CCH Federal Banking Law Reporter
The Treasury Dept. on April 23, 2002, announced the completion of anti-money laundering regulations required under Section 352 of the USA PATRIOT Act, Title III (see below). The new regulations will require key financial sector industries to implement programs designed to prevent the services that they offer from being used to facilitate money laundering or the financing of terrorism. Senior Treasury officials said they are hopeful that the agency will have additional regulations for insurance companies and hedge funds in place in the next few weeks.
The new regulations do not exceed the current anti-money laundering standards set for banks by the Bank Secrecy Act (BSA), although the Treasury Dept. has reserved the right to increase the requirements if necessary. The industries that will have a new obligation to implement anti-money laundering programs as a result of the regulations include: mutual funds; operators of credit card systems; money services businesses; securities brokers and dealers registered with the Securities and Exchange Commission; and futures commission merchants and introducing brokers registered with the Commodity Futures Trading Commission.
According to the Treasury Dept., these industries—with the exception of broker-dealers and futures commission merchants—expected to be covered by these regulations. The listed industries have 90 days from the effective date of the regulations, April 24, 2002, to develop anti-money laundering programs.
The Treasury Dept. is exercising its authority to defer, for a period of not more than six months, the application of Section 352 to the remaining categories of financial institutions under the BSA to allow the agency time to study these new industry sectors and develop regulations applicable to them. The business sectors subject to further study include: loan or finance companies; private bankers; insurance companies; investment companies other than mutual funds; pawnbrokers; dealers in precious metals, stones or jewels; businesses engaged in vehicle sales, including automobiles; travel agencies; and commodity pool operators and commodity trading advisors.
Although the Treasury Dept. is deferring application of Section 352 to certain industries for a brief period, the agency warned that all such businesses have an existing obligation to file reports of transactions involving cash or currency (IRS Form 8300). Like all financial institutions, these businesses are encouraged to voluntarily report possible money laundering and terrorist activity to the Financial Crimes Enforcement Network by calling its hotline (1-866-556-3974).
The Treasury Dept. also announced that it will provide Congress the week of April 24 with three reports. One report analyzes options for improving compliance with the obligation of U.S. citizens to report their interests in foreign bank accounts. A second report addresses the difficulties domestic financial institutions encounter when attempting to identify and verify the identity of foreign nationals seeking to open accounts. The final report discusses the role of the Internal Revenue Service in the administration of the BSA.
[Federal Register: April 29, 2002 (Volume 67, Number 82)]
[Rules and Regulations]
[Page 21109-21113]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr29ap02-18]
[[Page 21109]]
-----------------------------------------------------------------------
Part IV
Department of the Treasury
-----------------------------------------------------------------------
31 CFR Part 103
Financial Crimes Enforcement Network; Anti-Money Laundering Programs;
Final Rules
[[Page 21110]]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AA28
Financial Crimes Enforcement Network; Anti-Money Laundering
Programs for Financial Institutions
AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION: Interim final rule.
-----------------------------------------------------------------------
SUMMARY: FinCEN is issuing a series of interim final rules to provide
guidance to financial institutions concerning the provision in the Bank
Secrecy Act (BSA), added by section 352 of the Uniting and
Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001, that
requires financial institutions to establish anti-money laundering
programs. This interim final rule provides that banks, savings
associations, credit unions, registered brokers and dealers in
securities, futures commission merchants, and casinos, will be deemed
to be in compliance with section 352 if they establish and maintain
anti-money laundering programs as required by existing FinCEN
regulations, or their respective Federal regulator or self-regulatory
organization. The establishment of anti-money laundering programs by
money services businesses, operators of credit card systems, and mutual
funds are the subject of separate rules published in this separate part
of this issue of the Federal Register. This rule temporarily exempts,
pending further analysis and review by Treasury and FinCEN, all other
financial institutions (as defined in the BSA) from the requirement in
section 352 that they establish anti-money laundering programs.
DATES: This interim final rule is effective April 24, 2002. Written
comments may be submitted to FinCEN on or before May 29, 2002.
ADDRESSES: Submit comments (preferably an original and four copies) to
FinCEN, P.O. Box 39, Vienna, VA 22183, Attn: Section 352 AMLP
Regulations. Comments may also be submitted by electronic mail to
regcomments@fincen.treas.gov with the caption in the body of the text,
``Attention: Section 352 AMLP Regulations.'' Comments may be inspected
at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in
Washington, DC. Persons wishing to inspect the comments submitted must
request an appointment by telephoning (202) 354-6400 (not a toll-free
number).
FOR FURTHER INFORMATION CONTACT: Office of the Chief Counsel (FinCEN),
(703) 905-3590; Office of the Assistant General Counsel for Enforcement
(Treasury), (202) 622-1927; or the Office of the Assistant General
Counsel for Banking & Finance (Treasury), (202) 622-0480 (not toll-free
numbers).
SUPPLEMENTARY INFORMATION:
I. Background
On October 26, 2001, the President signed into law the USA PATRIOT
Act (Public Law 107-56) (the Act). Title III of the Act makes a number
of amendments to the anti-money laundering provisions of the BSA, which
is codified in subchapter II of chapter 53 of title 31, United States
Code. These amendments are intended to make it easier to prevent,
detect, and prosecute international money laundering and the financing
of terrorism. Section 352(a) of the Act, which becomes effective on
April 24, 2002, amended section 5318(h) of the BSA. As amended, section
5318(h)(1) requires every financial institution to establish an anti-
money laundering program that includes, at a minimum (i) the
development of internal policies, procedures, and controls; (ii) the
designation of a compliance officer; (iii) an ongoing employee training
program; and (iv) an independent audit function to test programs.
The definition of ``financial institution'' in sections 5312(a)(2)
and (c)(1) is extremely broad. It includes institutions that are
already subject to Federal regulation such as banks, savings
associations, credit unions, money services businesses (such as money
transmitters and currency exchanges), and registered securities broker-
dealers and futures commission merchants. The definition also includes
dealers in precious metals, stones, or jewels; pawnbrokers; loan or
finance companies; private bankers; insurance companies; travel
agencies; telegraph companies; sellers of vehicles, including
automobiles, airplanes, and boats; persons engaged in real estate
closings and settlements; investment bankers; investment companies; and
commodity pool operators and commodity trading advisors that are
registered or required to register under the Commodity Exchange Act (7
U.S.C. 1 et seq). Section 5318(h)(1) requires all of these businesses
to establish anti-money laundering programs.
Section 5318(h)(2) authorizes Treasury, after consulting with the
appropriate Federal functional regulator,\1\ to prescribe minimum
standards for anti-money laundering programs. This section also
authorizes Treasury to exempt from the application of those minimum
standards any financial institution that is not subject to the rules
implementing the BSA for so long as it is not subject to such rules.
Section 352(c) of the Act directs the Secretary of the Treasury to
prescribe regulations by April 24, 2002 that ``consider the extent to
which [the requirements of section 5318(h)(1)] are commensurate with
the size, location, and activities'' of financial institutions. BSA
section 5318(a)(6) provides that the Secretary may exempt any financial
institution from any BSA statutory requirement. Taken together, these
provisions authorize the issuance of regulations that may prescribe
different requirements for anti-money laundering programs under, and
that may exempt certain financial institutions from the requirements
of, section 5318(h)(1).
---------------------------------------------------------------------------
\1\ These are defined by reference to section 509 of the Gramm-
Leach-Bliley Act (Public Law 106-102) to include the Board of
Governors of the Federal Reserve System (FRB), the Office of the
Comptroller of the Currency (OCC), the Board of Directors of the
Federal Deposit Insurance Corporation (FDIC), the Office of Thrift
Supervision (OTS), the National Credit Union Administration (NCUA),
and the Securities and Exchange Commission (SEC), and, pursuant to
section 321(c) of the Act, the Commodity Futures Trading Commission
(CFTC).
---------------------------------------------------------------------------
Accordingly, and as described below, this interim final rule
prescribes anti-money laundering program requirements for banks,
savings associations, registered brokers and dealers in securities,
futures commission merchants, and casinos. The establishment of anti-
money laundering programs by money services businesses, operators of
credit card systems, and mutual funds are the subject of interim final
rules published in this separate part of this issue of the Federal
Register. Thus, by virtue of the interim final rules published today,
all financial institutions presently subject to FinCEN's existing BSA
regulations are now subject to anti-money laundering program
requirements, as are three new types of financial institutions not
previously regulated under the BSA: futures commission merchants,
mutual funds, and operators of credit card systems.
In order to ensure the issuance of well-considered regulations
tailored to the unique money laundering risks associated with the
remaining financial institutions, this rule temporarily exempts, until
not later than October 24, 2002, all other financial institutions from
the requirement that they establish anti-money laundering programs.
During the next six months Treasury
[[Page 21111]]
and FinCEN will continue studying the money laundering risks posed by
these institutions in order to develop appropriate anti-money
laundering program requirements. During this period, Treasury and
FinCEN expect to issue a series of regulations, focusing first on those
exempted financial institutions that appear to pose the greatest
potential for money laundering, that will further define the exempted
financial institutions and delineate minimum standards for their anti-
money laundering programs.
II. Analysis of the Interim Final Rule
A. Banks, Savings Associations, and Credit Unions
Following the enactment of the Act, Treasury established a working
group that includes representatives of the Federal functional
regulators and the Department of Justice to assist in implementing
section 352 of the Act and in determining the appropriate minimum
standards for anti-money laundering programs for financial institutions
regulated by a Federal functional regulator. Certain financial
institutions are already required to have anti-money laundering
programs. Since 1987, all federally insured depository institutions and
credit unions have been required by their federal regulators to have
anti-money laundering programs. These programs contain the same
elements that are required by section 5318(h)(1).\2\ Accordingly,
section 103.120(b) provides that a financial institution that is
subject to regulation by a Federal functional regulator will be deemed
to be in compliance with the requirements of section 5318(h)(1) if it
complies with the regulations of its regulator governing the
establishment and maintenance of anti-money laundering programs.
Examination of these financial institutions by their Federal functional
regulators will continue to ensure compliance with those regulations.
---------------------------------------------------------------------------
\2\ 12 CFR 21.21 (OCC); 12 CFR 208.63 (FRB); 12 CFR 326.8
(FDIC); 12 CFR 563.177 (OTS); 12 CFR 748.2 (NCUA).
---------------------------------------------------------------------------
B. Registered Securities Broker-Dealers and Futures Commission
Merchants
Similarly, Treasury and FinCEN also believe it is appropriate to
implement section 5318(h)(1) with respect to registered securities
brokers and dealers and to futures commission merchants through their
respective self-regulatory organizations (SROs). Indeed, the initiative
demonstrated by the SEC, CFTC and their SROs in advancing anti-money
laundering programs has significantly accelerated the implementation of
section 352. Accordingly, section 103.120(c) provides that a registered
securities broker-dealer or a futures commission merchant will be
deemed in compliance with the requirements of section 5318(h)(1) if it
complies with the rules, regulations, or requirements of its SRO
concerning the establishment and maintenance of anti-money laundering
programs.
Following consultation between Treasury and the SEC, the two
principal securities industry SROs \3\ have each adopted a rule
requiring their members to implement anti-money laundering programs.\4\
These rules, which incorporate the requirements of section 5318(h)(1),
apply to essentially all securities broker-dealers that do business
with the public and were approved by the SEC on April 22, 2002 (see
Securities Exchange Act Release No. 45798).
---------------------------------------------------------------------------
\3\ The National Association of Securities Dealers (NASD) and
the New York Stock Exchange (NYSE).
\4\ See 67 FR 8565 and 8567 (Feb. 25, 2002).
---------------------------------------------------------------------------
The SROs will examine their members for compliance with these
requirements and take appropriate enforcement action in cases of
noncompliance. In addition, the SEC has authority to examine registered
broker-dealers for compliance with these, as well as all other SRO
rules. Utilizing the examination, enforcement, and outreach
capabilities of the SROs and the SEC is an effective means to ensure
meaningful compliance with the anti-money laundering program
requirement, and is consistent with the objectives of section 352 of
the Act. However, in the unlikely event that Treasury were to determine
it necessary, Treasury specifically reserves its right to issue
regulations prescribing minimum standards under section 352 for
securities brokers and dealers.
Treasury and FinCEN, in consultation with the CFTC, are
implementing section 5318(h)(1) with respect to the futures industry in
a similar manner. The National Futures Association (NFA), which is the
futures industry SRO whose members include all registered futures
commission merchants, empowered its Executive Committee on February 21,
2002 to develop and adopt a rule requiring all futures commission
merchants and introducing broker members \5\ to establish anti-money
laundering programs that satisfy the requirements of section
5318(h)(1). The CFTC approved this rule on April 23, 2002. The NFA will
examine its members for compliance with this requirement and take
enforcement actions in cases of noncompliance. The CFTC, in turn, will
examine the NFA for its enforcement of the anti-money laundering
program rule and take enforcement action against the NFA in cases of
non-enforcement. As with securities brokers and dealers, Treasury
reserves its right to issue regulations prescribing minimum standards
for futures commission merchants should it be deemed necessary.
---------------------------------------------------------------------------
\5\ ``Introducing brokers'' (defined in section 1a(23) of the
Commodity Exchange Act (7 U.S.C. 1a(23))) play a crucial role in
preventing money laundering in the futures industry. BSA section
5312(a)(2)(H) defines ``financial institution'' to include ``a
broker or dealer in securities or commodities,'' and Treasury
believes that introducing brokers are included within this
definition. Accordingly, NFA has included introducing brokers in its
anti-money laundering program requirement. Sections 5312(a)(2)(Y)
and (Z) authorize Treasury to include additional businesses within
the BSA's definition of financial institution. Treasury is
considering whether it is necessary to clarify formally that section
5312(a)(2)(H) includes ``introducing brokers'' within the definition
of ``financial institution.''
