GT Alert

New USA Patriot Act Regulations That Apply to Banks, Broker Dealers, and Other Financial Institutions

September 2002
By Alan B. Horn and Carl A. Fornaris, Greenberg Traurig

  View or download the PDF version of this Alert here.

On September 18, 2002, the United States Department of the Treasury issued final regulations related to the implementation of the USA PATRIOT Act’s: (A) shell banking prohibition and related record-keeping obligations; and (B) information sharing provisions.

The final regulations applicable to the shell banking prohibition and its related record-keeping obligations become effective 30 days after the date of their publication in the Federal Register. The final regulations applicable to information sharing between financial institutions become effective the date of their publication in the Federal Register.

Both of the final regulations – which apply to and will result in additional compliance burdens for banks, securities broker dealers, U.S. branches and agencies of foreign banks, Edge corporations, trust companies and other financial institutions – are discussed below.

A. The Shell Banking Prohibition and Related Record-Keeping Obligations

1. Background — PATRIOT Act Provisions and Proposed Regulations

The final regulations implement Sections 313 and 319(b) of the USA PATRIOT Act. Those statutory provisions require depository institutions to:

(a) cease maintaining a "correspondent account" in the United States on behalf of a non-U.S. bank that either (i) lacks a physical presence in its country of licensing with at least one full-time employee, or (ii) is not a "regulated affiliate" (i.e., is not affiliated by another bank with a physical presence whose home country regulator has supervisory authority over the non-U.S. correspondent bank in the correspondent’s country of licensing);

(b) maintain a record regarding the ownership of each non-U.S. bank that maintains a correspondent account with the U.S. institution; and

(c) maintain a record regarding the agent for service of process in the United States designated by each non-U.S. bank that maintains a correspondent account with the U.S. institution.

On November 20, 2001, the Treasury Department issued interim guidance on these provisions and provided a certification form that depository institutions were authorized to use as an interim means to assist them in meeting their statutory compliance obligations under Sections 313 and 319(b). On December 28, 2001, the Treasury Department published proposed regulations to codify the Interim Guidance and proposed to apply the requirements of Sections 313 and 319(b) to securities broker dealers in the same manner as those requirements apply to depository institutions.

2. Final Regulations

"Correspondent Account" Definition. The most controversial portion of the regulations in their proposed form surrounded the definition of "correspondent account," which is the touchstone in determining whether the shell bank prohibition and its record-keeping obligations apply. Not surprisingly, Treasury adopted a very broad interpretation of "correspondent account" from the PATRIOT Act.

Under the final regulation, a "correspondent account" is an account established by a U.S. bank for a non-U.S. bank to receive deposits from, make payments or other disbursements on behalf of, or handle other "financial transactions" related to the non-U.S. bank. "Account," in turn, is any "formal" banking or business "relationship" established to provide "regular" services, dealings, and other financial transactions. The use of the term "regular" in the definition requires the provision of ongoing services, and generally excludes infrequent or one-time transactions. The Treasury Department commentary to the proposed regulation states that "most isolated or occasional transactions that a covered financial institution conducts with a foreign bank would not constitute a correspondent account . . . ."

Accordingly, it appears that virtually any regular and ongoing formal relationship memorialized through an account between a covered financial institution and a non-U.S. bank would be subject to compliance with the shell bank prohibition and the record-keeping requirement obligations under the PATRIOT Act, requiring the covered financial institution to obtain a completed certification from its non-U.S. correspondent bank customer. Examples of "correspondent accounts" that would be subject to the final regulations include savings accounts, time deposit accounts, loan accounts, credit accounts, transaction accounts, money market accounts, clearing and settlement accounts, fiduciary accounts, foreign exchange accounts, accounts to trade securities, foreign currency trading accounts, derivatives accounts, custody accounts, and accounts for trading futures or commodity options.

Certification. The final regulations continue to authorize U.S. depository institutions, U.S. branches and agencies of foreign banks, securities broker dealers, trust companies, Edge corporations, thrifts and credit unions (collectively, "covered financial institutions") to use a Treasury Department-prescribed form of certification in order to comply with the shall bank prohibition and its related record-keeping obligations. Although covered financial institutions are not required to use the form, a completed certification in the form prescribed in the final regulations by the Treasury Department constitutes a safe harbor from non-compliance liability.1

The certification form, which if used is sent by a covered financial institution to each of its non-U.S. bank customers with one or more "correspondent accounts" at the covered institution, requires the non-U.S. bank to:

(a) certify that the non-U.S. bank is not a shell bank;

(b) certify that the non-U.S. bank will not permit shell banks access to the U.S. correspondent account;

(c) disclose the 25%-or-greater shareholders of the non-U.S. bank; and

(d) identify a U.S.-based service of process agent (U.S.-located embassies or consular offices are not acceptable).

Regarding item (b) above, the Treasury Department has taken the position that the certification will be viewed to mean that the non-U.S. bank is not using its correspondent account to provide banking services to a foreign shell bank that is the non-U.S. bank’s direct customer. Therefore, indirect customers down the chain of correspondent relationships would not require investigation.

