mopdf.com

F I N C E NG U I D A N C Einto question the reliability of such information.9 Furthermore, covered financialinstitutions may verify the identity of a beneficial owner who does not appear inperson, through a photocopy or other reproduction of a valid identity document,or by non-documentary means described in response to Question 4 above.Question 7: Identification and verification: Existing customers asbeneficial owners of new legal entity customer accountsIf an individual named as a beneficial owner of a new legal entity account isan existing customer of the covered financial institution subject to the financialinstitution’s CIP, is a covered financial institution still required to identify andverify the identity of this individual, or may it rely on the CIP identification andverification of the individual that it previously performed?A. In general, covered financial institutions must identify and verify the identity ofthe beneficial owner(s) of legal entity customers at the time each new account isopened. However, if the individual identified as the beneficial owner is an existingcustomer of the financial institution and is subject to the financial institution’sCIP, a financial institution may rely on information in its possession to fulfill theidentification and verification requirements, provided the existing informationis up-to-date, accurate, and the legal entity customer’s representative certifies orconfirms (verbally or in writing) the accuracy of the pre-existing CIP information.For example, a representative of X Corp opens a new account for the company at acovered financial institution and identifies John Doe, who has a personal accountat the institution, as a 25 percent equity owner of X Corp. As required under theCIP rule, the institution identified and verified John Doe’s identity at the time thepersonal account was established. In this situation, a covered financial institutionmay rely on the pre-existing CIP identification and verification information itmaintains for John Doe, provided that X Corp’s representative certifies or confirms(verbally or in writing) the accuracy of the pre-existing information on John Doein order to comply with the Rule. The covered financial institution’s records ofbeneficial ownership for the new account could cross-reference the relevant CIPrecords and the verification of information would not need to be repeated.Question 8: Location of Certification Form or Appendix A to thefinal ruleAre covered financial institutions required to use the beneficial ownership CertificationForm (Appendix A to the Rule) and if so, how can they obtain a copy of the Form?9.See 31 CFR 1010.230(b)(1).6

F I N C E NG U I D A N C EA. There is no requirement that covered financial institutions use the CertificationForm. Rather, the form is optional and provided for the convenience of coveredfinancial institutions as one possible method to obtain the required beneficialownership information. Financial institutions may choose to comply withthe requirements of the Rule by using another method, such as through theinstitutions’ own forms, or any other means that comply with the substantiverequirements of this obligation. Covered financial institutions should retain theform and not file it with FinCEN.Covered financial institutions may obtain a fillable and non-fillable copy of theoptional Certification Form in Appendix A of the CDD Rule ion.Question 9: Retention of beneficial ownership information: Multiplesets of beneficial ownership certification documentsIf a covered financial institution has updated the beneficial ownership informationon the account(s) of a legal entity customer, and subsequently a new account isopened on behalf of the same legal entity customer, is the institution required toretain all sets of beneficial ownership documentation, thereby retaining up to threesets of information: the original set collected at account opening, the updated set,and a third, a duplicate of the second (updated) set for the new account?A. Yes. Covered financial institutions are required to retain all beneficial ownershipinformation collected about a legal entity customer. Identifying information,including the Certification Form or its equivalent, must be maintained for a periodof five years after the legal entity’s account is closed.10 However, all verificationrecords must be retained for a period of five years after the record is made.11Therefore, whether a financial institution must retain a set of identification orverification records is dependent upon the date an account is opened and closed,or the date a record is made. For example, if a covered financial institution relieson pre-existing beneficial ownership information in its possession as true andaccurate identification information when opening a new account for a legal entitycustomer, the financial institution should maintain the original records, and anyupdated information, including a record of any verbal or written confirmationof pre-existing information (for example, as described in Questions 7 and 10),until five years after the closing of the new account in order to comply with therecordkeeping requirements in the regulation. Covered financial institutions mustalso retain a description of every document relied on for verification, any non-10. See 31 CFR 1010.230(i)(2).11. Id.7