---------------------------------------------------------------------------
C. Casinos
In 1993, FinCEN issued regulations requiring casinos to establish
written anti-money laundering compliance programs.\6\ Each compliance
program must include internal controls to assure ongoing compliance,
internal or external independent testing for compliance, training for
casino personnel, and one or more compliance officers. In addition,
casinos that have automated data processing systems are required to use
automated programs to aid in assuring compliance. Accordingly, section
103.120(d) provides that a casino that is in compliance with these
regulations will be deemed to be in compliance with the requirements of
section 5318(h)(1).
---------------------------------------------------------------------------
\6\ 31 CFR 103.64.
---------------------------------------------------------------------------
D. Money Services Businesses, Mutual Funds, Operators of Credit Card
Systems
Anti-money laundering program requirements for money services
businesses, mutual funds, and operators of credit card systems are
described in separate interim final rules published in this separate
part of this issue of the Federal Register.
E. All Other BSA Financial Institutions
Treasury and FinCEN are exercising the authority under BSA section
5318(a)(6) to temporarily exempt all other financial institutions from
the requirement in section 5318(h)(1) that they establish anti-money
laundering programs. The temporary exemption in section 103.170 applies
to dealers in precious metals, stones, or jewels; pawnbrokers; loan or
finance
[[Page 21112]]
companies; private bankers; insurance companies; travel agencies;
telegraph companies; sellers of vehicles, including automobiles,
airplanes, and boats; persons engaged in real estate closings and
settlements; certain investment companies \7\; commodity pool
operators; and commodity trading advisors. The exemption does not
extend to ``investment bankers'' because all such entities are either
depository institutions or securities broker-dealers that are subject
to anti-money laundering program requirements by section 103.120(b) or
(c), respectively. \8\
---------------------------------------------------------------------------
\7\ The principal statute governing investment companies is the
Investment Company Act of 1940 (codified at 15 U.S.C. 80a1-80a64)
(the 1940 Act), which defines investment company broadly. However,
entities commonly known as hedge funds, private equity funds and
venture capital funds are specifically excluded from the definition
of investment company for purposes of the 1940 Act. Section 356 of
the USA PATRIOT Act requires that the Treasury, the Federal Reserve,
and the SEC submit a joint report to Congress, not later than
October 26, 2002, on recommendations for effective regulations to
apply the requirements of the BSA to investment companies, including
persons that, but for the noted exceptions, would be investment
companies. Treasury anticipates that the CFTC will participate in
;the development of this report because a significant percentage of
hedge funds are registered and regulated as commodity pool
operators. Section 356 also requires that the report include
recommendations whether personal holding companies should be treated
as investment companies under the BSA. Pending further review and
analysis, Treasury is temporarily exempting investment companies,
other than ``open-end companies'' (as defined in section 5(a)(1) of
the 1940 Act), from the requirements of BSA section 5318(h)(1). The
applicability of these requirements to ``open-end companies'' is
addressed in the interim final rule concerning mutual funds
published in this separate part of this issue of the Federal
Register. Pending further review and analysis, Treasury is also
deferring determination of the scope of the BSA definition of
``investment company,'' but anticipates that it is likely that the
referenced entities excluded from application ;of the 1940 Act will
be subject to anti-money laundering program requirements.
\8\ See Davenport Management, Inc. 1993 SEC No-Act. Lexis 624
(April 13, 1993) (stating that a corporation would be required to
register as a broker-dealer if it acted as an intermediary in
securities transactions, negotiated the terms of securities
transactions, received transaction-based compensation, had direct
contact with outside investors, and provided ``investment banking
services''); See also Securities Exchange Act Release No. 11742
(October 5, 1975) (noting that a bank might be subject to
registration as a municipal securities dealer if it engages in
underwriting or otherwise holds itself out as a dealer).
---------------------------------------------------------------------------
The need for the temporary exemption is a practical one. First,
although included within the list of financial institutions in the BSA,
these businesses have never been defined for purposes of the BSA. For
example, does a ``dealer in precious metals, stones, or jewels''
include a jewelry counter at a department store and a kiosk in a
shopping mall that sells gold and silver earrings, bracelets, and
necklaces, as well as a diamond merchant? Similarly, does ``a business
engaged in ``vehicle sales, including automobile, airplane, and boat
sales `` include businesses selling motorcycles, motorbikes, or
snowmobiles? Treasury and FinCEN do not believe it is sound regulatory
policy to subject the broad categories of BSA ``financial
institutions'' to the requirements of BSA section 5318(h)(1) without
specifically defining the businesses that will be subject to those
requirements. Second, in the six months since the enactment of the Act,
Treasury and FinCEN have not had sufficient time and opportunity to
analyze the nature of the businesses of the remaining financial
institutions. More importantly, Treasury and FinCEN have not had the
opportunity to identify the nature and scope of the money laundering or
terrorist financing risks associated with these businesses. The
extension of the anti-money laundering program requirement to all the
remaining financial institutions, most of which have never been subject
to federal financial regulation, raises many significant practical and
policy issues. An inadequate understanding of the affected industries
could result in poorly conceived regulations that impose unreasonable
regulatory burdens with little or no corresponding anti-money
laundering benefits. Finally, Treasury and FinCEN are aware that many
of these financial institutions are sole proprietors or small
businesses, and that any regulations affecting them must recognize this
fact.
For these reasons, Treasury and FinCEN believe that a temporary
exemption from the requirements of section 5318(h)(1) is appropriate at
this time. During the next six months, Treasury and FinCEN will review
and analyze the extent to which these businesses may be used by money
launderers or terrorist financiers, and will issue a series of
additional rules requiring that they establish anti-money laundering
programs where appropriate, and delineating minimum standards for those
programs. Treasury and FinCEN have been examining the money laundering
risks associated with insurance products and will issue in the near
future a proposed rule governing the establishment of anti-money
laundering programs by insurance companies. Although Treasury and
FinCEN intend to issue regulations addressing anti-money laundering
programs for all exempted financial institutions by October 24, 2002,
any category of financial institution for which regulations have not
been proposed or promulgated by that date will be required to establish
anti-money laundering programs that comply with the requirements of 31
U.S.C. 5318(h)(1).
Treasury and FinCEN emphasize that the exemption from the
requirement to establish anti-money laundering programs does not in any
way relieve any business from the existing requirements in 31 U.S.C.
5331 and 26 U.S.C. 6050I that they report transactions in cash or
currency, or certain monetary instruments, that exceed $10,000. The
regulations under these sections are codified at 31 CFR 103.30 and 26
CFR 1.6050I, respectively. Every temporarily exempted business must
ensure that it has appropriate procedures to report such transactions
to FinCEN and the IRS using the single Form 8300 jointly prescribed by
those agencies. In addition, all financial institutions are reminded of
the importance of reporting suspected terrorist activities or otherwise
suspicious transactions to the appropriate law enforcement authorities.
Form 8300 contains a check box to indicate that a particular
transaction, whether or not required to be reported, otherwise appears
suspicious.
III. Administrative Procedure Act
The provisions of 31 U.S.C. 5318(h)(1), requiring all financial
institutions to establish anti-money laundering programs with at least
four identified elements, become effective April 24, 2002. This interim
rule exempts certain financial institutions from these requirements and
deems other financial institutions to be in compliance with these
requirements. Accordingly, good cause is found to dispense with notice
and public procedure as unnecessary pursuant to 5 U.S.C. 553(b)(B), and
to make the provisions of the interim rule effective in less than 30
days pursuant to 5 U.S.C. 553(d)(1) and (3).
IV. Regulatory Flexibility Act
Because no notice of proposed rulemaking is required for this
interim final rule, the provisions of the Regulatory Flexibility Act (5
U.S.C. 601 et seq.) do not apply.
V. Executive Order 12866
This interim final rule is not a ``significant regulatory action''
as defined in Executive Order 12866. Accordingly, a regulatory
assessment is not required.
List of Subjects in 31 CFR Part 103
Banks, banking, Brokers, Counter money laundering, Counter-
terrorism,
[[Page 21113]]
Currency, Foreign banking, Reporting and recordkeeping requirements.
Authority and Issuance
For the reasons set forth above, FinCEN is amending 31 CFR Part 103
as follows:
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FOREIGN TRANSACTIONS
1. The authority citation for part 103 is revised to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331;
title III, secs. 314, 352, Pub. L. 107-56, 115 Stat. 307.
2. Add new subpart I to part 103 to read as follows:
Subpart I--Anti-Money Laundering Programs
Sec.
103.120 Anti-money laundering program requirements for financial
institutions regulated by a Federal functional regulator or a self-
regulatory organization, and casinos.
103.125 [Reserved]
103.130 [Reserved]
103.135 [Reserved]
103.170 Deferred anti-money laundering programs for certain
financial institutions.
Subpart I--Anti-Money Laundering Programs
Sec. 103.120 Anti-money laundering program requirements for financial
institutions regulated by a Federal functional regulator or a self-
regulatory organization, and casinos.
(a) Definitions. For purposes of this section:
(1) Financial institution means a financial institution defined in
31 U.S.C. 5312(a)(2) or (c)(1) that is subject to regulation by a
Federal functional regulator or a self-regulatory organization.
(2) Federal functional regulator means:
(i) The Board of Governors of the Federal Reserve System;
(ii) The Office of the Comptroller of the Currency;
(iii) The Board of Directors of the Federal Deposit Insurance
Corporation;
(iv) The Office of Thrift Supervision;
(v) The National Credit Union Administration;
(vi) The Securities and Exchange Commission; or
(vii) The Commodity Futures Trading Commission.
(3) Self-regulatory organization:
(i) Shall have the same meaning as provided in section 3(a)(26) of
the Securities Exchange Act of 1934 (15 U.S.C. 78c(a)(26)); and
(ii) Means a ``registered entity'' or a ``registered futures
association'' as provided in section 1a(29) or 17, respectively, of the
Commodity Exchange Act (7 U.S.C. 1a(29), 21).
(4) Casino has the same meaning as provided in Sec. 103.11(n)(5).
(b) Requirements for financial institutions regulated only by a
Federal functional regulator, including banks, savings associations,
and credit unions. A financial institution regulated by a Federal
functional regulator that is not subject to the regulations of a self
regulatory organization shall be deemed to satisfy the requirements of
31 U.S.C. 5318(h)(1) if it implements and maintains an anti-money
laundering program that complies with the regulation of its Federal
functional regulator governing such programs.
(c) Requirements for financial institutions regulated by a self-
regulatory organization, including registered securities broker-dealers
and futures commission merchants. A financial institution regulated by
a self-regulatory organization shall be deemed to satisfy the
requirements of 31 U.S.C. 5318(h)(1) if:
(1) The financial institution complies with any applicable
regulation of its Federal functional regulator governing the
establishment and implementation of anti-money laundering programs; and
(2)(i) The financial institution implements and maintains an anti-
money laundering program that complies with the rules, regulations, or
requirements of its self-regulatory organization governing such
programs; and
(ii) The rules, regulations, or requirements of the self-regulatory
organization have been approved, if required, by the appropriate
Federal functional regulator.
(d) Requirements for casinos. A casino shall be deemed to satisfy
the requirements of 31 U.S.C. 5318(h)(1) if it implements and maintains
a compliance program described in Sec. 103.64.
Sec. 103.125 [Reserved]
Sec. 103.130 [Reserved]
Sec. 103.135 [Reserved]
Sec. 103.170 Deferred anti-money laundering programs for certain
financial institutions.
(a) Exempt financial institutions. Subject to the provisions of
paragraph (b) of this section, the following financial institutions (as
defined in 31 U.S.C. 5312(a)(2) or (c)(1)) are exempt from the
requirement in 31 U.S.C. 5318(h)(1) concerning the establishment of
anti-money laundering programs:
(1) An agency of the United States Government, or of a State or
local government, carrying out a duty or power of a business described
in 31 U.S.C. 5312(a)(2); and
(2) Any of the following businesses or activities that is not
described in Sec. 103.120(b) or (c), or subject to the requirements of
Sec. 103.125 or Sec. 103.130:
(i) Dealer in precious metals, stones, or jewels;
(ii) Pawnbroker;
(iii) Loan or finance company;
(iv) Travel agency;
(v) Telegraph company;
(vi) Seller of vehicles, including automobiles, airplanes, and
boats;
(vii) Persons involved real estate closings and settlements;
(viii) Private banker;
(ix) Insurance company;
(x) Commodity pool operator;
(xi) Commodity trading advisor; or
(xii) Investment company.
(b) Termination of exemption. (1) In general. Subject to paragraph
(b)(2) of this section, a financial institution described in paragraph
(a)(2) of this section shall, effective October 24, 2002, establish and
maintain an anti-money laundering program as required by 31 U.S.C.
5318(h)(1).
(2) Exception. The provisions of paragraph (b)(1) of this section
shall not apply to any financial institution to the extent:
(i) Provided in guidance issued in a document published in the
Federal Register by the Department of the Treasury (including FinCEN)
on or before October 24, 2002, governing the application of 31 U.S.C.
5318(h)(1) to such financial institution; or
(ii) That the Secretary determines that the application of any or
all of the requirements of 31 U.S.C. 5318(h)(1) to such financial
institution is unnecessary or should continue to be deferred pending
further analysis and review.
(c) Compliance obligations of deferred financial institutions.
Nothing in this section shall be deemed to relieve an exempt financial
institution from its responsibility to comply with the applicable
requirements of law concerning the reporting of certain transactions in
cash, currency, or monetary instruments in accordance with Sec. 103.30
or 26 CFR 1.6050I.
