Kathleen A. Scott
Kathleen A. Scott ()

The United States is a founding member of the Financial Action Task Force (FATF),1 an international organization of regulators that develops recommendations on anti-money laundering (AML) and anti-terrorism financing (CFT). The FATF regularly evaluates member countries to determine their compliance with their AML and CFT laws and the FATF 40 recommendations on AML/CFT issues.

The FATF recently issued its latest evaluation of the United States’ compliance with the FATF Recommendations; the last evaluation was in 2006.2 This month’s column will focus on a few of the FATF evaluation team’s significant findings and recommendations for improvement.

The overall verdict? The FATF evaluation team found the United States compliant or largely compliant as to most of the 40 recommendations, but improvements still could be made and there still are some deficiencies to be addressed.

Background

Money laundering and financing of terrorist activities are illegal under federal and many state laws. Federal (and some state) laws also impose compliance obligations on certain businesses such as reporting and record-keeping requirements related to large cash transactions. The so-called U.S. “Bank Secrecy Act” (BSA)3 imposes most of the AML compliance requirements on “financial institutions” as defined in the law and later incorporated into regulations issued by the Financial Crimes Enforcement Network (FinCEN), the U.S. AML/CFT agency. There is a lengthy list of these “financial institutions” in the statute but only some of them have been incorporated into the regulations. Those subject to the most detailed requirements currently include the “traditional” banking, securities and commodities businesses, as well as certain casinos.

For those businesses not subject to detailed AML compliance obligations, there is a requirement for all businesses, from car dealers to lawyers to real estates agents, to report large cash transactions received in their trade or business.4

FATF Findings

The FATF evaluation team found that most of the AML/CFT compliance requirements fall on the “traditional” financial businesses and the team complimented these businesses on their understanding of AML/CFT risks and their internal systems in place to address those risks. In addition, the FATF team saw improvement in such areas as AML compliance by money services businesses, interagency and international cooperation, prosecutions, asset forfeiture and financial sanctions. Nevertheless, it offered many suggestions for improvement in compliance across the 40 recommendations.

What is not going well? The FATF evaluation team found the United States not compliant in areas dealing for the most part with a lack of substantial regulation and supervision of so-called “designated non-financial businesses and professions” (DNFBPs) other than casinos and dealers in precious metals and stones, and a lack of sufficient regulation over identification of the beneficial owners of legal entities, issues which had been raised in the 2006 evaluation. Other criticisms included current requirements thresholds for suspicious transactions. The remainder of this column concentrates on these three areas.

DNFBPs

While the regulatory regime for financial institutions was considered generally strong, the FATF evaluation team noted a “significant gap” because of “minimal coverage” of certain businesses such as investment advisers, lawyers, accountants, real estate agents, and trust and company service providers (other than trust companies). With respect to DNFBPs, other than casinos and precious metal and stones dealers, non-financial businesses are subject to reporting only of their large cash transactions as part of their trade or business (suspicious transactions may be reported voluntarily, subject to certain thresholds).

The U.S. risk assessment process does not address what the FATF team noted were the “systemic vulnerabilities” in the DNFBP. There is a proposed regulation5 to include investment advisers in the regulations, but it has not yet been finalized. The proposed regulation would only require investment advisers to establish AML compliance programs and report suspicious transactions, and not the full panoply of AML compliance requirements applicable to other securities businesses such as broker dealers and mutual funds. However, investment advisers often work with broker dealers on verification of customer identification and thus indirectly may have customer verification programs similar to the programs required for broker dealers.

There also is a proposed regulation that would expand BSA requirements for banking organizations that do not have a federal bank regulator, such as state-chartered limited purpose trust companies.6

The FATF evaluation team’s primary recommendations in this area include:

• Finalize the 2016 regulation on investment advisers BSA compliance.

• Based upon specific vulnerability analyses, certain DNFBPs such as lawyers, accountants, nonbank trust and company service providers and high-end real estate companies should be subject to additional AML compliance requirements beyond the already required cash reporting obligations.

