24 July 2002
Source:
http://www.access.gpo.gov/su_docs/aces/fr-cont.html
Federal Register
Vol. 67, No. 141
Tuesday, July 23, 2002
PROPOSED RULES
Currency and foreign transactions; financial reporting and recordkeeping requirements:
USA PATRIOT Act; implementation
Commodity Futures Trading Commission; Treasury DepartmentFutures commission merchants and introducing brokers; customer identification programsFederal Deposit Insurance Corporation; Federal Reserve System; National Credit Union Administration; Treasury Department; Treasury Department, Comptroller of the Currency; Treasury Department, Thrift Supervision Office
Banks, savings associations, and credit unions; customer identification programsSecurities and Exchange Commission; Treasury Department
Broker-dealers; customer identification programsMutual funds; customer identification programsTreasury Department
Banks, credit unions, and trust companies that do not have Federal functional regulator; customer identification programs
RULES
Currency and foreign transactions; financial reporting and recordkeeping requirements:
USA PATRIOT Act; implementation
Treasury DepartmentAnti-money laundering programs for certain foreign accounts; due diligence policies, procedures, and controls
[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Proposed Rules] [Page 48328-48338] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-704] ----------------------------------------------------------------------- COMMODITY FUTURES TRADING COMMISSION 17 CFR Part 1 RIN 3038-AB90 DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA34 Customer Identification Programs for Futures Commission Merchants and Introducing Brokers AGENCIES: Financial Crimes Enforcement Network, Treasury; United States Commodity Futures Trading Commission. ACTION: Joint notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: Treasury, through the Financial Crimes Enforcement Network (FinCEN), and the United States Commodity Futures Trading Commission (CFTC or Commission) are jointly issuing a proposed regulation to implement section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (the Act). Section 326 of the Act requires Treasury to jointly prescribe with the CFTC a regulation that, at a minimum, requires [[Page 48329]] futures commission merchants and introducing brokers to implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable, maintain records of the information used to verify the person's identity, and determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the futures commission merchant or introducing broker by any government agency. DATES: Written comments on the proposed rule may be submitted on or before September 6, 2002. ADDRESSES: Because paper mail in the Washington, DC area may be subject to delay, commenters are encouraged to e-mail or fax comments. Comments should be sent by one method only. Futures commission merchants and introducing brokers (and their respective trade associations) are encouraged to submit comments only to the CFTC. Other commenters are encouraged to submit comments only to FinCEN. All comments will be considered by Treasury and the CFTC in formulating the final rule. CFTC: Comments should be sent to the Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street, NW., Washington, DC 20581, Attention: Office of the Secretariat. Comments may be sent by facsimile transmission to (202) 418-5521, or by e-mail to secretary@cftc.gov. Reference should be made to ``Proposed Section 326 Rule `` Customer Identification.'' FinCEN: Comments may be mailed to FinCEN, Section 326 Futures Industry Comments, PO Box 39, Vienna, VA 22183, or sent to Internet address regcomments@fincen.treas.gov with the caption ``Attention: Section 326 Futures Industry Rule Comments'' in the body of the text. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, DC. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). FOR FURTHER INFORMATION CONTACT: CFTC: Office of the General Counsel, (202) 418-5120, Commodity Futures Trading Commission, 1155 21st Street, NW., Washington, DC 20581. Treasury: Office of the Chief Counsel (FinCEN), (703) 905-3590; Office of the Assistant General Counsel for Enforcement (Treasury), (202) 622-1927; or the Office of the Assistant General Counsel for Banking & Finance (Treasury), (202) 622-0480. SUPPLEMENTARY INFORMATION: I. Background A. Section 326 of the USA PATRIOT Act On October 26, 2001, President Bush signed into law the USA PATRIOT Act.\1\ Title III of the Act, captioned ``International Money Laundering Abatement and Anti-terrorist Financing Act of 2001,'' adds several new provisions to the Bank Secrecy Act (BSA), 31 U.S.C. 5311 et seq. These provisions are intended to facilitate the prevention, detection, and prosecution of international money laundering and the financing of terrorism. --------------------------------------------------------------------------- \1\ Pub. L. 107-56. --------------------------------------------------------------------------- Section 326 of the Act adds a new subsection (l) to 31 U.S.C. 5318 that requires the Secretary of the Treasury (Secretary) to prescribe regulations setting forth minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at the financial institution. Section 326 applies to all ``financial institutions.'' This term is defined very broadly in the BSA to encompass a variety of entities including banks, agencies and branches of foreign banks located in the United States, thrifts, credit unions, brokers and dealers in securities or commodities,\2\ futures commission merchants, insurance companies, travel agents, pawnbrokers, check-cashers, casinos, and telegraph companies, among many others. See 31 U.S.C. 5312(a)(2), 5312(c)(1)(A). --------------------------------------------------------------------------- \2\ Treasury has previously expressed the opinion that introducing brokers are ``brokers or dealers in commodities'' and therefore come within this definition of ``financial institution.'' See Financial Crimes Enforcement Network; Anti-Money Laundering Programs For Financial Institutions, 67 FR 21110, 21111 n.5 (April 29, 2002) (citing 31 U.S.C. 5312 (a)(2)(h)). Nonetheless, Treasury takes this opportunity to clarify formally that section 5312 (a)(2)(H) includes ``introducing brokers'' within the definition of ``financial institution.'' --------------------------------------------------------------------------- For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with each of the CFTC, the Securities and Exchange Commission (SEC), and the banking agencies, namely, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the National Credit Union Administration (collectively referred to as the banking agencies). Final regulations implementing section 326 must be effective by October 25, 2002. Section 326 provides that the regulations must require, at a minimum, financial institutions to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person's name appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, the Secretary is directed to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available. The following proposal is being issued jointly by Treasury, through FinCEN, and the Commission. It applies only to persons registered, or required to be registered, with the Commission as either futures commission merchants or introducing brokers under the Commodity Exchange Act (CEA) (7 U.S.C. 1 et seq.), except persons who register pursuant to section 4f(a)(2) of the CEA. Accordingly, this rule does not apply to persons who register, or are required to register, as futures commission merchants or introducing brokers solely because they effect transactions in security futures products. These section 4f(a)(2) futures commission merchants and introducing brokers must be registered with the SEC as brokers or dealers, and they are therefore the subject of rules issued jointly by Treasury and the SEC implementing section 326. Regulations governing the applicability of section 326 to other financial institutions, such as those regulated by the banking agencies, are also the subject of separate regulations. Treasury, the Commission, the SEC and the banking agencies consulted extensively in the development of all rules implementing section 326 of the Act. All of the participating agencies intend the effect of the rules to be uniform throughout the financial services industry. The Secretary has determined that the records required to be kept by section 326 of the Act have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, to protect against international terrorism. [[Page 48330]] B. Codification of the Joint Proposed Rule The substantive requirements of the joint proposed rule will be codified with other Bank Secrecy Act regulations as part of Treasury's regulations in 31 CFR part 103. To minimize potential confusion by affected entities regarding the scope of the joint proposed rule, the CFTC is also proposing to add a provision in its own regulations in 17 CFR part 1 that will cross-reference the regulations in 31 CFR part 103. Although no specific text is being proposed at this time, the cross-reference will be included in a final rule published by the CFTC concurrently with the joint final rule issued by Treasury and the CFTC implementing section 326 of the Act. II. Section-by-Section Analysis A. Section 103.123(a) Definitions Section 103.123 (a)(1) Account. The proposed rule's definition of ``account'' is intended to include all types of futures and commodity option accounts maintained or introduced by futures commission merchants and introducing brokers. These include, but are not limited to: accounts to purchase or sell contracts of sale for future delivery, options on contracts of sale for future delivery, or options on physicals in any commodity; cash accounts; margin accounts; prime brokerage accounts that consolidate trading done at a number of firms; and accounts for repurchase and commodity loan transactions. Section 103.123(a)(2) Commission. The proposed rule defines ``Commission'' as the United States Commodity Futures Trading Commission. Section 103.123(a)(3) Commodity. The proposed rule defines ``commodity'' as any good, article, service, right, or interest described in Section 1a(4) of the Commodity Exchange Act, 7 U.S.C. 1a(4). Section 103.123(a)(4) Customer. The proposed rule defines ``customer'' as any person who opens a new account at a futures commission merchant or is granted authority to effect transactions with respect to an account at a futures commission merchant. Where an account is introduced to a futures commission merchant by an introducing broker, a person opening the account or granted authority to effect transactions with respect to the account is a customer of both the futures commission merchant and the introducing broker. Under this definition, a person who has an account at the futures commission merchant prior to the effective date of the proposed rule would not be a ``customer.'' However, such a person becomes a ``customer'' if the person opens a different account thereafter. Moreover, a person becomes a ``customer'' each time they open a different type of account at a futures commission merchant. Similarly, an outside advisor with trading authority prior to the effective date of the regulation is not a ``customer.'' However, such a person being granted trading authority after the effective date is a customer. This is true even if the person is granted authority with respect to an account that existed prior to the effective date or the person had been granted authority for another account prior to the effective date. The requirements of section 326 apply to ``customers'' (i.e., persons opening new accounts or certain persons being granted trading authority), but do not apply to persons seeking information about an account such as a schedule of transaction fees, if an account is not opened. In addition, transfers of accounts from one futures commission merchant to another that are not initiated by the customer, for example as a result of a bankruptcy, merger, acquisition, or purchase of assets or assumption of liabilities, fall outside of the scope of section 326, and are not covered by the proposed rule.\3\ --------------------------------------------------------------------------- \3\ However, there may be situations involving the transfer of accounts where it would be appropriate for a futures commission merchant to verify the identity of customers associated with the accounts it is acquiring. Therefore, Treasury and the Commission expect procedures for transfers of accounts to be part of a futrures commission merchant's overall anti-money laundering program required under section 352 of the USA PATRIOT Act. --------------------------------------------------------------------------- Section 103.123(a)(5) Futures Commission Merchant. The proposed rule defines ``futures commission merchant'' as (and therefore applies to) any persons registered, or required to be registered, with the Commission as futures commission merchants under the CEA, except persons who register, or are required to be registered, solely because they effect transactions in security futures products. These latter futures commission merchants, who register with the Commission pursuant to section 4f(a)(2) of the CEA, will be subject to regulations issued jointly by Treasury and the SEC implementing section 326. Section 103.123(a)(6) Introducing Broker. The proposed rule defines ``introducing broker'' as (and therefore applies to) any persons registered, or required to be registered, with the Commission as introducing brokers under the CEA, except persons who register, or are required to be registered, solely because they effect transactions in security futures products. These latter introducing brokers, who register with the Commission pursuant to section 4f(a)(2) of the CEA, will be subject to regulations issued jointly by Treasury and the SEC implementing section 326. Section 103.123(a)(7) Option. The proposed rule defines ``option'' as an agreement, contract or transaction described in Section 1a(26) of the Commodity Exchange Act, 7 U.S.C. 1a(26). Section 103.123(a)(8) Person. The proposed rule defines ``person'' as having the same meaning as provided in section 103.11(z). Thus, the term includes natural persons, corporations, partnerships, trusts or estates, joint stock companies, associations, syndicates, joint ventures, any unincorporated organizations or groups, Indian Tribes, and all other entities cognizable as legal entities. This means that any such entity will be considered a ``customer'' for the purposes of this rule if, after the effective date, the person opens an account or is granted trading authority with respect to an account. Section 103.123(a)(9) U.S. person. The proposed rule defines ``U.S. person'' because U.S. citizens and persons incorporated under U.S. laws will be required to provide U.S. tax identification numbers whereas other persons, who may not have a U.S. tax identification number, will be required to provide other similar numbers. Thus, the rule defines ``U.S. person'' to mean a U.S. citizen or, for persons other than natural persons, an entity established or organized under the laws of a State or the United States. The terms ``State'' and ``United States'' are defined in sections 103.11(ss) and 103.11(nn), respectively. A non- U.S. person is defined in Sec. 103.123(a)(10) as a person who does not satisfy these criteria. Section 103.123(a)(11) Taxpayer identification number. The proposed rule provides that the provisions of Section 6109 of the Internal Revenue Code and the regulations of the Internal Revenue Service thereunder determine what constitutes a taxpayer identification number. B. Section 103.123(b) Customer Identification Program As indicated above, section 326 requires the Secretary and the Commission to prescribe regulations requiring futures commission merchants and introducing brokers to implement ``reasonable procedures'' for: verifying the identity of customers ``to the extent reasonable and practicable;'' maintaining records associated with [[Page 48331]] such verification; and consulting lists of known or suspected terrorists or terrorist organizations. Paragraph (b) of the proposed rule sets forth the requirement that futures commission merchants and introducing brokers must develop and operate a customer identification program (CIP). Paragraph (b) also sets forth certain requirements that each CIP must possess. These factors include the type of identifying information available and six assessments based upon the business operations of the futures commission merchant or introducing broker. The first factor identified in paragraph (b) is the type of identifying information available. Thus, in implementing and updating their CIPs, futures commission merchants and introducing brokers should consider the type of identifying information that customers can provide. They should also consider the methods available to verify that information, and should consider on an on-going basis whether any additional information or methods are appropriate, particularly as they become available in the future. The six business-operations-based risk factors include assessments of the futures commission merchant's or introducing broker's (1) size; (2) location; (3) methods of opening accounts; (4) types of accounts and transactions; (5) customer base; and (6) reliance, if any, on another futures commission merchant or introducing broker with which it shares an account relationship. These specific factors are discussed below in general terms.\4\ The first risk factor to consider is the futures commission merchant's or introducing broker's size. For example, a large futures commission merchant or introducing broker that opens a substantial number of accounts on any given day will have different risks than one that opens a new account no more than once or twice a month. The same is true when comparing a futures commission merchant or introducing broker that has many branches with one that has a single office. --------------------------------------------------------------------------- \4\ This discussion of the risk factors is included because we believe it is helpful in providing some meaning and context with respect to the factors. However, we are not attempting to provide comprehensive definitions of these risk factors or an exhaustive description of the considerations involved in assessing them. Instead, we intend our discussion to serve as a starting point for defining and assessing them. --------------------------------------------------------------------------- The second risk factor is the location of the futures commission merchant or introducing broker. Futures commission merchants and introducing brokers should assess whether they are located or have offices in areas where money laundering activities have been known to exist or that otherwise increase the risk that attempts will be made to open accounts for money laundering purposes. The third risk factor is the method by which customers open accounts. Accounts opened exclusively on-line present different, and perhaps greater, risks than those opened in-person on the premises of the futures commission merchant or introducing broker. The fourth risk factor is the type of accounts and transactions that are offered by the futures commission merchant or introducing broker. Futures commission merchants and introducing brokers should assess whether there are different risks (and degrees of risk) associated with the various types of accounts they provide to customers (e.g., futures, options on futures, prime-brokerage) and transactions they execute in those accounts (e.g., longs, shorts, spreads). The fifth risk factor to be considered is customer base. Futures commission merchants and introducing brokers should assess the risks associated with different types of customers. For example, futures commission merchants and introducing brokers should examine whether they are opening accounts for customers located in countries the Secretary determines to be of ``primary money laundering concern'' pursuant to section 311 of the Act. In addition, certain legal entities may pose greater risks (e.g., a closely-held corporation as opposed to one that is publicly traded). Each CIP also should address the risks that may be posed by different types of intermediated accounts. With respect to intermediated accounts, such as omnibus accounts and accounts for commodity pools and other collective investment vehicles,\5\ a futures commission merchant or introducing broker may have little or no information about the identities and transaction activities of the underlying participants or beneficiaries of such accounts.\6\ In most instances, given Treasury's risk-based approach to anti-money laundering programs for financial institutions generally, it is expected that the focus of each futures commission merchant's and introducing broker's CIP will be the intermediary itself, and not the underlying participants or beneficiaries. Thus, futures commission merchants and introducing brokers should assess the risks associated with different types of intermediaries based upon an evaluation of relevant factors, including the type of intermediary; its location; the statutory and regulatory regime that applies to a foreign intermediary (e.g., whether the jurisdiction complies with the European Union anti- money laundering directives or has been identified as non-cooperative by the Financial Action Task Force); the futures commission merchant's or introducing broker's historical experience with the intermediary; references from other financial institutions regarding the intermediary; and whether the intermediary is itself a BSA financial institution required to have an anti-money laundering program.\7\ --------------------------------------------------------------------------- \5\ The term ``collective investment vehicle'' is not defined in regulations under the CEA but is commonly used to describe an entity through which persons combine funds (i.e., cash) or other assets, which are invested and managed by the entity. See generally 65 FR 24127 (April 25, 2000) (CFTC rule regarding exclusion for certain persons from the definition of the term ``commodity pool operator''). \6\ Similarly, when a customer has given a commodity trading advisor discretionary trading authority over its account, the commodity trading advisor and not the futures commission merchant (or introducing broker) may be the financial institution with the most information regarding the customer. Treasury, however, has temporarily exempted commodity trading advisors from the requirement to establish anti-money laundering programs as required by section 352 of the Act. 67 FR 21110, 21112 (April 29, 2002). At such time as Treasury proposes or promulgates regulations requiring commodity trading advisors to establish anti-money laundering programs, it will provide guidance regarding the permissible interrelation between commodity trading advisors and futures commission merchants (or introducing brokers) in order to satisfy their respective BSA obligations. \7\ Treasury's interim final rule requiring mutual funds to establish anti-money laundering programs provided for similar treatment of omnibus accounts. 67 FR 21117 (April 29, 2002); see also proposed 31 CFR 103.131. --------------------------------------------------------------------------- The sixth risk factor requires an assessment of whether the futures commission merchant or introducing broker can rely on another futures commission merchant or introducing broker, with which it shares an account relationship, to undertake any of the steps required by this proposed rule with respect to the shared account.\8\ A shared account relationship may occur in at least two different circumstances: (1) An introducing broker introduces a customer to a futures commission merchant and (2) an executing futures commission merchant executes a customer's order and then ``gives up'' this filled order to a clearing futures [[Page 48332]] commission merchant who carries the customer's account.\9\ We anticipate that futures commission merchants and introducing brokers sharing accounts may realize efficiencies by dividing up the requirements in this proposed rule pursuant to either their introducing agreements (in the context of introduced business) or give-up agreements (in the context of give-up business).\10\ For example, the introducing broker may undertake to obtain the identifying information from customers as required in paragraph (c) and the futures commission merchant may undertake the verification procedures as required in paragraph (d). Or, in another example, the clearing futures commission merchant may undertake the procedures required for paragraphs (c) and (d) both for its own behalf and on behalf of the executing futures commission merchant. Nonetheless, in both examples, each financial institution would still be responsible for ensuring that each requirement in the proposed rule is met with respect to a customer. Accordingly, a futures commission merchant or introducing broker must assess whether the other firm can be relied on to fulfill its allocated responsibilities. Moreover, a futures commission merchant or introducing broker is expected to cease such reliance if it is no longer reasonable. --------------------------------------------------------------------------- \8\ Treasury and the Commission recognize that a related issue arises in the context of a firm that is registered both with the SEC as a broker-dealer and with the Commission as a futures commission merchant or introducing broker. Neither Treasury nor the Commission intend the effect of this proposed rule to require that both the securities and futures firm identify, and verify the identity of, their customers. For example, if a futures firm has a bifurcated compliance department handling, respectively, the securities and futures sides of its business, the futures firm could perform the required customer identification and verification procedures and the securities firm could rely on it. \9\ Although no formal survey has been conducted, the Commission has been advised that a significant percentage of all customer trades on U.S. exchanges are effected using an executing futures commission merchant. A customer may elect to use one or more executing futures commission merchants for a number of reasons. In certain circumstances, the customer's carrying futures commission merchant may not be a member of a particular exchange on which the contract in question is listed for trading. In others, particularly in the case of larger institutional customers, the customer may elect to use one or more executing futures commission merchants in order not to disclose its intentions to other market participants. Finally, certain futures commission merchants simply develop a reputation for being able to execute transactions in particular contracts well. \10\ An executing futures commission merchant subject to this proposed rule could obtain from a clearing futures commission merchant, either as part of a give-up agreement or on a transaction- by-transaction basis, a certification that the latter has performed the required customer identification or verification functions. For example, the U.K.''s Joint Money Laundering Steering Group (JMLSG), an association of U.K. Financial Services Industry Trade Associations, recommends that its members employ a variation of the certification approach. For give-up business, the JMLSG's Money Laundering Guidance Notes state: ``Where an executing broker and a clearing broker are undertaking an exchange transaction on behalf of the same customer, the clearing broker should provide the appropriate written assurance that it will have obtained and recorded evidence of the identity of the underlying client.'' See www.jmlsg.org.uk. --------------------------------------------------------------------------- Paragraph (b) also requires that the identity verification procedures must enable each futures commission merchant and introducing broker to form a reasonable belief that it knows the true identity of its customers. This provision makes clear that, while there is flexibility in establishing these procedures, each futures commission merchant and introducing broker is responsible for exercising reasonable efforts to ascertain the identity of each customer. Finally, paragraph (b) requires that futures commission merchants and introducing brokers incorporate their CIPs into their overall anti- money laundering programs required under section 352 of the Act (31 U.S.C. 5318(h)) and National Futures Association (NFA) Compliance Rule 2-9(c).\11\ This requirement is intended to make clear that the CIP is not a separate program, but is merely one component of each futures commission merchant's and introducing broker's overall anti-money laundering program that is designed to ensure compliance with all other applicable rules and regulations promulgated under the Act and the BSA. --------------------------------------------------------------------------- \11\ Section 352 requires financial institutions to establish anti-money laundering programs that, at a minimum, include (1) the development of internal policies, procedures, and controls; (2) the designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. On April 23, 2002, the Commission approved rule changes submitted by the NFA setting forth for member futures commission merchants and introducing brokers the minimum requirements for these programs. --------------------------------------------------------------------------- C. Section 103.123(c) Required Information The first step in verifying identity is obtaining identifying information from customers. Paragraph (c) of the proposed rule provides that each futures commission merchant's and introducing broker's CIP must specify identifying information that customers are required to provide. It also sets forth certain information that must be obtained at a minimum and provides that the CIP must require the futures commission merchant and introducing broker to obtain this minimum information before an account is opened or trading authority is granted. The minimum information that must be obtained from each customer is (1) name, (2) date of birth, if applicable, (3) address, and (4) U.S. taxpayer identification number (e.g., social security number or employer identification number) or if the person is not a U.S. person, a U.S. taxpayer identification number, an alien identification card number, or the number and country of issuance of any other government- issued document evidencing nationality or residence and bearing a photograph or similar safeguard.\12\ The term ``similar safeguard'' is included to permit the use of any biometric identifiers that may be used in addition to, or instead of, photographs. With respect to the address requirement, each customer must provide both a mailing and residence address (if a natural person) or principal place of business (if not a natural person). --------------------------------------------------------------------------- \12\ Treasury and the Commission understand these categories of identification numbers for foreign citizens generally are applicable to natural persons. Accordingly, we seek comment on the types of numbers that could be provided by other persons. --------------------------------------------------------------------------- The rule only specifies the minimum identifying information that must be obtained from each customer. Futures commission merchants and introducing brokers, in assessing the risk factors in paragraph (b), should determine whether additional identifying information is necessary to form a reasonable belief as to the true identity of each customer. There may be certain types of customers or circumstances where it is reasonable to obtain other identifying information in addition to the minimum. If a futures commission merchant or introducing broker, in examining the nature of its business and operations, determines that additional information should be obtained in certain cases, it should set forth guidelines in its CIP indicating when this shall occur. Treasury and the Commission recognize that a new business may need access to an account at a futures commission merchant or introducing broker before it has received an employer identification number from the Internal Revenue Service. For this reason, the proposed regulation contains a limited exception to the requirement that a taxpayer identification number must be provided prior to establishing or adding a signatory to an account. Accordingly, a CIP may permit a futures commission merchant or introducing broker to open or add a signatory to an account for a person other than an individual (such as a corporation, partnership, or trust) that has applied for, but has not received, an employer identification number. However, in such a case, the CIP must require that the futures commission merchant or introducing broker obtain a copy of the application before it opens or adds a signatory to the account and obtain the employee identification number within a reasonable period of time after an account is established or a signatory is added to an account. Currently, the IRS indicates that the issuance of an employer identification number can [[Page 48333]] take up to five weeks. This length of time, coupled with when the person applied for the employer identification number, should be considered by the futures commission merchant or introducing broker in determining the reasonable period of time within which the person should provide its employer identification number to the futures commission merchant or introducing broker. D. Section 103.123(d) Required Verification Procedures After obtaining identifying information from a customer, futures commission merchants and introducing brokers must take steps to verify the accuracy of that information in order to reach a point where they can form a reasonable belief as to the true identity of the customer. Accordingly, paragraph (d) of the proposed rule requires each futures commission merchant's and introducing broker's CIP to have procedures for verifying the accuracy of the identifying information provided by the customer. Because the proposed rule requires futures commission merchants and introducing brokers to form a reasonable belief that they know the true identity of each customer, the extent of the verification for each customer will depend on the steps necessary for futures commission merchants and introducing brokers to form such a belief. Paragraph (d) requires that the verification procedures must be undertaken within a reasonable time before or after a customer's account is opened or a customer is granted authority to effect transactions with respect to an account. This flexibility must be exercised in a reasonable manner, given that verifications too far in advance may become stale and verifications too long after an account is opened may provide money laundering opportunities to persons who would not have had such opportunities if verification occurred sooner. The amount of time it will take a futures commission merchant or introducing broker to verify the identity of a customer may depend on the type of account opened, whether the customer opens the account in person, and on the type of identifying information available. In addition, although an account is opened, a futures commission merchant or introducing broker may choose to place limits on the account, such as restricting the number of transactions or the dollar value of transactions, until a customer's identity is verified. Therefore, the proposed rule provides futures commission merchants and introducing brokers with the flexibility to use a risk-based approach to determine when the identity of a customer must be verified relative to the opening of an account or granting of trading authority.\13\ --------------------------------------------------------------------------- \13\ Treasury and the Commission note that it is possible that futures commission merchants and introducing brokers could violate other laws by permitting a customer to transact business prior to verifying the customer's identity. See, e.g., 31 CFR part 500, prohibiting transactions involving designated foreign countries or their nationals. --------------------------------------------------------------------------- As mentioned above, a person becomes a customer each time they open a new account or are granted trading authority. Therefore, upon the opening of each account, the verification requirements of this rule would apply. However, if a customer whose identification has been verified previously opens a new account, a futures commission merchant or introducing broker would not need to verify the customer's identity a second time, provided it (1) previously verified the customer's identity in accordance with procedures consistent with this rule, and (2) continues to have a reasonable belief that it knows the true identity of the customer. The rule provides for two methods of verifying identifying information: use of documents and use of non-documentary means. For example, using documents would include obtaining a driver's license or passport from a natural person or articles of incorporation from a company. Non-documentary methods would include cross-checking the information provided by a customer against that supplied by a credit bureau or consumer reporting agency. The proposed rule requires each futures commission merchant's and introducing broker's CIP to address both methods of verification. Depending on the type of customer and the method of opening an account, it may be more appropriate to use either documents or non-documentary methods. However, in some cases, it may be appropriate to use both methods. The CIP should set forth guidelines describing when documents, non-documentary methods, or a combination of both will be used. The risk that a futures commission merchant or introducing broker will not know a customer's identity will be heightened for certain types of accounts, such as accounts opened in the name of a corporation, partnership, or trust that is created or conducts substantial business in jurisdictions designated as primary money laundering concerns or that have been designated as non-cooperative by an international body, such as the Financial Action Task Force. Obtaining sufficient information to verify a given customer's identity can reduce the risk that a futures commission merchant or introducing broker will be used as a conduit for money laundering and terrorist financing. Each futures commission merchant's and introducing broker's identity verification procedures must be based on its assessment of the factors described in paragraph (b) of the proposed rule. Accordingly, when those assessments suggest a heightened risk, the futures commission merchant and introducing broker should prescribe additional verification measures. 1. Verification Through Documents Paragraph (d)(1) provides that the CIP must describe when a futures commission merchant or introducing broker will verify identity through documents and set forth the documents that will be used for this purpose. The rule also lists certain documents that are suitable for verification. For natural persons, these documents may include: unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard. For other persons, suitable documents would be ones showing the existence of the entity, such as registered articles of incorporation, a government- issued business license, a partnership agreement, or a trust instrument. 2. Verification Through Non-Documentary Methods Paragraph (d)(2) provides that the CIP must describe non- documentary verification methods and when such methods will be employed in addition to, or instead of, using documents. The rule allows for the exclusive use of non-documentary methods because some accounts are opened by telephone, mail, or over the Internet. However, even if the customer presents documents, it may be appropriate to use non- documentary methods as well. In the end, each futures commission merchant and introducing broker is responsible for employing sufficient verification methods to be able to form a reasonable belief that it knows the true identity of the customer. The proposed rule sets forth certain non-documentary methods that would be suitable for verifying identity. These methods include contacting a customer after the account is opened; obtaining a financial statement; comparing the identifying information provided by the customer against fraud and bad check databases to determine whether any of the information is associated with known incidents of fraudulent behavior (negative verification); comparing the identifying information with [[Page 48334]] information available from a trusted third party source, such as a credit report from a credit bureau or consumer reporting agency (positive verification); and checking references with other financial institutions. Futures commission merchants and introducing brokers also may wish to analyze whether there is logical consistency between the identifying information provided, such as the customer's name, street address, ZIP code, telephone number (if provided), date of birth, and social security number (logical verification). Paragraph (d)(2) also provides that the CIP must require the use of non-documentary methods in certain cases; specifically, when a natural person is unable to present an unexpired government issued identification document that bears a photograph or similar safeguard or when a futures commission merchant or introducing broker is presented with unfamiliar documents to verify the identity of a customer, does not obtain documents to verify the identity of a customer, does not meet a customer face-to-face, or is otherwise presented with circumstances that increase the risk the futures commission merchant or introducing broker will be unable to verify the true identity of a customer through documents. Thus, non-documentary methods should be used when the futures commission merchant or introducing broker cannot examine original documents. In addition, Treasury and the Commission recognize that identification documents, including those issued by a government entity, may be obtained illegally and may be fraudulent. In light of the recent increase in identity fraud, futures commission merchants and introducing brokers are encouraged to use non-documentary methods, even when a customer has provided identification documents. E. Section 103.123(e) Government Lists Section 326 of the Act also requires reasonable procedures for determining whether a customer's name appears on any list of known or suspected terrorists or terrorist organizations provided by any government agency. The proposed rule implements this requirement and clarifies that the requirement applies only with respect to lists circulated by the Federal government. In addition, the proposed rule states that futures commission merchants and introducing brokers must follow all Federal directives issued in connection with such lists. This provision makes clear that futures commission merchants and introducing brokers must have procedures for responding to circumstances when a customer is named on a list. F. Section 103.123(f) Customer Notice Section 326 of the Act contemplates that financial institutions will provide their customers with ``adequate notice'' of the customer identification procedures. Therefore, each futures commission merchant's and introducing broker's CIP must include procedures for providing customers with adequate notice that the futures commission merchant or introducing broker is requesting information to verify their identity. A futures commission merchant or introducing broker may satisfy the notice requirement by generally notifying its customers about the procedures it must comply with to verify their identities. For example, a futures commission merchant or introducing broker may post a sign in its lobby or provide customers with any other form of written or oral notice. If an account is opened electronically, such as through an Internet website, the futures commission merchant or introducing broker may provide notice electronically. G. Section 103.123(g) Lack of Verification Paragraph (g) of the proposed rule states that each futures commission merchant's and introducing broker's CIP must include procedures for responding to circumstances in which it cannot form a reasonable belief that it knows the true identity of a customer. Generally, each futures commission merchant and introducing broker should only maintain an account for a customer when it has a reasonable belief that it knows the customer's true identity.\14\ Thus, each futures commission merchant's and introducing broker's CIP should specify the actions to be taken when it cannot form a reasonable belief. There also should be guidelines for when an account will not be opened. In addition, the CIP should address the terms under which a customer may conduct transactions while a customer's identity is being verified. The CIP should specify at what point, after attempts to verify a customer's identity have failed, an account that has been opened should be closed. Finally, the procedures should include a process for determining whether, in connection with conducting customer identification or verification, a Suspicious Activity Report should be filed. --------------------------------------------------------------------------- \14\ There are some exceptions to this basic rule. For example, a futures commission merchant or introducing broker may introduce or maintain an account, at the direction of law enforcement, notwithstanding that it does not know the true identity of a customer. --------------------------------------------------------------------------- H. Section 103.123(h) Recordkeeping Section 326 of the Act requires procedures for maintaining records of the information used to verify a person's identity, including name, address, and other identifying information. Paragraph (h) of the proposed rule sets forth recordkeeping procedures that must be included in each futures commission merchant's and introducing broker's CIP. These procedures must provide for the maintenance of all information and documents obtained pursuant to the CIP. Information that must be maintained includes all identifying information provided by a customer pursuant to paragraph (c). Thus, the futures commission merchant and introducing broker must make a record of each customer's name, date of birth (if applicable), addresses, and tax identification number or other number. Futures commission merchants and introducing brokers also must maintain copies of any documents that were relied upon to verify identity pursuant to paragraph (d)(1), evidencing the type of document and any identification number it may contain. For example, if a customer produces a driver's license, the futures commission merchant or introducing broker must make a copy of the driver's license that clearly indicates it is a driver's license and legibly depicts any identification number on the license. Futures commission merchants and introducing brokers also must make and maintain records evidencing the methods and results of measures undertaken to verify the identity of a customer pursuant to paragraph (d)(2). For example, if a futures commission merchant or introducing broker obtains a report from a credit bureau concerning a customer, the report must be maintained. Futures commission merchants and introducing brokers also must make and maintain records of the resolution of any discrepancy in the identifying information obtained. To continue with the previous example, if the customer provides a residence address that is different from the address shown on the credit report, the futures commission merchant or introducing broker must document how it resolved this discrepancy or, if the discrepancy was not resolved, how it formed a reasonable belief notwithstanding the discrepancy. Futures commission merchants and introducing brokers must retain all of these records for five years after the date an account is closed or the grant of [[Page 48335]] authority to effect transactions with respect to an account is revoked. In all other respects, the records must be maintained in accordance with the requirements of Commission Rule 1.31.\15\ --------------------------------------------------------------------------- \15\ 17 CFR 1.31. --------------------------------------------------------------------------- Nothing in this proposed rule modifies, limits or supersedes section 101 of the Electronic Records in Global and National Commerce Act, Public Law 106-229, 114 Stat. 464 (15 U.S.C. 7001) (E-Sign Act). Thus, futures commission merchants and introducing brokers may use electronic records to satisfy the requirements of this rule, as long as the records are maintained in accordance with Commission Rules 1.4 and 1.31.