Dated: April 23, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
[FR Doc. 02-10452 Filed 4-24-02; 4:09 pm]
BILLING CODE 4810-02-P
[Federal Register: April 29, 2002 (Volume 67, Number 82)]
[Rules and Regulations]
[Page 21114-21117]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr29ap02-19]
[[Page 21114]]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AA28
Financial Crimes Enforcement Network; Anti-Money Laundering
Programs for Money Services Businesses
AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION: Interim final rule.
-----------------------------------------------------------------------
SUMMARY: FinCEN is issuing this interim final rule to prescribe minimum
standards applicable to money services businesses pursuant to the
revised provision of the Bank Secrecy Act that requires financial
institutions to establish anti-money laundering programs.
DATES: This interim final rule is effective April 24, 2002. Written
comments may be submitted to FinCEN on or before May 29, 2002.
ADDRESSES: Submit comments (preferably an original and four copies) to
FinCEN, P.O. Box 39, Vienna, VA 22183, ATTN: Section 352 MSB
Regulations. Comments may also be submitted by electronic mail to
regcomments@fincen.treas.gov with the caption in the body of the text,
``Attention: Section 352 MSB Regulations.'' Comments may be inspected
at FinCEN between 10 a.m. and 4 p.m., in the FinCEN Reading Room in
Washington, DC. Persons wishing to inspect the comments submitted must
request an appointment by telephoning (202) 354-6400 (not a toll-free
number).
FOR FURTHER INFORMATION CONTACT: Office of the Chief Counsel (FinCEN),
(703) 905-3590; Office of the Assistant General Counsel for Enforcement
(Treasury), (202) 622-1927; or the Office of the Assistant General
Counsel for Banking & Finance (Treasury), (202) 622-0480 (not toll-free
numbers).
SUPPLEMENTARY INFORMATION:
I. Background
On October 26, 2001, the President signed into law the Uniting and
Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 (Public
Law 107-56) (the Act). Title III of the Act makes a number of
amendments to the anti-money laundering provisions of the Bank Secrecy
Act (BSA), which is codified in subchapter II of chapter 53 of title
31, United States Code. These amendments are intended to provide
additional tools to prevent, detect, and prosecute international money
laundering and the financing of terrorism. Section 352(a) of the Act,
which becomes effective on April 24, 2002, amended section 5318(h) of
the BSA. As amended, section 5318(h)(1) requires every financial
institution to establish an anti-money laundering program that
includes, at a minimum, (i) the development of internal policies,
procedures, and controls; (ii) the designation of a compliance officer;
(iii) an ongoing employee training program; and (iv) an independent
audit function to test programs. The statute further permits the
Secretary to exempt from this requirement those financial institutions
not currently subject to Treasury's regulations implementing the BSA.
In addition, Section 352(c) directs the Secretary to prescribe
regulations by April 24, 2002, for anti-money laundering programs that
are ``commensurate with the size, location, and activities'' of the
financial institutions to which such regulations apply.
Money services businesses are defined as financial institutions
under the BSA and are subject to registration, recordkeeping, and
reporting obligations under the implementing regulations. They thus
fall within the category of financial institutions to which Congress
intended to apply the anti-money laundering program requirements.\1\
Requiring money services businesses to implement anti-money laundering
programs should enhance their ability to comply with their BSA
obligations. This interim final rule prescribes minimum standards for
anti-money laundering programs for money services businesses, tailored
to the particular circumstances of their industry.
---------------------------------------------------------------------------
\1\ Although Section 5318(a)(6) authorizes the Secretary to
exempt any financial institution from any BSA requirement, in light
of the vulnerability of the industry to money laundering described
infra and the extent of existing BSA regulation of money services
businesses, the Secretary is declining to exempt money services
businesses from the anti-money laundering program requirement.
---------------------------------------------------------------------------
In requiring money services businesses to register with the
Department of the Treasury, Congress recognized that money services
businesses, like depository institutions, are subject to abuse by money
launderers.\2\ Following up on this finding, along with issuing
regulations implementing the registration requirement, Treasury and
FinCEN also issued regulations requiring money services businesses
(with the exception of currency dealers or exchangers, check cashers,
and issuers, sellers, and redeemers of stored value) to report to
FinCEN suspicious activity occurring after December 31, 2001.\3\ As
Treasury and FinCEN acknowledged in promulgating these regulations,
implementation of a comprehensive counter-money laundering strategy for
this category of financial institution raises significant issues not
present for depository institutions subject to the BSA such as banks
because of a number of unique factors affecting the money services
business industry.\4\
---------------------------------------------------------------------------
\2\ Money Laundering Suppression Act of 1994, Title IV of the
Riegle Community Development and Regulatory Improvement Act of 1994,
Public Law 103-325 (September 23, 1994). Treasury's implementing
regulations required all money services businesses to register with
FinCEN by December 31, 2001. See 31 CFR 103.41(f).
\3\ 31 CFR 103.20(f).
\4\ See 62 FR 27903 (May 21, 1997).
---------------------------------------------------------------------------
The money services businesses category of financial institutions
subject to Part 103 includes a variety of non-bank financial
institutions: currency dealers or exchangers; check cashers; issuers of
traveler's checks, money orders, or stored value; sellers or redeemers
of traveler's checks, money orders, or stored value; and money
transmitters.\5\ The size and complexity of money services business
enterprises range from the small and simple to the very large and
complex; structures include sole proprietorships, partnerships, and
corporations. Money services business enterprises range from small
``mom and pop'' operations based in one location to large, well
capitalized firms that trade on major securities exchanges, enterprises
with numerous branches or large agent networks, and also include the
United States Postal Service. For some enterprises, such as grocery
stores, convenience stores, and gas stations, the financial activities
that make them money services businesses are not their core business
activities but only incidental services offered along with core
products and services. Other money services businesses are organized to
provide several financial services to their customers similar to the
full range of financial products provided by a bank. Issuers of
traveler's checks, issuers of money orders, and primary money
transmitter companies often operate through networks of independent
enterprises that serve as distribution points throughout the country or
the world. These agent networks make up the bulk of the sellers of
traveler's checks and money orders and distributors of money transfer
services in the United States.\6\
---------------------------------------------------------------------------
\5\ See 31 CFR 103.11uu(1)-(6).
\6\ See 62 FR 27891-895 (May 21, 1997).
---------------------------------------------------------------------------
The interim final rule requires each money services business to
establish a program reasonably designed to prevent
[[Page 21115]]
its use in money laundering or terrorist financing. Treasury and FinCEN
have determined that the exact nature of an effective anti-money
laundering program for money services businesses must be commensurate
with the risks posed by the size and location of the particular money
services business, and the nature and volume of the financial services
it offers. Critical components of such a program are procedures for
assuring that applicable customer identification requirements are met,
all reports required under 31 CFR part 103, including but not limited
to reports of suspicious transactions, are filed in a timely fashion,
all required records are maintained in complete and accurate form, and
requests for information from law enforcement agencies are handled with
appropriate speed. The interim final rule mandates certain methods to
attain such regulatory compliance, including documentation of policies,
procedures, and internal controls, training, designation of a
compliance officer, and program review. Finally, in addition to
compliance with mandatory regulatory requirements, Treasury and FinCEN
encourage money services businesses to implement procedures for
voluntarily reporting suspected terrorist activity to FinCEN using its
Financial Institutions Hotline (1-866-556-3974).
II. Analysis of the Interim Final Rule
Section 103.125(a) requires each money services business to have an
effective anti-money laundering program, which is defined as a program
reasonably designed to prevent the money services business from being
used to facilitate money laundering or to finance terrorist activities.
Section 103.125(b) provides that the program is to be commensurate with
the risks posed by the financial services provided by the money
services business, in light of their nature and volume, and the
location and size of the money services business. Section 103.125(c)
provides that each money services business must have a written anti-
money laundering program.
Section 103.125(d) sets forth the minimum requirements for an
effective anti-money laundering program. First, Sec. 103.125(d)(1)
provides that such a program must contain policies, procedures, and
internal controls reasonably designed to ensure compliance with the
applicable requirements of 31 CFR part 103, including recordkeeping,
reporting, verifying customer identification, and responding to law
enforcement requests. In addition, money services businesses that have
automated data processing systems should integrate into their systems
compliance procedures such as recordkeeping and monitoring transactions
subject to reporting requirements.
In recognition of the fact that a number of issuers of money
services instruments such as traveler's checks and money orders sell
their products through other money services businesses,
Sec. 103.125(d)(1)(iii) permits such issuers and sellers to allocate
responsibility for developing written policies, procedures, and
internal controls among themselves. However, responsibility for
implementation of the policies, procedures, and internal controls rests
with each money services business, and, particularly with respect to
internal controls, a money services business needs to be vigilant in
ensuring that such controls are effective in the circumstances under
which it operates.\7\ This section also makes clear that a money
services business may not contract away its responsibility to establish
and maintain an effective anti-money laundering program.
---------------------------------------------------------------------------
\7\ For example, a money services business that offers products
from different issuers must ensure that its internal controls are
effective for all the products it offers, and not just blindly adopt
controls generated by the issuer of one of the products it sells,
which may not be applicable to its other products.
---------------------------------------------------------------------------
In addition, Sec. 103.125(d)(2) requires each money services
business to designate a person or persons to be responsible for the
program, i.e., a compliance officer. The compliance officer shall be
responsible for day to day compliance with 31 CFR Part 103, ensuring
the compliance program is updated as necessary and reflects current
Treasury guidance, and overseeing the money services business's
education and training program.
Section 103.125(d)(3) provides that each money services business
must have an ongoing training or education program for employees
concerning their responsibilities under the program and 31 CFR Part
103, including training in the detection of suspicious activities.
Finally, under Sec. 103.125(d)(4), each money services business must
provide for an independent review of the program on a periodic basis.
The independent review may be performed by an employee of the money
services business, so long as the reviewer is not the compliance
officer.
The interim final rule is designed to give money services
businesses flexibility to tailor their programs to their specific
circumstances so long as the minimum requirements are met. For example,
the program for a money services business that provides a full range of
financial services (e.g., check cashing, currency exchange, money order
sales, money transmission services) from multiple branches would be
structured differently than a program for a money services business
that offers one or two services through an agent network. The
educational component for an enterprise that offers multiple financial
services may require more comprehensive training for employees to
recognize aspects of suspicious activity associated with different
transaction types and may differ based on the geographic location of
the branches. An enterprise with multiple locations that offers
multiple financial services may require more extensive oversight by its
compliance officer than would an enterprise that offers one or two
financial services incidental to its core business in isolated
transactions. The former would also require more frequent independent
review.
The interim final rule also permits programs to be tailored to the
specific risks associated with the different financial services offered
by money services businesses. For example, sales of traveler's checks,
money orders, and money transfers may be particularly vulnerable to
structuring--that is, the breaking up of a transaction into multiple
transactions so as to fall beneath the thresholds for recordkeeping and
reporting.\8\ An appropriate anti-money laundering program for such an
enterprise would include the training of employees to recognize
indications of structuring.
---------------------------------------------------------------------------
\8\ See 62 FR 27911 (May 21, 1997).
---------------------------------------------------------------------------
FinCEN intends to issue guidance to assist money services
businesses in complying with the interim final rule. Such guidance will
be posted on the FinCEN web site dedicated to money services businesses
(www.msb.gov).
III. Implementation Date Requirements
Pursuant to section 103.125(e), an existing money services business
is required to comply with the anti-money laundering program
requirements of 31 CFR 103.125 by July 24, 2002. Money services
businesses coming into existence after that date must develop and
implement such a program on or before the later of July 24, 2002, and
the end of the 90-day period beginning on the day following the date
the business is established.
IV. Administrative Procedure Act
The provisions of 31 U.S.C. 5318(h)(1), requiring all financial
institutions to establish anti-money laundering programs with at least
four identified elements, become effective
[[Page 21116]]
April 24, 2002. This interim rule provides guidance to money services
businesses on how to comply with the law in effect on that date and
does not impose any obligation on any financial institution that is not
required by section 352 of the Act. Accordingly, good cause is found to
dispense with notice and public procedure as unnecessary pursuant to 5
U.S.C. 553(b)(B), and to make the provisions of the interim rule
effective in less than 30 days pursuant to 5 U.S.C. 553(d)(1) and (3).
V. Regulatory Flexibility Act
Because no notice of proposed rulemaking is required for this
interim final rule, the provisions of the Regulatory Flexibility Act (5
U.S.C. 601 et seq.) do not apply.
VI. Executive Order 12866
This interim final rule is not a ``significant regulatory action''
as defined in Executive Order 12866. Accordingly, a regulatory
assessment is not required.
VII. Paperwork Reduction Act
This regulation is being issued without prior notice and public
procedure pursuant to the Administrative Procedure Act (5 U.S.C. 553).
For this reason, the collection of information contained in this
interim final rule has been reviewed under the requirements of the
Paperwork Reduction Act (44 U.S.C. 3507(j)) and, pending receipt and
evaluation of public comments, approved by the Office of Management and
Budget (OMB) under control number 1506-0020. An agency may not conduct
or sponsor, and a person is not required to respond to, a collection of
information unless it displays a valid control number assigned by OMB.
Comments concerning the collection of information should be sent to
the Office of Management and Budget, ATTN: Alexander T. Hunt, Office of
Information and Regulatory Affairs, Office of Management and Budget,
New Executive Office Building, Room 3208, Washington, DC 20503, with
copies to FinCEN at Department of the Treasury, Financial Crimes
Enforcement Network, Post Office Box 39, Vienna, Virginia, 22183.
FinCEN specifically invites comments on the following subjects: (a)
Whether the proposed collection of information is necessary for the
proper performance of the mission of FinCEN, including whether the
information shall have practical utility; (b) the accuracy of FinCEN's
estimate of the burden of the proposed collection of information; (c)
ways to enhance the quality, utility, and clarity of the information to
be collected; (d) ways to minimize the burden of the collection of
information on respondents, including through the use of automated
collection techniques or other forms of information technology; and (e)
estimates of capital or start-up costs and costs of operation,
maintenance, and purchase of services to provide information.
