CUNA comment letter filed w/FinCEN re Customer Due Diligence proposal
WASHINGTON, DC (January 22, 2016) —
Financial Crimes Enforcement Network
Department of the Treasury
P.O. Box 39
Vienna, Virginia 22183
Re: Notice of Availability of Regulatory Impact Assessment and Initial Regulatory Flexibility Analysis Regarding the Customer Due Diligence Requirements for Financial Institutions; FinCEN–2014–0001
To Whom It May Concern:
The Credit Union National Association (CUNA) appreciates the opportunity to provide input on the Financial Crimes Enforcement Network’s (FinCEN) notice of availability of certain documents related to its Customer Due Diligence Requirements for Financial Institutions proposed rulemaking (CDD Proposal). CUNA represents America’s credit unions and their more than 100 million members.
In August 2014, FinCEN issued a proposed rule to amend existing Bank Secrecy Act (BSA) regulations regarding customer due diligence requirements for credit unions, banks, and related entities. The CDD Proposal would also impose a new requirement under the BSA to identify the beneficial owners of legal entity customers, subject to certain exemptions. In this letter, we reiterate concerns with the CDD Proposal that we shared with FinCEN in October 2014.
In December 2015, FinCEN made available a Regulatory Impact Assessment (RIA) and an Initial Regulatory Flexibility Analysis (IRFA) related to the CDD Proposal. This letter also addresses issues with the RIA and IRFA.
Issues with the RIA and IRFA
Regulatory Impact Assessment
FinCEN determined that the implementation and compliance-related costs of the CDD Proposal may exceed $100 million annually, making this rulemaking an “economically significant regulatory action,” which requires agencies to conduct an RIA. FinCEN believes the RIA provides an economic rationale for the rulemaking.
CUNA questions aspects of the RIA, including its conclusion. Our primary concern with the RIA is that FinCEN has taken the position that for the betterment of society as a whole, financial institutions must absorb the additional regulatory costs associated with the CDD Proposal. As described in the RIA, “Although limitations prevent us from fully quantifying all costs and benefits attributable to the CDD rule, the U.S. Department of the Treasury is confident that the proposed rule would yield a positive net benefit to society.” FinCEN has concluded that the benefit to all of society outweighs the cost to financial institutions. However, this is a flawed approach to a cost-benefit comparison; it is essentially a tax on financial institutions.
To further illustrate our concerns, see the following excerpt from the RIA:
The proposed regulation would help the market for banking services correct for both a positive spillover and a negative spillover. The positive spillover arises because a reduction in illicit activity benefits society broadly, not just the financial institutions involved. Yet, because the financial institutions bear the cost of collecting the beneficial ownership information, they only take into account their own benefit to doing so when selecting their level of investment in crime-reducing security measures. The implication is that financial institutions underinvest in such measures from the standpoint of society. If all members of society are potential victims of future criminal activity, then the prevention of financial crimes including money laundering and terrorist financing have the characteristics of public goods, meaning that all citizens benefit from actions to mitigate these activities regardless of who pays for the prevention.
Absent this proposed rule, financial institutions will continue to invest at lower than efficient levels, in accordance with their private interests, neglecting the incremental positive impact of each additional dollar spent on security measures on broader social welfare. This is especially true if financial institutions that are considering collecting beneficial ownership information perceive that they would lose business to competitors that do not require that information. By compelling universal compliance across all covered institutions, implementation of the final rule would increase beneficial ownership disclosure at financial institutions, making illicit activities more costly to commit.
Regulatory Impact Assessment for FinCEN NPR: Customer Due Diligence Requirements for Financial Institutions, FinCEN-2014-0001 at 8.
As described above, rather than weigh the cost to a financial institution of complying with the rule against the benefit of reduced criminal activity to that financial institution and its customers, FinCEN is applying the benefit not to a single institution and its customers but instead to the entire society, noting that “all citizens benefit from actions to mitigate these activities regardless of who pays.” This is a flawed approach to examining the costs and benefits of a rulemaking. Such an approach characterizes the compliance costs of the rule as a tax on covered entities that are required to comply. Thus, we question the validity of the RIA’s conclusion that the rulemaking is economically justified.
