On August 25, 2016, the Financial Crimes Enforcement Network (FinCEN), the US anti-money laundering (AML) agency, issued a proposed rule that would extend US AML requirements for AML compliance programs to US banking entities that do not currently have a US federal bank regulator (which are the Federal Reserve Board, Federal Deposit Insurance Corporation and Office of the Comptroller of the Currency). Comments are due on or before October 24, 2016.

The underlying statutory authority giving FinCEN the authority to promulgate AML regulations for financial institutions is commonly referred to as the Bank Secrecy Act, which has been around since 1970. Many businesses fall within the definition of “financial institution,” but requirements are imposed only by regulations issued by the Secretary of the Treasury, authority which has been delegated to FinCEN.

After the terrorist attacks of September 11, 2001, the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (‘‘USA PATRIOT Act’’) was enacted, which included several provisions strengthening the Bank Secrecy Act.

Two of those provisions require financial institutions to promulgate AML compliance programs and implement customer identification requirements. Final regulations were issued in 2002 and 2003, respectively, to require banks with Federal bank regulators (among other specifically identified financial institutions) to maintain AML compliance programs and customer identification programs (CIPs). In addition, a recent final rule requiring financial institutions subject to the CIP requirement, including federally regulated banks, to enhance the CIP program to identify the beneficial owners of certain legal entities.

While non-federally regulated banks have other obligations under the Bank Secrecy Act, such as reporting large cash transactions and suspicious transactions, they are not covered under the AML compliance program and CIP requirements that are otherwise applicable to banks with a federal bank regulator. With this proposal, FinCEN seeks to close that regulatory gap.

In the proposed rule, FinCEN identifies five categories of non-federally regulated banks for inclusion in the scope of the proposed rule, but requests comment on whether there should be more categories included in the rule (or some currently included categories excluded from any final rule):

  • State-chartered non-depository trust companies: These entities usually are smaller than their federally regulated counterparts, but they often serve the same purpose of trust administration and other needs of high net worth wealth management clients. FinCEN estimates that there currently are approximately 347 state-chartered non-depository trust companies.
  • Non-federally insured credit unions: FinCEN notes that except for the lack of federal deposit insurance, these entities generally are similar to federally insured credit unions. FinCEN estimates that there are approximately 265 state-chartered credit unions without federal deposit insurance.
  • Private banks: This rare category of bank in the United States usually is chartered under a state law to provide banking services to wealthy clients. FinCEN estimates that there is only one private bank currently in existence.
  • Non-Federally Insured State Banks and Savings Associations: FinCEN estimates that there are no more than 12 state-chartered banks and savings and loan or building and loan associations without federal deposit insurance; instead, these entities are privately insured.
  • International Banking Entities (or ‘‘entidades bancarias internacionales’’ (‘‘EBIs’’)): These entities are not covered by federal deposit insurance, but are banking entities that are formed to provide banking and other services to nonresident aliens under the laws of Puerto Rico or the U.S. Virgin Islands, which fall within the definition of “United States” for purposes of the Bank Secrecy Act when designated by regulation. FinCEN estimates that as of 2014, 33 EBIs were licensed by Puerto Rico.

In order to accomplish the purpose of bringing these entities within the AML compliance program, and CIP requirements, the proposed rule generally deletes exemptions for these entities in the current requirements and adds new AML compliance program requirements for the five specified categories of non-federally regulated banks with the same substantive requirements as the federally regulated banks.