The collection of information in this interim final rule is in 31
CFR 103.125(c). The information will be used by federal agencies to
verify compliance by money services businesses with the provisions of
31 CFR 103.125. The collection of information is mandatory. The likely
recordkeepers are businesses.
In accordance with the requirements of the Paperwork Reduction Act
of 1995, 44 U.S.C. 3506(c)(2)(A), and its implementing regulations, 5
CFR 1320, the following information concerning the collection of
information as required by 31 CFR 103.125(c) is presented to assist
those persons wishing to comment on the information collection.
Description of Recordkeepers: Money services businesses as defined
in 31 CFR 103.11(uu).
Estimated Number of Recordkeepers: 200,000.
Estimated Average Annual Burden Hours Per Recordkeeper: The
estimated average burden associated with the collection of information
in this interim final rule is 1 hour per recordkeeper.
Estimated Total Annual Recordkeeping Burden: 200,000 hours.
List of Subjects in 31 CFR Part 103
Authority delegations (Government agencies), Banks, banking,
Brokers, Counter money laundering, Counter-terrorism, Currency, Foreign
banking, Reporting and recordkeeping requirements.
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FOREIGN TRANSACTIONS
1. The authority citation for Part 103 continues to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331;
title III, secs. 314, 352, Pub. L. 107-56, 115 Stat. 307.
2. In subpart I, add new Sec. 103.125 to read as follows:
Sec. 103.125 Anti-money laundering programs for money services
businesses.
(a) Each money services business, as defined by Sec. 103.11(uu),
shall develop, implement, and maintain an effective anti-money
laundering program. An effective anti-money laundering program is one
that is reasonably designed to prevent the money services business from
being used to facilitate money laundering and the financing of
terrorist activities.
(b) The program shall be commensurate with the risks posed by the
location and size of, and the nature and volume of the financial
services provided by, the money services business.
(c) The program shall be in writing, and a money services business
shall make copies of the anti-money laundering program available for
inspection to the Department of the Treasury upon request.
(d) At a minimum, the program shall:
(1) Incorporate policies, procedures, and internal controls
reasonably designed to assure compliance with this part.
(i) Policies, procedures, and internal controls developed and
implemented under this section shall include provisions for complying
with the requirements of this part including, to the extent applicable
to the money services business, requirements for:
(A) Verifying customer identification;
(B) Filing reports;
(C) Creating and retaining records; and
(D) Responding to law enforcement requests.
(ii) Money services businesses that have automated data processing
systems should integrate their compliance procedures with such systems.
(iii) A person that is a money services business solely because it
is an agent for another money services business as set forth in
Sec. 103.41(a)(2), and the money services business for which it serves
as agent, may by agreement allocate between them responsibility for
development of policies, procedures, and internal controls required by
this paragraph (d)(1). Each money services business shall remain solely
responsible for implementation of the requirements set forth in this
section, and nothing in this paragraph (d)(1) relieves any money
services business from its obligation to establish and maintain an
effective anti-money laundering program.
(2) Designate a person to assure day to day compliance with the
program and this part. The responsibilities of such person shall
include assuring that:
(i) The money services business properly files reports, and creates
and retains records, in accordance with applicable requirements of this
part;
(ii) The compliance program is updated as necessary to reflect
current requirements of this part, and related
[[Page 21117]]
guidance issued by the Department of the Treasury; and
(iii) The money services business provides appropriate training and
education in accordance with paragraph (d)(3) of this section.
(3) Provide education and/or training of appropriate personnel
concerning their responsibilities under the program, including training
in the detection of suspicious transactions to the extent that the
money services business is required to report such transactions under
this part.
(4) Provide for independent review to monitor and maintain an
adequate program. The scope and frequency of the review shall be
commensurate with the risk of the financial services provided by the
money services business. Such review may be conducted by an officer or
employee of the money services business so long as the reviewer is not
the person designated in paragraph (d)(2) of this section.
(e) Effective date. A money services business must develop and
implement an anti-money laundering program that complies with the
requirements of this section on or before the later of July 24, 2002,
and the end of the 90-day period beginning on the day following the
date the business is established.
Dated: April 23, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
[FR Doc. 02-10453 Filed 4-24-02; 4:09 pm]
BILLING CODE 4810-02-P
[Federal Register: April 29, 2002 (Volume 67, Number 82)]
[Rules and Regulations]
[Page 21117-21121]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr29ap02-20]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AA28
Financial Crimes Enforcement Network; Anti-Money Laundering
Programs for Mutual Funds
AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION: Interim final rule.
-----------------------------------------------------------------------
SUMMARY: FinCEN is issuing this interim final rule to prescribe minimum
standards applicable to mutual funds pursuant to the revised provision
in the Bank Secrecy Act that requires financial institutions to
establish anti-money laundering programs.
DATES: This interim final rule is effective April 24, 2002. Written
comments may be submitted to FinCEN on or before May 29, 2002.
ADDRESSES: Submit comments (preferably an original and four copies) to
FinCEN, P.O. Box 39, Vienna, VA 22183, Attn: Section 352 Mutual Fund
Regulations. Comments may also be submitted by electronic mail to
regcomments@fincen.treas.gov with the caption in the body of the text,
``Attention: Section 352 Mutual Fund Regulations.'' Comments may be
inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading
Room in Washington, DC. Persons wishing to inspect the comments
submitted must request an appointment by telephoning (202) 354-6400
(not a toll-free number).
FOR FURTHER INFORMATION CONTACT: Office of the Assistant General
Counsel for Banking & Finance (Treasury), (202) 622-0480; Office of the
Assistant General Counsel for Enforcement (Treasury), (202) 622-1927;
or Office of Chief Counsel (FinCEN), (703) 905-3590 (not toll-free
numbers).
SUPPLEMENTARY INFORMATION:
I. Background
On October 26, 2001, the President signed into law the Uniting and
Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (Public Law
107-56) (the Act). Title III of the Act makes a number of amendments to
the anti-money laundering provisions of the Bank Secrecy Act (BSA),
which are codified in subchapter II of chapter 53 of title 31, United
States Code. These amendments are intended to make it easier to
prevent, detect, and prosecute international money laundering and the
financing of terrorism. Section 352(a) of the Act, which becomes
effective on April 24, 2002, amends section 5318(h) of the BSA. As
amended, section 5318(h)(1) requires every financial institution to
establish an anti-money laundering program that includes, at a minimum
(i) the development of internal policies, procedures, and controls;
(ii) the designation of a compliance officer; (iii) an ongoing employee
training program; and (iv) an independent audit function to test
programs. Section 5318(h)(2) authorizes the Secretary, after consulting
with the appropriate Federal functional regulator,\1\ to prescribe
minimum standards for anti-money laundering programs, and to exempt
from the application of those standards any financial institution that
is not otherwise subject to BSA regulation.
---------------------------------------------------------------------------
\1\ The Federal functional regulator for mutual funds is the
Securities and Exchange Commission (Commission).
---------------------------------------------------------------------------
Although the BSA includes ``an * * * investment company'' \2\ among
the entities defined as financial institutions, FinCEN has not
previously defined the term for purposes of the BSA. The Investment
Company Act of 1940 (codified at 15 U.S.C. 80a-1 et seq.) (the 1940
Act) defines investment company broadly \3\ and subjects those entities
to comprehensive regulation by the Commission. However, entities
commonly known as hedge funds, private equity funds and venture capital
funds are specifically excluded from the 1940 Act definition of
investment company.\4\ For purposes of the section 352 requirement that
financial institutions establish anti-money laundering programs
effective April 24, 2002, Treasury is limiting the application of this
interim rule to those investment companies falling within the category
of ``open-end company'' contained in section 5(a)(1) of the 1940 Act,
which are commonly referred to as ``mutual funds.'' \5\
---------------------------------------------------------------------------
\2\ 31 U.S.C 5312(a)(2)(I).
\3\ Section 3(a)(1) defines ``investment company'' as any issuer
which (A) is or holds itself out as being engaged primarily, or
proposes to engage primarily, in the business of investing,
reinvesting, or trading in securities; (B) is engaged or proposes to
engage in the business of issuing face-amount certificates of the
installment type, or has been engaged in such business and has any
such certificate outstanding; or (C) is engaged or proposes to
engage in the business of investing, reinvesting, owning, holding,
or trading in securities, and owns or proposes to acquire investment
securities having a value exceeding 40 per centum of the value of
such issuer's total assets (exclusive of Government securities and
cash items) on an unconsolidated basis.
\4\ Section 356 of the Act requires that the Secretary, the
Federal Reserve and the Commission jointly submit a report to
Congress, not later than October 26, 2002, on recommendations for
effective regulations to apply the requirements of the BSA to
investment companies as defined in section 3 of the 1940 Act,
including persons that, but for the provisions that exclude entities
commonly known as hedge funds, private equity funds, and venture
capital funds, would be investment companies.
\5\ By interim rule published elsewhere in this separate part of
this issue of the Federal Register, Treasury is temporarily
exempting investment companies other than mutual funds from the
requirement that they establish anti-money laundering programs.
Treasury is also temporarily deferring determining the definition of
``investment company'' for purposes of the BSA. However, it is
likely that those entities excluded from the definition of
``investment company'' in the 1940 Act will be required to establish
anti-money laundering programs pursuant to section 352.
---------------------------------------------------------------------------
Mutual funds are by far the predominant type of investment company.
Other types of investment companies regulated by the Commission include
closed-end companies and unit investment trusts. Closed-end companies
typically sell a fixed number of shares in traditional underwritten
offerings. Holders of closed-end company shares then trade their shares
in secondary market transactions, usually on a securities exchange or
in the over-the-counter market. Unit
[[Page 21118]]
investment trusts are pooled investment entities without a board of
directors or investment adviser that offer investors redeemable units
in an unmanaged, fixed portfolio of securities. Treasury will continue
to consider the type of anti-money laundering program that would be
appropriate for the issuers of these products, including the extent to
which they pose a money laundering risk that is not more effectively
covered by the anti-money laundering program of another financial
institution involved in their distribution (e.g., a broker-dealer).
Currently, almost 3000 active mutual funds are registered with the
Commission. At the end of fiscal year 2001, these companies managed or
sponsored 8,313 mutual fund portfolios. During the last few years,
mutual fund assets have dramatically increased. Since 1980, the number
of mutual fund portfolios has increased 1370 percent and their assets
have increased 4,659 percent. During fiscal year 2000 alone, assets
managed by mutual funds increased by more than $1.3 trillion. At the
end of fiscal year 2001, mutual funds held $6.4 trillion--more than
double the $3 trillion of insured deposits at commercial banks, and
more than 95 per cent of the assets held by all investment companies
regulated by the Commission. Approximately one-third of the assets
managed by mutual funds are held in retirement accounts--both employer-
sponsored plans and Individual Retirement Accounts (``IRAs'').\6\
---------------------------------------------------------------------------
\6\ See The 1990s: A Decade of Expansion and Change in the U.S.
Mutual Fund Industry, Perspective, Investment Company Institute
(Vol. 6, No. 3, July 2000).
---------------------------------------------------------------------------
A mutual fund offers its shares continuously and is required to
provide its shareholders the right to redeem shares at net asset value
on a daily basis. Virtually all mutual funds are externally managed.
Their operations are conducted by affiliated organizations and third
party service providers. An investment adviser is primarily responsible
for selecting portfolio investments consistent with the objectives and
policies stated in the mutual fund's prospectus.\7\ Administrative
services are usually conducted by an investment adviser or an
unaffiliated third party.
---------------------------------------------------------------------------
\7\ Advisers to mutual funds must register with the Commission
and comply with the requirements of the Investment Advisers Act of
1940 (codified at 15 U.S.C. 80b-1 et seq.).
---------------------------------------------------------------------------
Mutual funds usually offer their shares to the public through a
principal underwriter. Principal underwriters are regulated as broker-
dealers and are subject to National Association of Securities Dealers,
Inc. rules.\8\ Mutual funds employ transfer agents to conduct
recordkeeping and related functions. Transfer agents maintain records
of shareholder accounts, calculate and disburse dividends, and prepare
and mail shareholder account statements, federal income tax
information, and other shareholder notices. Some transfer agents
prepare and mail statements confirming shareholder transactions and
account balances, and maintain customer service departments to respond
to shareholder inquiries.
---------------------------------------------------------------------------
\8\ On April 22, 2002, the Commission approved NASD Regulation
Rule 3011, which requires its member firms to develop, and a member
of the firm's senior management to approve, programs designed to
achieve and monitor compliance with the BSA and related regulations.
See Securities Exchange Act Release No. 45798 (April 22, 2002).
---------------------------------------------------------------------------
A mutual fund is governed by a board of directors or trustees,
which is responsible for overseeing the management of the fund's
business affairs. In order to avail themselves of certain Commission
exemptive rules, most funds' boards have a majority of directors who
are independent of the fund's investment adviser or principal
underwriter.
In addition to purchasing shares directly from some mutual funds
(``direct-sold funds''), investors may purchase mutual fund shares
through a variety of distribution channels including broker-dealers
(including sponsors of fund ``supermarkets'' where investors can
purchase shares of several different mutual funds), insurance agents,
financial planners, and banks. These alternative distribution channels
usually maintain omnibus accounts with the mutual funds that they
distribute. In these cases, the funds and their transfer agents do not
know the identities of the individual investors. Only the distributor
(e.g., a broker-dealer) will have contact with the individual
investors, will receive and process individual investment and
redemption requests, and will have access to individuals' trading
activity.
