To view or print PDF content, download the free Adobe Acrobat Reader.
PREPARED REMARKS OF JAMES H. FREIS, JR.
DIRECTOR, FINANCIAL CRIMES ENFORCEMENT NETWORK
SIFMA ANTI-MONEY LAUNDERING COMPLIANCE CONFERENCE 2008
NEW YORK, NY
MARCH 5, 2008
Good morning. I am delighted to be here this morning to help kick-off SIFMA's Anti-Money Laundering Compliance Conference for 2008. I would like to thank Alan Sorcher of SIFMA, who has been a leader on AML issues for broker-dealers since we commenced with the USA PATRIOT Act rulemakings. I am delighted to be a part of today's conference and to be speaking among the dynamic cadre of speakers you will be hearing from today.
I'd like to focus my remarks today on the critical role of broker-dealers within our Bank Secrecy Act regulatory regime and the importance of a risk-based approach in AML compliance. I'd also like to discuss more specifically FinCEN's ongoing efforts to provide guidance to the broker-dealer industry, such as the no-action position that FinCEN just issued for the broker-dealers operating under fully-disclosed clearing arrangements, FinCEN's ongoing feedback initiatives, and how the data that you provide as you comply with BSA regulations is used.
The Role of Broker-Dealers
With the passage of the USA PATRIOT Act, Congress asked us to bring broker-dealers, mutual funds, futures commission merchants, and other like entities more broadly under BSA regulations - implementing anti-money laundering program requirements, customer identification program requirements, suspicious activity reporting requirements, and due diligence program requirements for foreign correspondent and private banking accounts.
But broker-dealers have a long history with respect to BSA compliance. Since the 1970s, broker-dealers have been increasingly required to comply with the BSA, starting with the filing of Currency Transaction Reports (CTRs), then recordkeeping, then travel rule requirements. As a matter of best practice, many firms had already concluded that they were vulnerable to abuse by financial criminals, and had established policies, procedures, and controls to protect themselves from inadvertently being drawn into facilitating money laundering.
The AML regulatory regime we have been implementing since 2001 is meant to build upon those early efforts. Critically, so as not to impose unnecessary regulatory costs upon the institutions that are subject to it, the AML regulatory regime is meant in large measure to build upon regulatory obligations that were in place long before the USA PATRIOT Act was conceived.
Take, for example, our customer identification program requirements, broader AML and section 312 due diligence obligations, and suspicious activity reporting. These are not and should not be foreign to broker-dealers. The core information broker-dealers are required to gather from new customers under our CIP rule has long been required for tax reporting purposes. In the world of corporate finance, investment bankers conduct due diligence in the name of transparency. Broker-dealers long have been obligated to know their customers under New York Stock Exchange rules, and have long been required to make suitable recommendations to their customers under NASD rules, which have been incorporated into FINRA rules. To me personally, there are fundamental similarities between "Knowing Your Customer" for AML purposes and understanding your customer's needs and constraints for making suitability determinations - the importance of the latter process was a large part of the investment advisory training I completed in becoming a Chartered Financial Analyst (CFA) charterholder.
I recognize that a primary traditional focus of the securities laws has been on investor protection, which is certainly different from AML/CFT rules designed to protect financial institutions (and their customers) from the abuse of financial crime. Banks, for example, have a lot of experience in collecting information about customers on the asset side of the balance sheet in order to manage credit risk. However, I hope they can leverage some of that expertise to the liability side of the balance sheet where they don't have the same natural commercial incentives, as well as in providing other services, such as in the correspondent banking business. For broker-dealers, because of their generations of experience covering regulatory exposure - from financial disclosure, to suitability, to disclosing research conflicts, to supervising the sales practices of a registered rep - determining how best to comply with AML purposes may in many cases come more naturally.
Turning back now to those broker-dealers who were managing and mitigating all of these risks in the pre-PATRIOT Act era. As they understood then, and we increasingly have understood since, broker-dealers are critical to anti-money laundering efforts. Put simply, broker-dealers are critical because they effectively operate as the banks of the securities markets, with their own inter-dealer clearance and settlement system.
Broker-dealers may see every stage of money laundering. For example, although many firms do not accept cash, broker-dealers are a placement point particularly for bearer certificates. Securities may be purchased and sold and funds and assets moved from brokerage firm to brokerage firm as financial criminals "layer" illicit proceeds away from their source. And broker-dealers may be called upon at the integration stage of money laundering, when financial criminals have successfully washed their illicit proceeds and are looking to assimilate them into the legitimate economy.
