Anti-money laundering (AML) continues to be one of the most complex and critical components of financial compliance risk management. As the advancement of technology and innovation evolves both within the financial sector and within financial crime and terrorist financing activities, the regulations themselves have not kept pace, with a notable absence in significant updates since the implementation of the US Patriot Act of 2001. Evidence of a growing need for Bank Secrecy Act (BSA)/AML policy reform is demonstrated by the near-constant scandals adorning the headlines in recent years. From Deutsche Bank’s involvement with Jeffery Epstein to the FinCEN Files, it is clear that the current system to prevent and detect money laundering and other financial crimes is in need of a major overhaul. In response to these concerns, Congress recently included AML provisions within the National Defense Authorization Act (NDAA) of 2021. The bill was passed into law on January 1, 2021, following a congressional override of President Trump’s veto.
The following sections are included in the NDAA of 2021, with selected details of each section highlighted:
- Title LXI: Strengthening Treasury Financial Intelligence, Anti-Money Laundering, and Countering the Financing of Terrorism Programs
- Sec. 6101-6112: Amend the purpose of the BSA and related definitions, revising and expanding Financial Crimes Enforcement Network (FinCEN) duties and responsibilities
- Title LXII: Modernizing the Anti-Money Laundering and Countering the Financing of Terrorism System
- Sec. 6201-6216: Updates BSA program requirements, including suspicious activity reports (SARs) and currency activity reports (CTRs) reporting requirements and usage by law enforcement; establishes a Subcommittee of Innovation and Technology
- Title LXIII: Improving Anti-Money Laundering and Countering the Financing of Terrorism Communication, Oversight, and Processes
- Sec. 6301-6314: Calls for improved interagency coordination and training; establishes Subcommittee on Information Security & Confidentiality, expanded whistleblower protections; sets additional penalties for repeat offenders
- Title LXIV: Establishing Beneficial Ownership Information Reporting Requirements
- Sec. 6401 – 6403: Sets reporting requirements on beneficial ownership and establishes a government database
- Title LXV: Miscellaneous
- Sec. 6501-6511: Calls for multiple Government Accountability Office (GAO) and Department of Treasury studies
- Title XCVII: Financial Services Matters
- Sec 9701-9714: Contains Subtitle A—Kleptocracy Asset Recovery Rewards Act and Subtitle B—Combating Russian Money Laundering
Current and Future Implications
With a number of substantial regulatory changes that are bound to emerge from the passage of the NDAA, companies operating within the financial services and banking industry will need to prioritize actionable items and responses for immediate and extended strategic planning purposes and to ensure continued compliance of AML regulatory requirements.
The new legislation includes several significant, yet broad changes to the way BSA/AML regulations are currently interpreted and applied. For example, the stated purpose of the BSA was expanded to explicitly address money laundering and terrorist financing while encouraging information sharing and coordination more specifically between law enforcement and other supervisory agencies, potentially changing the way BSA/AML records and reporting systems are used to combat financial crime. New standards for national supervision and examination priorities, along with expanded powers and responsibilities for FinCEN are also likely to send a wave of long-lasting change to regulatory and supervisory areas of focus for years to come.
Similarly, various sections of the act require modification of the existing SARs and CTRs reporting processes and usage. The use of more streamlined data and real-time reporting of SARs will certainly increase the effectiveness of the way SARs are used to uncover money laundering and/or terrorist financing. Furthermore, stipulations were added that law enforcement provides periodic feedback regarding the adequacy of suspicious activity reporting. Information sharing around SARs (as well as CTRs) are also highlighted to ensure coordination among regulatory bodies, while also emphasizing the importance of protecting sensitive and personally-identifying information.
The NDAA also calls for several studies to be conducted involving the effectiveness and value of current and proposed BSA processes, which may lead to additional legislative actions in the future.
Calling attention to a need for increased use and reliance on technology and innovation notes a shift in trusted methods traditionally used to combat financial crime and money laundering. These concepts may allow for a new opportunity for continual assurance that BSA/AML risk management and supervisory practices are effective on an ongoing basis. It is expected that most of these provisions will take years to become effective as studies and reports are collected and analyzed and regulatory guidance and supervisory training efforts are developed.
Undoubtedly, financial institutions are currently most interested in determining what actions and responses are required in the short and intermediate-term. The bill also includes some specific provisions that will likely not need substantial time for implementation. Perhaps the section to garner the most immediate attention is the new mandate that requires all companies that operate within the U.S., with a few exceptions, to report their ultimate beneficial owners to FinCEN, effectively putting a stop to fully anonymous shell companies. The bill allows FinCEN to begin issuing regulations surrounding the reporting process for these companies within one year and cites a two-year implementation period for existing companies.
Also notable, are the added whistleblower rewards and protections which are likely to require less lead time. Another area that is likely to need less time for execution is the legislation surrounding increased penalties and sanctions for companies that have repeated BSA/AML violations.
The NDAA also includes several changes to definitions used within current BSA/AML regulations. “Financial Institutions” will now include dealers of antiquities and perhaps art dealers in the future. Additionally, the definition of “coins and currency” was modified to include digital currency. These changes will prompt a number of companies to register with FinCEN and implement more rigorous BSA/AML compliance programs to ensure full compliance with the laws and regulations that are applicable to their organizations.
While it is too early to know exactly when and how these provisions will become effective, organizations can begin to prepare right away by ensuring comprehensive risk management practices are established for long-term strategic planning purposes.
Planning and Risk Management
The next phase for financial institutions will be a period of transition between the old approaches and the new. It is certain that there will be a great need for additional clarification and guidance from regulators in order to understand and become familiar with the specific requirements and restrictions outlined in the legislation. According to regulators, there are six main elements to consider when planning for regulatory changes.
- Identify Changes: Determine what regulatory changes and requirements are directly applicable to the organization
- Create Action Items: Establish what actions need to take place within the company to satisfy the requirements of the new regulations while remaining appropriate for the size and complexity of the organization
- Establish Responsible Parties: Assign tasks to management and personnel
- Track Due Dates: Ensure that various projects are completed within internal deadlines and mandated effective dates
- Evaluate the effectiveness of changes post-implementation: Complete internal reviews and/or audits to check for adequacy and compliance of applicable laws and regulations
- Establish a Repeatable Process: Effective changes in policies, procedures, and processes should continue as required to ensure ongoing compliance
The world of BSA/AML compliance will certainly see a significant change in upcoming years. Both regulators and financial organizations know that while an imminent period of transition will likely derive more questions than answers, in the end, the final goal of improving the fight against financial crimes and money laundering will be realized. Those organizations that prepare and appropriately respond to the forthcoming regulatory changes from the start will ultimately be the most successful in the future.