On July 11, the OCC released its Semiannual Risk Perspective for Spring 2016, which generally provides an overview of supervisory concerns for the federal banking system and specifically presents data as of December 31, 2015 in the following areas: (i) operating environment; (ii) bank performance; (iii) key risk issues; and (iv) regulatory actions. Similar to the fall 2015 report, the current report identifies cybersecurity, third-party vendor management, business continuity planning, TRID, and BSA/AML compliance, among other things, as key areas of potential operational and compliance risk. Further, the report highlights the new Military Lending Act rule, effective October 3, 2016, as a new key potential risk. According to the report, the OCC’s supervisory priorities for the next twelve months will generally remain the same; moreover, the outlook for the OCC’s Large Bank Supervision and Midsize and Community Bank Supervision operating units will remain broadly similar.
On July 19, FinCEN issued FAQs to clarify the scope of the May 2016 Customer Due Diligence (CDD) final rule. As previously covered in InfoBytes, and as outlined in Question 2 of the recently-released FAQs, the final rule imposes standardized CDD requirements for federally regulated banks and federally insured credit unions, mutual funds, brokers or dealers in securities, futures commission merchants, and introducing brokers in commodities (collectively, covered financial institutions). While the FAQs provide a detailed description of the CDD requirements, they state that, “[i]n short, covered financial institutions are now required to obtain, verify, and record the identities of the beneficial owners of legal entity customers.” Notably, Question 5 of the FAQs clarifies that the CDD rule amends the AML program requirements to explicitly require covered financial institutions to implement and maintain risk-based procedures for conducting ongoing customer due diligence, including, but not limited to, (i) understanding the nature and purpose of the customer relationship; and (ii) conducting ongoing monitoring to identify and report suspicious transactions, as well as maintain and update customer information on a risk basis. The FAQs also note that covered financial institutions must include CDD procedures in their AML compliance program. In addition to discussing definitions for certain terms within the CDD rule, such as “account” and “beneficial owner,” the FAQs outline, among other things, the type of beneficial ownership information that covered financial institutions must collect for legal entity customers. Finally, as reiterated in the FAQs, the CDD rule has an effective date of July 11, 2016 and an applicability date of May 11, 2018.
On June 30, the NYDFS adopted a final rule that requires regulated financial institutions to maintain a transaction monitoring program for potential BSA/AML violations and a filtering program intended to ban transactions prohibited by federal economic and trade sanctions. Further, the Board of Directors or Senior Officer(s) are required to submit annually, by April 15, a Board Resolution or Compliance Officer Finding, confirming the steps taken to ascertain compliance with the regulation and stating that, “to the best of the [Board or Officer’s] knowledge, the Transaction Monitoring and Filtering Program complies with [the regulation].” The law applies to Regulated Institutions, which include banks, trust companies, private bankers, savings banks and savings and loan associations chartered pursuant to the New York Banking Law, and all branches and agencies of foreign banking corporations licensed under the Banking Law to conduct banking operations in New York; and non-banks, which include check cashers and money transmitters licensed under the Banking Law. Read more…
On June 13, the NYDFS announced that it approved XRP II, LLC’s application for a virtual currency license. Before approving the company’s August 2015 application, NYDFS conducted a “rigorous review” of the company’s anti-money laundering, capitalization, consumer protection, and cybersecurity standards. To date, NYDFS has received 26 BitLicense applications; two companies, including this one, have been approved for BitLicenses and two have received state trust charters. NYDFS further noted that it recently denied two applications for a virtual currency license; the companies in receipt of the denial letters were ordered to stop any New York operations.
On June 2, the South Carolina Legislature unanimously passed House Bill 4554, the South Carolina Anti-Money Laundering Act. The Act is intended to “provide regulation and oversight of the money transmission services business most commonly used by organized criminal enterprise to launder the monetary proceeds of illegal activities, and to provide definitions, exclusions, procedures, and penalties.” Among other things, the Act outlines licensure requirements for persons engaging in the business of money transmission and/or currency exchange. Pursuant to the Act, the South Carolina AG (or Commissioner) “may conduct an annual examination of a licensee or of any of the licensee’s authorized delegates [(as defined by the Act)] on a forty-five day notice in a record to the licensee.” In addition, the Act delegates to the Commissioner the authority to suspend or review a license or order a licensee to revoke the designation of an authorized delegate. The Act will take effect either one year after it is signed by the Governor or upon publication in the State Register of final regulations implementing the Act, whichever occurs later.