The Beneficial Ownership Rule: Part Two – Due Diligence

bor-part2In the first part of this series we described the new beneficial ownership rule. We talked about the reasons that the rule was passed and we noted that the central idea of this rule is making sure that financial institutions get complete information when an account is opened for a legal entity. This is especially true when a legal entity has a complex ownership structure. There is a second aspect of the rule that changes the due diligence process for legal entities to a dynamic one. This portion of the rule is being called the “fifth pillar” of BSA/AML compliance programs.

Due Diligence
Under the new Beneficial Ownership rule, the definition of due diligence is essentially changed, especially for accounts that are opened for legal entities. The rule specifically requires institutions to obtain background information on any person that owns, or controls the legal entity. For purposes of this rule, ownership is defined as anyone who maintains an ownership stake of 25% or more of the entity. Control means anyone who has a significant responsibility to manage or direct the entity. A controlling person could have zero ownership interest in an entity.

Currently information about the persons who control or own legal entities is not necessarily required, although as a best practice, this information should often be considered important to the due diligence process. The Beneficial Ownership rule makes obtaining the ownership and control information a requirement of the account opening and due diligence process. The rule also requires that financial institutions should write policies and procedures that reflect these requirements. The rule notes that the policies and procedures should be risk based and should detail the various steps taken based upon the risk rating of the account. The types of documentation that can be considered acceptable for meeting the requirements of the rule are described.

Due Diligence as a dynamic process
When developing your compliance program to meet the requirements of the new rule, consider that due diligence for legal entities should become a dynamic process. It won’t be enough to obtain ownership and control information at the time the account is opened and then stop. There must be ongoing monitoring of accounts for changes in the ownership or control and analysis of what those changes mean.
In recent years, one of the tactics that money launders have employed is to take over legitimate long standing business to hide “dirty money”. For example, in late 2014, the Los Angeles area garment industry was overrun by a scheme known as “Black Market Peso Exchanges. Drug money was used to purchase goods and then the goods were shipped to other countries where they were resold and converted back to cash. In many cases, the reason that this scheme was able to proceed was that the person or persons that desired to launder the money became a part owner of what was once a legitimate business.

In a similar manner, when a person who has bad intentions is able to control an entity, then the possibility that suspicious activity might occur goes up exponentially. An important part of ongoing monitoring for suspicious activity must be continuing due diligence on both the ownership and controlling persons of an entity.

Asking the second Question
Once information is obtained about the owners and/controllers of a legal entity there is an additional review process that should occur. Does the owner or controller of the legal entity increase the likelihood or potential for money laundering? In the alternative, does the information that you have obtained about the owner or controller leave more questions than answers? For example, suppose your corporate customer runs a small flower shop on main street. One day, a 30 % interest in the flower shop is purchased by a man who is the owner of the local casino. Why would the owner of a casino want a flower shop business? Since a casino is a high cash, high risk, business, and people do still buy flowers with cash, there is an increased risk that the new controlling person may try to move some of his money through the deposits of the flower shop. In this case, the best practice would be to find out all that you could about the new owner and why this controlling interest makes sense. Moreover, now is the time to determine whether or not your BSA department still has the capability to monitor the flower shop now that it has a new owner. Do you have the ability to determine whether suspicious activity might be occurring? Not only should due diligence be dynamic, it should also include the analysis necessary to make the most efficient use of the information obtained.

The Beneficial Ownership Rule- A Two Part Series

borpart1Part One – What is the rule and What Does it mean to Me?

On May 11, 2016, the Financial Crimes Enforcement Network (FinCEN) announced its final rule strengthening the due diligence requirements for covered financial institutions. This rule is generally known as the beneficial ownership rule. This rule represents a significant change in the overall administration of Bank Secrecy Act/Anti-Money laundering (BSA/AML) compliance programs. The purpose of the change was made clear in FinCEN’s announcement of the final rule.

“Covered financial institutions are not presently required to know the identity of the individuals who own or control their legal entity customers (also known as beneficial owners). This enables criminals, kleptocrats, and others looking to hide ill-gotten proceeds to access the financial system anonymously. The beneficial ownership requirement will address this weakness.”

Put another way, the purpose of this rule is to address one of the biggest weaknesses in the current system for identifying suspicious activity. The fact that that financial institutions have been required to obtain information about a legal entity without considering the ownership and /or control of the legal entity has allowed many a “bad guy” to effectively hide his/her illicit activity. The preamble to the rules lists out several examples of how legal entities have been taken over by criminals in an effort to launder money. Some of the more interesting examples included:
• A series of shell companies that were used to take over and loot a publicly traded mortgage company.
• Using a series of small legal entities to cover a drug smuggling ring
• Using a series of companies that were ostensibly for movie production to hide large amounts of cash that was being used for human trafficking

In all of the cases that were cited, the common feature was the ownership and control of the legal entities was obscured by a complex holding structure. The beneficial ownership rule is designed to addresses this practice. The rule requires that a financial institution doing business with a legal entity should know who owns and controls the entity. This is the enumerated requirement. However, it should be the understood that simply knowing this information is not enough. Once the due diligence information is obtained, it is critical to ensure that it makes sense in context. For example, does it really make sense that a flower shop owner also owns a casino? These business are entirely unrelated except for the fact that they are both often cash intensive businesses.

The Rule Itself
The final rule creates a “fifth pillar” in the standard group of expectations for a comprehensive BSA/AML compliance program. Ongoing and risk based due diligence for customers will now be considered an essential part of the compliance program. The rule makes due diligence a dynamic process rather than the traditional process that essentially ended at the time the account was opened. Financial institutions are expected to stay abreast of who the beneficial owners of a legal entity are and how their ownership might impact ongoing monitoring of the account. As the beneficial owners change, then the manner in which the account is viewed should change accordingly.

Beneficial Ownership is a broad definition that includes both ownership and control.
Ownership – is denied as any person who directly or indirectly owns more than 25 percent of the equity of a legal entity
Control – The term “beneficial owner” means a single individual with significant responsibility to control, manage, or direct the legal entity customer (e.g., a Chief Executive Officer, Vice President, or Treasurer).

These two prongs are critical because there are many times when a person or persons could actually have a minimal ownership stake in a firm or even no actual legal ownership, but still have the ability to control the firm. The rule requires all covered institutions to obtain information on all people who own or control a legal entity.

Financial institutions are expected to design policies and procedures that detail how staff will use their best efforts to establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of a legal entity customer. The procedures must allow the financial institution to identify all beneficial owners of each legal entity customer at the time of account opening unless an exclusion or exemption applies to the customer or account.

Why Wait?
The rule requires all covered institutions to be in compliance by May of 2018. Covered institutions in this case means:
“For purposes of the CDD Rule, covered financial institutions are federally regulated banks and federally insured credit unions, mutual funds, brokers or dealers in securities, futures commission merchants, and introducing brokers in commodities”

Though this rule only technically only applies to covered institutions, it will be prudent for all financial institutions to become familiar with the requirements of the regulations and to apply the standards enumerated therein. Financial institutions will expect that their Money Service Businesses meet the same standards because the risks for undetected suspicious activity is the same.

There is absolutely no reason to wait to implement the principals detailed in the rule. By developing policies and procedures that are able to determine beneficial ownership, a financial entity can have more effective risk mitigation of its customer base. At the end of the regulatory day, knowing your customers and what it is that they do is the heart of any string AML Compliance program

In Part Two- we will discuss the details of a strong beneficial ownership program.

Your Partner in Balancing Compliance