Today, the “Anti-Money Laundering Act of 2020” (“AML Act”) becomes law, providing the greatest expansion of the legal framework in this area since the USA PATRIOT Act twenty years ago. Fundamentally, however, the AML Act must be understood as an endorsement of activity long-since initiated by FinCEN, and a further confirmation of the intent that FinCEN has the central, lead-role in the country’s AML efforts. A number of the provisions seek to draw support for FinCEN’s lead from the broad range of other government agencies with which FinCEN cooperates and on which FinCEN depends to carry out its mission and related policy goals. The most notable expansion is in the sub-part “Corporate Transparency Act,” under which FinCEN will collect beneficial ownership information on companies. A boost in funding is welcome, but it will take time to implement multiple aspects through rulemaking and review of specific topics. Expectations are being set even higher for a modestly-sized team at a small Bureau with such a broad and important range of responsibilities and counterparts.
Context
The changes were included within the NDAA, the National Defense Authorization Act for Fiscal Year 2021 (Public Law 116-283), for which on New Year’s Day the Senate, following action by the House of Representatives a few days earlier, overrode a veto by President Trump for the first time in his four-year Presidency. The veto was reportedly due to unrelated provisions in this omnibus law of about 1500 pages, authorizing $740 billion in funding. The inclusion in the NDAA of provisions relevant to FinCEN and its national security mission follows past precedent in earlier National Defense Authorization Acts funding broader national security measures.
Beneficial Ownership – Decades of Effort, and still a Work in Progress
The Corporate Transparency Act will require in particular smaller private companies to report to FinCEN those who own or control such companies. The reason behind this is to combat the well-known risk of bad actors attempting to veil themselves behind a corporate vehicle. The current FinCEN customer due diligence (CDD) rule requiring banks to collect such information on their accountholders was always understood to be a less efficient, and second-best approach to such information being collected by the State-level authorities at the time a company is registered and created.
You can read about the two decade history of this policy initiative in my announcement on the topic a decade ago, in particular the 2012 Advance Notice of Proposed Rulemaking that formally kicked off the CDD rule.1 As stated then, the CDD rulemaking was part of a three pronged approach, with the other components being (1) today’s action of beneficial ownership information being reported at the time of company formation, and (2) promoting global implementation of similar standards.
On the domestic side, until now, there was not enough political will to support the changes across all the States. Furthermore, the new Act attempts to avoid an “unfunded mandate” of the Congress at the Federal level requiring costs to be borne at the State level by reimbursing the States. But the reimbursement will be for a limited role in making State-registered corporations aware of a requirement to report directly to FinCEN the beneficial ownership, which FinCEN would maintain in a central database. Again, this is somewhat of a second-best approach to the States collecting such information for their own companies and making the data available to FinCEN. Access to the database of beneficial ownership will be required to be strictly controlled – in fact, much more restricted than the access to FinCEN’s existing databases of reporting financial transactions, activity and accounts. FinCEN has always sought to protect data, having early on established protocols and audits of the many agencies with it shares data. Also, security standards were an integral part of the IT Modernization a decade ago when FinCEN took control of the databases which previously had been maintained by the IRS. Yet FinCEN’s role has always been to leverage its small internal team by sharing data, information and insights with other public authorities. So, again, it is interesting as a policy choice to more narrowly limit access to information on beneficial ownership of companies.
On the international front, back when I was working at the BIS in 2001, the Basel Committee on Banking Supervision put out a report supporting the FATF and CDD efforts to obtain company beneficial ownership information. In the Great Financial Crisis a decade ago, we at the Treasury Department gained international support for these efforts as part of the G20 Agenda. In Europe, the expanded beneficial ownership company registers already were to be in place by January 2020, and the individual EU Member State databases are currently in the process of being linked through a central platform.
Regarding scope, beyond corporations and limited liability companies, the EU has already taken efforts with respect to trusts and related vehicles. In contrast, the new US legislation only calls for further study of collecting beneficial ownership in such instances. The Corporate Transparency Act largely codifies the exemptions established by the FinCEN CDD rule—for regulated financial services providers, government entities, and publicly traded corporations. It contains, however, one notable broad new exemption for an entity with (i) more than twenty employees; (ii) filed tax returns on greater than 5 million dollars in revenue; and (iii) an operating office in the United States. There may have been some thinking that such entities posed lower financial crime risks, but the exemption of their reporting to FinCEN will nonetheless leave banks to request beneficial ownership from such companies, rather than the ability to verify the information with the FinCEN database. The AML Act opens multiple possibilities for clarifying or even reconsidering the exemptions, which in any case must be implemented through a public notice-and-comment rule-making process.
Other notable changes:
- The “Purpose” of what is known as the Bank Secrecy Act in 31 USC § 5311 is expanded, including to “prevent the laundering of money and the financing of terrorism through the establishment by financial institutions of reasonably designed risk-based programs to combat money laundering and the financing of terrorism. . . .” Emphasis is added to the word “prevent” because it is new in suggesting an outcome beyond the good faith efforts of regulated institutions. The notion of “risk-based” may be new to the statute, but already has been long articulated by FinCEN, including in the recent suggestions to revise the AML Program rule.
