The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
Federal Reserve Bank of Dallas 2200 N. PEARL ST. DALLAS, TX 75201-2272 March 24, 2006 Notice 06-20 TO: The Chief Executive Officer of each financial institution and others concerned in the Eleventh Federal Reserve District SUBJECT Approval of Final Rule Amending Regulation K (International Banking Operations) DETAILS The Board of Governors has adopted a final rule to require Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks supervised by the Board to establish and maintain procedures reasonably designed to assure and monitor compliance with the Bank Secrecy Act and the regulations issued thereunder. The rule becomes effective April 19, 2006. ATTACHMENT A copy of the Board’s notice as it appears on pages 13934–37, Vol. 71, No. 53 of the Federal Register dated March 20, 2006, is attached. MORE INFORMATION For more information, please contact Randy Steinley, Banking Supervision Department, (713) 483-3117. Previous Federal Reserve Bank notices are available on our web site at www.dallasfed.org/banking/notices/index.html or by contacting the Public Affairs Department at (214) 922-5254. For additional copies, bankers and others are encouraged to use one of the following toll-free numbers in contacting the Federal Reserve Bank of Dallas: Dallas Office (800) 333-4460; El Paso Branch Intrastate (800) 592-1631, Interstate (800) 351-1012; Houston Branch Intrastate (800) 392-4162, Interstate (800) 221-0363; San Antonio Branch Intrastate (800) 292-5810. 13934 Federal Register / Vol. 71, No. 53 / Monday, March 20, 2006 / Rules and Regulations FEDERAL RESERVE SYSTEM 12 CFR Part 211 [Regulation K; Docket No. R–1147] International Banking Operations Board of Governors of the Federal Reserve System. ACTION: Final rule. AGENCY: SUMMARY: The Board of Governors of the Federal Reserve System (Board) has adopted a final rule to require Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks supervised by the Board to establish and maintain procedures reasonably designed to assure and monitor compliance with the Bank Secrecy Act and the regulations issued thereunder. DATES: This rule is effective April 19, 2006. FOR FURTHER INFORMATION CONTACT: Nina A. Nichols, Assistant Director, (202) 452–2961, Shaswat K. Das, Counsel, (202) 452–2428, or Bridget M. Neill, Assistant Director, (202) 452– 5235, Division of Banking Supervision and Regulation; or Ann E. Misback, Associate General Counsel, (202) 452– 3788, or Jennifer Sutton, Attorney, (202) 452–3564, Legal Division. For users of Telecommunications Devices for the Deaf (TDD) only, contact (202) 263– 4869. SUPPLEMENTARY INFORMATION: rmajette on PROD1PC67 with RULES1 I. Background A. Regulations on Bank Secrecy Act Compliance Programs Subchapter II of chapter 53 of Title 31, United States Code, commonly known as the ‘‘Bank Secrecy Act,’’ generally requires financial institutions to, among other things, keep records and make reports that have a high degree of usefulness in criminal, tax, or regulatory proceedings. Section 1359 of the AntiDrug Abuse Act of 1986, Pub. L. 99–570, requires the supervisory agencies to prescribe regulations requiring institutions they regulate to establish and maintain procedures reasonably designed to assure and monitor compliance with the Bank Secrecy Act and to review such procedures during the course of their examinations.1 VerDate Aug<31>2005 15:02 Mar 17, 2006 Jkt 208001 PO 00000 Frm 00012 Fmt 4700 Sfmt 4700 E:\FR\FM\20MRR1.SGM 20MRR1 Federal Register / Vol. 71, No. 53 / Monday, March 20, 2006 / Rules and Regulations The supervisory agencies’ implementing regulations incorporate the minimum components of a compliance program as generally set forth in the Bank Secrecy Act at 31 U.S.C. 5318(h). These components are: (i) A system of internal controls to assure ongoing compliance; (ii) independent testing of compliance by the institution’s personnel or by an outside party; (iii) the designation of an individual or individuals responsible for coordinating and monitoring day-today compliance; and (iv) training for appropriate personnel.2 On May 30, 2003, the Board published a notice of proposed rulemaking in the Federal Register (68 FR 32434) to amend Regulation K (12 CFR part 211) to require Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks supervised by the Board to establish and maintain procedures reasonably designed to assure and monitor compliance with the Bank Secrecy Act. B. Overview of Comments Received The Board received five comments regarding the proposed rule. Commenters generally supported the clarification