Initial Regulatory Flexibility Analysis
The IRFA evaluates the economic impact of the CDD Proposal on small entities (those with assets of $550 million or less). As a result of this analysis, FinCEN believes that while the proposed rule would apply to a substantial number of small entities, it would not have a significant economic impact on these entities.
CUNA does not agree with FinCEN’s reasoning for not exempting certain entities from aspects of the CDD Proposal. Specifically, in the IRFA FinCEN states that exempting small entities from the beneficial ownership requirement would put those entities at greater risk of abuse by money launderers and other financial criminals, as criminals would seek out institutions without this requirement. As discussed below, we believe appropriate exemptions would not result in illegal consumer activities, particularly at a credit union where membership is limited.
Concerns with the CDD Proposal
Under the CDD Proposal, the key elements for CDD would include: 1) identifying and verifying the identity of customers; 2) identifying and verifying the identity of “beneficial owners” of “legal entity” customers (i.e., natural persons who own or control “legal entities”); 3) understanding the nature and purpose of customer relationships; and 4) conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions.
While CUNA supports the objective to improve the tracking of money laundering and terrorist financing, we continue to have significant concerns with the regulatory compliance costs on credit unions and smaller financial institutions. Such costs are likely to outweigh the purported benefits to FinCEN. We are especially concerned about the proposed expansion of the “beneficial ownership” requirements that would result in procedures taking up to 30 minutes or more for each “legal entity” account opening.
Instead of new regulatory requirements, we encourage FinCEN to continue to work with the federal financial regulators to issue specific guidance to address particular problem areas and to clarify the current BSA/AML rules. If the agency proceeds with a final rule, we urge FinCEN to minimize regulatory burdens for credit unions and smaller financial institutions, and adopt the changes that we recommend in this letter.
Minimizing Regulatory Burdens for Credit Unions
As FinCEN and federal financial regulators have noted, identifying the “beneficial ownership” of entities can be challenging and costly for financial institutions, as discussed in the March 2010 joint interagency guidance to clarify and consolidate regulatory expectations on obtaining “beneficial ownership” for financial institutions. We acknowledge that the agency has reduced the scope of requirements that could have been even more burdensome under the 2012 advance notice of proposed rulemaking.
However, even with the scaled-down approach, the impact of the proposal will be negative for smaller institutions and affect them disproportionately. Approximately 3,000 credit unions have five or fewer full-time employees that must comply with numerous existing and upcoming regulatory requirements, including the BSA/AML rules, as well as regulatory changes related to the Dodd-Frank Act. Because credit unions are not-for-profit cooperatives that are owned by their members, any additional compliance burdens and costs also reduce the availability of resources to their member-consumers and the underserved.
For example, credit unions will likely need an additional 30 minutes or more to open each new account for covered entities, while their current consumer and business members will also encounter delays with their services.
The additional time needed for account openings would include time to receive and verify the information provided on the new certification form. The proposed certification form under Appendix A would be required to be completed by the person opening a new account on behalf of a “legal entity customer” to help identify the “beneficial owners.” Other aspects of the proposed rule would also require a financial institution to establish and maintain written CDD procedures that are reasonably designed to identify and verify “beneficial owners” of “legal entity customers” (e.g., corporation, limited liability company, partnership, or similar business entity).
Financial institutions may have difficulty verifying the “beneficial ownership” information on the new certification form, based on existing risk-based Customer Identification Program (CIP) practices. These practices may be more appropriate and effective for other types of accounts in which the person opening the account for himself or herself will likely have additional identification documents on hand, or where the accountholder is the person opening the account.
Because of these challenges, we urge FinCEN to remove the verification requirement. If FinCEN must require verification, then it should not require a financial institution to verify the status of an identified “beneficial owner.”
