The URL can be used to link to this page

Home My WebLink AboutApplicability of Bank Secrecy Act and Sarbanes-Oxley Act Br ant Y Miller Attorneys at Law 101 North iV4oiu-ve Street Olive s`>;te 9°" TallahassF~e, FI_. 32301 Tel 850.222.8011 Fax 850,22'.89&9 tiff u>u~, brne:;1 ~-oi ; MEMORANDUM TO: Dan McIntyre FROM: Bryant Miller Olive DATE: August 27, 2010 RE: Solar and Energy Loan Fund of St. Lucie County, Inc. -Applicability of Bank Secrecy Act and Sarbanes-Oxley Act to Community Development Financial Institutions Issues 1. Whether the Solar and Energy Loan Fund of St. Lucie County, Inc. (the "Loan Fund"), a not for profit Community Development Financial Institutions (CDFI), is subject to the Bank Secrecy Act (BSA)? 2. Whether the Loan Fund and its officers and directors are subject to the Sarbanes-Oxley Act (SOX)? 3. Whether Treasury Regulations applicable to CDFIs affect the analysis in this memorandum? Brief Answers 1. Probably. Unless the Loan Fund's transmission of funds is exclusively incidental to its provision of some other service or product, it will most likely be a "money transmitter" subject to the BSA recordkeeping and reporting requirements. The Loan Fund will also be subject to the BSA if it at any time becomes subject to regulation by a banking agency. Atlanta Jackson~~ille Miami Orlando Tallahassee Tampa Washington, D. C. 2. Because the Loan Fund is a not for profit corporation, it is only subject to the prohibitions against whistleblower retaliation, destruction of documents, and obstruction of official proceedings. 3. CDFI program regulations do not independently impose liability or obligations under BSA or SOX. Analysis 1. BSA. A. Entities Subject to BSA. As an initial matter, the Community Development Banking and Financial Institutions Act of 1994 expressly provides: "Nothing in this [Act] shall affect any authority of the appropriate Federal banking agency to supervise and regulate any institution or company." 12 U.S.C. ~ 4707(h). Therefore, whether the Loan Fund is subject to the BSA turns on the scope and coverage of the BSA itself. The BSA subjects certain entities to reporting and recordkeeping requirements to facilitate the federal government's detection of money-laundering schemes and various other crimes.' These requirements are implemented through regulations promulgated by a bureau of the Department of Treasury known as the Financial Crimes Enforcement Network (FinCEN). While most reporting and recordkeeping duties apply only to "financial institutions," the BSA broadly defines this term to include a wide variety of business and entities, many of which do not provide financial services. See 31 U.S.C. ~ 5312(a)(2). In addition to traditional financial institutions, such as insured banks, this term includes vehicle dealers, pawnbrokers, travel ~ The BSA is codified at 31 U.S.C. 5311-5314e, 5316-5332e;12 U.S.C. lSlSs, 1829b, 1951-1959, and the regulations promulgated thereunder are codified at 31 C.F.R. § 103. 2 agencies, "persons involved in real estate closings and settlements," and "any network of people who engage as a business in facilitating the transfer of money domestically or internationally outside of the conventional financial institutions system." Id. § 5312(a)(2)(R), (T)-(U). Moreover, the term includes: (Y) any business or agency which engages in any activity which the Secretary of the Treasury determines, by regulation, to be an activity which is similar to, related to, or a substitute for any activity in which any business described in this paragraph is authorized to engage; or (Z) any other business designated by the Secretary whose cash transactions have a high degree of usefulness in criminal, tax, or regulatory matters. Id. ~ 5312(a)(2)(Y)-(Z). As recognized by FinCEN, this statutory definition encompasses "a potentially huge number of entities, many of which have never been subject to federal regulation aimed at their specific lines of business." Anti-Terrorism Financing: Testimony Before the Subcomm. on Oversight and Investigations of the Comm. on House Fin. Services, 108th Cong. 6 (2003) (statement of James F. Sloan, Director, FinCEN, U.S. Dept of Treas.). BSA's legislative history provides little guidance. Id. The regulations identify only some of the statutorily enumerated business types as financial institutions for regulatory purposes. For such purposes, a financial institution is any person or entity "doing business, whether or not on a regular basis or as an organized business concern" in any capacity listed in 31 C.F.R. § 103.11(n). The provisions most likely applicable to the loan fund are those stating that the term "financial institution" includes "person[s] subject to supervision by any state or Federal bank supervisory authority" and "money services businesses." Id. § 103.11(n)(3), (7). 