effects on covered financial U.S. efforts in addressing deficiencies presents a range of costs, including the institutions. Our reasoning is as follows. primary quantified costs and the order- identified in the 2006 FATF MER, but Client confidence in financial cited a lack of substantive policy of-magnitude IT cost assessment with an institutions is a necessary component of upper bound of $10 billion for the cost progress by the end of its research an effective financial system.155 of implementing the rule, which thus mission in June 2015.152 Depositors trust institutions to safeguard determines the threshold that the The U.S. government responded to deposits, provide fund withdrawals benefits would need to meet for the rule the 2006 FATF Report by committing to upon request, and meet regulatory and to generate a net benefit to society. strengthen customer due diligence prudential requirements. standards. In 2013, the U.S. G–8 Action In principle, financial institutions that Plan for Transparency of Company 156 For a discussion of this situation, along with maintain full compliance with AML/ many examples of proposed Federal regulations Ownership and Control committed to CFT regulations, including the final affected by it, see Sunstein, Cass. ‘‘The Limits of Quantification.’’ California Law Review 102, no. 6 150 Financial Action Task Force. 2006. Summary 153 The White House. Office of the Press (2014): 1369–1422. of the Third Mutual Evaluation Report on Anti- Secretary. 2013. United States G–8 Action Plan for 157 See pages 2 and 10 of OMB Circular A–4. Money Laundering and Combating the Financing of Transparency of Company Ownership and Control. 2003. Terrorism, United States of America. FATF is https://www.whitehouse.gov/the-press-office/2013/ 158 For examples of regulatory analyses of past performing its mutual evaluation of the United 06/18/united-states-g-8-action-plan-transparency- rules that relied on breakeven analysis, see Customs States, to be completed in October 2016. company-ownership-and-control (accessed October and Border Protection, Department of Homeland 151 International Monetary Fund. IMF Country 8, 2015). Security, ‘‘Importer Security Filings and Additional Report No. 10/253. 2010. United States: Publication 154 The White House, The U.S. Action Plan to Carrier Requirements,’’ 73 FR 71730 (November 25, of Financial Sector Assessment Program Implement the G–20 High Level Principles on 2008), and Customs and Border Protection, Documentation—Technical Note on Anti-Money Beneficial Ownership, https://www.whitehouse.gov/ Department of Homeland Security, ‘‘Advance Laundering/Combating the Financing of Terrorism. blog/2015/10/16/us-action-plan-implement-g-20- Electronic Transmission of Passenger and Crew 152 International Monetary Fund. IMF Country high-level-principles-beneficial-ownership. Member Manifests for Commercial Aircraft and Report No. 15/174. 2015. United States Financial 155 International Monetary Fund. Departments of Vessels,’’ 72 FR 48320 (August 23, 2007). Sector Assessment Program: Anti-Money Exchange Affairs, Policy Development, and Review. 159 In performing the breakeven analysis, we Laundering and Combating the Financing of 2001. Financial System Abuse, Financial Crime, discount future cash flows using the seven-percent Terrorism (AML/CFT)—Technical Note. and Money Laundering—Background Paper. discount rate.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00048 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29445

Given that the upper bound for costs terrorist activity’’ benefit described large IT upgrade costs. In the breakeven used in the breakeven analysis is high, earlier. Any reduction of the $300 analysis to follow, we present both the the breakeven analysis is therefore very billion figure is a lower bound for the primary quantified costs and the order- conservative in specifying how effective final rule’s actual benefit, given the of-magnitude IT costs, setting aside all the CDD rule would have to be in order reliance on saved external costs as the other unquantified costs because we to justify its costs. relevant concept (i.e., this does not believe these other costs are likely to be As mentioned in the first section of reflect the value of individuals’ lost time comparatively small. For example, as the RIA, $300 billion in illicit proceeds in the aftermath of being victimized by noted earlier, it is very unclear whether are generated annually in the United financial crime or their psychological law enforcement activity (and the States according to the Treasury suffering, among many other costs).162 associated costs) would increase or Department’s 2015 National Money Note that this benefit is also a lower decrease because of the rule.163 Similar Laundering Risk Assessment.160 To the bound because it does not include the arguments can be made about financial extent that this figure represents funds other qualitative benefits (besides institutions’ costs for generating and involuntarily transferred from victims to reduced terrorist activity) discussed in submitting SARs. Regarding the offenders, the $300 billion represents a the RIA. financial institutions’ capital loss from portion of the total external costs In terms of costs, IT upgrades accounts closing or never being opened, imposed by the illicit activity.161 The represent the largest of the qualitative the respective sections of the RIA go final CDD rule intends to diminish the costs examined in the RIA. In both into some detail on why these costs volume of such illegally generated public comments on the NPRM and would likely be negligible. Finally, funds, where any reduction represents follow-up calls with individual earlier sections of the RIA also explain the ‘‘reduced crime’’ portion of the commenters, financial institutions why the unquantified costs to clients unquantified ‘‘reduced crime and emphasized that the rule would impose may be low.

In summary, in this RIA, the major with training, onboarding, compliance costs. By including an order-of- benefit that remains unquantified is the and entity burdens, the order-of- magnitude assessment with the other reduction in crime and terrorist activity, magnitude assessment of the IT quantified costs, we can determine the and the costs include costs associated upgrades as well as other qualitative threshold level of the benefit that would

160 See footnote 106. voluntarily. See footnote 5 for a discussion of the Economics of Crime,’’ In Handbook of Labor 161 This is plausible for proceeds not due to illicit circumstances under which the inclusion of Economics, edited by Orley Ashenfelter and David drug sales (representing approximately 22 percent proceeds from illicit drug sales is justified in Card, 3530–3563. New York: Elsevier, 1999. of the total in the United States according to United computing the benefits to society of reduced crime. 163 Note that the CDD rule could lead to lower Nations Office on Drugs and Crime estimates for 162 For additional discussion of the importance of levels of illicit activity without any increase in law 2010; we assume that this is also the case for 2015 non-pecuniary costs (including, but not limited to, enforcement activity (even without a change in and subsequent years), which are mostly victims’ pain and suffering, and the cost of risk of incarcerations, meaning the change in illicit activity attributable to fraud. This distinction matters death from violent acts that complement illicit would occur exclusively via the deterrence effect) because individuals who buy and sell illicit drugs activity) in the overall cost of crime to society, see if the rule allows the same resources to be deployed presumably enter into individual transactions pages 3558–3560 of Freeman, Richard. ‘‘The more effectively in investigations and prosecutions.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00049 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 ER11MY16.020 29446 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