Exemptions
CUNA supports appropriate exemptions from any new requirements for financial institutions, including exemptions for entities that are currently exempt from CIP requirements, existing customers prior to the effective date of the rule, trusts, entities where their “beneficial ownership” information is generally available from other sources, and other lower-risk accounts. These exemptions would help minimize additional compliance burdens and costs on credit unions and smaller financial institutions.
Regarding intermediary or pooled accounts, we also believe the rule should minimize compliance burdens, and financial institutions should have no CIP obligations on an intermediary or pooled account’s underlying clients.
Proposed Definition of “Beneficial Owners”
FinCEN has proposed to define “beneficial owners” of “legal entities,” which includes any person that satisfies either the 1) ownership or 2) control prongs:
“1. Each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25% or more of the equity interests of a legal entity customer; and
2. A single individual with significant responsibility to control, manage, or direct a legal entity customer, including (i) An executive officer or senior manager (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer); or another individual who regularly performs similar functions.”
79 Fed. Reg. 45,157 (August 4, 2014).
The number of individuals that may meet the definition of a “beneficial owner” could vary. Under the ownership test, up to four individuals may need to be identified, while under the control test, only one individual must be identified.
CUNA believes the proposed definition of “beneficial owners” of “legal entities” is too broad and would present challenges for financial institutions, especially smaller credit unions, as they attempt to determine relationships and to obtain the relevant documents to identify and verify this information. The agency should minimize the number of individuals that must be identified and consider narrowing the definitions for both the ownership and control prongs. In addition, because of challenges with identifying the proper individual under a very broad definition for the control prong, the agency should consider removing the second prong.
Other Issues and Concerns
Credit unions also have concerns about increased costs for monitoring potential changes to previously identified “beneficial owners.” Financial institutions should not be required to update or refresh periodically the “beneficial ownership” information.
In addition, credit unions have questions about the effect on Office of Foreign Assets Control (OFAC) screening. We ask FinCEN to clarify how the names of the “beneficial owners” should be handled for OFAC screening and to provide additional information to help with compliance.
Under the CDD Proposal, the certification form would include information associated with the name, address, date of birth, and social security number (or passport number or similar information for foreign persons) for “beneficial owners.” We are concerned that this information would potentially be accessible by a number of persons in addition to the “beneficial owner” and would be at a greater risk of unauthorized access, especially if persons are opening accounts on behalf of “beneficial owners.” FinCEN should fully consider how the new information collection could impact customer confidentiality, privacy, fiduciary, information security, and other legal protections and responsibilities.
Delayed Effective Date
Even with the changes we recommend, we urge FinCEN to provide a delayed effective date that is more than 18 months from the issuance of the final rule. Institutions will need this time to incorporate the new “beneficial ownership” requirements into their BSA/AML programs and to modify their account opening processes. Credit unions and other financial institutions may have to increase staffing and training resources, and make other compliance, software, and system changes to implement the rule.
A delayed effective date is especially beneficial for credit unions and smaller financial institutions that are complying with numerous existing and upcoming regulatory requirements. In addition, some credit unions will need additional time to consider whether they will continue to offer certain types of “legal entity” accounts in light of new requirements under the final rule.
Conclusion
On behalf of America’s credit unions and their more than 100 million members, we thank you for the opportunity to express these views to FinCEN regarding its CDD Proposal. If you have any questions about our comments, please do not hesitate to contact me at (202) 508-6743.
Sincerely,
Luke Martone
Senior Director of Advocacy & Counsel
About CUNA
Credit Union National Association (CUNA) is the only national association that advocates on behalf of all of America’s credit unions, which are owned by 135 million consumer members. CUNA, along with its network of affiliated state credit union leagues, delivers unwavering advocacy, continuous professional growth and operational confidence to protect the best interests of all credit unions. For more information about CUNA, visit cuna.org. To find your nearest credit union, visit YourMoneyFurther.com.
