This web page can be viewed better with javascript enabled.
www.fincen.gov header image

To download Adobe Acrobat Reader, download PowerPoint Viewer or download Excel Viewer, please visit Accessibility page.

To view or print PDF content, download the free Adobe Acrobat Reader.

Download PDF Version PDF     Print this page Print


Financial Crimes Enforcement Network
Board of Governors of the Federal Reserve System
Federal Deposit Insurance Corporation
National Credit Union Administration
Office of the Comptroller of the Currency
Office of Thrift Supervision

April 26, 2005

Advisory

Interagency Interpretive Guidance on Providing Banking Services to Money Services Businesses Operating in the United States

The Financial Crimes Enforcement Network (“FinCEN”), along with the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision (collectively, the “Federal Banking Agencies”), issue this interpretive guidance to clarify further the requirements of the Bank Secrecy Act and its implementing regulations (including the parallel provisions issued by the Federal Banking Agencies) for banking organizations when providing banking services to money services businesses operating in the United States.

As a follow-up to the joint statement issued on March 30, 2005, this guidance sets forth the minimum steps that banking organizations should take when providing banking services to money services businesses. Additionally, this guidance provides assistance to banking organizations in assessing and minimizing the risk of money laundering posed by individual money services business customers. While banking organizations are expected to manage risk associated with all accounts, including money services business accounts, banking organizations will not be held responsible for their customers’ compliance with the Bank Secrecy Act and other applicable federal and state laws and regulations.

By clarifying our expectations, FinCEN and the Federal Banking Agencies are confirming that banking organizations have the flexibility to provide services to a wide range of money services businesses while remaining in compliance with the Bank Secrecy Act. This guidance will be reflected in the forthcoming interagency Bank Secrecy Act/Anti-Money Laundering examination procedures.

Concurrent with this document, FinCEN is also issuing guidance to money services businesses to emphasize their Bank Secrecy Act regulatory obligations and to notify them of the type of information that they may be expected to produce to a banking organization in the course of opening or maintaining an account relationship. Through regular supervisory processes and through dissemination of additional information, FinCEN and the Federal Banking Agencies will continue to provide guidance to assist banking organizations on issues related to money services businesses, such as providing indicators to banking organizations that would help in identifying entities that may be operating as money services businesses when those entities have not disclosed the nature of their business to the banking organizations and guidance on appropriate due diligence when maintaining accounts for foreign providers of money services.

Background

Under existing Bank Secrecy Act regulations, FinCEN has defined money services businesses to include five distinct types of financial services providers and the U.S. Postal Service: (1) currency dealers or exchangers; (2) check cashers; (3) issuers of traveler’s checks, money orders, or stored value; (4) sellers or redeemers of traveler's checks, money orders, or stored value; and (5) money transmitters. There is a threshold requirement for businesses in the first four categories – a business that engages in such transactions will not be considered a money services business if it does not engage in such transactions in an amount greater that $1,000 for any person on any day in one or more transactions. See 31 CFR 103.11(uu).

With limited exceptions, money services businesses are subject to the full range of Bank Secrecy Act regulatory controls, including the anti-money laundering program rule, suspicious activity and currency transaction reporting rules, and various other identification and recordkeeping rules.1 Additionally, existing FinCEN regulations require certain money services business principals to register with FinCEN.2 Many money services businesses, including the vast majority of money transmitters in the United States, operate through a system of agents. While agents are not presently required to register with FinCEN, they are themselves money services businesses that are required to establish anti-money laundering programs and comply with the other recordkeeping and reporting requirements described above. Finally, many states have established anti-money laundering supervisory requirements, often including the requirement that a money services business be licensed with the state in which it is incorporated or does business.

The money services business industry is extremely diverse, ranging from Fortune 500 companies with numerous outlets worldwide to small, independent “mom and pop” convenience stores in communities with population concentrations that do not necessarily have access to traditional banking services or in areas where English is rarely spoken.

The range of products and services offered, and the customer bases served by money services businesses, are equally diverse. In fact, while they all fall under the definition of a money services business, the types of businesses are quite distinct. In addition, many money services businesses only offer money services as an ancillary component to their primary business, such as a convenience store that cashes checks or a hotel that provides currency exchange. Other money services businesses offer a variety of services, such as check cashing and stored value card sales.