Because mutual funds do not usually receive from or disburse to
shareholders significant amounts of currency, they are not as likely as
banks to be used during the initial placement stage of the money
laundering process. However, some structuring schemes used in the
placement stage involve monetary instruments such as money orders, and
money launderers could attempt to use mutual funds that accept these
forms of payment. Money launderers would more likely attempt to use
mutual fund accounts in the layering and integration stages of money
laundering, rather than the placement stage. ``Layering'' involves the
distancing of illegal proceeds from their criminal source through the
creation of complex layers of financial transactions. Money launderers
could use mutual fund accounts to layer their funds by, for example,
sending and receiving money and wiring it quickly through several
accounts and multiple institutions, or by redeeming fund shares
purchased with illegal proceeds and then reinvesting the proceeds
received in another fund. Layering could also involve purchasing funds
in the name of a fictitious corporation or an entity designed to
conceal the true owner. Mutual funds could also be used for integrating
illicit income into legitimate assets. ``Integration'' occurs when
illegal proceeds appear to have been derived from a legitimate source.
For example, if an individual were to redeem fund shares that were
purchased with illegal proceeds and direct that the proceeds be wired
to a bank account in the person's own name, the transfer would appear
legitimate to the receiving bank.
A recent survey conducted by the General Accounting Office of 310
direct-sold fund groups found that approximately 40 percent of those
groups currently have some type of voluntary measures designed to
prevent money laundering.\9\ However, those measures rarely go beyond
restrictions on accepting currency, and thus do not address possible
use by money launderers during the layering and integration phases.\10\
In light of this vulnerability, and after consultation with the
Commission, Treasury has determined not to exercise its authority to
exempt temporarily mutual funds from the section 352 requirement to
implement anti-money laundering programs. Accordingly, the interim rule
sets forth the minimum requirements applicable to such programs.
---------------------------------------------------------------------------
\9\ Before passage of the Act, the Investment Company Institute,
a national association of the investment company industry,
recommended procedures for funds to adopt to avoid being used by
money launderers. See Money Laundering Compliance for Mutual Funds,
Investment Company Institute, May 1999.
\10\ Report to the Chairman, Permanent Subcommittee on
Investigations, Committee on Governmental Affairs, U.S. Senate,
Anti-Money Laundering Efforts in the Securities Industry, GAO-02-
111, October 2001.
---------------------------------------------------------------------------
II. The Anti-Money Laundering Program
The interim final rule requires that, by July 24, 2002, mutual
funds develop and implement an anti-money laundering program reasonably
designed to prevent them from being used to launder money or finance
terrorist activities, which includes achieving and monitoring
[[Page 21119]]
compliance with the applicable requirements of the BSA and Treasury's
implementing regulations.
The legislative history of the Act explains that the requirement to
have an anti-money laundering program is not a one-size-fits-all
requirement. The general nature of the requirement reflects Congress'
intent that each financial institution should have the flexibility to
tailor its program to fit its business, taking into account factors
such as size, location, activities, and risks or vulnerabilities to
money laundering. This flexibility is designed to ensure that all firms
subject to the statute, from the largest to the very small firms, have
in place policies and procedures appropriate to monitor for anti-money
laundering compliance.\11\
---------------------------------------------------------------------------
\11\ See USA PATRIOT Act of 2001: Consideration of H.R. 3162
Before the Senate (October 25, 2001) (statement of Sen. Sarbanes);
Financial Anti-Terrorism Act of 2001: Consideration Under Suspension
of Rules of H.R. 3004 Before the House of Representatives (October
17, 2001)(statement of Rep. Kelly)(provisions of the Financial Anti-
Terrorism Act of 2001 were incorporated as Title III in the Act).
---------------------------------------------------------------------------
In order to assure that this requirement receives the highest level
of attention throughout the industry, the proposed rule requires that
each company's program be approved in writing by its board of directors
or trustees.\12\ The four required elements of the anti-money
laundering program are discussed below.
---------------------------------------------------------------------------
\12\ The board's approval could be given at its first regularly
scheduled meeting after the program is adopted.
---------------------------------------------------------------------------
(1) Establish and Implement Policies, Procedures, and Internal Controls
Reasonably Designed To Prevent the Mutual Fund From Being Used To
Launder Money or Finance Terrorist Activities, Including But Not
Limited to Achieving Compliance With the Applicable Provisions of the
Bank Secrecy Act and the Implementing Regulations Thereunder
Written policies and procedures, which form the basis of any
compliance program, should set forth clearly the details of the
program, including the responsibilities of the individuals and
departments involved. Because mutual funds operate through a variety of
different business models, one generic anti-money laundering program
for this industry is not possible; rather, each mutual fund must
develop a program based upon its own business structure. This requires
that each mutual fund complex identify its vulnerabilities to money
laundering and terrorist financing activity, understand the BSA
requirements applicable to it, identify the risk factors relating to
these requirements, design the procedures and controls that will be
required to reasonably assure compliance with these requirements, and
periodically assess the effectiveness of the procedures and controls.
Policies, procedures, and internal controls should be reasonably
designed to detect activities indicative of money laundering.
Transactions that could indicate potential money laundering include the
use of fraudulent checks and unusual wire activity. For example, an
investment in a fund by check or checks drawn on the account of a third
party or parties, or by one or more wire transfers from an account of a
third party or parties, in each case unrelated to the investor, could
be indicative of attempted money laundering. Other examples of ``red
flags'' that may indicate potential illegal activity include frequent
wire transfer activity to and from a cash reserve account, coming from
or sent to the same bank; large deposits with relatively small fund
investments; frequent purchases of fund shares followed by large
redemptions, particularly if the resulting proceeds are wired to
unrelated third parties or bank accounts in foreign countries; and
transfers to accounts in countries where drugs are known to be produced
or other high-risk countries.\13\
---------------------------------------------------------------------------
\13\ 18 U.S.C. 1956 and 1957 make it a crime for any person,
including an individual or company, to engage knowingly in a
financial transaction with the proceeds from any of a long list of
crimes or ``specific unlawful activity.'' Although the standard of
knowledge required is ``actual knowledge,'' actual knowledge
includes ``willful blindness.'' Thus, a person could be deemed to
have knowledge that proceeds were derived from illegal activity if
he or she ignored ``red flags'' that indicated illegality.
---------------------------------------------------------------------------
Policies, procedures, and internal controls should also be
reasonably designed to assure compliance with BSA requirements. The
only BSA regulatory requirement currently applicable to mutual funds is
the obligation to report on Form 8300 the receipt of cash or certain
noncash instruments totaling more than $10,000 in one transaction or
two or more related transactions.\14\ In order to develop a compliant
anti-money laundering program, the program should be reasonably
designed to detect and report not only transactions required to be
reported on Form 8300, but also to detect activity designed to evade
such requirements. Such activity, commonly known as ``structuring,''
may involve the purchase of more than $10,000 in fund shares with
multiple money orders, travelers' checks, or cashiers' checks or other
bank checks, each with a face amount of less than $10,000. Such methods
of payment may be indicative of money laundering, particularly when the
payment instruments were obtained from different sources or the
payments were made at different times on the same day or on consecutive
days or close in time.
---------------------------------------------------------------------------
\14\ See 31 CFR 103.30. If a mutual fund complex includes a
registered broker-dealer (as principal underwriter) or a bank (as
transfer agent), then those financial institutions would also be
subject to separate BSA requirements.
---------------------------------------------------------------------------
We also note that mutual funds will be required to comply with BSA
requirements regarding accountholder identification and verification
pursuant to section 326 of the Act, as set forth in joint Treasury/
Commission regulations required to be issued by October 26, 2002, and
are likely to become subject to additional BSA requirements, including
filing suspicious activity reports. As mutual funds become subject to
additional requirements, their compliance programs will obviously have
to be updated to include appropriate policies, procedures, training,
and testing functions.
Because mutual funds typically conduct their operations through
separate entities, which may or may not be affiliated, some elements of
the compliance program will best be performed by personnel of these
separate entities. It is permissible for a mutual fund to contractually
delegate the implementation and operation of its anti-money laundering
program to another affiliated or unaffiliated service provider, such as
a transfer agent. Any mutual fund delegating responsibility for aspects
of its anti-money laundering program to a third party must obtain
written consent from the third party ensuring the ability of federal
examiners to obtain information and records relating to the anti-money
laundering program and to inspect the third party for purposes of the
program. However, the mutual fund remains responsible for assuring
compliance with this regulation. That means that it must take
reasonable steps to identify the aspects of its operations that may
give rise to BSA regulatory requirements or are vulnerable to money
laundering or terrorist financing activity, develop and implement a
program reasonably designed to achieve compliance with such regulatory
requirements and prevent such activity, monitor the operation of its
program and assess its effectiveness. For example, it would not be
sufficient to simply obtain a certification from its delegate that it
``has a satisfactory anti-money laundering program.''
With respect to omnibus accounts, a mutual fund's anti-money
laundering program could have a more limited scope. Typically, a fund
has little or no
[[Page 21120]]
information about the identities and transaction activities of the
individual customers represented in an omnibus account. For example,
when fund shares are sold through a broker-dealer, the broker-dealer
has all of the relevant information about the customer. When that
customer places an order for fund shares with her broker-dealer, her
individual order is combined with all other purchase or redemption
orders to the fund (or its transfer agent). That net order is then
processed in the omnibus account. This rule does not require that a
mutual fund obtain any additional information regarding individual
transactions that are processed through another entity's omnibus
account. Consequently, given Treasury's risk-based approach to anti-
money laundering programs for financial institutions generally,
including mutual funds, it is not expected that mutual funds will
scrutinize activity in omnibus accounts to the same extent as
individual accounts. Nevertheless, mutual funds would need to analyze
the money laundering risks posed by particular omnibus accounts based
upon a risk-based evaluation of relevant factors regarding the entity
holding the omnibus account, including such factors as the type of
entity, its location, type of regulation, and of course, the viability
of its anti-money laundering program.
(2) Provide for Independent Testing for Compliance To Be Conducted by
Company Personnel or by a Qualified Outside Party
It is necessary that a mutual fund conduct periodic testing of its
program, in order to assure that the program is indeed functioning as
designed. Such testing should be accomplished by personnel
knowledgeable regarding BSA requirements. Such testing may be
accomplished either by employees of the fund, its affiliates, or
unaffiliated service providers so long as those same employees are not
involved in the operation or oversight of the program. The frequency of
such a review would depend upon factors such as the size and complexity
of the mutual fund complex and the extent to which its business model
may be more subject to money laundering than other institutions. A
written assessment or report should be a part of the review, and any
recommendations resulting from such review should, of course, be
promptly implemented or submitted to the board for consideration.
(3) Designate a Person or Persons Responsible for Implementing and
Monitoring the Operations and Internal Controls of the Program
The mutual fund must charge an individual (or committee) with the
responsibility for overseeing the anti-money laundering program. The
person (or group of persons) should be competent and knowledgeable
regarding BSA requirements and money laundering issues and risks, and
empowered with full responsibility and authority to develop and enforce
appropriate policies and procedures throughout the fund complex.
Whether the compliance officer is dedicated full time to BSA compliance
would depend upon the size and complexity of the fund complex. Although
in many cases the implementation and operation of the compliance
program will be conducted by entities (and their employees) other than
the mutual fund, the person responsible for the supervision of the
overall program should be a fund officer.
(4) Provide Ongoing Training for Appropriate Persons
Employee training is an integral part of any anti-money laundering
program. Employees of the fund (and of its affiliated and third-party
service providers) must be trained in BSA requirements relevant to
their functions and in recognizing possible signs of money laundering
that could arise in the course of their duties, so that they can carry
out their responsibilities effectively. Such training could be
conducted by outside or in-house seminars, and could include computer-
based training. The level, frequency, and focus of the training would
be determined by the responsibilities of the employees and the extent
to which their functions bring them in contact with BSA requirements or
possible money laundering activity. Consequently, the training program
should provide both a general awareness of overall BSA requirements and
money laundering issues, as well as more job-specific guidance
regarding particular employees' roles and functions in the anti-money
laundering program.\15\ For those employees whose duties bring them in
contact with BSA requirements or possible money laundering activity,
the requisite training should occur when the employee assumes those
duties. Moreover, these employees should receive periodic updates and
refreshers regarding the anti-money laundering program.
---------------------------------------------------------------------------
\15\ Appropriate topics for an anti-money laundering program
include, but are not limited to: BSA requirements, a description of
money laundering, how money laundering is carried out, what types of
activities and transactions should raise concerns, what steps should
be followed when suspicions arise, and OFAC and other government
lists.
---------------------------------------------------------------------------
Finally, in addition to complying with the requirements of this
interim regulation, mutual funds are encouraged to adopt procedures for
voluntarily filing Suspicious Activity Reports with FinCEN and for
reporting suspected terrorist activities to FinCEN using its Financial
Institutions Hotline (1-866-566-3974).
As an administrative matter, this rulemaking includes an amendment
to the delegation of examination authority by FinCEN to the Commission,
to enable the Commission to examine mutual funds for compliance with
this regulation.
III. Implementation Date
Pursuant to section 103.130(b), a mutual fund is required to comply
with the anti-money laundering program requirements of 31 CFR 103.130
by July 24, 2002.
IV. Administrative Procedure Act
The provisions of 31 U.S.C. 5318(h)(1), requiring all financial
institutions to establish anti-money laundering programs with at least
four identified elements, become effective April 24, 2002. This interim
rule provides guidance to mutual funds on how to comply with the law in
effect on that date and does not impose any obligation on any financial
institution that is not required by section 352 of the Act.
Accordingly, good cause is found to dispense with notice and public
procedure as unnecessary pursuant to 5 U.S.C. 553(b)(B), and to make
the provisions of the interim rule effective in less than 30 days
pursuant to 5 U.S.C. 553(d)(1) and (3).