Every securities market participant - from retail customers, institutional investors, and market professionals such as investment advisers to corporations and governments - needs broker-dealers directly or indirectly to move funds and assets into and out of the domestic markets and cross-border. Because they operate as a gateway institution to not only the domestic securities markets, but also the global financial markets, broker-dealers often are in a position to see more as they assist customers and clients with asset management, custody, capital-raising, and with the movement of funds and securities domestically and internationally.
The Risk-Based Approach
FinCEN has long recognized that not all financial institutions are subject to the same risk. This is certainly not a new revelation. As you know, we are committed to a risk-based approach to effectively and efficiently implement BSA requirements in the broker-dealer industry and across all of the diverse industries we regulate. We approach industry regulation on a risk-assessed basis, and we expect industry to implement their anti-money laundering programs on a risk-assessed basis.
AML programs notably require the development and implementation of policies, procedures, and controls that are reasonably designed to protect against the use of the financial institution for financial crime and terrorist financing, and that are reasonably designed to comply with BSA obligations. These policies, procedures, and controls should be based on an identification and assessment of the risks associated with the unique products and services offered and the customers and geographic locations served by each institution subject to our rules.
The reasons for this are simple. We recognize that financial crime is insidious, and that there are finite compliance resources to devote to the problem. To be effective and efficient, these finite resources should be focused first and foremost on the greatest risks. Accordingly, our rules recognize that one size does not fit all. We do not expect, for example, that firms will implement policies, procedures, and controls that address business lines in which a firm is not engaged or client bases the firm doesn't handle. Rather, based upon a risk assessment, a firm should focus its AML program, and thus its finite AML compliance resources, most significantly on the areas of greatest risk.
Through the effectiveness and efficiency initiative that U.S. Treasury Department Secretary Henry Paulson and I announced this past year, we continue to emphasize the risk-based nature of our AML program requirements. Early in my tenure at FinCEN, we made a significant effort to ensure that we articulated our risk-based approach to our final rule implementing the enhanced due diligence provisions of section 312.
We notched down the enhanced scrutiny provisions in the rule proposals to ensure that financial institutions and their examiners understood that we do not expect a broker-dealer to audit the AML programs of the foreign banks for which they maintain accounts. We also emphasized that a broker-dealer has significant discretion in how to craft their enhanced due diligence procedures to suit their particular lines of business.
We also took care to note that all foreign banks covered by the enhanced due diligence rule do not pose the same levels of risk. If you take a look at the guidance we published with the final rule, you will note that we took care to emphasize that the presumption that these banks are high risk can be mitigated through solid due diligence, so that only those institutions with the highest risks are afforded the highest level of scrutiny. These are principles that apply across the spectrum of our rules, and should be applied across the spectrum of your AML efforts.
We are also working closely with all of our partners in the regulatory community to ensure a consistent, risk-based examination approach to Bank Secrecy Act compliance requirements. One prime example is the excellent collaboration among FinCEN and the Federal banking agencies on the development of the FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual, which emphasizes that a bank's anti-money laundering program, and the examination of it, will vary depending on the bank's size, complexity, scope of activities, risk profile, quality of control functions, geographic diversity, and use of technology. This Manual is an excellent resource for anyone implementing or examining a risk-based AML program for a banking institution in particular, and other institutions to the extent they offer the same or similar types of products and services.
We have also been reaching out to study how different regulatory agencies are approaching risk scoping. We have had several meetings with the federal banking agencies to better understand how they go about identifying risks through the scoping process and directing their examination resources appropriately. We have also discussed the issue with several State banking departments and will be following up with more in-depth meetings.
The public policy choice requiring government and private industry to work together to fight money laundering, terrorist financing and other illicit activity is not unique to the United States, but rather represents a global consensus. So, we are also looking internationally to see how our foreign counterparts approach the same challenges. Recently, we've had very fruitful discussions with our counterpart financial intelligence units and AML/CFT regulators, for example, to learn how there is a focus on risks in Canada and the United Kingdom. You will also learn more about the U.K.'s risk-based approach to AML efforts later today when you hear from Philip Robinson, Director of the Financial Services Authority.