make the rule’s adoption worthwhile. reduction, we believe that this rule entities consistent with the stated Figure 1 graphs the threshold reduction would be beneficial to society at large. objectives of applicable statutes, in annual illicit activity that would be including a statement of the factual, C. Final Regulatory Flexibility Act needed to justify different levels of total policy, and legal reasons for selecting Analysis costs for different definitions of illicit the alternative adopted in the final rule activity (i.e., whether including illicit When an agency issues a rule and why each one of the other drug sales or not).164 165 Given the proposal, the Regulatory Flexibility Act significant alternatives to the rule assumed path of illicit activity during (RFA) requires the agency to either considered by the agency which affect 2016–2025, percent reductions in illicit provide an Initial Regulatory Flexibility the impact on small entities was proceeds in each year equal to those in Analysis or, in lieu of preparing an rejected. Figure 1 would yield a stream of analysis, to certify that the proposed 1. Statement of the Reasons For, and benefits having present values equal to rule is not expected to have a significant Objectives of, the Rule the present value of costs. economic impact on a substantial The key conclusion from Figure 1 is number of small entities.167 When FinCEN is adopting the final rule that a reduction in annual illicit activity FinCEN issued its NPRM,168 FinCEN because it has determined that more (measured by dollars of real proceeds) of believed that the proposed rule would explicit rules for covered financial just 0.6 percent or 0.47 percent not have a significant economic impact institutions 170 are needed to clarify and (depending on whether proceeds from on a substantial number of small strengthen CDD within the BSA regime, drug sales are included or not) or entities, and certified that it would in order to enhance transparency and approximately $1.45 billion in 2016, at not.169 Because numerous commenters help safeguard the financial system the upper bound of IT costs, would to the NPRM asserted that the proposed against illicit use. The CDD rule will mean that the CDD rule’s benefits would rule would be more costly to implement advance the purposes of the BSA by (i) outweigh its costs.166 We are presenting than estimated by FinCEN, FinCEN enhancing the availability of beneficial two cost scenarios in this breakeven prepared and made available on ownership information to law analysis. We recognize that the order-of- December 24, 2015 an Initial Regulatory enforcement, Federal functional magnitude IT cost analysis is not of Flexibility Analysis (IRFA), along with regulators, and SROs; (ii) increasing the sufficient quality to be added to the a preliminary RIA in which it ability of financial institutions, law primary cost analysis. However for the specifically solicited comment, enforcement, and the intelligence purposes of this breakeven analysis, we including from small entities, on community to identify the assets and believe including the IT cost would whether the proposed rule would have accounts of terrorist organizations, drug present a conservative scenario where a significant economic impact on a kingpins, and financial criminals; (iii) the CDD rule would only need to substantial number of small entities. helping financial institutions to assess generate a very modest relative decrease FinCEN received a total of 38 and mitigate risk and comply with in real illicit activity to justify the costs comments, including four from small existing BSA and related authorities; it would impose with an upper bound entities (as well as several from (iv) facilitating reporting and of $10 billion. The Treasury Department associations representing small entities); investigations in support of tax thus believes that the final rule will a discussion of all the comments is set compliance, and advancing achieve a reduction in illicit activity forth above. commitments made in connection with that would more than offset the burdens The RFA requires each Final the Foreign Account Tax Compliance it would place on government, financial Regulatory Flexibility Analysis to Act; and (v) promoting consistency in institutions, clients, and other parts of contain: implementing and enforcing CDD • society. A succinct statement of the need regulatory expectations across and for, and objectives of, the rule; within financial sectors. We conclude that illicit activity • would only have to decrease by 0.12% A summary of the significant issues raised by the public comments in 2. A Summary of the Significant Issues to 0.6% to offset the costs of the rule. Raised by the Public Comments in Because of the modest magnitude of the response to the IRFA, a summary of the assessment of the agency of such issues, Response to the IRFA, a Summary of the Assessment of the Agency of Such 164 Quantified costs are assumed to be constant as and a statement of any changes made in IT costs change (meaning that a $1 increase in IT the proposed rule as a result of such Issues, and a Statement of Any Changes costs raises total costs by $1) so the breakeven comments; Made in the Proposed Rule as a Result functions are able to take into account all costs • A description of and an estimate of of Such Comments while only being graphed for different levels of IT the number of small entities to which costs. FinCEN has carefully considered the 165 the proposed rule would apply; comment letters received in response to To generate the profile of illicit proceeds • during the 2016–2025 time horizon, we start with A description of the projected the NPRM. The preamble above the 2015 levels (listed in Figure 1) and then assume reporting, recordkeeping, and other provides a general overview of the that the amount of illicit activity as a proportion of compliance requirements of the the real economy will remain constant (for the comments, and the Section-by-Section year-over-year real GDP growth rates used, see proposed rule, including an estimate of Analysis discusses the significant issues Table 2–1 of OMB. Fiscal Year 2016 Analytical the classes of small entities which will raised by comments. In addition, the Perspectives of the U.S. Government. 2015.). This be subject to the requirement and the section above preceding the RIA means that illicit proceeds are always equal to the type of professional skills necessary for same percent of production in the economy, but includes a discussion of the comments given that the real economy is growing, illicit the preparation of the report or record; received with respect to the preliminary proceeds must grow as well to account for that same and • RIA and IRFA, including those with proportional amount. For instance, real illicit A description of the steps the respect to the estimated costs imposed proceeds (including from illicit drug sales) are agency has taken to minimize the on the industry resulting from the rule. assumed to be $309 billion and almost $383 billion significant economic impact on small in 2016 and 2025, respectively. 166 To be exact, these are real IT costs incurred 170 Defined to include federally regulated banks, during the 10-year time horizon, the present value 167 5 U.S.C. 601–612. brokers and dealers in securities, mutual funds, and of which implies very little about how these real 168 79 FR 45151 (Aug. 4, 2014). futures commission merchants and introducing costs are distributed across the 10 years. 169 79 FR 45151, 45168–45169. brokers in commodities.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00050 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29447