I. Minimum Bank Secrecy Act Due Diligence Expectations

FinCEN and the Federal Banking Agencies expect banking organizations that open and maintain accounts for money services businesses to apply the requirements of the Bank Secrecy Act, as they do with all accountholders, on a risk-assessed basis. As with any category of accountholder, there will be money services businesses that pose little risk of money laundering and those that pose a significant risk. It is essential that banking organizations neither define nor treat all money services businesses as posing the same level of risk. Put simply, a local grocer that also cashes payroll checks for customers purchasing groceries cannot be equated with a money transmitter specializing in cross-border wire transfers to jurisdictions posing heightened risk for money laundering or the financing of terrorism, and therefore the Bank Secrecy Act obligations on a banking organization will differ significantly.3

Registration with FinCEN, if required, and compliance with any state-based licensing requirements represent the most basic of compliance obligations for money services businesses; a money services business operating in contravention of registration or licensing requirements would be violating Federal and possibly state laws.4 As a result, it is reasonable and appropriate for a banking organization to insist that a money services business provide evidence of compliance with such requirements or demonstrate that it is not subject to such requirements.

Based on existing Bank Secrecy Act requirements applicable to banking organizations, the minimum due diligence expectations associated with opening and maintaining accounts for money services businesses are:

The Appendix to this guidance explains FinCEN’s registration and state-based licensing requirements and outlines steps that banking organizations can take to confirm and document the registration, licensing, or agent status of a money services business.

Basic Bank Secrecy Act/Anti-Money Laundering Risk Assessment

While the extent to which banking organizations should perform further due diligence beyond the minimum compliance obligations set forth above will be dictated by the level of risk posed by the individual customer, it is not the case that all money services businesses will always require further due diligence. In some cases, no further customer due diligence will be required. In other situations, the further due diligence required will be extensive. In all cases, the level of due diligence applied will be dictated by the risks associated with the particular customer.

Accordingly, as with any business account, in determining how much, if any, further due diligence would be required for any money services business customer, the banking organization should consider the following basic information:

Types of products and services offered by the money services business

In order to properly assess risks, banking organizations should know the categories of money services engaged in by the particular money services business accountholder. In addition, banking organizations should determine whether the money services business is a “principal” (with a fleet of agents) or is itself an agent of another money services business. Other relevant considerations include whether or not the money services business is a new or established operation, and whether or not money services are the customer’s primary or ancillary business (such as a grocery store that derives a small fraction of its overall revenue from cashing checks).

Location(s) and market(s) served by the money services business

Money laundering risks within a money services business can vary widely depending on the locations, customer bases, and markets served by the money services business. Relevant considerations include whether markets served are domestic or international, or whether services are targeted to local residents or broad markets. For example, a convenience store that only cashes payroll checks generally presents lower money laundering risks than a check casher that cashes any type of third-party check or cashes checks for commercial enterprises (which generally involve larger amounts).

Anticipated account activity

Banking organizations should ascertain the expected services that the money services business will use, such as currency deposits or withdrawals, check deposits, or funds transfers. For example, a money services business may operate out of one location and use one branch of the banking organization, or may have several agents making deposits at multiple branches throughout the banking organization’s network. Banking organizations should also have a sense of expected transaction amounts.

Purpose of the account

Banking organizations should understand the purpose of the account for the money services business. For example, a money transmitter might require the bank account to remit funds to its principal U.S. clearing account or may use the account to remit funds cross-border to foreign-based agents.

Risk Indicators

To further assist banking organizations in determining the level of risk posed by a money services business customer, set forth below are examples that may be indicative of lower and higher risk, respectively. In determining the level of risk, a banking organization should not take any single indicator as determinative of the existence of lower or higher risk. Moreover, the application of these factors is fact-specific, and a conclusion regarding an account should be based on a consideration of available information. An effective risk assessment should be a composite of multiple factors, and depending upon the circumstances, certain factors may be weighed more heavily than others.

Examples of potentially lower risk indicators: The money services business –

Examples of potentially higher risk indicators: The money services business –

II. Due Diligence for Higher Risk Customers

A banking organization’s due diligence should be commensurate with the level of risk of the money services business customer identified through its risk assessment. If a banking organization’s risk assessment indicates potential for a heightened risk of money laundering or terrorist financing, it will be expected to conduct further due diligence in a manner commensurate with the heightened risk. This is no different from requirements applicable to any other business customer and does not mean that a banking organization cannot maintain the account.