\16\ --------------------------------------------------------------------------- \16\ 17 CFR 1.4, 1.31. --------------------------------------------------------------------------- Treasury and the Commission emphasize that the collection and retention of information about a customer as an ancillary part of collecting identifying information, do not relieve futures commission merchants and introducing brokers from their obligations to comply with anti-discrimination laws or regulations. I. Section 103.123(i) Approval of Program Paragraph (i) of the proposed rule requires that each futures commission merchant's and introducing broker's CIP be approved by its most senior level (e.g., board of directors, managing partners, board of managers or other governing body performing similar functions) or by persons specifically authorized by that body to approve such a program. J. Section 103.123(j) Exemptions Section 326 states that the Secretary and the Federal functional regulator jointly issuing the rule may by order or regulation exempt any financial institution or type of account from this rule in accordance with such standards and procedures as the Secretary may prescribe. The proposed rule provides that the Commission, with the concurrence of the Secretary, may exempt any futures commission merchant or introducing broker that registers with the Commission. However, it excludes from this exemptive authority futures commission merchants and introducing brokers that register pursuant to section 4f(a)(2) of the CEA. These are firms that register as futures commission merchants or introducing brokers solely because they deal in security futures products. The exemptive authority with respect to these firms is addressed in the rule issued jointly by Treasury and the SEC. In issuing exemptions under the proposed rule, the Secretary and the Commission shall consider whether the exemption is consistent with the purposes of the BSA, and in the public interest, and may consider other necessary and appropriate factors. III. Request for Comments Treasury and the Commission invite comment on all aspects of the proposed rule, and specifically seek comment on the following issues: 1. Whether the proposed definition of ``account'' is appropriate. 2. How the proposed rule should apply to various types of accounts that are designed to allow a customer to transact business immediately. 3. Ways that futures commission merchants and introducing brokers can comply with the requirement to obtain both the address of a person's residence, and, if different, the person's mailing address in situations involving natural persons who lack a permanent address. 4. Whether non-U.S. persons that are not natural persons will be able to provide futures commission merchants and introducing brokers with the identifying information required in Sec. 103.123(c)(4), or whether other categories of identifying information should be added to this section. Commenters on this issue should suggest other means of identification that futures commission merchants and introducing brokers currently use or should use in this circumstance. 5. Whether the proposed rule will subject futures commission merchants and introducing brokers to conflicting State laws. Treasury and the Commission request that commenters cite and describe any potentially conflicting State laws. 6. The extent to which the verification procedures required by the proposed rule make use of information that futures commission merchants and introducing brokers currently obtain in the account opening process. We note that the legislative history of section 326 indicates that Congress intended ``the verification procedures prescribed by Treasury [to] make use of information currently obtained by most financial institutions in the account opening process.'' See H.R. Rep. No. 107-250, pt. 1, at 63 (2001). IV. Paperwork Reduction Act The Paperwork Reduction Act of 1995 (PRA), 44 U.S.C. 3501 et seq., imposes certain requirements on federal agencies in connection with their conducting or sponsoring any collection of information as defined by the PRA. Because this proposed rulemaking contains information collection requirements within the meaning of the PRA, FinCEN has submitted the information collection requirements in this proposed rule to the Office of Management and Budget (OMB) for its review in accordance with 44 U.S.C. 3507(d). An agency may not conduct or sponsor, and a person is not required to respond to, an information collection unless it displays a currently valid OMB control number. The proposed rule requires futures commission merchants and introducing brokers to implement reasonable procedures to (1) maintain records of the information used to verify the person's identity and (2) provide notice of these procedures to customers. These recordkeeping and disclosure requirements are required under section 326 of the Act. The Commission estimates that approximately 188 futures commission merchants and 1593 introducing brokers will need to implement a CIP. Further, the Commission estimates that each futures commission merchant and introducing broker will need to spend approximately 10 hours per year to meet the recordkeeping requirements of the proposed rule.\17\ Further, Treasury and the Commission estimate that each futures commission merchant and introducing broker will need to spend approximately one hour per year to meet the disclosure requirements of the new rule. Therefore, the estimated paperwork burden of this proposed rule is calculated as follows: --------------------------------------------------------------------------- \17\ The Commission believes that futures commission merchants and introducing brokers already obtain from their customers most, if not all, of the information required under the proposed rule. See Commission Rule 1.37, 17 CFR 1.37 (requiring futures commission merchants and introducing brokers to obtain the customer's true name, address, principal occupation or business, name of guarantor, and name of person controlling the account), and NFA Compliance Rule 2-30 (futures commission merchants and introducing brokers are required to obtain, with respect to customers that are individuals, the customer's true name, address, principal occupation or business, estimated annual income and net worth, and approximate age). Futures commission merchants and introducing brokers are required to maintain these records pursuant to Commission Rule 1.31, 17 CFR 1.31, and NFA Compliance Rule 2-10. --------------------------------------------------------------------------- Estimated number of respondents: 1781. Estimated average annual burden for the recordkeeping requirements of the proposed rule for each respondent: 10 hours. Estimated average annual burden for the disclosure requirements of the proposed rule per each respondent: 1 hour. Estimated total annual burden: 19,591 hours. [[Page 48336]] Treasury and the Commission invite comment on: (1) Whether the collections of information contained in the notice of proposed rulemaking are necessary for the proper performance of each agency's functions, including whether the information has practical utility; (2) The accuracy of the Commission's estimate of the burden of the proposed information collections; (3) Ways to enhance the quality, utility, and clarity of the information to be collected; (4) Ways to minimize the burden of the information collections on respondents, including the use of automated collection techniques or other forms of information technology; and (5) Estimates of capital or start-up costs and costs of operation, maintenance, and purchases of services to provide information. Organizations and individuals desiring to submit comments on the information collection requirements should direct them (preferably by fax (202-395-6974)) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Paperwork Reduction Project (1506), Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy to FinCEN by mail or the Internet at the addresses previously specified. V. Regulatory Flexibility Act The Regulatory Flexibility Act (RFA), 5 U.S.C. 601 et seq., requires federal agencies, in promulgating rules, to consider the impact of those rules on small entities. The rule proposed today would affect futures commission merchants and introducing brokers. The CFTC previously established certain definitions of ``small entities'' to be used in evaluating the impact of its rules in accordance with the RFA.\18\ The Commission has previously determined that futures commission merchants are not small entities for the purpose of the RFA.\19\ With respect to introducing brokers, the Commission has stated that it would evaluate within the context of a particular rule proposal whether all or some affected introducing brokers would be considered to be small entities and, if so, the economic impact on them of any rule.\20\ The Commission believes that all introducing brokers will be affected by this rule, including small introducing brokers. However, the Commission does not believe that the economic impact of the rule will be significant. First, the information being collected by introducing brokers is, for the most part, already required to be collected by CFTC rules and by self-regulatory organization rules.\21\ Second, each introducing broker will be able to tailor its CIP to fit its own size and needs; the rule provides for flexibility in how they will meet their requirements. Lastly, the CFTC believes that any expenditure associated with establishing and implementing a CIP will be commensurate with the size of an introducing broker. If an introducing broker is small, its economic burden should be de minimis. For these reasons, the Commission does not expect the rule, as proposed herein, to have a significant economic impact on a substantial number of small entities. Accordingly, it is hereby certified pursuant to 5 U.S.C. 605(b), that the proposed rule will not have a significant economic impact on a substantial number of small entities. Treasury and the Commission invite the public to comment on this finding. --------------------------------------------------------------------------- \18\ See 47 FR 18618 (April 30, 1982). \19\ See 47 FR at 18619. \20\ See id. \21\ See, supra, page 34 n.17. --------------------------------------------------------------------------- VI. Commission's Analysis of the Costs and Benefits Associated With the Proposed Rule Section 15(a) of the CEA requires the CFTC to consider the costs and benefits of its action before issuing a new regulation. The CFTC understands that, by its terms, section 15(a) does not require the CFTC to quantify the costs and benefits of a new regulation or to determine whether the benefits of the proposed regulation outweigh its costs. Nor does it require that each proposed rule be analyzed in isolation when that rule is a component of a larger package of rules or rule revisions. Rather, section 15(a) simply requires the CFTC to ``consider the costs and benefits'' of its action. Section 15(a) further specifies that costs and benefits shall be evaluated in light of five broad areas of market and public concern: protection of market participants and the public; efficiency, competitiveness, and financial integrity of futures markets; price discovery; sound risk management practices; and other public interest considerations. Accordingly, the CFTC could in its discretion give greater weight to any one of the five enumerated areas of concern and could in its discretion determine that, notwithstanding its costs, a particular rule was necessary or appropriate to protect the public interest or to effectuate any of the provisions or to accomplish any of the purposes of the CEA. Section 326 of the Act requires Treasury and the Commission to prescribe regulations setting forth minimum standards for futures commission merchants and introducing brokers regarding the identities of customers that shall apply in connection with the opening of an account. The statute also provides that the regulations issued by Treasury and the Commission must, at a minimum, require financial institutions to implement reasonable procedures for: (1) Verification of customers' identities; (2) determination of whether a customer appears on a government list; and (3) maintenance of records related to customer verification. The proposed rule implements this statutory mandate by requiring futures commission merchants and introducing brokers to (1) establish a CIP; (2) obtain certain identifying information from customers; (3) verify identifying information of customers; (4) check customers against lists provided by federal agencies; (5) provide notice to customers that information may be requested in the process of verifying their identities; and (6) make and maintain records. The Commission believes that these requirements are reasonable and practicable, as required by section 326 and, therefore, that the costs associated with them are attributable to the statute. Moreover, while the proposed rule specifies certain minimum requirements, futures commission merchants and introducing brokers will be able to design their CIPs in a manner most appropriate to their business models and customer bases. This flexibility should help them to tailor their CIPs appropriately, while still meeting the statutory requirements of section 326. The proposed rule is not related to the marketplace and thus should not affect the protection of market participants; the efficiency, competitiveness, and financial integrity of futures markets; price discovery; or sound risk management practices. This proposed rule does, however, address other public interest considerations, namely, the prevention and detection of money laundering and financing of terrorism. As noted elsewhere in this preamble, the CFTC believes the costs associated with implementing CIPs, which are mandated by section 326 of the Act, will be small. On the other hand, the benefits include a reduced risk of futures commission merchants and introducing brokers unwittingly aiding criminals, including terrorists, in laundering money or moving funds for illicit purposes. Additionally, the [[Page 48337]] implementation of such programs should make it more difficult for persons to successfully engage in fraudulent activities involving identity theft. VII. Executive Order 12866 Treasury has determined that this proposed rule is not a ``significant regulatory action'' for purposes of Executive Order 12866. The rule follows closely the requirements of section 326 of the Act. Moreover, as indicated above, Treasury and the Commission believe that futures commission merchants and introducing brokers already have procedures in place that fulfill most of the requirements of the proposed rule. First, the procedures are a matter of good business practice. Second, futures commission merchants and introducing brokers already are required to have BSA compliance programs that address many of the requirements detailed in this notice of proposed rulemaking. Third, futures commission merchants and introducing brokers should already have compliance programs in place to ensure they comply with Treasury's Office of Foreign Assets Control rules prohibiting transactions with certain foreign countries or their nationals. Accordingly, a regulatory impact analysis is not required. Lists of Subjects in 31 CFR Part 103 Administrative practice and procedure, Authority delegations (Government agencies), Banks, Banking, Brokers, Commodity futures, Currency, Foreign banking, Foreign currencies, Gambling, Investigations, Law enforcement, Penalties, Reporting and recordkeeping requirements, Securities. Authority and Issuance For the reasons set forth in the preamble, part 103 of title 31 of the Code of Federal Regulations is proposed to be amended as follows: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for part 103 is revised to read as follows: Authority: 12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 U.S.C. 5311-5332; title III, secs. 312, 313, 314, 319, 326, 352, Pub L. 107-56, 115 Stat. 307. 2. Subpart I of part 103 is amended by adding new section 103.123 to read as follows: Sec. 103.123 Customer Identification Programs for futures commission merchants and introducing brokers. (a) Definitions. For the purposes of this section: (1) Account means any formal business relationship with a futures commission merchant, including, but not limited to, those established to effect transactions in contracts of sale for future delivery, options on contracts of sale for future delivery, or options on physicals in any commodity. (2) Commission means the United States Commodity Futures Trading Commission. (3) Commodity means any good, article, service, right, or interest described in Section 1a(4) of the Commodity Exchange Act, 7 U.S.C. 1a(4). (4) Customer. (i) The term customer means: (A) Any person who opens a new account with a futures commission merchant; and (B) Any person who is granted authority to effect transactions with respect to an account with a futures commission merchant. (ii) Where an account is introduced to a futures commission merchant by an introducing broker, a person opening the account or granted authority to effect transactions with respect to the account is a customer of both the futures commission merchant and the introducing broker. (5) Futures commission merchant means any person registered or required to be registered as a futures commission merchant with the Commission under the Commodity Exchange Act (7 U.S.C. 1 et seq.), except persons who register pursuant to section 4f(a)(2) of the Commodity Exchange Act, 7 U.S.C. 6f(a)(2). (6) Introducing broker means any person registered or required to be registered as an introducing broker with the Commission under the Commodity Exchange Act, except persons who register pursuant to section 4f(a)(2) of the Commodity Exchange Act. (7) Option means an agreement, contract or transaction described in Section 1a(26) of the Commodity Exchange Act, 7 U.S.C. 1a(26). (8) Person has the same meaning as that term is defined in Sec. 103.11(z). (9) U.S. person means: (i) A U.S. citizen; or (ii) A corporation, partnership, trust or person (other than an individual) that is established or organized under the laws of a State or the United States. (10) Non-U.S. person means a person that is not a U.S. person. (11) Taxpayer identification number. The provisions of section 6109 of the Internal Revenue Code of 1986 (26 U.S.C. 6109) and the regulations of the Internal Revenue Service promulgated thereunder shall determine what constitutes a taxpayer identification number. (b) Customer Identification Program. Each futures commission merchant and introducing broker shall implement a written Customer Identification Program (Program) that shall be based on the type of identifying information available and on an assessment of the varying risks associated with the futures commission merchant's or the introducing broker's size, location, methods of opening accounts, types of accounts and transactions, customer base, and reliance, if any, on another futures commission merchant or introducing broker with which it shares an account relationship. Each futures commission merchant's and introducing broker's procedures must enable it to form a reasonable belief that it knows the true identity of its customers. The Program should be a part of each futures commission merchant's and introducing broker's anti-money laundering program required under 31 U.S.C. 5318(h). (c) Required information--(1) General. Except as permitted by paragraph (c)(2) of this section, each Program shall require the futures commission merchant or the introducing broker to obtain specified identifying information about each of their customers. The Program shall require that this minimum information be obtained prior to opening a customer's account or granting a customer authority to effect transactions with respect to an account. At a minimum, the specified identifying information shall include: (i) Name; (ii) Date of birth, for natural persons; (iii) Addresses: (A) Residence and mailing (if different) for natural persons; or (B) Principal place of business and mailing (if different) for persons other than natural persons; and (iv) Identification number: (A) For U.S. persons, a U.S. taxpayer identification number (e.g., social security number, or employer identification number); or (B) For non-U.S. persons, a U.S. taxpayer identification number, a passport number and country of issuance, an alien identification card number, or the number and country of issuance of any other government- issued document evidencing nationality or residence and bearing a photograph or similar safeguard. (2) Limited exception. The Program may permit the futures commission [[Page 48338]] merchant or introducing broker to open or add a signatory to an account for a person other than an individual (such as a corporation, partnership, or trust) that has applied for, but has not received, an employer identification number. However, in such a case, the futures commission merchant or introducing broker must obtain a copy of the application before it opens or adds a signatory to the account and obtain the employer identification number within a reasonable period of time after it opens or adds a signatory to the account. (d) Required verification procedures. Each Program shall contain risk-based procedures for verifying the identity of customers, to the extent reasonable and practicable. Such verification must occur within a reasonable time before or after the customer's account is opened or the customer is granted authority to effect transactions with respect to an account. A futures commission merchant or introducing broker need not verify the information about an existing customer who opens a new account or who is granted authority to effect transactions with respect to a new account, if it previously verified the customer's identity in accordance with procedures consistent with this paragraph (d), and continues to have a reasonable belief that it knows the true identity of the customer. (1) Verification through documents. Each Program must describe when the futures commission merchant or introducing broker will verify identity through documents and set forth the documents that it will use for this purpose. Suitable documents for verification may include: (i) For natural persons, an unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard; and (ii) For persons other than natural persons, documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, a partnership agreement, or a trust instrument. (2) Verification through non-documentary methods. Each Program must describe non-documentary methods the futures commission merchant or introducing broker will use to verify their customer's identity and when these methods will be used in addition to, or instead of, relying on documents. These non-documentary methods may include, but are not limited to, contacting a customer; obtaining a financial statement; independently verifying information through credit bureaus, public databases, or other sources; and checking references with other financial institutions. Non-documentary methods shall be used when: a natural person is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard; the futures commission merchant or introducing broker is presented with unfamiliar documents to verify the identity of a customer; the futures commission merchant or introducing broker does not obtain documents to verify the identity of a customer; does not meet a customer face-to- face; or is otherwise presented with circumstances that increase the risk the futures commission merchant or introducing broker will be unable to verify the true identity of a customer through documents. (e) Government lists. Each Program shall include procedures for determining whether a customer's name appears on any list of known or suspected terrorists or terrorist organizations provided to the futures commission merchant or introducing broker by any federal government agency. Futures commission merchants and introducing brokers shall follow all federal directives issued in connection with such lists. (f) Customer notice. Each Program shall include procedures for providing customers with adequate notice that the futures commission merchant or introducing broker is requesting information to verify their identity. (g) Lack of verification. Each Program shall include procedures for responding to circumstances in which the futures commission merchant or introducing broker cannot form a reasonable belief that it knows the true identity of a customer. (h) Recordkeeping. (1) The Program shall include procedures for maintaining a record of all information obtained pursuant to the Program, including: (i) All identifying information provided by a customer pursuant to paragraph (c) of this section, and copies of any documents that were relied on pursuant to paragraph (d)(1) of this section evidencing the type of document and any identification number it may contain; (ii) The methods and results of any measures undertaken to verify the identity of a customer through non-documentary methods pursuant to paragraph (d)(2) of this section; and (iii) The resolution of any discrepancy in the identifying information obtained. (2) Futures commission merchants and introducing brokers must retain all records made or obtained when verifying the identity of a customer pursuant to a Program until five years after the date the account of the customer is closed or the grant of authority to effect transactions with respect to an account is revoked. In all other respects, the records shall be maintained pursuant to the provisions of 17 CFR 1.31. (i) Approval of program. Each Program shall be approved by the futures commission merchant's or introducing broker's board of directors, managing partners, board of managers or other governing body performing similar functions or by a person or persons specifically authorized by such bodies to approve the Program. (j) Exemptions. The Commission, with the concurrence of the Secretary, may by order or regulation exempt any futures commission merchant or introducing broker that registers with the Commission (except futures commission merchants or introducing brokers that register pursuant to section 4f(a)(2) of the Commodity Exchange Act) or any type of account from the requirements of this section. In issuing such exemptions, the Commission and the Secretary shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act, and in the public interest, and may consider other necessary and appropriate factors. Dated: July 15, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. Dated: July 10, 2002. Jean A. Webb, Secretary of the Commodity Futures Trading Commission. [FR Doc. 02-18195 Filed 7-22-02; 8:45 am] BILLING CODE 4810-02-P[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Proposed Rules] [Page 48289-48299] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-700] [[Page 48289]] ----------------------------------------------------------------------- Part III Department of the Treasury 31 CFR Part 103 Office of the Comptroller of the Currency 12 CFR Part 21 Office of Thrift Supervision 12 CFR Part 563 ----------------------------------------------------------------------- Federal Reserve System 12 CFR Parts 208 and 211 ----------------------------------------------------------------------- Federal Deposit Insurance Corporation 12 CFR Part 326 ----------------------------------------------------------------------- National Credit Union Administration 12 CFR Part 748 ----------------------------------------------------------------------- Commodity Futures Trading Commission 17 CFR Part 1 Securities and Exchange Commission 17 CFR Part 240 Transactions and Customer Identification Programs; Proposed Rules [[Page 48290]] ----------------------------------------------------------------------- DEPARTMENT OF THE TREASURY Office of the Comptroller of the Currency 12 CFR Part 21 [Docket No. 02-11] FEDERAL RESERVE SYSTEM 12 CFR Parts 208 and 211 [Docket No. R-1127] FEDERAL DEPOSIT INSURANCE CORPORATION 12 CFR Part 326 DEPARTMENT OF THE TREASURY Office of Thrift Supervision 12 CFR Part 563 [No. 2002-27] NATIONAL CREDIT UNION ADMINISTRATION 12 CFR Part 748 DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA31 Customer Identification Programs for Banks, Savings Associations, and Credit Unions AGENCIES: The Financial Crimes Enforcement Network, Treasury; Office of the Comptroller of the Currency, Treasury; Board of Governors of the Federal Reserve System; Federal Deposit Insurance Corporation; Office of Thrift Supervision, Treasury; National Credit Union Administration. ACTION: Joint notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: The Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), together with the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), the Office of Thrift Supervision (OTS), and the National Credit Union Administration (NCUA) (collectively, the Agencies) are jointly issuing a proposed regulation to implement section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (the Act). Section 326 requires the Secretary of the Treasury (Secretary) to jointly prescribe with each of the Agencies, the Securities and Exchange Commission (SEC), and the Commodity Futures Trading Commission (CFTC), a regulation that, at a minimum, requires financial institutions to implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable; maintain records of the information used to verify the person's identity; and determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. The proposed regulation applies to banks, savings associations, and credit unions. DATES: Written comments on the proposed rule may be submitted on or before September 6, 2002. ADDRESSES: Because paper mail in the Washington area may be subject to delay, commenters are encouraged to e-mail or fax comments. Comments should be sent by one method only. Financial institution commenters are encouraged to submit comments only to their Federal functional regulator. Non-financial institution commenters are encouraged to submit comments only to FinCEN. All comments will be considered by Treasury and the Agencies in formulating the final rule. OCC: Please direct your comments to: Office of the Comptroller of the Currency, 250 E Street, SW., Public Information Room, Mailstop 1-5, Washington, DC 20219, Attention; Docket No. 02-11; FAX number (202) 874-4448; or Internet address: regs.comments@occ.treas.gov. Comments may be inspected and photocopied at the OCC's Public Reference Room, 250 E Street, SW., Washington, DC. You can make an appointment to inspect comments by calling (202) 874-5043. Board: Comments should refer to Docket No. R-1127 and may be mailed to Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551; sent by FAX to (202) 452-3819 or (202) 452-3102; or sent by e-mail to regs.comments@federalreserve.gov. Members of the public may inspect comments in Room MP-500 between 9 a.m. and 5 p.m. on weekdays pursuant to section 261.12 (except as provided in section 261.14) of the Board's Rules Regarding Availability of Information, 12 CFR 261.12 and 261.14. FDIC: Comments should be directed to: Executive Secretary, Attention: Comments/OES, Federal Deposit Insurance Corporation, 550 17th Street, NW., Washington, DC 20429. Comments may be hand-delivered to the guard station at the rear of the 550 17th Street Building (located on F Street), on business days between 7 a.m. and 5 p.m. In addition, comments may be sent by fax to (202) 898-3838, or by electronic mail to comments@FDIC.gov. Comments may be inspected and photocopied in the FDIC Public Information Center, Room 100, 801 17th Street, NW., Washington, DC, between 9 a.m. and 4:30 p.m., on business days. OTS: Comments may be mailed to Regulation Comments, Chief Counsel's Office, Office of Thrift Supervision, 1700 G Street, NW., Washington, DC 20552, Attention: No. 2002-27; FAX number (202) 906-6518, Attention: No. 2002-27; or Internet address regs.comments@ots.treas.gov, Attention: No. 2002-27 and include your name and telephone number. Comments may also be hand delivered to the Guard's Desk, East Lobby Entrance, 1700 G Street, NW., from 9 a.m. to 4 p.m. on business days, Attention: Regulation Comments, Chief Counsel's Office, No. 2002-27. OTS will post comments and the related index on the OTS Internet Site at www.ots.treas.gov. In addition, you may inspect comments at the Public Reading Room, 1700 G St. NW., by appointment. To make an appointment for access, you may call (202) 906-5922, send an e-mail to public.info@ots.treas.gov, or send a facsimile transmission to (202) 906-7755. (Please identify the materials you would like to inspect to assist us in serving you.) We schedule appointments on business days between 10 a.m. and 4 p.m. In most cases, appointments will be available the business day after the date we receive a request. NCUA: Direct comments to the Secretary of the Board. Mail or hand- deliver comments to: National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428. You may fax comments to (703) 518-6319, or e-mail comments to regcomments@NCUA.gov. To inspect comments, please contact the Office of General Counsel, (703) 518-6540; or the Office of Examination and Insurance, (703) 518-6360. FinCEN: Comments may be mailed to FinCEN, Section 326 Bank Rule Comments, P.O. Box 39, Vienna, VA 22183, or sent to Internet address regcomments@fincen.treas.gov with the caption ``Attention: Section 326 Bank Rule Comments'' in the body of the text. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, [[Page 48291]] DC. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). FOR FURTHER INFORMATION CONTACT: OCC: Office of the Chief Counsel (202) 874-3295. Board: Enforcement and Special Investigations Sections: (202) 452- 5235; (202) 728-5829; or (202) 452-2961. FDIC: Special Activities Section, Division of Supervision, and Legal Division at (202) 898-3671. OTS: Office of the Chief Counsel, (202) 906-6012. NCUA: Office of General Counsel, (703) 518-6540; or Office of Examination and Insurance, (703) 518-6360. Treasury: Office of the Chief Counsel (FinCEN), (703) 905-3590; Office of the Assistant General Counsel for Enforcement (Treasury), (202) 622-1927; or the Office of the Assistant General Counsel for Banking & Finance (Treasury), (202) 622-0480. SUPPLEMENTARY INFORMATION: I. Background A. Section 326 of the USA PATRIOT Act On October 26, 2001, President Bush signed into law the USA PATRIOT Act, Public Law 107-56. Title III of the Act, captioned ``International Money Laundering Abatement and Anti-terrorist Financing Act of 2001,'' adds several new provisions to the Bank Secrecy Act (BSA), 31 U.S.C. 5311 et seq. These provisions are intended to facilitate the prevention, detection, and prosecution of international money laundering and the financing of terrorism. Section 326 of the Act adds a new subsection (l) to 31 U.S.C. 5318 that requires the Secretary to prescribe regulations setting forth minimum standards for financial institutions that relate to the identification and verification of any person who applies to open an account. Section 326 applies to all ``financial institutions.'' This term is defined very broadly in the BSA to encompass a variety of entities including banks, agencies and branches of foreign banks in the United States, thrifts, credit unions, brokers and dealers in securities or commodities, insurance companies, travel agents, pawnbrokers, dealers in precious metals, check-cashers, casinos, and telegraph companies, among many others. See 31 U.S.C. 5312(a)(2). For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with each of the Agencies, the SEC, and the CFTC (the Federal functional regulators). Final regulations implementing section 326 must be effective by October 25, 2002. Section 326 of the Act provides that the regulations must contain certain requirements. At a minimum, the regulations must require financial institutions to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, the Secretary is directed to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available. The following proposal is being issued jointly by Treasury and the Agencies. It applies only to a financial institution that is a ``bank'' as defined in 31 CFR 103.11(c) that is subject to regulation by one of the Agencies,\1\ and any foreign branch of an insured bank. Regulations governing the applicability of section 326 to other financial institutions, including section 4(k) institutions regulated by the SEC and the CFTC, will be issued separately. --------------------------------------------------------------------------- \1\ Published elsewhere in this separate part of this issue of the Federal Register is a separate Treasury proposal implementing section 326 for banks that are not subject to regulation by a Federal functional regulator, including certain state-chartered uninsured trust companies and non-federally insured credit unions. --------------------------------------------------------------------------- Treasury, the Agencies, the SEC, and the CFTC consulted extensively in the development of all rules implementing section 326 of the Act. All of the participating agencies intend the effect of the rules to be uniform throughout the financial services industry. The Secretary has determined that the records required to be kept by section 326 of the Act have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, to protect against international terrorism. In addition, Treasury under its own authority is proposing conforming amendments to 31 CFR 103.34, which currently imposes requirements concerning the identification of bank customers. B. Codification of the Joint Proposed Rule The substantive requirements of the joint proposed rule will be codified with other Bank Secrecy Act regulations as part of Treasury's regulations in 31 CFR part 103. To minimize potential confusion by affected entities regarding the scope of the joint proposed rule, each of the Agencies is also proposing to add a nonsubstantive provision in its own regulations in either 12 CFR part 21, 12 CFR parts 208 and 211, 12 CFR part 326, 12 CFR part 563, or 12 CFR part 748, that will cross- reference the regulations in 31 CFR part 103. Although no specific text is being proposed at this time, the cross-references will be included in individual final rules published concurrently with the joint final rule issued by Treasury and the Agencies implementing section 326 of the Act. II. Section-by-Section Analysis A. Regulations Implementing Section 326 Definitions Section 103.121(a)(1) Account. The proposed rule's definition of ``account'' is based on the statutory definition of ``account'' that is used in section 311 of the Act. ``Account'' means each formal banking or business relationship established to provide ongoing services, dealings, or other financial transactions. For example, a deposit account, transaction or asset account, and a credit account or other extension of credit would each constitute an account. Section 311 of the Act does not require that this definition be used for regulations implementing section 326 of the Act. However, to the extent possible, Treasury and the Agencies propose to apply consistent definitions for each of the regulations implementing the Act to reduce confusion. ``Deposit accounts'' and ``transaction accounts,'' which as previously noted, are considered ``accounts'' for purposes of this rulemaking, are themselves defined terms. In addition, the term ``account'' is limited to banking and business relationships established to provide ``ongoing'' services, dealings, or other financial transactions to make clear that this term is not intended to cover infrequent transactions such as the occasional purchase of a money order or a wire transfer. Section 103.121(a)(2) Bank. As discussed above, the proposal adopts the definition of ``bank'' already used in 31 CFR 103.11(c), which encompasses [[Page 48292]] virtually all of the financial institutions regulated by the Agencies, including banks, savings associations, and credit unions. Any branch, agency, or representative office of a foreign bank in the United States, as well as any Edge corporation, would be subject to this joint regulation under the existing definition of ``bank.''\2\ However, the definition is modified to include ``any foreign branch of an insured bank'' to make clear that the procedures required by this regulation must be implemented throughout the bank, no matter where its offices are located. These procedures also apply to bank subsidiaries to the same extent as existing BSA compliance program requirements. We note that securities broker-dealers, futures commission merchants, insurance companies, and investment companies will be subject to forthcoming rules implementing section 326, whether or not they are affiliated with a bank. --------------------------------------------------------------------------- \2\ Section 103.11(c) defines bank to include ``each agent, agency, branch, or office within the United States of any person doing business in one or more of the capacities listed below: * * *. (8) a bank organized under foreign law; (9) any national banking association or corporation acting under the provisions of section [25a] of the [Federal Reserve Act] (12 U.S.C. 611-32).'' --------------------------------------------------------------------------- Section 103.121(a)(3) Customer. The proposed rule defines ``customer'' to mean any person seeking to open a new account. Accordingly, the term ``customer'' includes a person applying to open an account, but would not cover a person seeking information about an account, such as rates charged or interest paid on an account, if the person does not actually open an account. ``Customer'' includes both individuals and other persons such as corporations, partnerships, and trusts. In addition, any person seeking to open an account at a bank, on or after the effective date of the final rule, will be a ``customer,'' regardless of whether that person already has an account at the bank. The proposed rule also defines a ``customer'' to include any signatory on an account. Thus, for example, an individual with signing authority over a corporate account is a ``customer'' within the meaning of the proposed rule. A signatory can become a ``customer'' when the account is opened or when the signatory is added to an existing account. The requirements of section 326 of the Act apply to any person ``seeking to open a new account.'' Accordingly, transfers of accounts from one bank to another, that are not initiated by the customer, for example, as a result of a merger, acquisition, or purchase of assets or assumption of liabilities, fall outside of the scope of section 326, and are not covered by the proposed regulation.\3\ --------------------------------------------------------------------------- \3\ However, there may be situations involving the transfer of accounts where it would be appropriate for a bank to verify the identity of customers associated with the accounts that it is acquiring. Therefore, Treasury and the Agencies expect procedures for transfers of accounts to be part of a bank's existing BSA program. --------------------------------------------------------------------------- Section 103.121(a)(4) Federal functional regulator. The proposed rule defines ``Federal functional regulator'' by reference to Sec. 103.120(a)(2). Accordingly, this term means each of the Agencies (as well as the SEC and the CFTC) Section 103.121(a)(5) Person. The proposed rule defines ``person'' by reference to Sec. 103.11(z). This definition includes individuals, corporations, partnerships, trusts, estates, joint stock companies, associations, syndicates, joint ventures, other unincorporated organizations or groups, certain Indian Tribes, and all entities cognizable as legal personalities. Section 103.121(a)(6) U.S. Person. Under the proposed rule, for an individual, ``U.S. person'' means a U.S. citizen. For persons other than an individual, ``U.S. person'' means an entity established or organized under the laws of a State or the United States. A non-U.S. person is defined in Sec. 103.121(a)(7) as a person who does not satisfy these criteria. Section 103.121(a)(8) Taxpayer identification number. The proposed rule continues the provision in current Sec. 103.34(a)(4), which provides that the provisions of section 6109 of the Internal Revenue Code and the regulations of the Internal Revenue Service thereunder determine what constitutes a taxpayer identification number. Customer Identification Program: Minimum Requirements Section 103.121(b)(1) General Rule. Section 326 of the Act requires Treasury and the Agencies to jointly issue a regulation that establishes minimum standards regarding the identity of any customer who applies to open an account. Section 326 then prescribes three procedures that Treasury and the Agencies must require institutions to implement as part of this process: (1) Identification and verification of persons seeking to open an account; (2) recordkeeping; and (3) comparison with government lists. Rather than imposing the same list of specific requirements on every bank, regardless of its circumstances, the proposed regulation requires all banks to implement a Customer Identification Program (CIP) that is appropriate given the bank's size, location, and type of business. The proposed regulation requires a bank's CIP to contain the statutorily prescribed procedures, describes these procedures, and details certain minimum elements that each of the procedures must contain. In addition, the proposed rule requires that the CIP be written and that it be approved by the bank's board of directors or a committee of the board. This latter requirement highlights the responsibility of a bank's board of directors to approve and exercise general oversight over the bank's CIP. Under the proposed regulation, the CIP must be incorporated into the bank's anti-money laundering (BSA) program.\4\ A bank's BSA program must include (1) internal policies, procedures, and controls to ensure ongoing compliance; (2) designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. Each of these requirements also applies to a bank's CIP. --------------------------------------------------------------------------- \4\ All insured depository institutions currently must have a BSA program. See 12 CFR 21.21 (OCC), 12 CFR 208.63 (Board), 12 CFR 326.8 (FDIC), 12 CFR 563.177 (OTS), and 12 CFR 748.2 (NCUA). In addition, all financial institutions are required by 31 U.S.C. 5318(h) to develop and implement an anti-money laundering program. --------------------------------------------------------------------------- Unlike other sections of 31 CFR 103, the proposed regulation explicitly states that the CIP must be a part of a bank's BSA program. This language is included to make clear that the CIP is not a separate program. However, this statement should not be read to create any negative inference about a bank's need to establish and maintain a BSA program that is designed to ensure compliance with all other sections of 31 CFR 103. Section 103.121(b)(2) Identity Verification Procedures. Under section 326 of the Act, the regulations issued by Treasury and the Agencies must require banks to implement and comply with reasonable procedures for verifying the identity of any person seeking to open an account, to the extent reasonable and practicable. The proposed regulation implements this requirement by providing that each bank must have risk-based procedures for verifying the identity of a customer that take into consideration the types of accounts that banks maintain, the different methods of opening accounts, and the types of identifying information available. These procedures must enable the bank to form a reasonable belief that it knows the true identity of the customer. Under the proposed regulation, a bank must first have procedures that specify [[Page 48293]] the identifying information that the bank must obtain from any customer. The proposed regulation also sets forth certain, minimal identifying information that a bank must obtain prior to opening an account or adding a signatory to an account. Second, the bank must have procedures describing how the bank will verify the identifying information provided. The bank must have procedures that describe when it will use documents for this purpose and when it will use other methods, either in addition or as an alternative to using documents for the purpose of verifying the identity of a customer. While a bank's CIP must contain the identity verification procedures set forth above, these procedures are to be risk-based. For example, a bank need not verify the identifying information of an existing customer seeking to open a new account, or who becomes a signatory on an account, if the bank (1) previously verified the customer's identity in accordance with procedures consistent with this regulation, and (2) continues to have a reasonable belief that it knows the true identity of the customer. The proposal requires a bank to exercise reasonable efforts to ascertain the identity of each customer. Although the main purpose of the Act is to prevent and detect money laundering and the financing of terrorism, Treasury and the Agencies anticipate that the proposed regulation will ultimately benefit consumers. In addition to deterring money laundering and terrorist financing, requiring every bank to establish comprehensive procedures for verifying the identity of customers should reduce the growing incidence of fraud and identity theft involving new accounts.