FinCEN has considered the comments in section 4 below, and other steps 4. Description of the Projected received from small entities and from FinCEN has taken to minimize the Reporting, Recordkeeping, and Other associations representing them, whether economic impact of the rule on small Compliance Requirements of the or not the comments referred to the entities are set forth in section 5 below. Proposed Rule, Including an Estimate of IRFA. Three of the four small entities the Classes of Small Entities Which Will that commented stated that the general 3. Description and Estimate of the Be Subject to the Requirement and the increase in regulatory burden and costs Number of Small Entities to Which the Type of Professional Skills Necessary for the banking industry makes it Proposed Rule Would Apply for the Preparation of the Report or increasingly difficult for small banks to Record This rule will apply to all Federally continue to operate profitably, and a. Beneficial Ownership Requirement requested that FinCEN create an regulated banks and all brokers or exemption for entities below a certain dealers in securities, mutual funds, and The rule imposes on all covered asset size or number of legal entity futures commission merchants and financial institutions (including all accounts. One of these commenters introducing brokers in commodities, as those that are small entities) a new stated that while it has relatively few each is defined in the BSA. Based upon requirement to identify and to verify the business accounts, it would cost recent data, for the purposes of the RFA, identity of the beneficial owners of their thousands of dollars to purchase the there are approximately 5,088 small legal entity customers and to maintain tracking software that it asserted would Federally regulated banks out of a total a record of such information. Many of be required to comply with the rule. The of 6,348 (comprising 80 percent of the the comments received in response to fourth small bank is a niche lender that total number of banks); 171 6,165 the NPRM stated that FinCEN had provides primarily small business Federally regulated credit unions (of underestimated the burden resulting from the proposal in the following areas: equipment leasing, and explained that which approximately 93 percent are (i) Additional time at account opening, because many of its competitors will not small credit unions),172 1,349 small (ii) training, and (iii) information be subject to the final rule, it will put brokers or dealers in securities out of a them at a significant competitive technology (IT), but very few comments total of 4,269 (comprising 31.5 percent contained any specific cost estimates. disadvantage. FinCEN has determined 173 of the total); 90 small mutual funds To obtain more specific cost estimates that, because accounts created to out of a total of 10,711 (comprising 8 provide this product present a low risk regarding this requirement, FinCEN percent of the total); 174 no small futures for money laundering or terrorist conducted telephone interviews with financing, such accounts will be exempt commission merchants; and a total of several financial institutions that had from the beneficial ownership 1,323 introducing brokers in submitted comments, including three requirement, subject to certain commodities, the majority of which are small financial institutions. FinCEN 175 conditions. small entities. Because the rule will conducted this outreach to gather FinCEN has previously considered apply to all of these small financial information for its preliminary RIA of and rejected the alternative of institutions, FinCEN concludes that the the proposed rule pursuant to Executive exempting small financial institutions rule will apply to a substantial number Orders 13563 and 12866 as well for the from the rule. Were FinCEN to exempt of small entities. IRFA. The final RIA is published institutions below a certain size from concurrently with this FRFA. the rule, those seeking access to the Additional information that FinCEN financial system to perpetrate crime obtained relevant to its estimate of costs would have an easier path in order to 171 The Small Business Administration (‘‘SBA’’) is included in the discussion below. pursue such activities. As regards the defines a depository institution (including a credit FinCEN also notes that, in addition to institution that raised the cost of union) as a small business if it has assets of $550 the estimates set forth below, the only purchasing tracking software in order to million or less. The information was provided by small bank that estimated the total costs the FDIC as of June 30, 2015. resulting from the rule, estimated that comply, FinCEN never intended to 172 impose a requirement that would The information was provided by the NCUA they would be $2,000 initially, and as of June 30, 2015. necessitate such an expense. There is no $1,500 per year on an ongoing basis. 173 With regard to the definition of small entity requirement for covered FIs to have (i) Additional time at account as it applies to broker-dealers in securities and opening. The proposed rule would specific systems in place to track and mutual funds, FinCEN is using the SEC’s monitor beneficial ownership definitions found at 17 CFR 240.0–10(c), and 17 require that the beneficial ownership information. Rather, financial CFR 270.0–10, respectively. The information was requirement be satisfied by obtaining institutions are required to update provided by the SEC as of December 31, 2014. and maintaining a certification from information about their customers, 174 The information was provided by the SEC as each legal entity customer that opens a including beneficial ownership of December 31, 2014. new account. The certification would information, when as a result of normal 175 The CFTC has determined that futures contain identifying information monitoring, the financial institution commission merchants are not small entities for regarding each listed beneficial owner. purposes of the RFA, and, thus, the requirements detects information about the customer The financial institution would also be of the RFA do not apply to them. The CFTC’s required to verify such identity by that may be relevant to assessing the determination was based, in part, upon the risk posed by the customer. Such obligation of futures commission merchants to meet documentary or non-documentary information could include a change in the minimum financial requirements established by methods and to maintain in its records the customer’s beneficial ownership. the CFTC to enhance the protection of customers’ for five years a description of (i) any This issue, including FinCEN’s revision segregated funds and protect the financial condition document relied on for verification, (ii) to the proposed rule in order to clarify of futures commission merchants generally. Small any such non-documentary methods this in the final rule, is explained more introducing brokers in commodities are defined by and results of such measures the SBA as those having less than $7 million in undertaken, and (iii) the resolution of fully in the Section-by-Section Analysis gross receipts annually. While the CFTC has no above. current data regarding the exact number of small any substantive discrepancies More specific information regarding entities, we understand that the majority are small. discovered in verifying the the estimated costs for small entities The information was provided by the CFTC as of identification information. FinCEN resulting from the final rule is set forth June 30, 2015. believes that the financial institution

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00051 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29448 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

employees who open new accounts additional data on which to better None of the small businesses that would have the necessary skills to estimate the additional costs at account commented on the IRFA included an prepare the record of this information opening. Because financial institutions estimate of the amount of time to open that must be maintained. are not currently required to collect a legal entity account; only one noted The burden on a small financial beneficial ownership information, there the number of such accounts it opens institution at account opening resulting is no way to estimate the average per year (70). As a result of the from the final rule would be a function number of beneficial owners of legal comments we received to the draft RIA of the number of beneficial owners of entity customers of financial from other commenters, FinCEN has each legal entity customer opening a institutions, although FinCEN continues increased the estimated time for 176 new account, the additional time to believe that it is reasonable to assume financial institutions to open accounts, required for each beneficial owner, and that small financial institutions will from a range of 15 to 30 minutes in the the number of new accounts opened for generally have small businesses as IRFA, to a range of 20 to 40 minutes. legal entities by the small financial customers, which are likely to have not Based on opening 471 new accounts for institution during a specified period. At more than two beneficial owners. Banks legal entities and an average wage of the time of its certification in the NPRM, we surveyed estimated that it is likely $16.77 for ‘‘new account clerks,’’ this FinCEN had very little information on to take an additional 10 to 15 minutes would result in an annual cost to a which to base its estimate of any of per beneficial owner. Assuming there small bank of $2,550 to $5,100. FinCEN these variables, and believed that it was would typically be two individuals also notes that, even within the universe reasonable to assume that the great identified as beneficial owners, for of small entities, the costs could be majority of legal entity customers that purposes of the IRFA FinCEN estimated expected to vary substantially. For establish accounts at small institutions the additional time to open a legal entity are more likely to be small businesses account between a low estimate of an example, for the small bank that with simpler ownership structures (for additional 15 minutes and a high responded to the IRFA and estimated example, a single legal entity directly estimate of an additional 30 minutes to that it opens 70 new accounts for owned by two individuals) that will open a legal entity account. In its business customers per year, the result in one or two beneficial owners. outreach FinCEN asked three small estimated costs would range from $380 In addition, FinCEN also believed that, financial institutions the number of to $760 per year. since all covered financial institutions legal entity accounts they open each (ii) Training (Employee time). In its have been subject to CIP rules 177 for year. While financial institutions do not certification FinCEN noted that more than 10 years, and the proposed generally maintain information about financial institutions generally conduct rule utilizes CIP rule procedures, small the number of their legal entity periodic training of their employees for institutions would be able to leverage customers, they typically maintain a BSA compliance and that this new these procedures in complying with this database for their retail (i.e., individual) requirement would be included in that requirement. As a result, in its customers, and another database for periodic training. Many commenters certification FinCEN estimated that it their customers that are businesses or noted that it would be necessary to would require, on average, 20 minutes organizations. A significant number of a conduct additional training in order to to fulfill the beneficial ownership financial institution’s business or comply with this requirement, although identification, verification and organization customers are sole none gave any specific estimate of the recordkeeping requirements in the proprietorships that are not legal 178 cost. As a result FinCEN sought to proposal. Also, for purposes of its entities subject to the proposed rule. determine this more specifically in its As a result, it is very difficult to certification FinCEN had no direct data outreach. Based on the sampling it estimate with any degree of precision on the aggregate number of legal entity conducted it learned that financial the number of legal entity customers of accounts opened per year by small institutions expect to train between one- a particular small financial institution financial institutions, and (based in part third and two-thirds of their employees that would be subject to the proposed on an estimate it obtained from one very regarding this requirement. Assuming rule. However, based on data obtained large financial institution of the legal that a small financial institution has 125 entity accounts it opens per year) from FinCEN’s outreach, and utilizing the wage assumptions in the draft RIA, employees and that the training would FinCEN estimated that small take one hour, and applying the wage institutions would open at most 1.5 new we estimated for purposes of the IRFA that this requirement would result in a assumptions used in the RIA, this accounts for legal entities per day, and would result in an estimated cost of probably fewer. However, because cost to a small bank of between approximately $2,000 and $4,000 per between $1,250 and $2,500, depending statistical data does not exist regarding on the percentage of employees trained, either the average number of beneficial year at account opening.179 for the first year that the rule would be owners of legal entity customers of small institutions or how many such 178 According to data obtained from the IRS regarding tax returns, approximately 75 percent of proprietorships. FinCEN believes its estimated accounts they establish in any time all businesses filing tax returns are sole range of costs may be high because the calculation period, FinCEN sought comment on proprietorships. is based on the small bank that opened the greater these questions. 179 One small bank we surveyed reported that it number of legal entity accounts, assumes that none As a result of the outreach referred to opened 471 accounts for organizations in 2014. This of the accounts reported were opened for sole above, FinCEN obtained some number includes an unknown number of sole proprietorships, and includes loan customers, for proprietorships that would not be subject to the which the bank would generally already identify rule, as well as 179 accounts for loan customers, for beneficial owners. The estimated cost is based on 176 The NPRM proposed to define beneficial which the bank would typically identify the the bank-reported 471 new accounts per year, owner as (1) each individual who owns, directly or beneficial owner(s) in order to obtain personal additional time at account opening of 15 to 30 indirectly, 25 percent or more of the equity interests guarantees. A second small bank we surveyed minutes, and the average wage of $16.77 for the of a legal entity, and (2) one individual with reported that it opened 333 accounts in 2014 for financial industry ‘‘new account clerks’’ reported by significant responsibility to control, manage, or legal entities, which includes an unknown number the Bureau of Labor Statistics. FinCEN believes that direct the entity. Thus, it is possible that a legal of sole proprietorships, as well as 106 loan utilizing this number of new accounts is more entity could have up to five beneficial owners. customers. A small credit union we surveyed opens appropriate than the 1.5 new accounts per day 177 See 31 CFR 1020.220, 1023.220, 1024.220, and 24 to 36 accounts for businesses per year, which stated in the NPRM, since it is based on actual data 1026.220. includes an unknown number of sole from a small bank.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00052 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29449