Depending on the level of perceived risk, and the size and sophistication of the particular money services business, banking organizations may pursue some or all of the following actions as part of an appropriate due diligence review or risk management assessment of a money services business seeking to establish an account relationship. Likewise, if the banking organization becomes aware of changes in the profile of the money services business to which banking services are being provided, these additional steps may be appropriate. However, it is not the expectation of FinCEN or the Federal Banking Agencies that banking organizations will uniformly require any or all of the actions identified below for all money services business customers:

As with any other accountholder that is subject to anti-money laundering regulatory requirements, the extent to which a banking organization should inquire about the existence and operation of the anti-money laundering program of a particular money services business will be dictated by the banking organization’s assessment of the risks of the particular relationship. Given the diversity of the money services business industry and the risks they face, banking organizations should expect significant differences among anti-money laundering programs of money services businesses. However, FinCEN and the Federal Banking Agencies do not expect banking organizations to act as the de facto regulators of the money services business industry.

III. Identification and Reporting of Suspicious Activity

Existing regulations require banking organizations to identify and report known or suspected violations of law or/and suspicious transactions relevant to possible violations of law or regulation. Risk-based monitoring of accounts maintained for all customers, including money services businesses, is a key element of an effective system to identify and, where appropriate, report violations and suspicious transactions. The level and frequency of such monitoring will depend, among other things, on the risk assessment and the activity in the account.

Based on the banking organization’s assessment of the risks of its particular money services business customers, monitoring should include periodic confirmation that initial projections of account activity have remained reasonably consistent over time. Account activity would typically include deposits or withdrawals of currency, deposits of checks, or funds transfers. The mere existence of variances does not necessarily mean that a problem exists, but may be an indication that additional review is necessary. Furthermore, risk-based monitoring generally does not include “real-time” monitoring of all transactions flowing through the account of a money services business, such as a review of the payee or drawer of every deposited check.

Examples of potential suspicious activity within money services business accounts, generally involving significant unexplained variations in transaction size, nature, or frequency through the account, include:

One recurring question has been the obligation of a banking organization to file a suspicious activity report on a money services business that has failed to register with FinCEN or failed to obtain a license under applicable state law. Given the importance of the licensing and registration requirement, a banking organization should file a suspicious activity report if it becomes aware that a customer is operating in violation of the registration or state licensing requirement.9 This approach is consistent with long standing practices of FinCEN and the Federal Banking Agencies under which banking organizations file suspicious activity reports on known or suspected violations of law or regulation.

Finally, banking organizations are not expected to terminate existing accounts of money services businesses based solely on the discovery that the customer is a money services business that has failed to comply with licensing and registration requirements (although continuing non-compliance by the money services business may be an indicator of heightened risk). There is no requirement in the Bank Secrecy Act regulations that a banking organization must close an account that is the subject of a suspicious activity report. The decision to maintain or close an account should be made by a banking organization’s management under standards and guidelines approved by its board of directors. However, if an account is involved in a suspicious or potentially illegal transaction, the banking organization should examine the status and history of the account thoroughly and should determine whether or not the institution is comfortable maintaining the account. If the banking organization is aware that the reported activity is under investigation, it is strongly recommended that the banking organization notify law enforcement before making any decision regarding the status of the account.

IV. Existing Accounts for Known Money Services Businesses

This guidance is not a directive to banking organizations to conduct immediately a review of existing accounts for known money services businesses for the sole purpose of determining licensing or registration status. However, the guidance does not affect a banking organization’s existing anti-money laundering compliance program obligations to assess risk, including periodic risk assessments of existing money services business accounts to update risk factors such as licensing and registration status.

V. 314(b) Voluntary Information Sharing

Section 314(b) of the USA PATRIOT Act of 2001 allows certain financial institutions, after providing notice to FinCEN, to voluntarily share information with each other for the purpose of identifying and, where appropriate, reporting possible money laundering or terrorist financing under protection of legal safe harbor.10

Banks and money services businesses can utilize Section 314(b) information sharing to work together to identify money laundering and terrorist financing. While participation in the 314(b) information sharing program is voluntary, FinCEN and the Federal Banking Agencies encourage banking organizations and their money services business customers to consider how voluntary information sharing could enable each institution to more effectively discharge its anti-money laundering and suspicious activity monitoring obligation.

