February 6, 2023

Volume XIII, Number 37

Error message

  • Warning: Undefined variable $settings in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
  • Warning: Trying to access array offset on value of type null in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).

February 03, 2023

Subscribe to Latest Legal News and Analysis

Trust Companies Face Increased Anti-Money Laundering Requirements

Asset Management and Investment Funds Alert

On 15 September 2020, the Financial Crimes Enforcement Network issued final rules to expand the anti-money laundering (AML) obligations of certain banks, trust companies, and credit unions under the Bank Secrecy Act (BSA). These amendments will be particularly important to banks, private banks, credit unions, and trust companies that lack a “Federal functional regulator” (Non-FFR institutions). (The federal functional regulators are the Office of the Comptroller of the Currency, FDIC, Board of Governors of the Federal Reserve System, and the Securities and Exchange Commission.)

Prior to these new rules, these Non-FFR institutions had relatively limited AML obligations under BSA regulations as compared to most banks and savings associations. They were required to file currency transaction reports for many transactions in currency exceeding $10,000, file suspicious activity reports, and make and maintain certain records. Credit unions, private banks, and trust companies also were required to perform formal customer identification procedures (CIP) for all customers, even if they did not have a federal functional regulator, but other banks lacking a Federal functional regulator were not subject to a CIP requirement.

Under the new rules, all banks that are Non-FFR institutions, including but not limited to private banks, non-federally insured credit unions, and trust companies, will now be subject to essentially the same rules as apply to any FDIC-insured depository institution. Of most importance, they will be required to establish and maintain a written AML program that is approved by the institution’s board of directors or, if the institution does not have a board of directors, an equivalent governing body within the institution. Each AML program must include the “Five Pillars” of an appropriate AML program: 

  1. a system of internal controls designed to ensure ongoing compliance with the BSA;

  2. periodic independent compliance testing by the institution or an outside party;  

  3. the designation of a qualified AML officer who is responsible for coordinating and monitoring day-to-day BSA compliance;

  4. training for appropriate personnel; and 

  5. appropriate risk-based procedures for conducting ongoing customer due diligence, which must include, among other things, ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information regarding the beneficial owners of legal entity customers.

The requirement to verify the identity of the “beneficial owners” of legal entity customers will mean that the institution would need to determine who its “legal entity” customers are, what types of businesses are excluded from that definition, and who the beneficial owners are for all covered legal entity customers. 

The requirement to maintain a written AML program will also mean that the institution will be subject to formal BSA / AML compliance examinations. The Internal Revenue Service performs such examinations for Non-FFR institutions. An institution that previously did not have robust customer and transaction monitoring systems, an AML officer, or periodic AML compliance testing might find these regulatory examinations to be challenging. In any case, the institution will need to prepare and implement an AML program that is tailored to the institution, evidences a “culture of compliance,” and that is otherwise designed to minimize risks to the institution arising from money laundering, terrorist financing, or other criminal activities. Preparation of a carefully tailored AML program first will require the performance of a risk assessment so that the institution may identify the risks arising from its customer base, products and services, and the geographies in which those products and services are offered. 

Those banks that are Non-FFR institutions, including private banks, non-federally insured credit unions, and certain trust companies, will need to comply with the AML program, CIP, and beneficial ownership requirements by 15 March 2021.

Copyright 2023 K & L GatesNational Law Review, Volume X, Number 280

About this Author


John ReVeal is a partner in the firm’s Washington, D.C. office and a member of the consumer financial services practice group. He advises banks and other financial services providers on consumer compliance and assists financial institutions in the review and development of Bank Secrecy Act and Anti-Money Laundering programs.

In addition, Mr. ReVeal advises financial institutions regarding bank and thrift powers, federal preemption, exportation of rates and charges, and financial institution licensing.