Beneficial Ownership Rules. Iowa Bankers Association

Transcription

1 Beneficial Ownership Rules Iowa Bankers Association November 2017

2 TABLE OF CONTENTS Program Description and Purpose... 1 FinCEN s Regulation X Beneficial Ownership... 2 Definitions... 3 BSA/AML Program Requirements... 7 Beneficial Ownership Legislation Appendix A Initial Beneficial Ownership Certification Form... 27

3 Program Description and Purpose Introduction Former implicit guidance covering Customer Due Diligence (CDD) requirements, including: Obtaining and verifying beneficial customer information; and Understanding the nature and purpose of legal entity accounts in order to develop an initial risk profile and ongoing monitoring became a rule on May 11, 2016 Purpose BEFORE - No mandatory requirement for a bank to know the identity of individuals who owned or controlled legal entities that opened accounts with the bank; AFTER your bank will be asking questions as to the identification of individuals who own, or control, legal entity customers. Today we are going to address: All formerly implied guidance that has now been codified as a regulation; Any difference between the implied and expressed requirements; and New explicit regulations not previously implied. Key Items Addressed Today What a legal entity customer looks like; Written procedural requirements under the new rule; What constitutes ownership prong and control prong ; The types of accounts and legal entity customers excluded or exempted from identification and verification requirements; Issues involving the FinCEN model form; How to develop a customer risk profile; Ongoing monitoring necessary under the new rules; and Changes to be made to existing written policies, procedures and training programs CCPG, LLC. 1

4 FinCEN s Regulation X Beneficial Ownership The What? Financial Crimes Enforcement Network (FinCEN) rules for banks are contained in 31 CFR Parts 1010, The interagency rulemaking process began in 2010 with interagency guidance on this issue, followed by FinCEN s 2012 Advance Notice of Proposed Rule Making (ANPRM), which led to the 2014 Notice of Proposed Rule Making (NPRM) and the May 11, 2016 final rule. The Why? Requiring banks to perform effective CDD on legal entity customers will assist banks to better understand who the actual customer is and what type of transaction(s) they conduct; and Assists government, and law enforcement, in combating a number of types of illicit financial activities including tax evasion, terrorist financing, money laundering and sanction violations among others. Effective Dates July 11, 2016 with a required mandatory compliance date of May 11, 2018; Banks can electively apply part, or all, of the requirements prior to the date but compliance will be mandatory as of May 11, CCPG, LLC. 2

5 Definitions Account 31 CFR (c) The term has the meaning set forth in (a) of this chapter (for banks): A formal banking relationship established to provide or engage in services, dealings, or other financial transactions including a deposit account, a transaction or asset account, a credit account, or other extension of credit. Account also includes a relationship established to provide a safety deposit box or other safekeeping services, or cash management, custodian, and trust services. Account does not include: o A product or service where a formal banking relationship is not established with a person, such as check cashing, wire transfer, or sale of a check or money order; or o An account that the bank acquires through an acquisition, merger, purchase of assets, or assumption of liabilities. Note: This is same definition of account used for CIP purposes. Nothing new to see here so pay more attention to the definition of New Account CCPG, LLC. 3

6 Definitions New Account 31 CFR (g) The term means EACH account opened at a bank by a legal entity customer on or after the mandatory compliance date, May 11, Note: Much more on this later today but note that a customer opening one account on Monday and another on Wednesday will trigger Beneficial Ownership requirements. Beneficial Owner 31 CFR (d) Each of the following: 1. Each individual, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25 percent or more of the equity interests of a legal entity customer; and 2. A single individual with significant responsibility to control, manage, or direct a legal entity customer, including: An executive officer or senior manager (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer); or Any other individual who regularly performs similar functions. Note: If a trust owns directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, 25% or more of the equity interests of a LEC, the beneficial owner shall mean the trustee. Note: If a non-legal entity customer owns directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, 25% or more of the equity interests of a LEC, no individual need be identified with respect to that entity s interests. Note: The term beneficial owner was previously defined in FinCEN regulations and guidance but not in the context of LECs CCPG, LLC. 4

