OCC Presages Regulators’ Joint Statement on Banks Using Technological Innovation to Comply with BSA/AML Obligations
Second Post in a Two-Part Series
In our first post in this series, we described how the U.S. Senate Committee on Banking, Housing, and Urban Affairs (the “Banking Committee”) met in open session late last week to conduct a hearing on “Combating Money Laundering and Other Forms of Illicit Finance: Regulator and Law Enforcement Perspectives on Reform.” The Banking Committee heard the testimony of, and questioned, representatives from the FinCEN, the OCC, and the FBI. The partial backdrop of this hearing is that Congress is considering a draft bill, the Counter Terrorism and Illicit Finance Act (“CTIFA”), which proposes the most substantial overhaul to the Bank Secrecy Act (“BSA”) since the PATRIOT Act. As we have noted, three individuals testified at this hearing:
- Kenneth A. Blanco, Director of FinCEN (written remarks here);
- Steven D’Antuono, Section Chief of the FBI’s Financial Crimes Section (written remarks here); and
- Grovetta Gardineer, Senior Deputy Comptroller for Compliance and Community Affairs of the OCC (written remarks here).
In our first post, we discussed some of the tensions which emerged during the hearing between the OCC, which emphasized attempting to ease BSA regulatory burdens, particularly for small- to medium-sized community banks, and FinCEN and the FBI, which stressed the value of BSA filings to law enforcement. Today, we discuss the some of the less contentious – although still critical – issues addressed during the hearing, which covered much of the current AML landscape:
- exploration by financial institutions of technological innovation, including artificial intelligence, in order to comply more efficiently with their BSA/AML obligations;
- identification of the beneficial owners of legal entities; and
- the role of real estate in money laundering schemes.
Technological Innovation by Industry to Comply with BSA/AML Obligations
During the hearing and in her written remarks—and consistent with her theme of attempting to ease AML regulatory burdens and enhance the efficiency of the BSA regulatory regime—Ms. Gardineer stated that the OCC “encourages banks to explore technology that allows them to maintain their risk focus and gain process and system efficiencies.” In part, this is because the OCC believes that “[n]ew technologies such as artificial intelligence (AI) and machine learning offer banks opportunities to better manage their costs and increase the ability of their monitoring systems to identify suspicious activity, while reducing the number of false positive alerts and investigations.” Ms. Gardineer testified that regulators soon would release a joint statement on the topic.
Indeed, on December 3, 2018, FinCEN, the OCC, the Board of Governors of the Federal Reserve System (the “Federal Reserve”), the Federal Deposit Insurance Corporation (“FDIC”), and the National Credit Union Administration (“NCUA”) (collectively, the “Agencies”) released a Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing. The purpose of the statement is to “encourage banks to consider, evaluate, and, where appropriate, responsibly implement innovative approaches to meet their [BSA/AML] compliance obligations.”
The key terms here are “where appropriate” and “responsibly,” as the Joint Statement appears to encourage banks to engage in these innovative efforts cautiously. Importantly, the Agencies agreed not to penalize or criticize bans that decline to implement innovative programs. More explicitly, the Agencies warned that bank management “should prudently evaluate whether, and at what point, innovative approaches may be considered sufficiently developed to replace or augment existing BSA/AML processes.” This suggests that in most circumstances, banks should implement innovative pilot programs in addition to, rather than instead of, existing BSA/AML protections and protocols. If a bank does decide to implement innovative BSA/AML processes, it should evaluate factors such as information security issues, third-party risk management, and compliance with other applicable laws and regulations before implementing such processes.
The Agencies have provided some incentives to banks wishing to undertake innovative initiatives. First, the Agencies have agreed not to penalize banks who undertake an innovative “pilot program” even if the program proves unsuccessful. Moreover, the Agencies promise that banks “will not necessarily” be punished if an innovative program identifies a gap or flaw in the existing BSA/AML framework. For example, the Statement provides, “when banks test or implement artificial intelligence-based transaction monitoring systems and identify suspicious activity that would not otherwise have been identified under existing processes, the Agencies will not automatically assume that the banks’ existing processes are deficient. In these instances, the Agencies will assess the banks’ existing suspicious activity monitoring processes independent of the results of the pilot program.” In an effort to assuage smaller, community banks, the Agencies promise that “the implementation of innovative approaches in banks’ BSA/AML compliance programs will not result in additional regulatory expectations.” This seems to be a questionable promise in the long-term, because effective innovations identified—although perhaps obscure now—are likely to become increasingly accessible.