provided by the proposed rule regarding the Bank Secrecy Act compliance obligations of Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks. Specific issues raised by the commenters are discussed below. rmajette on PROD1PC67 with RULES1 II. Analysis of Comments A. Requirement for Program Approval The proposed rule would require a branch, agency, or representative office of a foreign bank operating in the United States (except for a Federal branch, a Federal agency, or a state-chartered branch that is insured by the Federal Deposit Insurance Corporation) to establish a Bank Secrecy Act compliance program with the approval of the foreign bank’s board of directors. Two commenters expressed concern regarding the proposed approval process. One commenter observed that it is often difficult to obtain timely approval of ‘‘local’’ U.S. matters by the board of directors of the foreign bank in the home country. The other commenter noted that a U.S. branch, agency, or representative office may not itself have a board of directors and suggested that in such situation approval by the entity’s senior management in the United States should be sufficient. 2 The Board’s implementing regulation is found in Regulation H at section 208.63 (12 CFR 208.63). VerDate Aug<31>2005 15:02 Mar 17, 2006 Jkt 208001 Commenters stated that regulators, in other instances, have addressed logistical difficulties of securing head office approval by allowing, for example, a local committee, advisory board, senior management, or regional headquarters located in the United States to perform the functions of a board of directors. The Board believes the Bank Secrecy Act program requires attention at the highest levels of management. Boards of directors of state member banks are not permitted to delegate approval of the Bank Secrecy Act compliance program.3 U.S. branches, agencies, and representative offices of foreign banks generally will not have separate boards of directors. Nevertheless, these offices need to be able to establish and implement amendments to their Bank Secrecy Act programs as necessary. Accordingly, the final rule provides that a foreign bank’s board of directors may appoint a delegee to approve the required Bank Secrecy Act program so long as the delegee is acting under the express authority of the board of directors to approve the Bank Secrecy Act program. B. Risk-Based Program One commenter requested that the Board clarify in the preamble to the final rule whether Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks are expected to develop risk-based programs under the rule. The Board has consistently interpreted Regulation H to require each bank to develop a Bank Secrecy Act compliance program that is tailored to address the risks presented by its business operations and customer base, provided that the minimum requirements set forth in section 208.63 of Regulation H are met. Under longstanding existing supervisory practice, as reflected in the final rule amending Regulation K, the Board expects Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks to develop and implement Bank Secrecy Act compliance programs that are risk-based. C. Text of Regulation H Requirements The proposed rule incorporated by reference the minimum requirements for Bank Secrecy Act compliance programs that are set forth in Regulation H at section 208.63 (12 CFR 208.63). One commenter suggested that the rule would be easier to use and more 3 See 12 CFR 208.63(b). (‘‘The compliance program shall be reduced to writing, approved by the board of directors, and noted in the minutes.’’) PO 00000 Frm 00013 Fmt 4700 Sfmt 4700 13935 understandable if the final rule set forth the full text of the regulatory requirements found in Regulation H. Many cross-references are made in Board regulations to provisions contained elsewhere. For example, the suspicious activity reporting rule for state member banks is found at 12 CFR 208.62 and is cross-referenced in Regulations K and Y at 12 CFR 211.5(k), 211.24(f), and 225.4(f). Similarly, the Customer Identification Program rule is found at 31 CFR 103.121 and is crossreferenced in Regulations H and K at 12 CFR 208.63(b)(2), 12 CFR 211.5(m)(2), and 211.24(j)(2). The Board believes this format is sufficiently clear; as a result, the final rule continues to incorporate by reference the text of the minimum requirements for Bank Secrecy Act compliance programs found in section 208.63 of Regulation H. D. Applicability to Offshore Interests of U.S. Banking Organizations The proposed rule by its terms would require Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks (except for a Federal branch, a Federal agency, or a statechartered branch that is insured by the Federal Deposit Insurance Corporation) to establish Bank Secrecy Act compliance programs. One commenter requested that the final rule clarify that it does not apply to the investments of U.S. banks or Edge and Agreement corporations in offshore entities, whether those investments are subsidiaries, joint ventures, or portfolio investments. The definitions of ‘‘financial institution’’ and ‘‘bank’’ in the Bank Secrecy Act and regulations thereunder do not encompass foreign offices or foreign investments of U.S. banks or Edge and Agreement corporations.4 Nevertheless, banks are expected to have policies, procedures, and processes in place at all their branches and offices to protect against risks of money laundering and terrorist financing. Moreover, an enterprise-wide anti-money laundering compliance program that assesses risk on a consolidated basis across all activities, business lines, and legal entities may be an essential tool in managing such risks. III. Regulatory Analysis A. Regulatory Flexibility Act In accordance with section 4(a) of the Regulatory Flexibility Act (5 U.S.C. 604(a)), the Board must publish a final regulatory flexibility analysis with this rulemaking. The final rule creates a 4 See E:\FR\FM\20MRR1.SGM 31 U.S.C. 5312(a)(2); 31 CFR 103.11(c). 20MRR1 13936 Federal Register / Vol. 71, No. 53 / Monday, March 20, 2006 / Rules and Regulations rmajette on PROD1PC67 with RULES1 uniform regulatory standard for ensuring and examining compliance with applicable law and regulation. Institutions covered by the rule, whether small or large, are already required to have policies and procedures substantially equivalent to those required by the rule. Accordingly, the Board certifies that this final rule will not have a significant economic impact on a substantial number of small business entities. B. Paperwork Reduction Act In accordance with the Paperwork Reduction Act of 1995 (PRA) (44 U.S.C. 3506; 5 CFR 1320 Appendix A.1), the Board has reviewed the final rule under the authority delegated to the Board by the Office of Management and Budget (OMB). The collections of information associated with this rulemaking are found in 12 CFR 211.5 and 211.24. This information is required to evidence compliance with the requirements of the Bank Secrecy Act, and the regulations promulgated thereunder. The recordkeepers are for-profit financial institutions. The Federal Reserve may not conduct or sponsor, and an organization is not required to respond to, this collection of information unless it displays a currently valid OMB control number. The OMB control number is 7100–0310. The final rule does not change the collection of information requirements set forth in the proposed rule. The final rule applies only to Edge and Agreement corporations and U.S. branches, agencies, and representative offices of foreign banks supervised by the Board. The final rule requires each of those entities to establish a written compliance program that includes the following components: (i) A system of internal controls to assure ongoing compliance; (ii) independent testing of compliance by the institution’s personnel or by an outside party; (iii) the designation of an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and (iv) training for appropriate personnel. The compliance program must be approved by the board of directors (and noted in the minutes) or by a delegee of the foreign bank’s board of directors. The commenters generally agreed that there would be little burden associated with the requirements for establishing a compliance program for the Bank Secrecy Act because the measures involved in the program are consistent with existing requirements under the Bank Secrecy Act at 31 U.S.C. 5318(h) and usual and customary business practices. The Board continues to VerDate Aug<31>2005 15:02 Mar 17, 2006 Jkt 208001 believe that the estimated average annual burden of 16 hours per institution is accurate, because branches, agencies, and representative offices of foreign banks and Edge and Agreement corporations are currently subject to the program requirements of section 5318(h) of the Bank Secrecy Act. Thus, the rule adopted today clarifies the existing obligations of these entities under the Board’s rules. Because the records would be maintained at branches, agencies, and representative offices of foreign banks and Edge and Agreement corporations, and the records are not provided to the Federal Reserve, no issue of confidentiality under the Freedom of