\5\ --------------------------------------------------------------------------- \5\ Last year, over 86,000 complaints were logged into the Identity Theft Complaint database established by the Federal Trade Commission (FTC). Forms of identity theft commonly reported included (1) credit card fraud, where one or more new credit cards were opened in the victim's name; (2) bank fraud, where a new bank account was opened in the victim's name; and (3) fraudulent loans, where a loan had been obtained in the victim's name. See Statement of J. Howard Beales, Director, Bureau of Consumer Protection, FTC, to the Senate Committee on the Judiciary, Subcommittee on Technology, March 20, 2002. --------------------------------------------------------------------------- Section 103.121(b)(2)(i) Information Required. The proposed regulation provides that a bank's CIP must contain procedures that specify the identifying information the bank must obtain from a customer. At a minimum, a bank must obtain from each customer the following information prior to opening an account or adding a signatory to an account: name; address; for individuals, date of birth; and an identification number, described in greater detail below. To satisfy the requirement that a bank obtain the address of a customer, Treasury and the Agencies expect a bank to obtain both the address of an individual's residence and, if different, the individual's mailing address. For customers who are not individuals, the bank should obtain an address showing the customer's principal place of business and, if different, the customer's mailing address. For U.S. persons a bank must obtain a U.S. taxpayer identification number (e.g., social security number, individual taxpayer identification number, or employer identification number). For non-U.S. persons a bank must obtain one or more of the following: a taxpayer identification number; passport number and country of issuance; alien identification card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. The basic information that banks would be required to obtain under this proposed regulation reflects the type of information that financial institutions currently obtain in the account-opening process and is similar to the identifying information currently required for each deposit or share account opened (see 31 CFR 103.34(a)(1)). The proposed regulation uses the term ``similar safeguard'' to permit the use of any biometric identifiers that may be used in addition to, or instead of, photographs. Treasury and the Agencies recognize that a new business may need access to banking services, particularly a bank account or an extension of credit, before it has received an employer identification number from the Internal Revenue Service. For this reason, the proposed regulation contains a limited exception to the requirement that a taxpayer identification number must be provided prior to establishing or adding a signatory to an account. Accordingly, a CIP may permit a bank to open or add a signatory to an account for a person other than an individual (such as a corporation, partnership, or trust) that has applied for, but has not received, an employer identification number. However, in such a case, the CIP must require that the bank obtain a copy of the application before it opens or adds a signatory to the account and obtain the employee identification number within a reasonable period of time after an account is established or a signatory is added to an account. Currently, the IRS indicates that the issuance of an employer identification number can take up to five weeks. This length of time, coupled with when the person applied for the employer identification number, should be considered by the bank in determining the reasonable period of time within which the person should provide its employer identification number to the bank. Section 103.121(b)(2)(ii) Verification. The proposed regulation provides that the CIP must contain risk-based procedures for verifying the information that the bank obtains in accordance with Sec. 103.121(b)(2)(i), within a reasonable period of time after the account is opened. Treasury and the Agencies considered proposing that a customer's identity be verified before an account is opened or within a specific time period after the account is opened. However, we recognize that such a position would be unduly burdensome for both banks and customers and therefore contrary to the plain language of the statute, which states that the procedures must be both reasonable and practicable. The amount of time it will take an institution to verify identity may depend upon the type of account opened, whether the customer is physically present when the account is opened, and the type of identifying information available. In addition, although an account may be opened, it is common practice among banks to place limits on the account, such as by restricting the number of transactions or the dollar value of transactions, until a customer's identity is verified. Therefore, the proposed regulation provides a bank with the flexibility to use a risk-based approach to determine how soon identity must be verified.\6\ --------------------------------------------------------------------------- \6\ It is possible that a bank would, however, violate other laws by permitting a customer to transact business prior to verifying the customer's identity. See, e.g., 31 CFR 500, prohibiting transactions involving designated foreign countries or their nationals. --------------------------------------------------------------------------- Section103.121(b)(2)(ii)(A) Verification Through Documents. The CIP must contain procedures describing when the bank will verify identity through documents and setting forth the documents that the bank will use for this purpose. For individuals, these documents may include: unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard. For corporations, partnerships, trusts, and other persons that are not individuals, these may be documents showing the existence of the entity, such as registered articles of incorporation, a government- issued business license, partnership agreement, or trust instrument. Section 103.121(b)(2)(ii)(B) Non-Documentary Verification. The proposed regulation provides that a [[Page 48294]] bank's CIP also must contain procedures describing non-documentary methods the bank will use to verify identity and when these methods will be used in addition to, or instead of, relying on documents. For example, the procedures must address situations where an individual is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard; the bank is not familiar with the documents presented; the account is opened without obtaining documents; the account is not opened in a face-to-face transaction; and the type of account increases the risk that the bank will not be able to verify the true identity of the customer through documents. Treasury and the Agencies believe that banks typically require documents to be presented when an account is opened face-to-face. Although customers usually satisfy these requirements by presenting government-issued identification documents bearing a photograph, such as a driver's license or passport, Treasury and the Agencies recognize that some customers legitimately may be unable to present those customary forms of identification when opening an account. For example, an elderly person may not have a valid driver's license or passport. Under these circumstances, Treasury and the Agencies expect that banks will provide products and services to those customers and verify their identities through other methods. Similarly, a bank may be unable to obtain original documents to verify a customer's identity when an account is opened by telephone, by mail, and over the Internet. Thus, when an account is opened for a customer who is not physically present, a bank will be permitted to use other methods of verification, to the extent set forth in the CIP. While other verification methods must be used when a bank cannot examine original documents, Treasury and the Agencies also recognize that original identification documents, including those issued by a government entity, may be obtained illegally and may be fraudulent. In light of the recent increase in identity fraud, banks are encouraged to use other verification methods, even when a customer has provided original documents. Obtaining sufficient information to verify a customer's identity can reduce the risk that a bank will be used as a conduit for money laundering and terrorist financing. The risk that the bank will not know the customer's true identity will be heightened for certain types of accounts, such as accounts opened in the name of a corporation, partnership, or trust that is created or conducts substantial business in jurisdictions that have been designated by the United States as a primary money laundering concern or have been designated as non- cooperative by an international body. As a bank's identity verification procedures should be risk-based, they should identify types of accounts that pose a heightened risk, and prescribe additional measures to verify the identity of any person seeking to open an account and the signatory for such accounts. The proposed regulation gives examples of other non-documentary verification methods that a bank may use in the situations described above. These methods could include contacting a customer after the account is opened; obtaining a financial statement; comparing the identifying information provided by the customer against fraud and bad check databases to determine whether any of the information is associated with known incidents of fraudulent behavior (negative verification); comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer reporting agency (positive verification); and checking references with other financial institutions. The bank also may wish to analyze whether there is logical consistency between the identifying information provided, such as the customer's name, street address, ZIP code, telephone number, date of birth, and social security number (logical verification).\7\ --------------------------------------------------------------------------- \7\ Treasury and the Agencies understand that most banks currently make use of technology that permits instantaneous negative, positive, and logical verification of identity. --------------------------------------------------------------------------- Section 103.121(b)(2)(iii) Lack of Verification. The proposed regulation also states that a bank's CIP must include procedures for responding to circumstances in which the bank cannot form a reasonable belief that it knows the true identity of a customer. Generally, a bank should only maintain an account for a customer when it can form a reasonable belief that it knows the customer's true identity.\8\ Thus, a bank should have procedures that specify the actions that it will take when it cannot form a reasonable belief that it knows the true identity of a customer, including when an account should not be opened. In addition, a bank's CIP should have procedures that address the terms under which a customer may conduct transactions while a customer's identity is being verified. The procedures also should specify at what point, after attempts to verify a customer's identity have failed, a customer's account that has been opened should be closed. Finally, if a bank cannot form a reasonable belief that it knows the identity of a customer, the procedures should also include determining whether a Suspicious Activity Report should be filed in accordance with applicable law and regulation. --------------------------------------------------------------------------- \8\ There are some exceptions to this basic rule. For example, a bank may maintain an account, at the direction of a law enforcement or intelligence agency, although the bank does not know the true identity of a customer. --------------------------------------------------------------------------- Section 103.121(b)(3) Recordkeeping. Section 326 of the Act requires reasonable procedures for maintaining records of the information used to verify a person's name, address, and other identifying information. The proposed regulation sets forth recordkeeping procedures that must be included in a bank's CIP. Under the proposal, a bank is required to maintain a record of the identifying information provided by the customer. Where a bank relies upon a document to verify identity, the bank must maintain a copy of the document that the bank relied on that clearly evidences the type of document and any identifying information it may contain.\9\ The bank also must record the methods and result of any additional measures undertaken to verify the identity of the customer. Last, the bank must record the resolution of any discrepancy in the identifying information obtained. The bank must retain all of these records for five years after the date the account is closed. --------------------------------------------------------------------------- \9\ The bank need not keep a separate record of the identifying information provided by the customer if this information clearly appears on the copy of the document maintained by the bank. --------------------------------------------------------------------------- Treasury and the Agencies emphasize that the collection and retention of information about a customer, such as an individual's race or sex, as an ancillary part of collecting identifying information do not relieve a bank from its obligations to comply with anti- discrimination laws or regulations, such as the prohibition in the Equal Credit Opportunity Act against discrimination in any aspect of a credit transaction on the basis of race, color, religion, national origin, sex or marital status, age, or other prohibited classifications. Nothing in this proposed regulation modifies, limits or supersedes section 101 of the Electronic Signatures in Global and National Commerce Act, Public Law 106-229, 114 Stat. 464 (15 U.S.C. 7001) (E- Sign Act). Thus, a bank may use electronic records to satisfy the requirements of this regulation, as long as the records are accurate and remain [[Page 48295]] accessible in accordance with 31 CFR 103.38(d). Section 103.121(b)(4) Comparison with Government Lists. Section 326 of the Act also requires reasonable procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations provided to the bank by any government agency. The proposed rule implements this requirement and clarifies that the requirement applies only with respect to lists circulated by the Federal government. In addition, the proposed rule states that the procedures must ensure that the bank follows all Federal directives issued in connection with such lists. This provision makes clear that a bank must have procedures for responding to circumstances when the bank determines that a customer is named on a list. Section 103.121(b)(5) Customer Notice. Section 326 of the Act states that customers of financial institutions shall be required to comply with the identity verification procedures described above ``after being given adequate notice.'' Therefore, a bank's CIP must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identity. A bank may satisfy the notice requirement by generally notifying its customers about the procedures the bank must comply with to verify their identities. For example, the bank may post a sign in its lobby or provide customers with any other form of written or oral notice. If an account is opened electronically, such as through an Internet website, the bank may also provide notice electronically. Section 103.121(c) Exemptions. Section 326 states that the Secretary (and, in the case of section 4(k) institutions, the appropriate Federal functional regulator, as defined in section 103.120(a)(2)), may by regulation or order, exempt any financial institution or type of account from the requirements of this regulation in accordance with such standards and procedures as the Secretary may prescribe. Under the proposed rule, the appropriate Federal functional regulator, with the concurrence of Treasury, may by order or regulation exempt any bank or type of account from the requirements of this section. In issuing such exemptions, the Federal functional regulator and the Treasury shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act, consistent with safe and sound banking, and in the public interest. The Federal functional regulator and Treasury also may consider other necessary and appropriate factors. Section 103.121(d) Other Information Requirements Unaffected. This section provides that nothing in section 103.121 shall be construed to relieve a bank of its obligations to obtain, verify, or maintain information in connection with an account or transaction that is required by another provision in part 103. For example, if an account is opened with a deposit of more than $10,000 in cash, the bank opening the account must comply with the customer identification requirements in section 103.121, as well as with the provisions of section 103.22, which require that certain information concerning the transaction be reported by filing a Cash Transaction Report (CTR). B. Conforming Amendments to 31 CFR 103.34 Current section 103.34(a) sets forth customer identification requirements when certain types of deposit accounts are opened. Generally, sections 103.34(a)(1) and (2) require a bank, within 30 days after certain deposit accounts are opened, to secure and maintain a record of the taxpayer identification number of the customer involved. If the bank is unable to obtain the taxpayer identification number within 30 days (or a longer time if the person has applied for a taxpayer identification number), it need take no further action under section 103.34 concerning the account if it maintains a list of the names, addresses, and account numbers of the persons for which it was unable to secure taxpayer identification numbers, and provides that information to the Secretary upon request. In the case of a non- resident alien, the bank is required to record the person's passport number or a description of some other government document used to determine identification. Treasury and the Agencies believe that the requirements of section 103.34(a)(1) and (2) are inconsistent with the intent and purpose of section 326 of the Act and incompatible with proposed section 103.121. Section 103.34(a)(3) currently provides that a bank need not obtain a taxpayer identification number with respect to specified categories of persons \10\ opening certain deposit accounts. This proposed rule does not contain any exemptions from the CIP requirements. --------------------------------------------------------------------------- \10\ The exemption applies to (i) agencies and instrumentalities of Federal, State, local, or foreign governments; (ii) judges, public officials, or clerks of courts of record as custodians of funds in controversy or under the control of the court; (iii) aliens who are ambassadors; ministers; career diplomatic or consular officers; naval, military, or other attaches of foreign embassies and legations; and members of their immediate families; (iv) aliens who are accredited representatives of certain international organizations, and their immediate families; (v) aliens temporarily residing in the United States for a period not to exceed 180 days; (vi) aliens not engaged in a trade or business in the United States who are attending a recognized college or university, or any training program supervised or conducted by an agency of the Federal Government; (vii) unincorporated subordinate units of a tax exempt central organization that are covered by a group exemption letter; (viii) a person under 18 years of age, with respect to an account opened at part of a school thrift savings program, provided the annual interest is less than $10; (ix) a person opening a Christmas club, vacation club, or similar installment savings program, provided the annual interest is less than $10; and (x) non-resident aliens who are not engaged in a trade or business in the United States. --------------------------------------------------------------------------- Treasury and the Agencies are requesting comments on whether any of these exemptions should apply in the context of the proposed CIP requirements in light of the intent and purpose of section 326 of the Act. Section 103.34(a)(4) provides that section 6109 of the Internal Revenue Code and the rules and regulations of the Internal Revenue Service (IRS) promulgated thereunder shall determine what constitutes a taxpayer identification number. This provision is continued in proposed section 103.121(a)(8). Section 103.34(a)(4) also provides that IRS rules shall determine whose number shall be obtained in the case of multiple account holders. Treasury and the Agencies believe that this provision is inconsistent with section 326 of the Act, which requires that banks verify the identity of ``any'' person seeking to open an account. For these reasons, Treasury, under its own authority, is proposing to repeal section 103.34(a). Section 103.34(b) sets forth certain recordkeeping requirements for banks. Among other things, section 103.34(b)(1) requires a bank to keep ``any notations, if such are normally made, of specific identifying information verifying the identity of [a person with signature authority over an account] (such as a driver's license number or credit card number).'' Treasury and the Agencies believe that the quoted language in section 103.34(b)(1) is inconsistent with the requirements of proposed section 103.121. For this reason, Treasury, under its own authority, is proposing to delete the quoted language. C. Technical Amendment to 31 CFR 103.11(j) Section 103.11(j), which defines the term ``deposit account,'' contains an [[Page 48296]] obsolete reference to the definition of ``transaction account,'' which is defined in section 103.11(hh). Under its own authority, Treasury is proposing to correct this reference. III. Request for Comments Treasury and the Agencies invite comment on all aspects of this rulemaking, and specifically seek comment on the following issues: 1. Whether the proposed definition of ``account'' is appropriate and whether other examples of accounts should be added to the regulatory text. 2. How the proposed regulation should apply to various types of accounts that are designed to allow a customer to transact business immediately. 3. Whether the definition of ``bank'' in the proposed regulation should be amended with respect to the foreign branches of banks by (i) excluding foreign branches or (ii) clarifying that a foreign branch must comply only to the extent that the bank's program does not contravene applicable local law. Treasury and the Agencies request that commenters cite and describe any potentially conflicting foreign laws that may apply to the foreign branches of banks. Comment is requested on this issue because Treasury and the Agencies recognize that interpreting the BSA to apply to the foreign branch of a U.S. depository institution could cause practical and legal problems for that institution if the branch has a conflicting obligation under applicable local law. The regulation, if adopted as proposed, may place a foreign branch in a position of potentially violating local law by implementing aspects of its bank's CIP, which is described more fully in the Supplemental Information, above. 4. Ways that banks can comply with the requirement that a bank obtain both the address of an individual's residence, and, if different, the individual's mailing address in situations involving individuals who lack a permanent address. 5. Whether non-U.S. persons that are not individuals will be able to provide a bank with the identifying information required in section 103.121(b)(2)(i)(D)(2), or whether other categories of identifying information should be added to this section to permit non-U.S. persons that are not individuals to open accounts. Commenters on this issue should suggest other means of identification that banks currently use or should use. 6. Whether the proposed regulation will subject banks to conflicting State laws. Treasury and the Agencies request that commenters cite and describe any potentially conflicting State laws. 7. The extent to which the verification procedures required by the proposed regulation make use of information that banks currently obtain in the account opening process. Treasury and the Agencies note that the legislative history of section 326 indicates that Congress intended ``the verification procedures prescribed by Treasury [to] make use of information currently obtained by most financial institutions in the account opening process.'' See H.R. Rep. No. 107-250, pt. 1, at 63 (2001). 8. Whether any of the exemptions from the customer identification requirements contained in current section 103.34(a)(3) should be continued in section 103.121(c). In this regard, Treasury and the Agencies request that commenters address the standards set forth in proposed section 103.121(c) (as well as any other appropriate factors). IV. Solicitation of Comments on Use of Plain Language Section 722 of the Gramm-Leach-Bliley Act, Pub. L. 106-102, sec. 722, 113 Stat. 1338, 1471 (Nov. 12, 1999), requires the OCC, Board, FDIC, and OTS to use plain language in all proposed and final rules published after January 1, 2000. Therefore, these agencies specifically invite your comments on how to make this proposal easier to understand. For example: Have we organized the material to suit your needs? If not, how could this material be better organized? Are the requirements in the proposed regulation clearly stated? If not, how could the regulation be more clearly stated? Does the proposed regulation contain language or jargon that is not clear? If so, which language requires clarification? Would a different format (grouping and order of sections, use of headings, paragraphing) make the regulation easier to understand? If so, what changes to the format would make the regulation easier to understand? What else could we do to make the regulation easier to understand? V. Regulatory Flexibility Act When an agency issues a rulemaking proposal, the Regulatory Flexibility Act (RFA) requires the agency to ``prepare and make available for public comment an initial regulatory flexibility analysis'' unless the agency certifies that the rule will not have a ``significant economic impact on a substantial number of small entities.'' 5 U.S.C. 603, 605(b).\11\ --------------------------------------------------------------------------- \11\ The RFA defines the term ``small entity'' in 5 U.S.C. 601 by reference to the definitions published by the Small Business Administration (SBA). The SBA has defined a ``small entity'' for banking purposes as a bank or savings institution with less than $150 million in assets. See 13 CFR 121.201. The NCUA defines ``small credit union'' as those under $1 million in assets. Interpretive Ruling and Policy Statement No. 87-2, Developing and Reviewing Government Regulations (52 FR 35231, September 18, 1987). --------------------------------------------------------------------------- The Agencies have reviewed the impact of this proposed rule on small banks. Treasury and the Agencies certify that the proposed rule will not have a significant economic impact on a substantial number of small entities. The requirements of the proposed rule closely parallel the requirements for customer identification programs mandated by section 326 of the Act. Moreover, Treasury and the Agencies believe that banks already have implemented prudential business practices and anti-money laundering programs that involve the key controls that would be required in a customer identification program in accordance with the proposed regulation. First, all banks already undertake extensive measures to verify the identity of their customers as a matter of good business practice. In addition, banks already must have anti-money laundering programs that include procedures for identification, verification, and documentation of customer information.\12\ --------------------------------------------------------------------------- \12\ See footnote 3. --------------------------------------------------------------------------- Second, banks already should have compliance programs in place to check lists provided by the Federal government of known and suspected terrorists and terrorist organizations. Currently, banks are prohibited from engaging in transactions involving certain foreign countries or their nationals under rules issued by the Office of Foreign Assets Control (OFAC). See 31 CFR 500. Banks should already have compliance programs in place to ensure that they do not violate OFAC rules. Treasury and the Agencies understand that many banks, including small banks, have instituted programs to check other lists provided to them by the Federal government following the events of September 11, 2001. Treasury and the Agencies believe that all banks have access to a variety of resources, such as computer software packages, that enable them to check lists provided by the Federal government. Third, Treasury and the Agencies believe the provision in the proposed rule that requires a bank to provide adequate notice to its customers that it is requesting information to verify their [[Page 48297]] identity will impose minimal costs on banks. Banks may elect to satisfy that requirement through a variety of low-cost measures, such as by posting a sign in the bank's lobby or providing any other form of written or oral notice. The recordkeeping requirements similarly may impose some costs on banks, if, for example, some of the information that must be maintained as a consequence of implementing customer identification programs is not already retained. Treasury and the Agencies believe that the compliance burden, if any, is minimized for banks, including small banks, because the proposed regulation vests a bank with the discretion to design and implement appropriate recordkeeping procedures, including allowing banks to maintain electronic records in lieu of (or in combination with) paper records. Finally, Treasury and the Agencies believe that the flexibility incorporated into the proposed rule will permit each bank to tailor its CIP to fit its own size and needs. In this regard, Treasury and the Agencies believe that expenditures associated with establishing and implementing a CIP will be commensurate with the size of a bank. If a bank is small, the burden to comply with the proposed rule should be de minimis. VI. Paperwork Reduction Act The proposed rule contains recordkeeping and disclosure requirements that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). In summary, the proposed rule requires banks to implement reasonable procedures to (1) maintain records of the information used to verify the person's identity and (2) provide notice of these procedures to customers. These recordkeeping and disclosure requirements are required under section 326 of the Act. The proposed rule applies only to a financial institution that is a ``bank'' as defined in 31 CFR 103.11(c),\13\ and any foreign branch of an insured bank. The proposed rule requires each bank to establish a written CIP that must include recordkeeping procedures (proposed section 103.121(b)(3)) and procedures for providing customers with notice that the bank is requesting information to verify their identity (proposed section 103.121(b)(5)). --------------------------------------------------------------------------- \13\ This definition includes banks, thrifts, and credit unions. --------------------------------------------------------------------------- The proposed rule requires a bank to maintain a record of (1) the identifying information provided by the customer, the type of identification document(s) reviewed, if any, the identification number of the document(s), and a copy of the identification document(s); (2) the means and results of any additional measures undertaken to verify the identity of the customer; and (3) the resolution of any discrepancy in the identifying information obtained. These records must be maintained at the bank for five years after the date the account is closed (proposed section 103.121(b)(3)). Treasury and the Agencies believe that little burden is associated with the recordkeeping requirements outlined in proposed section 103.121(b)(2), because such recordkeeping is a usual and customary business practice. In addition, banks already must keep similar records to comply with existing regulations in 31 CFR part 103 (see, e.g., 31 CFR 103.34, requiring certain records for each deposit or share account opened). The proposed rule also requires banks to give customers ``adequate notice'' of the identity verification procedures (proposed section 103.121(b)(5)). A bank may satisfy the notice requirement by posting a sign in the lobby or providing customers with any other form of written or oral notice. If the account is opened electronically, the bank may provide the notice electronically. Treasury and the Agencies believe that nominal burden is associated with the disclosure requirement outlined in proposed section 103.121(b)(5). This section requires a bank to notify its customers about the procedures the bank has implemented to verify their identities. However, a bank may choose among a variety of methods of providing adequate notice and may select the least burdensome method, given the circumstances under which customers seek to open new accounts. A person is not required to respond to a collection of information unless it displays a currently valid Office of Management and Budget (OMB) control number. The collection of information requirements contained in the proposed rule have been submitted to the OMB by Treasury in accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3507). The institutions subject to these requirements include national banks and Federal branches and agencies (OCC financial institutions); state member banks and branches and agencies of foreign banks (Board financial institutions); insured state nonmember banks (FDIC financial institutions); savings associations (OTS financial institutions); and federally insured credit unions (NCUA financial institutions). Estimated number of OCC financial institutions: 2,289. Estimated number of Board financial institutions: 1,188. Estimated number of FDIC financial institutions: 5,500. Estimated number OTS financial institutions: 1,020. Estimated number of NCUA financial institution: 9,944. Estimated average annual burden for the recordkeeping requirements of the proposed rule per each financial institution respondent: 10 hours. Estimated average annual burden for the disclosure requirements of the proposed rule per each financial institution respondent: 1 hour. Estimated total annual recordkeeping and disclosure burden: 219,351 hours. Treasury and the Agencies request public comment on all aspects of the recordkeeping and disclosure requirements contained in this proposed rule, including how burdensome it would be for banks to comply with these requirements. Also, Treasury and the Agencies request comment on whether the banks are currently maintaining the records requested in proposed section 103.121(b)(2). Treasury and the Agencies also invite comment on: (1) Whether the collections of information contained in the notice of proposed rulemaking are necessary for the proper performance of each agency's functions, including whether the information has practical utility; (2) The accuracy of each agency's estimate of the burden of the proposed information collections; (3) Ways to enhance the quality, utility, and clarity of the information to be collected; (4) Ways to minimize the burden of the information collections on respondents, including the use of automated collection techniques or other forms of information technology; and (5) Estimates of capital or start-up costs and costs of operation, maintenance, and purchases of services to provide information. Comments concerning the recordkeeping and disclosure requirements in the proposed rule should be sent (preferably by fax (202-395-6974)) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Paperwork Reduction Project (1506), Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy to FinCEN by mail or the Internet at the addresses previously specified. [[Page 48298]] VII. Executive Order 12866 Treasury, the OCC, and OTS have determined that this proposal is not a ``significant regulatory action'' under Executive Order 12866. The rule follows closely the requirements of section 326 of the Act. Treasury, the OCC, and OTS believe that national banks and savings associations already have procedures in place that fulfill most of the requirements of the proposed regulation. First, the procedures are a matter of good business practice. Second, national banks and savings associations already are required to have BSA compliance programs that address many of the requirements detailed in this notice of proposed rulemaking. Third, banks and savings associations should already have compliance programs in place to ensure they comply with OFAC rules prohibiting transactions with certain foreign countries or their nationals. Treasury, the OCC, and OTS invite national banks, the thrift industry, and the public to provide any cost estimates and related data that they think would be useful in evaluating the overall costs of the rule. For these reasons, and for the reasons discussed elsewhere in this preamble, Treasury, the OCC, and OTS believe that the burden stemming from this rulemaking will not cause the proposed rule to be a ``significant regulatory action.'' Lists of Subjects in 31 CFR Part 103 Administrative practice and procedure, Authority delegations (Government agencies), Banks, banking, Brokers, Currency, Foreign banking, Foreign currencies, Gambling, Investigations, Law enforcement, Penalties, Reporting and recordkeeping requirements, Securities. Authority and Issuance For the reasons set forth in the preamble, part 103 of title 31 of the Code of Federal Regulations is proposed to be amended as follows: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for part 103 is revised to read as follows: Authority: 12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 U.S.C. 5311-5332; title III, secs. 312, 313, 314, 319, 326, 352, Pub L. 107-56, 115 Stat. 307. 2. Section 103.11(j) is amended by removing ``paragraph (q)'' and adding ``paragraph (hh)''. 3. Section 103.34 is amended as follows: a. By removing paragraph (a); b. By redesignating paragraph (b) introductory text and paragraphs (b)(1) through (b)(13) as introductory text and paragraphs (a) through (m), respectively. c. In newly redesignated introductory text, by removing '', in addition,'' in the first sentence; and d. In newly redesignated paragraph (a), by removing '', including any notations, if such are normally made, of specific identifying information verifying the identity of the signer (such as a driver's license number or credit card number)''. 4. Subpart I of part 103 is amended by adding new Sec. 103.121 to read as follows: Sec. 103.121 Customer Identification Programs for banks, savings associations, and credit unions. (a) Definitions. For purposes of this section: (1) Account means each formal banking or business relationship established to provide ongoing services, dealings, or other financial transactions. For example, a deposit account, a transaction or asset account, and a credit account or other extension of credit would each constitute an account. (2) Bank means a bank, as that term is defined in Sec. 103.11(c), that is subject to regulation by a Federal functional regulator, and any foreign branch of an insured bank. (3) Customer means: (i) Any person seeking to open a new account; and (ii) Any signatory on the account at the time the account is opened, and any new signatory added thereafter. (4) Federal functional regulator has the same meaning as provided in Sec. 103.120(a)(2). (5) Person has the same meaning as provided in Sec. 103.11(z). (6) U.S. person means: (i) A U.S. citizen; or (ii) A corporation, partnership, trust, or person (other than an individual) that is established or organized under the laws of a State or the United States. (7) Non-U.S. person means a person that is not a U.S. person. (8) Taxpayer identification number. The provisions of section 6109 of the Internal Revenue Code of 1986 (26 U.S.C. 6109) and the regulations of the Internal Revenue Service promulgated thereunder shall determine what constitutes a taxpayer identification number. (b) Customer Identification Program: minimum requirements. (1) In general. A bank must implement a written Customer Identification Program (Program) that, at a minimum, includes each of the components of this section. The Program should be tailored to the bank's size, location and type of business. The bank's board of directors or a committee of the board must approve the Program. The Program must be a part of the bank's anti-money laundering program required under the regulations implementing 31 U.S.C. 5318(h), 12 U.S.C. 1818(s), and 12 U.S.C. 1786(q)(1). (2) Identity verification procedures. The Program must include procedures for verifying the identity of each customer, to the extent reasonable and practicable. The procedures must be based on the bank's assessment of the risks presented by the various types of accounts maintained by the bank, the various methods of opening accounts provided by the bank, and the type of identifying information available, and must enable the bank to form a reasonable belief that it knows the true identity of the customer. (i) Information required. (A) In general. The Program must contain procedures that specify the identifying information that the bank must obtain from each customer. Except as permitted by paragraph (b)(2)(i)(B) of this section, at a minimum, a bank must obtain the following information prior to opening or adding a signatory to an account: (1) Name; (2) For individuals, date of birth; (3) (i) For individuals, residence and, if different, mailing address; or (ii) For persons other than individuals, such as corporations, partnerships, and trusts: principal place of business and, if different, mailing address; (4) (i) For U.S. persons, a U.S. taxpayer identification number (e.g., social security number, individual taxpayer identification number, or employer identification number); or (ii) For non-U.S. persons, one or more of the following: a U.S. taxpayer identification number; passport number and country of issuance; alien identification card number; or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. (B) Limited exception. The Program may permit the bank to open or add a signatory to an account for a person other than an individual (such as a corporation, partnership, or trust) that has applied for, but has not received, an employer identification number. However, in such a case, the bank must obtain a copy of the application before [[Page 48299]] it opens or adds a signatory to the account and obtain the employer identification number within a reasonable period of time after it opens or adds a signatory to the account. (ii) Verification. The Program must contain risk-based procedures for verifying the information obtained pursuant to paragraph (b)(2)(i)(A) of this section within a reasonable time after the account is established or a signatory is added to the account. A bank need not verify the information about an existing customer seeking to open a new account or who becomes a signatory on an account, if the bank previously verified the customer's identity in accordance with procedures consistent with this section, and continues to have a reasonable belief that it knows the true identity of the customer. (A) Verification through documents. The Customer Identification Program must contain procedures describing when the bank will verify identity through documents and setting forth the documents that the bank will use for this purpose. These documents may include: (1) For individuals: unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard; and (2) For corporations, partnerships, trusts and persons other than individuals: documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, partnership agreement, or trust instrument. (B) Non-documentary verification methods. The Program must contain procedures that describe non-documentary methods the bank will use to verify identity and when these methods will be used in addition to, or instead of, relying on documents. These procedures must address situations where an individual is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard; the bank is not familiar with the documents presented; the account is opened without obtaining documents; the account is not opened in a face-to-face transaction; and the type of account increases the risk that the bank will not be able to verify the true identity of the customer through documents. Other verification methods may include contacting a customer; independently verifying documentary information through credit bureaus, public databases, or other sources; checking references with other financial institutions; and obtaining a financial statement. (iii) Lack of verification. The Program must include procedures for responding to circumstances in which the bank cannot form a reasonable belief that it knows the true identity of a customer. (3) Recordkeeping. (i) The Program must include procedures for maintaining a record of all information obtained under the procedures implementing paragraph (b)(1) of this section. The record must include: (A) All identifying information provided by a customer pursuant to paragraphs (b)(2)(i)(A) and (B) of this section; (B) A copy of any document that was relied on pursuant to paragraph (b)(2)(ii)(A) of this section that clearly evidences the type of document and any identification number it may contain; (C) The methods and result of any measures undertaken to verify the identity of the customer pursuant to paragraph (b)(2)(ii)(B) of this section; and (D) The resolution of any discrepancy in the identifying information obtained. (ii) The bank must retain all records for five years after the date the account is closed. (4) Comparison with government lists. The Program must include procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations provided to the bank by any federal government agency. The procedures must also ensure that the bank follows all federal directives issued in connection with such lists. (5) Customer notice. The Program must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identity. (c) Exemptions. The appropriate Federal functional regulator with the concurrence of the Secretary, may by order or regulation, exempt any bank or type of account from the requirements of this section. In issuing such exemptions, the Federal functional regulator and the Secretary shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act and with safe and sound banking, and is in the public interest. The Federal functional regulator and the Secretary also may consider other appropriate factors. (d) Other information requirements unaffected. Nothing in this section shall be construed to relieve a bank of its obligation to comply with any other provision in this part concerning information that must be obtained, verified, or maintained in connection with any account or transaction. Dated: July 15, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. Dated: July 2, 2002. John D. Hawke, Jr., Comptroller of the Currency. By order of the Board of Governors of the Federal Reserve System, July 10, 2002. Jennifer J. Johnson, Secretary of the Board. By order of the Board of Directors of the Federal Deposit Insurance Corporation this 3rd day of July, 2002. Valerie J. Best, Assistant Executive Secretary. Dated: July 5, 2002. In concurrence, by the Office of Thrift Supervision. James E. Gilleran, Director. Dated: July 3, 2002. Becky Baker, Secretary of the Board, National Credit Union Administration. [FR Doc. 02-18191 Filed 7-22-02; 8:45 am] BILLING CODE 4810-02-P