F I N C E NG U I D A N C Edocumentary methods and results of measures undertaken for verification, as wellas the resolution of any substantive discrepancies discovered in identifying andverifying the identification information for five years after the record is made.Question 10: Identification and verification: Certification when asingle legal entity customer opens multiple accountsIf a legal entity customer opens multiple accounts at a covered financial institution(whether or not simultaneously), must the financial institution identify and verifythe customer’s beneficial ownership for each account?A. Generally, covered financial institutions must identify and verify the legal entitycustomer’s beneficial ownership information for each new account opening,regardless of the number of accounts opened or over a specific period of time.However, an institution that has already obtained a Certification Form (or itsequivalent) for the beneficial owner(s) of the legal entity customer may rely onthat information to fulfill the beneficial ownership requirement for subsequentaccounts, provided the customer certifies or confirms (verbally or in writing) thatsuch information is up-to-date and accurate at the time each subsequent accountis opened and the financial institution has no knowledge of facts that wouldreasonably call into question the reliability of such information. The institutionwould also need to maintain a record of such certification or confirmation,including for both verbal and written confirmations by the customer.Question 11: Identification and verification: Accounts for internalrecordkeeping or operational purposesFinCEN understands that after a covered financial institution (particularly in thesecurities and futures industries) opens a new account for a legal entity customerand identifies its beneficial ownership, the financial institution may subsequentlyopen one or more additional accounts or subaccounts for that customer – for theinstitution’s own recordkeeping or operational purposes and not at the customer’sspecific request – so that the customer may, for example invest in particular productsor implement particular trading strategies. Would such accounts fall within thedefinition of “new accounts” for purposes of the beneficial ownership requirement?A. The beneficial ownership requirement applies to a “new account,” which isdefined to mean “each account opened by a legal entity customer”12 [emphasisadded]. An account (or subaccount) relating to a legal entity customer willnot be considered a “new account” or an “account” for purposes of the Rulewhen a financial institution creates such an account (or subaccount) for its own12. See 31 CFR 1010.230(g). In addition, the term “account” is defined by reference to the definition inthe CIP rules. 31 CFR 1010.230(c).8

F I N C E NG U I D A N C Eadministrative or operational purposes and not at the customer’s request—suchas to accommodate a specific trading strategy—and the financial institution hasalready collected beneficial ownership information on such legal entity customer.The distinction between such accounts opened by customers and those openedsolely by the financial institution is consistent with the Rule’s purpose to mitigatethe risks related to the obfuscation of beneficial ownership when a legal entity triesto access the financial system through the opening of a new account.13This interpretation is limited to accounts (or subaccounts) created solely toaccommodate the business of an existing legal entity customer that has previouslyidentified its beneficial ownership. Thus, the following accounts (or subaccounts)would not fall within this interpretation:o accounts (or subaccounts) created to accommodate a trading strategy beingcarried out by a separate legal entity, including a subsidiary of the existing legalentity customer; and,o accounts (or subaccounts) through which the customer of a financialinstitution’s existing legal entity customer carries out trading activity directlythrough the financial institution without intermediation from the existing legalentity customer.Question 12: Collection of beneficial ownership information:Product or service renewalsAre financial institutions required to have their legal entity customers certify thebeneficial owners for existing customers during the course of a financial productrenewal (e.g., a loan renewal or certificate of deposit)?A. Yes. Consistent with the definition of “account” in the CIP rules and subsequentinteragency guidance,14 each time a loan is renewed or a certificate of depositis rolled over, the bank establishes another formal banking relationship anda new account is established. Covered financial institutions are required toobtain information on the beneficial owners of a legal entity that opens a newaccount, meaning (in the case of a bank) for each new formal banking relationshipestablished, even if the legal entity is an existing customer. For financial servicesor products established before May 11, 2018, covered financial institutions mustobtain certified beneficial ownership information of the legal entity customers of13. See 68 FR at 25093 (The preamble to the CIP rules provides that “Treasury and the Agencies notethat the [USA PATRIOT] Act provides that the regulations shall require reasonable procedures for‘verifying the identity of any person seeking to open an account.’ Because these transfers are notinitiated by customers, these accounts do not fall within the scope of section 326.”)14. See “Interagency Interpretive Guidance on Customer Identification Program Requirements underSection 326 of the USA PATRIOT Act, FAQs: Final CIP Rule,” p. 8 (April 28, 2005).9

F I N C E NG U I D A N C Esuch products and services at the time of the first renewal following that date. Atthe time of each subsequent renewal, to the extent that the legal entity customerand the financial service or product (e.g., loan or CD) remains the same, thecustomer certifies or confirms that the beneficial ownership information previouslyobtained is accurate and up-to-date, and the institution has no knowledge offacts that would reasonably call into question the reliability of the information,the financial institution would not be required to collect the beneficial ownershipinformation again. In the case of a loan renewal or CD rollover, because weunderstand that these products are not generally treated as new accounts by theindustry and the risk of money laundering is very low, if at the time the customercertifies its beneficial ownership information, it also agrees to notify the financialinstitution of any change in such information, such agreement can be consideredthe certification or confirmation from the customer and should be documented andmaintained as such, so long as the loan or CD is outstanding.Question 13: Collection of beneficial ownership information:Existing accountsAre covered financial institutions required to collect or update beneficial ownershipinformation on customers with accounts opened prior to May 11, 2018, the Rule’sapplicability date?A. Financial institutions are not required to conduct retroactive reviews to obtainbeneficial ownership information from customers with accounts opened prior toMay 11, 2018. The obligation to obtain or update beneficial ownership informationon legal entity customers with accounts established before May 11, 2018, istriggered when a financial institution becomes aware of information aboutthe customer during the course of normal monitoring relevant to assessing orreassessing the risk posed by the customer, and such information indicates apossible change of beneficial ownership.15Question 14: Obligation to solicit or update beneficial ownershipinformation absent specific risk-based concernsAre covered financial institutions required to obtain or update beneficial ownershipinformation during routine periodic reviews of existing accounts, absent riskbased concerns; that is, are such reviews a trigger for the application of the Rule’sbeneficial ownership requirements?A. No. Covered financial institutions do not have an obligation to solicit or updatebeneficial ownership information as a matter of course during regular or periodicreviews, absent specific risk-based concerns. Financial institutions are required to15. See 81 FR at 29421.1 0