We appreciate that this seems like a lot of emphasis on the banking industry. At the outset, we're working hard to reiterate the importance of effective risk assessment in the banking community, but we will want to replicate our efforts in other industries as well. We will be working with the SEC and - for those of you who are dually registered, with the CFTC - to implement programs to ensure that our risk-based rules are subject to risk-based examinations. As we do this, it is important that we ask ourselves: How well are we doing in identifying risks through the examination process and focusing both government and industry resources on those areas where the risk is greatest? As with all of our programs, industry input will be critical.
Guidance to the Broker-Dealer Industry
The breadth of the industries we regulate poses many challenges for us as we try to understand various aspects within each industry. Post-PATRIOT Act, applying what originally had been conceived as a bank regulatory scheme to non-banks was a challenge. Early on, we recognized that there are important differences between the operation of banks and the operations of broker-dealers, for example, and worked hard to accommodate those differences: Differences in terms of corporate structure, differences of size and capitalization, differences of the number of players that may be involved in a transaction chain. Simply put, in the banking world, significant transactions often occur entirely within the four corners of a bank. In the securities industry, there may be multiple intermediaries involved in a transaction that is executed in multiple markets.
While we initially focused on those differences, we now are looking at commonalities, in an effort to ensure that the BSA is being applied as consistently as possible across all of the industries we regulate. We have spent the past couple of years studying how we apply AML regulation to the different principal-agent relationships in the industries we regulate, and using those relationships as a point of harmonization, particularly selling relationships in the money services business industry, in insurance, in futures, and clearing relationships in banking and brokerage. This is especially important as financial industry operations and financial products converge.
If we want to ensure that the BSA is applied effectively, efficiently, and consistently across all of the industries we regulate, the only way that we can do it is by involving the industry itself. And it was through engagement with SIFMA's AML and Clearing Committees in the past few years - particularly feedback on how the application of certain rules did not always effectively and efficiently match industry operations - that led to the publication over the past few years of guidance tailored to this industry, including the CIP no-action position we issued yesterday respecting fully disclosed clearing arrangements, which I will discuss more specifically in a moment.
Over the past couple of years, because of this valuable industry feedback, we have issued guidance on numerous topics designed to harmonize our approach to regulation in this industry, such as with CIP guidance on agency lending and omnibus accounts, and guidance on the application of our correspondent account and private banking account rules to broker-dealer operations. For broker-dealers that are dually registered as futures commission merchants, we published guidance on futures give-up agreements in 2006 and 2007. And for those of you who may be engaged in foreign exchange prime brokerage, we issued guidance recently that clarified that executing dealers don't have obligations under our 312 rules respecting a prime broker's customer.
Most recently, we published yesterday a no-action position respecting the CIP obligations of introducing firms and clearing firms operating in fully disclosed clearing relationships. This no-action position has been developed with BSA effectiveness and efficiency in mind. It allocates CIP responsibilities consistently with the way operational and regulatory responsibilities are allocated in a fully disclosed clearing agreement between an introducing and a clearing firm.
This no-action position benefits both clearing and introducing firms. We have recognized that the biggest issues we have with respect to AML programs are the tensions that are created when the AML programs of two different broker-dealer firms have been expected to intersect. The allocation of account-based AML obligations to the firm with front-end customer responsibilities removes the costs associated with CIP reliance agreements, particularly the annual certifications by an introducing firm to a clearing firm. This also should eliminate some of the conflicts that may exist when a clearing firm requires certain information that introducing firms are not collecting under their own AML programs. The result should be freed up personnel and compliance dollars for the most critical AML tasks - particularly detecting and reporting suspicious activity and training appropriate personnel with respect to AML vulnerabilities.
The no-action position also is consistent with guidance we previously have issued to banks, in which we stated that we do not expect banks to function as the de facto regulators of MSBs, or any other financial institution to which they may provide services, for that matter. Similarly, while we do recognize that clearing brokers often play important roles as service providers to introducing firms, and have made accommodations for that in our rule makings, we effectively have clarified that we do not expect that clearing brokers will operate as de facto regulators of introducing firms, or vice versa.
In providing this no-action position, as with all of the guidance FinCEN issues, FinCEN is not proposing any new requirements on any financial institution. Rather, we are clarifying the application of the rules so that they are applied efficiently, effectively, and on a risk-focused basis. We will continue to take this more proactive approach to the development of guidance based upon the valuable input we are receiving from industry.