7 Definitions Legal Entity Customer 31 CFR (e)(1) Corporation, limited liability company (LLC), general partnership, or other entity created by the filing of a public document with a Secretary of State or similar office, a general partnership, and any similar entity formed under the laws of a foreign jurisdiction that opens an account. Note: Includes limited partnerships, business trusts that are created by a filing with a state office, general partnerships, and any other entity created by filing with a state entity. Non-Legal Entity Customer (Exclusions) 31 CFR (e)(2) Legal entity customer does not include (full list includes 16 types of entities): Financial institution regulated by a Federal functional regulator or a bank regulated by a State bank regulator; Person (includes companies) exempted from CTR filing (for more info see 31 C.F.R (b)(2) (b)(5) on the next page); An investment company or investment advisor registered with the SEC; Public accounting firms; State regulated insurance company; Non-U.S. governmental department, agency or political subdivision that engages only in governmental rather than commercial activities Note: Non-Legal entity customers include sole proprietorships and unincorporated associations, such as HOAs, even though such businesses may file with the Secretary of State in order to register a trade name or establish a tax account. The rationale is that sole proprietorships and unincorporated associations are not entities with a separate legal existence from the associated individual; this may create a shield permitting an individual to obscure their identity CCPG, LLC. 5

8 Definitions Exempt Person (b)(2) - (5) A person described as an exempt person includes; (2) A department or agency of the United States, of any State, or of any political subdivision of any State; (3) Any entity established under the laws of the United States, of any State, or of any political subdivision of any State, or under an interstate compact between two or more States, that exercises governmental authority on behalf of the United States or any such State or political subdivision; (4) Any entity, other than a bank, whose common stock or analogous equity interests are listed on the New York Stock Exchange or the American Stock Exchange or whose common stock or analogous equity interests have been designated as a NASDAQ National Market Security listed on the NASDAQ Stock Market (except stock or interests listed under the separate NASDAQ Capital Markets Companies heading), provided that, for purposes of this paragraph (b)(4), a person that is a financial institution, other than a bank, is an exempt person only to the extent of its domestic operations; (5) Any subsidiary, other than a bank, of any entity described in paragraph (b)(4) of this section (a listed entity ) that is organized under the laws of the United States or of any State and at least 51 percent of whose common stock or analogous equity interest is owned by the listed entity, provided that, for purposes of this paragraph (b)(5), a person that is a financial institution, other than a bank, is an exempt person only to the extent of its domestic operations CCPG, LLC. 6

9 BSA/AML Program Requirements Federally Regulated Institutions 31 CFR (a) In general. Covered financial institutions are required to establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of legal entity customers and to include such procedures in their antimoney laundering compliance program required under 31 U.S.C. 5318(h) and its implementing regulations. (b) Identification and verification. With respect to legal entity customers, the covered financial institution s customer due diligence procedures shall enable the institution to: (1) Identify and (2) Verify Note: The 1010 requirements (Beneficial Ownership) are for General Provisions for numerous types of industries while the 1020 requirements (Rules for Banks) are obviously specific to banks. Note: The 1010 Beneficial Ownership requirements specifically indicate that the customer due diligence procedures.. which means your Beneficial Ownership processes will need to be in the BSA Policy in the CDD section more on that BSA Policy requirement on the next page of this manual CCPG, LLC. 7

10 BSA/AML Program Requirements Federally Regulated Institutions 31 CFR A financial institution regulated by a Federal functional regulator. shall be deemed to satisfy the requirements if the financial institution implements and maintains an antimoney laundering program that: (a) Complies with the requirements of [Due diligence programs for correspondent accounts for foreign financial institutions] and [Due diligence programs for private banking customers] of this chapter; (b) Includes, at a minimum: (1) System of internal controls to assure ongoing compliance; (2) Independent testing (audit) for compliance to be conducted by bank personnel or by an outside party; (3) Designation of an individual or individuals (BSA Officer) responsible for coordinating and monitoring day-to-day compliance; (4) Training for appropriate personnel; and (5) Appropriate risk-based procedures for conducting ongoing customer due diligence (i) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and (ii) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph (b)(5)(ii), customer information shall include information regarding the beneficial owners of legal entity customers (as defined in of this chapter); and (c) Complies with the regulation of its Federal functional regulator. Note: Items (b)(1) through (4) are the traditional Four Pillars of the AML Program. Item (b)(5) is the new Fifth Pillar and don t forget about the Beneficial Ownership CDD requirements from 31 C.F.R CCPG, LLC. 8