F I N C E NG U I D A N C Edevelop and implement risk-based procedures for conducting ongoing customerdue diligence, including regular monitoring to identify and report suspiciousactivity and, on a risk basis, to maintain and update customer information. Thus,periodic reviews are not by themselves a trigger to obtain or update beneficialownership information. As stated in response to Questions 13 and 16, theobligation to obtain or update information is triggered when, in the course ofnormal monitoring, a financial institution becomes aware of information abouta customer or an account, including a possible change of beneficial ownershipinformation, relevant to assessing or reassessing the customer’s overall risk profile.Absent such a risk-related trigger or event, collecting or updating of beneficialownership information is at the discretion of the covered financial institution.Financial institutions may exercise this discretion to collect or update beneficialownership information on customers as often as they deem appropriate.Question 15: Processes for monitoring and updating customerinformationAre covered financial institutions required to implement different processes thancurrently established to comply with the Rule’s ongoing monitoring and updatingrequirement?A. To the extent that a covered financial institution has monitoring processes inplace that allow the institution to meet the Rule’s requirements, such institutionmay use its existing monitoring processes to comply with customer due diligencemonitoring and updating obligations. As the preamble to the Rule states, “currentindustry practice to comply with existing expectations for SAR reporting shouldalready satisfy this proposed requirement.”16Question 16: Updating beneficial ownership informationIf an update to beneficial ownership information is required, can the change(s) bemade in a covered financial institution’s databases without physically obtainingand re-certifying the information?A. It depends. A covered financial institution must develop written internalpolicies, procedures, and internal controls with respect to collecting,maintaining, and updating a legal entity’s beneficial ownership information.The Rule requires that covered financial institutions monitor and, on a riskbasis, update the customer information, including the beneficial ownershipinformation, and does not require re-certification when the information is up-16. 81 FR 29420.1 1

F I N C E NG U I D A N C Eto-date and accurate.17 Covered financial institutions may therefore update theirrecords to reflect a change of information for an existing beneficial owner usingthe same or similar processes the institution implemented to record accountinformation it obtains from customers in connection with the institution’s accountopening processes. For example, if the update were only to a change of addressfor an existing beneficial owner whose identity information has already beencollected and verified, then full re-certification would likely not be required. Inthis circumstance, it may be reasonable for the covered financial institution tocommunicate verbally with the legal entity customer to confirm the accuracy ofthe change of address and reflect such information in its databases. If, however,the updated information were a change of beneficial ownership, then the newbeneficial owner’s identity would need to be collected, certified, and verified.Question 17: Beneficial ownership information: Identifying andverifying at account opening compared to updating after a riskrelated triggerDoes FinCEN distinguish between the requirements for identifying and verifyingbeneficial owner information at the time of a new account opening and at the timeof a triggering event?A. No. Whether a covered financial institution identifies and verifies the identityof the beneficial owner at the time a legal entity initially opens a new account orat the time of a triggering event, the fundamental elements of identification andverification are the same. That is, covered financial institutions must identify eachbeneficial owner by obtaining their name, date of birth, address, and identifyingnumber (such as a social security number or other identifying number permissibleunder the CIP rule), and verify their identities. However, financial institutions’written policies, procedures, and processes, as well as the sum of information,may differ with respect to the collection of information at the time a legal entitycustomer initially opens a new account or at the time an existing account isupdated after a triggering event.On or after May 11, 2018, when a legal entity customer initially opens a newaccount or an existing account is updated to incorporate beneficial ownershipinformation for the first time in response to a triggering event, covered financialinstitutions must identify and verify the identity of beneficial owners as set forthin section 1010.230(b).17. See e.g., 31 CFR 1020.210(b)(5)(ii) (for banks); 1023.210(b)(5)(ii) (for brokers or dealers in securities),1024.210 (b)(5)(ii) (for mutual funds), 1026.210(b)(5)(ii) (for futures commission merchants andintroducing brokers in commodities).1 2

F I N C E NG U I D A N C EQuestion 18: Collection of beneficial ownership information: PooledInvestment

1 FIN-2018-G001 Issued: April 3, 2018 Subject: Frequently Asked Questions Regarding Custo