On October the Financial Industry Regulatory Authority (FINRA) issued a Regulatory Notice urging its member firms (i.e., broker-dealers) to consider how they will incorporate the U.S. Treasury Department’s government-wide Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) priorities (AML/CFT Priorities) into their risk-based AML compliance programs.
Although the Treasury’s Financial Crimes Enforcement Network (FinCEN) has not yet promulgated final regulations specifying how financial institutions, including broker-dealers, should incorporate the AML/CFT Priorities, it is expected that those will be issued by the end of the year. A proactive assessment of how to implement the priorities would put firms in a position to incorporate promptly the final regulations and ensure compliance with applicable regulations, including FINRA Rule 3310.
AML/CFT Priorities and Application to FINRA Member Firms
FinCEN issued the AML/CFT Priorities on June 30, 2021. As we noted in a recent client alert, FinCEN set forth eight priorities and referenced prior FinCEN advisories and guidance documents that identify typologies and red flags that may help covered entities comply with their Bank Secrecy Act (BSA) obligations.3 The eight priorities are: (1) corruption; (2) cybercrime, including relevant cybersecurity and virtual currency considerations; (3) foreign and domestic terrorist financing; (4) fraud (including securities and investment fraud and internet-enabled fraud); (5) transnational criminal organization activity; (6) drug trafficking organization activity; (7) human trafficking and human smuggling; and (8) proliferation financing.
Along with the AML/CFT Priorities, FinCEN issued a statement to provide covered non-bank financial institutions (NBFIs), including broker-dealers, with guidance on how to approach the AML/CFT Priorities.4 The AML/CFT Priorities and FinCEN’s statement make clear that the final regulations will specify how financial institutions should incorporate the priorities into their risk-based AML programs, that not every priority will be relevant to every covered institution, and that covered entities are not required to incorporate the priorities until the effective date of the final regulations.
FINRA issued the October 8 notice to make member firms aware of the AML/CFT Priorities and FinCEN’s statement directed at NBFIs and to encourage firms to consider how to incorporate the AML/CFT Priorities into their risk-based AML compliance programs.
Under FINRA Rule 3310, member firms are required to develop and implement a written AML program reasonably designed to monitor their compliance with and achieve the requirements of the BSA and any implementing regulations under it.
The issuance of the AML/CFT Priorities does not trigger an immediate change in the BSA requirements or supervisory expectations for member firms. However, FINRA is encouraging member firms to begin evaluating how they will incorporate and document the AML/CFT Priorities into their risk-based AML programs. Specifically, FINRA encouraged member firms to:
-Consider potential updates to the red flags that firms have incorporated into their risk-based AML compliance programs in light of the risks presented by factors such as their business activities, size, the geographic locations in which they operate, the types of accounts they maintain, and the types of transactions in which they and their customers engage; and
-Consider potential technological changes that may be appropriate in order to incorporate the AML/CFT Priorities into their compliance programs, including changes to the technology used to monitor and investigate suspicious activity.
To comply with the forthcoming regulations and supervisory expectations, it will be important for broker-dealers to conduct up-to-date assessments of their risk profiles and applicable control environments relating to their risk-based AML compliance programs.