11 BSA/AML Program Requirements Minimum AML Program Requirements AML Program requirements set forth by 31 CFR (c) are minimal requirements which further defers to the regulations of each federal functional regulator [More to come? Maybe, maybe not]. FinCEN sets baseline regulatory standards across industries, such as banking, federal functional regulators, such as the FDIC have authority to establish AML program requirements in addition to rules established by FinCEN if any are necessary and appropriate to address risk to their regulated entities. Those specific regulations, which are verbatim to the FinCEN requirements (except for the identification of member institutions, such as state member banks, national associations, etc.,) for the prudential regulators are: o FDIC 12 CFR o OCC 12 CFR o Federal Reserve 12 CFR o NCUA 12 CFR CCPG, LLC. 9

12 BSA/AML Program Requirements Customer Identification Programs 31 CFR Current CIP Procedures FinCEN is seeking to leverage existing CIP requirements to address beneficial ownership requirements and stipulate that banks can generally rely upon their existing CIP requirements. Current CIP procedures require banks to notify customers that the bank is requesting information to verify their identity in manner reasonably designed to ensure that a customer is able to view the notice, or given notice, before an account is opened such as: Website; Lobby notice; or Language on account applications. Characteristics of CIP Procedures CIP procedures must: Be risk-based; Enable bank to form a reasonable belief that it knows the true identity of the customer; Based on assessment of risks; and Set forth documents, or non-documentary methodology, the bank will utilize to establish customer identify. Data to Be Obtained Information to be collected and verified prior to opening an account includes the customer's: Name; Date of Birth; Residential or business street address; and Identification Number, such as a SSN. Note: For a non-individual (corporation, partnership, trust, etc.) address requirements apply (principal place of business, local office, etc.) and were not altered by beneficial ownership rules as beneficial owner address information is only obtained for natural persons under new rule CCPG, LLC. 10

13 BSA/AML Program Requirements Verification of Beneficial Owner Identity CDD Core Element 1 Verification of beneficial ownership identity, consistent with a bank s existing CIP procedures for natural persons, meets new regulatory requirements. Nothing New Here - The written AML program, since 2003, has been required to address both customer identification and verification. CDD Core Element 2 (The 1010 Rule) Written AML program should include beneficial ownership identification and verification; Element 2 is not currently required, but implied through guidance, with limited exceptions; and Clearly part of new rule and must be addressed in written BSA program). Beneficial Owner Information Written procedures must specify the four required identification elements for individuals (name, address, identification number and date of birth) From CIP; Current procedures concerning required information to be obtained for your bank should not change except to indicate that information will also be obtained for beneficial ownership purposes; and These four pieces of information still must be obtained before account opening CCPG, LLC. 11

14 BSA/AML Program Requirements Beneficial Ownership Verification Beneficial ownership verification procedures can rely to a large degree on current CIP verification procedures: Current procedures provide for verification by documentary (i.e. driver s license) or non-documentary (i.e. credit report, customer contact) processes. While current CIP only allows for original documents, the new rule allows copies and transmissions subject to the bank s procedures give this some thought. Current requirements related to verification continue to apply to the following situations: Expired driver s license; Driver s license information or photo illegible; and Account opened without verifying documents being obtained. Note: CIP procedures currently only envision requiring information at new account opening. New beneficial ownership rule contains provisions for obtaining the four key CIP elements and how to verify identify during ongoing monitoring on a risk basis if relevant to risk assessment or evaluation. CDD Core Element 3 (The 1020 Rule) Written AML program should address understanding the nature and purpose of customer relationships in order to develop a customer risk profile Part 1 of the new fifth pillar (currently implied through guidance in order to comply with SAR requirements): Info about a customer gathered at account opening (i.e. intended use of account, NAICS, number of domestic and/or foreign incoming or outgoing wire transfers, anticipated deposit totals, etc) is used to develop a baseline against which customer activity is assessed for suspicious activity reporting; and Program may, but need not, include a system or risk ratings or categories of customers CCPG, LLC. 12