[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Proposed Rules] [Page 48306-48318] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-702] ----------------------------------------------------------------------- SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 240 [Release No. 34-46192, File No. S7-25-02] DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA32 Customer Identification Programs For Broker-Dealers AGENCIES: Financial Crimes Enforcement Network, Treasury; Securities and Exchange Commission. ACTION: Joint notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: The Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), and the Securities and Exchange Commission are jointly issuing a proposed regulation to implement section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (the Act). Section 326 requires the Secretary of the Treasury to jointly prescribe with the Securities and Exchange Commission a regulation that, at a minimum, requires broker-dealers to implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable; maintain records of the information used to verify the person's identity; and determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the broker-dealer by any government agency. DATES: Written comments on the proposed rule may be submitted to the Treasury Department and the Securities and Exchange Commission on or before September 6, 2002. ADDRESSES: Because paper mail in the Washington area may be subject to delay, commenters are encouraged to e-mail comments. Comments should be sent by one method only. Treasury: Comments may be mailed to FinCEN, Section 326 Broker- Dealer Rule Comments, P.O. Box 39, Vienna, VA 22183, or sent to Internet address regcomments@fincen.treas.gov with the caption ``Attention: Section 326 Broker-Dealer Rule Comments'' in the body of the text. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, DC. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). Securities and Exchange Commission: Comments also should be submitted in triplicate to Secretary, Securities and Exchange Commission, 450 Fifth Street, NW, Washington, DC 20549-0609. Comments also may be submitted electronically at the following e-mail address: rulecomments@sec.gov. Comment letters should refer to File No. S7-25- 02; this file number should be included on the subject line if e-mail is used. All comments received will be available for public inspection and copying at the Commission's Public Reference Room, 450 Fifth Street, NW, Washington, DC 20549-0102. Electronically submitted comment letters will be posted on the Commission's Internet web site (http// www.sec.gov). Personal identifying information, such as names or e-mail addresses, will not be edited from electronic submissions. Submit only information you wish to make publicly available. FOR FURTHER INFORMATION CONTACT: Treasury: Office of the Chief Counsel (FinCEN), 703/905-3590; Office of the Assistant General Counsel for Enforcement (Treasury), 202/622-1927; or the Office of the Assistant General Counsel for Banking & Finance (Treasury), 202/622-0480. Securities and Exchange Commission: Division of Market Regulation, 202/942-0177 or marketreg@sec.gov. SUPPLEMENTARY INFORMATION: I. Background A. Section 326 of the USA PATRIOT Act On October 26, 2001, President Bush signed into law the USA PATRIOT Act.\1\ Title III of the Act, captioned ``International Money Laundering Abatement and Anti-terrorist Financing Act of 2001,'' adds several new provisions to the Bank Secrecy Act (BSA). See 31 U.S.C. 5311 et seq. These provisions are intended to facilitate the prevention, detection, and prosecution of international money laundering and the financing of terrorism. --------------------------------------------------------------------------- \1\ Pub. L. 107-56. --------------------------------------------------------------------------- Section 326 of the Act adds a new subsection (l) to 31 U.S.C. 5318 that requires the Secretary of the Treasury (Secretary) to prescribe regulations setting forth minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at the financial institution. Section 326 applies to all ``financial institutions.'' This term is defined very broadly in the BSA to encompass a variety of entities including banks, agencies and branches of foreign banks in the United States, investment companies, thrifts, credit unions, brokers and dealers in securities or commodities, insurance companies, travel agents, pawnbrokers, dealers in precious metals, check-cashers, casinos, and telegraph companies, among many others. See 31 U.S.C. 5312(a)(2). For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with each Federal functional regulator appropriate for such financial institution. The Federal functional regulators include the Securities and Exchange Commission (Commission), the Commodity Futures Trading Commission (CFTC), and the banking agencies (banking agencies), namely, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the National Credit Union Administration. Final regulations implementing section 326 must be effective before October 25, 2002. Section 326 provides that the regulations, at a minimum, must require financial institutions to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, the Secretary is directed to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available. [[Page 48307]] The following proposal is being issued jointly by Treasury and the Commission. It applies only to persons registered, or required to be registered, with the Commission as brokers or dealers under the Securities Exchange Act of 1934 (Exchange Act), except persons who register pursuant to paragraph (b)(11) of section 15 of the Exchange Act (15 U.S.C. 78o(b)(11)) solely because they effect transactions in security futures products. This class of brokers and dealers will be subject to regulations issued by Treasury and the CFTC separately. Regulations governing the applicability of section 326 to other financial institutions, such as those regulated by the banking agencies, will be issued separately as well. Treasury, the Commission, the CFTC and the banking agencies consulted extensively in the development of all rules implementing section 326 of the Act. All of the participating agencies intend the effect of the rules to be uniform throughout the financial services industry. The Secretary has determined that the records required to be kept by section 326 of the Act have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, to protect against international terrorism. In addition, Treasury under its own authority is proposing conforming amendments to 31 CFR 103.35, which currently imposes requirements concerning the identification of bank customers. B. Codification of the Joint Proposed Rule The substantive requirements of the joint proposed rule will be codified with other BSA regulations as part of Treasury's regulations in 31 CFR part 103. To minimize potential confusion by affected entities regarding the scope of the joint proposed rule, the Commission is also proposing to add a provision in its own regulations in 17 CFR part 240 that will cross-reference the regulations in 31 CFR part 103. Although no specific text is being proposed at this time, the cross- reference will be included in a final rule published by the Commission concurrently with the joint final rule issued by Treasury and the Commission implementing section 326 of the Act. II. Section-by-Section Analysis A. Section 103.122(a) Definitions Section 103.122(a)(1) Account. The proposed rule's definition of ``account'' is intended to include all types of securities accounts maintained by brokers or dealers. These include accounts to purchase, sell, lend or otherwise hold securities or other assets, cash accounts, margin accounts, prime brokerage accounts that consolidate trading done at a number of firms, and accounts for repurchase and stock loan transactions. Section 103.122(a)(2) Broker-dealer. The proposed rule defines ``broker-dealer'' to include any person registered, or required to be registered, with the Commission as a broker or dealer under the Exchange Act, except persons who register, or are required to be registered, solely because they effect transactions in security futures products. These latter brokers or dealers, which register with the Commission pursuant to section 15(b)(11) of the Exchange Act, will be subject to a separate regulation issued jointly by Treasury and the CFTC implementing section 326. Section 103.122(a)(3) Commission. The proposed rule defines ``Commission'' to mean the United States Securities and Exchange Commission. Section 103.122(a)(4) Customer. The proposed rule defines ``customer'' as any person who opens a new account at a broker-dealer or is granted trading authority with respect to an account at a broker- dealer. Under this definition, a person who has an account at a broker- dealer prior to the effective date of the regulation would not be a ``customer.'' However, such a person becomes a ``customer'' if the person opens a different account. Moreover, a person becomes a ``customer'' each time the person opens a different type of account at a broker-dealer. Thus, if a person opens a cash account and subsequently opens a margin account, the person would be a ``customer'' for verification purposes on both occasions. Similarly, a person with trading authority prior to the effective date of the regulation is not a ``customer.'' However, any person being granted trading authority after the effective date is a customer. This is true even if the person is granted trading authority with respect to an account that existed prior to the effective date or the person had been granted trading authority for another account prior to the effective date. The requirements of section 326 apply to ``customers'' (i.e., persons opening new accounts or being granted trading authority), but do not apply to persons seeking information about an account such as a schedule of transaction fees, if an account is not opened. In addition, transfers of accounts from one broker-dealer to another that are not initiated by the customer, for example as a result of a merger, acquisition, or purchase of assets or assumption of liabilities, fall outside of the scope of section 326, and are not covered by the proposed regulation.\2\ --------------------------------------------------------------------------- \2\ However, there may be situations involving the transfer of accounts where it would be appropriate for a broker-dealer to verify the identity of customers associated with the accounts it is acquiring. Therefore, Treasury and the Commission expect procedures for transfers of accounts to be part of a broker-dealer's overall anti-money laundering program required under section 352 of the Patriot Act. See Footnote 5 infra for a discussion of the requirements of section 352. --------------------------------------------------------------------------- Section 103.122(a)(5) Person. The proposed rule defines ``person'' as having the same meaning as that term is defined in section 103.11(z). Thus, the term includes natural persons, corporations, partnerships, trusts or estates, joint stock companies, associations, syndicates, joint ventures, any unincorporated organizations or groups, Indian Tribes, and all entities cognizable as legal entities. Section 103.122(a)(6) U.S. person. The proposed rule defines ``U.S. person'' because U.S. citizens and persons incorporated under U.S. laws will be required to provide U.S. tax identification numbers whereas other persons, who may not have a U.S. tax identification number, will be required to provide other similar numbers. Thus, the rule defines ``U.S. person'' to mean a U.S. citizen or, for persons other than natural persons, an entity established or organized under the laws of a State or the United States.\3\ --------------------------------------------------------------------------- \3\ The terms ``State'' and ``United States'' are defined in section 103.11. --------------------------------------------------------------------------- Section 103.122(a)(7) Non-U.S. person. The proposed rule defines a ``Non-U.S. person'' as a person that is not a ``U.S. person'' as that term is defined in the rule. Section 103.122(a)(8) Taxpayer identification number. The proposed rule defines ``taxpayer identification number'' to have the same meaning as determined under the provisions of section 6109 of the Internal Revenue Code and the regulations of the Internal Revenue Service thereunder. B. Section 103.122(b) Customer Identification Program Section 326 of the Act requires the Secretary and the Commission to prescribe regulations requiring broker-dealers to implement and comply with ``reasonable procedures'' for: verifying the identity of customers ``to the extent reasonable and practicable;'' maintaining records associated with such verification; and consulting lists of known terrorists. [[Page 48308]] Paragraph (b) of the proposed rule sets forth the requirement that a broker-dealer must develop and operate a customer identification program (``CIP'') and sets forth relevant factors for the design of CIP procedures. The degree to which a CIP is effective will be a function of a broker-dealer's assessment of these factors and the nature of its response to them (as manifested in the CIP's procedures and guidelines). In addition, as section 326 and the proposed rule provide, the reasonableness of the CIP also will be a function of what is practicable for the broker-dealer. In developing and updating CIPs, broker-dealers should consider the type of identifying information available for customers and the methods available to verify that information. While certain minimum identifying information is required in paragraph (c) of this proposed rule and certain suitable verification methods are described in paragraph (d), broker-dealers should consider on an ongoing basis whether other information or methods are appropriate, particularly as they become available in the future. Broker-dealers must also base their CIPs on the risks associated with their business operations. Some relevant risk factors to be considered are set forth in paragraph (b) and discussed below in general terms.\4\ --------------------------------------------------------------------------- \4\ This discussion of the risk factors is included in the release because it may be helpful in providing some meaning and context with respect to the factors. However, it is not meant to provide comprehensive definitions of these risk factors or an exhaustive description of the considerations involved in assessing them. Instead, it should serve as a starting point for defining and assessing them. --------------------------------------------------------------------------- The first risk factor to consider is the broker-dealer's size. For example, a large firm that opens a substantial number of accounts on any given day will have different risks than one that opens a new account no more than once or twice a month. The same is true with respect to a firm that has many branches as compared to a firm with one office. The second risk factor is the location of the broker-dealer. Firms should assess whether they are located in areas where money laundering activities have been known to exist or that otherwise raise the risk that attempts will be made to open accounts for money laundering purposes. The third risk factor is the method by which customers open accounts at the broker-dealer. Accounts opened exclusively on-line present different, and perhaps greater, risks than those opened in person on the firm's premises. The fourth and fifth risk factors are the types of accounts and transactions offered by the broker-dealer. Broker-dealers should assess whether there are different risks (and degrees of risk) associated with the various types of accounts they provide to customers (e.g., cash, margin, prime-brokerage) and transactions they execute in those accounts (e.g., short sales, over-the-counter derivatives, repurchase and reverse repurchase agreements, block trades). The sixth risk factor is the customer base. Broker-dealers should assess the risks associated with different types of customers. For example, a firm should examine whether it is opening accounts for customers located in countries the Secretary determines to be of ``primary money laundering concern'' pursuant to section 311 of the Act. Verification procedures should account for the concerns raised by such customers. In addition, certain legal entities may pose greater risks (e.g., a closely held corporation as opposed to one that is publicly traded). The seventh risk factor requires an assessment of whether the broker-dealer can rely on another broker-dealer, with which it shares an account relationship, to undertake any of the steps required by this proposed rule with respect to the shared account. A shared account means an account subject to a carrying or clearing agreement governed by New York Stock Exchange (NYSE) Rule 382 or National Association of Securities Dealers, Inc. (NASD) Rule 3230 (i.e., a customer account introduced by a correspondent broker-dealer to a clearing and carrying broker-dealer). Rules 382 and 3230 allow correspondents and clearing firms to set forth in written agreements a division of responsibilities with respect to the accounts they share. We anticipate broker-dealers sharing accounts may realize efficiencies by dividing up the requirements in this proposed rule pursuant to their clearing agreements. For example, the correspondent may undertake to obtain the identifying information from customers as required in paragraph (c), and the clearing firm may undertake the verification procedures as required in paragraph (d). Nonetheless, both firms would still be responsible for ensuring that each requirement in the rule is met with respect to each customer. Accordingly, a broker- dealer must continually assess whether the other firm can be relied on to perform its responsibilities. This would include communicating and coordinating with the other firm on an on-going basis. Moreover, a broker-dealer is expected to cease such reliance if it is no longer reasonable. Paragraph (b) also requires that the identity verification procedures must enable the broker-dealer to form a reasonable belief that it knows the true identity of the customer. This provision makes clear that, while there is flexibility in establishing these procedures, the broker-dealer is responsible for exercising reasonable efforts to ascertain the identity of each customer. Finally, paragraph (b) requires that broker-dealers make their CIPs part of their overall anti-money laundering programs required under section 352 of the Act (31 U.S.C. 5318(h)).\5\ This requirement is intended to make it clear that the CIP is not a separate program, but rather should be integrated into a broker-dealer's overall anti-money laundering procedures and policies. However, this should not be read to create any negative inference about a broker-dealer's need to establish and maintain an overall money laundering program that is designed to ensure compliance with all other applicable regulations promulgated under the Act. --------------------------------------------------------------------------- \5\ Section 352 requires brokers and dealers to establish anti- money laundering programs that, at a minimum, include (1) the development of internal policies, procedures, and controls; (2) the designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. On April 22, 2002, the Commission approved rule changes submitted by the NASD and the NYSE. Exchange Act Release No. 45798 (April 22, 2002), 67 FR 20854 (April 26, 2002). These rules (NASD Rule 3011 and NYSE Rule 445) set forth minimum requirements for these programs. --------------------------------------------------------------------------- C. Section 103.122(c) Required Information The first step in verifying identity is obtaining identifying information from customers. Paragraph (c) of the proposed rule provides that a broker-dealer's CIP must require customers to provide, at a minimum, certain identifying information before an account is opened for the customer or the customer is granted trading authority over an account. Specifically, the broker-dealer must obtain each customer's: (1) Name; (2) date of birth, if applicable; (3) addresses; \6\ and (4) documentary number.\7\ --------------------------------------------------------------------------- \6\ With respect to the address requirement, each customer must provide a mailing address, and, if different, the address of the customer's residence (if a natural person) or principal place of business (if not a natural person). \7\ Each customer that is a U.S. person must provide a U.S. taxpayer identification number (e.g., social security number or employer identification number). Customers that are Non-U.S. persons must provide either a U.S. taxpayer identification number, an alien identification card number, or the number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. The term ``similar safeguard'' is included to permit the use of any biometric identifiers that may be used in addition to, or instead of, photographs. --------------------------------------------------------------------------- [[Page 48309]] The rule requires only that the minimum identifying information be obtained from each customer. Broker-dealers, in assessing the risk factors in paragraph (b), should determine whether other identifying information is necessary to form a reasonable belief as to the true identity of each customer. There may be certain types of customers from whom it is reasonable to obtain other identifying information in addition to the minimum required information. There also may be circumstances that make it appropriate to obtain additional information. If a broker-dealer, in examining the nature of its business and operations, determines that additional information should be obtained in certain cases, it should set forth guidelines in its CIP indicating the types of additional information and the circumstances when it shall be obtained. Treasury and the Commission recognize that a new business may need to open a brokerage account before it has received an employer identification number (EIN) from the Internal Revenue Service. For this reason, the proposed rule contains a limited exception to the requirement that a taxpayer identification number must be provided prior to the opening of an account or the granting of trading authority. Accordingly, a CIP may permit an account to be opened or trading authority to be granted for a person, other than an individual (such as a corporation, partnership or trust), that has applied for, but has not received, an EIN. However, in such a case, the CIP must require that the broker-dealer obtain a copy of the application for the EIN prior to the time the account is opened or trading authority granted. Currently, the IRS indicates that the issuance of an EIN can take up to five weeks. This length of time, coupled with when the person applied for the EIN, should be considered by the broker-dealer in determining the reasonable period of time within which the person should provide its EIN to the broker-dealer. D. Section 103.122(d) Required Verification Procedures After obtaining identifying information from a customer, the broker-dealer must take steps to verify the accuracy of that information in order to reach a point where it can form a reasonable belief that it knows the true identity of the customer. Accordingly, paragraph (d) of the proposed rule requires a broker-dealer's CIP to have procedures for verifying the accuracy of the identifying information provided by the customer. The extent of the verification for each customer will depend on the steps necessary for a broker- dealer to reach a reasonable belief that it knows the true identity of the customer. Paragraph (d) requires that the verification procedures must be undertaken within a reasonable time before or after a customer's account is opened or a customer is granted authority to effect transactions with respect to an account. This flexibility must be exercised in a reasonable manner, given that verifications too far in advance may become stale and verifications too long after the fact may provide opportunities to launder money while verification is pending. The amount of time it will take a broker-dealer to verify the identity of a customer may depend on the type of account opened, whether the customer opens the account in person, and on the type of identifying information available. In addition, although an account is opened, a broker-dealer may choose to place limits on the account, such as restricting the number of transactions or the dollar value of transactions, until a customer's identity is verified. Therefore, the proposed rule provides broker-dealers with the flexibility to use a risk-based approach to determine when the identity of a customer must be verified relative to the opening of an account or the granting of trading authority. \8\ --------------------------------------------------------------------------- \8\ We note that it is possible a broker-dealer could violate other laws by permitting a customer to transact business prior to verifying the customer's identity. See, e.g., 31 CFR part 500, prohibiting transactions involving designated foreign countries or their nationals. --------------------------------------------------------------------------- A person becomes a customer each time the person opens a new account at a broker-dealer or is granted trading authority with respect to an account. Therefore, upon the opening of each account or the granting of new authority, the verification requirements of this rule would apply. However, if a customer whose identification has been verified previously opens a new account or is granted new authority, the broker-dealer would not need to verify the customer's identity a second time, provided the broker-dealer (1) previously verified the customer's identity in accordance with procedures consistent with the proposed rule, and (2) continues to have a reasonable belief that it knows the true identity of the customer. The rule provides for two methods of verifying identifying information: verification through documents and verification through non-documentary means. For example, using documents would include obtaining a driver's license or passport from a natural person or articles of incorporation from a company. Non-documentary methods would include cross-checking the information provided by a customer against that supplied by a credit bureau. The proposed rule requires that a broker-dealer's CIP address both methods of verification. Depending on the type of customer and the method of opening an account, it may be more appropriate to use either documentary or non-documentary methods. In some cases, it may be appropriate to use both methods. The CIP should set forth guidelines describing when documents, non-documentary methods, or a combination of both will be used. These guidelines should be based on the broker- dealer's assessment of the factors described in paragraph (b) of the proposed rule. The risk a broker-dealer will not know a customer's true identity will be heightened for certain types of accounts, such as accounts opened in the name of a corporation, partnership, or trust that is created or conducts substantial business in a jurisdiction the Secretary determines is a primary money laundering concern or an international body, such as the Financial Action Task Force on Money Laundering, designates as non-cooperative. Obtaining sufficient information to verify a given customer's true identity can reduce the risk a broker-dealer will be used as a conduit for money laundering and terrorist financing. A broker-dealer's identity verification procedures must be based on its assessments of the factors in paragraph (b). Accordingly, when those assessments suggest a heightened risk, the broker-dealer should prescribe additional verification measures. 1. Verification Through Documents Paragraph (d)(1) provides that the CIP must describe when a broker- dealer will verify identity through documents and set forth the documents that will be used for this purpose. The rule also lists certain documents that are suitable for verification. For natural persons, these documents may include: unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard. For other persons, suitable documents would be ones showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, a [[Page 48310]] partnership agreement, or a trust instrument. 2. Verification Through Non-Documentary Methods Paragraph (d)(2) provides that the CIP must describe non- documentary verification methods and when such methods will be employed in addition to, or instead of, using documents. The rule allows for the exclusive use of non-documentary methods because frequently accounts are opened by telephone, mail, or over the Internet. However, even if the customer presents documents, it may be appropriate to use non- documentary methods as well. Ultimately, the broker-dealer is responsible for employing sufficient verification methods to be able to form a reasonable belief that it knows the true identity of the customer. The proposed rule sets forth certain non-documentary methods that would be suitable for verifying identity. These methods include contacting a customer after the account is opened; \9\ obtaining a financial statement; comparing the identifying information provided by the customer against fraud and bad check databases to determine whether any of the information is associated with known incidents of fraudulent behavior (negative verification); comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer reporting agency (positive verification); and checking references with other financial institutions. The broker- dealer also may wish to analyze whether there is logical consistency between the identifying information provided, such as the customer's name, street address, ZIP code, telephone number (if provided), date of birth, and social security number (logical verification). --------------------------------------------------------------------------- \9\ The purpose of engaging in verification is to check identifying information about a customer against an independent source. Contacting a customer may be a useful part of the verification process when an account is opened on-line or by mail. However, a broker-dealer should not rely solely on this method as a means of verification. --------------------------------------------------------------------------- Paragraph (d)(2) also provides that the CIP must require the use of non-documentary methods in certain cases; specifically, when a natural person is unable to present an unexpired government issued identification document that bears a photograph or similar safeguard and when the broker-dealer is presented with unfamiliar documents to verify the identity of a customer, does not obtain documents to verify the identity of a customer, does not meet face-to-face a customer who is a natural person, or is otherwise presented with circumstances that increase the risk the broker-dealer will be unable to verify the true identity of a customer through documents. Thus, non-documentary methods should be used when a broker-dealer cannot examine original documents. In addition, Treasury and the Commission recognize that identification documents, including those issued by a government entity, may be obtained illegally and may be fraudulent. In light of the recent increase in identity fraud, broker- dealers are encouraged to use non-documentary methods, even when a customer has provided identification documents. E. Section 103.122(e) Government Lists Section 326 of the Act also requires reasonable procedures for determining whether a customer appears on any list of known or suspected terrorists or terrorist organizations provided by any government agency. The proposed rule implements this requirement and clarifies that the requirement applies only with respect to lists circulated by the Federal government. In addition, the proposed rule states that broker-dealers must follow all Federal directives issued in connection with such lists. This provision makes clear that a broker- dealer must have procedures for responding to circumstances when a customer is named on a list. F. Section 103.122(f) Customer Notice Section 326 provides that financial institutions must give their customers notice of their identity verification procedures. Therefore, a broker-dealer's CIP must include procedures for providing customers with adequate notice that the broker-dealer is requesting information to verify their identity. A broker-dealer may satisfy the notice requirement by generally notifying its customers about the procedures the broker-dealer must comply with to verify their identities. For example, the broker-dealer may post a sign in its lobby or provide customers with any other form of written or oral notice. If an account is to be opened electronically, such as through an Internet website, the broker-dealer may provide notice electronically. Notice must be given before an account is opened or trading authority is granted. G. Section 103.122(g) Lack of Verification Paragraph (g) of the proposed rule states that a broker-dealer's CIP must include procedures for responding to circumstances in which it cannot form a reasonable belief that it knows the true identity of a customer. Generally, a broker-dealer should maintain an account for a customer only when it can form a reasonable belief that it knows the customer's true identity. \10\ Thus, a broker-dealer's CIP should specify the actions to be taken when it cannot form a reasonable belief. There also should be guidelines for when an account will not be opened. In addition, the CIP should address the terms under which a customer may conduct transactions while a customer's identity is being verified. The CIP should specify at what point, after attempts to verify a customer's identity have failed, an account that has been opened will be closed. Finally, the procedures should include a process for determining whether a Suspicious Activity Report should be filed in accordance with applicable laws and regulations. --------------------------------------------------------------------------- \10\ There are some exceptions to this basic rule. For example, a broker-dealer may maintain an account, at the direction of law enforcement, notwithstanding that the broker-dealer does not know the true identity of a customer. --------------------------------------------------------------------------- H. Section 103.122(h) Recordkeeping Section 326 of the Act requires procedures for maintaining records of the information used to verify a person's identity, including name, address, and other identifying information. Paragraph (h) of the proposed rule sets forth recordkeeping procedures that must be included in a broker-dealer's CIP. These procedures must provide for the maintenance of all information obtained pursuant to the CIP. Information that must be maintained includes all identifying information provided by a customer pursuant to paragraph (c). Thus, the broker-dealer must make a record of each customer's name, date of birth (if applicable), addresses, and tax identification number or other number. Broker-dealers also must maintain copies of any documents that were relied on pursuant to paragraph (d)(1) evidencing the type of document and any identification number it may contain. For example, if a customer produces a driver's license, the broker-dealer must make a copy of the driver's license that clearly indicates it is a driver's license and legibly depicts any identification number on the license. Broker-dealers also must make and maintain records of the methods and results of measures undertaken to verify the identity of a customer pursuant to paragraph (d)(2). For example, if a broker-dealer obtains a report from a credit bureau concerning a customer, the report must be maintained. Broker-dealers also must make and maintain records of the resolution of any discrepancy in the identifying information obtained. To continue with [[Page 48311]] the previous example, if the customer provides a residence address that is different than the address shown on the credit report, the broker- dealer must document how it resolves this discrepancy or, if the discrepancy is not resolved, how it forms a reasonable belief notwithstanding the discrepancy. The broker-dealer must retain all of these records for five years after the date the account is closed or the grant of authority to effect transactions with respect to an account is revoked. In all other respects, the records should be maintained in accordance with the requirements of Rule 17a-4. \11\ --------------------------------------------------------------------------- \11\ 17 CFR 240.17a-4. --------------------------------------------------------------------------- Nothing in this proposed regulation modifies, limits or supersedes section 101 of the Electronic Records in Global and National Commerce Act, Public Law 106-229, 114 Stat. 464 (15 U.S.C. 7001) (E-Sign Act). Thus, a broker-dealer may use electronic records to satisfy the requirements of this regulation, as long as the records are maintained in accordance with Rule 17a-4(f), which the Commission has interpreted as being consistent with the requirements in the E-Sign Act. \12\ --------------------------------------------------------------------------- \12\ See Exchange Act Release No. 44238 (May 1, 2001), 66 FR 22916 (May 7, 2001). --------------------------------------------------------------------------- Treasury and the Commission emphasize that the collection and retention of information about a customer, as an ancillary part of collecting identifying information, do not relieve a broker-dealer from its obligations to comply with anti-discrimination laws and regulations. I. Section 103.122(i) Approval of Program Paragraph (i) of the proposed rule requires that the broker- dealer's CIP be approved by the most senior level of the firm (e.g., the board of directors, managing partners, board of managers, or other governing body performing similar functions) or by persons specifically authorized by that body to approve such a program. J. Section 103.122(j) Exemptions Section 326 states that the Secretary and the Federal functional regulator jointly issuing a rule under that section may by order or regulation exempt any financial institution or type of account from the regulation in accordance with such standards and procedures as the Secretary may prescribe. The proposed rule provides that the Commission, with the concurrence of the Secretary, may exempt any broker-dealer that registers with the Commission pursuant to 15 U.S.C. 78o and 78o-4. However, it excludes from this exemptive authority broker-dealers that register pursuant to 15 U.S.C. 78o(b)(11). These are firms that register as broker-dealers solely because they deal in securities futures products. The exemptive authority with respect to these firms will be in the rule issued jointly by Treasury and the CFTC. The proposed rule provides that the Secretary, with the concurrence of the Commission, may exempt any broker-dealer that registers pursuant to 15 U.S.C 78o-5 (i.e., government securities dealers). In issuing exemptions under the proposed rule, the Secretary and the Commission shall consider whether the exemption is consistent with the purposes of the BSA, and in the public interest, and may consider other necessary and appropriate factors. III. Conforming Amendments to 31 CFR 103.35 Current section 103.35(a) sets forth customer identification requirements when certain brokerage accounts are opened. Generally, sections 103.35(a)(1) and (2) require a broker-dealer, within 30 days after an account is opened, to secure and maintain a record of the taxpayer identification number of the customer involved. If the broker- dealer is unable to obtain the taxpayer identification number within 30 days (or a longer time if the person has applied for a taxpayer identification number), it need take no further action under section 103.35 concerning the account if it maintains a list of the names, addresses, and account numbers of the persons for which it was unable to secure taxpayer identification numbers, and provides that information to the Secretary upon request. In the case of a non- resident alien, the broker-dealer is required to record the person's passport number or a description of some other government document used to determine identification. Section 103.35(a)(3) currently provides that a broker-dealer need not obtain a taxpayer identification number with respect to specified categories of persons \13\ opening accounts. The proposed rule does not contain any exemptions from the CIP requirements. Treasury believes that the requirements of section 103.35(a)(1) and (2) are inconsistent with the intent and purpose of section 326 of the Act and incompatible with the proposed rule. For these reasons, Treasury, under its own authority, is proposing to repeal section 103.35(a). --------------------------------------------------------------------------- \13\ The exemption applies to (i) agencies and instrumentalities of Federal, State, local, or foreign governments; (ii) aliens who are ambassadors; ministers; career diplomatic or consular officers; naval, military, or other attaches of foreign embassies and legations; and members of their immediate families; (iii) aliens who are accredited representatives of certain international organizations, and their immediate families; (iv) aliens temporarily residing in the United States for a period not to exceed 180 days; (v) aliens not engaged in a trade or business in the United States who are attending a recognized college or university, or any training program supervised or conducted by an agency of the Federal Government; and (vi) unincorporated subordinate units of a tax exempt central organization that are covered by a group exemption letter. --------------------------------------------------------------------------- In addition, Treasury and the Commission are requesting comments on whether any of the exemptions in Section 103.35(a)(3) should apply in the context of the proposed CIP requirements in light of the intent and purpose of section 326 of the Act. IV. Request for Comments Treasury and the Commission invite comment on all aspects of the proposed regulation, and specifically seek comment on the following issues: 1. Whether the proposed definition of ``account'' is appropriate and whether other examples of accounts should be added to the rule text. 2. How broker-dealers can comply with the requirement to obtain both the address of a person's residence, and, if different, the person's mailing address in situations involving natural persons who lack a permanent address. 3. Whether non-U.S. persons that are not natural persons will be able to provide a broker-dealer with the identifying information required in Sec. 103.122(c)(4), or whether other categories of identifying information should be added to this section. Commenters on this issue should suggest other means of identification that broker- dealers currently use or should use in this circumstance that would allow a broker-dealer to form a reasonable belief that it knows the true identity of the entity. 4. The extent to which the verification procedures required by the proposed rule make use of information that broker-dealers currently obtain in the account opening process. We note that the legislative history of section 326 indicates that Congress intended ``the verification procedures prescribed by Treasury [to] make use of information currently obtained by most financial institutions in the account opening process.'' See H.R. Rep. No. 107-250, pt. 1, at 63 (2001). 5. Whether any of the exemptions from the customer identification requirements contained in current section 103.35(a)(3) should be continued in the proposed rule. In this regard, Treasury and the Commission [[Page 48312]] request that commenters address the standards set forth in paragraph (j) of the proposed rule (as well as any other appropriate factors). V. Paperwork Reduction Act Certain provisions of the proposed rule contain ``collection of information'' requirements within the meaning of the Paperwork Reduction Act of 1995.\14\ Treasury has submitted the proposed rule to the Office of Management and Budget (OMB) for review in accordance with 44 U.S.C 3507(d). An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid control number. --------------------------------------------------------------------------- \14\ 44 U.S.C. 3502 et seq. --------------------------------------------------------------------------- A. Collection of Information Under the Proposed Rule The proposed rule contains recordkeeping and disclosure requirements that are subject to the Paperwork Reduction Act of 1995. In summary, the proposed rule requires broker-dealers to implement reasonable procedures to (1) maintain records of the information used to verify the person's identity and (2) provide notice of the CIPs procedures to customers. These recordkeeping and notice requirements are required under section 326 of the Act. B. Proposed Use of the Information Section 326 of the Act requires Treasury and the Commission jointly to issue a regulation setting forth minimum standards for broker- dealers and their customers regarding the identity of the customer that shall apply in connection with opening of an account at the broker- dealer. Furthermore, section 326 provides that the regulations, at a minimum, must require broker-dealers to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. The purpose of section 326, and the regulations promulgated thereunder, is to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. In issuing the proposed rule, Treasury and the Commission are seeking to fulfill their statutorily mandated responsibilities under section 326 and to achieve its important purpose. The proposed rule requires each broker-dealer to establish a written CIP that must include recordkeeping procedures and procedures for providing customers with notice that the broker-dealer is requesting information to verify their identity. The proposed rule requires a broker-dealer to maintain a record of (1) the identifying information provided by the customer, the type of identification document(s) reviewed, if any, the identification number of the document(s), and a copy of the identification document(s); (2) the means and results of any additional measures undertaken to verify the identity of the customer; and (3) the resolution of any discrepancy in the identifying information obtained. The proposed rule also requires each broker-dealer to give customers ``adequate notice'' of the identity verification procedures. A broker-dealer may satisfy this disclosure requirement by posting a sign in the lobby or providing customers with any other form of written or oral notice. If the account is opened electronically, the broker- dealer may provide the notice electronically. Accordingly, a broker- dealer may choose among a variety of methods of providing adequate notice and may select the least burdensome method, given the circumstances under which customers seek to open new accounts. C. Respondents The proposed rule would apply to approximately 5,568 broker- dealers, which is the approximate number of firms that conduct business with the general public. D. Total Annual Reporting and Recordkeeping Burden 1. Providing Notice to Customers The requirement to provide notice to customers generally will be a one-time burden in terms of drafting and posting or implementing the notices. The Commission estimates that broker-dealers will take two hours each to draft and post the required notices. There are approximately 5,568 broker-dealers that will have to undertake this task. Therefore, in complying with this requirement, the Commission estimates that the industry as a whole will spend approximately 11,136 hours. 2. Recordkeeping The requirement to make and maintain records related to the CIP will be an annual time burden. The total burden to the industry will depend on the number of new accounts added each year. The Commission estimates that broker-dealers, on average, will spend two minutes per account making and maintaining the required records.\15\ Therefore, in complying with this requirement, the Commission estimates that the industry as a whole will spend approximately 513,333 hours in 2002, 563,333 hours in 2003, and 620,000 hours in 2004.