HomeMy WebLinkAboutApplicability of Bank Secrecy Act and Sarbanes-Oxley Act Br ant
Y
Miller Attorneys at Law
101 North iV4oiu-ve Street
Olive s`>;te 9°"
TallahassF~e, FI_. 32301
Tel 850.222.8011
Fax 850,22'.89&9
tiff u>u~, brne:;1 ~-oi ;
MEMORANDUM
TO: Dan McIntyre
FROM: Bryant Miller Olive
DATE: August 27, 2010
RE: Solar and Energy Loan Fund of St. Lucie County, Inc. -Applicability of Bank
Secrecy Act and Sarbanes-Oxley Act to Community Development Financial
Institutions
Issues
1. Whether the Solar and Energy Loan Fund of St. Lucie County, Inc. (the "Loan Fund"), a
not for profit Community Development Financial Institutions (CDFI), is subject to the
Bank Secrecy Act (BSA)?
2. Whether the Loan Fund and its officers and directors are subject to the Sarbanes-Oxley
Act (SOX)?
3. Whether Treasury Regulations applicable to CDFIs affect the analysis in this
memorandum?
Brief Answers
1. Probably. Unless the Loan Fund's transmission of funds is exclusively incidental to its
provision of some other service or product, it will most likely be a "money transmitter"
subject to the BSA recordkeeping and reporting requirements. The Loan Fund will also
be subject to the BSA if it at any time becomes subject to regulation by a banking agency.
Atlanta Jackson~~ille Miami Orlando Tallahassee Tampa Washington, D. C.
2. Because the Loan Fund is a not for profit corporation, it is only subject to the
prohibitions against whistleblower retaliation, destruction of documents, and
obstruction of official proceedings.
3. CDFI program regulations do not independently impose liability or obligations under
BSA or SOX.
Analysis
1. BSA.
A. Entities Subject to BSA.
As an initial matter, the Community Development Banking and Financial Institutions
Act of 1994 expressly provides: "Nothing in this [Act] shall affect any authority of the
appropriate Federal banking agency to supervise and regulate any institution or company." 12
U.S.C. ~ 4707(h). Therefore, whether the Loan Fund is subject to the BSA turns on the scope and
coverage of the BSA itself.
The BSA subjects certain entities to reporting and recordkeeping requirements to
facilitate the federal government's detection of money-laundering schemes and various other
crimes.' These requirements are implemented through regulations promulgated by a bureau of
the Department of Treasury known as the Financial Crimes Enforcement Network (FinCEN).
While most reporting and recordkeeping duties apply only to "financial institutions," the
BSA broadly defines this term to include a wide variety of business and entities, many of which
do not provide financial services. See 31 U.S.C. ~ 5312(a)(2). In addition to traditional financial
institutions, such as insured banks, this term includes vehicle dealers, pawnbrokers, travel
~ The BSA is codified at 31 U.S.C. 5311-5314e, 5316-5332e;12 U.S.C. lSlSs, 1829b, 1951-1959, and the
regulations promulgated thereunder are codified at 31 C.F.R. § 103.
2
agencies, "persons involved in real estate closings and settlements," and "any network of people
who engage as a business in facilitating the transfer of money domestically or internationally
outside of the conventional financial institutions system." Id. § 5312(a)(2)(R), (T)-(U). Moreover,
the term includes:
(Y) any business or agency which engages in any activity which the
Secretary of the Treasury determines, by regulation, to be an activity which is
similar to, related to, or a substitute for any activity in which any business
described in this paragraph is authorized to engage; or
(Z) any other business designated by the Secretary whose cash
transactions have a high degree of usefulness in criminal, tax, or regulatory
matters.
Id. ~ 5312(a)(2)(Y)-(Z). As recognized by FinCEN, this statutory definition encompasses "a
potentially huge number of entities, many of which have never been subject to federal
regulation aimed at their specific lines of business." Anti-Terrorism Financing: Testimony Before
the Subcomm. on Oversight and Investigations of the Comm. on House Fin. Services, 108th Cong. 6
(2003) (statement of James F. Sloan, Director, FinCEN, U.S. Dept of Treas.). BSA's legislative
history provides little guidance. Id.
The regulations identify only some of the statutorily enumerated business types as
financial institutions for regulatory purposes. For such purposes, a financial institution is any
person or entity "doing business, whether or not on a regular basis or as an organized business
concern" in any capacity listed in 31 C.F.R. § 103.11(n). The provisions most likely applicable to
the loan fund are those stating that the term "financial institution" includes "person[s] subject to
supervision by any state or Federal bank supervisory authority" and "money services
businesses." Id. § 103.11(n)(3), (7).
