Kaley Schafer |schaferk@ballardspahr.com | 202 777.6990 | view full bio

Kaley has a background in regulatory compliance and counsels on BSA/AML requirements, as well as other federal consumer financial regulations.  Prior to her role at Ballard Spahr, Kaley served as Director of Regulatory Compliance at the National Association of Federally-Insured Credit Unions, where she led the regulatory compliance team in developing new compliance materials and tools for NAFCU members, including as to BSA/AML issues.

Following up on its Notice of Proposed Rulemaking (“NPR”), which we discussed back in March, the Financial Crimes Enforcement Network (FinCEN) released on August 28th a final rule extending Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) requirements to certain investment advisers (Final Rule).

The Final Rule adds “investment adviser” to the definition of “financial institution” at 31 C.F.R. 1010.100(t).  The Final Rule applies to registered investment advisers (RIAs), and investment advisers (IAs) that report information to the Securities Exchange Commission (SEC) as exempt reporting advisers (ERAs), subject to certain exceptions. IAs generally must register with the SEC if they have over $110 million in assets under management (AUM). ERAs are investment advisers that (1) advise only private funds and have less than $150 million in AUM in the United States or (2) advise only venture capital funds.  

The Final Rule requires certain IAs to: (1) develop and maintain an AML/CFT compliance program; (2) file Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs); (3) comply with the Recordkeeping and Travel Rules; (4) respond to Section 314(a) requests; and (5) implement special due diligence measures for correspondent and private banking accounts.

FinCEN released a Fact Sheet in conjunction with the Final Rule, which becomes effective January 1, 2026.  

Continue Reading  FinCEN Finalizes Rule Subjecting Investment Advisers to AML/CFT Regulations

On August 29, the Financial Crimes Enforcement Center (“FinCEN”) published Anti-Money Laundering Regulations for Residential Real Estate Transfers (“Final Rule”) regarding residential real estate.  The Federal Register publication is 37 pages long.  We have created a separate document which sets forth only the provisions of the Final Rule, at 31 C.F.R. § 1031.320, here.

The Final Rule institutes a new BSA reporting form – the “Real Estate Report” (“Report”) –which imposes a nation-wide reporting requirement for the details of residential real estate transactions, subject to some exceptions, in which the buyer is a covered entity or trust.  As expected, FinCEN has adopted a “cascade” approach to who is responsible for filing a Report, specifically implicating – among others – title agencies, escrow companies, settlement agents, and lawyers. 

Importantly, the person filing the Report may reasonably rely on information provided by others.  Parties involved in a covered transaction also may agree as to who must file the Report.  However, the Final Rule does not allow for incomplete reports, which likely will create practical problems.

The Final Rule does not require covered businesses to implement and maintain comprehensive anti-money laundering (“AML”) compliance programs or file Suspicious Activity Reports (“SARs”), like many other institutions covered by the Bank Secrecy Act (“BSA”).  FinCEN has indicated that separate proposed rulemaking on commercial real estate transactions is forthcoming.  However, the existence of a commercial element with a property does not automatically except a transfer from the Final Rule.  For example, the transfer of a property that consists of a single-family residence that is located above a commercial enterprise is covered if all of the other reporting criteria are met.

FinCEN has published a Fact Sheet which summarizes the basics of the Final Rule.  FinCEN also has published an eight-page set of FAQs on the Final Rule.  The Final Rule will be effective on December 1, 2025.  FinCEN has not yet issued a proposed form of the Report.

Continue Reading  FinCEN Issues Final BSA Reporting Requirements for Residential Real Estate Deals

With Guest Speaker Nick St. John

We are very fortunate to have Nick St. John, Director of Federal Compliance at America’s Credit Unions, as our guest speaker in this podcast on the Notice of Proposed Rulemaking issued by the Financial Crimes Enforcement Network and federal banking regulators regarding the enhancement and modernization of anti-money

Thereby Highlighting Need for Future Changes to Banks’ CDD Rule Systems

The Financial Crimes Enforcement Network (“FinCEN”) has published a two-page reference guide (“Guide”) comparing the requirements for reporting beneficial ownership information (“BOI”) to FinCEN under the Corporate Transparency Act (“CTA”) with the current requirements for covered entity customers to report BOI to their financial institutions (“FIs”) under the Bank Secrecy Act’s Customer Due Diligence (“CDD”) Rule. 