\16\ --------------------------------------------------------------------------- \15\ The Commission estimates that the number of new accounts in the upcoming years will be: 15,400,000 in 2002, 16,900,000 in 2003, and 18,600,000 in 2004. The Commission arrived at this estimate by considering: (1) the total number of accounts at the 2001 year-end (102,700,000) as reported by broker-dealers on Form X-17a-5-- Financial and Operational Combined Uniform Single (FOCUS) Reports they file pursuant to section 17 of the Exchange Act and rule 17a-5 (17 CFR 240.17a-5) thereunder; and (2) the annualized growth rate in total accounts for the years 1990 through 2001 (ten percent). The Commission also estimates that the number of accounts that are closed each year equals five percent of the total number of accounts. Accordingly, the Commission estimates that the total annualized growth rate for new accounts each year is fifteen percent. Therefore, starting with the 2001 total of 102,700,000 and using an annualized growth rate of fifteen percent, the Commission estimates that 15,400,000 new accounts will be added in 2002, 16,900,000 in 2003 and 18,600,000 in 2004. \16\ The Commission derived these estimates by taking the number of new accounts projected for each upcoming year and multiplying the number by two minutes and then dividing that number by 60 to convert minute totals into hour totals. --------------------------------------------------------------------------- E. Collection of Information Is Mandatory These recordkeeping and disclosure (notice) requirements are mandatory. F. Confidentiality The collection of information pursuant to the proposed rule would be provided by customers and other sources to broker-dealers and maintained by broker-dealers. In addition, the information may be used by federal regulators, self-regulatory organizations, and authorities in the course of examinations, investigations, and judicial proceedings. No governmental agency regularly would receive any of the information described above. G. Record Retention Period The proposed rule will require that the records with respect to a given customer be retained until five years after the date the account of a customer is closed or the grant of authority to effect transactions with respect to an account is revoked. [[Page 48313]] H. Request for Comment Pursuant to 44 U.S.C. 3506(c)(2)(B), Treasury and the Commission solicit comments to: (1) Evaluate whether the proposed collections of information are necessary, and whether they would have practical utility, (2) Evaluate the accuracy of the estimates of the burden of the proposed collection of information, (3) Enhance the quality, utility, and clarity of the information to be collected, and (4) Minimize the burden of the collection of information on those required to respond, including through the use of automated collection techniques or other forms of information technology. Comments concerning the recordkeeping and disclosure requirements in the proposed rule should be sent (preferably by fax (202-395-6974)) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Paperwork Reduction Project (1506), Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy to FinCEN by mail or the Internet at the addresses previously specified. VI. Commission's Analysis of the Costs and Benefits Associated With the Proposed Rule The Commission is considering the costs and benefits associated with the proposal and requesting comment on all aspects of this cost- benefit analysis, including identification and assessment of any other costs and benefits not discussed in the analysis. Commenters are encouraged to identify, discuss, analyze, and supply relevant data concerning the costs and benefits associated with the proposed rule. Section 326 of the Act requires Treasury and the Commission to prescribe regulations setting forth minimum standards for broker- dealers regarding the identities of customers that shall apply in connection with the opening of an account. The statute also provides that the regulations issued by Treasury and the Commission must, at a minimum, require financial institutions to implement reasonable procedures for: (1) Verification of customers' identities; (2) determination of whether a customer appears on a government list; and (3) maintenance of records related to customer verification. The proposed rule implements this statutory mandate by requiring broker- dealers to (1) establish a CIP; (2) obtain certain identifying information from customers; (3) verify identifying information of customers; (4) check customers against lists provided by federal agencies, (5) provide notice to customers that information may be requested in the process of verifying their identities; and (6) make and maintain records. The Commission believes that these requirements are reasonable and practicable, as required by the section 326 and, therefore, that the costs associated with them are attributable to the statute. Moreover, while the proposed rule specifies certain minimum requirements, broker-dealers will be able to design their CIPs in a manner most appropriate to their business models and customer bases. This flexibility should be beneficial to broker-dealers in helping them to tailor their CIPs appropriately, while still meeting the statutory requirements of section 326. Even though the Commission believes the costs associated with the proposed rule are attributable to the statute, it nonetheless has undertaken an analysis of the costs and benefits of the requirements. The Commission seeks comment on all aspects of the proposed rule, including whether the proposed rule, by setting forth minimum requirements, creates a benefit or, conversely, imposes costs because broker-dealers will not be able to choose for themselves the minimum procedures they wish to use to meet the requirements of the statute. The Commission also seeks comment on whether the costs are attributable to the statute. A. Benefits Associated With the Proposed Rule The anti-money laundering provisions in the Act are intended to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. The proposed rule is an important part of this effort. It fulfills the statutory mandate of section 326 by specifying how a broker-dealer is to establish a program that will assist it in determining the identities of customers. Verifying identities, in turn, will reduce the risk of broker-dealers unwittingly aiding criminals, including terrorists, in accessing U.S. financial markets to launder money or move funds for illicit purposes. Additionally, the implementation of such programs should make it more difficult for persons to successfully engage in fraudulent activities involving identity theft or the placing of fictitious orders to buy or sell securities. B. Costs Associated with the Proposed Rule 1. Writing Procedures Most broker-dealers, as a matter of prudent business practices, should already have procedures in place for verifying identities of customers. In addition, Exchange Act Rule 17a-3(a)(9) requires broker- dealers to obtain the name and address of each beneficial owner of a cash or margin account.\17\ Similarly, the self-regulatory organizations have rules requiring broker-dealers to obtain identifying information from customers.\18\ Accordingly, firms should already have written procedures for complying with these existing regulations. --------------------------------------------------------------------------- \17\ 17 CFR 240.17a-3(a)(9). \18\ See, e.g., NYSE Rule 405, NASD Rule 3110. --------------------------------------------------------------------------- Nonetheless, the Commission believes that some broker-dealers will have to update or establish a CIP. The proposed rule seeks to keep the costs low by allowing for great flexibility in establishing a CIP. For example, it is to be based on factors specific to each broker-dealer, such as size, customer base and location. Thus, the analysis and detail necessary for a CIP will depend on the complexity of the broker-dealer and its operations. Given the considerable differences among broker- dealers, it is difficult to quantify a cost per broker-dealer. Highly complex firms will have more risk factors to consider, given, for example, their size, multiple offices, variety of services and products offered, and range of customers. However, most large firms already have some procedures in place for verifying customer identities. Smaller and less complex firms will not have as many risk factors. The Commission estimates that establishing a written CIP could result in additional costs for some broker-dealers to the extent they do not have verification procedures that meet the minimum requirements in the rule. This includes broker-dealers that would need to augment their procedures to make them compliant. On average, the Commission estimates the additional cost per broker-dealer to establish a compliant CIP to be approximately $2,244, resulting in a one time overall cost to the industry of approximately $12,494,592.\19\ --------------------------------------------------------------------------- \19\ The Commission estimates that it will take broker-dealers on average approximately 20 hours to establish a written CIP. This estimate seeks to account for the fact that many firms already have customer identification and verification procedures and that discrepancies in size and complexity will result in differing time burdens. The Commission believes that broker-dealers will have senior compliance personnel draft their CIPs and that this will take an average of 16 hours. The Commission anticipates that in-house counsel will spend on average 4 hours reviewing the CIP. According to the Securities Industry Association (``SIA'') Management and Professional Earnings 2000 report (``SIA Earnings Report''), Table 051, the hourly cost of a compliance manager plus 35% overhead is $101.25. The hourly cost for an in-house counsel plus 35% overhead is $156.00 (SIA Earnings Report, Table 107 (Attorney)). Therefore, the Commission estimates that the total cost per broker-dealer to establish a CIP would be $2,244 per broker-dealer [(16 x $101.25) + (4 x $156.00)]. As of the 2000 year-end, there were approximately 5,568 broker-dealers that engaged in some form of a public business. Therefore, the Commission estimates that the total cost to the industry would be $2,244 multiplied by 5,568 or $12,494,592. --------------------------------------------------------------------------- [[Page 48314]] 2. Obtaining Identifying Information The Commission believes that broker-dealers already obtain from customers most, if not all, of the information required under the proposed rule.\20\ Rule 17a-3(a)(9) requires broker-dealers to obtain, with respect to each margin and cash account, the name and address of each beneficial owner, provided that the broker-dealer need only obtain such information from the persons authorized to transact business for the account if it is a joint or corporation account.\21\ --------------------------------------------------------------------------- \20\ For example, the Anti-Money Laundering Committee of the SIA recommended in its Preliminary Guidance for Deterring Money Laundering Activity (February 2002) that broker-dealers obtain certain identifying information from customers at the commencement of the business relationship, including, for natural persons: name, address, date of birth, investment experience and objectives, social security number or taxpayer identification number, net worth, annual income, occupation, employer's address, and the names of any persons authorized to effect transactions in the account. For non-resident aliens, the SIA Committee recommended that the broker-dealer obtain, in addition to the information above, a passport number or other valid government identification number. The SIA Committee also made a number of recommendations with respect to customers that are not natural persons. \21\ 17 CFR 240.17a-3(a)(9). --------------------------------------------------------------------------- Further, broker-dealers are already required, pursuant to NASD Rule 3110, to obtain certain identifying information with respect to each account.\22\ For example, if the customer is a natural person, the rule requires the broker-dealer to obtain the customer's name and address.\23\ In addition, the broker-dealer must determine whether the customer is of legal age, and, if the customer purchases more than just open-end investment company shares or is solicited to purchase such shares, the broker-dealer must obtain the customer's tax identification or social security number.\24\ If the customer is a corporation, partnership, or other legal entity, the broker-dealer must obtain its name, residence, and the names of any persons authorized to transact business on behalf of the entity.\25\ If the account is a discretionary account, the broker-dealer must obtain the signature of each person authorized to exercise discretion over the account.\26\ Finally, the broker-dealer must maintain all of this information as a record of the firm. --------------------------------------------------------------------------- \22\ Section 15(b)(8) of the Exchange Act (15 U.S.C. 78o(b)(8)) requires each broker-dealer to become a member of a securities association registered pursuant to section 15A of the Exchange Act (15 U.S.C. 78o-3) unless the broker-dealer effects transactions solely on a national securities exchange of which it is a member. The NASD is the only securities association registered pursuant to section 15A. Exchange Act Rule 15b9-1 (17 CFR 240.15b9-1) exempts broker-dealers from this requirement to register with the NASD if they (1) are an exchange member, (2) carry no customer accounts, and (3) derive gross annual income from purchases and sales of securities other than on a national securities exchange of not greater than $1,000. Generally then, most broker-dealers that carry customer accounts are members of the NASD and subject to Rule 3110. \23\ NASD Rule 3110(c)(1). \24\ NASD Rule 3110(c)(2). \25\ NASD Rule 3110(c)(1). \26\ NASD Rule 3110(c)(3). --------------------------------------------------------------------------- In addition, NYSE Rule 405 requires broker-dealers to ``[u]se due diligence to learn the essential facts relative to every customer, every order, every cash or margin account accepted or carried by such organization and every person holding power of attorney over any account accepted or carried by such organization.'' \27\ --------------------------------------------------------------------------- \27\ NYSE Rule 405(1). --------------------------------------------------------------------------- While broker-dealers are required currently to obtain most of this information, the Commission estimates that there will be some new costs for broker-dealers because some may not be obtaining all the required information. The Commission estimates that the total cost to the industry to obtain the minimum identifying information will be $5,826,333 in 2002, $6,393,833 in 2003, and $7,037,000 in 2004.\28\ The Commission also estimates that some broker-dealers will have to update their account opening applications or account opening websites in order to insert line items requesting customers to provide the required information. The Commission estimates that this will result in a one- time cost to the industry of $563,760.\29\ --------------------------------------------------------------------------- \28\ The Commission estimates that obtaining the required minimum identifying information will take broker-dealers approximately one minute per account. This takes into consideration the fact that approximately 97% of customer accounts are held at the 70 largest broker-dealers. These firms likely already obtain the required identifying information from their customers. Therefore, requiring that each piece of identifying information be obtained should not impose a significant additional burden. The average hourly cost of the person who would be obtaining this information is $22.70 per hour (per the SIA Earnings Report, Table 082 (Retail Sales Assistant, Registered) and including 35% in overhead charges). Therefore, the costs to the industry would be: (number of new accounts per year) x (\1/60\ of an hour) x ($22.70). As indicated previously, the Commission estimates that the number of new accounts in the upcoming years will be: 15,400,000 in 2002, 16,900,000 in 2003, and 18,600,000 in 2004. \29\ The Commission estimates that it will take each broker- dealer, on average, one hour to update account opening applications or electronic account opening systems. The Commission believes that broker-dealers will have a compliance manager implement the necessary changes. The hourly cost for a compliance manager is $101.25 (SIA Earnings Report, Table 051 (Compliance manager)). Accordingly, the total cost to the industry would be: ($101.25) x (the number of broker-dealers doing a public business or 5,568) or $563,760. --------------------------------------------------------------------------- 3. Verifying Identifying Information The proposed rule provides broker-dealers with substantial flexibility in establishing how they will independently verify the information provided by customers. For example, customers that open accounts on a broker-dealer's premises can simply provide a driver's license or passport, or if the customer is not a natural person, it can provide a copy of any documents showing its existence as a legal entity (e.g., articles of incorporation, business licenses, partnership agreements or trust instruments). There are also a number of options for customers that open accounts via the telephone or Internet. In these cases, broker-dealers may obtain a financial statement from the customer, check the customer's name against a credit bureau or database, or check the customer's references with other financial institutions. The documentary and non-documentary verification methods set forth in the rule are not meant to be an exclusive list of the appropriate means of verification. Other reasonable methods may be available now or in the future. The purpose of making the rule flexible is to allow broker-dealers to select verification methods that are, as section 326 requires, reasonable and practicable. Methods that are appropriate for a smaller broker-dealer with a fairly localized customer base may not be sufficient for a larger firm with customers from many different countries. The proposed rule recognizes this fact and, therefore, allows broker-dealers to employ such verification methods as would be suitable to a given firm to form a reasonable belief that it knows the true identities of its customers. The Commission estimates that verifying the identifying information could result in costs for broker-dealers because some firms currently may not use verification methods. The Commission estimates that the total cost to the industry to verify the identifying information will be $48,628,333 in [[Page 48315]] 2002, $53,375,833 in 2003, and $58,745,000 in 2004.\30\ --------------------------------------------------------------------------- \30\ The Commission estimates that the processing costs associated with verification methods will be approximately $1.00 per account. The Commission further estimates that the average time spent verifying an account will be five minutes. The hourly cost of the person who would undertake the verification is $25.90 per hour (per the SIA Earnings Report, Table 086 (Data Entry Clerk, Senior) and including 35% in overhead charges). Therefore, the costs to the industry reported above are: (number of new accounts per year) x ($1.00) + (number of new accounts per year) x (\1/12\ of an hour) x ($25.90). The Commission estimates that the number of new accounts in the upcoming years will be: 15,400,000 in 2002, 16,900,000 in 2003, and 18,600,000 in 2004. --------------------------------------------------------------------------- 4. Determining Whether Customers Appear on a Federal Government List The Commission believes that broker-dealers who receive federal government lists, chiefly clearing firms, already have procedures for checking customers against them. First, there are substantive legal requirements associated with the lists circulated by Treasury's Office of Foreign Asset Control of the U.S. Treasury (OFAC). The failure of a firm to comply with these requirements could result in criminal and civil penalties. The Commission believes that, given the events of September 11, 2001, most broker-dealers that receive lists from the federal government have implemented procedures for checking their customers against them. The Commission estimates that this requirement could result in some additional costs for broker-dealers because some may not already check such lists. The Commission estimates that the total cost to the industry to check such lists will be $3,323,833 in 2002, $3,647,583 in 2003, and $4,014,500 in 2004.\31\ --------------------------------------------------------------------------- \31\ The Commission believes that most of the firms that receive these lists already check their customers against them. Moreover, as indicated previously, 97% of customer accounts are held at the 70 largest firms. The Commission understands that most of these firms have automated processes for complying with many regulatory requirements. Accordingly, the Commission estimates that it will take broker-dealers on average thirty seconds to check whether a person appears on a government list. The hourly cost of the person who would check the list is $25.90 per hour (per the SIA Earnings Report, Table 086 (Data Entry Clerk, Senior) and including 35% in overhead charges). Therefore, the costs to the industry reported above are: (number of new accounts per year) x (\1/120\ of an hour) x ($25.90). The Commission estimates that the number of new accounts in the upcoming years will be: 15,400,000 in 2002, 16,900,000 in 2003, and 18,600,000 in 2004. --------------------------------------------------------------------------- 5. Providing Notice to Customers A broker-dealer may satisfy the notice requirement by generally notifying its customers about the procedures the broker-dealer must comply with to verify their identities. For example, the broker-dealer may post a sign in its lobby or provide customers with any other form of written or oral notice. If an account is opened electronically, such as through an Internet website, the broker-dealer may provide notice electronically. The Commission estimates the total one-time cost to the industry to provide notice to customers to be $1,432,368.\32\ --------------------------------------------------------------------------- \32\ The Commission estimates that it will take each broker- dealer, on average, two hours to create and implement the appropriate notice. This estimate takes into consideration the fact that many small firms will be able to provide adequate notice by hanging signs in their premises. Larger firms will be able to provide notice by updating account opening documentation or electronic account opening systems. The Commission believes that broker-dealers will have an attorney draft the appropriate notice, and that this will take approximately one hour. The hourly cost for an in-house counsel plus 35% overhead is $156.00 (SIA Earnings Report, Table 107, (Attorney)). The Commission believes that broker- dealers will have a compliance manager implement the notice, and that implementation will take approximately one hour. The hourly cost for a compliance manager is $101.25 (SIA Earnings Report, Table 051 (Compliance manager)). Accordingly, the total cost to the industry would be: ($156.00 + 101.25) x (the number of broker- dealers doing a public business or 5,568) or $1,432,368. --------------------------------------------------------------------------- 6. Recordkeeping The Commission estimates that many of the records required by the rule are already made and maintained by broker-dealers. As discussed above, Commission and self-regulatory organization rules already require broker-dealers to obtain much of the minimum identifying information specified in the proposed rule. These regulations also require that records be made and kept of this information. The Commission estimates that the recordkeeping requirement could result in additional costs for some broker-dealers that currently do not maintain certain of the records for the prescribed time period. The Commission estimates that the total cost to the industry to make and maintain the required records in the upcoming years will be $13,295,333 in 2002, $14,590,333 in 2003, and $16,058,000 in 2004.\33\ --------------------------------------------------------------------------- \33\ The Commission estimates that it will take approximately two minutes per new account to make and maintain the required records. This estimate takes into account the fact that many broker- dealers already make and maintain many of the required records. In addition, for many new accounts, the recordkeeping will be fairly simple (e.g., making a photocopy of a driver's license or financial statement, or keeping a record of the results of a public database search or credit bureau query. The hourly cost of the person who would undertake the verification is $25.90 per hour (per the SIA Earnings Report, Table 086 (Data Entry Clerk, Senior) and including 35% in overhead charges). Therefore, the costs to the industry reported above are: (number of new accounts per year) x (\1/30\ of an hour) x ($25.90). The Commission estimates that the number of new accounts in the upcoming years will be: 15,400,000 in 2002, 16,900,000 in 2003, and 18,600,000 in 2004. --------------------------------------------------------------------------- VII. Regulatory Flexibility Act Treasury and the Commission are sensitive to the impact our rules may impose on small entities. Congress enacted the Regulatory Flexibility Act, 5 U.S.C. 601 et seq., to address concerns related to the effects of agency rules on small entities. In this case, Treasury and the Commission believe that the proposed rule likely would not have a ``significant economic impact on a substantial number of small entities.'' 5 U.S.C. 605(b). First, the economic impact on small entities should not be significant because most small entities are likely to have a relatively small number of accounts, and thus compliance should not impose a significant economic impact. Second, as discussed in Section VI (the Commission's cost benefit analysis), the economic impact on broker-dealers, including small entities, is imposed by the statute itself, and not by the proposed rule. Treasury and the Commission seek comment on whether the proposed rule would have a significant economic impact on a substantial number of small entities and whether the costs are imposed by the statute itself, and not the proposed rule. While Treasury and the Commission believe that the proposed rule likely would not have a significant economic impact on a substantial number of small entities, Treasury and the Commission do not have complete data at this time to make this determination. Therefore, an Initial Regulatory Flexibility Analysis has been prepared in accordance with 5 U.S.C. 603. A. Reason for the Proposed Action Section 326 of the Act requires Treasury and the Commission jointly to issue a regulation setting forth minimum standards for broker- dealers and their customers regarding the identity of the customer that shall apply in connection with the opening of an account at the broker- dealer. Furthermore, section 326 requires, at a minimum, that broker- dealers implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. The purpose of section 326, and the regulations promulgated thereunder, is [[Page 48316]] to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. In issuing the proposed rule, Treasury and the Commission are seeking to fulfill their statutorily mandated responsibilities under section 326 and to achieve its important purpose. B. Objective The objective of the proposed regulation is to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. The proposed rule seeks to achieve this goal by specifying the information broker-dealers must obtain from or about customers that can be used to verify the identity of the customers. This will make it more difficult for persons to use false identities to establish customer relationships with broker-dealers for the purposes of laundering money or moving funds to effectuate illegal activities, such as financing terrorism. C. Legal Basis The proposed rule is being promulgated pursuant to section 326 of the Act, which mandates that Treasury and the Commission issue a regulation setting forth minimum standards for financial institutions and their customers regarding the identity of customers that shall apply in connection with the opening of accounts at financial institutions. D. Small Entities Subject to the Rule The proposed rule would affect broker-dealers that are small entities. Rule 0-10 under the Exchange Act \34\ defines a broker-dealer to be small if it (1) had total capital (net worth plus subordinated liabilities) of less than $500,000 on the date in the prior fiscal year as of which its audited financial statements were prepared pursuant to Sec. 240.17a-5(d) or, if not required to file such statements, a broker or dealer that had total capital (net worth plus subordinated liabilities) of less than $500,000 on the last business day of the preceding fiscal year (or in the time that it has been in business, if shorter); and (2) is not affiliated with any person (other than a natural person) that is not a small business or small organization as defined in the rule. --------------------------------------------------------------------------- \34\ 17 CFR 240.0-10(c). --------------------------------------------------------------------------- As of December 31, 2000, the Commission estimates there were approximately 873 broker-dealers that were ``small'' for purposes of Rule 0-10 that would be subject to this rule because they conduct business with the general public. The Commission bases its estimate on the information provided in broker-dealer FOCUS Reports. E. Reporting, Recordkeeping and other Compliance Requirements The proposed rule would require broker-dealers to (1) establish a CIP; (2) obtain certain identifying information from customers; (3) verify identifying information of customers; (4) check customers against lists provided by federal agencies; (5) provide notice to customers that information may be requested in the process of verifying their identities; and (6) make and maintain records related to the CIP. F. Duplicative, Overlapping or Conflicting Federal Rules As discussed throughout this preamble, there are other federal rules that contain requirements for collecting certain information from customers. However, these other requirements do not provide sufficient information for broker-dealers to verify the identity of their customers. Congress has mandated that Treasury and the Commission issue a regulation that requires broker-dealers to undertake such verifications. G. Significant Alternatives If an agency does not certify that a rule will not have a significant economic impact on a substantial number of small entities, the Regulatory Flexibility Act directs Treasury and the Commission to consider significant alternatives that would accomplish the stated objective, while minimizing any adverse impact on small entities. In connection with the proposed amendments, we considered the following alternatives: (1) The establishment of differing compliance or reporting requirements or timetables that take into account the resources of small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rule for small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the proposed amendments, or any part thereof, for small entities. The proposed rule provides for substantial flexibility in how each broker-dealer may meet its requirements. This flexibility is designed to account for differences between broker-dealers, including size. Nonetheless, Treasury and the Commission did consider alternatives such as exempting certain small entities from some or all of the requirements of the proposed rule. Treasury and the Commission do not believe that such an exemption is appropriate, given the flexibility built into the rule to account for, among other things, the differing sizes and resources of broker-dealers, as well as the importance of the statutory goals and mandate of section 326. Money laundering can occur in small firms as well as large firms. H. Solicitation of Comments Treasury and the Commission encourage the submission of comments with respect to any aspect of this Initial Regulatory Flexibility Analysis, including comments regarding the number of small entities that may be affected by the proposed rule. Such comments will be considered by Treasury and the Commission in determining whether a Final Regulatory Flexibility Analysis is required, and will be placed in the same public file as comments on the proposed amendment itself. Comments should be submitted to Treasury or the Commission at the addresses previously indicated. VIII. Executive Order 12866 The Department of the Treasury has determined that this rule is not a significant regulatory action for purposes of Executive Order 12866. As noted above, the proposed rule closely parallels the requirements of section 326 of the Act. Accordingly, a regulatory impact analysis is not required. Lists of Subjects in 31 CFR Part 103 Administrative practice and procedure, Authority delegations (Government agencies), Banks, banking, Brokers, Currency, Foreign banking, Foreign currencies, Gambling, Investigations, Law enforcement, Penalties, Reporting and recordkeeping requirements, Securities. Authority and Issuance For the reasons set forth in the preamble, part 103 of title 31 of the Code of Federal Regulations is proposed to be amended as follows: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for part 103 is revised to read as follows: Authority: 12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 U.S.C. 5311-5332; title III, secs. 312, 313, 314, 319, 326, 352, Pub. L. 107-56, 115 Stat. 307. 2. Section 103.35 is amended as follows: a. By removing paragraph (a); b. By redesignating paragraph (b) introductory text and paragraphs (b)(1) through (b)(4) as introductory text and paragraphs (a) through (d), respectively; and [[Page 48317]] c. In newly redesignated introductory text, by removing ``, in addition,'' in the first sentence. 3. Subpart I of part 103 is amended by adding Sec. 103.122 to read as follows: Sec. 103.122 Customer identification programs for broker-dealers. (a) Definitions. For the purposes of this section: (1) Account means any formal business relationship with a broker- dealer established to effect financial transactions in securities, including, but not limited to, the purchase or sale of securities, securities loan and borrowed activity, or the holding of securities or other assets for safekeeping or as collateral. For example, a cash account, margin account, prime brokerage account that consolidates trading done at a number of firms, or an account for repurchase transactions would each constitute an account. (2) Broker-dealer means any person registered or required to be registered as a broker or dealer with the Commission under the Securities Exchange Act of 1934 (15 U.S.C 77a et seq.), except persons who register pursuant to 15 U.S.C 78o(b)(11). (3) Commission means the United States Securities and Exchange Commission. (4) Customer means: (i) Any person who opens a new account with a broker-dealer; and (ii) Any person who is granted authority to effect transactions with respect to an account with a broker-dealer. (5) Person has the same meaning as that term is defined in Sec. 103.11(z). (6) U.S. person means: (i) Any U.S. citizen; and (ii) Any corporation, partnership, trust, or person (other than a natural person) that is established or organized under the laws of a State or the United States. (7) Non-U.S. person means a person that is not a U.S. person. (8) Taxpayer identification number. The provisions of section 6109 of the Internal Revenue Code of 1986 (26 U.S.C. 6109) and the regulations of the Internal Revenue Service promulgated thereunder shall determine what constitutes a taxpayer identification number. (b) Customer identification program. A broker-dealer shall establish, document, and maintain a written Customer Identification Program (``CIP''). A broker-dealer's CIP procedures must enable it to form a reasonable belief that it knows the true identity of the customer. A broker-dealer's CIP must be a part of its anti-money laundering program required under 31 U.S.C. 5318(h). A broker-dealer's CIP procedures shall be based on the type of identifying information available and on an assessment of relevant risk factors including: (1) The broker-dealer's size; (2) The broker-dealer's location; (3) The broker-dealer's methods for opening accounts; (4) The types of accounts the broker-dealer maintains for customers; (5) The types of transactions the broker-dealer executes for customers; (6) The broker-dealer's customer base; and (7) The broker-dealer's reliance on another broker-dealer with which it shares an account relationship. (c) Required information--(1) General. Except as permitted by paragraph (c)(2) of this section, the CIP shall require the broker- dealer to obtain specified identifying information about each customer before an account is opened or a customer is granted authority to effect transactions with respect to an account. The specified information must include, at a minimum: (i) Name; (ii) Date of birth, for a natural person; (iii) Addresses: (A) Residence and mailing (if different) for a natural person; or (B) Principal place of business and mailing (if different) for a person other than a natural person; and (iv) Documentary record: (A) U.S. person. A taxpayer identification number from each customer that is a U.S. person; or (B) Non-U.S. person. A taxpayer identification number, passport number and country of issuance, an alien identification card number, or the number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. (2) Limited exception. In the case of a person other than a natural person that has applied for, but has not received, an employer identification number, the CIP may allow the employer identification number to be provided within a reasonable period of time after the account is established, if the broker-dealer obtains a copy of the application for the employer identification number prior to the opening of an account or the granting of trading authority. (d) Required verification procedures. The CIP shall include procedures for verifying the identity of customers, to the extent reasonable and practicable, using identifying information obtained. Such verification must occur within a reasonable time before or after the customer's account is opened or the customer is granted authority to effect transactions with respect to an account. (1) Verification through documents. The CIP must describe when the broker-dealer will verify customers' identities through documents and describe the documents that the broker-dealer will use for this purpose. Suitable documents for verification may include: (i) For natural persons, an unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard; and (ii) For persons other than natural persons, documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, a partnership agreement, or a trust instrument. (2) Verification through non-documentary methods. The CIP must describe non-documentary methods the broker-dealer will use to verify customers' identities and when these methods will be used in addition to, or instead of, relying on documents. Non-documentary verification methods may include contacting a customer, obtaining a financial statement, independently verifying information through credit bureaus, public databases, or other sources, and checking references with other financial institutions. Non-documentary methods shall be used when a customer who is a natural person is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard, or the broker-dealer is presented with unfamiliar documents to verify the identity of a customer, the broker-dealer does not obtain documents to verify the identity of a customer, does not meet face-to-face a customer who is a natural person, or the broker- dealer is otherwise presented with circumstances that increase the risk that the broker-dealer will be unable to verify the true identity of a customer through documents. (e) Government lists. The CIP shall include procedures for determining whether a customer appears on any list of known or suspected terrorists or terrorist organizations provided to the broker- dealer by any federal government agency. Broker-dealers shall follow all federal directives issued in connection with such lists. (f) Customer notice. The CIP shall include procedures for providing customers with adequate notice that the broker-dealer is requesting information to verify their identities. [[Page 48318]] (g) Lack of verification. The CIP shall include procedures for responding to circumstances in which the broker-dealer cannot form a reasonable belief that it knows the true identity of a customer. (h) Recordkeeping. The CIP shall include procedures for making and retaining a record of all information obtained pursuant to the CIP. (1) Required records. At a minimum, the CIP shall require the broker-dealer to make the following records: (i) All identifying information provided by a customer pursuant to paragraph (c) of this section, and copies of any documents that were relied on pursuant to paragraph (d)(1) of this section that accurately depict the types of documents and any identification numbers they may contain; (ii) The methods and results of any measures undertaken to verify the identity of a customer pursuant to paragraph (d)(2) of this section; and (iii) The resolution of any discrepancy in the identifying information obtained. (2) Retention of records. The broker-dealer must retain all records made or obtained when verifying the identity of a customer pursuant to its CIP until five years after the date the account of the customer is closed or the grant of authority to effect transactions with respect to an account is revoked. In all other respects, the records shall be maintained pursuant to the provisions of 17 CFR 240.17a-4. (i) Approval of CIP. The CIP shall be approved by the broker- dealer's board of directors, managing partners, board of managers or other governing body performing similar functions or by a person or persons specifically authorized by such bodies to approve the CIP. (j) Exemptions. The Commission, with the concurrence of the Secretary, may by order or regulation exempt any broker-dealer that registers with the Commission pursuant to 15 U.S.C. 78o (except broker- dealers that register under subsection (b)(11) of that section) or 15 U.S.C. 78o-4 or type of account from the requirements of this section. The Secretary, with the concurrence of the Commission, may exempt any broker-dealer that registers with the Commission pursuant to 15 U.S.C. 78o-5. In issuing such exemptions, the Commission and the Secretary shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act, and in the public interest, and may consider other necessary and appropriate factors. Dated: July 15, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. Dated: July 12, 2002. By the Securities and Exchange Commission. Margaret H. McFarland, Deputy Secretary. [FR Doc. 02-18192 Filed 7-22-02; 8:45 am] BILLING CODE 8010-01-P; 4830-01-P516
[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Proposed Rules] [Page 48318-48328] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-703] ----------------------------------------------------------------------- SECURITIES AND EXCHANGE COMMISSION 17 CFR Part 270 [Release No. IC-25657; File No. S7-26-02] DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA33 Customer Identification Programs for Mutual Funds AGENCIES: Financial Crimes Enforcement Network, Treasury; Securities and Exchange Commission. ACTION: Joint notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: The Department of the Treasury, through the Financial Crimes Enforcement Network (FinCEN), and the Securities and Exchange Commission are jointly issuing a proposed regulation to implement Section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 (the Act). Section 326 requires the Secretary of the Treasury to jointly prescribe with the Securities and Exchange Commission a regulation that, at a minimum, requires investment companies to adopt and implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable; maintain records of the information used to verify the person's identity; and determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to investment companies by any government agency. The proposed rule would apply to investment companies that are mutual funds. DATES: Written comments on the proposed rule should be submitted to the Treasury Department and the Securities and Exchange Commission on or before September 6, 2002. ADDRESSES: Because paper mail in the Washington area may be subject to delay, commenters are encouraged to e-mail comments. Comments should be sent by one method only. Treasury: Comments may be mailed to FinCEN, Section 326 Mutual Fund Rule Comments, P.O. Box 39, Vienna, VA 22183, or sent to Internet address regcomments@fincen.treas.gov with the caption ``Attention: Section 326 Mutual Fund Rule Comments'' in the body of the text. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, DC. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). Securities and Exchange Commission: Comments also should be submitted in triplicate to Secretary, Securities and Exchange Commission, 450 Fifth Street, NW., Washington, DC 20549-0609. Comments also may be submitted electronically at the following E-mail address: rule-comments@sec.gov. Comment letters should refer to File No. S7-26- 02; this file number should be included on the subject line if E-mail is used. All comments received will be available for public inspection and copying at the Commission's Public Reference Room, 450 Fifth Street, NW., Washington, DC 20549-0102. Electronically submitted comment letters will be posted on the Commission's Internet web site (http://www.sec.gov). Personal, identifying information, such as names or E-mail addresses, is not deleted from electronic submissions. Submit only information you wish to make publicly available. FOR FURTHER INFORMATION CONTACT: Securities and Exchange Commission: Division of Investment Management, Securities and Exchange Commission, (202) 942-0720. Treasury: Office of the Chief Counsel (FinCEN), (703) 905-3590; Office of the Assistant General Counsel for Enforcement (Treasury), (202) 622-1927; or the Office of the Assistant General Counsel for Banking & Finance (Treasury), (202) 622-0480. SUPPLEMENTARY INFORMATION: I. Background A. Section 326 of the USA PATRIOT Act On October 26, 2001, President Bush signed into law the USA PATRIOT Act.\1\ Title III of the Act, captioned ``International Money Laundering Abatement and Anti-terrorist Financing Act of 2001,'' adds several new provisions to the Bank Secrecy Act (``BSA''), 31 U.S.C. 5311 et seq. These provisions are intended to facilitate the [[Page 48319]] prevention, detection, and prosecution of international money laundering and the financing of terrorism. --------------------------------------------------------------------------- \1\ Pub. L. 107-56. --------------------------------------------------------------------------- Section 326 of the Act adds a new subsection (l) to 31 U.S.C. 5318 that requires the Secretary of the Treasury (``Secretary'') to prescribe regulations setting forth minimum standards for financial institutions and their customers that relate to the identification and verification of any person who applies to open an account. Section 326 provides that the regulations must require, at a minimum, financial institutions to implement reasonable procedures for: (1) Verifying the identity of customers, to the extent reasonable and practicable, when accounts are opened; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, the Secretary is directed to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available. Final regulations implementing Section 326 must be effective by October 25, 2002. Section 326 applies to all ``financial institutions.'' This term is defined very broadly in the BSA to encompass a variety of entities including investment companies, banks, agencies and branches of foreign banks in the United States, thrifts, credit unions, brokers and dealers in securities or commodities, insurance companies, travel agents, pawnbrokers, dealers in precious metals, check-cashers, casinos, and telegraph companies, among many others. See 31 U.S.C. 5312(a)(2).\2\ --------------------------------------------------------------------------- \2\ For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with the Securities and Exchange Commission (``Commission''), the Commodity Futures Trading Commission (``CFTC''), and the banking agencies (``banking agencies''), namely, the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the National Credit Union Administration. --------------------------------------------------------------------------- Although the BSA includes ``an * * * investment company'' among the entities defined as financial institutions, Treasury has not previously defined the term for purposes of the BSA.\3\ The Investment Company Act of 1940 (codified at 15 U.S.C. 80a-1, et seq.) (``1940 Act'') defines investment company broadly and subjects those entities to comprehensive regulation by the Commission.\4\ However, privately offered entities commonly known as hedge funds, private equity funds and venture capital funds typically rely on exclusions from the 1940 Act definition of investment company.\5\ For purposes of the Section 326 requirement, the scope of this proposed rule is limited to those entities that are required to register with the Commission as investment companies and that fall within the category of ``open-end company'' contained in section 5(a)(1) of the 1940 Act.