Financial firms have it hard enough verifying the identity of their customers.
They have to make certain to ask all the right questions and hope they get the right answers. It is an error-prone process, but at least the main thing the bank, broker-dealer, or mutual fund has to know is just who it is directly dealing with.
Now what if Financial Crimes Enforcement Network (FINCEN), a unit of the the US Treasury, proposed that a financial firm probe a lot deeper and find out underlying actual beneficial ownership or just who is controlling the entity? Multiply that investigation by hundreds if not thousands of organizations which might end up as clients of the financial institution. The task could end up being administratively burdensome, to put it mildly, for client onboarding and financial crime specialists.
In their proposed new rules, there is not even explicit legal protection for doing one’s best, no clear explanation of what due diligence the financial firm would have to do, and no specific guidance on when that due diligence would kick in. “FINCEN has not granted financial firms any safe harbor and and the new rules will be put to the test when something goes wrong,” worries Rick Fischer, a partner with Morrison & Foerster in Washington, DC.
Here is what FINCEN wants: each time a new customer signs up, a financial firm must verify not only who that customer is, but identify who has a 25 percent stake in the firm or has “significant responsibility to control, manage or direct” the firm. The “significant responsibility” category includes chief executives, presidents, chief financial officers and general partners. About 21,500 banks, broker-dealers, mutual fund complexes and futures commission merchants woiuld be affected.
FINCEN claims that the customer can self-certify– a fancy way of saying it will swear to tell the truth — and has provided US financial firms with the actual paperwork the individuals opening the accounts can fill out. That includes listing the names, dates of birth, addresses and tax IDs of any individuals and corporations meeting FINCEN’s criteria for disclosure. Yet FINCEN also says that the financial firm can’t accept the self-verification, it if has reason to think the customer isn’t telling the truth.
Therein lies the rub, says Jacob Braun, managing director of the corporate tax department for BNY Mellon in New York. “What does reason to know mean and how will we create procedures to determine what to do if that is the case? These are significant issues we now have to address,” he worries.
At issue: whether the due diligence would be the same or greater than what is typically followed under anti-money laundering (AML) and know-your-customer (KYC) rules. The IRS also has separate guidelines on what a financial institution should do if a client’s self-certification on tax documentation is suspect. In an ideal scenario, there would be a single set of procedures that satisfies FINCEN, AML and KYC regs, and the IRS. Sadly, regulators don’t often collaborate, even when they apparently have common interest in the same information.
FINCEN’s goal is understandable. It wants to prevent potential money laundering and other crimes, and financial firms already do make some effort to investigate the beneficial owners of a customer that is an entity, rather than a person. But that investigation typically occurs only when the entity falls under what is coined a “high risk scenario” — aka is located in a country where money laundering and criminal activities are commonplace. That means that only a fraction of the total number of customers are subject to this extra scrutiny. Now FINCEN wants every single one investigated for what it calls one of the pillars of solid customer due diligence programs.
That’s just for starters. FINCEN also apparently thinks its new rule will prepare US financial firms to comply with so-called reciprocal Model One intergovermental agreements (IGAs). Those are agreements the US has signed with dozens of foreign governments to swap information about potential tax evaders. The agreements were initially part of the US Foreign Account Tax Compliance Act (FATCA) but increasingly are being pursued by other nations as well.
FATCA agreements come down to this: your foreign country tells the US about US persons who might be hiding income in your foreign financial institutions, and the US will tell you about potential tax evaders from your country hiding income in US financial institutions. “Information held by banks and other financial institutions about the ownership of companies can be used to assist law enforcement in identifying the true owners of assets and their true tax liabilities,” acknowledges FINCEN, adding that strengthening customer disclosure requirements is an important part of the effort to crack down on cross-border tax evasion.
But in setting up the new rules, FINCEN has not clarified whether financial firms can make a direct correlation between the information FINCEN wants and the information that US financial institutions must give the IRS about the foreign investors who might be hiding their assets in the US. That lack of a clear and specific link could ultimately spell a lot more work because the same task would have to be done twice. “I wouldn’t bet that FINCEN matched up the two exactly or considered what it would mean if the requirements were different,” says Fischer.
So what’s a financial firm to do? What it always does when a new rule is imposed: set up procedures, document them, follow them and pray they work, recommends Fischer. Braun says he is meeting with his bank’s know-your-customer and anti-money laundering compliance unit to figure out how the FINCEN’s new requirements apply to documentation related to the IRS’ identification requirements for tax purposes.
For anyone who wants to grumble too loudly, FINCEN insists that it took into account the backlash of industry opposition to more draconian rules that it floated two years ago. The rules, as now proposed, would apply only to corporations, limited liability companies and limited partnerships; trusts are excluded. There are also more clear-cut guidelines on how to define a beneficial owner and who has control of a company.
The most important relaxation: there is no requirement to go back and remediate or correct pre-existing accounts. Of course, that’s a luxury likely to make other countries signing IGAs with the US angry. Reciprocal IGAs call for financial institutions in foreign countries to review all pre-existing accounts for US persons within a two-year window.
For legal experts there is really just one silver lining. At this point, the rules are not yet adopted, but only published in late July for for public comment. There is still more than a month left in which to provide feedback to the agency. “I’m certain FINCEN will be getting a lot of feedback,” predicts Fischer.
Leave a Comment
You must be logged in to post a comment.