In addition, the Treasury Department has clarified that:

• certifications may be distributed, completed, returned and stored in electronic form;
• non-U.S. correspondent banks may post and update their certifications on their Web site;
• non-U.S. correspondent banks may complete one omnibus certification to cover all the correspondent accounts such banks maintain with their U.S. correspondent financial institution;
• non-U.S. correspondent banks that are publicly-traded or file annual reports with the Board of Governors of the Federal Reserve System would be exempt from completing the ownership portion of the certification;
• completed certifications are due no later than 30 days (measured 30 days after publication of the regulations in the Federal Register) for new accounts and 90 days for existing accounts;
• if the U.S. financial institution does not receive a completed certification within the applicable time frames, all correspondent accounts of the non-responsive, non-U.S. bank must be closed "within a commercially reasonable time"; and
• failure to terminate a non-U.S. correspondent relationship will subject the non-terminating U.S. financial institution to a civil money penalty of up to $10,000 per day until the relationship is terminated.

B. Information Sharing Among Financial Institutions

1. Background — PATRIOT Act Provision and Proposed Regulations

Section 314 of the USA PATRIOT Act provides for information sharing between the government and financial institutions (Section 314(a)), and between financial institutions themselves (Section 314(b)).

On March 4, 2002, the Treasury Department published proposed regulations to implement the information sharing provisions of the PATRIOT Act. The proposed regulations applicable to information sharing between financial institutions, among other things, would have required a financial institution to provide the Treasury Department with a certification prior to sharing information.

2. Final Regulations

Information Sharing With the Government – "Information Requests." Under the new final regulations implementing Section 314(a), a federal law enforcement agency investigating terrorist activity or money laundering activity may request that the Treasury Department solicit, on the investigating agency’s behalf, certain information from a financial institution (e.g., insured depository institutions, broker dealers, U.S. branches and agencies of foreign banks, Edge corporations, trust companies, savings associations and credit unions). When submitting the "information request" to the Treasury Department, the law enforcement agency must, among other things, certify to the Treasury Department that the law enforcement agency has "credible evidence" that a suspected individual or organization is engaged in terrorist activity or money laundering.

Upon receiving an "information request" from the Treasury Department, the receiving financial institutions must "expeditiously" search its records for information responsive to the request. However, under the final regulations, a financial institution must only search for:

• any current account maintained for a named suspect;
• any account maintained for a named suspect during the preceding one year; and
• any transaction conducted on behalf of the named suspect, or any transmittal of funds in which a named suspect was either the transmittor or the recipient, during the preceding six months that is required under law to be recorded by the financial institution or is recorded and maintained electronically by the institution.

Each financial institution must maintain "adequate procedures" to protect the confidentiality of information requests issued pursuant to Section 314(a). In addition, the receipt of an information request cannot be viewed by the recipient financial institution as requiring it to close the account of the named suspect.

Information Sharing Between Financial Institutions. Under the new final regulations implementing Section 314(b), a financial institution that is required under the Bank Secrecy Act, as amended by the USA PATRIOT Act, to maintain an anti-money laundering program may, under the protection of certain safe harbors discussed below, share information with any other financial institution regarding individuals or organizations for the purpose of identifying suspects that may involve possible terrorist activity or money laundering as long as:

• the financial institution submits to the Treasury Department a notice in a form prescribed by the new regulations which is effective for a one-year period and which can be filed on-line;
• before sharing information, the financial institution takes "reasonable steps" to verify that the other financial institution with which it intends to share information has submitted the same notice to the Treasury Department;
• the financial institution maintains the shared information confidential; and
• for information after the anniversary of the filing of the initial notice, the financial institution has submitted a new notice.

Financial institutions that engage in information-sharing with each other are protected from liability for such sharing, or for any failure to provide notice of such sharing to the individual or organizations that is the subject of such sharing, as long as the financial institution has: (i) filed a notice with the Treasury Department; (ii) verified that the other financial institution has submitted a notice; and (iii) maintained shared information confidential.

* * *

Enforcement and supervisory actions initiated in September 2002 alone by the Treasury Department and the Office of the Comptroller of the Currency make clear that compliance with the USA PATRIOT Act and the related Bank Secrecy Act have become a top priority. On September 4, 2002, a U.S. insured depository institution was fined $100,000 for alleged willful violations of suspicious activity report filing requirements. And on September 17, 2002, the Office of the Comptroller of the Currency ordered another U.S. insured depository institution to establish "comprehensive procedures to identify and report" transactions such as frequent, large-volume cash deposits and wire transfers.

While it remains to be seen exactly how the Treasury Department, the federal banking agencies, the SEC, and other supervisory authorities will audit compliance by the institutions they supervise with the final regulations implementing the USA PATRIOT Act’s shell bank ban and its related record-keeping obligations, covered financial institutions that do business with non-U.S. correspondent banks can expect to experience from their regulators during examinations heightened scrutiny regarding their policies, procedures, internal controls and record-keeping in respect of the statutory obligations imposed by Sections 313 and 319(b).

The Treasury press release and final regulations are available on the Treasury website at http://www.treasury.gov/press/releases/po3436.htm.

Footnotes

1 Since December 2001, virtually all covered financial institutions have used the interim form of certification, causing the form to be well-recognized by non-U.S. correspondent banks in Europe, Latin America and other parts of the world.

© 2002 Greenberg Traurig

Additional Information:

For more information, please review our Corporate & Securities Practice description, or feel free to contact one of our attorneys.

• Corporate Practice Area
• Corporate Attorneys