Information Act arises. Estimated number of financial institutions subject to the final rule: 520. Estimated average annual burden for establishing the written compliance program per financial institution: 16 hours (2 business days). Estimated total annual burden: 8,320 hours. The Federal Reserve has a continuing interest in the public’s opinion of our collections of information. At any time, comments regarding any aspect of this collection of information, including suggestions for reducing the burden may be sent to: Ms. Jennifer J. Johnson, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551; and to the Office of Management and Budget, Paperwork Reduction Project (OMB No. 7100– 0310), Washington, DC 20503. IV. Use of Plain Language Section 722 of the Gramm-LeachBliley Act, Pub. L. 106–102, requires the Board to use ‘‘plain language’’ in all proposed and final rules published after January 1, 2000. The Board requested comment on whether there were ways to make the proposed rule easier to understand. One commenter suggested that the rule would be easier to use if it set forth the full text of the regulatory requirements found in section 208.63. For the reasons discussed above, the Board has determined to continue to incorporate by reference the text of the minimum requirements for Bank Secrecy Act compliance programs found in section 208.63 of Regulation H. The Board believes that the final rule is written plainly and presented clearly. List of Subjects in 12 CFR Part 211 Exports, Federal Reserve System, Foreign banking, Holding companies, Investments, Reporting and recordkeeping requirements. PO 00000 Frm 00014 Fmt 4700 Sfmt 4700 For the reasons set forth in the preamble, part 211 of chapter II of title 12 of the Code of Federal Regulations is amended as follows: ■ PART 211—INTERNATIONAL BANKING OPERATIONS (REGULATION K) 1. The authority citation for 12 CFR part 211 continues to read as follows: ■ Authority: 12 U.S.C. 221 et seq., 1818, 1835a, 1841 et seq., 3101 et seq., and 3901 et seq.; 15 U.S.C. 6801 and 6805; 31 U.S.C. 5318. 2. In § 211.5 add new paragraph (m)(1) to read as follows: ■ § 211.5 Edge and agreement corporations. * * * * * (m) Procedures for monitoring Bank Secrecy Act compliance. (1) Establishment of Compliance Program. Each Edge corporation and each agreement corporation shall, in accordance with the provisions of § 208.63 of the Board’s Regulation H, 12 CFR 208.63, develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with the provisions of subchapter II of chapter 53 of title 31, United States Code, the Bank Secrecy Act, and the implementing regulations promulgated thereunder by the Department of the Treasury at 31 CFR part 103. The compliance program shall be reduced to writing, approved by the board of directors, and noted in the minutes. * * * * * ■ 3. In § 211.24 add new paragraph (j)(1) to read as follows: § 211.24 Approval of offices of foreign banks; procedures for applications; standards for approval; representative office activities and standards for approval; preservation of existing authority. * * * * * (j) Procedures for monitoring Bank Secrecy Act compliance. (1) Establishment of Compliance Program. Except for a Federal branch or a Federal agency or a state branch that is insured by the FDIC, a branch, agency, or representative office of a foreign bank operating in the United States shall, in accordance with the provisions of § 208.63 of the Board’s Regulation H, 12 CFR 208.63, develop and provide for the continued administration of a program reasonably designed to assure and monitor compliance with the provisions of subchapter II of chapter 53 of title 31, United States Code, the Bank Secrecy Act, and the implementing regulations promulgated thereunder by the E:\FR\FM\20MRR1.SGM 20MRR1 Federal Register / Vol. 71, No. 53 / Monday, March 20, 2006 / Rules and Regulations Department of the Treasury at 31 CFR part 103. The compliance program shall be reduced to writing, and either: (i) Approved by the foreign bank’s board of directors and noted in the minutes, or (ii) Approved by a delegee acting under the express authority of the board of directors to approve the Bank Secrecy Act compliance program. * * * * * By order of the Board of Governors of the Federal Reserve System, March 15, 2006. Jennifer J. Johnson, Secretary of the Board. [FR Doc. 06–2629 Filed 3–17–06; 8:45 am] BILLING CODE 6210–01–P 1 Part 7 of Subtitle B of Title 1 of ERISA, Chapter 100 of Subtitle K of the Code, and Title XXVII of the PHS Act were added by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub. L. 104–191. 13937
@FedFRASER