• Subject non-federal state banks to more AML compliance requirements in addition to cash reporting.

Beneficial Ownership

The FATF evaluation team saw a lack of access to information on “adequate, accurate and current beneficial ownership” as one of the “fundamental gaps” in U.S. AML efforts. The FATF evaluation team noted a vulnerability of legal entities to be used as part of complex structures behind which the beneficial owners can hide. Overall, measures to prevent the misuse of legal persons and legal arrangements were found by the FATF evaluation team to be inadequate.

Legal entities are generally formed at the state level, but the FATF evaluation team found that states do not verify the information collected during the formation process which means that inaccuracies could occur and remain undetected. Some states have taken preliminary steps to raise awareness about the misuse of legal persons, including publishing a 2013 “best practices paper” on the issue which the FATF evaluation team did not go far enough to comply with FATF standards.

Regulations were finalized later in 20167 requiring beneficial ownership of legal entities, but there is a two-year implementation period.

The FATF team’s primary recommendations in this area are:

• Federal regulators should obtain “adequate, accurate and current” beneficial ownership information on all legal entities at the time of their formation;

• Ensure that law enforcement has routine access to this information in a timely manner;

• Consider prohibiting financial institutions from providing financial services to any U.S. legal person when a U.S. person in the beneficial chain of ownership does not have an employer identification number issued by the Internal Revenue Service;

• Require a federal regulator to collect and maintain information on the number and types of legal entities formed in each state;

• Require trustees to maintain adequate, accurate and current information on identity of all parties to trusts, including any other natural person exercising ultimate effective control over trusts.

Suspicious Activity Reports

Current regulations requiring filing mandatory suspicious activity reports (SARs) with FinCEN place dollar thresholds on reporting of suspicious transactions (e.g., $5,000 for banks) and provide a 30-60 day time period within which to file a SAR.8 In addition, SAR regulations require that when suspected violations require “immediate attention,” [the example in the regulation is an ongoing money laundering scheme], the bank must notify the “appropriate” law enforcement authority in addition to filing the SAR.

The FATF evaluation team saw the SAR reporting thresholds as presenting an opportunity of structuring transactions to avoid them, and thus lessening the deterrent value of such preventive measures. In addition, the FATF evaluation team observed that the reason for setting the specific thresholds was mainly due to concern about compliance burdens on businesses and not due to a risk analysis. The FATF Recommendations require reporting of suspicious transactions without any threshold requirements.

Recommendations in this area include:

• Issuing guidance on when suspicious transactions must be reported “immediately” as opposed to the current 30- to 60-day requirements;

• The United States should reconsider whether the current SAR reporting thresholds should be revised;

• Businesses not covered in the BSA regulations may voluntarily report suspicious transactions, but more education about the understanding of AML risks needs to be improved

Conclusion

As a founding FATF member, the United States may be seen as under an obligation to be leading the way in AML/CFT compliance. The Treasury Department noted on its website that there still is work to do in the AML/CFT area, particularly in the beneficial ownership of legal entities.9 The FATF and fellow FATF members will be watching to see the next steps to be taken by the United States.

Endnotes:

1. The FATF website is http://www.fatf-gafi.org/.

2. See Kathleen A. Scott, “International Banking; U.S. Report Card on AML Standards,” New York Law Journal, Sept. 20, 2006.

3. 31 U.S.C. Chapter 53, starting at §5311.

4. See 31 U.S.C. §5331 and 26 USC §6050I(g).

5. 80 Fed. Reg. 52680, Sept. 1, 2015.

6. 81 Fed. Reg. 58425, Aug. 25, 2016.

7. See 31 CFR §1010.230.

8. See for example, 31 CFR §1020.320.

9. Jennifer Fowler, Treasury Notes, “Financial Action Task Force Report Recognizes U.S. AML CFT Leadership, Action Needed on Beneficial Ownership,” Dec. 1, 2016.

