Debevoise Discusses FinCEN’s Guidance on the Customer Due Diligence Rule

On April 3, 2018, the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) issued long-awaited frequently asked questions (“FAQs”) regarding its new customer due diligence requirements (“CDD Rule”) that become effective on May 11, 2018.1 As a reminder, on May 11, 2018, the CDD Rule will require covered financial institutions (1) to establish procedures to identify and verify the identity of the beneficial owners of legal entity customers that open new accounts unless an exception applies and (2) ensure their anti-money laundering (“AML”) compliance programs include appropriate risk-based procedures for ongoing CDD efforts, including developing customer risk profiles and periodically updating the beneficial ownership information of existing customers.

Covered financial institutions and industry associations have sought clarification and guidance from FinCEN on a range of topics, several of which have been addressed in the FAQs. We highlight a few of the most pertinent points made:

Administrative and Internal Accounts 

  • An account is not subject to the beneficial ownership requirements of the CDD Rule if a covered financial institution creates the account (1) for an existing customer, (2) for the covered financial institution’s “own administrative or operational purposes” and (3) “not at the customer’s request,” provided that (4) the financial institution already has collected beneficial ownership information on the customer. See FAQ 11.

Claims for Exclusions from the Definition of Legal Entity Customer

  • A covered financial institution may rely on information provided by a legal entity if that entity qualifies for an exclusion from the CDD Rule’s beneficial ownership requirements, provided that the covered institution has no knowledge of facts that would reasonably call into question the reliability of such information. Covered financial institution policies and procedures should address the type of information that will be obtained and relied on to determine eligibility for exclusions. See FAQs 21 and 26.

Pooled Investment Vehicles

  • When a covered financial institution opens a new account for a pooled investment vehicle (“PIV”) that is operated or advised by an entity that is not excluded from the definition of legal entity customer, the covered financial institution is “not required to look through [the PIV] to identify and verify the identity” of any individual owners of the vehicle. Instead, the covered financial institution must collect information regarding an individual with significant responsibility to control, manage or direct the PIV under the CDD Rule’s control See FAQ 18. This FAQ implies, but does not expressly state, that a PIV operated or advised by an entity that is excluded from the legal entity customer definition (such as an SEC-registered investment adviser) would benefit from an exclusion from both the ownership and control prongs of the CDD Rule.

Foreign Publicly Traded Companies

  • Companies traded publicly in the United States are excluded from the definition of legal entity customer; however, companies listed on foreign exchanges are not excluded. Accordingly, covered financial institutions must collect beneficial ownership information from such foreign firms. See FAQs 24 and 25.

Sovereign Wealth Funds

  • State-owned entities engaged in profit-seeking activities, including sovereign wealth funds, do not qualify for the legal entity customer exclusion that applies to non-U.S. governmental departments and agencies. See FAQ 28.

Existing Customers as Beneficial Owners of Legal Entities Seeking to Open New Accounts

  • If a covered financial institution already possesses identifying information regarding a beneficial owner of a legal entity customer pursuant to the financial institution’s customer identification program (“CIP”), then the financial institution may rely on that CIP information to fulfill its obligations under the CDD Rule, provided that (1) the identifying information regarding the beneficial owner remains up to date and accurate, and (2) the legal entity customer’s representative so certifies, verbally or in writing, at the time the new account is opened. See FAQ 7.

Renewals of Existing Accounts

  • A legal entity customer generally must certify that its beneficial ownership information remains accurate when renewing an existing financial product from a covered financial institution. An exception to this requirement applies in the case of a loan renewal or certificate of deposit rollover, so long as the legal entity customer agrees at the time of initial certification of its beneficial owners to notify the financial institution of any change in such information. See FAQ 12.

Refreshing Existing Beneficial Ownership Information

  • A covered financial institution does not have an obligation to update beneficial ownership information as a matter of course during regular or periodic reviews, absent specific risk-based The obligation to update beneficial ownership information is triggered when a financial institution “becomes aware of information about a customer or an account, including a possible change of beneficial ownership information, relevant to assessing or reassessing the customer’s overall risk profile.” FAQ 14.
  • Updates to information regarding an existing beneficial owner, such as updating an existing beneficial owner’s address, may be communicated verbally and not require recertification. If, however, there is a change in beneficial ownership, then the new beneficial owner’s identity must be “collected, certified, and verified.” FAQs 13 and 16.

Record Retention

  • Multiple and potentially duplicative beneficial ownership records may be required because the CDD Rule applies to each new account opened by a legal entity customer and, thus, relevant records are required for each such account. See FAQ 9.

Aggregation for Currency Transaction Reporting

  • A covered financial institution, unless there is an “affirmative reason” to believe differently, “should presume that different businesses that share a common owner are operating separately and independently from each other and from the common owner” and need not aggregate such persons’ transactions for purposes of currency transaction reporting. FAQ 32.

Requirements to Understand the Nature and Purpose of a Customer Relationship

  • Understanding the nature and purpose of relationships with “certain lower-risk customers” may be accomplished through consideration of “inherent or self-evident information,” including the type of customer or type of account, service or product (e.g., a safety deposit box), and may not require a covered financial institution to acquire any additional information regarding the customer or the relationship. See FAQs 35-37.

This post comes to us from Debevoise & Plimpton LLP. It is based on the firm’s client update, “FinCEN Issues Long-Awaited Guidance on the Customer Due Diligence Rule,” dated April 5, 2018, and available here.