in effect.180 The amount of necessary vendors told FinCEN that they normally this would cost, on average, $1,360 for training would decrease thereafter. bear the costs of system upgrades a small entity.183 FinCEN did not receive any necessary to maintain compliance (vi) Internal Controls. FinCEN comments from small entities regarding required during the term of a contract, understands that the rule would result the cost of developing and conducting but some stated that the changes in additional costs for covered financial the training. The estimates in the necessitated for compliance with the institutions for internal controls and comments received from all financial new requirements would be too costly audit functions, including for small institutions in response to the draft RIA to implement without increasing the entities, to determine that the financial generally fell within the estimated range charges to their customer financial institution is complying with the new in the IRFA, and therefore FinCEN is institutions. The vendors also informed requirements. However, FinCEN did not maintaining this estimate in this FRFA. FinCEN that, until a rule were issued in obtain sufficient input in response to FinCEN also notes that the estimate is final form, it would not be possible to either the NPRM or to the preliminary almost certainly much greater than determine how their systems would RIA and IRFA to enable it to estimate would be the actual case for most small need to be modified, or to estimate the the likely amount of such costs, and credit unions. This is because FinCEN additional charges to their financial therefore is not attempting to estimate understands that approximately 3,000 institution customers resulting from this cost for purposes of the FRFA. small credit unions have five or fewer such changes. b. Customer Due Diligence Requirement employees.181 Training for an In response to the RIA and IRFA, two institution with five employees, based commenters included estimates of the The final rule will also require that on the assumptions above, would cost costs for IT upgrades that would be covered financial institutions include in much less than the $1,250 lower required to comply with the Rule, their AML programs customer due estimate above. although neither were small entities. diligence procedures, including (iii) Training (Developing and Given the lack of specific estimates for understanding the nature and purpose Conducting). In addition, some small entities, FinCEN is not able to of customer relationships for the commenters noted that FinCEN should include an estimate or range of purpose of developing a customer risk account for the cost for the institution estimates for this expense for the FRFA. profile and conducting ongoing to develop and design the training. FinCEN notes that one credit union with monitoring of these relationships to Although no small entities estimated the assets of $2.3 billion estimated the cost identify and report suspicious activities cost for this, an industry trade of IT enhancements to be $23,270, and and, on a risk basis, to maintain and association stated that small banks another with assets of $2.8 billion update customer information. FinCEN would incur expenses of nearly $13,000 estimated such costs at $11,500. Given maintains that, because these are to develop and administer the training. that these institutions are several times necessary measures that covered While this seems plausible for larger than the largest small credit financial institutions must currently institutions at the larger end of the small unions, it would seem that the IT take in order to comply with existing entity definition, it seems to be upgrade costs for small entities could be requirements to detect and file 184 substantially greater than the costs that expected to generally be less than suspicious activity reports, they are would be incurred for developing and $10,000.182 implicit requirements and would not conducting training for the smaller impose any new obligations, and (v) Revising Policies and Procedures. institutions, including those with five or therefore would have no material, In its certification FinCEN noted that fewer employees. measurable economic impact, on any covered financial institutions would (iv) Information Technology. In its small entities. FinCEN believes that need to revise their AML programs in certification FinCEN noted that proposing clear CDD requirements is the order to comply with the proposed rule, financial institutions periodically most effective means of clarifying, but that since financial institutions update their IT systems, and that small consolidating, and harmonizing routinely update this program it was not financial institutions typically expectations and practices across all able to estimate the time or expense for outsource their IT requirements to covered financial institutions. Expressly updating AML programs for compliance vendors, which would incorporate the stating the requirements facilitates the with the final rule specifically. In required modifications into the goal that financial institutions, response to the NPRM FinCEN did not programs that they supply to small regulators, and law enforcement all receive any specific estimates for the financial institutions at minimal operate under the same set of clearly cost for this activity, and no estimate additional cost. FinCEN discussed with articulated principles. vendors the changes that would result was included in the preliminary RIA or Some commenters to the preliminary from the adoption of the proposed rule IRFA. In response to the preliminary RIA and IRFA, including one small and the likely additional costs that RIA and IRFA several financial bank, stated that compliance with these would be charged to customers in order institutions estimated the cost for such requirements would necessitate to achieve compliant systems. The updates and revisions. Although none purchasing tracking software that would were small entities, a trade association cost thousands of dollars. FinCEN’s stated that it surveyed a number of 180 FinCEN believes that the estimated range of response to this issue is discussed above costs may be high because it is based on the small small banks and that they estimated that under section 2 of this FRFA and in the financial institution interviewed with the greatest this would take, on average, 40 hours to Section-by-Section Analysis. number of employees. The cost calculation is based complete. Based on the salary estimates on a weighted average wage of $29.92 for NAICS codes 5221 (Depository Credit Intermediation), used in the RIA, FinCEN estimates that 183 For estimating this cost we use wage data from 5222 (Nondepository Credit Intermediation), 5223 the May 2014 BLS Occupational Employment (Activities Related to Credit Intermediation), and 182 In the course of FinCEN’s outreach mentioned Statistics for ‘‘compliance officers’’ working in 5231 (Securities and Commodity Contracts above following the close of the NPRM comment business establishments in sectors having one of the Intermediation and Brokerage), reported in the May period, one small credit union that FinCEN four-digit North American Industry Classification 2014 Bureau of Labor Statistics National contacted estimated IT upgrade costs of $50,000 to System (NAICS) codes mentioned in footnote 116; Occupational and Wage Estimates. $70,000. Based on the estimates referred to above, the average hourly wage for these compliance 181 Comment letter from Credit Union National this estimate appears to be an aberration and not a officers is $34.03. Association, January 22, 2016, page 4. basis for industry-wide estimates. 184 See, e.g., 31 CFR 1020.320.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00053 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29450 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

