FINRA Amends Rule 3310 to Conform to FinCEN's Final Rule on Customer Due Diligence Requirements for Financial Institutions
Referenced Rules & Notices
Bank Secrecy Act
FINRA Rule 3310
Regulatory Notice 17-40
FINRA has filed for immediate effectiveness amendments to FINRA Rule 3310 (Anti-Money Laundering Compliance Program) to reflect the Financial Crimes Enforcement Network's (FinCEN) adoption of a final rule on Customer Due Diligence Requirements for Financial Institutions (CDD Rule).1 The implementation date is May 11, 2018. This implementation date aligns with the compliance date for FinCEN's CDD Rule.
The text of the rule is set forth in Attachment A.
Questions concerning this Notice should be directed to:
Background & Discussion
On May 11, 2016, FinCEN, the bureau of the Department of the Treasury responsible for administering the Bank Secrecy Act2 (BSA) and its implementing regulations, issued the CDD Rule3 to clarify and strengthen customer due diligence for covered financial institutions,4 including broker-dealers. In its CDD Rule, FinCEN identifies four components of customer due diligence: (1) customer identification and verification; (2) beneficial ownership identification and verification; (3) understanding the nature and purpose of customer relationships; and (4) ongoing monitoring for reporting suspicious transactions and, on a risk basis, maintaining and updating customer information.5 As the first component is already an AML program requirement, the CDD Rule focuses on the other three components.
Specifically, the CDD Rule focuses particularly on the second component by adding a new requirement that covered financial institutions identify and verify the identity of the beneficial owners of all legal entity customers at the time a new account is opened, subject to certain exclusions and exemptions. The CDD Rule also addresses the third and fourth components by amending the existing AML program rules for covered financial institutions to explicitly require these components to be included in AML programs as a new "fifth pillar."
On November 21, 2017, FINRA published Regulatory Notice 17-40 to provide guidance to member firms regarding their obligations under FINRA Rule 3310 in light of the adoption of FinCEN's CDD Rule.6 In addition, the Notice summarized the CDD Rule's impact on member firms, including the ongoing customer due diligence requirement, or "fifth pillar," required for member firms' AML programs.
The recently filed amendments to FINRA Rule 3310 incorporate into the rule this ongoing customer due diligence requirement to conform the rule to the CDD Rule and aid member firms in complying with the CDD Rule's requirements. Specifically, FINRA Rule 3310(f) requires member firms' AML programs to, at a minimum include appropriate risk-based procedures for conducting ongoing customer due diligence, to include, but not be limited to: (1) understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and (2) conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
As stated in the CDD Rule, these provisions are not new and merely codify existing expectations for firms to adequately identify and report suspicious transactions as required under the BSA, and encapsulate practices generally already undertaken by securities firms to know and understand their customers.
Member firms should ensure that their AML programs are updated, as necessary, to comply with the CDD Rule by May 11, 2018.
1.See Securities Exchange Act Release No. 83154 (May 2, 2018) (Notice of Filing and Immediate Effectiveness File No. SR-FINRA-2018-016).
2. 31 U.S.C. 5311, et seq.
3. FinCEN Customer Due Diligence Requirements for Financial Institutions; CDD Rule, 81 FR 29397 (May 11, 2016) (CDD Rule Release); 82 FR 45182 (September 28, 2017) (making technical correcting amendments to the final CDD Rule published on May 11, 2016). FinCEN is authorized to impose AML program requirements on financial institutions and to require financial institutions to maintain procedures to ensure compliance with the BSA and associated regulations. 31 U.S.C. 5318(h)(2) and (a)(2). The CDD Rule is the result of the rulemaking process FinCEN initiated in March 2012. See 77 FR 13046 (March 5, 2012) (Advance Notice of Proposed Rulemaking) and 79 FR 45151 (Aug. 4, 2014) (Notice of Proposed Rulemaking).
4.See 31 C.F.R. 1010.230(f) (defining "covered financial institution").
5.See CDD Rule Release at 29398.
6.See Regulatory Notice 17-40 (November 2017).
Below is the text of the amended rule text. New language is underlined; deletions are in brackets.
* * * * *
* * * * *