This posting was written by Robert M. Jaworski.
On February 14, 2012, the Financial Crisis Enforcement Network (“FinCEN”) published new rules requiring non-bank residential mortgage lenders and originators (“RMLOs”) to: (i) establish and implement anti-money laundering (“AML”) programs; and (ii) file suspicious activity reports (“SARs”) and keep records pertaining to such reports. These are the same requirements to which banks have long been subject.
AML Program Requirement. Between now and August 13, 2012 – the mandatory compliance date for these new rules – every RMLO must do the following:
• Identify and assess the money laundering and terrorist financing risks associated with the loan products and services that the RMLO provides.
• Develop an AML program, tailored to the RMLO’s size, needs, and the operational risks identified in its risk assessment. An RMLO’s AML program must, at minimum:
- Incorporate policies, procedures and internal controls to deal with the risks identified in the RMLO’s assessment.
- Designate a compliance officer whose responsibility will be to ensure that the AML program is implemented effectively and updated as necessary, and that appropriate persons are properly trained to fulfill their responsibilities under the program.
- Provide for training of appropriate persons (including employees, agents and brokers) concerning their responsibilities under the program.
- Provide for independent testing to monitor and maintain an adequate program.
• Implement the AML program with respect to transactions initiated after the AML program is implemented.
SARs Filing and Record-Keeping Requirements. Once an RMLO has implemented an AML program, it must file SARs with FinCEN for any transaction which it knows, or suspects, or has reason to suspect, either alone or as part of a pattern of transactions:
• Involves funds derived from illegal activity, or is intended or conducted to hide or disguise funds or assets derived from illegal activity
• Is designed, through structuring or other means, to evade the requirements of the Bank Secrecy Act
• Has no business or other apparent lawful purpose, and the RMLO knows of no reasonable explanation for the transaction after examining the available facts, or
• Involves the use of the RMLO to facilitate criminal activity
RMLOs are required to file a SAR concerning a transaction within 30 days after the RMLO initially detects the facts that provide a basis to file the SAR. The only exception to this requirement is if it takes longer to identify a suspect, in which case the SAR may be filed later but in no event more than 60 days after initial detection. After filing a SAR, an RMLO must maintain a copy, along with all supporting documentation concerning the SAR, for at least five years.
With very limited exceptions, SARs, as well as any information that would reveal the existence of a SAR, must be kept confidential. Importantly, RMLOs that file SARs are protected from civil liability for any such disclosures.
Failure to adhere to any of the requirements in this final rule can result in severe civil and criminal penalties. To view the entire final rule, click here.
For more information, you can contact Robert M. Jaworski at rjaworski@reedsmith.com, or the Reed Smith attorney with whom you regularly work.
Robert M. Jaworski is a partner in the Financial Services Regulatory Group of Reed Smith LLP, resident in the Princeton, N.J., office. Bob is formerly the Deputy Commissioner of Banking for New Jersey, a former New Jersey Deputy Attorney General, and a frequent speaker at national and regional bank regulatory conferences.