ARTICLE
Compliance Update with Amy K by Amy Kleinschmit, Chief Compliance Officer BSA/AML Exam Manual Updates The FFIEC recently released additional updates to its BSA/AML Examination Manual. The updates affect sections relating to Charities and Nonprofit Organizations; Independent Automated Teller Machine Owners or Operators; and Politically Exposed Person. A new section was added to the manual – “Introduction – Customers.” Links to the updated sections can be found here. At the time of writing this article, these new sections had not yet been added to the online manual, which can be found here. The new section “Introduction – Customers” sets the tone and describes the purpose for the subsections found under “Risks Associated with Money Laundering and Terrorist Financing.” These subsections provide information and considerations that may indicate the need for additional policies/procedures/processes to address potential money laundering/terrorist financing or other illicit financial activity. The new section clearly states that, “Examiners are reminded that no specific customer type automatically presents a higher risk of ML/TF or other illicit financial activity. Further, banks that operate in compliance with applicable Bank Secrecy Act/anti-money laundering (BSA/AML) regulatory requirements and reasonably manage and mitigate risks related to the unique characteristics of customer relationships are neither prohibited nor discouraged from providing banking services to any specific class or type of customer.” This statement is repeated in each of the updated sections that are listed above. The new section also notes, “Not all customers pose the same risk, and not all customers of a particular type are automatically higher risk. The potential risk to a bank depends on the facts and circumstances specific to the customer relationship.” This is reiterated in the updated subsections. For example, with regard to independent ATM owners and operators, the updated language reminds examiners that “Not all independent ATM owner or operator customers pose the same risk, and not all independent ATM owner or operator customers are automatically higher risk. The potential risk to a bank depends on the facts and circumstances specific to the customer relationship, such as transaction volume, locations of the ATMs, and the source of funds to replenish the ATMs.” As it relates to the different customer types that are discussed in the exam manual, another highlight: “There is no BSA/AML regulatory requirement or supervisory expectation for banks to have unique or additional customer identification requirements or CDD steps for any particular group or type of customer. Consistent with a risk-based approach, the level and type of CDD should be commensurate with the risks presented by the customer relationship.” As required under Customer Due Diligence (CDD) requirements, credit unions must have “appropriate risk-based procedures for conducting ongoing CDD to understand the nature and purpose of customer relationships, and to develop customer risk profiles.” FinCEN – Proposed Rule The Financial Crimes Enforcement Network (FinCEN) has issued a proposed rule to require certain entities, or “reporting companies,” to file reports with FinCEN to identify beneficial owners. The proposed rule can be found here and comments are due February 7, 2022, and a fact sheet can be found here. This rulemaking will implement Section 6403 of the Corporate Transparency Act (CTA), enacted into law as part of the National Defense Authorization Act for Fiscal Year 2021. Section 6403 requires FinCEN to maintain the information that it collects under the CTA in a confidential, secure, and non-public database. It further authorizes FinCEN to disclose the information to certain government agencies, domestic and foreign, for certain purposes specified in the CTA; and to financial institutions to assist them in meeting their customer due diligence requirements. FinCEN will issue future rulemaking to revise its current regulation concerning customer due diligence (CDD) requirements for financial institutions. As credit unions are aware, the current CDD Rule requires credit unions to identify and verify the beneficial owners of legal entity customers when those customers open new accounts as part of those credit unions’ customer due diligence programs. Under the proposed rule, a “reporting company” must file a report to FinCEN that identifies each beneficial owner and each company applicant. For new companies after the rule goes into effect, this report must be filed within 14 days after it was formed. For existing companies, this report must be filed within one year of the new rules effective date. There are also requirements that the company keep the information current by filing updated reports. “Reporting company” is defined similar to “legal entity” for CDD beneficial ownership rules which credit unions are familiar with. Under the proposed rule a “reporting company” means either a domestic reporting company or a foreign reporting company. The term ‘‘domestic reporting company’’ means any entity that is: (A) A corporation; (B) Limited liability company; or (C) Other entity that is created by the filing of a document with a secretary of state or any similar office under the law of a State or Indian tribe. The term ‘‘foreign reporting company’’ means any entity that is: (A) A corporation, limited liability company, or other entity; (B) Formed under the law of a foreign country; and (C) Registered to do business in any State or tribal jurisdiction by the filing of a document with a secretary of state or any similar office under the law of a State or Indian tribe. Also similar to beneficial ownership rules that credit unions currently have to follow, there are a number of exemptions. CFPB – LIBOR