3
First, if the Loan Fund at any time becomes subject to regulation by a banking agency, it
will be considered a financial agency within the meaning of the regulations and thus subject to
the BSA. Id. ~ 103.11(n)(7). Whether the Loan Fund is or may become subject to regulation
depends on a variety of factors, such as its activities and sources of funds. However, its CDFI
status, alone, does not appear to subject it to regulation by banking agencies. See 12 U.S.C. ~
4707(f)(1)(regarding soundness of "unregulated institutions").
The Loan Fund will also be considered a financial institution if it is a money service
business. Id. ~ 103.11(n)(3). Subject to limited exceptions, money service businesses must
register with FinCEN.
Money services businesses are defined in to include "money transmitters." The
definition of money transmitter for purposes of BSA regulations, found at 31 C.F.R.
§ 103.11(uu)(5), includes:
(A) [a]ny person, whether or not licensed or required to be licensed, who engages as a
business in accepting currency, or funds denominated in currency, and transmits the
currency or funds, or the value of the currency or funds, by any means through a
financial agency or institution, a Federal Reserve Bank or other facility of one or more
Federal Reserve Banks, the Board of Governors of the Federal Reserve System, or both,
or an electronic funds transfer network; or
(B) [a]ny other person engaged as a business in the transfer of funds.
However, "[g]enerally, the acceptance and transmission of funds as an integral part of the
execution and settlement of a transaction other than the funds transmission itself...will not
cause a person to be a money transmitter." Id. ~ 103.11(uu)(5)(ii). Therefore, whether an entity
is a money transmitter often turns on whether or not the entity's acceptance and transmission of
4
funds is ancillary to a separate service. This determination is made under a totality of facts and
circumstances analysis.
Two FinCEN administrative rulings provide guidance as to the types of fund-
transmission activities which will not render an entity a money transmitter. In FinCEN Ruling
2004-4 (Nov. 24, 2004)? FinCEN determined that a debt management company's business did
not constitute money transmission, stating:
The general service that [the business] provides is to help debtors create a
plan for payment and/or adjustment of their debts, and to obtain the
agreement of creditors to accept payment under that plan. FinCEN views the
money transmission that [the business] conducts as ancillary to the debt
management service that [the business] provides, and incidental to a debtor's
primary purpose in using the services of [the business]. To the extent that the
money transmission conducted by [the business] is limited to submitting
payments to creditors on behalf of debtors in conjunction with a debt
management plan, FinCEN would not deem [the business] a money
transmitter for purposes of 31 CFR 103.11(uu)(5).
On similar grounds, FinCEN Ruling 2008-011 (Dec. 11, 2008)3 concluded that a company which
facilitated "microfinance" between lenders and borrowers by acting as a clearinghouse was not a
money transmitter. For purposes of the ruling, microfinance was defined as "the supply of
loans, savings, and other basic financial services to the poor' that 'usually involve small
amounts of money."' The company engaged local businesses as its "microfinance partners," to
pre-qualify borrowers and transmit borrower profiles to the company. T'he company would
then conduct its own evaluation of the borrower and, if the borrower met the company's
standards, the company would post the borrower's information on a website from which
lenders would then select borrowers for loans. To make a loan, a lender would transmit the
` http://www.fincen.gov/news_room/rp/rulings/html/fincenruling2004-4.htm1
http://www.fincen.gov/statutes_regs/guidance/pdf/fin-2008-rOll.pdf
5
loan funds to the company, and the company would transmit the funds to a microfinance
partner, which would then disburse the funds to the borrower. Borrowers would make
payments directly to the microfinance partner, the microfinance partner would transmit the
payment to the company, and the company would then pay the lender. Critical to FinCEN's
analysis was that the company did not assist lenders in making loans to lenders to loan money
to anyone other than the borrowers listed on the company's website. FinCEN concluded:
The transmission of funds is not a separate and discrete service that the
Company provides in addition to its loan clearinghouse services. Rather,
transmission of funds is an integral part of the loan clearinghouse services
that the Company is providing. Therefore, provided that the Company
transmits funds solely in the manner which you have described, the Company
would not be a money transmitter as that term is defined in our regulations.