The United States is a founding member of the Financial Action Task Force (FATF),1 an international organization of regulators that develops recommendations on anti-money laundering (AML) and anti-terrorism financing (CFT). The FATF regularly evaluates member countries to determine their compliance with their AML and CFT laws and the FATF 40 recommendations on AML/CFT issues.

The FATF recently issued its latest evaluation of the United States’ compliance with the FATF Recommendations; the last evaluation was in 2006.2 This month’s column will focus on a few of the FATF evaluation team’s significant findings and recommendations for improvement.

The overall verdict? The FATF evaluation team found the United States compliant or largely compliant as to most of the 40 recommendations, but improvements still could be made and there still are some deficiencies to be addressed.

Background

Money laundering and financing of terrorist activities are illegal under federal and many state laws. Federal (and some state) laws also impose compliance obligations on certain businesses such as reporting and record-keeping requirements related to large cash transactions. The so-called U.S. “Bank Secrecy Act” (BSA)3 imposes most of the AML compliance requirements on “financial institutions” as defined in the law and later incorporated into regulations issued by the Financial Crimes Enforcement Network (FinCEN), the U.S. AML/CFT agency. There is a lengthy list of these “financial institutions” in the statute but only some of them have been incorporated into the regulations. Those subject to the most detailed requirements currently include the “traditional” banking, securities and commodities businesses, as well as certain casinos.

For those businesses not subject to detailed AML compliance obligations, there is a requirement for all businesses, from car dealers to lawyers to real estates agents, to report large cash transactions received in their trade or business.4

FATF Findings

The FATF evaluation team found that most of the AML/CFT compliance requirements fall on the “traditional” financial businesses and the team complimented these businesses on their understanding of AML/CFT risks and their internal systems in place to address those risks. In addition, the FATF team saw improvement in such areas as AML compliance by money services businesses, interagency and international cooperation, prosecutions, asset forfeiture and financial sanctions. Nevertheless, it offered many suggestions for improvement in compliance across the 40 recommendations.

What is not going well? The FATF evaluation team found the United States not compliant in areas dealing for the most part with a lack of substantial regulation and supervision of so-called “designated non-financial businesses and professions” (DNFBPs) other than casinos and dealers in precious metals and stones, and a lack of sufficient regulation over identification of the beneficial owners of legal entities, issues which had been raised in the 2006 evaluation. Other criticisms included current requirements thresholds for suspicious transactions. The remainder of this column concentrates on these three areas.

DNFBPs

While the regulatory regime for financial institutions was considered generally strong, the FATF evaluation team noted a “significant gap” because of “minimal coverage” of certain businesses such as investment advisers, lawyers, accountants, real estate agents, and trust and company service providers (other than trust companies). With respect to DNFBPs, other than casinos and precious metal and stones dealers, non-financial businesses are subject to reporting only of their large cash transactions as part of their trade or business (suspicious transactions may be reported voluntarily, subject to certain thresholds).

The U.S. risk assessment process does not address what the FATF team noted were the “systemic vulnerabilities” in the DNFBP. There is a proposed regulation5 to include investment advisers in the regulations, but it has not yet been finalized. The proposed regulation would only require investment advisers to establish AML compliance programs and report suspicious transactions, and not the full panoply of AML compliance requirements applicable to other securities businesses such as broker dealers and mutual funds. However, investment advisers often work with broker dealers on verification of customer identification and thus indirectly may have customer verification programs similar to the programs required for broker dealers.

There also is a proposed regulation that would expand BSA requirements for banking organizations that do not have a federal bank regulator, such as state-chartered limited purpose trust companies.6

The FATF evaluation team’s primary recommendations in this area include:

• Finalize the 2016 regulation on investment advisers BSA compliance.

• Based upon specific vulnerability analyses, certain DNFBPs such as lawyers, accountants, nonbank trust and company service providers and high-end real estate companies should be subject to additional AML compliance requirements beyond the already required cash reporting obligations.