Transition Final rule The Consumer Financial Protection Bureau (CFPB) issued a final rule to amend Regulation Z to address transitioning from LIBOR for both open-end and closed-end lending products. This final rule is effective on April 1, 2022. The CFPB has also updated its FAQs and PDFs of the mortgage servicing ARM interest rate adjustment forms, in addition to providing an executive summary of the final rule. These additional resources can be found here. As hopefully everyone is aware, LIBOR is sunsetting. NCUA has issued several letters on the topic, stressing that “The NCUA encourages all federally insured credit unions to transition away from using the U.S. dollar LIBOR settings as soon as possible, but no later than December 31, 2021.” To highlight a few of the changes, HELOC creditors and card issuers can transition away from using the LIBOR index to a replacement index on or after April 1, 2022, before LIBOR is expected to become unavailable. To accomplish this, this final rule imposes certain requirements on selecting a replacement index. HELOC creditors and card issuers must ensure that the APR calculated using the replacement index is substantially similar to the rate calculated using the LIBOR index, based generally on the values of these indices on October 18, 2021. The final rule also revises change-in-terms notice requirements for HELOCs and credit card accounts to notify consumers how the variable rates on their accounts will be determined going forward after the LIBOR index is replaced. This final rule ensures that the change-in-terms notices for these accounts will disclose the index that is replacing the LIBOR index and any adjusted margin that will be used to calculate a consumer’s rate, regardless of whether the margin is being reduced or increased. With regard to credit cards, the CFPB added an exception from the rate reevaluation provisions. Under current rules, when a card issuer increases a rate on a credit card account, the card issuer generally must complete an analysis reevaluating the rate increase every six months until the rate is reduced to a certain degree. To facilitate compliance, this final rule adds an exception from these requirements for increases that occur as a result of replacing a LIBOR index using the specific provisions described in the final rule for transitioning from a LIBOR index or as a result of the LIBOR index becoming unavailable. With regard to closed-end credit, the final rule provides details on how to determine whether a replacement index is a comparable index to a particular LIBOR index for purposes of the closed-end refinancing provisions. As always, DakCU members may contact Amy Kleinschmit at akleinschmit@dakcu.org with any compliance related questions.
Compliance Update with Amy K
by Amy Kleinschmit, Chief Compliance Officer
BSA/AML Exam Manual Updates
The FFIEC recently released additional updates to its BSA/AML Examination Manual. The updates affect sections relating to Charities and Nonprofit Organizations; Independent Automated Teller Machine Owners or Operators; and Politically Exposed Person. A new section was added to the manual – “Introduction – Customers.” Links to the updated sections can be found here. At the time of writing this article, these new sections had not yet been added to the online manual, which can be found here.
The new section “Introduction – Customers” sets the tone and describes the purpose for the subsections found under “Risks Associated with Money Laundering and Terrorist Financing.” These subsections provide information and considerations that may indicate the need for additional policies/procedures/processes to address potential money laundering/terrorist financing or other illicit financial activity.
The new section clearly states that, “Examiners are reminded that no specific customer type automatically presents a higher risk of ML/TF or other illicit financial activity. Further, banks that operate in compliance with applicable Bank Secrecy Act/anti-money laundering (BSA/AML) regulatory requirements and reasonably manage and mitigate risks related to the unique characteristics of customer relationships are neither prohibited nor discouraged from providing banking services to any specific class or type of customer.” This statement is repeated in each of the updated sections that are listed above.
The new section also notes, “Not all customers pose the same risk, and not all customers of a particular type are automatically higher risk. The potential risk to a bank depends on the facts and circumstances specific to the customer relationship.” This is reiterated in the updated subsections. For example, with regard to independent ATM owners and operators, the updated language reminds examiners that “Not all independent ATM owner or operator customers pose the same risk, and not all independent ATM owner or operator customers are automatically higher risk. The potential risk to a bank depends on the facts and circumstances specific to the customer relationship, such as transaction volume, locations of the ATMs, and the source of funds to replenish the ATMs.”
As it relates to the different customer types that are discussed in the exam manual, another highlight: “There is no BSA/AML regulatory requirement or supervisory expectation for banks to have unique or additional customer identification requirements or CDD steps for any particular group or type of customer. Consistent with a risk-based approach, the level and type of CDD should be commensurate with the risks presented by the customer relationship.”
As required under Customer Due Diligence (CDD) requirements, credit unions must have “appropriate risk-based procedures for conducting ongoing CDD to understand the nature and purpose of customer relationships, and to develop customer risk profiles.”