15 BSA/AML Program Requirements CDD Core Element 4 (The 1020 Rule) Written AML program should include conducting ongoing monitoring to maintain and update customer information to identify and report suspicious transactions as noted in Part 2 of the new fifth pillar - (currently implied through guidance related to SAR requirements): Beneficial Ownership information is only required to be updated on a "risk basis", "during the course of a bank s normal monitoring", IF "relevant to assessing or reevaluating the risk posed by the customer." This updating requirement also applies to customers that existed on the Applicability Date. Updating is event driven, such as customer requested change of signatory authority or as a result of normal monitoring or administration of the account. There is no requirement to: o Change the frequency or type of monitoring; o Seek out change in beneficial ownership information, such as by amending current forms, document requests, or questions but such action is likely to be preferred by regulatory agencies drop a dime on your examiner. Customer Risk Profile is only one piece of data to be used for determination of potentially suspicious transactions as FinCEN has pointed out that other suspicious activity programs are not to be usurped by the new CDD codification. Additions to AML Program The 2 nd, 3 rd, and 4th elements, noted above, must be specifically added, or revised within, the bank s AML program and submitted to the bank s Board for consideration and approval as well as recorded in the Board s meeting minutes hopefully there is a CDD section already in your AML program. The first core item, CIP, hopefully is already there. BSA/AML Risk Assessment Pay attention to the BSA Risk Assessment along with the timing of submission to the Board. Risk Assessment followed by Board Review of Assessment and Policy CCPG, LLC. 13

16 BSA/AML Program Requirements Written AML Procedures Written AML procedures will be utilized to develop a customer profile to identify baseline expected activity of the customer to be utilized for ongoing monitoring in order to identify and report suspicious transactions. The AML procedures should be risk-based and will differ between banks based on asset size, geographic locations, product offerings, etc. The bank s Board will need to approve the procedures after their inclusion in the AML program. AML Initial Customer Risk Profile Requirement Initial customer risk profile at account opening: Gathers initial information used to develop a baseline of expectant transactions or activities to which the bank will compare future transaction or events for potential SAR filing; Can be automated or manual; Can be numerical or descriptive; Can be color coded; or Can be none of the above. AML Monitoring Procedure Requirements Ongoing monitoring: Is primarily used to identify and report suspicious transactions with assumption that SAR narratives will contain a greater degree of information; Has a secondary purpose of maintaining and updating beneficial ownership information if relevant to risk assessment/evaluation; and Fulfills SAR requirements for effective and diligent monitoring of account activity in order to evaluate and identify unusual or suspect activity Note: CDD monitoring frequency will not change because of new rule CCPG, LLC. 14

17 BSA/AML Program Requirements Record Retention Requirements The AML procedures should include recordkeeping requirements to include all information obtained in connection with identifying and verifying beneficial owners including: Identification information beneficial owner (natural person) information same as CIP current requirement - along with documentation such as Certification Form and other identifying related information reviewed or collection to establish identification of beneficial owners (5 years after account is closed); Verification information (documentary) - description of any document relied upon (same CIP standard type, number, issuance date, etc.) (all verification information from this and following two bulleted items must be retained for 5 years after the record was made); Verification information (non-documentary) List of nondocumentary methods; and Results of any measure taken and resolution of each substantive discrepancy CCPG, LLC. 15

