Yes, we believe that your bank should collect beneficial ownership information from the hospital, as there has been some indication that the hospital’s beneficial ownership is changing due to the departure of the current CEO.
Under FinCEN’s new customer due diligence (CDD) final rule, banks generally are required to obtain and verify beneficial information for legal entity customers at account opening, and retroactive reviews of existing customers are not required. However, banks must update account information “on a risk basis.” FinCEN has interpreted this requirement as being triggered when a bank becomes “aware of information about the customer during the course of normal monitoring . . . and such information indicates a possible change of beneficial ownership.”
In this case, it appears that the original authorized signer for the municipal hospital also was a beneficial owner of the legal entity. FinCEN’s CDD rule defines a beneficial owner as a single individual with significant responsibility to control, manage, or direct an entity (as well as an individual who owns 25% or more of the equity interests of an entity — which is inapplicable in the case of a nonprofit hospital, as discussed below). The hospital’s CEO likely is such an individual with significant responsibility to control the hospital. Because the CEO is departing, indicating a change in beneficial ownership, we believe this activity triggers the requirement to obtain the hospital’s beneficial ownership information.
We should note that because the municipal hospital is a nonprofit corporation, you need to collect information only on the single individual with control over the nonprofit corporation. FinCEN’s CDD rule generally requires banks to collect information about both those who own (the “ownership prong”) and those who control the customer (the “control prong”). However, nonprofit corporations are exempt from the ownership prong, and only the control prong applies.
For resources related to our guidance, please see:
- FinCEN Customer Due Diligence Rule, 31 CFR 1010.230(b) (“With respect to legal entity customers, the covered financial institution’s customer due diligence procedures shall enable the institution to: (1) Identify the beneficial owner(s) of each legal entity customer at the time a new account is opened, unless the customer is otherwise excluded pursuant to paragraph (e) of this section or the account is exempted pursuant to paragraph (h) of this section. . . .”)
- FinCEN Customer Due Diligence Rule, 31 CFR 1010.230(g) (“For the purposes of this section, new account means each account opened at a covered financial institution by a legal entity customer on or after the applicability date [May 11, 2018].”)
- FinCEN Customer Due Diligence Rule, 31 CFR 1020.210(b)(5)(ii) (Requiring financial institutions to implement and maintain “an anti-money laundering program that: . . . Includes, at a minimum: . . . (ii) Conducting ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information. For purposes of this paragraph (b)(5)(ii), customer information shall include information regarding the beneficial owners of legal entity customers . . . .”)
- FFIEC BSA/AML Exam Manual, Beneficial Ownership Requirements for Legal Entity Customers (“Banks must have procedures to maintain and update customer information, including beneficial ownership information for legal entity customers, on the basis of risk. Additionally, banks are not required to conduct retroactive reviews to obtain beneficial ownership information on legal entity customers that were existing customers as of May 11, 2018. However, the bank may need to obtain (and thereafter update) beneficial ownership information for existing legal entity customers based on its ongoing monitoring.”)
- FFIEC BSA/AML Exam Manual, Customer Due Diligence — Overview (“The requirement to update customer information is event-driven and occurs as a result of normal monitoring. Should the bank become aware as a result of its ongoing monitoring that customer information, including beneficial ownership information, has materially changed, it should update the customer information accordingly.”)
- FFIEC BSA/AML Exam Manual, Customer Due Diligence — Overview (“The bank’s procedures should establish criteria for when and by whom customer relationships will be reviewed, including updating customer information and reassessing the customer’s risk profile. The procedures should indicate who in the organization is authorized to change a customer’s risk profile. A number of factors may be relevant in determining when it is appropriate to review a customer relationship including, but not limited to:
- Significant and unexplained changes in account activity
- Changes in employment or business operation
- Changes in ownership of a business entity
- Red flags identified through suspicious activity monitoring
- Receipt of law enforcement inquiries and requests such as criminal subpoenas, National Security Letters (NSL), and section 314(a) requests
- Results of negative media search programs
- Length of time since customer information was gathered and the customer risk profile assessed.”)
- Significant and unexplained changes in account activity
- FinCEN FAQs Regarding Customer Due Diligence Requirements for Financial Institutions (April 3, 2018) (“Question 14: Are covered financial institutions required to collect or update beneficial ownership information on customers with accounts opened prior to May 11, 2018, the Rule’s applicability date? Financial institutions are not required to conduct retroactive reviews to obtain beneficial ownership information from customers with accounts opened prior to May 11, 2018. The obligation to obtain or update beneficial ownership information on legal entity customers with accounts established before May 11, 2018, is triggered when a financial institution becomes aware of information about the customer during the course of normal monitoring relevant to assessing or reassessing the risk posed by the customer, and such information indicates a possible change of beneficial ownership.”)
- FinCEN Customer Due Diligence Rule, 31 CFR 1010.230(d) (“For purposes of this section, beneficial owner means each of the following: (1) Each individual, if any, who, directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25 percent or more of the equity interests of a legal entity customer; and (2) A single individual with significant responsibility to control, manage, or direct a legal entity customer. . . .”)
- FinCEN Customer Due Diligence Rule, 31 CFR 1010.230(e)(3)(ii) (“The following legal entity customers are subject only to the control prong of the beneficial ownership requirement: . . . (ii) Any legal entity that is established as a nonprofit corporation or similar entity and has filed its organizational documents with the appropriate State authority as necessary.”)