Any banking organizations that have questions on this guidance are encouraged to contact FinCEN or their primary federal regulator.


Additional Resources

www.msb.gov – FinCEN website dedicated to money services business regulations and guidance, such as FinCEN rulings and answers to frequently asked questions. This website also contains a list of registered money services businesses.

• Free, easy-to-understand educational materials to help inform money services businesses about their obligations under the Bank Secrecy Act, available at www.msb.gov, including:
• FinCEN Regulatory Helpline – 800-949-2732 – for questions concerning Bank Secrecy Act requirements.

• FinCEN Financial Institutions Hotline – 866-556-3974 – to report suspicious activity that may be related to terrorist financing or ongoing money laundering schemes.

• FinCEN Advisory 33, “Informal Value Transfer Systems” (November 2003) (available on the www.fincen.gov website).

• “Report to Congress in Accordance with Section 359” of the USA PATRIOT Act concerning Informal Value Transfer Systems, March 2003 (available on the www.fincen.gov website).

• Money Transmitter Regulators Association (www.mtraweb.org) - the association of state regulators of the money transmitter industry.

• Board of Governors of the Federal Reserve System (www.federalreserve.gov).

• Federal Deposit Insurance Corporation (www.fdic.gov) and ( www.fdic.gov/regulations/examinations/bsa).

• National Credit Union Administration (www.ncua.gov).

• Office of the Comptroller of the Currency (www.helpwithmybank.gov/).

• Office of Thrift Supervision (www.ots.treas.gov) and (http://www.ots.treas.gov/resultsort.cfm?catNumber=272&dl=11&edit=1 ).





APPENDIX


Frequently Asked Questions on Providing Banking Services to Money Services Businesses

Registration and Licensing

1. What are the FinCEN registration requirements for Money Services Businesses?

As set forth in 31 CFR 103.41, all money services business must register with FinCEN (whether or not licensed as a money services business by any state) except:

  • A business that is a money services business solely because it serves as an agent of another money services business;
  • A business that is a money services business solely as an issuer, seller, or redeemer of stored value;
  • The U.S. Postal Service; and
  • Agencies of the United States, of any state, or of any political subdivision of any state.

    A branch office of a money services business is not required to file its own registration form. Those money services businesses required to register must complete and submit to the Internal Revenue Service – Enterprise Computing Center-Detroit a form [www.msb.gov/pdf/msbregform01102004.pdf] that identifies the following: (1) the name, location, and taxpayer identification number of the business; (2) information concerning the owners of the business; (3) the location(s) of operation and the number of branch locations and number of agents; (4) the products and services offered; (5) information about the primary transaction account; and (6) the location of supporting documentation.

    Additionally, under existing FinCEN regulations, a money services business has 180 days in which to register from the time that it begins performing the functions that subject it to the money services business regulations.11 Therefore, it is possible that a money services business will appropriately seek banking services before completing the registration process with FinCEN, but still be in full compliance with the law.

    2. What resources are available for banking organizations to use to confirm registration or licensing status of a money services business?

    Regarding FinCEN registration, a banking organization may rely on the correspondence received by the money services business from the Internal Revenue Service – Enterprise Computing Center-Detroit as confirmation that the money services business has registered with FinCEN. All registered money services businesses will have such correspondence and should be prepared to provide it to the banking organization. Note that it may take 60 days or more after a money services business files its registration form for the business to receive an acknowledgment letter from the Internal Revenue Service. The acknowledgment letter from the Internal Revenue Service will be the only confirmation received by the money services business. As an alternative, if the money services business has filed its registration but has not yet received its acknowledgement letter, the banking organization may rely on a copy of the registration form submitted by the money services business until such time as the money services business either receives its acknowledgement letter or appears on the money services business registration list published by FinCEN (accessible at www.msb.gov). FinCEN seeks to assist banking organizations by assembling, preparing and forwarding information on the money services business industry and applicable Bank Secrecy Act requirements on FinCEN’s website dedicated to the money services business industry, www.msb.gov.