The Agencies encourage “early engagement” from banks to discuss contemplated pilot programs for innovative BSA/AML processes. This will afford the Agencies an opportunity to understand a given bank’s contemplated approach and to provide feedback. This pseudo-approval process also will afford banks an opportunity to cover themselves in the event the program comes under future scrutiny.
According to the Statement, the Agencies are continuing to “explor[e] additional methods to encourage innovation,” identifying specifically the efforts made through the BSAAG, which Blanco repeatedly touted at the hearing. If banks wish to share feedback on how the Agencies can best support innovative BSA/AML programs, they may contact FinCEN directly at FRC@fincen.gov.
Not surprisingly, there were repeated – albeit general – claims made about the importance of pursuing beneficial ownership information, which has been a key topic in U.S. and global AML enforcement for years, and the subject of a major recent FinCEN regulation regarding customer due diligence (“CDD”). After asking rhetorically why “didn’t more alarm bells go off when Paul Manafort was making huge payments for luxury items from anonymous bank accounts in Cyprus?”, Ranking Member Senator Sherrod Brown (D-Ohio) urged a revamping and strengthening of the beneficial ownership rules, in order to “shed once and for all the U.S. reputation of being a haven for anonymous shell companies.” The written and verbal statements of Director Blanco and Mr. D’Antuono likewise stressed the importance of beneficial ownership. Mr. D’Antuono asserted that the new CDD rule merely represents “a remedial step to degrade illicit actors’ use of opaque shell structures to conceal movement of illicit funds,” and “the [current] lack of an obligation to collect beneficial ownership information at the time of company formation is a significant gap.”
The above comments likely did not occur in a vacuum. As we have blogged, the original version of the CTIFA would have required – subject to civil and criminal penalty provisions – non-exempt companies formed in the U.S. to disclose their real beneficial owners to FinCEN. However, an amended version of the bill before the House eliminates the beneficial ownership provision entirely; in its place, the bill merely requires the Comptroller General of the United States “to submit a report evaluating the effectiveness of the collection of beneficial ownership information under the [CDD] regulation as well as the regulatory burden and costs imposed on financial institutions subject to it.” Although most of the discussion before the Committee seemed to focus on the particular monetary thresholds for SAR and CTR reporting, the issue of the breadth of beneficial ownership reporting is arguably a much more important and fundamental AML issue, and it will be interesting to see how this debate plays out over time.
Senators Cortez-Nasto (D-Nevada) and Menendez (D-New Jersey) each raised whether the Senate needs to expand the AML/BSA regime to cover real estate transactions. Although Director Blanco responded by stating that FinCEN’s lack of insight into this area was “a glitch needing repair,” the BSA already explicitly defines a covered “financial institution” to include “persons involved in real estate closings and settlements.” The next step in this key area would be for FinCEN to issue proposed regulations. FinCEN of course has implemented since January 2016 geographic targeting orders (“GTOs”), of increasing breadth, that require U.S. title insurance companies in certain designated markets to identify the natural persons behind legal entities used in purchases of residential real estate performed without a bank loan or similar form of external financing. According to Director Blanco, FinCEN has learned “a lot” of important information from the GTOs. Further, and as we have blogged, the website for the OMB’s Office of Information and Regulatory Affairs currently states that, by the end of 2018, “FinCEN will issue an [Advance Notice of Proposed Rule Making] soliciting information regarding various businesses and professions, including real estate brokers that could be covered by the BSA as persons involved in real estate closings and settlements[,]” with the comment period to extend through to December 2019. Over 15 years ago, in April 2003, FinCEN issued a similar advanced notice of proposed rule making regarding AML program requirements for persons involved in real estate closings and settlements — but never issued a final rule. Now, given the data from years of GTOs, coupled with the heightened global scrutiny of the real estate industry, such regulations finally may occur.