Just a suggestion, if you intend to read and analyze the regulation, save the document linked above to your hard drive. If you have the software, mark it up with highlights, questions, and comments as you go through. You are unlikely to finish it in a single sitting. However, if you save and mark up a copy you are more likely to go back and finish your review later. The document is like a big text book that many will find too burdensome to finish if they just start plowing through from the beginning. I suggest you skip the sections where there may be a couple of nuggets, but no veins of useful information.
Much of the “preamble” epitomizes the saying “History is written by the victors.” To summarize: “We did a good job and some commenters thought we were wrong, but we weren’t.”
The first 25 pages include only one point not found later. (The first bullet point below.) Save those pages for last if you still have some eyesight left. Part IV, the regulatory analysis, is a detailed discourse on what is now a moot point, their nakedly academic financial analysis of the regulation’s impact. Skip that altogether.
Start by reading the regulation regarding banks and Appendix A. It begins on page 205. Then, read the new “program” regulation which is being inserted into the BSA regulation. It begins on page 220. Take your time and figure out what you believe that language would require you to do.
Next, read part III, the Section by Section Analysis. For banks, it begins on page 26 and goes through page 96. Compare it to your understanding of the regulation you just read.
If you got through those two segments, you’ve got the gist of it and can go back to the first 25 pages if you like. All total, you will read less than half of the document. Consider anything more you read as the gravy on your taters, but it’s going to be watery at best.The scary parts:
* The discussion of “regulatory deference” on pages 24 & 25 where they indicate that the regulation sets minimum standards which regulators are free to enhance. (They are either delegating their authority to administer the Bank Secrecy Act or simply acknowledging that the regulators have already taken it.)
* Interestingly, most of the technical comments they reference are solely attributable to the ABA's comment letter, but they do not acknowledge that source. (It was the ABA, not individual banks, that made a real contribution to this process.)
* There are repeated references in the section by section analysis to the fact that banks could/should do more; e.g. use a lower percentage of ownership to identify beneficial owners, etc. on higher risk customers. ("Extra credit" efforts mentioned in the preamble will have greater credibility when suggested by reviewers who see their role as making suggestions even when a compliance program is working well.)
* The example on aggregation based on beneficial ownership that would have been subject to aggregation anyway.
* The creation of the fifth pillar on due diligence. This is a much bigger deal than the requirement to identify beneficial owners:
(5) Appropriate risk-based procedures for conducting ongoing customer
due diligence, to include, but not be limited to:
(i) Understanding the nature and purpose of customer relationships for the purpose of developing a customer risk profile; and
(ii) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
Now, in chorus, let’s start whining about when they will publish the examination procedures.