The Anti-Money Laundering Act of 2020 (the Act), enacted by the US Congress as part of the National Defense Authorization Act for Fiscal Year 2021, places a variety of new anti-money laundering (AML) obligations on banks and other financial institutions. Many of these are of major significance for such institutions. This article focuses on the most notable of these obligations and details their implications.
The Federal Beneficial Ownership Registry
One aspect of the National Defense Authorization Act is the introduction of beneficial ownership information reporting requirements for companies formed or operating in the United States. These new rules, referred to as the Corporate Transparency Act (CTA), compel such companies to disclose their beneficial owners to the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). The obligations contained in the CTA are an extension of some of the limited measures that had previously been in place in relation to business sectors that posed money laundering threats. FinCEN is now required to issue regulations compelling a company to file information with it about each beneficial owner of a reporting company, and the identity of the person who applied to form or register the company.
Under the CTA, a company is subject to the new reporting requirements if it is a corporation, limited liability company or similar organisation that is either created by a filing with a secretary of state or created under foreign law and registered to do business in the US by a filing with a secretary of state. Banks, insurance companies, certain investment funds and charities are exempt from these requirements, as are corporations and limited liability corporations owned or controlled by such a body. Organisations that employ more than 20 staff, filed federal income tax returns the previous year for more than $5,000,000 in gross receipts or sales or have “an operating presence at a physical office within the United States” are also exempt.
A beneficial owner is defined as someone who, directly or indirectly, exercises substantial control over the company or owns or controls 25% or more of its ownership interests (although substantial control is not defined by the CTA). A reporting company has to disclose information about each applicant - an individual who files an application to either form a corporation, limited liability company or similar organisation under state law or registers one with a secretary of state that has been formed under foreign law.
Civil penalties of up to $500 a day can be levied until a violation of the CTA is remedied, with criminal penalties of up to $10,000 and two years’ imprisonment able to be imposed on individuals who intentionally submit incorrect or fraudulent beneficial ownership information or who knowingly fail to provide comprehensive or updated beneficial ownership information.
Those affected by these provisions will need to see what implementing regulations FinCEN issues. But company structures and contractual arrangements may require revision. All relevant individuals in a company will have to be made aware of the requirements regarding disclosing investor information.
Increased Subpoena Power over Foreign Banks
The Act authorises the Secretary of the Treasury or the Attorney General to issue a subpoena to any foreign bank with a correspondent account in the US and request any records relating to the correspondent account or any account at that bank - including records maintained outside of the US.
The officers, directors and employees of a bank receiving such a subpoena cannot notify the account holder involved - or any other person named in the subpoena – about its existence. To do so can carry a civil penalty of double the amount of criminal proceeds suspected to have been sent through the account under investigation. A bank can be punished for contempt if it fails to comply with the subpoena, and can face a civil penalty of up to $50,000 for each day it fails to comply. Funds in the correspondent account can be seized to pay the civil penalties. The bank can be ordered to terminate the account relationship. Not doing so within 10 days can make the bank liable for a civil penalty of up to $25,000 for each day it fails to terminate the relationship.
The Act requires US financial institutions maintaining a correspondent account for a foreign bank to maintain records in the US that identify the owners of record and the beneficial owners of the foreign bank, as well as the name and address of a person living in the US who is authorised to accept service of legal process in connection with a subpoena.
These measures give the US far greater authority to collect information from foreign banks – both in relation to a foreign bank’s US correspondent account and any other account at that foreign bank.
New Offences and New Penalties
The Act creates two new criminal offences:
- To knowingly conceal, falsify or misrepresent, from or to a financial institution, a material fact concerning the ownership or control of assets involved in a monetary transaction if the person or entity who owns or controls the assets is a senior foreign political figure and the total value of them is at least $1,000,000.
- To knowingly conceal, falsify or misrepresent, from or to a financial institution, a material fact concerning the source of funds in a monetary transaction that involves an entity found to be a primary money laundering concern and violates a prohibition on opening or maintaining a correspondent or payable through account.
Both offences carry a punishment of up to $1,000,000, 10 years’ imprisonment or both.
Changes to the Bank Secrecy Act
The Act also creates new penalties for existing violations of the Bank Secrecy Act. In addition to other available penalties, a fine of up to three times the profit gained from the violation - or twice the maximum penalty with respect to the violation - can be imposed for repeat violators. The new penalty applies only to persons who commit both a first and subsequent violation after January 1, 2021. An individual found to have committed a serious Bank Secrecy Act violation will be barred from serving on the board of directors of a US financial institution for ten years.
The Act also broadens the Bank Secrecy Act definition of financial institution to cover businesses that exchange or transmit cryptocurrency.
Whistleblowing Awards Revised
The Act changes and extends the whistleblower awards and protections that had been set out by 31 US Code §§ 5323 and 5328.
Under the previous version of § 5323, whistleblowers could receive a reward (of up to $150,000) if they provided information that led to at least $50,000 being recovered. Under the new provisions, the Treasury may now only grant a whistleblower award where a Bank Secrecy Act enforcement leads to penalties, disgorgement and interest totalling more than $1,000,000. An award to a whistleblower may now be up to 30% of the ordered penalties, disgorgement, and interest – which places this system of awards closer to the approach taken to whistleblowing by the US Securities and Exchange Commission. To be eligible for an award, a whistleblower must provide original information regarding a Bank Secrecy Act violation to either their employer, the Treasury or Department of Justice.
Other significant changes
FinCEN is to provide financial institutions with information about its concerns regarding financial crime and any patterns it has detected. The US Department of Treasury is to establish national AML priorities within six months, which should be updated at least every four years. Financial institutions’ efforts to incorporate national AML priorities into their risk-based programmes - in accordance with the Bank Secrecy Act – will be assessed by federal regulators. A financial institution will have to demonstrate that its programmes have the information FinCEN provides incorporated into them. The Act also states that the duty to establish and enforce a Bank Secrecy Act-AML programme has to be carried out by “persons in the United States’’ who are subject to supervision by a federal regulator.
Until now, US financial institutions had only limited scope to share suspicious activity report (SAR) details with foreign affiliates. But the Act makes FinCEN responsible for creating a programme for such financial institutions to share SAR information with their foreign branches and subsidiaries; apart from those in Russia, China or states that are recognised sponsors of terrorism, subject to sanctions or unable to protect the security and confidentiality of that information. This may be a significant boost to compliance efforts.
FinCEN is also now under an obligation to issue regulations relating to establishing standards that financial institutions must apply when testing technology that is to be used for Bank Secrecy Act compliance.