\6\ These entities are commonly referred to as ``mutual funds.'' \7\ --------------------------------------------------------------------------- \3\ 31 U.S.C 5312(a)(2)(I). \4\ Section 3(a)(1) defines ``investment company'' as any issuer which-- (A) is or holds itself out as being engaged primarily, or proposes to engage primarily, in the business of investing, reinvesting, or trading in securities; (B) is engaged or proposes to engage in the business of issuing face-amount certificates of the installment type, or has been engaged in such business and has any such certificate outstanding; or (C) is engaged or proposes to engage in the business of investing, reinvesting, owning, holding, or trading in securities, and owns or proposes to acquire investment securities having a value exceeding 40 per centum of the value of such issuer's total assets (exclusive of Government securities and cash items) on an unconsolidated basis. \5\ E.g., Sections 3(c)(1) and 3(c)(7) of the Investment Company Act. Section 356 of the Act requires that the Secretary, the Board of Governors of the Federal Reserve System and the Commission jointly submit a report to Congress, not later than October 26, 2002, on recommendations for effective regulations to apply the requirements of the BSA to investment companies as defined in section 3 of the 1940 Act, including persons that, but for the provisions that exclude entities commonly known as hedge funds, private equity funds, and venture capital funds, would be investment companies. \6\ Other types of investment companies regulated by the Commission include closed-end companies and unit investment trusts. Closed-end companies typically sell a fixed number of shares in traditional underwritten offerings. Holders of closed-end company shares then trade their shares in secondary market transactions, usually on a securities exchange or in the over-the-counter market. Unit investment trusts are pooled investment entities without a board of directors or investment adviser that offer investors redeemable units in an unmanaged, fixed portfolio of securities. The Secretary and the Commission will continue to consider whether a CIP requirement would be appropriate for the issuers of these products, or whether they are effectively covered by the CIP requirements of other financial institutions involved in their distribution (e.g., broker-dealers). \7\ By interim rule published on April 29, 2002, Treasury required that mutual funds adopt anti-money laundering programs pursuant to Section 352 of the Act. 67 FR 21117 (April 29, 2002). Treasury temporarily exempted investment companies other than mutual funds from the requirement that they establish anti-money laundering programs and temporarily deferred determining the definition of ``investment company'' for purposes of the BSA. Id. However, it is likely that some of the entities excluded from the definition of ``investment company'' in the 1940 Act will be required to establish anti-money laundering programs and customer identification programs pursuant to sections 352 and 326 of the Act. --------------------------------------------------------------------------- Regulations governing the applicability of Section 326 to other financial institutions, such as broker-dealers and those institutions regulated by the banking agencies, are being issued separately. Treasury, the Commission, the CFTC and the banking agencies consulted extensively in the development of all rules implementing Section 326 of the Act. All of the participating agencies intend the effect of the rules to be uniform throughout the financial services industry. \8\ --------------------------------------------------------------------------- \8\ Section 314(c) of the Act provides that: ``Compliance with the provisions of this title requiring or allowing financial institutions and any association of financial institutions to disclose or share information regarding individuals, entities, and organizations engaged in or suspected of engaging in terrorist acts or money laundering activities shall not constitute a violation of the provisions of title V of the Gramm-Leach-Bliley Act (Public Law 106-102).'' --------------------------------------------------------------------------- The Secretary has determined that the records required to be kept by Section 326 of the Act have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, to protect against international terrorism. B. Codification of the Joint Proposed Rule The substantive requirements of the joint proposed will be codified with other Bank Secrecy Act regulations as part of Treasury's regulations in 31 CFR part 103. To minimize potential confusion by affected entities regarding the scope of the joint proposed rule, the Commission is also proposing to add a provision in its own regulations in 17 CFR part 270 that will cross-reference the regulations in 31 CFR part 103. Although no specific text is being proposed at this time, the cross-reference will be included in a final rule published by the Commission concurrently with the joint final rule issued by Treasury and the Commission implementing section 326 of the Act. II. Section-by-Section Analysis A. Section 103.131(a) Definitions (1) Account. The proposed rule's definition of ``account'' is intended to include all types of securities accounts maintained by mutual funds. This includes each account at a mutual fund. (2) Commission means the United States Securities and Exchange Commission. (3) Customer. The proposed rule defines ``customer'' as any shareholder [[Page 48320]] of record who opens a new account with a mutual fund and any person granted authority to effect transactions in the shareholder of record's account with a mutual fund. Under this definition, a shareholder of record prior to the effective date of the regulation would not be a ``customer.'' However, such a person becomes a ``customer'' if the person becomes a shareholder of record or is granted trading authorization in a different account after the effective date. Moreover, a person becomes a ``customer'' each time they open a different type of account. For example, after the effective date, if a person opens a taxable account and subsequently opens an IRA account, the person is a ``customer'' subject to the requirements of this rule on both occasions.\9\ However, a shareholder who exchanges shares of one fund for shares of another fund within the same account (or initiates any other transaction that does not involve the opening of a separate account) does not become a ``customer'' for the purpose of this rule. --------------------------------------------------------------------------- \9\ As discussed infra, this does not necessarily mean that a customer whose identity has been verified by a mutual fund must always have their identity verified every time they subsequently becomes a customer with respect to a different account. --------------------------------------------------------------------------- A person with trading authority prior to the effective date of the regulation is not a ``customer.'' However, any person granted trading authority after the effective date is a customer. This is true even if the person is granted authority with respect to an account that existed prior to the effective date or the person had been granted authority for another account prior to the effective date. The requirements of Section 326 apply to any person who opens a new account or is granted trading authority for an account, but do not apply to persons seeking information about a mutual fund such as a request for a prospectus or profile. In addition, transfers of accounts from one mutual fund to another that are not initiated by the customer (e.g., as a result of a merger, acquisition, or purchase of assets) fall outside of the scope of Section 326, and are not covered by the proposed regulation.\10\ --------------------------------------------------------------------------- \10\ However, there may be situations involving the transfer of accounts where it would be appropriate for a mutual fund to verify the identity of customers associated with the accounts acquired by the mutual fund. Therefore, Treasury and the Commission expect procedures for transfers of accounts to be part of a mutual fund's overall anti-money laundering program required under section 352 of the Act. --------------------------------------------------------------------------- (4) Mutual Fund means an entity that is required to register with the Commission as an ``investment company'' (as the term is defined in Section 3 of the 1940 Act) and that is an ``open-end company'' (as that term is defined in Section 5 of the 1940 Act). (5) Person. The proposed regulation defines ``person'' as having the same meaning as that term is defined in section 103.11(z). Thus, the term includes natural persons, corporations, partnerships, trusts or estates, joint stock companies, associations, syndicates, joint ventures, any unincorporated organizations or groups, Indian Tribes, and all entities cognizable as legal entities. (6) Taxpayer identification number. The proposed rule defines ``taxpayer identification number'' to have the same meaning as determined under the provisions of section 6109 of the Internal Revenue Code and the regulations of the Internal Revenue Service thereunder. (7) U.S. person. The proposed rule defines ``U.S. person'' as a U.S. citizen or, for persons other than natural persons, an entity established or organized under the laws of a State or the United States.\11\ A non-U.S. person is a person who does not satisfy these criteria. --------------------------------------------------------------------------- \11\ The terms ``State'' and ``United States'' are defined at 31 CFR 103.11. --------------------------------------------------------------------------- B. Section 103.131(b) Customer Identification Program Section 326 requires the Secretary and the Commission to prescribe regulations requiring mutual funds to adopt and implement ``reasonable procedures'' for: verifying the identity of customers ``to the extent reasonable and practicable;'' maintaining records associated with such verification; and consulting lists of known terrorists. Paragraph (b) of the proposed rule sets forth the requirement that mutual funds must develop and operate a customer identification program (``CIP'') and sets forth relevant factors for the design of CIP procedures.\12\ The degree to which a CIP is effective will be a function of a mutual fund's assessment of these factors and the nature of its response to them (as manifested in the CIP's procedures and guidelines). In addition, as Section 326 and the proposed rule provide, the reasonableness of the CIP also will be a function of what is practicable for the mutual fund. --------------------------------------------------------------------------- \12\ An interim rule issued by Treasury pursuant to Section 352 of the Act requires all mutual funds to establish anti-money laundering programs that, at a minimum, include (1) The development of internal policies, procedures, and controls; (2) the designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. 67 FR 21117 (April 29, 2002). The proposed rule requires that the CIP be incorporated into a mutual fund's program established under Section 352. At the same time that it issued the interim rule under Section 352 of the Act, Treasury delegated to the Commission authority to examine mutual funds for compliance with Bank Secrecy Act regulations. --------------------------------------------------------------------------- In developing and updating CIPs, mutual funds should consider the type of identifying information available for customers and the methods available to verify that information. While certain minimum identifying information is required in paragraph (c) of this proposed rule and certain suitable verification methods are described in paragraph (d), mutual funds should consider on an on-going basis whether other information or methods are appropriate, particularly as they become available in the future. Mutual funds must also base their CIPs on the risks associated with their business operations. Some relevant risk factors to be considered are set forth in paragraph (b) and discussed below in general terms.\13\ --------------------------------------------------------------------------- \13\ This discussion of risk factors is not intended to be comprehensive or exhaustive. --------------------------------------------------------------------------- The first risk factor to consider is the mutual fund's size. For example, a large mutual fund that opens a substantial number of accounts on any given day will have different risks than one that opens a much smaller number of new accounts. The second risk factor is the method by which customers open accounts at the mutual fund. Accounts opened exclusively on-line present different, and perhaps greater, risks than those opened in- person on the firm's premises. The third risk factor is the type of accounts offered by the mutual fund. Mutual funds should assess whether there are different risks (and degrees of risk) associated with the various types of accounts they provide to customers (e.g., taxable, IRA, 401(k) and 403(b) accounts). The fourth risk factor is the customer base. Mutual funds should assess the risks associated with different types of customers. For example, a mutual fund should examine whether it is opening accounts for customers located in countries the Secretary determines to be of ``primary money laundering concern'' pursuant to Section 311 of the Act. Verification procedures should account for the concerns raised by such customers. In addition, certain types of customers may pose greater risks (e.g., individuals and certain types of business entities, such as closely held corporations, may pose a greater risk than institutional shareholders). Because mutual funds typically conduct their operations through separate entities, which may or may not be affiliated, some elements of the CIP [[Page 48321]] will best be performed by personnel of these separate entities. It is permissible for a mutual fund to contractually delegate the implementation and operation of its CIP to another affiliated or unaffiliated service provider, such as a transfer agent. However, the mutual fund remains responsible for assuring compliance with this rule. Accordingly, the mutual fund must actively monitor the operation of its CIP program and assess its effectiveness. A mutual fund's CIP does not have to include verification of individuals' identities whose transactions are conducted through an omnibus account. Typically, a fund has little or no identifying information for the individual customers represented in an omnibus account. For example, when fund shares are sold through a broker- dealer, the shareholders' accounts are opened at the broker-dealer. The broker-dealer obtains the identifying information about the customers. This rule does not require that a mutual fund obtain any additional information regarding the identities of individual shareholders who open their accounts through an omnibus accountholder. Of course, the omnibus account holder is itself a customer for purposes of this rule.\14\ --------------------------------------------------------------------------- \14\ This treatment of omnibus accounts is consistent with the legislative history of the Act which includes the following: [W]here a mutual fund sells its shares to the public through a broker-dealer and maintains a ``street name'' or omnibus account in the broker- dealer's name, the individual purchasers of the fund shares are customers of the broker-dealer, rather than the mutual fund. The mutual fund would not be required to ``look through'' the broker- dealer to identify and verify the identities of those customers. Similarly, where a mutual fund sells its shares to a qualified retirement plan, the plan, and not its participants, would be the fund's customers. Thus, the fund would not be required to ``look through'' the plan to identify its participants. H.R. Rep. 107-250, pt. 1, at 62(2001). --------------------------------------------------------------------------- Finally, paragraph (b) requires that the identity verification procedures must enable the mutual fund to form a reasonable belief that it knows the true identity of the customer. This provision makes clear that, while there is flexibility in establishing these procedures, the mutual fund is responsible for exercising reasonable efforts to ascertain the identity of each customer. C. Section 103.131(c) Required Information Paragraph (c) of the proposed regulation provides that a mutual fund's CIP must require customers to provide, at a minimum, certain identifying information before an account is opened for the customer or the customer is granted trading authority over an account. Specifically, the mutual fund must obtain each customer's: (1) Name, (2) date of birth, if applicable, (3) addresses,\15\ and (4) identification number.\16\ --------------------------------------------------------------------------- \15\ With respect to addresses, each customer must provide a mailing address and, if different, the address of the customer's residence (if a natural person) or principal place of business (if not a natural person). \16\ If the customer is a U.S. person, he must provide a U.S. taxpayer identification number (e.g., social security number or employer identification number). If the customer is a non-U.S. person, he must provide a U.S. taxpayer identification number, an alien identification card number, or the number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. The term ``similar safeguard'' is included to permit the use of any biometric identifiers (e.g., fingerprints) that may be used in addition to, or instead of, photographs. --------------------------------------------------------------------------- The rule only specifies the minimum identifying information that must be obtained from each customer. Mutual funds, in assessing the risk factors in paragraph (b), should determine whether obtaining other identifying information is necessary to form a reasonable belief as to the true identity of each customer. There may be circumstances when a mutual fund should obtain additional identifying information. The CIP should set forth guidelines regarding what those circumstances are and what additional information should be obtained in such circumstances. Treasury and the Commission recognize that a new business may need to open a mutual fund account before it has received an employer identification number (``EIN'') from the Internal Revenue Service. For this reason, the proposed regulation contains a limited exception to the requirement that an EIN be provided prior to establishing an account. Accordingly, in the case of person other than an individual (such as a corporation, partnership or trust) that has applied for, but has not received, an EIN, the EIN may be provided within a reasonable period of time after an account is established, provided that a copy of the EIN application is submitted to the mutual fund prior to the time the account is established. Currently, the IRS indicates that the issuance of an EIN can take up to five weeks. This length of time, coupled with when the entity applied for the EIN, should be considered by the mutual fund in determining the reasonable period of time within which the entity should provide its EIN to the mutual fund. D. Section 103.131(d) Required Verification Procedures After obtaining identifying information from a customer, the mutual fund must take steps to verify some, or all, of that information in order to form a reasonable belief that it knows the true identity of the customer. Accordingly, paragraph (d) of the proposed rule requires a mutual fund's CIP to have procedures for verifying identifying information provided by the customer. The mutual fund need not verify each piece of identifying information obtained pursuant to paragraph (c), if it is able to form a reasonable belief that it knows the customer's identity after verifying only certain of the information. Paragraph (d) further requires that the verification procedures must be undertaken within a reasonable time before or after a customer's account is opened or a customer is granted authority to effect transactions with respect to an account. This flexibility must be exercised in a reasonable manner, given that verifications too far in advance may become stale and verifications too long after the fact may provide opportunities to launder money while verification is pending. The amount of time it will take a mutual fund to verify the identity of a customer may depend on the type of account opened, whether the customer opens the account in-person, and on the type of identifying information available. In addition, provided that the appropriate disclosure is made, a mutual fund may choose to place limits on the account, such as temporarily limiting additional purchases in an account until the customer's identity is verified. Therefore, the proposed rule provides mutual funds with the flexibility to use a risk-based approach to determine when the identity of a customer must be verified relative to the opening of an account or granting of trading authority. A person becomes a customer each time they open a new account with a mutual fund. Therefore, upon the opening of each account, the verification requirements of this rule would apply. However, if a customer whose identification has been verified previously opens a new account, the mutual fund would not need to verify the customer's identity a second time, provided that the mutual fund continued to have a reasonable belief that it knew the true identity of the customer based on the previous verification. The rule provides for two methods of verifying identifying information: verification through documents and/or verification through non-documentary means. For natural persons, suitable documents for verification include unexpired government-issued identification documents evidencing nationality or residence and bearing a [[Page 48322]] photograph or similar safeguard. For non-natural persons, suitable documents must evidence the existence of the entity, such as registered articles of incorporation, a government-issued business license, a partnership agreement, or a trust instrument. The proposed rule requires a mutual fund's CIP to address both methods of verification. Depending on the type of customer and the method of opening an account, it may be more appropriate to use either documents or non-documentary methods. In some cases, it may be appropriate to use both methods. The CIP should set forth guidelines describing when documents, non-documentary methods, or a combination of both will be used. These guidelines should be based on the mutual fund's assessment of the factors described in paragraph (b) of the proposed rule. The risk a mutual fund will not know a customer's true identity will be heightened for certain types of accounts, such as accounts opened in the name of a corporation, partnership, or trust that is created, or conducts substantial business, in jurisdictions designated as primary money laundering concerns or designated as non-cooperative by an international body. Obtaining sufficient information to verify a given customer's identity can reduce the risk a mutual fund will be used as a conduit for money laundering and terrorist financing. A mutual fund's identity verification procedures must be based on its assessments of the factors in paragraph (b). Accordingly, when those assessments suggest a heightened risk, the mutual fund should utilize additional verification measures. 1. Verification Through Documents Paragraph (d)(1) provides that the CIP must describe when a mutual fund will verify identity through documents and set forth the documents that will be used for this purpose. The rule also lists certain documents that are suitable for verification. For example, documentary verification could include obtaining a driver's license or passport from a natural person or articles of incorporation from a company. 2. Verification Through Non-documentary Methods Paragraph (d)(2) provides that the CIP must describe non- documentary verification methods and when such methods will be employed in addition to, or instead of, verification through documents. The rule allows for the exclusive use of non-documentary methods because some accounts are opened by telephone, mail, or over the Internet. However, even if the customer presents identification documents, it may be appropriate to use non-documentary methods as well. Ultimately, the mutual fund is responsible for employing sufficient verification methods to be able to form a reasonable belief that it knows the true identity of the customer. The proposed rule sets forth certain non-documentary methods that would be suitable for verifying identity. These methods include contacting a customer after the account is opened; obtaining a financial statement; comparing the identifying information provided by the customer against fraud and bad check databases to determine whether any of the information is associated with known incidents of fraudulent behavior; comparing the identifying information with information available from a trusted third-party source, such as a credit report from a consumer reporting agency; and checking references with other financial institutions. The mutual fund also may wish to analyze whether there is logical consistency between the identifying information provided, such as the customer's name, street address, ZIP code, telephone number (if provided), date of birth, and social security number. Paragraph (d)(2) also provides that the CIP must require the use of non-documentary methods in certain cases; specifically, when a natural person is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard and when the mutual fund is presented with unfamiliar documents to verify the identity of a customer, does not obtain documents to verify the identity of a customer, does not meet face-to-face a customer who is a natural person, or is otherwise presented with circumstances that increase the risk the mutual fund will be unable to verify the true identity of a customer through documents. Treasury and the Commission recognize that identification documents, including those issued by a government entity, may be obtained illegally and may be fraudulent. In light of the recent increase in identity fraud, mutual funds are encouraged to use non- documentary methods, even when a customer has provided identification documents. E. Section 103.131(e) Government Lists The proposed rule requires that a mutual fund's CIP must include reasonable procedures for determining whether a customer's name appears on any list of known or suspected terrorists or terrorist organizations prepared by any federal government agency and made available to the mutual fund. This requirement applies only with respect to lists circulated, directly provided, or otherwise made available by the Federal government. In addition, the proposed rule states that mutual funds must follow all Federal directives issued in connection with such lists. A mutual fund must have procedures for responding to circumstances when a customer is named on such a list. F. Section 103.131(f) Customer Notice Section 326 provides that financial institutions must give their customers notice of their identity verification procedures. Therefore, a mutual fund's CIP must include procedures for providing customers with adequate notice that the mutual fund is requesting information to verify their identities. A mutual fund may satisfy the notice requirement by generally notifying its customers about the procedures the fund must comply with to verify their identities. If an account is opened electronically, such as through an Internet website, the mutual fund may provide notice electronically. However, notice must be provided to the customer before the account is opened or trading authority is granted. G. Section 103.131(g) Lack of Verification Paragraph (g) of the proposed rule states that a mutual fund's CIP must include procedures for responding to circumstances in which it cannot form a reasonable belief that it knows the true identity of a customer. A mutual fund's CIP should specify the actions to be taken when it cannot form a reasonable belief that it knows the customer's true identity, which could include closing the account or placing limitations on additional purchases. There also should be guidelines for when an account will not be opened (e.g., when the required information is not provided). In addition, the CIP should address the terms under which a customer may conduct transactions while the customer's identity is being verified. Mutual funds are also encouraged, but not required at this time, to adopt procedures for voluntarily filing Suspicious Activity Reports with FinCEN and for reporting suspected terrorist activities to FinCEN using its Financial Institutions Hotline (866-566-3974). H. Section 103.131(h) Recordkeeping Section 326 of the Act requires procedures for maintaining records of the information used to verify a person's identity, including name, address, and other identifying information. Paragraph [[Page 48323]] (h) of the proposed rule sets forth recordkeeping procedures that must be included in a mutual fund's CIP. These procedures must provide for the maintenance of all information obtained pursuant to the CIP. Information that must be maintained includes all identifying information provided by a customer pursuant to paragraph (c). Thus, the mutual fund must make a record of each customer's name, date of birth (if applicable), addresses, and identification numbers provided. Mutual funds also must maintain copies of any documents that were relied on pursuant to paragraph (d)(1) evidencing the type of document and any identification number it may contain. For example, if a customer produces a driver's license, the mutual fund must make a copy of the driver's license that clearly indicates it is a driver's license and legibly depicts any identification number on the license. Mutual funds also must make and maintain records of the methods and results of measures undertaken to verify the identity of a customer pursuant to paragraph (d)(2). For example, if a mutual fund obtains a report from a credit bureau concerning a customer, the report must be maintained. Mutual funds also must make and maintain records of the resolution of any discrepancy in the identifying information obtained. To continue with the previous example, if the customer provides a residence address that is different than the address shown on the credit report, the mutual fund must document how it resolves this discrepancy or, if the discrepancy is not resolved, how it forms a reasonable belief that the mutual fund knows the true identity of the customer, notwithstanding the discrepancy. The mutual fund must retain all of these records for five years after the date the account is closed. Nothing in this proposed regulation modifies, limits or supersedes Section 101 of the Electronic Records in Global and National Commerce Act, Public Law 106-229, 114 Stat. 464 (15 U.S.C. 7001) (``E-Sign Act''). Thus, a mutual fund may use electronic records to satisfy the requirements of this regulation in accordance with previously issued Commission guidance.\17\ --------------------------------------------------------------------------- \17\ See Investment Company Act Release No. 24991 (May 24, 2001) [66 FR 29224 (May 30, 2001)]. --------------------------------------------------------------------------- Treasury and the Commission emphasize that the collection and retention of information about a customer, as an ancillary part of collecting identifying information, do not relieve a mutual fund from its obligations to comply with anti-discrimination laws or regulations. I. Section 103.131(i) Approval of Program Paragraph (i) of the proposed rule requires that the mutual fund's CIP be approved by its board of directors or trustees. The board should periodically assess the effectiveness of its CIP and should receive periodic reports regarding the CIP from the person or persons responsible for monitoring the fund's anti-money laundering program pursuant to 31 CFR 103.130(c)(3). J. Section 103.131(j) Exemptions Section 326 states that the Secretary and the Federal functional regulator jointly issuing the rule may by order or regulation exempt any financial institution or type of account from this regulation in accordance with such standards and procedures as the Secretary may prescribe. The proposed rule provides that the Commission, with the concurrence of the Secretary, may exempt any mutual fund or type of account from the requirements of this section. The Commission and the Secretary shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act, and in the public interest, and may consider other necessary and appropriate factors. III. Request for Comments Treasury and the Commission invite comment on all aspects of the proposed regulation, and specifically seek comment on the following issues: 1. Whether the proposed definition of ``account'' is appropriate and whether other examples of accounts should be added to the regulatory text. 2. How mutual funds can comply with the requirement to obtain both the address of a person's residence, and, if different, the person's mailing address in situations involving natural persons who lack a permanent address. 3. Whether non-U.S. persons that are not natural persons will be able to provide a mutual fund with the identifying information required in Sec. 103.131(c)(4), or whether other categories of identifying information should be added to this section. Commenters on this issue should suggest other means of identification that mutual funds currently use or could use in this circumstance that would allow a mutual fund to form a reasonable belief that it knew the true identity of the entity. 4. The extent to which the verification procedures required by the proposed regulation will use information that mutual funds currently obtain in the account opening process. We note that the legislative history of Section 326 indicates that Congress intended ``the verification procedures prescribed by Treasury [to] make use of information currently obtained by most financial institutions in the account opening process.'' See H.R. Rep. No. 107-250, pt. 1, at 63 (2001). IV. The Commission's Analysis of the Costs and Benefits Associated With the Proposed Rule The Commission is considering the costs and benefits associated with the proposal and requesting comment on all aspects of this cost- benefit analysis, including identification and assessment of any other costs and benefits not discussed in the analysis. Commenters are encouraged to identify, discuss, analyze, and supply relevant data concerning the costs and benefits of the proposed rule's implementation of Section 326 requirements. Section 326 of the Act requires Treasury and the Commission to prescribe regulations setting forth minimum standards for mutual funds regarding the identities of customers that shall apply in connection with the opening of an account. The statute also provides that the regulations issued by Treasury and the Commission must, at a minimum, require financial institutions to implement reasonable procedures for: (1) Verification of customers' identities; (2) determination of whether a customer appears on a government list; and (3) maintenance of records related to customer verification. The Commission believes that the requirements in the proposed rule are reasonable and practicable. Accordingly, the costs to mutual funds to (1) establish a CIP; (2) obtain certain identifying information from customers; (3) verify identifying information of customers; (4) check customers against lists provided by federal agencies, (5) provide notice to customers that information may be requested in the process of verifying their identities; and (6) make and maintain records related to the CIP are attributable to the statute. While the Commission believes the costs are attributable to the statute, it nonetheless has undertaken an analysis of the costs and benefits of the requirements. The Commission seeks comment on whether the costs are attributable to the statute. The Commission also seeks comment on whether the proposed rule, by setting forth minimum requirements, creates a benefit or, conversely, imposes costs because mutual funds will not have to establish their own minimum requirements as required by the statute. [[Page 48324]] A. Benefits Associated With the Proposed Rule The anti-money laundering provisions in the Act are intended to prevent, detect and prosecute money laundering and the financing of terrorism. The proposed rule is an important part of this effort. It requires mutual funds to establish a program for verifying the true identities of their customers, thereby reducing the risk that mutual funds will be unwittingly aiding criminals, including terrorists, in accessing U.S. financial markets to launder money or move funds for illicit purposes. Additionally, the implementation of such programs should make it more difficult for persons to successfully engage in fraudulent activities involving identity theft or the placing of fictitious orders to buy or sell securities. It is virtually impossible to quantify in monetary terms those benefits. B. Costs Associated With the Proposed Rule Section 326 of the Act and the proposed rule allows for great flexibility in developing CIPs. Given the considerable differences among mutual funds regarding their distribution channels, customers, and exposure to other relevant risk factors, it is difficult to quantify a cost per mutual fund. Most mutual funds already have some procedures in place for detecting fraud in the account opening process by looking for inconsistencies in the information provided by customers and/or checking customer names against certain databases. In those instances, the Section 326 requirements supplement those procedures. Section 326 requirements will impose initial, one-time costs and ongoing costs on mutual funds. The costs associated with establishment of CIPs and modification of account applications (both paper and web- based applications) to require that customers provide the information required by the CIP and to provide the required notice regarding use of that information will primarily be initial, one-time costs. Ongoing costs for mutual funds will be associated with the need to: (1) Collect the information required by the CIPs, (2) verify customers' identities, (3) determine whether customers appear on lists provided by federal agencies, and (4) make and maintain records related to CIPs. These ongoing costs will primarily be a function of the number of new accounts opened at a mutual fund. From January 1, 1990 through December 31, 2001, approximately 16 million mutual fund accounts were added annually.\18\ --------------------------------------------------------------------------- \18\ This estimate is derived from information reported in the Investment Company Institute's 2002 Mutual Fund Fact Book. It represents the net annual increase in the number of mutual fund accounts. The actual number of new accounts that were opened during this period is probably higher as this estimate is reduced by the number of accounts that were closed during the same period. No data are available regarding the number of accounts that were closed. --------------------------------------------------------------------------- 1. Establishment of a CIP There are approximately 3,060 mutual fund companies that are registered with the Commission (``mutual fund registrants'').\19\ For estimating the total costs associated with Section 326 requirements, the Commission assumes that each mutual fund registrant will be responsible for establishing a CIP.\20\ --------------------------------------------------------------------------- \19\ This estimate is based on figures compiled by the Commission staff from Commission filings. \20\ Using the number of mutual fund registrants to estimate the total costs associated with development of CIPs may result in a high estimate of those costs. A mutual fund complex (or mutual fund family) often comprises several mutual fund registrants. The Commission assumes that, in many instances, a single CIP will be developed by a mutual fund complex and utilized by all of the mutual fund registrants in that complex. --------------------------------------------------------------------------- The Commission staff believes that it will take mutual funds on average approximately 50 hours to establish a CIP. The Commission staff believes that the hourly personnel cost and overhead associated with development of CIPs will be approximately $125. Therefore, the estimated total cost per mutual fund to establish a CIP will be approximately $6,250. Consequently, the estimated initial cost for the 3,060 mutual fund registrants will be approximately $19,125,000. The actual development costs associated with a single CIP may be higher than the $6,250 estimate. For mutual fund registrants that delegate implementation of their CIP to unaffiliated service providers, the burden per mutual fund registrant may be less because those service providers will likely use the same or similar software and systems for several different registrants. Similarly, the cost per registrant on registrants that utilize a CIP developed by their fund complex may be less. Consequently, the Commission believes this is a reasonable estimate of the cost per mutual fund registrant of developing and implementing the requisite CIPs. 2. Obtaining Identifying Information Generally, mutual funds currently only require a name and mailing address from a customer in order to open an account. While most mutual funds request a social security number, they generally will open an account if the customer does not provide one. Most funds currently do not require that customers provide a residential address (if different from the mailing address) or a date of birth. Collecting identifying information for the majority of new accounts should create no additional burden on mutual funds. Most of the burden associated with this requirement will be associated with those account applications where the customer did not provide some of the required information, thus requiring follow-up by the mutual fund. Mutual funds can minimize this burden with clear disclosure on account applications that an account cannot be opened without the requisite information. The Commission staff believes that the average time spent collecting the requisite information will be one minute per account and that the hourly personnel and overhead cost associated with these requirements will be $25 per hour. Therefore, the estimated cost to the industry from this requirement is: (16 million new accounts per year * \1/60\ of an hour * $25). Thus, the estimated annual, industry-wide cost will be approximately $6,666,667. 3. Providing Notice to Customers A mutual fund may satisfy the notice requirement by generally notifying its customers about the procedures the mutual fund must comply with to verify their identities. If an account is opened electronically, such as through an Internet website, the mutual fund may provide notice electronically. The Commission expects that mutual funds will provide the required notice to customers by modifying their paper and electronic account applications. The Commission staff believes that it will take mutual funds on average approximately two hours to modify account applications to provide the adequate notice. The Commission staff estimates that the hourly personnel cost and overhead associated with this modification will be approximately $125. Therefore, the estimated total cost per mutual fund to modify its account applications will be approximately $250. Consequently, the estimated initial cost associated with modifying account applications to provide the requisite notice to customers for the 3,060 mutual fund registrants will be approximately $765,000. 4. Verifying Customers' Identities The proposed rule provides mutual funds with substantial flexibility in establishing how they will independently verify the information provided by customers. For example, customers that open accounts on a [[Page 48325]] mutual fund's premises can simply provide a driver's license or passport, or if the customer is not a natural person, it can provide a copy of any documents showing its existence as a legal entity (e.g., articles of incorporation, business licenses, partnership agreements or trust instruments). There are also a number of options for customers that open accounts via the telephone or Internet. In these cases, mutual funds may obtain a financial statement from the customer, check the customer's name against a credit bureau or database, or check the customer's references with other financial institutions. The documentary and non-documentary verification methods set forth in the rule are not meant to be an exclusive list of the appropriate means of verification. Other reasonable methods may be available now or in the future. The purpose of making the rule flexible is to allow mutual funds to select verification methods that are, as section 326 requires, reasonable and practicable. The proposed rule allows mutual funds to employ such verification methods as would be suitable to a given firm to form a reasonable belief that it knows the true identities of its customers. The Commission believes that verifying the identifying information could result in costs for mutual funds because some firms currently may not use verification methods. The estimated total annual cost to the industry to verify the identifying information will be $49,333,333.\21\ --------------------------------------------------------------------------- \21\ The Commission staff believes that the processing costs associated with verification methods will be approximately $1.00 per account. The Commission staff further estimates that the average time spent verifying an account will be five minutes. The hourly cost of the person who would undertake the verification is estimated to be $25 per hour including overhead. Therefore, the estimated costs to the industry reported above are: (16 million new accounts per year) * ($1.00) + (number of new accounts per year) * (\1/12\ of an hour) * ($25). --------------------------------------------------------------------------- 5. Determining Whether Customers Appear on Government Lists Mutual funds should already have procedures for checking customers against government lists. There are substantive legal requirements associated with the lists circulated by Treasury's Office of Foreign Asset Control of the U.S. Treasury (OFAC). The failure of a firm to comply with these requirements could result in criminal and civil penalties. The Commission believes that, given the events of September 11, 2001, most mutual funds that receive lists from the federal government have implemented procedures for checking their customers against them. The Commission believes that this requirement could result in some additional costs for mutual funds because some may not already check such lists. The estimated annual cost to the industry to check such lists is $3,333,333.\22\ --------------------------------------------------------------------------- \22\ The Commission staff believes that it will take mutual funds on average thirty seconds to check whether a customer appears on a government list and that the cost (including overhead) of this process will be $25 per hour. Therefore, the costs to the industry reported above are: (16 million new accounts per year) * (\1/120\ of an hour) * ($25). --------------------------------------------------------------------------- 6. Recordkeeping The Commission believes that the recordkeeping requirement could result in additional costs for some mutual funds that currently do not maintain certain of the records for the prescribed time period. The estimated total annual cost to the industry to make and maintain the required records is $13,333,333.\23\ --------------------------------------------------------------------------- \23\ The Commission staff believes that it will take approximately two minutes per new account to make and maintain the required records. This estimate takes into account the fact that, for many new accounts, the recordkeeping will be fairly simple (e.g., making a photocopy of a driver's license or financial statement, or keeping a record of the results of a public database search or credit bureau query. The estimated cost associated with the recordkeeping is $25 per hour (including overhead). The estimated cost to the industry is: (16 million new accounts per year) * (\1/30\ of an hour) * ($25). --------------------------------------------------------------------------- V. Paperwork Reduction Act Certain provisions of the proposed rule contain ``collection of information'' requirements within the meaning of the Paperwork Reduction Act of 1995.\24\ Treasury has submitted the proposed rule to the Office of Management and Budget (``OMB'') for review in accordance with 44 U.S.C 3507(d). An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid control number. --------------------------------------------------------------------------- \24\ 44 U.S.C. 3501 et seq. --------------------------------------------------------------------------- A. Collection of Information Under the Proposed Rule The proposed rule contains recordkeeping and disclosure requirements that are subject to the Paperwork Reduction Act of 1995. In summary, the proposed rule requires mutual funds to (1) maintain records of the information used to verify customers' identities and (2) provide notice to customers that information they supply may be used to verify their identities. These recordkeeping and disclosure requirements are required under Section 326 of the Act. B. Proposed Use of the Information Section 326 of the Act requires Treasury and the Commission jointly to issue a regulation setting forth minimum standards for mutual funds to verify the identities of their customers. Furthermore, Section 326 provides that the regulations must require, at a minimum, mutual funds to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. The purpose of Section 326, and the proposed rule, is to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. In issuing the proposed rule, Treasury and the Commission are seeking to fulfill their statutorily mandated responsibilities under Section 326 and to achieve its important purpose. C. Respondents If adopted, the proposed rule would apply to approximately 3,060 mutual fund companies that are registered with the Commission.\25\ --------------------------------------------------------------------------- \25\ This estimate is based on figures compiled by the Commission staff from Commission filings. --------------------------------------------------------------------------- D. Total Annual Reporting and Recordkeeping Burden 1. Recordkeeping The requirement to make and maintain records related to the CIP will be an ongoing burden. The total burden will depend on the number of new accounts added each year. From January 1, 1990 through December 31, 2001, approximately 16 million mutual fund accounts were added annually.