V. Regulatory Flexibility Act
Because no notice of proposed rulemaking is required for this
interim final rule, the provisions of the Regulatory Flexibility Act (5
U.S.C. 601 et seq.) do not apply.
VI. Executive Order 12866
This interim final rule is not a ``significant regulatory action''
as defined in Executive Order 12866. Accordingly, a regulatory
assessment is not required.
VII. Paperwork Reduction Act
This regulation is being issued without prior notice and public
procedure pursuant to the Administrative Procedure Act (5 U.S.C. 553).
For this reason, the collection of
[[Page 21121]]
information contained in this interim final rule has been reviewed
under the requirements of the Paperwork Reduction Act (44 U.S.C.
3507(j)) and, pending receipt and evaluation of public comments,
approved by the Office of Management and Budget (OMB) under control
number 1506-0020. An agency may not conduct or sponsor, and a person is
not required to respond to, a collection of information unless it
displays a valid control number assigned by OMB.
Comments concerning the collection of information should be sent to
the Office of Management and Budget, Attn: Alexander T. Hunt, Office of
Information and Regulatory Affairs, Office of Management and Budget,
New Executive Office Building, Room 3208, Washington, DC 20503, with
copies to FinCEN at Department of the Treasury, Financial Crimes
Enforcement Network, Post Office Box 39, Vienna, Virginia, 22183.
FinCEN specifically invites comments on the following subjects: (a)
Whether the collection of information is necessary for the proper
performance of the mission of FinCEN, including whether the information
shall have practical utility; (b) the accuracy of FinCEN's estimate of
the burden of the collection of information; (c) ways to enhance the
quality, utility, and clarity of the information to be collected; (d)
ways to minimize the burden of the collection of information on
respondents, including through the use of automated collection
techniques or other forms of information technology; and (e) estimates
of capital or start-up costs and costs of operation, maintenance, and
purchase of services to provide information.
The collection of information in this interim final rule is in 31
CFR 103.130(b). The information will be used by federal agencies to
verify compliance by mutual funds with the provisions of 31 CFR
103.130. The collection of information is mandatory. The likely
recordkeepers are businesses.
In accordance with the requirements of the Paperwork Reduction Act
of 1995, 44 U.S.C. 3506(c)(2)(A), and its implementing regulations, 5
CFR 1320, the following information concerning the collection of
information as required by 31 CFR 103.130(a) is presented to assist
those persons wishing to comment on the information collection.
Description of Recordkeepers: Mutual funds, as defined in 31 CFR
103.130(a).
Estimated Number of Recordkeepers: 3,000.
Estimated Average Annual Burden Hours Per Recordkeeper: The
estimated average burden associated with the collection of information
in this interim final rule is 1 hour per recordkeeper.
Estimated Total Annual Recordkeeping Burden: 3,000 hours.
List of Subjects in 31 CFR Part 103
Banks, banking, Brokers, Counter money laundering, Counter-
terrorism, Currency, Foreign banking, Reporting and recordkeeping
requirements.
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FOREIGN TRANSACTIONS
1. The authority citation for part 103 continues to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331;
title III, secs. 314, 352, Pub. L. 107-56, 115 Stat. 307.
2. In Subpart E, revise Sec. 103.56(b)(6) to read as follows:
Sec. 103.56 Enforcement.
* * * * *
(b) * * *
(6) To the Securities and Exchange Commission with respect to
brokers and dealers in securities and investment companies as that term
is defined in the Investment Company Act of 1940 (15 U.S.C. 80-1 et
seq.);
* * * * *
3. In subpart I, add new Sec. 103.130 to read as follows:
Sec. 103.130 Anti-money laundering programs for mutual funds.
(a) For purposes of this section, ``mutual fund'' means an open-end
company as defined in section 5(a)(1) of the Investment Company act of
1940 (15 U.S.C. 80a-5(a)(1)).
(b) Effective July 24, 2002, each mutual fund shall develop and
implement a written anti-money laundering program reasonably designed
to prevent the mutual fund from being used for money laundering or the
financing of terrorist activities and to achieve and monitor compliance
with the applicable requirements of the Bank Secrecy Act (31 U.S.C.
5311, et seq.), and the implementing regulations promulgated thereunder
by the Department of the Treasury. Each mutual fund's anti-money
laundering program must be approved in writing by its board of
directors or trustees. A mutual fund shall make its anti-money
laundering program available for inspection by the Commission.
(c) The anti-money laundering program shall at a minimum:
(1) Establish and implement policies, procedures, and internal
controls reasonably designed to prevent the mutual fund from being used
for money laundering or the financing of terrorist activities and to
achieve compliance with the applicable provisions of the Bank Secrecy
Act and the implementing regulations thereunder;
(2) Provide for independent testing for compliance to be conducted
by the mutual fund's personnel or by a qualified outside party;
(3) Designate a person or persons responsible for implementing and
monitoring the operations and internal controls of the program; and
(4) Provide ongoing training for appropriate persons.
Dated: April 23, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
[FR Doc. 02-10454 Filed 4-24-02; 4:09 pm]
BILLING CODE 4810-02-P
[Federal Register: April 29, 2002 (Volume 67, Number 82)]
[Rules and Regulations]
[Page 21121-21127]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr29ap02-21]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AA28
Financial Crimes Enforcement Network; Anti-Money Laundering
Programs for Operators of a Credit Card System
AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION: Interim final rule.
-----------------------------------------------------------------------
SUMMARY: FinCEN is issuing this interim final rule to define and
provide guidance to operators of credit card systems concerning the
revised provision in the Bank Secrecy Act that requires them to
establish anti-money laundering programs.
DATES: This interim final rule is effective April 24, 2002. Written
comments may be submitted to FinCEN on or before May 29, 2002.
ADDRESSES: Submit comments (preferably an original and four copies) to
FinCEN, P.O. Box 39, Vienna, VA 22183, Attn: Section 352 CC
Regulations. Comments may also be submitted by electronic mail to
regcomments@fincen.treas.gov with the caption in the body of the text,
Attention: Section 352 CC Regulations.'' Comments may be inspected at
FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in
Washington, DC. Persons wishing to inspect the comments submitted must
request an appointment by telephoning (202) 354-6400 (not a toll-free
number).
FOR FURTHER INFORMATION CONTACT: Office of the Chief Counsel (FinCEN),
(703) 905-3590; Office of the Assistant General Counsel for Enforcement
[[Page 21122]]
(Treasury), (202) 622-1927; or the Office of the Assistant General
Counsel for Banking & Finance (Treasury), (202) 622-0480 (not toll-free
numbers).
SUPPLEMENTARY INFORMATION:
I. Background
On October 26, 2001, the President signed into law the Uniting and
Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (Public Law
107-56) (the Act). Title III of the Act makes a number of amendments to
the anti-money laundering provisions of the Bank Secrecy Act (BSA),
which are codified in subchapter II of chapter 53 of title 31, United
States Code. These amendments are intended to make it easier to
prevent, detect, and prosecute international money laundering and the
financing of terrorism. Section 352(a) of the Act, which becomes
effective on April 24, 2002, amended section 5318(h) of the BSA. As
amended, section 5318(h)(1) requires every financial institution to
establish an anti-money laundering program that includes, at a minimum,
(i) the development of internal policies, procedures, and controls;
(ii) the designation of a compliance officer; (iii) an ongoing employee
training program; and (iv) an independent audit function to test
programs. As operators of credit card systems are identified as
financial institutions under the BSA, 31 U.S.C. 5312(a)(2)(L), they are
subject to the anti-money laundering program requirement. This rule is
intended to define an ``operator of a credit card system,'' and to
provide guidance to them in complying with the law, tailored to the
industry.
A. Credit Card Systems
Credit cards represent the right to purchase goods and services, or
in some cases the right to obtain a cash advance, against a line of
credit offered by the issuer of the credit card. The Truth in Lending
Act defines a credit card as a ``card, plate, coupon book or other
credit device existing for the purpose of obtaining money, property,
labor, or services on credit.'' \1\ 15 U.S.C. 1602(k). This interim
final rule adopts this definition. Also included within this definition
is a charge card, that is, a credit card for which the cardholder must
pay the monthly balance in full.\2\
---------------------------------------------------------------------------
\1\ ``Credit'' is defined as ``the right granted by a creditor
to a debtor to defer payment of a debt or to incur debt and defer
its payment.'' 15 U.S.C. 1602(e).
\2\ Regulations implementing the Truth in Lending Act define a
charge card as ``a credit card on an account for which no periodic
rate is used to compute a finance charge.'' 12 CFR 226.2(15). This
interim final rule likewise adopts this definition.
---------------------------------------------------------------------------
The use to which a credit card may be put depends upon the entity
issuing or accepting the card.\3\ In the case of general purpose credit
cards, such as those issued by members of the VISA or MasterCard
system, the cards are accepted by a variety of merchants worldwide. In
the United States, most such cards are issued by banks \4\ authorized
by the operator of the credit card system to use the particular name
and access the associated clearance and settlement system. Such
entities are called ``issuing institutions.'' On the other side of the
transaction, in order for a particular merchant to accept the credit
card, it must have a relationship with a bank or entity that is itself
authorized to sign up merchants to accept the credit card for purchases
and process such credit card transactions. Entities authorized to
accept credit card purchases from merchants are called ``acquiring
institutions'' or ``merchant institutions.'' In all cases, the operator
of the credit card system determines which entities may serve as
issuing and acquiring institutions (member institutions) and prescribes
rules that member institutions must follow.
---------------------------------------------------------------------------
\3\ In its 1997 report entitled, ``Payments, Clearance, and
Settlement: A Guide to the Systems, Risks and Issues,'' the General
Accounting Office described the use of credit cards generally, as
well as the role of operators of a credit card system in the
clearance and settlement of transactions. See GAO/GGD-97-73 at 108-
15 (June 1997) (``the 1997 GAO Report'').
\4\ For purposes of this preamble, the term ``bank'' refers to
insured depository institutions, including federally and state
chartered banks, thrifts, and credit unions.
---------------------------------------------------------------------------
Other credit cards used in the United States are issued by a
particular merchant or vendor and may only be used in connection with
purchases made from that merchant or vendor. Examples include
department store and oil company credit cards, as well as charge cards
issued by individual merchants. Often such cards are issued by a bank
on behalf of a particular merchant, but in some cases the merchant
itself may issue the card. Merchants, vendors, or banks whose issuance
of credit cards is restricted to such circumstances do not fall within
the definition of an operator of a credit card system as set forth in
this interim final rule.\5\ However, if an entity otherwise falls
within the definition of an operator of a credit card system under this
interim final rule, the fact that the operator may also issue credit
cards with particular merchants, or may itself serve as the issuing or
acquiring institution, does not remove it from the scope of this
interim final rule.
---------------------------------------------------------------------------
\5\ Banks issuing merchant or vendor cards are already subject
to anti-money laundering regulation enforced by the bank regulators.
---------------------------------------------------------------------------
The purpose for distinguishing between general purpose credit cards
and merchant cards lies first in the fact that the definition in the
BSA refers to ``an operator of a credit card system'' as a financial
institution. We do not view the issuance of a merchant or vendor card
as the operation of a credit card system, which is more naturally
interpreted to refer to the organizer of a membership or other
interrelated group. Second, as discussed more fully below, the
significant money laundering or terrorist financing risk associated
with the operation of a credit card system sought to be minimized by
this interim final rule is the operator's authorization or licensing of
issuing or acquiring institutions without conducting appropriate due
diligence relating to the money laundering or terrorist financing risk
posed by those institutions. A merchant or a vendor that issues its own
card does not present that particular risk because it does not perform
that function.\6\
---------------------------------------------------------------------------
\6\ This interim final rule neither considers nor addresses the
money laundering or terrorist financing risks associated with
issuing institutions. However, this should not be construed to
suggest no such risks exist.
---------------------------------------------------------------------------
With general purpose credit cards, the operator of a credit card
system plays a vital role in the authorization, clearance, and
settlement of credit card purchases. This role is important to
understanding both how the operator of the credit card system can
assist in preventing money laundering or terrorist financing, as well
as the practical limitations placed on the operator in this regard.
Authorization is the process by which the issuer of the credit card
approves or rejects a purchase at the time the cardholder seeks to
access the line of credit associated with the card. Typically, the
merchant swipes the credit card through a terminal that electronically
captures the relevant data.\7\ Once the merchant keys in the amount of
the purchase, that information is transmitted electronically through
the operator's system to the issuing bank for approval. If appropriate,
the purchase is approved. Once approved, the transaction with the
consumer is consummated.
---------------------------------------------------------------------------
\7\ ``Electronic Data Capture (EDC) is a point-of-sale terminal
that reads the information embedded in the magnetic strip of bank
cards. These terminals electronically authorize and capture
transaction data, thus eliminating the need for a paper deposit.''
The 1997 GAO Report at 108.
---------------------------------------------------------------------------
The next step is the clearance process. The merchant submits the
credit card payment information to its merchant bank for payment. The
merchant bank credits the merchant's account, and
[[Page 21123]]
submits the purchase information to the operator of the credit card
system. The operator then sends the purchase information to the issuing
bank for payment.
The final step is the settlement process. The issuing bank
transmits the funds owed by virtue of the purchase to the operator of
the credit card system. The operator then transmits the funds to the
merchant bank in settlement of the debt. In the settlement process,
funds are transmitted through traditional payment systems. The issuing
bank then bills the cardholder for the transaction in accordance with
the credit agreement.
Thus, the operator of the credit card system not only controls
which entities may issue or process transactions involving its card,
but it also serves as a clearinghouse where debts are settled and from
which payments are made and received. This is the functional definition
of an operator of a credit card system. The reality is that there are
few operators of credit card systems in the United States, certainly in
contrast to the number of issuing and acquiring banks.