3 First, if the Loan Fund at any time becomes subject to regulation by a banking agency, it will be considered a financial agency within the meaning of the regulations and thus subject to the BSA. Id. ~ 103.11(n)(7). Whether the Loan Fund is or may become subject to regulation depends on a variety of factors, such as its activities and sources of funds. However, its CDFI status, alone, does not appear to subject it to regulation by banking agencies. See 12 U.S.C. ~ 4707(f)(1)(regarding soundness of "unregulated institutions"). The Loan Fund will also be considered a financial institution if it is a money service business. Id. ~ 103.11(n)(3). Subject to limited exceptions, money service businesses must register with FinCEN. Money services businesses are defined in to include "money transmitters." The definition of money transmitter for purposes of BSA regulations, found at 31 C.F.R. § 103.11(uu)(5), includes: (A) [a]ny person, whether or not licensed or required to be licensed, who engages as a business in accepting currency, or funds denominated in currency, and transmits the currency or funds, or the value of the currency or funds, by any means through a financial agency or institution, a Federal Reserve Bank or other facility of one or more Federal Reserve Banks, the Board of Governors of the Federal Reserve System, or both, or an electronic funds transfer network; or (B) [a]ny other person engaged as a business in the transfer of funds. However, "[g]enerally, the acceptance and transmission of funds as an integral part of the execution and settlement of a transaction other than the funds transmission itself...will not cause a person to be a money transmitter." Id. ~ 103.11(uu)(5)(ii). Therefore, whether an entity is a money transmitter often turns on whether or not the entity's acceptance and transmission of 4 funds is ancillary to a separate service. This determination is made under a totality of facts and circumstances analysis. Two FinCEN administrative rulings provide guidance as to the types of fund- transmission activities which will not render an entity a money transmitter. In FinCEN Ruling 2004-4 (Nov. 24, 2004)? FinCEN determined that a debt management company's business did not constitute money transmission, stating: The general service that [the business] provides is to help debtors create a plan for payment and/or adjustment of their debts, and to obtain the agreement of creditors to accept payment under that plan. FinCEN views the money transmission that [the business] conducts as ancillary to the debt management service that [the business] provides, and incidental to a debtor's primary purpose in using the services of [the business]. To the extent that the money transmission conducted by [the business] is limited to submitting payments to creditors on behalf of debtors in conjunction with a debt management plan, FinCEN would not deem [the business] a money transmitter for purposes of 31 CFR 103.11(uu)(5). On similar grounds, FinCEN Ruling 2008-011 (Dec. 11, 2008)3 concluded that a company which facilitated "microfinance" between lenders and borrowers by acting as a clearinghouse was not a money transmitter. For purposes of the ruling, microfinance was defined as "the supply of loans, savings, and other basic financial services to the poor' that 'usually involve small amounts of money."' The company engaged local businesses as its "microfinance partners," to pre-qualify borrowers and transmit borrower profiles to the company. T'he company would then conduct its own evaluation of the borrower and, if the borrower met the company's standards, the company would post the borrower's information on a website from which lenders would then select borrowers for loans. To make a loan, a lender would transmit the ` http://www.fincen.gov/news_room/rp/rulings/html/fincenruling2004-4.htm1 http://www.fincen.gov/statutes_regs/guidance/pdf/fin-2008-rOll.pdf 5 loan funds to the company, and the company would transmit the funds to a microfinance partner, which would then disburse the funds to the borrower. Borrowers would make payments directly to the microfinance partner, the microfinance partner would transmit the payment to the company, and the company would then pay the lender. Critical to FinCEN's analysis was that the company did not assist lenders in making loans to lenders to loan money to anyone other than the borrowers listed on the company's website. FinCEN concluded: The transmission of funds is not a separate and discrete service that the Company provides in addition to its loan clearinghouse services. Rather, transmission of funds is an integral part of the loan clearinghouse services that the Company is providing. Therefore, provided that the Company transmits funds solely in the manner which you have described, the Company would not be a money transmitter as that term is defined in our regulations. Under the foregoing rulings, the Loan Fund probably will not be considered a money transmitter if its money transmission activities are exclusively ancillary to some other service it provides. However, if it transmits any monies without providing additional services, it will most likely is be considered a money transmitter. This is because the regulations expressly provide that engaging in an enumerated business activity renders an entity a financial institution, regardless of whether or not the entity regularly engages in such activity. 