Under the foregoing rulings, the Loan Fund probably will not be considered a money
transmitter if its money transmission activities are exclusively ancillary to some other service it
provides. However, if it transmits any monies without providing additional services, it will
most likely is be considered a money transmitter. This is because the regulations expressly
provide that engaging in an enumerated business activity renders an entity a financial
institution, regardless of whether or not the entity regularly engages in such activity. 31 C.F.R.
~ 103.11(n)(c).
B. Summaries of Key BSA Provisions.
1. Anti-Money Laundering Programs.
Under the BSA, a financial institution is required to establish an anti-money laundering
program ("AML Program") that includes internal policies, procedures, and controls; a
designated anti-money laundering compliance officer; an employee-training program; and an
6
independent audit to test the implementation of AML Program. 31 U.S.C. ~ 5318(h). FinCEN
has adopted rules tailoring the AML Program requirement to various financial institutions.
For example, there is an AML Program rule specifically applicable to money services
businesses. 31 C.F.R. § 103.125.
The regulations temporarily exempt certain financial institutions from the AML
Program requirement. 31 C.F.R. § 103.170(b). Among the temporarily exempt financial
institutions are "persons subject to supervision by any state or federal bank supervisory
authority." Id.; see 31 C.F.R. ~ 103.11(n)(7). Therefore, if the Loan Fund is or becomes subject to
regulations by any banking agency, it will be exempt from the AML Program requirement until
regulations are adopted.
2. The Currency Transaction Reporting Requirement.
Domestic financial institutions are required to report transactions that exceed a certain
monetary threshold, which is currently set at $10,000. See 31 C.F.R. § 103.22 (implementing the
currency transaction report filing requirement for financial institutions). This requirement
applies to all payments or transfers by, through, or to a financial institution in a banking day
involving a transaction (or multiple transactions by or on behalf of the same person) in currency
exceeding an aggregate amount of $10,000. If the monetary amount exceeds this threshold,
then the financial institution must file a credit transaction report (CTR) on FinCEN Form 104.
The CTR must include information about the person or persons involved in the currency
transaction(s), including the person(s) conducting the transaction(s) and the person(s) on whose
behalf of the transaction(s) is conducted; details about the transactions itself, such as the date
and amount of the transaction; information about the financial institution; and whether the CTR
7
is filed based upon multiple transactions that aggregate to more than $10,000. If a CTR is
required with respect to a transaction, certain information about the parties to the transaction
must be verified. 31 C.F.R. ~ 103.28.
A nonfinancial trade or business that receives more than $10,000 in cash in a single
transaction (or two or more related transactions) in the course of its trade or business is required
to file a Form 8300. 31 C.F.R. ~ 103.30(a). Even if the Loan Fund is not considered a financial
institution, it may be subject to this requirement.
3. The Suspicious Activity Reporting Requirement.
Financial institutions are required to alert law enforcement about suspicious transactions
relevant to possible money laundering or other violations of law through the filing of suspicious
Activity Reports (SARs). 31 C.F.R. ~ 103.20. A money service business is required to file a SAR
(TD Form 90-22.56) if the business (i) receives funds from a customer, and (i) knows or suspects
that the funds have an illegal source, are structured to evade the BSA requirements, or appears
to serve no known business purpose. Id. A SAR must be filed within thirty (30) days of the
transaction. Id.
Entities may voluntarily file SARs. Even if the Loan Fund is not subject to this
requirement, filing SARs and having a record that reflects diligence in investigating suspicious
may nonetheless be a good business practice.
4. Recordkeeping.
In addition to the filing requirements, the SBA requires that reports be retained as
follows:
8
• CTRs must be retained for period of five years from the date of filing the report. 31
C.F.R. § 103.27(a)(3).
• Copies of Forms 8300 are also required to be retained for five years. Treas. Reg. 1-
6050I-1(e)(3)(iii).
• SARs and supporting documentation must be retained for a period of five years
from the date of filing the report under the regulations requiring the filing of the
report. 31 C.F.R. § 103.20(c).
Furthermore, financial institutions must retain records (either the original a copy) of each of
the following:
• Each extension of credit in an amount in excess of $10,000 (except an extension of
credit secured by an interest in real property).
• Each advice, request, or instruction received or given regarding any transaction
resulting in the transfer cash or other monetary instruments, funds, checks,
investment securities, or credit, of more than $10,000 to or from any person,
account, or place outside the United States.
• Each advice, request, or instruction given to another financial institution or other
person located within or without the United States, regarding a transaction
intended to result in the transfer of funds, or of currency, other monetary
instruments, checks, investment securities, or credit, of more than $10,000 to a
person, account or place outside the United States.