\26\ The Commission estimates that mutual funds, on average, will spend two minutes per account making and maintaining the required records. Therefore, in complying with this requirement, the Commission estimates an annual, industry-wide burden of [[Page 48326]] 533,333 hours will be associated with the record-keeping requirements of the proposed rule. --------------------------------------------------------------------------- \26\ This estimate is derived from information reported in the Investment Company Institue's 2002 Mutual Fund Fact Book. It represents the net annual increase in the number of mutual fund accounts. The actual number of new accounts that were opened during this period is probably higher as this estimate is reduced by the number of accounts that were closed during the same period. No data available regarding the number of accounts that were closed. --------------------------------------------------------------------------- 2. Notice to Customers The requirement for mutual funds to provide the required notice to customers regarding use of customers' information will necessitate the amendment of mutual funds' account applications, both paper and web- based applications. The Commission estimates that the approximately 3,060 mutual fund registrants will each spend approximately two hours modifying their account applications to satisfy the notice requirement. Thus, the Commission estimates an initial, industry-wide burden of 6,120 hours to modify fund applications. E. Collection of Information Is Mandatory This collection of information is mandatory. F. Confidentiality The collection of information pursuant to the proposed rule would be provided by customers and other sources to mutual funds and maintained by mutual funds. In addition, the information may be used by federal regulators, self-regulatory organizations, and authorities in the course of examinations, investigations, and judicial proceedings. No governmental agency regularly would receive any of the information described above. G. Record Retention Period The proposed rule will require that the records with respect to a given customer be retained until five years after the date the account of a customer is closed or the grant of authority to effect transactions with respect to an account is revoked. H. Request for Comment Pursuant to 44 U.S.C. 3506(c)(2)(B), Treasury and the Commission solicit comments to: (1) Evaluate whether the proposed collection of information is necessary, and whether it would have practical utility; (2) Evaluate the accuracy of the Commission's estimate of the burden of the proposed collection of information; (3) Enhance the quality, utility, and clarity of the information to be collected; and (4) Minimize the burden of the collection of information on those required to respond, including through the use of automated collection techniques or other forms on information technology. Comments concerning the recordkeeping and disclosure requirements in the proposed rule should be sent (preferably by fax (202-395-6974)) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Paperwork Reduction Project (1506), Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy to FinCEN by mail or the Internet at the addresses previously specified. VI. Regulatory Flexibility Act Treasury and the Commission are sensitive to the impact our rules may impose on small entities. Congress enacted the Regulatory Flexibility Act, 5 U.S.C. 601 et seq. (RFA), to address concerns related to the effects of agency rules on small entities. In this case, we believe that the proposed rule likely would not have a ``significant economic impact on a substantial number of small entities.'' 5 U.S.C. 605(b). As discussed in Section IV (The Commission's Analysis of the Costs and Benefits of the Section 326 Requirements), we believe that the impact on mutual funds, including small entities, is imposed by the statute itself, and not by the proposed rule. Moreover, the economic impact on small entities should not be significant because we believe that most small entities are likely to have a relatively small number of accounts, and thus compliance should not impose a significant economic impact. Treasury and the Commission seek comment on whether the proposed rule would have a significant economic impact on a substantial number of small entities and whether the costs are imposed by the statute itself, and not the proposed rule. While we believe that the proposed rule likely would not have a significant economic impact on a substantial number of small entities, we do not have complete data at this time to make this determination. We have therefore prepared this Initial Regulatory Flexibility Analysis in accordance with 5 U.S.C. 603. A. Reason for the Proposed Action Section 326 of the Act requires Treasury and the Commission jointly to issue a regulation setting forth minimum standards for mutual funds and their customers regarding the identity of the customer that shall apply in connection with opening of an account at the mutual fund. Furthermore, Section 326 provides that the regulations must require, at a minimum, mutual funds to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. The purpose of Section 326, and this proposed rule, is to prevent, detect and prosecute money laundering and the financing of terrorism. In issuing the proposed rule, Treasury and the Commission are seeking to fulfill their statutorily mandated responsibilities under Section 326 and to achieve its important purpose. B. Objective The objective of the proposed regulation is to make it easier to prevent, detect and prosecute money laundering and the financing of terrorism. The rule seeks to achieve this goal by requiring mutual funds to obtain identifying information from customers that can be used to verify the identity of the customers. This will make it more difficult for persons to use false identities to establish customer relationships with mutual funds for the purposes of laundering money or moving funds to effectuate illegal activities, such as financing terrorism. C. Legal Basis The proposed rule is being promulgated pursuant to Section 326 of the Act, which mandates that Treasury and the Commission issue a regulation setting forth minimum standards for financial institutions and their customers regarding the identity of the customer that shall apply in connection with opening of an account at the financial institution. D. Small Entities Subject to the Rule The proposed rule would affect mutual funds that are small entities. For purposes of the Regulatory Flexibility Act, the Commission has determined that an investment company is a small entity if it, together with other investment companies in the same group of related investment companies, has net assets of $50 million or less as of the end of its most recent fiscal year.\27\ Approximately 156 mutual funds meet this definition.\28\ --------------------------------------------------------------------------- \27\ 17 CFR 270.0-10. \28\ This estimate is based on figures compiled by the Commission staff from outside databases. --------------------------------------------------------------------------- [[Page 48327]] E. Reporting, Recordkeeping and Other Compliance Requirements Section 326 requires mutual funds to adopt reasonable procedures to: (1) Verify the identities of their customers; (2) check customers against lists provided by federal agencies, (3) provide notice to customers that information the customers provide may be used to verify customers' identities; and (4) make and maintain records related to the CIP. F. Duplicative, Overlapping or Conflicting Federal Rules We have not identified any federal rules that duplicate, overlap or conflict with the proposed rule. Congress has mandated that Treasury and the Commission issue a regulation that requires mutual funds to verify their customers' identities. This congressional directive cannot be followed absent the issuance of a new rule. G. Significant Alternatives If an agency does not certify that a rule will not have a significant economic impact on a substantial number of small entities, the Regulatory Flexibility Act directs Treasury and the Commission to consider significant alternatives that would accomplish the stated objective, while minimizing any adverse impact on small entities. In connection with the proposed amendments, we considered the following alternatives: (1) The establishment of differing compliance or reporting requirements or timetables that take into account the resources of small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rule for small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the proposed amendments, or any part thereof, for small entities. The proposed rule provides for substantial flexibility in how each mutual fund may meet its requirements. This flexibility is designed to account for differences between mutual funds, including size. Nonetheless, Treasury and the Commission did consider alternatives such as exempting certain small entities from some or all of the requirements of the proposed rule. Treasury and the Commission do not believe that such an exemption is appropriate, given the flexibility built into the rule to account for, among other things, the differing sizes and resources of mutual funds, as well as the importance of the statutory goals and mandate of section 326. Money laundering can occur in small firms as well as large firms. H. Solicitation of Comments Treasury and the Commission encourage the submission of comments with respect to any aspect of this Initial Regulatory Flexibility Analysis, including comments regarding the number of small entities that may be affected by the proposed rule. Such comments will be considered by Treasury and the Commission in determining whether a Final Regulatory Flexibility Analysis is required, and will be placed in the same public file as comments on the proposed amendment itself. Comments should be submitted to Treasury or the Commission at the addresses previously indicated. VII. Executive Order 12866 The Department of the Treasury has determined that this rule is not a significant regulatory action for purposes of Executive Order 12866. As noted above, the proposed rule closely parallels the requirements of section 326 of the Act. Accordingly, a regulatory impact analysis is not required. Lists of Subjects in 31 CFR Part 103 Administrative practice and procedure, Authority delegations (Government agencies), Banks, banking, Brokers, Currency, Foreign banking, Foreign currencies, Gambling, Investigations, Law enforcement, Penalties, Reporting and recordkeeping requirements, Securities. Authority and Issuance For the reasons set forth in the preamble, part 103 of title 31 of the Code of Federal Regulations is proposed to be amended as follows: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for part 103 is revised to read as follows: Authority: 12 U.S.C. 1786(q), 1818, 1829b and 1951-1959; 31 U.S.C. 5311-5332; title III, secs. 312, 313, 314, 319, 326, 352, Pub L. 107-56, 115 Stat. 307. 2. Subpart I of part 103 is amended by adding Sec. 103.131 to read as follows: Sec. 103.131 Customer identification programs for mutual funds. (a) Definitions. For the purposes of this section: (1) Account means any contractual or other business relationship between a customer and a mutual fund established to effect financial transactions in securities, including the purchase or sale of securities. (2) Commission means the United States Securities and Exchange Commission. (3) Customer means: (i) Any mutual fund shareholder of record who opens a new account with a mutual fund; and (ii) Any person authorized to effect transactions in the shareholder of record's account with a mutual fund. (4) Mutual Fund means an entity that is required to register with the Commission as an ``investment company'' (as the term is defined in Section 3 of the Investment Company Act of 1940 (15 U.S.C. 80a-3) (``Investment Company Act'')) and is an ``open-end company'' (as that term is defined in Section 5 of the Investment Company Act, 15 U.S.C. 80a-5). (5) Person has the same meaning as that term is defined in Sec. 103.11(z). (6) Taxpayer identification number. The provisions of Section 6109 of the Internal Revenue Code of 1986 (26 U.S.C. 6109) and the regulations of the Internal Revenue Service promulgated thereunder shall determine what constitutes a taxpayer identification number. (7) U.S. person means: (i) Any U.S. citizen; and (ii) Any corporation, partnership, trust, or person (other than a natural person) that is established or organized under the laws of a State or the United States. (8) Non-U.S. person means a person that is not a U.S. person. (b) Customer identification program. A mutual fund shall establish, document, and maintain a written Customer Identification Program (``CIP''). A mutual fund's CIP procedures must enable it to form a reasonable belief that it knows the true identity of the customer. A mutual fund's CIP must be a part of its anti-money laundering program required under 31 U.S.C. 5318(h). A mutual fund's CIP procedures shall be based on the type of identifying information available and on an assessment of relevant risk factors including: (1) The mutual fund's size; (2) The manner in which accounts are opened, fund shares are distributed, and purchases, sales and exchanges are effected; (3) The mutual fund's types of accounts; and (4) The mutual fund's customer base. (c) Required information. (1) General. Except as permitted by paragraph (c)(2) of this section, the CIP shall require the mutual fund to obtain specified identifying information about each [[Page 48328]] customer before an account is opened or a customer is granted authority to effect transactions with respect to an account. The specified information must include, at a minimum: (i) Name; (ii) Date of birth, for a natural person; (iii) Addresses: (A) Residence and mailing (if different) for a natural person; or (B) Principal place of business and mailing (if different) for a person other than a natural person; and (iv) Identification numbers: (A) A taxpayer identification number from each customer that is a U.S. person; or (B) A taxpayer identification number, passport number and country of issuance, alien identification card number, or number and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard from each customer that is not a U.S. person. (2) Limited exception. In the case of a person other than a natural person that has applied for, but has not received, an employer identification number, the CIP may allow such information to be provided within a reasonable period of time after the account is established, if the mutual fund obtains a copy of the application for the employer identification number prior to such time. (d) Required verification procedures. The CIP shall include procedures for verifying the identity of customers, to the extent reasonable and practicable, using information obtained pursuant to paragraph (c) of this section. Such verification must occur within a reasonable time before or after the customer's account is opened or the customer is granted authority to effect transactions with respect to an account: (1) Verification through documents. The CIP must describe when the mutual fund will verify customers' identities through documents and describe the documents that the mutual fund will use for this purpose. Suitable documents for verification may include: (i) For natural persons, unexpired government-issued identification evidencing nationality or residence and bearing a photograph or similar safeguard; and (ii) For persons other than natural persons, documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, partnership agreement, or trust instrument. (2) Verification through non-documentary methods. The CIP must describe non-documentary methods a mutual fund will use to verify customers' identities and when these methods will be used in addition to, or instead of, relying on documents. Non-documentary verification methods may include contacting a customer; independently verifying information through credit bureaus, public databases, or other sources; and checking references with other financial institutions. Non- documentary methods shall be used when a customer who is a natural person is unable to present an unexpired, government-issued identification document that bears a photograph or similar safeguard; the mutual fund is presented with unfamiliar documents to verify the identity of a customer; or the mutual fund does not obtain documents to verify the identity of a customer, does not meet face-to-face a customer who is a natural person, or is otherwise presented with circumstances that increase the risk the mutual fund will be unable to verify the true identity of a customer through documents. (e) Government lists. The CIP shall include procedures for determining whether a customer's name appears on any list of known or suspected terrorists or terrorist organizations prepared by any federal government agency and made available to the mutual fund. Mutual funds shall follow all federal directives issued in connection with such lists. (f) Customer notice. The CIP shall include procedures for providing customers with adequate notice that the mutual fund is requesting information to verify the customer's identity. (g) Lack of verification. The CIP shall include procedures for responding to circumstances in which the mutual fund cannot form a reasonable belief that it knows the true identity of a customer. (h) Recordkeeping. The CIP shall include procedures for maintaining a record of all information obtained pursuant to the CIP. A mutual fund must retain all records made or obtained when verifying the identity of a customer pursuant to its CIP until five years after the date the account of the customer is closed. Records subject to the requirements in this paragraph (h) include: (1) All identifying information provided by a customer pursuant to paragraph (c) of this section, and copies of any documents that were relied on pursuant to paragraph (d)(1) of this section evidencing the type of document and any identification number it may contain; (2) The methods and results of any measures undertaken to verify the identity of a customer pursuant to paragraph (d)(2) of this section; and (3) The resolution of any discrepancy in the identifying information obtained. (i) Approval by the board. The CIP shall be approved by the mutual fund's board of directors or trustees. (j) Exemptions. The Commission, with the concurrence of the Secretary, may by order or regulation exempt any mutual fund or type of account from the requirements of this section. The Commission and the Secretary shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act (31 U.S.C. 5311 et seq.) and in the public interest, and may consider other necessary and appropriate factors. Dated: July 15, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. Dated: July 12, 2002. By the Securities and Exchange Commission. Margaret H. McFarland, Deputy Secretary. [FR Doc. 02-18194 Filed 7-22-02; 8:45 am] BILLING CODE 4810-02-P
[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Proposed Rules] [Page 48299-48306] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-701] ----------------------------------------------------------------------- DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA31 Financial Crimes Enforcement Network; Customer Identification Programs for Certain Banks (Credit Unions, Private Banks and Trust Companies) That Do Not Have a Federal Functional Regulator AGENCIES: The Financial Crimes Enforcement Network, Treasury. ACTION: Notice of proposed rulemaking. ----------------------------------------------------------------------- SUMMARY: FinCEN is issuing a proposed regulation to implement section 326 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001(the Act) for credit unions and trust companies that do not have a federal functional regulator. The proposed rule provides the same rules for these financial institutions as are provided in a companion notice of proposed rulemaking being issued jointly by FinCEN and the Federal bank regulators published elsewhere in this separate part of this issue of the Federal Register. DATES: Written comments on the proposed rule may be submitted on or before September 6, 2002. ADDRESSES: Because paper mail in the Washington area may be subject to [[Page 48300]] delay, commenters are encouraged to e-mail comments. Comments should be sent by one method only. Comments may be mailed to FinCEN, Section 326 Certain Credit Union and Trust Company Rule Comments, P.O. Box 39, Vienna, VA 22183 or sent by e-mail to regcomments@fincen.treas.gov with the caption ``Attention: Section 326 Certain Credit Union and Trust Company Rule Comments'' in the body of the text. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, D.C. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). FOR FURTHER INFORMATION CONTACT: Office of the Chief Counsel (FinCEN), (703) 905-3590. SUPPLEMENTARY INFORMATION: I. Background A. Section 326 of the USA PATRIOT Act On October 26, 2001, President Bush signed into law the USA PATRIOT Act, Public Law 107-56. Title III of the Act, captioned ``International Money Laundering Abatement and Anti-terrorist Financing Act of 2001,'' adds several new provisions to the Bank Secrecy Act (BSA), 31 U.S.C. 5311 et seq. These provisions are intended to facilitate the prevention, detection, and prosecution of international money laundering and the financing of terrorism. Section 326 of the Act adds a new subsection (l) to 31 U.S.C. 5318 that requires the Secretary to prescribe regulations setting forth minimum standards for financial institutions that relate to the identification and verification of any person who applies to open an account. Final regulations implementing section 326 must be effective by October 25, 2002. Section 326 applies to all ``financial institutions.'' This term is defined very broadly in the BSA to encompass a variety of entities including banks, agencies and branches of foreign banks in the United States, thrifts, credit unions, brokers and dealers in securities or commodities, insurance companies, travel agents, pawnbrokers, dealers in precious metals, check-cashers, casinos, and telegraph companies, among many others. See 31 U.S.C. 5312(a)(2). For any financial institution engaged in financial activities described in section 4(k) of the Bank Holding Company Act of 1956 (section 4(k) institutions), the Secretary is required to prescribe the regulations issued under section 326 jointly with each of the Federal bank regulators (the Agencies), the SEC, and the CFTC (the Federal functional regulators). FinCEN and the Federal bank regulators are today jointly issuing a proposed rule that applies to banks within the meaning of 31 CFR 103.11(c) that are subject to a Federal banking regulator. Under its own authority, FinCEN is issuing this proposed rule to extend rules identical \1\ to those in the joint proposal to all banks lacking a Federal functional regulator, namely private banks and State chartered credit unions that are not federally insured, and trust companies. The text of the joint rule is published elsewhere in this separate part of this issue of the Federal Register. --------------------------------------------------------------------------- \1\ The references in the joint rule to a bank's anti-money laundering program requirement (proposed Sec. 103.121 (b)(1)) and to the procedures for exemptions granted by the Federal functional regulator (with Treasury concurrence) (proposed Sec. 103.121(c)) will be modified appropriately at the final rule stage. --------------------------------------------------------------------------- Section 326 of the Act provides that the regulations must contain certain requirements. At a minimum, the regulations must require financial institutions to implement reasonable procedures for (1) verifying the identity of any person seeking to open an account, to the extent reasonable and practicable; (2) maintaining records of the information used to verify the person's identity, including name, address, and other identifying information; and (3) determining whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency. In prescribing these regulations, the Secretary is directed to take into consideration the various types of accounts maintained by various types of financial institutions, the various methods of opening accounts, and the various types of identifying information available. The Secretary has determined that the records required to be kept by section 326 of the Act have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, to protect against international terrorism. B. Codification of the Proposed Rule The substantive requirements of the proposed rule will be codified with other Bank Secrecy Act regulations as part of Treasury's regulations in 31 CFR part 103. FinCEN anticipates that, at that time, it will publish a final rule that implements section 326 in a single section that will apply to all banks. II. Detailed Analysis A. Regulations Implementing Section 326 Definitions. Account. The proposed rule's definition of ``account'' is based on the statutory definition of ``account'' that is used in section 311 of the Act. ``Account'' means each formal banking or business relationship established to provide ongoing services, dealings, or other financial transactions. For example, a deposit account, transaction or asset account, and a credit account or other extension of credit would each constitute an account. Section 311 of the Act does not require that this definition be used for regulations implementing section 326 of the Act. However, to the extent possible, Treasury proposes to apply consistent definitions for each of the regulations implementing the Act to reduce confusion. ``Deposit accounts'' and ``transaction accounts,'' which as previously noted, are considered ``accounts'' for purposes of this rulemaking, are themselves defined terms. In addition, the term ``account'' is limited to banking and business relationships established to provide ``ongoing'' services, dealings, or other financial transactions to make clear that this term is not intended to cover infrequent transactions such as the occasional purchase of a money order or a wire transfer. Bank. For purposes of this proposed rule, the ``bank'' includes only those banks within the meaning of 31 CFR 103.11(c) that lack a Federal functional regulator. These are private banks and certain State chartered credit unions that are not federally insured, and trust companies. Customer. The proposed rule defines ``customer'' to mean any person seeking to open a new account. Accordingly, the term ``customer'' includes a person applying to open an account, but would not cover a person seeking information about an account, such as rates charged or interest paid on an account, if the person does not actually open an account. ``Customer'' includes both individuals and other persons such as corporations, partnerships, and trusts. In addition, any person seeking to open an account at a bank, on or after the effective date of the final rule, will be a ``customer,'' regardless of whether that person already has an account at the bank. The proposed rule also defines a ``customer'' to include any signatory on an account. Thus, for example, an individual with signing authority over a corporate account is a ``customer'' within the meaning of the proposed [[Page 48301]] rule. A signatory can become a ``customer'' when the account is opened or when the signatory is added to an existing account. The requirements of section 326 of the Act apply to any person ``seeking to open a new account.'' Accordingly, transfers of accounts from one bank to another, that are not initiated by the customer, for example, as a result of a merger, acquisition, or purchase of assets or assumption of liabilities, fall outside of the scope of section 326, and are not covered by the proposed regulation. Person. The proposed rule defines ``person'' by reference to Sec. 103.11(z). This definition includes individuals, corporations, partnerships, trusts, estates, joint stock companies, associations, syndicates, joint ventures, other unincorporated organizations or groups, certain Indian Tribes, and all entities cognizable as legal personalities. U.S. Person. Under the proposed rule, for an individual, ``U.S. person'' means a U.S. citizen. For persons other than an individual, ``U.S. person'' means an entity established or organized under the laws of a State or the United States. A non-U.S. person is defined as a person who does not satisfy these criteria. Taxpayer identification number. The proposed rule continues the provision in current Sec. 103.34(a)(4), which provides that the provisions of section 6109 of the Internal Revenue Code and the regulations of the Internal Revenue Service thereunder determine what constitutes a taxpayer identification number. Customer Identification Program: Minimum Requirements. General Rule. Section 326 of the Act requires Treasury to issue a regulation that establishes minimum standards regarding the identity of any customer who applies to open an account. Section 326 then prescribes three procedures that Treasury must require institutions to implement as part of this process: (1) Identification and verification of persons seeking to open an account; (2) recordkeeping; and (3) comparison with government lists. Rather than imposing the same list of specific requirements on every bank, regardless of its circumstances, the proposed regulation requires all banks to implement a Customer Identification Program (CIP) that is appropriate given the bank's size, location, and type of business. The proposed regulation requires a bank's CIP to contain the statutorily prescribed procedures, describes these procedures, and details certain minimum elements that each of the procedures must contain. In addition, the proposed rule requires that the CIP be written and that it be approved by the bank's board of directors or a committee of the board. This latter requirement highlights the responsibility of a bank's board of directors to approve and exercise general oversight over the bank's CIP. Under the proposed joint regulation for federally regulated banks, the CIP must be incorporated into the bank's anti-money laundering (BSA) program. FinCEN has not yet issued an anti-money laundering program regulation for the banks subject to this proposed rule, but anticipates doing so in the near future, at which time they would be required to incorporate the CIP into that program. A bank's BSA program must include (1) internal policies, procedures, and controls to ensure ongoing compliance; (2) designation of a compliance officer; (3) an ongoing employee training program; and (4) an independent audit function to test programs. Each of these requirements also applies to a bank's CIP. Identity Verification Procedures. Under section 326 of the Act, the regulations issued by Treasury must require banks to implement and comply with reasonable procedures for verifying the identity of any person seeking to open an account, to the extent reasonable and practicable. The proposed regulation implements this requirement by providing that each bank must have risk-based procedures for verifying the identity of a customer that take into consideration the types of accounts that banks maintain, the different methods of opening accounts, and the types of identifying information available. These procedures must enable the bank to form a reasonable belief that it knows the true identity of the customer. Under the proposed regulation, a bank must first have procedures that specify the identifying information that the bank must obtain from any customer. The proposed regulation also sets forth certain, minimal identifying information that a bank must obtain prior to opening an account or adding a signatory to an account. Second, the bank must have procedures describing how the bank will verify the identifying information provided. The bank must have procedures that describe when it will use documents for this purpose and when it will use other methods, either in addition or as an alternative to using documents for the purpose of verifying the identity of a customer. While a bank's CIP must contain the identity verification procedures set forth above, these procedures are to be risk-based. For example, a bank need not verify the identifying information of an existing customer seeking to open a new account, or who becomes a signatory on an account, if the bank (1) previously verified the customer's identity in accordance with procedures consistent with this regulation, and (2) continues to have a reasonable belief that it knows the true identity of the customer. The proposal requires a bank to exercise reasonable efforts to ascertain the identity of each customer. Although the main purpose of the Act is to prevent and detect money laundering and the financing of terrorism, Treasury anticipates that the proposed regulation will ultimately benefit consumers. In addition to deterring money laundering and terrorist financing, requiring every bank to establish comprehensive procedures for verifying the identity of customers should reduce the growing incidence of fraud and identity theft involving new accounts.\2\ --------------------------------------------------------------------------- \2\ Last year, over 86,000 complaints were logged into the Identity Theft Complaint database established by the Federal Trade Commission (FTC). Forms of identity theft commonly reported included (1) credit card fraud, where one or more new credit cards were opened in the victim's name; (2) bank fraud, where a new bank account was opened in the victim's name; and (3) fraudulent loans, where a loan had been obtained in the victim's name. See Statement of J. Howard Beales, Director, Bureau of Consumer Protection, FTC, to the Senate Committee on the Judiciary, Subcommittee on Technology, March 20, 2002. --------------------------------------------------------------------------- Information Required. The proposed regulation provides that a bank's CIP must contain procedures that specify the identifying information the bank must obtain from a customer. At a minimum, a bank must obtain from each customer the following information prior to opening an account or adding a signatory to an account: name; address; for individuals, date of birth; and an identification number, described in greater detail below. To satisfy the requirement that a bank obtain the address of a customer, Treasury expects a bank to obtain both the address of an individual's residence and, if different, the individual's mailing address. For customers who are not individuals, the bank should obtain an address showing the customer's principal place of business and, if different, the customer's mailing address. For U.S. persons a bank must obtain a U.S. taxpayer identification number (e.g., social security number, individual taxpayer identification number, or employer identification number). For non-U.S. persons a bank must obtain one or more of the following: a taxpayer identification number; passport number and country of issuance; alien identification card number; or number [[Page 48302]] and country of issuance of any other government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard. The basic information that banks would be required to obtain under this proposed regulation reflects the type of information that financial institutions currently obtain in the account-opening process and is similar to the identifying information currently required for each deposit or share account opened (see 31 CFR 103.34(a)(1)). The proposed regulation uses the term ``similar safeguard'' to permit the use of any biometric identifiers that may be used in addition to, or instead of, photographs. Treasury recognizes that a new business may need access to banking services, particularly a bank account or an extension of credit, before it has received an employer identification number from the Internal Revenue Service. For this reason, the proposed regulation contains a limited exception to the requirement that a taxpayer identification number must be provided prior to establishing or adding a signatory to an account. Accordingly, a CIP may permit a bank to open or add a signatory to an account for a person other than an individual (such as a corporation, partnership, or trust) that has applied for, but has not received, an employer identification number. However, in such a case, the CIP must require that the bank obtain a copy of the application before it opens or adds a signatory to the account and obtain the employee identification number within a reasonable period of time after an account is established or a signatory is added to an account. Currently, the IRS indicates that the issuance of an employer identification number can take up to five weeks. This length of time, coupled with when the person applied for the employer identification number, should be considered by the bank in determining the reasonable period of time within which the person should provide its employer identification number to the bank. Verification. The proposed regulation provides that the CIP must contain risk-based procedures for verifying the information that the bank obtains in accordance with the proposed rule, within a reasonable period of time after the account is opened. Treasury considered proposing that a customer's identity be verified before an account is opened or within a specific time period after the account is opened. However, Treasury recognizes that such a position would be unduly burdensome for both banks and customers and therefore contrary to the plain language of the statute, which states that the procedures must be both reasonable and practicable. The amount of time it will take an institution to verify identity may depend upon the type of account opened, whether the customer is physically present when the account is opened, and the type of identifying information available. In addition, although an account may be opened, it is common practice among banks to place limits on the account, such as by restricting the number of transactions or the dollar value of transactions, until a customer's identity is verified. Therefore, the proposed regulation provides a bank with the flexibility to use a risk-based approach to determine how soon identity must be verified.\3\ --------------------------------------------------------------------------- \3\ It is possible that a bank would, however, violate other laws by permitting a customer to transact business prior to verifying the customer's identity. See, e.g., 31 CFR 500, prohibiting transactions involving designated foreign countries or their nationals. --------------------------------------------------------------------------- Verification Through Documents. The CIP must contain procedures describing when the bank will verify identity through documents and setting forth the documents that the bank will use for this purpose. For individuals, these documents may include: unexpired government- issued identification evidencing nationality or residence and bearing a photograph or similar safeguard. For corporations, partnerships, trusts, and other persons that are not individuals, these may be documents showing the existence of the entity, such as registered articles of incorporation, a government-issued business license, partnership agreement, or trust instrument. Non-Documentary Verification. The proposed regulation provides that a bank's CIP also must contain procedures describing non-documentary methods the bank will use to verify identity and when these methods will be used in addition to, or instead of, relying on documents. For example, the procedures must address situations where an individual is unable to present an unexpired government-issued identification document that bears a photograph or similar safeguard; the bank is not familiar with the documents presented; the account is opened without obtaining documents; the account is not opened in a face-to-face transaction; and the type of account increases the risk that the bank will not be able to verify the true identity of the customer through documents. Treasury believes that banks typically require documents to be presented when an account is opened face-to-face. Although customers usually satisfy these requirements by presenting government-issued identification documents bearing a photograph, such as a driver's license or passport, Treasury recognizes that some customers legitimately may be unable to present those customary forms of identification when opening an account. For example, an elderly person may not have a valid driver's license or passport. Under these circumstances, Treasury expects that banks will provide products and services to those customers and verify their identities through other methods. Similarly, a bank may be unable to obtain original documents to verify a customer's identity when an account is opened by telephone, by mail, and over the Internet. Thus, when an account is opened for a customer who is not physically present, a bank will be permitted to use other methods of verification, to the extent set forth in the CIP. While other verification methods must be used when a bank cannot examine original documents, Treasury also recognizes that original identification documents, including those issued by a government entity, may be obtained illegally and may be fraudulent. In light of the recent increase in identity fraud, banks are encouraged to use other verification methods, even when a customer has provided original documents. Obtaining sufficient information to verify a customer's identity can reduce the risk that a bank will be used as a conduit for money laundering and terrorist financing. The risk that the bank will not know the customer's true identity will be heightened for certain types of accounts, such as accounts opened in the name of a corporation, partnership, or trust that is created or conducts substantial business in jurisdictions that have been designated by the United States as a primary money laundering concern or have been designated as non- cooperative by an international body. As a bank's identity verification procedures should be risk-based, they should identify types of accounts that pose a heightened risk, and prescribe additional measures to verify the identity of any person seeking to open an account and the signatory for such accounts. The proposed regulation gives examples of other non-documentary verification methods that a bank may use in the situations described above. These methods could include contacting a customer after the account is opened; obtaining a financial statement; comparing the identifying information provided by the customer against fraud and bad check databases to determine [[Page 48303]] whether any of the information is associated with known incidents of fraudulent behavior (negative verification); comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer reporting agency (positive verification); and checking references with other financial institutions. The bank also may wish to analyze whether there is logical consistency between the identifying information provided, such as the customer's name, street address, ZIP code, telephone number, date of birth, and social security number (logical verification).\4\ --------------------------------------------------------------------------- \4\ Treasury understands that most banks currently make use of technology that permits instantaneous negative, positive, and logical verification of identity. --------------------------------------------------------------------------- Lack of Verification. The proposed regulation also states that a bank's CIP must include procedures for responding to circumstances in which the bank cannot form a reasonable belief that it knows the true identity of a customer. Generally, a bank should only maintain an account for a customer when it can form a reasonable belief that it knows the customer's true identity.\5\ Thus, a bank should have procedures that specify the actions that it will take when it cannot form a reasonable belief that it knows the true identity of a customer, including when an account should not be opened. In addition, a bank's CIP should have procedures that address the terms under which a customer may conduct transactions while a customer's identity is being verified. The procedures also should specify at what point, after attempts to verify a customer's identity have failed, a customer's account that has been opened should be closed. Finally, if a bank cannot form a reasonable belief that it knows the identity of a customer, the procedures should also include determining whether a Suspicious Activity Report should be filed in accordance with applicable law and regulation. --------------------------------------------------------------------------- \5\ There are some exceptions to this basic rule. For example, a bank may maintain an account, at the direction of a law enforcement or intelligence agency, although the bank does not know the true identity of a customer. --------------------------------------------------------------------------- Recordkeeping. Section 326 of the Act requires reasonable procedures for maintaining records of the information used to verify a person's name, address, and other identifying information. The proposed regulation sets forth recordkeeping procedures that must be included in a bank's CIP. Under the proposal, a bank is required to maintain a record of the identifying information provided by the customer. Where a bank relies upon a document to verify identity, the bank must maintain a copy of the document that the bank relied on that clearly evidences the type of document and any identifying information it may contain.