5. A Description of the Steps the Agency ownership requirement retroactively In summary, the rule would require Has Taken To Minimize the Significant and requiring that financial institutions covered financial institutions 185 to Economic Impact on Small Entities identify the beneficial owners of all collect, and to maintain records of, the Consistent With the Stated Objectives of their existing accounts as well as new information used to identify and verify Applicable Statutes, Including a accounts. While this would produce the identity of the names of the Statement of the Factual, Policy, and substantially larger benefits because it beneficial owners 186 of their legal entity Legal Reasons for Selecting the would make available beneficial customers (other than those that are Alternative Adopted in the Final Rule ownership information for far more excluded from the definition).187 and Why Each One of the Other customers, it would also result in a Under the proposed and final rule, Significant Alternatives to the Rule significantly greater burden for financial covered financial institutions are required to establish and maintain Considered by the Agency Which Affect institutions. After considering all the written procedures that are reasonably the Impact on the Small Entities Was alternatives FinCEN has concluded that Rejected designed to identify and verify an ownership threshold of 25 percent is beneficial owners of new accounts 188 FinCEN considered a number of appropriate to maximize the benefits of alternatives to the proposed rule. These opened by legal entity customers. They the requirement while minimizing the also must maintain a record of the included exempting small financial burden. institutions below a certain asset or identifying information obtained, and a legal entity customer threshold from the While FinCEN did not determine to description of any document relied on, requirements, as well as utilizing a adopt one of the alternatives it of any non-documentary methods and the results of any measures undertaken, lower (e.g., 10 percent) or higher (e.g., considered, it did take a number of steps and of the resolution of each substantive 50 percent) threshold for the minimum in the final rule in response to discrepancy. Under the proposed rule level of equity ownership for the comments to minimize the economic covered financial institutions were definition of beneficial owner. As impact on small entities subject to the required to obtain from each legal entity regards exempting financial institutions rule. These include clarifying the customer a certification, in a prescribed below a specified amount of assets or of definition of ‘‘legal entity customer,’’ form, containing the identifying legal entity accounts, FinCEN has extending the transition period from one information required. In the final rule determined that identifying the year to two years; eliminating the the institution may obtain the beneficial owner of a financial requirement that financial institutions information either by using the institution’s legal entity customers and use the Certification Form to obtain the beneficial ownership information; Certification Form or by any other verifying that identity is a necessary means that it obtains information from part of an effective AML program. Were expanding the categories of excluded legal entities not subject to the the customer. FinCEN to exempt small entities from We received 141 comments in requirement; simplifying the this requirement, or entities that response to the proposed rule establish fewer than a limited number of requirements related to the charity and addressing many issues. Many accounts for legal entities, those nonprofit exemption; and as noted commenters stated that the rule would financial institutions would be at greater above, clarifying that financial be much more costly to implement than risk of abuse by money launderers and institutions are not required to update as estimated in the proposal for several other financial criminals, as criminals beneficial ownership information on a reasons. The largest cost that would identify institutions without this periodic or ongoing basis, but only on commenters stated would be incurred to requirement. FinCEN also has an event-driven basis, when in the implement the rule would be those considered as alternatives establishing a course of their normal monitoring they needed to upgrade IT systems. Only one different threshold for ownership of detect information about the customer commenter referred specifically to the equity interests in the definition of that may be relevant to assessing the proposed rule understating the PRA beneficial ownership. For example, if risk posed by the customer. Such requirements. As a result of the the ownership threshold were reduced information could include a change in comments addressing the cost of to include each individual owning 10 the customer’s beneficial ownership. implementing the proposal, Treasury percent or more of the equity interests This is explained more fully in the conducted and published a preliminary of a legal entity, a financial institution Section-by-Section Analysis above. RIA and issued an IRFA. FinCEN would potentially have to identify more received 38 comments addressing these individuals as beneficial owners, which D. Paperwork Reduction Act Analysis documents, which are summarized would result in greater onboarding time The new recordkeeping requirement above. As a result of these comments and expense in such cases, with contained in this rule (31 CFR 1010.230) FinCEN revised its RIA and IRFA and commensurately greater available has been approved by the Office of information. Alternatively, should the 185 Management and Budget (OMB) in Banks, brokers and dealers in securities, ownership threshold be increased to mutual funds, and futures commission merchants accordance with the Paperwork owners of 50 percent or more of the and introducing brokers. Reduction Act of 1995 (PRA), 44 U.S.C. 186 Beneficial owners include any individual equity interests, financial institutions who, directly or indirectly, owns 25 percent or would be required to identify and verify 3501 et seq., under control number 1506–0070. The PRA imposes certain more of the equity interests of a legal entity, and the identity of up to three individuals one individual with significant responsibility to rather than five, thereby reducing requirements on Federal agencies in control, manage, or direct a legal entity customer. marginally the cost of the initial connection with their conducting or 187 This requirement applies to accounts established for legal entities. A legal entity onboarding time. However, this change sponsoring any collection of information as defined by the PRA. generally includes a corporation, limited liability would not impact the training or IT company, or other entity that is created by a filing costs and therefore would not Under the PRA, an agency may not of a public document with a Secretary of State or substantially reduce the overall costs of conduct or sponsor, and a person is not similar office, a general partnership, or any similar entity formed under the laws of a foreign country. the rule and also would provide less required to respond to, a collection of information unless it displays a valid 188 New accounts are those opened after the useful information. FinCEN has also Applicability Date, which is two years after the date considered applying the beneficial OMB control number. of publication.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00054 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29451