Entitled “Notice to Customers: Beneficial Ownership Information Reference Guide,” the Guide is styled as a reference tool for business customers of banks who also are covered by the CTA.  It is predominated by a chart, which we set forth at the end of this blog post, setting forth the differences in what information needs to be reported under the different reporting regimes.  But, as we discuss, the Guide also serves as a reminder to FIs — intentionally or not — that they soon will be required to revamp their long-standing CDD Rule compliance systems.

Continue Reading  FinCEN Highlights Differences in CDD Rule and CTA Reporting of BOI

The federal banking agencies, including the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency (collectively the “Agencies”), issued a notice of proposed rulemaking (“Agencies’ NPRM”) to modernize financial institutions’ anti-money laundering and countering terrorist financing (“AML/CFT”) programs. The Agencies’ NPRM is consistent with FinCEN’s recent AML/CFT modernization proposal (“FinCEN’s NPRM”), on which we blogged here.

The Agencies’ NPRM does not substantively depart from FinCEN’s NPRM and requires the same program requirements. Although the Anti-Money Laundering Act (“AML Act”) did not require the Agencies to amend their regulations, the Agencies’ goal is to maintain consistent program requirements. The NPRM states that financial institutions will not be subject to any additional burdens in complying with differing standards between FinCEN and the Agencies.   

Continue Reading  Federal Banking Agencies Issue NPRM Consistent with FinCEN’s AML/CFT Modernization Proposal

On July 3, the Financial Crimes Enforcement Network (FinCEN) published a notice of proposed rulemaking (NPRM) as part of a broader initiative to “strengthen, modernize, and improve” financial institutions’ anti-money laundering and countering the financing of terrorism (AML/CFT) programs. In addition, the NPRM seeks to promote effectiveness, efficiency, innovation, and flexibility with respect to AML/CFT programs; support the establishment, implementation, and maintenance of risk-based AML/CFT programs; and strengthen the cooperation between financial institutions (“FIs”) and the government.

This NPRM implements Section 6101 of the Anti-Money Laundering Act of 2020 (the “AML Act”).  It also follows up on FinCEN’s September 2020 advanced notice of proposed rulemaking soliciting public comment on what it described then as “a wide range of questions pertaining to potential regulatory amendments under the Bank Secrecy Act (‘BSA’) . . . . to re-examine the BSA regulatory framework and the broader AML regime[,]” to which FinCEN received 111 comments.

As we will discuss, the NPRM focuses on the need for all FIs to implement a risk assessment as part of an effective, risk-based, and reasonably designed AML/CFT program.  The NPRM also focuses on how consideration of FinCEN’s AML/CFT Priorities must be a part of any risk assessment.  However, in regards to addressing certain important issues, such providing comfort to FIs to pursue technological innovation, reducing the “de-risking” of certain FI customers and meaningful government feedback on BSA reporting, the NPRM provides nothing concrete.

FinCEN has published a five-page FAQ sheet which summarizes the NPRM.  We have created a 35-page PDF, here, which sets forth the proposed regulations themselves for all covered FIs.

The NPRM has a 60-day comment period, closing on September 3, 2024.  Particularly in light of the Supreme Court’s recent overruling of Chevron deference, giving the courts the power to interpret statutes without deferring to the agency’s interpretation, this rulemaking, once finalized, presumably will be the target of litigation challenging FinCEN’s interpretation of the AML Act. 

Continue Reading  FinCEN Issues Proposed Rulemaking Aimed at Strengthening and Modernizing AML Programs Across Multiple Industries

The U.S. Department of the Treasury (“Treasury”) has released a Request for Information on the Uses, Opportunities, and Risks of Artificial Intelligence (“AI”) in the Financial Services Sector (“RFI”).  Written comments are due by August 12, 2024. 

AI is a broad topic and the term is sometimes used indiscriminately; as the RFI suggests, most AI systems being used or contemplated in the financial services sector involve machine learning, which is a subset of AI.  The RFI implicitly concedes that Treasury is playing “catch up” and quickly needs to learn more about AI and how industry is using it.  The RFI discusses a vast array of complex issues, including anti-money laundering (“AML”) and anti-fraud compliance, as well as fair lending and consumer protection concerns – particularly those pertaining to bias.