\6\ The bank also must record the methods and result of any additional measures undertaken to verify the identity of the customer. Last, the bank must record the resolution of any discrepancy in the identifying information obtained. The bank must retain all of these records for five years after the date the account is closed. --------------------------------------------------------------------------- \6\ The bank need not keep a separate record of the identifying information provided by the customer if this information clearly appears on the copy of the document maintained by the bank. --------------------------------------------------------------------------- Treasury emphasizes that the collection and retention of information about a customer, such as an individual's race or sex, as an ancillary part of collecting identifying information do not relieve a bank from its obligations to comply with anti-discrimination laws or regulations, such as the prohibition in the Equal Credit Opportunity Act against discrimination in any aspect of a credit transaction on the basis of race, color, religion, national origin, sex or marital status, age, or other prohibited classifications. Nothing in this proposed regulation modifies, limits or supersedes section 101 of the Electronic Signatures in Global and National Commerce Act, Pub. L. 106-229, 114 Stat. 464 (15 U.S.C. 7001) (E-Sign Act). Thus, a bank may use electronic records to satisfy the requirements of this regulation, as long as the records are accurate and remain accessible in accordance with 31 CFR 103.38(d). Comparison with Government Lists. Section 326 of the Act also requires reasonable procedures for determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations provided to the bank by any government agency. The proposed rule implements this requirement and clarifies that the requirement applies only with respect to lists circulated by the Federal government. In addition, the proposed rule requires that the procedures must ensure that the bank follows all Federal directives issued in connection with such lists. This provision makes clear that a bank must have procedures for responding to circumstances when the bank determines that a customer is named on a list. Customer Notice. Section 326 of the Act contemplates that financial institutions will provide their customers with ``adequate notice'' of the customer identification procedures. Therefore, a bank's CIP must include procedures for providing bank customers with adequate notice that the bank is requesting information to verify their identity. A bank may satisfy the notice requirement by generally notifying its customers about the procedures the bank must comply with to verify their identities. For example, the bank may post a sign in its lobby or provide customers with any other form of written or oral notice. If an account is opened electronically, such as through an Internet website, the bank may also provide notice electronically. Exemptions. Section 326 states that the Secretary (and, in the case of section 4(k) institutions, the appropriate Federal functional regulator) may by regulation or order, exempt any financial institution or type of account from the requirements of this regulation in accordance with such standards and procedures as the Secretary may prescribe. Under the proposed rule, Treasury, may by order or regulation exempt any bank lacking a federal functional regulator or type of account at such a bank from the requirements of this section. In issuing such exemptions, Treasury shall consider whether the exemption is consistent with the purposes of the Bank Secrecy Act, consistent with safe and sound banking, and in the public interest. Treasury also may consider other necessary and appropriate factors. Other Information Requirements Unaffected. Nothing in the proposal shall be construed to relieve a bank of its obligations to obtain, verify, or maintain information in connection with an account or transaction that is required by another provision in part 103. For example, if an account is opened with a deposit of more than $10,000 in cash, the bank opening the account must comply with the customer identification requirements in the proposal, as well as with the provisions of section 103.22, which require that certain information concerning the transaction be reported by filing a Cash Transaction Report (CTR). B. Conforming Amendments to 31 CFR 103.34 Current section 103.34(a) sets forth customer identification requirements when certain types of deposit accounts are opened. Generally, sections 103.34(a)(1) and (2) require a bank, within 30 days after certain deposit accounts are opened, to secure and maintain a record of the taxpayer identification number of the customer [[Page 48304]] involved. If the bank is unable to obtain the taxpayer identification number within 30 days (or a longer time if the person has applied for a taxpayer identification number), it need take no further action under section 103.34 concerning the account if it maintains a list of the names, addresses, and account numbers of the persons for which it was unable to secure taxpayer identification numbers, and provides that information to the Secretary upon request. In the case of a non- resident alien, the bank is required to record the person's passport number or a description of some other government document used to determine identification. Treasury believes that the requirements of section 103.34(a)(1) and (2) are inconsistent with the intent and purpose of section 326 of the Act and incompatible with the proposal. Section 103.34(a)(3) currently provides that a bank need not obtain a taxpayer identification number with respect to specified categories of persons \7\ opening certain deposit accounts. This proposed rule does not contain any exemptions from the CIP requirements. --------------------------------------------------------------------------- \7\ The exemption applies to (i) agencies and instrumentalities of Federal, State, local, or foreign governments; (ii) judges, public officials, or clerks of courts of record as custodians of funds in controversy or under the control of the court; (iii) aliens who are ambassadors; ministers; career diplomatic or consular officers; naval, military, or other attaches of foreign embassies and legations; and members of their immediate families; (iv) aliens who are accredited representatives of certain international organizations, and their immediate families; (v) aliens temporarily residing in the United States for a period not to exceed 180 days; (vi) aliens not engaged in a trade or business in the United States who are attending a recognized college or university, or any training program supervised or conducted by an agency of the Federal Government; (vii) unincorporated subordinate units of a tax exempt central organization that are covered by a group exemption letter; (viii) a person under 18 years of age, with respect to an account opened as part of a school thrift savings program, provided the annual interest is less than $10; (ix) a person opening a Christmas club, vacation club, or similar installment savings program, provided the annual interest is less than $10; and (x) non-resident aliens who are not engaged in a trade or business in the United States. --------------------------------------------------------------------------- Treasury is requesting comments on whether any of these exemptions should apply in the context of the proposed CIP requirements in light of the intent and purpose of section 326 of the Act. Section 103.34(a)(4) provides that section 6109 of the Internal Revenue Code and the rules and regulations of the Internal Revenue Service (IRS) promulgated thereunder shall determine what constitutes a taxpayer identification number. This provision is continued in the proposal. Section 103.34(a)(4) also provides that IRS rules shall determine whose number shall be obtained in the case of multiple account holders. Treasury believes that this provision is inconsistent with section 326 of the Act, which requires that banks verify the identity of ``any'' person seeking to open an account. For these reasons, Treasury is proposing to repeal section 103.34(a). Section 103.34(b) sets forth certain recordkeeping requirements for banks. Among other things, section 103.34(b)(1) requires a bank to keep ``any notations, if such are normally made, of specific identifying information verifying the identity of [a person with signature authority over an account] (such as a driver's license number or credit card number).'' Treasury believes that the quoted language in section 103.34(b)(1) is inconsistent with the requirements of the proposal. For this reason, Treasury is proposing to delete the quoted language. III. Request for Comments Treasury invites comment on all aspects of this rulemaking, and specifically seek comment on the following issues: 1. Whether the proposed definition of ``account'' is appropriate and whether other examples of accounts should be added to the regulatory text. 2. How the proposed regulation should apply to various types of accounts that are designed to allow a customer to transact business immediately. 3. Ways that banks can comply with the requirement that a bank obtain both the address of an individual's residence, and, if different, the individual's mailing address in situations involving individuals who lack a permanent address. 4. Whether non-U.S. persons that are not individuals will be able to provide a bank with the identifying information required in the proposal, or whether other categories of identifying information should be added to this proposal to permit non-U.S. persons that are not individuals to open accounts. Commenters on this issue should suggest other means of identification that banks currently use or should use. 5. Whether the proposed regulation will subject banks to conflicting State laws. Treasury requests that commenters cite and describe any potentially conflicting State laws. 6. The extent to which the verification procedures required by the proposed regulation make use of information that banks currently obtain in the account opening process. Treasury notes that the legislative history of section 326 indicates that Congress intended ``the verification procedures prescribed by Treasury [to] make use of information currently obtained by most financial institutions in the account opening process.'' See H.R. Rep. No. 107-250, pt. 1, at 63 (2001). 7. Whether any of the exemptions from the customer identification requirements contained in current section 103.34(a)(3) should be continued in the proposal. In this regard, Treasury requests that commenters address the standards set forth in the proposal (as well as any other appropriate factors). IV. Regulatory Flexibility Act When an agency issues a rulemaking proposal, the Regulatory Flexibility Act (RFA) requires the agency to ``prepare and make available for public comment an initial regulatory flexibility analysis' unless the agency certifies that the rule will not have a ``significant economic impact on a substantial number of small entities.'' 5 U.S.C. 603, 605(b).\8\ --------------------------------------------------------------------------- \8\ The RFA defines the term ``small entity'' in 5 U.S.C. 601 by reference to the definitions published by the Small Business Administration (SBA). The SBA has defined a ``small entity'' for banking purposes as a bank or savings institution with less than $150 million in assets. See 13 CFR 121.201. The NCUA defines ``small credit union'' as those under $1 million in assets. Interpretive Ruling and Policy Statement No. 87-2, Developing and Reviewing Government Regulations (52 FR 35231, September 18, 1987). --------------------------------------------------------------------------- Treasury certifies that the proposed rule will not have a significant economic impact on a substantial number of small entities. The requirements of the proposed rule closely parallel the requirements for customer identification programs mandated by section 326 of the Act. Moreover, Treasury believes that banks already have implemented prudential business practices and anti-money laundering programs that involve the key controls that would be required in a customer identification program in accordance with the proposed regulation. First, all banks already undertake extensive measures to verify the identity of their customers as a matter of good business practice. Second, banks already should have compliance programs in place to check lists provided by the Federal government of known and suspected terrorists and terrorist organizations. Currently, banks are prohibited from engaging in transactions involving certain foreign countries or their nationals under rules issued by Treasury's Office of Foreign Assets Control (OFAC). See 31 CFR part 500. Banks should already have compliance programs in place to ensure that they do [[Page 48305]] not violate OFAC rules. Treasury understands that many banks, including small banks, have instituted programs to check other lists provided to them by the Federal government following the events of September 11, 2001. Treasury believes that all banks have access to a variety of resources, such as computer software packages, that enable them to check lists provided by the Federal government. Third, Treasury believes the provision in the proposed rule that requires a bank to provide adequate notice to its customers that it is requesting information to verify their identity will impose minimal costs on banks. Banks may elect to satisfy that requirement through a variety of low-cost measures, such as by posting a sign in the bank's lobby or providing any other form of written or oral notice. The recordkeeping requirements similarly may impose some costs on banks, if, for example, some of the information that must be maintained as a consequence of implementing customer identification programs is not already retained. Treasury believes that the compliance burden, if any, is minimized for banks, including small banks, because the proposed regulation vests a bank with the discretion to design and implement appropriate recordkeeping procedures, including allowing banks to maintain electronic records in lieu of (or in combination with) paper records. Finally, Treasury believes that the flexibility incorporated into the proposed rule will permit each bank to tailor its CIP to fit its own size and needs. In this regard, Treasury believes that expenditures associated with establishing and implementing a CIP will be commensurate with the size of a bank. If a bank is small, the burden to comply with the proposed rule should be de minimis. V. Paperwork Reduction Act The proposed rule contains recordkeeping and disclosure requirements that are subject to the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). In summary, the proposed rule requires banks to implement reasonable procedures to (1) maintain records of the information used to verify the person's identity and (2) provide notice of these procedures to customers. These recordkeeping and disclosure requirements are required under section 326 of the Act. The proposed rule applies only to a financial institution that is a ``bank'' as defined in 31 CFR 103.11(c) lacking a Federal functional regulator. The proposed rule requires each bank to establish a written CIP that must include recordkeeping procedures and procedures for providing customers with notice that the bank is requesting information to verify their identity. The proposed rule requires a bank to maintain a record of (1) the identifying information provided by the customer, the type of identification document(s) reviewed, if any, the identification number of the document(s), and a copy of the identification document(s); (2) the means and results of any additional measures undertaken to verify the identity of the customer; and (3) the resolution of any discrepancy in the identifying information obtained. These records must be maintained at the bank for five years after the date the account is closed. Treasury believes that little burden is associated with the recordkeeping requirements of the proposal, because such recordkeeping is a usual and customary business practice. In addition, banks already must keep similar records to comply with existing regulations in 31 CFR Part 103 (see, e.g., 31 CFR 103.34, requiring certain records for each deposit or share account opened). The proposed rule also requires banks to give customers ``adequate notice'' of the identity verification procedures. A bank may satisfy the notice requirement by posting a sign in the lobby or providing customers with any other form of written or oral notice. If the account is opened electronically, the bank may provide the notice electronically. Treasury believes that nominal burden is associated with the disclosure requirement of the proposal. This section requires a bank to notify its customers about the procedures the bank has implemented to verify their identities. However, a bank may choose among a variety of methods of providing adequate notice and may select the least burdensome method, given the circumstances under which customers seek to open new accounts. A person is not required to respond to a collection of information unless it displays a currently valid Office of Management and Budget (OMB) control number. The collection of information requirements contained in the proposed rule have been submitted to the OMB by Treasury in accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3507). The institutions subject to these requirements include private banks, credit unions, and trust companies that do not have a Federal functional regulator. Estimated number of financial institutions: 2,460. Estimated average annual burden for the recordkeeping requirements of the proposed rule per each financial institution respondent: 10 hours. Estimated average annual burden for the disclosure requirements of the proposed rule per each financial institution respondent: 1 hour. Estimated total annual recordkeeping and disclosure burden: 27,060 hours. Treasury requests public comment on all aspects of the recordkeeping and disclosure requirements contained in this proposed rule, including how burdensome it would be for banks to comply with these requirements. Also, Treasury requests comment on whether the banks are currently maintaining the records requested by the proposal. Treasury also invites comment on: (1) Whether the collections of information contained in the notice of proposed rulemaking are necessary for the proper performance of FinCEN's functions, including whether the information has practical utility; (2) The accuracy of the estimated burden of the proposed information collections; (3) Ways to enhance the quality, utility, and clarity of the information to be collected; (4) Ways to minimize the burden of the information collections on respondents, including the use of automated collection techniques or other forms of information technology; and (5) Estimates of capital or start-up costs and costs of operation, maintenance, and purchases of services to provide information. Comments concerning the recordkeeping and disclosure requirements in the proposed rule should be sent (preferably by fax (202-395-6974)) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Paperwork Reduction Project (1506), Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy to FinCEN by mail or the Internet at the addresses previously specified. VI. Executive Order 12866 Treasury has determined that this proposal is not a ``significant regulatory action'' under Executive Order 12866. The rule follows closely the requirements of section 326 of the Act. Treasury believes banks already have procedures in place that fulfill most of the requirements of the proposed regulation. First, the procedures are a matter of good business practice. Second, banks should already have compliance programs in place to ensure [[Page 48306]] they comply with OFAC rules prohibiting transactions with certain foreign countries or their nationals. Dated: July 15, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. [FR Doc. 02-18193 Filed 7-22-02; 8:45 am] BILLING CODE 4810-02-P
[Federal Register: July 23, 2002 (Volume 67, Number 141)] [Rules and Regulations] [Page 48347-48352] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr23jy02-680] [[Page 48347]] ----------------------------------------------------------------------- Part VI Department of the Treasury ----------------------------------------------------------------------- 31 CFR Part 103 Financial Crimes Enforcement Network; Anti-Money Laundering Programs; Special Due Diligence Programs for Certain Foreign Accounts; Final Rule [[Page 48348]] ----------------------------------------------------------------------- DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA29 Financial Crimes Enforcement Network; Anti-Money Laundering Programs; Special Due Diligence Programs for Certain Foreign Accounts AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury. ACTION: Interim final rule. ----------------------------------------------------------------------- SUMMARY: Treasury and FinCEN are issuing an interim final rule temporarily deferring for certain financial institutions (as defined in the Bank Secrecy Act) the application of the requirements contained in section 5318(i) of title 31, United States Code, added by section 312 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) of 2001 (the Act). Section 5318(i) requires U.S. financial institutions to establish due diligence policies, procedures, and controls reasonably designed to detect and report money laundering through correspondent accounts and private banking accounts that U.S. financial institutions establish or maintain for non-U.S. persons. Section 312 takes effect on July 23, 2002, whether or not Treasury has issued a final rule implementing that provision. Additionally, this interim final rule provides guidance, pending issuance of a final rule, to those financial institutions for which compliance with section 5318(i) has not been deferred. DATES: This interim final rule is effective July 23, 2002. Written comments may be submitted on or before August 22, 2002. ADDRESSES: Submit comments (preferably an original and four copies) to FinCEN, P.O. Box 39, Vienna, VA 22183, Attn: Section 312 Interim Regulations. Comments may also be submitted by electronic mail to regcomments@fincen.treas.gov with the caption in the body of the text, ``Attention: Section 312 Interim Regulations.'' Comments may be inspected at FinCEN between 10 a.m. and 4 p.m. in the FinCEN Reading Room in Washington, DC. Persons wishing to inspect the comments submitted must request an appointment by telephoning (202) 354-6400 (not a toll-free number). FOR FURTHER INFORMATION CONTACT: Office of the Assistant General Counsel for Banking & Finance (Treasury), (202) 622-0480; the Office of the Assistant General Counsel for Enforcement (Treasury), (202) 622- 1927; or the Office of the Chief Counsel (FinCEN), (703) 905-3590 (not toll-free numbers). SUPPLEMENTARY INFORMATION: Treasury and FinCEN are exercising the authority under 31 U.S.C. 5318(a)(6) to temporarily defer the application of 31 U.S.C. 5318(i) to certain financial institutions pending issuance by Treasury and FinCEN of a final rule outlining the scope of coverage, duties, and obligations under that provision. Additionally, for those financial institutions for which compliance with section 5318(i) has not been deferred entirely, interim guidance is provided for compliance with the statute pending issuance of a final rule. Although this interim final rule and the guidance contained herein may be relied upon by financial institutions until superseded by a final regulation or subsequent guidance, no inference may be drawn from this rule concerning the scope and substance of the final regulation that Treasury will issue concerning section 5318(i). I. Background Section 312 of the Act adds new subsection (i) to 31 U.S.C. 5318, the Bank Secrecy Act (BSA). This provision requires each U.S. financial institution that establishes, maintains, administers, or manages a private banking account or a correspondent account in the United States for a non-U.S. person to take certain anti-money laundering measures with respect to such accounts. In particular, financial institutions must establish appropriate, specific, and, where necessary, enhanced, due diligence policies, procedures and controls that are reasonably designed to enable the financial institution to detect and report instances of money laundering through those accounts. In addition to this general requirement, which applies to all correspondent and private banking accounts for non-U.S. persons, section 312 of the Act specifies additional standards for correspondent accounts maintained for certain foreign banks. For a correspondent account maintained for a foreign bank operating under an offshore license or a license granted by a jurisdiction designated as being of concern for money laundering, a financial institution must take reasonable steps to identify the owners of the foreign bank, to conduct enhanced scrutiny of the correspondent account to guard against money laundering, and to ascertain whether the foreign bank provides correspondent accounts to other foreign banks and, if so, to conduct appropriate related due diligence. Section 312 also sets forth minimum standards for the due diligence requirements for a private banking account for a non-U.S. person. Specifically, a financial institution must take reasonable steps to ascertain the identity of the nominal and beneficial owners of, and the source of funds deposited into, the private banking account, as necessary to guard against money laundering. The institution must also conduct enhanced scrutiny of private banking accounts requested or maintained by or on behalf of senior foreign political figures (or their family members or close associates). Enhanced scrutiny must be reasonably designed to detect and report transactions that may involve the proceeds of foreign corruption. Section 312(b)(2) provides that subsection 5318(i) takes effect on July 23, 2002, regardless of whether Treasury has issued a final rule by that date. Furthermore, it indicates that subsection 5318(i) applies to all accounts, regardless of when they were opened. 1. The Proposed Rule On May 30, 2002, Treasury and FinCEN published in the Federal Register a proposed rule implementing section 312. See 67 FR 37,736 (May 30, 2002). In that proposed rule, Treasury sought to take the broad statutory mandate of section 312 and translate it into specific regulatory directives for financial institutions to apply. Like the statute itself, the rule proposed by Treasury is far reaching, seeking to require a wide range of U.S. financial institutions \1\ to apply due diligence and enhanced due diligence procedures to a diverse array of foreign financial institutions \2\ that maintain ``correspondent accounts'' or ``private [[Page 48349]] banking accounts'' in the U.S. The proposed rule sets forth a series of due diligence procedures that financial institutions covered by the rule may, and in many cases must, apply to correspondent accounts and private banking accounts. Because section 5318(i) takes effect on July 23, 2002, regardless of whether Treasury has issued a final implementing regulation, Treasury imposed a 30-day period in which public comments on the proposed rule would be accepted. --------------------------------------------------------------------------- \1\ Treasury proposed that the following financial institutions would be covered by the regulation: An insured bank (as defined in section 3(h) of the Federal Deposit Insurance Act (12 U.S.C. 1813(h))); a commercial bank; an agency or branch of a foreign bank in the United States; a federally insured credit union; a thrift institution; a corporation acting under section 25A of the Federal Reserve Act (12 U.S.C. 611 et seq.); a broker or dealer registered, or required to register, with the Securities and Exchange Commission under the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.); a futures commission merchant registered, or required to register, under, and an introducing broker as defined in Sec. 1a23 of, the Commodity Exchange Act (7 U.S.C. 1 et seq.); a casino (as defined in Sec. 103.11(n)(5)); a mutual fund (as defined in Sec. 103.130); a money services business (as defined in Sec. 103.11(uu)); and an operator of a credit card system (as defined in Sec. 103.135). \2\ Foreign financial institutions include foreign banks and any other foreign person that, if organized in the United States, would be required to establish an anti-money laundering program pursuant to Secs. 103.120 through 103.169 of this part. --------------------------------------------------------------------------- 2. The Final Rule A final rule implementing section 312 cannot reasonably be completed by the statutory effective date of July 23, 2002. Without question, the proposed rule implementing section 312 is the furthest reaching proposed regulation issued under Title III of the Act thus far. The requirements placed on financial institutions under this provision are significant, and commenters have raised substantial and important concerns about the scope of the regulation as well as the major definitions applicable to this section. For example, commenters consistently noted that the definitions of ``correspondent account,'' ``covered financial institution,'' and ``foreign financial institution,'' were overly broad and difficult to implement. Likewise, commenters expressed concerns regarding the definition of ``senior foreign political figure.'' Moreover, the statute does not define many important terms with respect to financial institutions other than banks, leaving the task for Treasury and FinCEN. Additional time is necessary to consider carefully these definitions and the text of the proposed rule in light of comments received to determine whether these terms should be further defined with respect to each financial institution. Treasury anticipates issuing a final rule no later than October 25, 2002. 3. Deferral of Application to Certain Financial Institutions Although section 312 is self-executing, in the absence of a final rule, many classes of financial institutions, in particular, non-bank financial institutions, would not have clear notice of, or guidance regarding, their compliance obligations. More pointedly, without regulations defining key terms for financial institutions other than banks, these financial institutions would not have sufficient guidance to comply with all facets of section 312. This situation necessarily stems from the fact that the statute seeks to cover a diverse universe of financial institutions and seeks to address a multitude of issues arising from the panoply of financial relationships that can exist with various foreign financial institutions. Treasury's role in this process is to draft a regulation, after obtaining public comment, that provides clear and unequivocal direction to financial institutions covered by the provision. Without clarifying appropriate terms for the various industries, enforcement of section 5318(i) against the full range of financial institutions proposed to be covered by section 312 will be difficult. Therefore, deferral is necessary and appropriate. Nor would it be appropriate for Treasury to insist on compliance with the terms of the proposed rule pending the completion of a final rule. We are still reviewing and analyzing the comments received and formulating the terms and scope of the final rule. Were Treasury to require strict compliance with the proposed rule, not only would it undermine the administrative process, but also it might require financial institutions to incur substantial costs to comply with provisions of the proposed rule that may be altered or eliminated.\3\ Without suggesting that such changes will be made, such a result is untenable. --------------------------------------------------------------------------- \3\ Cf. CFTC v. Schor, 478 U.S. 833, 845 (1986) (noting the important distinction between a proposed rule and a final rule drafted based on a review of public comment). --------------------------------------------------------------------------- Accordingly, invoking the authority under section 5318(a)(6) of the BSA, this interim final rule defers the application of all provisions of section 5318(i) to financial institutions other than banks, securities brokers and dealers, futures commission merchants, and introducing brokers.\4\ Banks must comply with all provisions of section 5318(i). Securities brokers and dealers, futures commission merchants, and introducing brokers must comply with the provisions of section 5318(i) relating to due diligence and enhanced due diligence for ``private banking accounts,'' but they are exempted from provisions related to correspondent accounts. The reason for this distinction is a practical one-the Act does not define a ``correspondent account'' for financial institutions other than banks, and Treasury needs time to consider whether the definition in the proposed rule is appropriate. In contrast, the definition of a private banking account in section 5318(i) is not limited to banks and is both applicable and commonly understood with the securities and futures industries. Moreover, to the extent these financial institutions offer this type of account, the risks of money laundering are similar to the risks posed by banks offering such accounts. As a result, they will be required to comply with the provisions of section 5318(i) regarding private banking accounts pending Treasury's issuance of a final rule, consistent with the guidance set forth below. --------------------------------------------------------------------------- \4\ ``Introducing brokers'' refers to those registered, or required to register, with the Commodity Futures Trading Commission. --------------------------------------------------------------------------- In summary:Banks must comply with section 5318(i) pending Treasury's issuance of a final rule. For the purposes of this interim final rule, these include: An insured bank (as defined in section 3(h) of the Federal Deposit Insurance Act (12 U.S.C. 1813(h))); \5\ a commercial bank; an agency or branch of a foreign bank in the United States; a federally insured credit union; a thrift institution; and a corporation acting under section 25A of the Federal Reserve Act (12 U.S.C. 611 et seq.).\6\ --------------------------------------------------------------------------- \5\ This group of covered entities was drawn from the list of ``covered financial institutions'' in the proposed rule. Treasury is evaluating whether to add uninsured national trust banks to this list at the final rule stage as these entities are currently required to have anti-money laundering programs. See 12 CFR 21.21. Treasury also will consider whether non-federally regulated, state chartered, uninsured trust companies and trust banks, and non- federally insured credit unions should be added to the list to the extent that they maintain correspondent or private banking accounts for non-U.S. persons. \6\ For purposes of complying with section 5318(i) pending Treasury's issuance of a final rule, foreign branches of insured banks are deemed to be foreign banks rather than covered financial institutions. --------------------------------------------------------------------------- Securities brokers and dealers registered, or required to register, with the Securities and Exchange Commission (SEC), and futures commission merchants and introducing brokers registered, or required to register, with the Commodity Futures Trading Commission (CFTC) must comply with provisions relating to private banking accounts, but their compliance with the remaining provisions of section 5318(i) is deferred. Financial institutions subject to deferment of all obligations under section 5318(i) include: Casinos; money services businesses; mutual funds; operators of credit card systems; and all remaining financial institutions defined in the BSA that are not banks, securities brokers and dealers, futures commission merchants, or introducing brokers.\7\ --------------------------------------------------------------------------- \7\ The remaining financial institutions include: dealers in precious metals, stones, or jewels; pawnbrokers; loan or finance companies; private bankers; trust companies; state chartered credit unions that are not federally regulated; insurance companies; travel agencies; telegraph companies; sellers of vehicles, including automobiles, airplanes, and boats; persons engaged in real estate closings and settlements; investment companies; commodity pool operators; and commodity trading advisors. --------------------------------------------------------------------------- [[Page 48350]] II. Compliance Obligations Pending Publication of the Final Rule Under the Act, Treasury is authorized to interpret and administer section 312. This interim final rule provides guidance to those financial institutions for which the application of section 5318(i) has not been deferred. Pending issuance of a final rule, Treasury expects compliance with section 5318(i) as set forth below. Treasury does not expect compliance with the terms and conditions of the proposed rule except to the extent they coincide with the express requirements of the statute. However, the interim compliance measures set forth in this guidance should not be construed as an indication of the obligations that will be imposed by the final rule. 1. Due Diligence for Correspondent Accounts--Banks Only With respect to correspondent accounts, section 5318(i)(1) requires U.S. financial institutions to establish due diligence policies, procedures, and controls reasonably designed to detect and report money laundering through correspondent accounts established, maintained, administered, or managed in the United States for a foreign financial institution. In the interim period before the issuance of a final rule, a due diligence program under section 5318(i)(1) will be reasonable in Treasury's view if it focuses compliance efforts on the correspondent accounts that pose a high risk of money laundering based on an overall assessment of the money laundering risks posed by the foreign correspondent institution. It is the expectation of Treasury that a bank will accord priority to conducting due diligence on high-risk foreign banks for which it maintains correspondent deposit accounts or their equivalents, and will focus foremost on correspondent accounts used to provide services to third parties. Treasury also expects banks to give priority to conducting due diligence on high-risk correspondent accounts maintained for foreign financial institutions other than foreign banks, such as money transmitters. In all cases, Treasury expects that a bank will accord priority in applying due diligence to accounts opened on or after July 23, 2002. Treasury acknowledges that, as a practical matter, banks will be unable to craft and implement final comprehensive due diligence policies and procedures pursuant to the dictates of section 5318(i)(1) until Treasury issues a final rule. However, in the interim, a reasonable due diligence policy, in Treasury's view, is one that comports with existing best practices standards for banks that maintain correspondent accounts for foreign banks,\8\ and evidences good faith efforts to incorporate due diligence procedures for correspondent accounts maintained for foreign financial institutions posing an increased risk of money laundering. --------------------------------------------------------------------------- \8\ See, e.g., New York Clearing House Association, L.L.C., ``Guidelines for Counter Money Laundering Policies and Procedures in Correspondent Banking,'' (March 2002) at www.nych.org; Basel Committee on Banking Supervision, ``Customer Due Diligence for Banks'' (October 2001) at www.bis.org. A due diligence program that does not adopt all of the best practices and standards described in industry and other available guidance also could be considered reasonable if there is a justifiable basis for not adopting a particular best practice or standard, based on the particular type of accounts held by the institution. --------------------------------------------------------------------------- 2. Enhanced Due Diligence for High Risk Foreign Banks--Banks Only Section 5318(i)(2) requires U.S. financial institutions to establish enhanced due diligence policies and procedures applicable when opening or maintaining a correspondent account in the United States for certain foreign banks designated as high risk. Sections 5318(i)(2)(B)(i) through (iii) further specify requirements that must be incorporated into a financial institution's enhanced due diligence policies and procedures. An enhanced due diligence program will be reasonable under section 5318(i)(2)(B), in Treasury's view, if first, it comports with existing best practice standards for banks that maintain correspondent accounts for foreign banks.\9\ Second, the program must also focus enhanced due diligence measures on those correspondent accounts that are maintained by a foreign correspondent bank deemed high risk by section 5318(i)(2)(A) posing a particularly high risk of money laundering based on the bank's overall assessment of the risk posed by the foreign correspondent bank. As with the previous provision, it is the expectation of Treasury that a bank will accord priority in applying enhanced due diligence to accounts opened on or after July 23, 2002. --------------------------------------------------------------------------- \9\ See supra note 7. --------------------------------------------------------------------------- Within these priorities, as required by the statute, banks must take reasonable steps to comply with directives described in sections 5318(i)(2)(B)(i) through (iii). For purposes of section 5318(i)(2)(B)(i), an owner is deemed to be any person who directly or indirectly owns, controls, or has voting power over 5 percent or more of any class of securities of a foreign bank, the shares of which are not publicly traded. 3. Due Diligence for Private Banking Accounts--Banks, Securities Brokers and Dealers, Futures Commission Merchants, and Introducing Brokers Sections 5318(i)(1) and (3) set forth due diligence requirements for U.S. financial institutions that maintain private banking accounts in the United States for non-U.S. persons.\10\ Under the Act, a private banking account is an account (or any combination of accounts) that requires minimum aggregate deposits of at least $1 million, that is established for one or more individuals, and that is assigned to or administered or managed by, in whole or in part, an officer, employee, or agent of a financial institution acting as liaison between the financial institution and the direct or beneficial owner of the account. Section 5318(i)(3)(A) requires financial institutions, as needed to guard against money laundering, to take reasonable steps to ascertain the identity of the nominal and beneficial owners of, and the source of funds deposited into, the account. Additionally, the statute requires enhanced scrutiny of private banking accounts maintained by or on behalf of senior foreign political figures, an immediate family member, or close associate, to guard against laundering the proceeds of foreign corruption. --------------------------------------------------------------------------- \10\ For purposes of this interim final rule, a non-U.S. person means an individual who is neither a United States citizen nor a lawful permanent resident as defined in 26 U.S.C. 7701(b)(6). --------------------------------------------------------------------------- As with the requirements for correspondent accounts, a private banking due diligence program under sections 5318(i)(1) and (3) must be reasonably designed to detect and report money laundering and the existence of the proceeds of foreign corruption. Treasury believes that a due diligence private banking program would be reasonable, pending adoption of final regulations to implement section 5318(i), if the program is focused on those private banking accounts that present a high risk of money laundering. A program that is consistent with applicable government guidance on private banking accounts, such as the guidance on sound practices for private banking issued by the Federal Reserve (SR 97-19 (SUP) ``Private Banking Activities'' (June 30, 1997) at www.federalreserve.gov) and the guidance on enhanced scrutiny for transactions that may involve the proceeds of foreign corruption issued jointly by Treasury, the bank regulators, and the State Department in January 2001 (at http://www.treas.gov/press/releases/docs/guidance.htm) would be reasonable, so long as it incorporates the [[Page 48351]] requirements of section 5318(i)(3).\11\ Treasury expects that an institution will accord priority in applying enhanced due diligence to accounts opened on or after July 23, 2002. --------------------------------------------------------------------------- \11\ See also, Wolfsberg Group, ``Global Anti-Money-Laundering Guidelines for Private Banking: Wolfsberg AML Principles'' (1st Revision May 2002) at www.wolfsberg-principles.com. A program that does not follow all of the best practices outlined in this government guidance would be reasonable if there is a justifiable basis, based on the particular circumstances of the institution involved, for not following these practices. --------------------------------------------------------------------------- III. Analysis of the Interim Final Rule A. Banks, Savings Associations, and Credit Unions--Section 103.181 The following financial institutions are not subject to the deferral contained in this interim final rule and must take steps, in light of the guidance provided above, to comply with the requirements of section 5318(i) pending issuance of a final implementing regulation: An insured bank (as defined in section 3(h) of the Federal Deposit Insurance Act (12 U.S.C. 1813(h))); a commercial bank; an agency or branch of a foreign bank in the United States; a federally insured credit union; a thrift institution; and a corporation acting under section 25A of the Federal Reserve Act (12 U.S.C. 611 et seq.). B. Securities Brokers and Dealers, Futures Commission Merchants, and Introducing Brokers--Section 103.182 Securities brokers and dealers registered, or required to register, with the SEC, and futures commission merchants and introducing brokers registered, or required to register, with the CFTC under the Commodity Exchange Act (7 U.S.C. 1 et seq.) are subject to the requirements of section 5318(i) relating to due diligence and enhanced due diligence relating to private banking accounts. They must take steps, in light of the guidance provided above, to comply with the requirements of section 5318(i) relating to private banking accounts pending issuance of a final implementing regulation. Treasury and FinCEN are exercising the authority under BSA section 5318(a)(6) to temporarily defer the application of all other requirements contained in section 5318(i) for securities brokers and dealers, futures commission merchants, and introducing brokers. C. All Other BSA Financial Institutions--Section 103.183 Treasury and FinCEN are exercising the authority under BSA section 5318(a)(6) to temporarily defer the application of all requirements contained in section 5318(i) for all other financial institutions. This temporary deferment applies to casinos; money services businesses; mutual funds; operators of credit card systems; dealers in precious metals, stones, or jewels; pawnbrokers; loan or finance companies; private bankers; \12\ trust companies; state chartered credit unions that are not federally insured; insurance companies; travel agencies; telegraph companies; sellers of vehicles, including automobiles, airplanes, and boats; persons engaged in real estate closings and settlements; investment companies; commodity pool operators; and commodity trading advisors. --------------------------------------------------------------------------- \12\ A private banker under the BSA refers to state chartered banking entities that are not organized as a corporation. Generally, such entities are organized as partnerships. A private banker does not refer to those who offer private banking accounts. --------------------------------------------------------------------------- This temporary deferral does not in any way relieve any financial institution from compliance with the existing anti-money laundering and anti-terrorism requirements imposed by law, regulation, or rule of a self-regulatory organization. Quite to the contrary, the obligations contemplated by section 312 will serve to augment and improve the existing anti-money laundering activities of financial institutions. To that end, Treasury and FinCEN expect financial institutions proposed to be subject to the regulation implementing section 312 to begin immediately the process of evaluating their due diligence procedures when correspondent accounts or private banking accounts are opened or maintained on behalf of non-U.S. persons. IV. Administrative Procedure Act The provisions of 31 U.S.C. 5318(i), requiring due diligence programs for certain foreign accounts, become effective July 23, 2002. This interim rule exempts certain financial institutions from these requirements and provides interim compliance guidance for those financial institutions not exempted. Accordingly, good cause is found to dispense with notice and public procedure as unnecessary and contrary to the public interest, pursuant to 5 U.S.C. 553(b)(B), and to make the provisions of the interim rule effective in less than 30 days pursuant to 5 U.S.C. 553(d)(1) and (3). V. Regulatory Flexibility Act Because no notice of proposed rulemaking is required for this interim final rule, the provisions of the Regulatory Flexibility Act (5 U.S.C. 601 et seq.) do not apply. VI. Executive Order 12866 This interim final rule is not a ``significant regulatory action'' as defined in Executive Order 12866. Accordingly, a regulatory assessment is not required. List of Subjects in 31 CFR Part 103 Banks, Banking, Brokers, Counter money laundering, Counter- terrorism, Currency, Foreign banking, Reporting and recordkeeping requirements. Authority and Issuance For the reasons set forth in the preamble, 31 CFR part 103 is amended as follows: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for part 103 is revised to read as follows: Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5332; title III, secs. 312, 314, 352, Pub. L. 107-56, 115 Stat. 307. 2. Add new undesignated centerheading ``Anti-Money Laundering Programs'' to subpart I immediately before Sec. 103.120. 3. Add new undesignated centerheading and Secs. 103.181 through 103.183 to subpart I to read as follows: Special Due Diligence for Correspondent Accounts and Private Banking Accounts Sec. 103.181 Special due diligence programs for banks, savings associations, and credit unions. 103.182 Special due diligence programs for securities brokers and dealers, futures commission merchants, and introducing brokers. 103.183 Deferred due diligence programs for other financial institutions. Special Due Diligence for Correspondent Accounts and Private Banking Accounts Sec. 103.181 Special due diligence programs for banks, savings associations, and credit unions. The requirements of 31 U.S.C. 5318(i) shall apply, effective July 23, 2002, to a financial institution that is: (a) An insured bank (as defined in section 3(h) of the Federal Deposit Insurance Act (12 U.S.C. 1813(h))); (b) A commercial bank; (c) An agency or branch of a foreign bank in the United States; (d) A federally insured credit union; (e) A thrift institution; or (f) A corporation acting under section 25A of the Federal Reserve Act (12 U.S.C. 611 et seq.). [[Page 48352]] Sec. 103.182 Special due diligence programs for securities brokers and dealers, futures commission merchants, and introducing brokers. (a) Private banking accounts. The requirements of 31 U.S.C. 5318(i) relating to due diligence and enhanced due diligence for private banking accounts shall apply, effective July 23, 2002, to a financial institution that is: (1) A broker or dealer registered, or required to register, with the Securities and Exchange Commission under the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.); or (2) A futures commission merchant or introducing broker registered, or required to register, with the Commodity Futures Trading Commission under the Commodity Exchange Act (7 U.S.C. 1 et seq.). (b) Correspondent accounts. A financial institution described in paragraph (a) of this section is exempt from the requirements of 31 U.S.C. 5318(i) relating to due diligence and enhanced due diligence for certain correspondent accounts. (c) Other compliance obligations of financial institutions unaffected. Nothing in this section shall be construed to relieve a financial institution from its responsibility to comply with any other applicable requirement of law or regulation, including title 31 of the United States Code and this part. Sec. 103.183 Deferred due diligence programs for other financial institutions. (a) Exempt financial institutions. Except as provided in Sec. 103.181 and Sec. 103.182, a financial institution defined in 31 U.S.C. 5312(a)(2) and (c)(1) or Sec. 103.11(n) is exempt from the requirements of 31 U.S.C. 5318(i). (b) Other compliance obligations of financial institutions unaffected. Nothing in this section shall be construed to relieve a financial institution from its responsibility to comply with any other applicable requirement of law or regulation, including title 31 of the United States Code and this part. Dated: July 19, 2002. James F. Sloan, Director, Financial Crimes Enforcement Network. [FR Doc. 02-19743 Filed 7-22-02; 8:45 am] BILLING CODE 4810-02-P