18 Beneficial Ownership Requirements New Requirements for Legal Entity Customers (LEC) Effective May 11, 2018, a bank is required to: Establish and maintain written procedures that are reasonably designed to identify and verify beneficial owners of legal entity customers; and To include such procedures in their AML compliance program. Note: Banks which have beneficial ownership collection thresholds lower than the 25% standard may maintain these thresholds if they desire. Status of Collection of Beneficial Ownership Information FinCEN is aware that: Some banks already obtain beneficial owner information in all or some circumstances potentially based upon risk assessment (likely the easiest programs to amend); Certain banks only obtain such information upon the occurrence of a triggering event or for certain categories of customers; and Some banks do not collect any beneficial ownership information at this time. Benefits of Standardization Benefits of standardization: Uniformity of data collection programs between banks in order to prevent competitive disadvantages in existing situations where one bank might currently allow legal entity customers to open accounts without identification and verification of natural person beneficial owners while banks in similar geographies allow the same customers to open an account without any such process; More consistent examination expectations and regulatory actions; and Quantity and quality of SARs [Primary point of new rule] 2017 CCPG, LLC. 16

19 Beneficial Ownership Requirements Applicability Beneficial ownership rules: Apply to natural persons that have an ownership interest in a LEC. o Do NOT apply to business or corporate entities that maintain an ownership interest in a LEC. Covers direct and indirect owners with equity interests but FinCEN has decided against providing definitions of these terms and has instead noted these are matters of state law and that reliance should be placed upon customer opening the account SUBJECT TO MUCH ONLINE DEBATE. Only apply to new accounts opened on or after May 11, 2018; Does not apply to existing accounts opened prior to that date with limited exception such as a bank becoming aware of new beneficial ownership information during its ongoing monitoring that is relevant to its risk assessment process. Note: Banks are not precluded from collecting beneficial ownership information on existing (portfolio) customers, during normal monitoring, on a risk basis if bank believes such action is appropriate. Beneficial Ownership Identification With respect to LECs, bank s CDD procedures shall enable the bank to: Identify the beneficial owner(s) of each legal entity customer at the time a new account is opened unless; o Customer is otherwise excluded [see Non- Legal Entity Customer in definition section of this manual], or o Account is exempted [see Exemptions below] CCPG, LLC. 17

20 Beneficial Ownership Requirements Exemptions (Not applicable to most banks) Banks are exempt from the requirements to identify and verify the identity of the beneficial owner(s) of this section only to the extent the bank opens an account for a LEC that is: At the point-of-sale to provide credit products, including commercial private label credit cards, solely for the purchase of retail goods and/or services at these retailers, up to a limit of $50,000; or To finance: o The purchase of postage and for which payments are remitted directly by the financial institution to the provider of the postage products; o Insurance premiums and for which payments are remitted directly by the financial institution to the insurance provider or broker; o The purchase or leasing of equipment and for which payments are remitted directly by the financial institution to the vendor or lessor of this equipment. Limitations on Exemptions Exemptions identified above [exemptions financed] do not apply to transaction accounts through which a legal entity customer can make payments to, or receive payments from, third parties. If there is the possibility of a cash refund on the account activity, then beneficial ownership of the LEC must be identified and verified by the bank either at the time of initial remittance, or at the time such refund occurs CCPG, LLC. 18

21 Beneficial Ownership Requirements Beneficial Ownership Prongs Ownership Prong vs Control Prong: The number of individuals that satisfy the definition of beneficial owner and therefore must be identified and verified may vary; and Bank must identify which prong has been met and place the required information in the respective section of the Certification Form or a similar document or record on their system of record. Ownership Prong Ownership prong: Satisfied if any individual directly or indirectly owns 25% of the equity interest of a legal entity customer; Only applies to a natural person and can t include the name of a business entity; Includes up to 4 individuals who may be considered to have met the 25% ownership threshold unless the bank has set a lower standard - a higher standard, above 25%, is not permitted; o If there are no owners which satisfy the 25% threshold, then the bank should note Not Applicable on the Certification Form or comparable record based on language in sample Certification form; Relies upon information provided by a customer who may, but is not required to be, included on either the ownership or control prong. o Ownership information is required and recorded at the time of account opening and thereafter is only required to be updated based on risk or knowledge of changes; o It is the responsibility of the customer, and not front-line personnel, to make the ownership determination which will be broadly interpreted in light of the varying types of equity ownership allowed by various states; and o Bank not expected to undertake any analysis to determine whether an individual is a beneficial owner and can rely upon the customer to disclose direct or indirect ownership CCPG, LLC. 19