    Regarding state licensing requirements, individual state regulatory authorities offer a variety of information. Also, FinCEN is working with state regulators on a variety of information-sharing initiatives that will enhance cooperation with respect to anti-money laundering regulatory issues. One initiative will be to identify and promote resources where banking organizations and others can go to learn about state anti-money laundering requirements applicable to money services businesses as well as the status of individual money services businesses.

    3. How can a banking organization confirm that a money services business is an agent that is not required to register with FinCEN?

    A money services business that is an agent of a principal money services business will generally have contracts and agreements with the principal money services business, and agents should be expected to provide these documents to a banking organization upon request. Additionally, many large money services businesses list information about their agents on their public web sites.

    4. How should a banking organization document its review of registration, licensing, or agent status of a money services business?

    Banking organizations should document their review of the applicable registration, licensing, or agent status of a money services business customer, but are not required to maintain copies of actual documentation received from a money services business. Banking organizations should also consider the availability of public information regarding licensing, registration, or agent status for money services businesses. For example, many states make licensing information publicly available, and many large money services businesses list their agents on their public web sites.

    Due Diligence

    5. After applying the Customer Identification Program, and confirming registration, licensing, and agent status, as applicable, and when a banking organization’s risk assessment of a money services business customer indicates a low risk of money laundering or other illicit activity for the particular customer, is a banking organization required to perform further due diligence?

    No. After assessing basic information of a particular money services business customer, including: (1) the products and services offered by the money services business; (2) the locations and markets served by the money services business; (3) anticipated account activity; and (4) purpose of the account, if a banking organization determines that its relationship with the particular money services business constitutes a low risk of money laundering or other illicit activity, a banking organization is not routinely expected to perform further due diligence. Banking organizations should consider and perform further due diligence, such as a review of a money services business’s anti-money laundering program, if the banking organization’s risk assessment of a relationship with a particular money services business indicates heightened risks.

    However, banking organizations are reminded that risk-based monitoring of all accounts, regardless of the amount of due diligence performed for a particular customer, is a key element of an effective system to identify, and where appropriate, report suspicious activity. Discovery of suspicious activity in transactions with a money services business initially deemed to represent low risk may necessitate further due diligence.

    6. Can a banking organization open or maintain an account for a money services business that has not registered or obtained a state license because the customer was unaware of applicable requirements? Should a banking organization file a suspicious activity report in such instances?

    Yes. Banking organizations are not required to refuse to open new accounts for money services businesses that have failed to comply with registration or licensing requirements. Similarly, there is no requirement in the Bank Secrecy Act regulations that a banking organization terminate existing accounts of customers based solely on the discovery that the customer is a money services business that has failed to comply with licensing and registration requirements. The decision to maintain or close an account should be made by a banking organization’s management under standards and guidelines approved by its board of directors.

    However, continued noncompliance by a customer with applicable licensing, registration or other regulatory requirements after learning of such requirements would likely be an indicator of heightened risk. Banking organizations should file suspicious activity reports if they become aware that customers are operating in violation of the registration or state licensing requirements.

    7. Do FinCEN and the Federal Banking Agencies have an expectation that banking organizations should educate money services businesses about any requirements of the Bank Secrecy Act?

    No. The Bank Secrecy Act does not require, and neither FinCEN nor the Federal Banking Agencies expect, banking organizations to serve as the de facto regulators of the money services businesses for which they maintain accounts. Accordingly, banking organizations are not expected to educate money services businesses about the Bank Secrecy Act requirements that apply to the industry. However, when a banking organization is conducting due diligence with respect to its money services business customers, questions will inevitably arise. In such cases, banking organizations can direct inquiries by money services businesses about applicable Bank Secrecy Act requirements to existing regulatory resources such as www.msb.gov or FinCEN’s Regulatory Helpline at 1-800-949-2732.