31 C.F.R. ~ 103.11(n)(c). B. Summaries of Key BSA Provisions. 1. Anti-Money Laundering Programs. Under the BSA, a financial institution is required to establish an anti-money laundering program ("AML Program") that includes internal policies, procedures, and controls; a designated anti-money laundering compliance officer; an employee-training program; and an 6 independent audit to test the implementation of AML Program. 31 U.S.C. ~ 5318(h). FinCEN has adopted rules tailoring the AML Program requirement to various financial institutions. For example, there is an AML Program rule specifically applicable to money services businesses. 31 C.F.R. § 103.125. The regulations temporarily exempt certain financial institutions from the AML Program requirement. 31 C.F.R. § 103.170(b). Among the temporarily exempt financial institutions are "persons subject to supervision by any state or federal bank supervisory authority." Id.; see 31 C.F.R. ~ 103.11(n)(7). Therefore, if the Loan Fund is or becomes subject to regulations by any banking agency, it will be exempt from the AML Program requirement until regulations are adopted. 2. The Currency Transaction Reporting Requirement. Domestic financial institutions are required to report transactions that exceed a certain monetary threshold, which is currently set at $10,000. See 31 C.F.R. § 103.22 (implementing the currency transaction report filing requirement for financial institutions). This requirement applies to all payments or transfers by, through, or to a financial institution in a banking day involving a transaction (or multiple transactions by or on behalf of the same person) in currency exceeding an aggregate amount of $10,000. If the monetary amount exceeds this threshold, then the financial institution must file a credit transaction report (CTR) on FinCEN Form 104. The CTR must include information about the person or persons involved in the currency transaction(s), including the person(s) conducting the transaction(s) and the person(s) on whose behalf of the transaction(s) is conducted; details about the transactions itself, such as the date and amount of the transaction; information about the financial institution; and whether the CTR 7 is filed based upon multiple transactions that aggregate to more than $10,000. If a CTR is required with respect to a transaction, certain information about the parties to the transaction must be verified. 31 C.F.R. ~ 103.28. A nonfinancial trade or business that receives more than $10,000 in cash in a single transaction (or two or more related transactions) in the course of its trade or business is required to file a Form 8300. 31 C.F.R. ~ 103.30(a). Even if the Loan Fund is not considered a financial institution, it may be subject to this requirement. 3. The Suspicious Activity Reporting Requirement. Financial institutions are required to alert law enforcement about suspicious transactions relevant to possible money laundering or other violations of law through the filing of suspicious Activity Reports (SARs). 31 C.F.R. ~ 103.20. A money service business is required to file a SAR (TD Form 90-22.56) if the business (i) receives funds from a customer, and (i) knows or suspects that the funds have an illegal source, are structured to evade the BSA requirements, or appears to serve no known business purpose. Id. A SAR must be filed within thirty (30) days of the transaction. Id. Entities may voluntarily file SARs. Even if the Loan Fund is not subject to this requirement, filing SARs and having a record that reflects diligence in investigating suspicious may nonetheless be a good business practice. 4. Recordkeeping. In addition to the filing requirements, the SBA requires that reports be retained as follows: 8 • CTRs must be retained for period of five years from the date of filing the report. 31 C.F.R. § 103.27(a)(3). • Copies of Forms 8300 are also required to be retained for five years. Treas. Reg. 1- 6050I-1(e)(3)(iii). • SARs and supporting documentation must be retained for a period of five years from the date of filing the report under the regulations requiring the filing of the report. 