In addition, a debit card may at times also be used as a credit
card. A debit card generally accesses an existing deposit account at an
insured depository institution from which funds are withdrawn upon use
of the debit card. Debit cards generally require the use of a personal
identification number at the point of sale. Some debit cards can also
function as a credit card and some credit card system operators also
authorize, clear, and settle debit card transactions. Often such dual
use cards are marked with a logo or insignia of the operator of the
credit card system. The interim final rule applies to both functions of
a dual use card.\8\
---------------------------------------------------------------------------
\8\ While this interim final rule applies to the debit card
functions performed by an operator of a credit card system accepting
dual use cards, the rule does not apply generally to operators of a
debit card system. Treasury intends to consider whether operators of
debit card systems should likewise be included as financial
institutions under the BSA and thus be subject to the anti-money
laundering program requirement.
---------------------------------------------------------------------------
B. The Authorization of Acquiring and Issuing Banks
The success of a general purpose credit card depends upon its
availability to consumers and the extent to which it is widely accepted
by merchants and vendors. The operator of the system is directly
responsible for selecting and approving issuing and acquiring
institutions to become a part of the system, and setting the rules by
which they must abide. In addition, in its role of ensuring that the
member institutions continue to abide by the membership rules, the
operator of the system indirectly plays a role in selecting and
approving other users in the system, including cardholders and
merchants. These functions--determining which institutions may serve as
issuing or acquiring institutions, and setting and ensuring ongoing
compliance with the system's rules and regulations--play a crucial role
in determining the extent to which a credit card system may be
vulnerable to money laundering or terrorist financing.
It appears that during the authorization, clearance, and settlement
process, cardholder and individual merchant names may not be
transmitted through the operator's credit card system.\9\ Comprehensive
cardholder information is maintained by the issuing institutions.
Similarly, information about the merchants that accept the card is
maintained by the acquiring institutions. Thus, many important anti-
money laundering functions of necessity reside with the issuing and
acquiring institutions, and, in the United States, existing anti-money
laundering regulations typically govern these institutions. However,
the initial and continuing authorization of institutions to issue a
credit card and process credit card transactions is within the sole
control of the operator of the credit card system.
---------------------------------------------------------------------------
\9\ Operators may well have complete information regarding
cardholders and merchants during the authorization and settlement
process, e.g., if the operator also serves as an issuer.
---------------------------------------------------------------------------
C. Existing Anti-Fraud Functions Performed by the Operator of a Credit
Card System
Incentives exist for the operator of a credit card system to
minimize financial losses caused by fraud in connection with the use of
its credit card. According to the industry, those incentives encourage
operators to scrutinize institutions seeking authorization to become
issuers or acquirers to ensure that member institutions themselves do
not pose an unreasonable risk of loss, whether through participation in
fraud or through their issuing or acquiring functions. This interim
final rule seeks to take advantage of those existing practices by
increasing the scope of the due diligence conducted by the operator to
include the potential for money laundering or terrorist financing.
Operators of credit card systems support the efforts of issuing and
acquiring institutions in the detection of fraudulent uses of their
credit cards. Some of the methods for identifying irregular and
possibly fraudulent transactions are quite sophisticated. For example,
operators and some issuers use computers to flag potentially fraudulent
uses of credit cards as the purchases are authorized, cleared, and
settled by comparing recent purchases with the cardholder's purchase
history as well as known typologies of fraudulent uses. At this time,
Treasury does not necessarily intend to require operators of credit
card systems, as part of their anti-money laundering program, to use
this type of fraud detection capabilities to detect potential money
laundering or terrorist financing. The reason is practical--it is not
clear that potential money laundering or terrorist financing can be
easily identified with the current technology that evaluates
transactions passing through the operator's system. However, Treasury
hopes to work with operators of credit card systems going forward to
develop, where possible, typologies of money laundering or terrorist
financing that may be capable of being identified through existing
fraud detection mechanisms.\10\
---------------------------------------------------------------------------
\10\ FinCEN, in conjunction with the Bank Secrecy Act Advisory
Group, publishes an annual SAR Activity Review that discusses
typologies revealed in SAR filings.
---------------------------------------------------------------------------
D. Money Laundering and Terrorist Financing Risks Associated with
Credit Cards from the Perspective of the Operator of a Credit Card
System
Once in the hands of a consumer, a general purpose credit card is
designed to facilitate the purchase of goods or services or the
securing of cash advances worldwide with minimal delay. But the very
attributes that make credit cards attractive to legitimate consumers
are the attributes that make them susceptible to potential abuse. The
myriad ways in which credit cards may be abused for money laundering or
terrorist financing are beyond the scope of this preamble.\11\ Instead,
the primary focus of this interim final rule is on the risks--and the
need to minimize them--associated with the operator authorizing, and
maintaining authorization for, issuing and acquiring institutions.
---------------------------------------------------------------------------
\11\ The GAO is currently drafting a report that will analyze
money laundering in the credit card industry.
---------------------------------------------------------------------------
Absent effective anti-money laundering controls in issuing and
acquiring institutions, the use of a credit card may provide a
convenient way for money launderers or those financing terrorism to
access their tainted funds all over the world. For example, if a
foreign bank lacking adequate anti-money laundering controls is
authorized
[[Page 21124]]
to issue a credit card capable of being used in the United States,
there exists an increased risk that illicit funds located in the
foreign bank may be accessed--and those funds injected into the U.S.
financial system--by account holders using the credit card in the
United States to make purchases, obtain cash advances, or, if it is a
dual use card, use the card as a debit card. The problem is exacerbated
by the fact that the operator of the credit card system that clears and
settles transactions might not have information about the identity of
the cardholder or the source of funds used to pay the debts at the time
the transactions are processed.
Under the Act, and even prior to the Act, numerous restrictions and
heightened due diligence requirements were placed on U.S. banks and
securities brokers and dealers maintaining accounts for certain types
of foreign banks and foreign banks located in jurisdictions identified
as lacking adequate anti-money laundering controls and supervision. In
this way, the Act seeks to eliminate or minimize known risks to the
U.S. financial system, even requiring the termination of accounts for
certain financial institutions when the risk is deemed too high.
Examples of known risks identified by the Act include maintaining
``correspondent accounts'' for: (1) Foreign banks located in
jurisdictions identified as lacking basic anti-money laundering
controls; (2) foreign shell banks, that is, banks with no physical
presence in any jurisdiction; and (3) foreign banks operating under an
offshore banking license.\12\
---------------------------------------------------------------------------
\12\ See Act sections 312 and 313; see also Minority Staff of
the Senate Permanent Subcommittee on Investigations, 107th Cong.,
Correspondent Banking: A Gateway for Money Laundering, 14-18 (S.
Prt. 2001). Congress defined a ``correspondent account'' broadly in
the Act to include any ``account established to receive deposits
from, make payments on behalf of a foreign financial institution, or
handle other financial transactions related to such institution.''
Act section 311 (31 U.S.C. 5318A(e)(1)(B)). Treasury is now
considering comments received on a previous proposed rule in which
the statutory definition was adopted without limitation. See 66 FR
67460 (Dec. 28, 2001) (implementing sections 313 and 319(b) of the
Act).
---------------------------------------------------------------------------
Despite the risks associated with these identified foreign
financial institutions, the prohibitions or enhanced due diligence
obligations have not been applied directly to operators of credit card
systems that may well authorize foreign financial institutions to issue
their credit cards and access their systems. But if such foreign banks
were authorized to issue credit cards capable of being used in the
United States, customers of such banks would have the opportunity to
inject illicit funds into the U.S. financial system.
Recent examples confirm the potential for utilizing a credit card
system to access in the United States funds located in a foreign
financial institutions. The Internal Revenue Service has successfully
sought permission to serve ``John Doe'' subpoenas on MasterCard
International, American Express Travel Related Services Co., and VISA
International seeking records relating to U.S. citizens with credit,
charge, and debit cards issued by banks or other financial institutions
located in identified tax havens. According to the IRS, U.S. citizens
are using credit, charge, and debit cards to access in the United
States funds placed in these foreign banks and financial institutions
to avoid U.S. taxes. The tax haven jurisdictions do not disclose
account information to the United States for purposes of enforcing U.S.
tax laws. If credit cards can be used to access funds located in tax
havens to avoid U.S. income tax obligations, credit cards have the
potential to be used to access illicit funds located in money
laundering havens if banks in those jurisdictions are given permission
by the operator of the credit card system to issue the credit cards.
The same principle holds true for illicit funds deposited in U.S.
financial institutions that issue credit cards. To the extent the
issuing institution lacks sufficient anti-money laundering controls,
issuance of a credit card would allow easy and seemingly ``clean''
access to tainted funds.
E. The Anti-Money Laundering Program
As the foregoing discussion demonstrates, the anti-money laundering
program required by this interim final rule is designed primarily to
ensure that operators of credit card systems conduct sufficient due
diligence on those banks or other entities that they authorize to be
issuing or acquiring institutions. Such due diligence should be
performed prior to accepting the institution into the system, and on an
on-going basis with a frequency that is commensurate with the risk
posed by the particular institution. The anti-money laundering program
must also have procedures to minimize the opportunity for money
laundering or terrorist financing when identified high-risk
institutions are issuing or acquiring institutions. In fulfilling
obligations under the interim final rule, it is expected that operators
will tailor existing rules and guidelines governing member institutions
to minimize the risk of money laundering or terrorist financing.
Finally, the program should be risk-based, meaning that resources
should be devoted to those areas that pose the greatest risk of money
laundering or terrorist financing. This interim final rule is meant to
provide guidance to operators on identified risks.
The focus of the rule is on what operators can and do control, and
it may be that most are already taking the steps outlined in this rule.
The interim final rule is not intended to place the operator of a
credit card system in the role of guaranteeing that no issuing or
acquiring institutions permit money laundering or terrorist financing
through the use of the operator's credit card. To the contrary, while
the operator of the credit card system will play an important role in
minimizing the risk of abuse by controlling access to the system,
perhaps even denying access to institutions posing an unreasonable risk
of money laundering or terrorist financing, the operator should not be
placed in the role of regulating issuing or acquiring institutions.
Finally, in addition to compliance with mandatory regulatory
requirements, Treasury and FinCEN encourage operators of credit card
systems to have procedures for voluntarily reporting suspected
terrorist activity to FinCEN using its Financial Institutions Hotline
(1-866-556-3974).
II. Section-by-Section Analysis
A. Section 103.135(a)--Definitions
The definition of an operator of a credit card system is a
functional one. It includes any entity that (1) operates a system that
clears and settles transactions involving its credit card; and (2)
authorizes another entity to serve as an issuing or acquiring
institution for the operator's credit card. The credit card must be
capable of being used in the United States. An operator may be a bank,
a consortium or association of banks, or any other entity performing
the functions described. All operators of credit card systems doing
business in the United States are covered by the interim final rule.
Issuing and acquiring institutions within such systems need not be
located in the United States and may be foreign entities. An issuing
institution is any entity authorized by the operator to issue the
operator's credit card. An acquiring institution is any entity
authorized by the operator to contract with merchants to process
transactions involving the operator's credit card. The interim final
rule adopts the definition of a credit card found in the Truth in
Lending Act, a definition that includes charge cards. Finally, debit
cards
[[Page 21125]]
capable of being used as a credit card are covered by this interim
final rule.
B. Section 103.135(b) and (c)--The Required Anti-Money Laundering
Program
Section 103.135(b) requires that each operator of a credit card
system have an anti-money laundering program reasonably designed to
prevent the system from being used to launder money or to finance
terrorist activities. The program must be in writing and approved by
senior management. The minimum requirements for the anti-money
laundering program are set forth in section 103.135(c). Beyond these
minimum requirements, however, the anti-money laundering program is
designed to give operators of a credit card system flexibility to
design their programs to meet the specific risks presented. The steps
necessary to guard against an institution, foreign or domestic, issuing
or processing transactions involving the credit card in connection with
money laundering when the institution does not fall within a high risk
category may be minimal if the institution and its anti-money
laundering controls are well known to the operator. The fact that a
member institution is a foreign bank or entity is not itself
determinative of the risk posed.
The minimum standards for the anti-money laundering program set
forth in this interim final rule become effective July 24, 2002.
1. Section 103.135(c)(1)--Policies, Procedures and Internal Controls
Section 103.135(c)(1) requires the operator's anti-money laundering
program to include policies, procedures and internal controls focused
on the process of authorizing and maintaining authorization for issuing
and acquiring institutions. This provision will thus involve the
operator tailoring existing anti-fraud and risk of loss assessment
procedures to ensure that money laundering and terrorist financing
risks are taken into account. It will further involve the operator
adapting existing licensing or membership agreements to ensure that
member banks and entities fulfill their obligations to assist the
operator in guarding against money laundering and terrorist financing.
Finally, the interim final rule makes clear that this obligation is
ongoing. The frequency with which banks or entities are reviewed to
ensure compliance with required procedures will depend upon the
operator's assessment of the risk posed by the particular bank or
entity.
It is anticipated that the type of information to be considered by
the operator in evaluating the risks of money laundering or terrorist
financing posed by an issuing or acquiring institution will include
many of the same factors that bear on whether the institution
represents a risk of fraud or insolvency. In addition, the operator
must consider information concerning the institutions, the
jurisdictions in which they are located or licensed, and any other
money laundering or terrorist financing information provided by
Treasury, FinCEN, and other U.S. government sources. Information in
publicly available sources should be considered as well. In some
situations, information relevant to anti-money laundering controls or
risks may need to be obtained from the institution itself, e.g.,
information relating to the institution's anti-money laundering
controls. If an operator is unable to obtain sufficient information
from existing or potential issuing or acquiring institutions, this must
be taken into account in evaluating the overall money laundering or
terrorist financing risk.
