In the first part of this series we described the new beneficial ownership rule. We talked about the reasons that the rule was passed and we noted that the central idea of this rule is making sure that financial institutions get complete information when an account is opened for a legal entity. This is especially true when a legal entity has a complex ownership structure. There is a second aspect of the rule that changes the due diligence process for legal entities to a dynamic one. This portion of the rule is being called the “fifth pillar” of BSA/AML compliance programs.
Under the new Beneficial Ownership rule, the definition of due diligence is essentially changed, especially for accounts that are opened for legal entities. The rule specifically requires institutions to obtain background information on any person that owns, or controls the legal entity. For purposes of this rule, ownership is defined as anyone who maintains an ownership stake of 25% or more of the entity. Control means anyone who has a significant responsibility to manage or direct the entity. A controlling person could have zero ownership interest in an entity.
Currently information about the persons who control or own legal entities is not necessarily required, although as a best practice, this information should often be considered important to the due diligence process. The Beneficial Ownership rule makes obtaining the ownership and control information a requirement of the account opening and due diligence process. The rule also requires that financial institutions should write policies and procedures that reflect these requirements. The rule notes that the policies and procedures should be risk based and should detail the various steps taken based upon the risk rating of the account. The types of documentation that can be considered acceptable for meeting the requirements of the rule are described.
Due Diligence as a dynamic process
When developing your compliance program to meet the requirements of the new rule, consider that due diligence for legal entities should become a dynamic process. It won’t be enough to obtain ownership and control information at the time the account is opened and then stop. There must be ongoing monitoring of accounts for changes in the ownership or control and analysis of what those changes mean.
In recent years, one of the tactics that money launders have employed is to take over legitimate long standing business to hide “dirty money”. For example, in late 2014, the Los Angeles area garment industry was overrun by a scheme known as “Black Market Peso Exchanges. Drug money was used to purchase goods and then the goods were shipped to other countries where they were resold and converted back to cash. In many cases, the reason that this scheme was able to proceed was that the person or persons that desired to launder the money became a part owner of what was once a legitimate business.
In a similar manner, when a person who has bad intentions is able to control an entity, then the possibility that suspicious activity might occur goes up exponentially. An important part of ongoing monitoring for suspicious activity must be continuing due diligence on both the ownership and controlling persons of an entity.
Asking the second Question
Once information is obtained about the owners and/controllers of a legal entity there is an additional review process that should occur. Does the owner or controller of the legal entity increase the likelihood or potential for money laundering? In the alternative, does the information that you have obtained about the owner or controller leave more questions than answers? For example, suppose your corporate customer runs a small flower shop on main street. One day, a 30 % interest in the flower shop is purchased by a man who is the owner of the local casino. Why would the owner of a casino want a flower shop business? Since a casino is a high cash, high risk, business, and people do still buy flowers with cash, there is an increased risk that the new controlling person may try to move some of his money through the deposits of the flower shop. In this case, the best practice would be to find out all that you could about the new owner and why this controlling interest makes sense. Moreover, now is the time to determine whether or not your BSA department still has the capability to monitor the flower shop now that it has a new owner. Do you have the ability to determine whether suspicious activity might be occurring? Not only should due diligence be dynamic, it should also include the analysis necessary to make the most efficient use of the information obtained.