    In addition, there are several ways for banking organizations to obtain free educational materials produced by FinCEN for money services businesses:

    • Submit an online order form through www.msb.gov (fastest option)
    • Print an order form from www.msb.gov and fax to 1-800-773-8356 or mail to:
    Money Services Business Program Office
    P.O. Box 39
    Vienna, VA 22183
  • Phone an order to 1-800-386-6329




    1 See 31 CFR 103.125 (requirement for money services businesses to establish and maintain an anti-money laundering program); 31 CFR 103.22 (requirement for money services businesses to file currency transaction reports); 31 CFR 103.20 (requirement for money services businesses to file suspicious activity reports, other than for check cashing and stored value transactions); 31 CFR 103.29 (requirement for money services businesses that sell money orders, traveler’s checks, or other instruments for cash to verify the identity of the customer and create and maintain a record of each cash purchase between $3,000 and $10,000, inclusive); 31 CFR 103.33(f) and (g) (rules applicable to certain transmittals of funds); and 31 CFR 103.37 (additional recordkeeping requirement for currency exchangers including the requirement to create and maintain a record of each exchange of currency in excess of $1,000).

    2 See 31 CFR 103.41. The registration requirement applies to all money services businesses (whether or not licensed as a money services business by any state) except the U.S. Postal Service; agencies of the United States, of any state, or of any political subdivision of a state; issuers, sellers, or redeemers of stored value, or any person that is a money services business solely because that person serves as an agent of another money services business (however, a money services business that engages in activities described in § 103.11(uu) both on its own behalf and as an agent for others is required to register).

    3 Jurisdictions posing heightened risk include those that have been (1) identified by the Department of State as a sponsor of international terrorism under 22 USC 2371; (2) designated as non-cooperative with international anti-money laundering principles or procedures by an intergovernmental group or organization of which the United States is a member (such as the Financial Action Task Force, www.fatf-gafi.org) and with which designation the United States representative or organization concurs; or (3) designated by the Secretary of the Treasury pursuant to 31 U.S.C. 5318A as warranting special measures due to money laundering concerns. See also note 7, infra.

    4 In addition to violating the FinCEN registration regulation, which can result in both civil and criminal penalties, failure to register with FinCEN is a violation of 18 U.S.C. 1960. See U.S. v. Uddin, No. 04-CR-80192 (E.D.Mich. April 11, 2005). Under certain circumstances, failure to obtain a required state license to operate a money services business can also result in a violation of 18 U.S.C. 1960. See U.S. v. Velastegui, 199 F.3d 590 (2nd Cir. 1999).

    5See 31 CFR 103.121 (FinCEN); 12 CFR 21.21 (Office of the Comptroller of the Currency); 12 CFR 208.63(b), 211.5(m), 211.24(j) (Board of Governors of the Federal Reserve System); 12 CFR 326.8(b) (Federal Deposit Insurance Corporation); 12 CFR 563.177(b) (Office of Thrift Supervision); 12 CFR 748.2(b) (National Credit Union Administration).

    6 Supra, note 3.

    7 While the operation of a money services business in either of these two areas does not itself require a banking organization to conclude that the money services business poses a high risk, it is a factor that may be relevant. Information concerning High Risk Money Laundering and Related Financial Crimes Areas can be found at http://www.fincen.gov/le_hifcadesign.html. Designations of High Risk Money Laundering and Related Financial Crimes Areas are made in the Treasury Department’s National Money Laundering Strategy reports. Information concerning High-Intensity Drug Trafficking Areas can be found at http://www.whitehousedrugpolicy.gov/hidta/.

    8 Supra, note 3.

    9 See U.S. v. Uddin, supra, note 4.

    10 Section 314(b) of the USA PATRIOT Act, as implemented by 31 CFR 103.110, establishes a safe harbor from liability for a financial institution or association of financial institutions that voluntarily chooses to share information with other financial institutions for the purpose of identifying and, where appropriate, reporting money laundering or terrorist activity. To avail itself of the 314(b) safe harbor, a financial institution must comply with the requirements of the implementing regulation, 31 CFR 103.110, including notice to FinCEN, verification that the other financial institution has submitted the requisite notice, and restrictions on the use and security of information shared. The safe harbor afforded by Section 314(b) is only available to financial institutions that are required to implement an anti-money laundering program, which includes banks regulated by a federal functional regulator (see 31 CFR 103.120) and money services businesses (see 31 CFR 103.125). For additional information on the 314(b) voluntary information sharing program, or to submit a notice to FinCEN to share information voluntarily, please refer to www.fincen.gov.

    11 See 31 CFR 103.41(b)(3).





  • Accessibility