issued a final RIA and FRFA, each of this burden estimate and suggestions new account is opened, unless the which is set forth above. from reducing this burden should be customer is otherwise excluded FinCEN has reconsidered the PRA directed to the Desk Officer for the pursuant to paragraph (e) of this section burden estimates published in the Department of the Treasury, Office of or the account is exempted pursuant to proposal, based on the comments Information and Regulatory Affairs, paragraph (h) of this section. A covered received to the proposal and the Office of Management and Budget, financial institution may accomplish preliminary RIA and IRFA, and Paperwork Reduction Act Project this either by obtaining a certification in publishes below its revised estimates. (1506), Washington, DC 20503. the form of appendix A of this section The revised estimates are a result of from the individual opening the account E. Unfunded Mandates Act of 1995 information that FinCEN obtained as a on behalf of the legal entity customer, or Statement result of the comments received, and by obtaining from the individual the particularly as a result of developing the Section 202 of the Unfunded information required by the form by RIA. Specifically, FinCEN increased its Mandates Reform Act of 1995, Public another means, provided the individual estimate of the time to develop and Law 104–4 (Unfunded Mandates Act) certifies, to the best of the individual’s maintain beneficial ownership requires that an agency prepare a knowledge, the accuracy of the identification procedures, from one budgetary impact statement before information; and hour to 56 hours (40 for small entities), promulgating a rule that includes a (2) Verify the identity of each and its estimate of the time for Federal mandate that may result in beneficial owner identified to the identification, verification, and review expenditure by State, local, and tribal covered financial institution, according and recordkeeping of the beneficial governments, in the aggregate, or by the to risk-based procedures to the extent owners of legal entity customers, from private sector, of $100 million or more reasonable and practicable. At a 20 minutes per customer to a range of in any one year. FinCEN believes that minimum, these procedures must 20–40 minutes per customer. the RIA provides the analysis required contain the elements required for Affected public: Certain financial by the Unfunded Mandates Act. verifying the identity of customers that institutions, and businesses or other for- are individuals under § 1020.220(a)(2) of List of Subjects in 31 CFR Parts 1010, this chapter (for banks); § 1023.220(a)(2) profit and not-for-profit entities. 1020, 1023, 1024, and 1026 OMB Control Number: 1506–0070. of this chapter (for brokers or dealers in Frequency: As required. Administrative practice and securities); § 1024.220(a)(2) of this Estimated Burden: procedure, Banks, Banking, Brokers, chapter (for mutual funds); or a. Develop and maintain beneficial Currency, Federal home loan banks, § 1026.220(a)(2) of this chapter (for ownership identification procedures: 56 Foreign banking, Foreign currencies, futures commission merchants or hours.189 Gambling, Investigations, Mortgages, introducing brokers in commodities); b. Customer identification, Penalties, Reporting and recordkeeping provided, that in the case of verification, and review and requirements, Securities, Terrorism. documentary verification, the financial institution may use photocopies or other recordkeeping of the beneficial Authority and Issuance ownership information: A range of 20 to reproductions of the documents listed 40 minutes per legal entity customer. For the reasons set forth in the in paragraph (a)(2)(ii)(A)(1) of Estimated Number of Respondents: preamble, chapter X of title 31 of the § 1020.220 of this chapter (for banks); 28,917.190 Code of Federal Regulations is amended § 1023.220 of this chapter (for brokers or Estimated Total Annual Responses: as follows: dealers in securities); § 1024.220 of this 10,843,875.191 chapter (for mutual funds); or Estimated Recordkeeping Burden: PART 1010—GENERAL PROVISIONS § 1026.220 of this chapter (for futures 192 commission merchants or introducing 7,041,289 hours. ■ 1. The authority citation for part 1010 brokers in commodities). A covered The numbers presented assume that continues to read as follows: the number of account openings in 2013 financial institution may rely on the is representative for an average yearly Authority: 12 U.S.C. 1829b and 1951–1959; information supplied by the legal entity establishment of accounts for new legal 31 U.S.C. 5311–5314 and 5316–5332; title III, customer regarding the identity of its sec. 314 Pub. L. 107–56, 115 Stat. 307. entities. Records are required to be beneficial owner or owners, provided retained pursuant to the beneficial ■ 2. Add § 1010.230 to read as follows: that it has no knowledge of facts that would reasonably call into question the ownership requirement for five years. § 1010.230 Beneficial ownership Comments concerning the accuracy of reliability of such information. requirements for legal entity customers. (c) Account. For purposes of this (a) In general. Covered financial 189 A burden of 56 hours to develop the initial section, account has the meaning set procedures is recognized (40 hours for small institutions are required to establish and forth in § 1020.100(a) of this chapter (for entities). Once developed, an annual burden of 20 maintain written procedures that are banks); § 1023.100(a) of this chapter (for minutes is recognized for maintenance. reasonably designed to identify and brokers or dealers in securities); 190 This includes depository institutions (12,513), verify beneficial owners of legal entity § 1024.100(a) of this chapter (for mutual broker-dealers in securities (4,269), futures commission merchants (101), introducing brokers customers and to include such funds); and § 1026.100(a) of this chapter in commodities (1,323), and open-end mutual funds procedures in their anti-money (for futures commission merchants or (10,711), each as defined under the BSA. These laundering compliance program introducing brokers in commodities). figures represent the total number of entities that required under 31 U.S.C. 5318(h) and its (d) Beneficial owner. For purposes of would be subject to the requirements in the final rule. implementing regulations. this section, beneficial owner means 191 Based on initial research, each covered (b) Identification and verification. each of the following: financial institution will open, on average, 1.5 new With respect to legal entity customers, (1) Each individual, if any, who, legal entity accounts per business day. There are the covered financial institution’s directly or indirectly, through any 250 business days per year. customer due diligence procedures shall contract, arrangement, understanding, 192 10,843,875 × 30 minutes per account established ÷ 60 minutes per hour = 5,421,937 enable the institution to: relationship or otherwise, owns 25 hours (plus development time of 1,619,352 hours (1) Identify the beneficial owner(s) of percent or more of the equity interests for a total of 7,041,289 hours in the first year). each legal entity customer at the time a of a legal entity customer; and

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00055 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29452 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

(2) A single individual with Securities Exchange Act of 1934 or that institution not excluded under significant responsibility to control, is required to file reports under section paragraph (e)(2) of this section; and manage, or direct a legal entity 15(d) of that Act; (ii) Any legal entity that is established customer, including: (iv) An investment company, as as a nonprofit corporation or similar (i) An executive officer or senior defined in section 3 of the Investment entity and has filed its organizational manager (e.g., a Chief Executive Officer, Company Act of 1940, that is registered documents with the appropriate State Chief Financial Officer, Chief Operating with the Securities and Exchange authority as necessary. Officer, Managing Member, General Commission under that Act; (f) Covered financial institution. For Partner, President, Vice President, or (v) An investment adviser, as defined the purposes of this section, covered Treasurer); or in section 202(a)(11) of the Investment financial institution has the meaning set (ii) Any other individual who Advisers Act of 1940, that is registered forth in § 1010.605(e)(1) of this chapter. regularly performs similar functions. with the Securities and Exchange (g) New account. For the purposes of (3) If a trust owns directly or Commission under that Act; this section, new account means each indirectly, through any contract, (vi) An exchange or clearing agency, account opened at a covered financial arrangement, understanding, as defined in section 3 of the Securities institution by a legal entity customer on relationship or otherwise, 25 percent or Exchange Act of 1934, that is registered or after the applicability date. more of the equity interests of a legal under section 6 or 17A of that Act; (h) Exemptions. (1) Covered financial entity customer, the beneficial owner for (vii) Any other entity registered with institutions are exempt from the purposes of paragraph (d)(1) of this the Securities and Exchange requirements to identify and verify the section shall mean the trustee. If an Commission under the Securities identity of the beneficial owner(s) set entity listed in paragraph (e)(2) of this Exchange Act of 1934; forth in paragraphs (a) and (b)(1) and (2) section owns directly or indirectly, (viii) A registered entity, commodity of this section only to the extent the through any contract, arrangement, pool operator, commodity trading financial institution opens an account understanding, relationship or advisor, retail foreign exchange dealer, for a legal entity customer that is: otherwise, 25 percent or more of the swap dealer, or major swap participant, (i) At the point-of-sale to provide equity interests of a legal entity each as defined in section 1a of the credit products, including commercial customer, no individual need be Commodity Exchange Act, that is private label credit cards, solely for the identified for purposes of paragraph registered with the Commodity Futures purchase of retail goods and/or services (d)(1) of this section with respect to that Trading Commission; at these retailers, up to a limit of entity’s interests. (ix) A public accounting firm $50,000; Note to paragraph (d). The number of registered under section 102 of the (ii) To finance the purchase of postage individuals that satisfy the definition of Sarbanes–Oxley Act; and for which payments are remitted ‘‘beneficial owner,’’ and therefore must (x) A bank holding company, as directly by the financial institution to be identified and verified pursuant to defined in section 2 of the Bank Holding the provider of the postage products; this section, may vary. Under paragraph Company Act of 1956 (12 U.S.C. 1841) (iii) To finance insurance premiums (d)(1) of this section, depending on the or savings and loan holding company, and for which payments are remitted factual circumstances, up to four as defined in section 10(n) of the Home directly by the financial institution to individuals may need to be identified. Owners’ Loan Act (12 U.S.C 1467a(n)); the insurance provider or broker; Under paragraph (d)(2) of this section, (xi) A pooled investment vehicle that (iv) To finance the purchase or leasing only one individual must be identified. is operated or advised by a financial of equipment and for which payments It is possible that in some circumstances institution excluded under paragraph are remitted directly by the financial the same person or persons might be (e)(2) of this section; institution to the vendor or lessor of this identified pursuant to paragraphs (d)(1) (xii) An insurance company that is equipment. and (2) of this section. A covered regulated by a State; (2) Limitations on Exemptions. (i) The financial institution may also identify (xiii) A financial market utility exemptions identified in paragraphs additional individuals as part of its designated by the Financial Stability (h)(1)(ii) through (iv) of this section do customer due diligence if it deems Oversight Council under Title VIII of the not apply to transaction accounts appropriate on the basis of risk. Dodd-Frank Wall Street Reform and through which a legal entity customer (e) Legal entity customer. For the Consumer Protection Act of 2010; can make payments to, or receive purposes of this section: (xiv) A foreign financial institution payments from, third parties. (1) Legal entity customer means a established in a jurisdiction where the (ii) If there is the possibility of a cash corporation, limited liability company, regulator of such institution maintains refund on the account activity identified or other entity that is created by the beneficial ownership information in paragraphs (h)(1)(ii) through (iv) of filing of a public document with a regarding such institution; this section, then beneficial ownership Secretary of State or similar office, a (xv) A non-U.S. governmental of the legal entity customer must be general partnership, and any similar department, agency or political identified and verified by the financial entity formed under the laws of a subdivision that engages only in institution as required by this section, foreign jurisdiction that opens an governmental rather than commercial either at the time of initial remittance, account. activities; and or at the time such refund occurs. (2) Legal entity customer does not (xvi) Any legal entity only to the (i) Recordkeeping. A covered financial include: extent that it opens a private banking institution must establish procedures for (i) A financial institution regulated by account subject to § 1010.620 of this making and maintaining a record of all a Federal functional regulator or a bank chapter. information obtained under the regulated by a State bank regulator; (3) The following legal entity procedures implementing paragraph (b) (ii) A person described in customers are subject only to the control of this section. § 1020.315(b)(2) through (5) of this prong of the beneficial ownership (1) Required records. At a minimum chapter; requirement: the record must include: (iii) An issuer of a class of securities (i) A pooled investment vehicle that is (i) For identification, any identifying registered under section 12 of the operated or advised by a financial information obtained by the covered

