Fed, FinCEN, OCC Urge Banks to Take More Measured Approach to Customer Due Diligence

The Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Financial Crimes Enforcement Network (FinCEN), the National Credit Union Administration, and the Office of the Comptroller of the Currency (the agencies), on Wednesday, July 6, issued a joint statement urging banks to properly assess customer relationships and conduct customer due diligence (CDD) to ensure that customers engaged in lawful activities have access to financial services. In other words, to avoid de-risking practices. 

De-risking is a business practice where financial institutions decide to terminate or restrict business relationships with clients to avoid, rather than manage, money-laundering or terrorism financing risks.  

While the statement does not alter existing Bank Secrecy Act/Anti-Money Laundering (BSA/AML) legal or regulatory requirements, the agencies sent a clear message encouraging banks to manage customer relationships and mitigate risks rather than decline to provide banking services to entire categories of customers.  

The agencies reminded banks that they must apply a risk-based approach to CDD, including when developing the risk profiles of their customers. “The CDD process should enable banks to understand the nature and purpose of customer relationships for the purpose of developing a customer profile risk and conduct ongoing monitoring to identify and report suspicious transactions,” reads the statement. 

But where the agencies put more emphasis is on the need to conduct the analysis on an individual basis, and that “not all customers of a particular type automatically represent a uniformly higher risk of money laundering, or illicit financial activity.” The agencies do not mention which type of customer may be most affected by de-risking practices from banks. The joint statement only cited what may be seen as the most common cases, including independent automated teller machine (ATM) owners or operators, foreign individuals, charities and nonprofit organizations, professional service providers, cash intensive businesses, nonbank financial institutions and customers the bank considers politically exposed persons. 

Interestingly, FinCEN published on June 22 a statement to provide clarity to banks on how to apply a risk-based approach to conducting CDD to independent ATM owners or operators. The statement said that “ATM owner and operators have reported difficulty in obtaining and maintaining access to banking services.” The statement didn’t distinguish between fiat or cryptocurrency ATMs, and in the same way as bank regulators are doing with this statement, FinCEN reminded banks that not all ATM owner or operator customers are automatically higher risk. 

As the agencies know that the BSA gives discretion to banks surrounding implementation of a risk-based approach to CDD, the agencies fall short of recommending one particular methodology or suggesting which relevant factors a bank needs to look at when deciding if a customer is of high risk. The agencies only refer to the Federal Financial Institutions Examination Council (FFIEC) Bank Secrecy Act/Anti-Money Laundering Examination Manual for further guidance to carry out risk examinations. 

Read more: FinCEN Praised Automated AML Systems, Digital Identity Solutions 

EU Regulators Also Warned About De-Risking 

De-risking is a global phenomenon, and EU regulators have highlighted this risk in recent reports and public speeches. In January, the European Banking Authority (EBA) published a 40-page report on this issue with recommendations to the European Commission, the EU Parliament and the EU council to adopt new anti-money laundering measures that could mitigate this problem. In June, the EBA also included AML policies and actions to mitigate de-risking and financial exclusion as a priority for 2022. 

Also in June, during a debate between EU lawmakers and Mairead McGuinness, EU’s Commissioner for financial services in the EU parliament, the regulator was urged to look into de-risking practices that have taken place in different EU countries and to address this problem in future legislative proposals such as the Payment Service Directive 2 or the banking union. 

Read more: EBA’s Report Includes Crypto, Payments and AML as 2022 Priorities