FinCEN also recognizes the importance of a continuing dialogue with each of the industries we regulate. Effective feedback mechanisms are iterative, and the financial community is a vital spoke in our efforts, particularly as it relates to the BSA guidance we develop to assist in your compliance efforts.
Speaking generally on FinCEN's feedback efforts, the majority of our guidance and administrative rulings are developed based upon our review of the questions we receive from the financial industry on our Regulatory Helpline and in writing. FinCEN's regulatory specialists review inquiries from financial institutions to proactively identify if we are seeing an increase in questions on a particular issue, helping us to determine where additional guidance or clarification might be needed. As a reminder, if you need assistance with a BSA regulatory question, FinCEN staff are available through our toll-free regulatory helpline number, also on our website under "Contact FinCEN," at (800) 949-2732.
In addition to formulating guidance based on your inquiries, other guidance is developed through our own analysis. In October of last year, for example, FinCEN released a reference document entitled, "Suggestions for Addressing Common Errors Noted in SARs," which is a compilation of useful information that FinCEN discovered through its own analysis of SARs. The document, informative to all financial institutions that are required to file SARS, discusses the common errors seen in reporting. It also provides tips for avoiding common mistakes and suggestions for establishing more efficient and effective anti-money laundering programs.
Finally, the Bank Secrecy Act Advisory Group (BSAAG), FinCEN's own statutorily created forum where we have frank discussion among representatives of law enforcement, regulators and all sectors of the financial service industry, is another helpful forum where we receive input on some of our clarifying guidance. SIFMA has been a very active BSAAG member, and has co-chaired the securities and futures subcommittee since inception and actively participates on other subcommittees. Individual firms, the SEC, and FINRA also have seats.
Value of BSA Data
Finally with respect to feedback, a few words about the value of the data that you provide, as part of your AML compliance requirements, to our mission. We understand that many in the financial industry have raised concerns about FinCEN balancing the value of the information we receive with the effort it takes for institutions to collect it.
The information that you provide not only gives law enforcement, regulatory and intelligence agencies indicia of illicit activity, but also provides data for identifying and tracking suspects, for identifying patterns, trends, vulnerabilities and compliance-related deficiencies, and for focusing law enforcement resources.
Law enforcement, again and again, confirms the reliability of the information in BSA reports which is a direct reflection of the diligence and training within institutions such as yours. Additionally, the data is increasingly being disseminated by us statistically and in case studies, through the SAR Activity Review and through special reports, such as our mortgage fraud and shell company reports.
Again, as part of this feedback cycle, your role in helping us refine our feedback products is crucial. If there is an area where additional clarity is needed, please let us know. Similarly, if you find a specific piece of guidance is particularly useful, we hope you would pass this feedback on to us as well.
As I emphasized at the beginning of my speech today, my personal view is that success in our AML/CFT efforts requires the strong partnership that Congress mandated under the BSA. Providing feedback is good government. It is also essential to our risk-based approach. Both the financial industry and the government have limited resources to devote to detecting and preventing illicit financial activity. As such, we need to work together to ensure these resources are directed where they will be most productive for AML/CFT purposes.
Additionally, by providing feedback about emerging risks and criminal typologies, and about how law enforcement uses the reports you file and what they are looking for, it helps you provide the information the government needs most. This in turn helps protect your financial institutions and your customers from criminal actors and perpetrators of fraud who may try to abuse them.
I'd like to expand on this last point about our common interest by reiterating a statement made by Secretary Paulson in a speech last year before the Council on Foreign Relations; "My strong view, based on personal experience, is that the major financial institutions, and the individuals who run them, care deeply about the integrity of the financial system and the reputations of the institutions they run. They genuinely want to be good corporate citizens and want nothing to do with illegal behavior."
Thank you again for partnering with us and for all the work that you do on the frontlines to protect the financial system from abuse, thereby helping to ensure that the U.S. financial system remains safe, sound and secure. Your efforts do not go unnoticed. You have my commitment that we will work equally as hard to understand the unique issues facing the securities and futures industries in complying with the goals of the Bank Secrecy Act, and to continue providing you with meaningful guidance and feedback to further the goal of detecting and disrupting illicit money flows.