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00056 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29453

financial institution pursuant to records made under paragraph (i)(1)(ii) (1) Such reliance is reasonable under paragraph (b) of this section, including of this section for five years after the the circumstances; without limitation the certification (if record is made. (2) The other financial institution is obtained); and (j) Reliance on another financial subject to a rule implementing 31 U.S.C. (ii) For verification, a description of institution. A covered financial 5318(h) and is regulated by a Federal any document relied on (noting the functional regulator; and type, any identification number, place institution may rely on the performance of issuance and, if any, date of issuance by another financial institution (3) The other financial institution and expiration), of any non- (including an affiliate) of the enters into a contract requiring it to documentary methods and the results of requirements of this section with certify annually to the covered financial any measures undertaken, and of the respect to any legal entity customer of institution that it has implemented its resolution of each substantive the covered financial institution that is anti-money laundering program, and discrepancy. opening, or has opened, an account or that it will perform (or its agent will (2) Retention of records. A covered has established a similar business perform) the specified requirements of financial institution must retain the relationship with the other financial the covered financial institution’s records made under paragraph (i)(1)(i) institution to provide or engage in procedures to comply with the of this section for five years after the services, dealings, or other financial requirements of this section. date the account is closed, and the transactions, provided that: BILLING CODE P

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00057 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 29454 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

APPENDIX A to § 1010.230 -- CERTIFICATION REGARDING BENEFICIAL OWNERS OF LEGAL ENTITY CUSTOMERS

I. GENERAL INSTRUCTIONS

What is this form?

To help the government fight financial crime, Federal regulation requires certain financial institutions to obtain, verify, and record information about the beneficial owners of legal entity customers. Legal entities can be abused to disguise involvement in terrorist financing, money laundering, tax evasion, corruption, fraud, and other financial crimes. Requiring the disclosure of key individuals who own or control a legal entity (i.e., the beneficial owners) helps law enforcement investigate and prosecute these crimes.

Who has to complete this form?

This form must be completed by the person opening a new account on behalf of a legal entity with any ofthe following U.S. financial institutions: (i) a bank or credit union; (ii) a broker or dealer in securities; (iii) a mutual fund; (iv) a futures commission merchant; or (v) an introducing broker in commodities.

For the purposes ofthis form, a legal entity includes a corporation, limited liability company, or other entity that is created by a filing of a public document with a Secretary of State or similar office, a general partnership, and any similar business entity formed in the United States or a foreign country. Legal entity does not include sole proprietorships, unincorporated associations, or natural persons opening accounts on their own behalf.

What information do I have to provide?

This form requires you to provide the name, address, date of birth and Social Security number (or passport number or other similar information, in the case of foreign persons) for the following individuals (i.e., the beneficial owners):

(i) Each individual, if any, who owns, directly or indirectly, 25 percent or more of the equity interests ofthe legal entity customer (e.g., each natural person that owns 25 percent or more of the shares of a corporation); and

(ii) An individual with significant responsibility for managing the legal entity customer (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer).

The number of individuals that satisfy this definition of"beneficial owner" may vary. Under section (i), depending on the factual circumstances, up to four individuals (but as

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00058 Fmt 4701 Sfmt 4725 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 ER11MY16.021 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29455

few as zero) may need to be identified. Regardless ofthe number of individuals identified under section (i), you must provide the identifying information of one individual under section (ii). It is possible that in some circumstances the same individual might be identified under both sections (e.g., the President of Acme, Inc. who also holds a 30% equity interest). Thus, a completed form will contain the identifying information of at least one individual (under section (ii)), and up to five individuals (i.e., one individual under section (ii) and four 25 percent equity holders under section (i)).

The financial institution may also ask to see a copy of a driver's license or other identifying document for each beneficial owner listed on this form.

II. CERTIFICATION OF BENEFICIAL OWNER(S)

Persons opening an account on behalf of a legal entity must provide the following information:

a. Name and Title ofNatural Person Opening Account:

b. Name and Address ofLegal Entity for Which the Account is Being Opened:

c. The following information for each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25 percent or more ofthe equity interests ofthe legal entity listed above:

Name Date of Birth Address (Residential For US. Persons: For Foreign or Business Street Social Security Persons: Passport Number and

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00059 Fmt 4701 Sfmt 4725 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 ER11MY16.022 29456 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

Address) Number Country of Issuance, or other similar identification number1

(If no individual meets this definition, please write "Not Applicable.")

d. The following information for one individual with significant responsibility for managing the legal entity listed above, such as:

D An executive officer or senior manager (e.g., Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, Treasurer); or

D Any other individual who regularly performs similar functions.

(If appropriate, an individual listed under section (c) above may also be listed in this section (d)).

Name/Title Date of Birth Address (Residential For US. Persons: For Foreign or Business Street Social Security Persons: Passport Address) Number Number and Country of Issuance, or other similar identification number1

I, (name of natural person opening account), hereby certify, to the best of my knowledge, that the information provided above is complete and correct.

