Today, the Financial Crimes Enforcement Network (FinCEN), joined with other federal financial institution regulatory agencies, to issue a joint statement designed to discourage financial institutions from making decisions about taking on or continuing customer relationships based on blanket categorizations of customer types rather than assessing the specific money laundering risks each individual business or customer relationship may present. The statement acknowledges that it does not alter existing Bank Secrecy Act/Anti-Money Laundering (BSA/AML) legal or regulatory requirements and does not establish new supervisory expectations. However, it reminds financial institutions that, for BSA/AML compliance purposes, they should not automatically treat all customers of a particular type as representing a uniformly higher risk of money laundering, terrorist financing or other illicit activity. Rather, financial institutions are expected to apply a risk-based approach to Customer Due Diligence (CDD) that includes the development of risk profiles, specific to each customer, that may be updated based on ongoing monitoring to identify and report suspicious transactions.
The joint statement appears to be made in response to complaints by groups, including owners and operators of independent ATMs and other cash intensive businesses, regarding the difficulties they have encountered in obtaining banking services due to patterns of categorical "de-risking" by banks. The statement reiterates regulatory guidance issued in 2014 in the context of banks being hesitant to provide banking services to MSBs.
The underlying policy concern is that while cash intensive businesses may present heightened risks of money laundering, categorically blocking such businesses from obtaining banking services not only penalizes the businesses themselves, but also penalizes the customers of those businesses who may not qualify for or otherwise have access to traditional banking services. While conceding that banks are free to choose whether to enter into or maintain business relationships based on their own business objectives and other factors, including the ability to manage risk effectively, the joint statement reiterates the long-standing regulatory principle that such assessments should be based on individualized customer evaluations, not wholesale standards based on categories or types of customers.
For additional information, please contact Tom Delaney, Ilana Sinkin or Mikkaela Salamatin.