Continue Reading  Treasury Issues Request for Information on Use of AI in Financial Services

On May 13th, the Financial Crimes Enforcement Network (FinCEN) and the Securities Exchange Commission (SEC) issued a joint notice of proposed rulemaking (NPRM) that would require SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to establish a customer identification program (CIP). This joint NPRM is the second recent rulemaking effort aimed at investment advisers. In February, FinCEN issued a separate NPRM amending the definition in the Code of Federal Regulations of “financial institution” under the Bank Secrecy Act (BSA) to include investment advisers, which would require implementation of an anti-money laundering/countering terrorist financing (AML/CFT) compliance program. In this earlier NPRM, FinCEN alluded to a future joint rulemaking regarding CIP requirements for investment advisers.

The NPRM highlights that CIPs are long-standing, foundational components of an AML program. The NPRM requires a CIP similar to existing CIP requirements for other financial institutions, as FinCEN and the SEC want to ensure “effectiveness and efficiency” for investment advisers that are affiliated with other financial institutions, including banks, broker-dealers, or open-end investment companies that are already subject to CIP requirements.  

Background

Investment advisers have not been previously subject to CIP requirements, unless they were also a registered broker-dealer, a bank, or an operating subsidiary of a bank, and therefore already covered separately by the BSA. In many cases, investment advisers already voluntarily comply with CIP requirements, or their functional equivalent.

This joint NPRM implements section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the “USA PATRIOT Act”). Section 326 requires the Secretary of the Treasury to promulgate regulations setting forth the minimum standards for “financial institutions” regarding the identity of their customers in connection with the opening of an account at a financial institution. More specifically, and as the NPRM notes, the BSA defines “financial institution” to include, in a catch-all provision, “any business or agency which engages in any activity which the Secretary of the Treasury determines, by regulation, to be an activity which is similar to, related to, or a substitute for any activity in which any business described in this paragraph is authorized to engage[.]”  That is the statutory authority upon which this NPRM and the earlier NPRM rest.  If FinCEN’s proposed amendment to the regulatory definition of “financial institution” is finalized and survives any legal challenges, investment advisers will be required to implement and maintain a CIP, as well as AML programs.

Continue Reading  FinCEN and SEC Propose Rulemaking Requiring CIP for Investment Advisers

On April 18, the Financial Crimes Enforcement Network (“FinCEN”) released updated FAQs related to the Corporate Transparency Act (“CTA”) and Beneficial Ownership Information (“BOI”) Rule. The last round of updates occurred in January 2024. As we previously have reported, the FAQs do not create any new requirements and are intended to clarify the regulation. In total, there are 16 new FAQs and 2 updated FAQs. We have included brief summaries below.

One of the main take-aways is that FinCEN does not expect to provide access to CTA BOI to financial institutions (“FIs”) until 2025.  In the interim, FinCEN will issue the long-awaited proposed regulations seeking to align the CTA with the Customer Due Diligence (“CDD”) Rule already applicable to certain FIs, including banks, which requires FIs to obtain BOI from covered entity customers opening accounts.  This delay is likely very frustrating for FIs seeking to comply with the CTA and adjust their existing systems for complying with the CDD Rule.

Continue Reading  FinCEN Releases Updated BOI FAQs

In February 2024, the Federal Deposit Insurance Corporation (FDIC) entered into consent orders (here and here) with two banks who partner with fintechs to offer “banking as a service” (BaaS) related to safety and soundness concerns relating to compliance with the Bank Secrecy Act (BSA), compliance with applicable laws, and third-party oversight. 

BaaS refers to arrangements in which banks integrate their banking products and services into the services of non-bank third-party distributors and the distributors deliver the integrated banking services directly to the customer.  A common example of BaaS is banks’ delivery of lending services through fintech partners’ digital platforms.  BaaS has gained popularity in recent years as the bank partner can generally roll out banking services to customers at a much faster pace and for lower costs than traditional banking products and services.

These two consent orders do not arise in a vacuum.  In June 2023, the FDIC, Federal Reserve Board, and Office of the Comptroller of the Currency released final interagency guidance for their respective supervised banking organizations on managing risks associated with third-party relationships, including relationships with financial technology-focused entities such as bank/fintech sponsorship arrangements.  The guidance explained that supervisory reviews will evaluate risks and the effectiveness of risk management to determine whether activities are conducted in a safe and sound manner and in compliance with applicable laws and regulations.  At that time, we noted that we expected increased regulatory attention to bank/fintech partnership programs like the BaaS relationships addressed here.  Although these FDIC consent orders did not specifically cite to the interagency guidance, the guidance presumably was used to support the third-party oversight criticisms in the supervisory examinations of the two banks.

Continue Reading  Recent FDIC Consent Orders Reflect Ongoing Scrutiny of Bank Relationships with Fintechs