• Subject non-federal state banks to more AML compliance requirements in addition to cash reporting.

Beneficial Ownership

The FATF evaluation team saw a lack of access to information on “adequate, accurate and current beneficial ownership” as one of the “fundamental gaps” in U.S. AML efforts. The FATF evaluation team noted a vulnerability of legal entities to be used as part of complex structures behind which the beneficial owners can hide. Overall, measures to prevent the misuse of legal persons and legal arrangements were found by the FATF evaluation team to be inadequate.

Legal entities are generally formed at the state level, but the FATF evaluation team found that states do not verify the information collected during the formation process which means that inaccuracies could occur and remain undetected. Some states have taken preliminary steps to raise awareness about the misuse of legal persons, including publishing a 2013 “best practices paper” on the issue which the FATF evaluation team did not go far enough to comply with FATF standards.

Regulations were finalized later in 20167 requiring beneficial ownership of legal entities, but there is a two-year implementation period.

The FATF team’s primary recommendations in this area are:

• Federal regulators should obtain “adequate, accurate and current” beneficial ownership information on all legal entities at the time of their formation;

• Ensure that law enforcement has routine access to this information in a timely manner;

• Consider prohibiting financial institutions from providing financial services to any U.S. legal person when a U.S. person in the beneficial chain of ownership does not have an employer identification number issued by the Internal Revenue Service;

• Require a federal regulator to collect and maintain information on the number and types of legal entities formed in each state;

• Require trustees to maintain adequate, accurate and current information on identity of all parties to trusts, including any other natural person exercising ultimate effective control over trusts.

Suspicious Activity Reports

Current regulations requiring filing mandatory suspicious activity reports (SARs) with FinCEN place dollar thresholds on reporting of suspicious transactions (e.g., $5,000 for banks) and provide a 30-60 day time period within which to file a SAR.8 In addition, SAR regulations require that when suspected violations require “immediate attention,” [the example in the regulation is an ongoing money laundering scheme], the bank must notify the “appropriate” law enforcement authority in addition to filing the SAR.

The FATF evaluation team saw the SAR reporting thresholds as presenting an opportunity of structuring transactions to avoid them, and thus lessening the deterrent value of such preventive measures. In addition, the FATF evaluation team observed that the reason for setting the specific thresholds was mainly due to concern about compliance burdens on businesses and not due to a risk analysis. The FATF Recommendations require reporting of suspicious transactions without any threshold requirements.

Recommendations in this area include:

• Issuing guidance on when suspicious transactions must be reported “immediately” as opposed to the current 30- to 60-day requirements;

• The United States should reconsider whether the current SAR reporting thresholds should be revised;

• Businesses not covered in the BSA regulations may voluntarily report suspicious transactions, but more education about the understanding of AML risks needs to be improved

Conclusion

As a founding FATF member, the United States may be seen as under an obligation to be leading the way in AML/CFT compliance. The Treasury Department noted on its website that there still is work to do in the AML/CFT area, particularly in the beneficial ownership of legal entities.9 The FATF and fellow FATF members will be watching to see the next steps to be taken by the United States.

Endnotes:

1. The FATF website is http://www.fatf-gafi.org/.

2. See Kathleen A. Scott, “International Banking; U.S. Report Card on AML Standards,” New York Law Journal, Sept. 20, 2006.

3. 31 U.S.C. Chapter 53, starting at §5311.

4. See 31 U.S.C. §5331 and 26 USC §6050I(g).

5. 80 Fed. Reg. 52680 , Sept. 1, 2015.

6. 81 Fed. Reg. 58425 , Aug. 25, 2016.

7. See 31 CFR §1010.230.

8. See for example, 31 CFR §1020.320.

9. Jennifer Fowler, Treasury Notes, “Financial Action Task Force Report Recognizes U.S. AML CFT Leadership, Action Needed on Beneficial Ownership,” Dec. 1, 2016.