- Amendments to 31 USC 5318(k) further expand certain provisions introduced by Section 319 the USA PATRIOT Act. These allow law enforcement to subpoena records of a foreign bank having a correspondent bank account in the United States, with non-compliance risking losing access to the US banking system. The amendments expand the penalties for failure to comply, broaden the scope of foreign information that can be sought, and also note that conflicting foreign confidentiality laws shall not be a sole basis for quashing the subpoena.
Provisions which would support FinCEN include:
- Section 6201 requiring law enforcement to report to FinCEN on the use of BSA data
- Section 6305 requires FinCEN to assess whether to implement a no-action letter process. Note that FinCEN already issues “administrative rulings” of which published examples—or the principles therefrom which are often incorporated into FinCEN guidance—are considered to have precedential value. (See my 2009 clarification of this process, when FinCEN moved to broader website dissemination of administrative rulings.2 Certain other agencies issue “no-action” letters under which agency staff state that they would not recommend enforcement action for specific actions, while nonetheless positing that such letters are not meant to have precedential value beyond the specific facts for the applicant.) The notable difference in what is suggested under the AML Act is a process (or processes) under which an interpretation could be made for multiple governmental actors beyond just FinCEN. The issue here is to avoid different interpretations by agencies having overlapping authorities or enforcement means, independent from FinCEN.
- Under Section 6306, when law enforcement serves a request that a financial institution “keep open” an account (generally so at not to disrupt an ongoing criminal investigation), FinCEN should be notified, and also providing a safe harbor for the affected financial institution.
Other endorsements of FinCEN activities of many years:
- Liaisons to Foreign FIUs located within embassies (a decade ago we posted two – one in Mexico, and one in Afghanistan)
- Domestic liaisons focused on the regulatory side (a decade ago, we had one in New York, with the pre-existing law enforcement liaisons also conducting some financial institution and regulator outreach)
- A pilot approach under Section 6212 to allowing financial institutions to share SAR information with foreign affiliates and subsidiaries (see my 2011 speech detailing a range of efforts seeking industry and overseas support for such initiatives 3)
Funding
The Act authorizes additional funding for FinCEN: a total budget of $136 million for fiscal year 2021. This is $9 million more than the approximately $127 million that was appropriated in this year’s funding bill for the current fiscal year which began October 1, 2020. (Authorization details how much you can spend on what programs, but the money must also be appropriated.) Somewhat oddly placed at the end of the FinCEN provisions presumably as a source of funding is a $40 million reduction in the Federal Reserve Banks’ surplus funds. But note that the Federal Reserve System already transfers its excess to the Treasury each year, recently estimating the 2020 transfer at $88.5 billion.4 For a point of comparison on the relative size of FinCEN and its expenditures, in the same announcement, the Federal Reserve noted that it expended $517 million in the past year to fund the operations of the Consumer Financial Protection Bureau. This funding arrangement was a compromise solution when the CFPB was founded; the banking regulators from which a few CFPB functions were transferred either have income sources or recover costs through assessments on regulated institutions.
What Does the AML Act NOT Do?
Two specific ways in which FinCEN could be enhanced, which have been under longstanding discussion, are:
- Implementation of a mandate given by Congress in 2004, for FinCEN to collect from financial institutions reports on Cross-Border Electronic Transmittals of Funds.5 Multiple other countries have implemented similar reporting regimes, and analysis of analogous data under appropriate controls has proven particularly valuable in counter-terrorist financing efforts. Like the beneficial ownership information, this is a “big data” approach – information would be collected because of risks of abuse and potential usefulness in investigations, but without suggesting that any individual transaction is of concern or “suspicious.”
- Pay parity with the financial regulators. More clearly than ever before, the AML Act calls upon FinCEN and its small staff to be expert—for other government agencies, in contacts with foreign counterparts, engaged with industry, and as financial and technological specialists. Yet, FinCEN staff are paid about a third less than their counterparts performing analogous roles at the Federal functional regulators, in particular related to examining banks on BSA/AML issues.
FinCEN has always achieved a great deal for a small agency (comparatively far smaller than foreign peers), but expectations need to be managed and prioritized, even more so now with a further expanded mandate. Please join me in wishing FinCEN success in its important mission!
Sources:
1https://www.fincen.gov/sites/default/files/news_release/20120229.pdf
2https://www.govinfo.gov/content/pkg/FR-2009-11-17/pdf/E9-27449.pdf
4https://www.federalreserve.gov/newsevents/pressreleases/other20210111a.htm
5See the 2010 proposed rule here: https://www.fincen.gov/news/news-releases/fincen-proposes-regulatory-requirement-financial-institutions-report-cross