• Other information as required pursuant to an order issued pursuant to 31 C.F.R. §
103.26(a).
31 C.F.R. § 103.33.
2. SOX.
Most provisions of SOX4 apply only to publicly traded companies. However, it is clear
that the following provisions apply to nonprofit organizations: (i) whistleblower protections;
n SOX is codified at 15 U.S.C. § 7201 et seq.; 29 U.S.C. § 1021; 29 U.S.C. § 1132; 15 U.S.C. § 7245 et seq.;
15 U.S.C. § 78a et seq.; 18 U.S.C. § 1501 et seq.
9
and (ii) the prohibitions against destruction, alteration or concealment of certain documents or
impediment of investigations. See National Center for Nonprofit Boards (Boardsource), The
Sarbanes-Oxley Act and Implications for Nonprofit Organizations (hereinafter "Implications for
Nonprofit Organizations") (2006), available at http://www.boardsource.org/clientfiles/Sarbanes-
Oxley.pdf.
First, SOX prohibits not for profit entities from retaliating against certain
whistleblowers. See Implications for Nonprofit Organizations, supra at 9; see also 73 U.S.C. ~
1514A(b)(2)(D). This provision is widely regarded as one the most powerful whistleblower-
protection statutes. See, e.g., Philip M. Berkowitz, Nixon Peabody, New Sarbanes-Oxley Whistle-
blower Regulations: Their Impact on Business (2004). Therefore, the Loan Fund should adopt
policies and procedures for taking employee complaints and prohibiting retaliation against
whistleblowers.
Second, nonprofits are prohibited from obstructing investigations and official
proceedings. Section 802 of SOX makes it a crime to knowingly alter, destroy, mutilate, conceal,
cover up, falsify or make a false entry in any record, document, or tangible object with the
intent to impede, obstruct, or influence the investigation or proper administration of any matter
within the jurisdiction of any federal department or agency or any case filed under the federal
bankruptcy code. Under Section 1102, it is a crime to "corruptly" alter, destroy, mutilate, or
conceal a record, document or other object, or attempt to do so, with the intent to impair the
object's integrity or availability for use in an official proceeding. The Act does not define the
term "corruptly." With respect to official proceedings, Section 1102 makes it a crime to
otherwise obstruct, influence or impede any official proceeding or attempt to do so. To ensure
10
compliance with these provisions, the Loan Fund should adopt appropriate policies and
procedures.
Although other SOX requirements to not currently apply to nonprofits, it may
nonetheless be advisable for the Loan Fund to follow comply with its provisions as a matter of
good management practice. See generally id.
3. CDFI Regulations.
It is unlikely that the CDFI program regulations affect the analysis in the memorandum
regarding the applicability of the Bank Secrecy Act and/or Sarbanes-Oxley Act to CDFIs.
Although the CDFI program regulations include certain reporting requirements
applicable to awardees, see 12 C.F.R. 1805.804-.806, such requirements are in addition to, and
do not supersede, the reporting requirements which may be applicable under other law, see id. ~
1805.804(f)(indicating that awardees remain subject to reporting requirements of Appropriate
Federal Banking Agencies); see also id. g 1805.806 ("In carrying out its responsibilities pursuant
to an Assistance Agreement, the Awardee shall comply with all applicable Federal, State, and
local laws, regulations, and ordinances, OMB Circulars, and Executive Orders.") Accordingly, if
an entity is subject to the reporting requirements under the terms of the Bank Secrecy Act, the
fact that it is a CDFI most likely does not change that result.
There does not appear to be anything in the CDFI program regulations which would
make the Sarbanes Oxley Act applicable to an entity to it would not otherwise apply. Note,
however, that the regulations provide that not-for-profit awardees are required to have their
financial statements audited pursuant to OMB Circular A-133 Audits of States, Local Governments
and Non-Profit Organizations, and must submit their A-133 audited financial statements to the
11
Fund. 12 C.F.R. ~ 1805.804(e)(1)(i). Furthermore, the regulations contain conflict of interest
provisions specifically applicable to non-regulated awardees. Id. ~ 1805.807. Non-regulated
awardees are prohibited from extending credit to insiders unless the credit is extended in
compliance with ~ 1805.807(a). Additionally, non-regulated CDFIs must maintain standards of
conduct for insiders which are acceptable to the Fund. Id. ~ 1805.807(b).
12