22 Beneficial Ownership Requirements Control Prong Control prong is satisfied by a single individual having significant responsibility to control, manage, or direct a legal entity customer (i.e. Executive Officer, Senior Manager, or other individual who performs management not functions). The Certification Form contains a list of possible officer titles, but named control person may not have any such officer status. Note: Unlike the Ownership Prong, under the Control Prong one individual will always be named. Legal Entity Customers Subject to Control Requirements The following LECs are subject only to the control prong of the beneficial ownership requirement: A pooled investment vehicle that is operated or advised by a financial institution not excluded [Non-Legal Entity Customer]; and Any legal entity that is established as a nonprofit corporation or similar entity that has filed its organizational documents with the appropriate State authority as necessary. Definition: Non-Profit Non-profit includes charitable, not-for-profit, non-stock, public benefit or other similar corporations. There is no requirement that the non-profit be a tax-exempt organization such as a 501(c)(3). The bank must identify someone with significant responsibility to control, manage or direct the non-profit and can establish its identity by providing a certified copy of its certificate of incorporation or a certificate of good standing from the appropriate State authority; Bank may already have such a requirement presently in its CIP rules for entities; and Typical signatory on a non-profit account likely would be a control entity. Small community organizations such as scout troops, civic clubs and youth sports leagues are unincorporated associations rather than legal entities and are not subject to the beneficial ownership requirement CCPG, LLC. 20

23 Beneficial Ownership Requirements Obtaining Identification Bank may obtain required information either by obtaining: Certification from the individual opening the account on behalf of the LEC (model form located in Appendix A of the regulation), or Information required by the form by some other means, provided the individual certifies, to the best of the individual s knowledge, the accuracy of the information; or Record on your system of record as there is no absolute requirement that you even use a form. Note: FinCEN noted in the that it anticipates but doesn t require - the customer opening the account will be a beneficial owner through the ownership or control prong. Reliance on Information Bank may rely on the information supplied by the LEC regarding the identity of its beneficial owner(s), provided that it has no knowledge of facts that would reasonably call into question the reliability of such information. Why Information is Obtained Language in the General Instructions section on Page 1 seemingly explains to the customer why information is being obtained as is similar to USAPA Section 326 language but there is no customer notification requirement; No information in or Rule to indicate requirement or permissibility of whether customer or bank employee should complete the form but the General Instructions also contemplate that it will be completed by the customer; Possible letter or to current customers bank has identified as a potential LEC; and Lobby or desk disclosures CCPG, LLC. 21

24 Beneficial Ownership Requirements Certification Form Appendix A Bank is not required to use the Certification Form provided by FinCEN and may use any other form or no form at all, written or electronic, as long as it obtains, at a minimum the same information shown on the Certification form and requires the individual supplying the information to certify the accuracy of the information. Name of the certifying person on the form must be a natural person; FinCEN chose not to impose requirements on who may sign or certify and will allow the bank to utilize its current account opening procedures, such as reliance upon corporate resolutions which authorize entities who are empowered to open accounts and/or serve as an authorized signatory (partner, officer of a corporation, etc.); and Certification of Accuracy may be obtained without use of the Certification Form in the same way the bank obtains other information from its customers in connection with its account opening procedures. Verifying Identification 31 CFR (b) In addition to obtaining the identification necessary, bank must also verify the identity of each beneficial owner identified to the bank, according to risk-based procedures to the extent reasonable and practicable. Note: Bank is verifying (CIPing) the identify of a natural person and not that person s ownership or control status. Utilization of CIP Procedures A bank s utilization of its CIP procedures for natural persons is deemed to satisfy the beneficial ownership verification requirement: Verification information must be completed within a reasonable time after the account is opened as set forth by bank procedures; and Procedures must address situations in which the bank can t form a reasonable belief as to the identity of the beneficial owner and what further actions (account closure, SAR evaluation, etc) will be taken CCPG, LLC. 22