FinCEN – Proposed Rule
The Financial Crimes Enforcement Network (FinCEN) has issued a proposed rule to require certain entities, or “reporting companies,” to file reports with FinCEN to identify beneficial owners. The proposed rule can be found here and comments are due February 7, 2022, and a fact sheet can be found here.
This rulemaking will implement Section 6403 of the Corporate Transparency Act (CTA), enacted into law as part of the National Defense Authorization Act for Fiscal Year 2021. Section 6403 requires FinCEN to maintain the information that it collects under the CTA in a confidential, secure, and non-public database. It further authorizes FinCEN to disclose the information to certain government agencies, domestic and foreign, for certain purposes specified in the CTA; and to financial institutions to assist them in meeting their customer due diligence requirements.
FinCEN will issue future rulemaking to revise its current regulation concerning customer due diligence (CDD) requirements for financial institutions. As credit unions are aware, the current CDD Rule requires credit unions to identify and verify the beneficial owners of legal entity customers when those customers open new accounts as part of those credit unions’ customer due diligence programs.
Under the proposed rule, a “reporting company” must file a report to FinCEN that identifies each beneficial owner and each company applicant. For new companies after the rule goes into effect, this report must be filed within 14 days after it was formed. For existing companies, this report must be filed within one year of the new rules effective date. There are also requirements that the company keep the information current by filing updated reports.
“Reporting company” is defined similar to “legal entity” for CDD beneficial ownership rules which credit unions are familiar with. Under the proposed rule a “reporting company” means either a domestic reporting company or a foreign reporting company. The term ‘‘domestic reporting company’’ means any entity that is: (A) A corporation; (B) Limited liability company; or (C) Other entity that is created by the filing of a document with a secretary of state or any similar office under the law of a State or Indian tribe. The term ‘‘foreign reporting company’’ means any entity that is: (A) A corporation, limited liability company, or other entity; (B) Formed under the law of a foreign country; and (C) Registered to do business in any State or tribal jurisdiction by the filing of a document with a secretary of state or any similar office under the law of a State or Indian tribe. Also similar to beneficial ownership rules that credit unions currently have to follow, there are a number of exemptions.
CFPB – LIBOR Transition Final rule
The Consumer Financial Protection Bureau (CFPB) issued a final rule to amend Regulation Z to address transitioning from LIBOR for both open-end and closed-end lending products. This final rule is effective on April 1, 2022.
The CFPB has also updated its FAQs and PDFs of the mortgage servicing ARM interest rate adjustment forms, in addition to providing an executive summary of the final rule. These additional resources can be found here.
As hopefully everyone is aware, LIBOR is sunsetting. NCUA has issued several letters on the topic, stressing that “The NCUA encourages all federally insured credit unions to transition away from using the U.S. dollar LIBOR settings as soon as possible, but no later than December 31, 2021.”
To highlight a few of the changes, HELOC creditors and card issuers can transition away from using the LIBOR index to a replacement index on or after April 1, 2022, before LIBOR is expected to become unavailable. To accomplish this, this final rule imposes certain requirements on selecting a replacement index. HELOC creditors and card issuers must ensure that the APR calculated using the replacement index is substantially similar to the rate calculated using the LIBOR index, based generally on the values of these indices on October 18, 2021.
The final rule also revises change-in-terms notice requirements for HELOCs and credit card accounts to notify consumers how the variable rates on their accounts will be determined going forward after the LIBOR index is replaced. This final rule ensures that the change-in-terms notices for these accounts will disclose the index that is replacing the LIBOR index and any adjusted margin that will be used to calculate a consumer’s rate, regardless of whether the margin is being reduced or increased.
With regard to credit cards, the CFPB added an exception from the rate reevaluation provisions. Under current rules, when a card issuer increases a rate on a credit card account, the card issuer generally must complete an analysis reevaluating the rate increase every six months until the rate is reduced to a certain degree. To facilitate compliance, this final rule adds an exception from these requirements for increases that occur as a result of replacing a LIBOR index using the specific provisions described in the final rule for transitioning from a LIBOR index or as a result of the LIBOR index becoming unavailable.
With regard to closed-end credit, the final rule provides details on how to determine whether a replacement index is a comparable index to a particular LIBOR index for purposes of the closed-end refinancing provisions.
As always, DakCU members may contact Amy Kleinschmit at akleinschmit@dakcu.org with any compliance related questions.