31 C.F.R. § 103.20(c). Furthermore, financial institutions must retain records (either the original a copy) of each of the following: • Each extension of credit in an amount in excess of $10,000 (except an extension of credit secured by an interest in real property). • Each advice, request, or instruction received or given regarding any transaction resulting in the transfer cash or other monetary instruments, funds, checks, investment securities, or credit, of more than $10,000 to or from any person, account, or place outside the United States. • Each advice, request, or instruction given to another financial institution or other person located within or without the United States, regarding a transaction intended to result in the transfer of funds, or of currency, other monetary instruments, checks, investment securities, or credit, of more than $10,000 to a person, account or place outside the United States. • Other information as required pursuant to an order issued pursuant to 31 C.F.R. § 103.26(a). 31 C.F.R. § 103.33. 2. SOX. Most provisions of SOX4 apply only to publicly traded companies. However, it is clear that the following provisions apply to nonprofit organizations: (i) whistleblower protections; n SOX is codified at 15 U.S.C. § 7201 et seq.; 29 U.S.C. § 1021; 29 U.S.C. § 1132; 15 U.S.C. § 7245 et seq.; 15 U.S.C. § 78a et seq.; 18 U.S.C. § 1501 et seq. 9 and (ii) the prohibitions against destruction, alteration or concealment of certain documents or impediment of investigations. See National Center for Nonprofit Boards (Boardsource), The Sarbanes-Oxley Act and Implications for Nonprofit Organizations (hereinafter "Implications for Nonprofit Organizations") (2006), available at http://www.boardsource.org/clientfiles/Sarbanes- Oxley.pdf. First, SOX prohibits not for profit entities from retaliating against certain whistleblowers. See Implications for Nonprofit Organizations, supra at 9; see also 73 U.S.C. ~ 1514A(b)(2)(D). This provision is widely regarded as one the most powerful whistleblower- protection statutes. See, e.g., Philip M. Berkowitz, Nixon Peabody, New Sarbanes-Oxley Whistle- blower Regulations: Their Impact on Business (2004). Therefore, the Loan Fund should adopt policies and procedures for taking employee complaints and prohibiting retaliation against whistleblowers. Second, nonprofits are prohibited from obstructing investigations and official proceedings. Section 802 of SOX makes it a crime to knowingly alter, destroy, mutilate, conceal, cover up, falsify or make a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any federal department or agency or any case filed under the federal bankruptcy code. Under Section 1102, it is a crime to "corruptly" alter, destroy, mutilate, or conceal a record, document or other object, or attempt to do so, with the intent to impair the object's integrity or availability for use in an official proceeding. The Act does not define the term "corruptly." With respect to official proceedings, Section 1102 makes it a crime to otherwise obstruct, influence or impede any official proceeding or attempt to do so. To ensure 10 compliance with these provisions, the Loan Fund should adopt appropriate policies and procedures. Although other SOX requirements to not currently apply to nonprofits, it may nonetheless be advisable for the Loan Fund to follow comply with its provisions as a matter of good management practice. See generally id. 3. CDFI Regulations. It is unlikely that the CDFI program regulations affect the analysis in the memorandum regarding the applicability of the Bank Secrecy Act and/or Sarbanes-Oxley Act to CDFIs. Although the CDFI program regulations include certain reporting requirements applicable to awardees, see 12 C.F.R. 1805.804-.806, such requirements are in addition to, and do not supersede, the reporting requirements which may be applicable under other law, see id. ~ 1805.804(f)(indicating that awardees remain subject to reporting requirements of Appropriate Federal Banking Agencies); see also id. g 1805.806 ("In carrying out its responsibilities pursuant to an Assistance Agreement, the Awardee shall comply with all applicable Federal, State, and local laws, regulations, and ordinances, OMB Circulars, and Executive Orders.") Accordingly, if an entity is subject to the reporting requirements under the terms of the Bank Secrecy Act, the fact that it is a CDFI most likely does not change that result. There does not appear to be anything in the CDFI program regulations which would make the Sarbanes Oxley Act applicable to an entity to it would not otherwise apply. Note, however, that the regulations provide that not-for-profit awardees are required to have their financial statements audited pursuant to OMB Circular A-133 Audits of States, Local Governments and Non-Profit Organizations, and must submit their A-133 audited financial statements to the 11 Fund. 12 C.F.R. ~ 1805.804(e)(1)(i). Furthermore, the regulations contain conflict of interest provisions specifically applicable to non-regulated awardees. Id. ~ 1805.807. Non-regulated awardees are prohibited from extending credit to insiders unless the credit is extended in compliance with ~ 1805.807(a). Additionally, non-regulated CDFIs must maintain standards of conduct for insiders which are acceptable to the Fund. Id. ~ 1805.807(b). 12