25 Beneficial Ownership Requirements Verification Requirements Copies of identification, such as a driver s license, can be used for beneficial ownership verification purposes but can t be utilized for CIP verification purposes; Bank should conduct own risk based analysis on the types of reproductions or copies they will accept, e.g. jpeg, gif, etc; Copies of photo identities do not have to be maintained but bank does have to retain the description of the document relied upon to verify identity, as it does for CIP; and Bank should also decide on method of transmission of copies such as fax, or other. Required Identification and Verification Beneficial ownership information will need to be identified and verified each time a new account is opened (Note: this doesn t mean a new form is completed for each new account and can simply include a review of info and re-certification) as there may have been changes to the ownership and control regime since the previous account was opened. If bank determines a change in beneficial ownership information (ownership or control) during normal course of monitoring, information must be updated on bank records; Applies to all LECs including those that existed on the applicability date; and No requirement for continuous monitoring but bank should update records if an event makes the bank aware of a beneficial ownership change. Reliance on Customer Information FinCEN is aware there is no authoritative source for beneficial ownership information as there is no federal law for states to collect such information at the time a company is formed; and Bank is allowed to rely upon such information as provided by the customer and need not verify such information beyond reasonable risk based measures CCPG, LLC. 23

26 Beneficial Ownership Requirements Other Regulatory Considerations Related to Beneficial Owners Bank has the discretion to identify additional beneficial owners as appropriate based on the risk appetite of the bank. Should use beneficial ownership information as bank uses other information it gathers regarding customers (e.g. through compliance with CIP requirements), including for compliance with OFAC requirements; and Beneficial ownership information collected is subject to an OFAC review, as well as aggregation for CTR filing purposes. Recordkeeping Bank must establish procedures for making and maintaining a record of all information obtained as required by regulation. Recordkeeping - FOR PURPOSES OF... THE RECORD MUST INCLUDE... (i) Identification Any identifying information obtained by the bank including without limitation the certification (if obtained) (ii) Verification a. Description of any document relied on (noting the type, any identification number, place of issuance and, if any, date of issuance and expiration) of any non-documentary methods; b. Results of any measures undertaken, and c. Resolution of each substantive discrepancy. Recordkeeping THE RECORDS MADE UNDER... Paragraph (i)(1)(i) Paragraph (i)(1)(ii) MUST BE RETAINED FOR FIVE YEARS AFTER THE... Date the account is closed. Record is made CCPG, LLC. 24

27 Beneficial Ownership Requirements Reliance on Affiliate or Other Financial Institution Bank may rely on another bank (including an affiliate) with respect to any LEC of the bank that is opening, or has opened, an account or has established a similar business relationship with the other financial institution to provide or engage in services, dealings, or other financial transactions, provided that: Such reliance is reasonable under the circumstances; The other financial institution is required by FinCEN to have a BSA/AML Program and is regulated by a Federal functional regulator; and The other financial institution enters into a contract requiring it to certify annually to the covered financial institution that it has implemented its AML/BSA Program, and that it will perform (or its agent will perform) the specified requirements of the covered financial institution s procedures to comply with the requirements of this section CCPG, LLC. 25

28 Beneficial Ownership Legislation Additional Legislation US Department of the Treasury Press Release May 5, Treasury Department announced it is sending beneficial ownership legislation to Congress. As stated in the press release ( The Administration is committed to working with Congress to pass meaningful legislation that would require companies to know and report adequate and accurate beneficial ownership information at the time of a company s creation, so that the information can be made available to law enforcement. As part of the legislation outlined today, companies formed within the United States would be required to file beneficial ownership information with the Treasury Department, and face penalties for failure to comply. The misuse of companies to hide beneficial ownership is a significant weakness in the U.S. anti-money laundering/counter financing of terrorism regime that can only be resolved by Congressional action. The new draft legislation is an amended version of an Administration Budget proposal, reflecting discussions with Congress, law enforcement entities, and others CCPG, LLC. 26

29 Appendix A Initial Beneficial Ownership Certification Form 2017 CCPG, LLC. 27

30 Appendix A - Beneficial Ownership Certification Form 2017 CCPG, LLC. 28

31 Appendix A - Beneficial Ownership Certification Form 2017 CCPG, LLC. 29

32 (Blank Page) 2017 CCPG, LLC. 30