For the purpose of making the risk assessment required by
Sec. 103.135(c)(1)(i), Sec. 103.135(c)(1)(ii) sets forth the
presumption that certain categories of foreign banks or other
institutions pose an increased, or in some cases an unreasonable, risk
of money laundering or terrorist financing. Accordingly, an operator's
anti-money laundering program must be designed to ensure that the
institutions identified under this paragraph, if they are permitted to
serve as issuing or acquiring institutions, have received a thorough
assessment of the risk of money laundering or terrorist financing that
they pose in connection with the issuance or acceptance of the
operator's credit card. Additionally, the anti-money laundering program
must also ensure that the operator has taken reasonable steps to
minimize the risks associated with such institutions.
Within this collection of high risk institutions, even though there
is a presumption of a heightened risk, operators still retain the
flexibility to assess the risk posed in each case to determine whether
and under what conditions such an institution may serve as an issuing
or acquiring institution. Some of the categories of institutions within
this paragraph have been effectively cut off from the U.S. financial
system, e.g., foreign shell banks that are not regulated affiliates.
Given the unreasonable risk that funds located in such financial
institutions are derived from the proceeds of illegal activities or
directly support terrorism, there is a significantly heightened risk
that allowing them to issue a credit card will introduce the illicit
funds into the U.S. financial system. In such cases, the steps
necessary to guard against money laundering or terrorist financing by
such institutions in connection with the operator's credit card will be
comprehensive. On the other hand, other institutions within this list
may, upon examination, pose a less significant risk of money laundering
or terrorist financing. As a result, the reasonable steps to be taken
by the operator to guard against money laundering or terrorist
financing will be reduced.
As with all issuing and acquiring institutions, the obligation to
assess money laundering and terrorist financing risks applies to both
prospective and existing issuing or acquiring institutions. However,
institutions falling within the categories identified in
Sec. 103.135(c)(1)(ii), because they pose greater risks, should be
reviewed by the operator with greater frequency.
By identifying certain high risk institutions, we do not intend to
imply that no other institutions pose similar risks. To the contrary,
it is incumbent upon the operator to ensure that its anti-money
laundering program will identify other institutions posing similar
risks.
Section 103.135(c)(1)(iii) confirms that operators of a credit card
system must ensure the operators' compliance with any applicable
provisions of the BSA or the implementing regulations. At this time,
the only BSA provision applicable to an operator of a credit card
system, with the exception of this interim final rule, is the
obligation to report on Form 8300 the receipt of cash or certain
monetary instruments totaling more than $10,000 in one transaction or
two or more transactions. Given the functions performed by the operator
of a credit card system, it seems unlikely that cash or cash
equivalents will be received. However, this provision is inserted in
the interim final rule in the event future BSA requirements are imposed
on operators of credit card systems.
2. Sections 103.135(c)(2)-(4)--The Compliance Officer, Employee
Training, and the Independent Assessment
In connection with its anti-money laundering program, the operator
of a credit card system must designate a person or persons to be
responsible for administering the anti-money laundering program. The
person or persons should be competent and knowledgeable regarding BSA
requirements and money laundering issues and risks, and be empowered
with full responsibility and authority to
[[Page 21126]]
develop and enforce appropriate policies and procedures. The role of
the compliance officer is to ensure that (1) the program is
implemented; (2) appropriate due diligence is being conducted on
existing and potential issuers and acquirers in accordance with the
requirements of this interim final rule; and (3) the program is updated
to reflect new directives from Treasury or FinCEN. The compliance
officer is also responsible for ensuring that appropriate personnel are
trained and educated in accordance with section 103.135(c)(3).
Employee training is an integral part of any anti-money laundering
program. Those employees with responsibility under the program must be
trained in the requirements of this rule and money laundering risks
generally so that ``red flags'' associated with existing or potential
issuing or acquiring institutions can be identified. Such training
could be conducted by outside or in-house seminars, and could include
computer-based training. The nature, scope, and frequency of the
education and training program of the operator will depend upon the
functions performed. However, those with obligations under the anti-
money laundering program must be sufficiently trained to carry out
their responsibilities effectively. Moreover, these employees should
receive periodic updates and refreshers regarding the anti-money
laundering program.
Finally, the program must provide for an independent audit of the
program on a periodic basis to ensure that it complies with this
interim final rule and that it functions as designed. Although the
interim final rule refers to an audit, the term does not equate with a
financial audit and need not be performed by an outside consultant or
accountant. The independent audit may be performed by an employee of
the operator, so long as the auditor is not the compliance officer or
others involved in administering the program. The frequency of the
independent audit will depend upon the operator's assessment of the
risks posed. The audit should be accompanied by a written assessment or
report, and any recommendations resulting from such review should be
implemented promptly or reviewed by senior management.
III. Administrative Procedure Act
The provisions of 31 U.S.C. 5318(h)(1), requiring all financial
institutions to establish anti-money laundering programs with at least
four identified elements, become effective April 24, 2002. This interim
rule provides guidance to operators of credit card systems on how to
comply with the law in effect on that date and does not impose any
obligation on any financial institution that is not required by section
352 of the Act. Accordingly, good cause is found to dispense with
notice and public procedure as unnecessary pursuant to 5 U.S.C.
553(b)(B), and to make the provisions of the interim rule effective in
less than 30 days pursuant to 5 U.S.C. 553(d)(1) and (3).
VI. Paperwork Reduction Act
This regulation is being issued without prior notice and public
procedure pursuant to the Administrative Procedure Act (5 U.S.C. 553).
For this reason, the collection of information contained in this
interim final rule has been reviewed under the requirements of the
Paperwork Reduction Act (44 U.S.C. 3507(j)) and, pending receipt and
evaluation of public comments, approved by the Office of Management and
Budget (OMB) under control number 1506-0020. An agency may not conduct
or sponsor, and a person is not required to respond to, a collection of
information unless it displays a valid control number assigned by OMB.
The collection of information in this interim final rule is in 31
CFR 103.135(b). The information will be used by federal agencies to
verify compliance by operators of credit card systems with the
provisions of 31 CFR 103.135. The collection of information is
mandatory. The likely recordkeepers are businesses.
In accordance with the requirements of the Paperwork Reduction Act
of 1995, 44 U.S.C. 3506(c)(2)(A), and its implementing regulations, 5
CFR 1320, the following information concerning the collection of
information as required by 31 CFR 103.135(b) is presented to assist
those persons wishing to comment on the information collection.
Description of Recordkeepers: Operators of Credit Card Systems, as
defined in 31 CFR 103.135(a).
Estimated Number of Recordkeepers: 6.
Estimated Average Annual Burden Hours Per Recordkeeper: The
estimated average burden associated with the collection of information
in this interim final rule is 1 hour per recordkeeper.
Estimated Total Annual Recordkeeping Burden: 6 hours.
Comments concerning the collection of information should be sent to
the Office of Management and Budget, Attn: Alexander T. Hunt, Office of
Information and Regulatory Affairs, Office of Management and Budget,
New Executive Office Building, Room 3208, Washington, DC 20503, with
copies to FinCEN at Department of the Treasury, Financial Crimes
Enforcement Network, Post Office Box 39, Vienna, Virginia, 22183.
FinCEN specifically invites comments on the following subjects: (a)
Whether the collection of information is necessary for the proper
performance of the mission of FinCEN, including whether the information
shall have practical utility; (b) the accuracy of FinCEN's estimate of
the burden of the collection of information; (c) ways to enhance the
quality, utility, and clarity of the information to be collected; (d)
ways to minimize the burden of the collection of information on
respondents, including through the use of automated collection
techniques or other forms of information technology; and (e) estimates
of capital or start-up costs and costs of operation, maintenance, and
purchase of services to provide information.
V. Regulatory Flexibility Act
Because no notice of proposed rulemaking is required for this
interim final rule, the provisions of the Regulatory Flexibility Act (5
U.S.C. 601 et seq.) do not apply.
VI. Executive Order 12866
This interim final rule is not a ``significant regulatory action''
as defined in Executive Order 12866. Accordingly, a regulatory
assessment is not required.
List of Subjects in 31 CFR Part 103
Banks, banking, Brokers, Counter money laundering, Counter-
terrorism, Currency, Foreign banking, Reporting and recordkeeping
requirements.
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FOREIGN TRANSACTIONS
1. The authority citation for part 103 continues to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331;
title III, secs. 314, 352, Pub. L. 107-56, 115 Stat. 307.
2. In subpart I, add new Sec. 103.135 to read as follows:
Sec. 103.135 Anti-money laundering programs for operators of credit
card systems.
(a) Definitions. For purposes of this section:
(1) Operator of a credit card system means any person doing
business in the United States that operates a system for clearing and
settling transactions in
[[Page 21127]]
which the operator's credit card, whether acting as a credit or debit
card, is used to purchase goods or services or to obtain a cash
advance. To fall within this definition, the operator must also have
authorized another person (whether located in the United States or not)
to be an issuing or acquiring institution for the operator's credit
card.
(2) Issuing institution means a person authorized by the operator
of a credit card system to issue the operator's credit card.
(3) Acquiring institution means a person authorized by the operator
of a credit card system to contract, directly or indirectly, with
merchants or other persons to process transactions, including cash
advances, involving the operator's credit card.
(4) Operator's credit card means a credit card capable of being
used in the United States that:
(i) Has been issued by an issuing institution; and
(ii) Can be used in the operator's credit card system.
(5) Credit card has the same meaning as in 15 U.S.C. 1602(k). It
includes charge cards as defined in 12 CFR 226.2(15).
(6) Foreign bank means any organization that is organized under the
laws of a foreign country; engages in the business of banking; is
recognized as a bank by the bank supervisory or monetary authority of
the country of its organization or the country of its principal banking
operations; and receives deposits in the regular course of its
business. For purposes of this definition:
(i) The term foreign bank includes a branch of a foreign bank in a
territory of the United States, Puerto Rico, Guam, American Samoa, or
the U.S. Virgin Islands.
(ii) The term foreign bank does not include:
(A) A U.S. agency or branch of a foreign bank; and
(B) An insured bank organized under the laws of a territory of the
United States, Puerto Rico, Guam, American Samoa, or the U.S. Virgin
Islands.
(b) Anti-money laundering program requirement. Effective July 24,
2002, each operator of a credit card system shall develop and implement
a written anti-money laundering program reasonably designed to prevent
the operator of a credit card system from being used to facilitate
money laundering and the financing of terrorist activities. The program
must be approved by senior management. Operators of credit card systems
must make their anti-money laundering programs available to the
Department of the Treasury or the appropriate Federal regulator for
review.
(c) Minimum requirements. At a minimum, the program must:
(1) Incorporate policies, procedures, and internal controls
designed to ensure the following:
(i) That the operator does not authorize, or maintain authorization
for, any person to serve as an issuing or acquiring institution without
the operator taking appropriate steps, based upon the operator's money
laundering or terrorist financing risk assessment, to guard against
that person issuing the operator's credit card or acquiring merchants
who accept the operator's credit card in circumstances that facilitate
money laundering or the financing of terrorist activities;
(ii) For purposes of making the risk assessment required by
paragraph (c)(1)(i) of this section, the following persons are presumed
to pose a heightened risk of money laundering or terrorist financing
when evaluating whether and under what circumstances to authorize, or
to maintain authorization for, any such person to serve as an issuing
or acquiring institution:
(A) A foreign shell bank that is not a regulated affiliate, as
those terms are defined in 31 CFR 104.10(e) and (j);
(B) A person appearing on the Specially Designated Nationals List
issued by Treasury's Office of Foreign Assets Control;
(C) A person located in, or operating under a license issued by, a
jurisdiction whose government has been identified by the Department of
State as a sponsor of international terrorism under 22 U.S.C. 2371;
(D) A foreign bank operating under an offshore banking license,
other than a branch of a foreign bank if such foreign bank has been
found by the Board of Governors of the Federal Reserve System under the
Bank Holding Company Act (12 U.S.C. 1841, et seq.) or the International
Banking Act (12 U.S.C. 3101, et seq.) to be subject to comprehensive
supervision or regulation on a consolidated basis by the relevant
supervisors in that jurisdiction;
(E) A person located in, or operating under a license issued by, a
jurisdiction that has been designated as noncooperative with
international anti-money laundering principles or procedures by an
intergovernmental group or organization of which the United States is a
member, with which designation the United States representative to the
group or organization concurs; and
(F) A person located in, or operating under a license issued by, a
jurisdiction that has been designated by the Secretary of the Treasury
pursuant to 31 U.S.C. 5318A as warranting special measures due to money
laundering concerns;
(iii) That the operator is in compliance with all applicable
provisions of subchapter II of chapter 53 of title 31, United States
Code and this part;
(2) Designate a compliance officer who will be responsible for
assuring that:
(i) The anti-money laundering program is implemented effectively;
(ii) The anti-money laundering program is updated as necessary to
reflect changes in risk factors or the risk assessment, current
requirements of part 103, and further guidance issued by the Department
of the Treasury; and
(iii) Appropriate personnel are trained in accordance with
paragraph (c)(3) of this section;
(3) Provide for education and training of appropriate personnel
concerning their responsibilities under the program; and
(4) Provide for an independent audit to monitor and maintain an
adequate program. The scope and frequency of the audit shall be
commensurate with the risks posed by the persons authorized to issue or
accept the operator's credit card. Such audit may be conducted by an
officer or employee of the operator, so long as the reviewer is not the
person designated in paragraph (c)(2) of this section or a person
involved in the operation of the program.
Dated: April 23, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
[FR Doc. 02-10455 Filed 4-24-02; 4:09 pm]
BILLING CODE 4810-02-P