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00060 Fmt 4701 Sfmt 4725 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 ER11MY16.023 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations 29457

PART 1020—RULES FOR BANKS entity customers (as defined in diligence, to include, but not be limited § 1010.230 of this chapter); and to: ■ 3. The authority citation for part 1020 (c) Complies with the regulation of its (i) Understanding the nature and continues to read as follows: Federal functional regulator governing purpose of customer relationships for Authority: 12 U.S.C. 1829b and 1951–1959; such programs. the purpose of developing a customer 31 U.S.C. 5311–5314 and 5316–5332; title III, risk profile; and sec. 314 Pub. L. 107–56, 115 Stat. 307. PART 1023—RULES FOR BROKERS (ii) Conducting ongoing monitoring to OR DEALERS IN SECURITIES ■ 4. Revise § 1020.210 to read as identify and report suspicious follows: ■ 5. The authority citation for part 1023 transactions and, on a risk basis, to continues to read as follows: maintain and update customer § 1020.210 Anti-money laundering information. For purposes of this program requirements for financial Authority: 12 U.S.C. 1829b and 1951–1959; paragraph (b)(5)(ii), customer institutions regulated only by a Federal 31 U.S.C. 5311–5314 and 5316–5332; title III, information shall include information sec. 314 Pub. L. 107–56, 115 Stat. 307. functional regulator, including banks, regarding the beneficial owners of legal savings associations, and credit unions. ■ 6. Revise § 1023.210 to read as entity customers (as defined in A financial institution regulated by a follows: § 1010.230 of this chapter); and Federal functional regulator that is not (c) Complies with the rules, subject to the regulations of a self- § 1023.210 Anti-money laundering program requirements for brokers or regulations, or requirements of its self- regulatory organization shall be deemed dealers in securities. regulatory organization governing such to satisfy the requirements of 31 U.S.C. A broker or dealer in securities shall programs; provided that the rules, 5318(h)(1) if the financial institution be deemed to satisfy the requirements of regulations, or requirements of the self- implements and maintains an anti- 31 U.S.C. 5318(h)(1) if the broker-dealer regulatory organization governing such money laundering program that: implements and maintains a written programs have been made effective (a) Complies with the requirements of anti-money laundering program under the Securities Exchange Act of §§ 1010.610 and 1010.620 of this approved by senior management that: 1934 by the appropriate Federal chapter; (a) Complies with the requirements of functional regulator in consultation (b) Includes, at a minimum: §§ 1010.610 and 1010.620 of this with FinCEN. (1) A system of internal controls to chapter and any applicable regulation of PART 1024—RULES FOR MUTUAL assure ongoing compliance; its Federal functional regulator FUNDS (2) Independent testing for governing the establishment and compliance to be conducted by bank implementation of anti-money personnel or by an outside party; ■ 7. The authority citation for part 1024 laundering programs; continues to read as follows: (3) Designation of an individual or (b) Includes, at a minimum: individuals responsible for coordinating (1) The establishment and Authority: 12 U.S.C. 1829b and 1951–1959; and monitoring day-to-day compliance; implementation of policies, procedures, 31 U.S.C. 5311–5314 and 5316–5332; title III, (4) Training for appropriate and internal controls reasonably sec. 314 Pub. L. 107–56, 115 Stat. 307. personnel; and designed to achieve compliance with ■ 8. Revise § 1024.210 to read as (5) Appropriate risk-based procedures the applicable provisions of the Bank follows: for conducting ongoing customer due Secrecy Act and the implementing diligence, to include, but not be limited regulations thereunder; § 1024.210 Anti-money laundering to: (2) Independent testing for program requirements for mutual funds. (i) Understanding the nature and compliance to be conducted by the (a) Effective July 24, 2002, each purpose of customer relationships for broker-dealer’s personnel or by a mutual fund shall develop and the purpose of developing a customer qualified outside party; implement a written anti-money risk profile; and (3) Designation of an individual or laundering program reasonably (ii) Conducting ongoing monitoring to individuals responsible for designed to prevent the mutual fund identify and report suspicious implementing and monitoring the from being used for money laundering transactions and, on a risk basis, to operations and internal controls of the or the financing of terrorist activities maintain and update customer program; and to achieve and monitor compliance information. For purposes of this (4) Ongoing training for appropriate with the applicable requirements of the paragraph (b)(5)(ii), customer persons; and Bank Secrecy Act (31 U.S.C. 5311, et information shall include information (5) Appropriate risk-based procedures seq.), and the implementing regulations regarding the beneficial owners of legal for conducting ongoing customer due promulgated thereunder by the

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00061 Fmt 4701 Sfmt 4700 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3 ER11MY16.024 29458 Federal Register / Vol. 81, No. 91 / Wednesday, May 11, 2016 / Rules and Regulations

Department of the Treasury. Each PART 1026—RULES FOR FUTURES futures commission merchant or mutual fund’s anti-money laundering COMMISSION MERCHANTS AND introducing broker in commodities’ program must be approved in writing by INTRODUCING BROKERS IN personnel or by a qualified outside its board of directors or trustees. A COMMODITIES party; mutual fund shall make its anti-money (3) Designation of an individual or laundering program available for ■ 9. The authority citation for part 1026 individuals responsible for inspection by the U.S. Securities and continues to read as follows: implementing and monitoring the Exchange Commission. Authority: 12 U.S.C. 1829b and 1951–1959; operations and internal controls of the (b) The anti-money laundering 31 U.S.C. 5311–5314 and 5316–5332; title III, program; program shall at a minimum: sec. 314 Pub. L. 107–56, 115 Stat. 307. (4) Ongoing training for appropriate (1) Establish and implement policies, ■ 10. Revise § 1026.210 to read as persons; procedures, and internal controls follows: (5) Appropriate risk-based procedures reasonably designed to prevent the for conducting ongoing customer due mutual fund from being used for money § 1026.210 Anti-money laundering diligence, to include, but not be limited laundering or the financing of terrorist program requirements for futures to: commission merchants and introducing (i) Understanding the nature and activities and to achieve compliance brokers in commodities. with the applicable provisions of the purpose of customer relationships for Bank Secrecy Act and implementing A futures commission merchant and the purpose of developing a customer regulations thereunder; an introducing broker in commodities risk profile; and shall be deemed to satisfy the (2) Provide for independent testing for (ii) Conducting ongoing monitoring to requirements of 31 U.S.C. 5318(h)(1) if compliance to be conducted by the identify and report suspicious the futures commission merchant or mutual fund’s personnel or by a transactions and, on a risk basis, to introducing broker in commodities qualified outside party; maintain and update customer implements and maintains a written information. For purposes of this (3) Designate a person or persons anti-money laundering program responsible for implementing and paragraph (b)(5)(ii), customer approved by senior management that: information shall include information monitoring the operations and internal (a) Complies with the requirements of controls of the program; regarding the beneficial owners of legal §§ 1010.610 and 1010.620 of this entity customers (as defined in (4) Implement appropriate risk-based chapter and any applicable regulation of procedures for conducting ongoing § 1010.230 of this chapter); and its Federal functional regulator (c) Complies with the rules, customer due diligence, to include, but governing the establishment and not be limited to: regulations, or requirements of its self- implementation of anti-money regulatory organization governing such (i) Understanding the nature and laundering programs; programs, provided that the rules, purpose of customer relationships for (b) Includes, at a minimum: regulations, or requirements of the self- the purpose of developing a customer (1) The establishment and regulatory organization governing such risk profile; and implementation of policies, procedures, programs have been made effective (ii) Conducting ongoing monitoring to and internal controls reasonably under the Commodity Exchange Act by identify and report suspicious designed to prevent the financial the appropriate Federal functional transactions and, on a risk basis, to institution from being used for money regulator in consultation with FinCEN. maintain and update customer laundering or the financing of terrorist information. For purposes of this activities and to achieve compliance Dated: May 2, 2016. paragraph (b)(4)(ii), customer with the applicable provisions of the David R. Pearl, information shall include information Bank Secrecy Act and the implementing Executive Secretary, United States regarding the beneficial owners of legal regulations thereunder; Department of the Treasury. entity customers (as defined in (2) Independent testing for [FR Doc. 2016–10567 Filed 5–6–16; 8:45 am] § 1010.230 of this chapter). compliance to be conducted by the BILLING CODE C

VerDate Sep<11>2014 18:50 May 10, 2016 Jkt 238001 PO 00000 Frm 00062 Fmt 4701 Sfmt 9990 E:\FR\FM\11MYR3.SGM 11MYR3 mstockstill on DSK3G9T082PROD with RULES3