Report Offers Weak Insight on Causation but Lists Steps that Treasury Can and Should Take
The Department of Treasury (“DOT”) recently released its first ever strategy report (the “Strategy”) on the topic of de-risking, taking the form of a 54-page document that combines a summary of the problem of de-risking with an overview of recommended steps to solve it. While the Strategy is the first document of its kind issued by the U.S. government, it is not unexpected – Section 6215 of the Anti-Money Laundering Act of 2020 (“AMLA”) requires the DOT to develop a strategy to mitigate the adverse effects of de-risking after conducting interviews with regulators, non-profit organizations and other public and private stakeholders.
As we’ve discussed over the years, “de-risking” is a practice taken by financial institutions (FIs) to restrict certain categories of customers from accessing their services – typically due to the perception that the compliance risk associated with such customers would outweigh the benefits, financial or otherwise, of servicing them. It is important to note that the concept of de-risking is not about a customer’s individual risk profile; rather, de-risking involves a FI making a wholesale or indiscriminate determination about a category of customers, and failing to use an individualized risk-based approach favored by the anti-money laundering/countering the financing of terrorism (AML/CFT) regulatory framework. As we have discussed, and as global watchdog groups have noted, de-risking often has a disproportionate impact on developing countries. The Strategy itself notes that de-risking “prevent[s] low- and middle-income segments of the population, as well as other underserved communities, from efficiently accessing the financial system[.]” Thus, the issue of de-risking is intertwined with concerns regarding economic and ethnic disparities.
As the Strategy notes, de-risking also can undermine development, humanitarian and disaster relief funds flowing to other countries. Finally, de-risking can threaten the U.S. financial system because driving funds outside of the regulated financial system makes it harder to detect and deter illicit finance, and increases the risk of sanctions evasion.
According to the Strategy, the profit motive of FIs is the main driver behind the ongoing problem of de-risking: because the cost of compliance for risky categories of customers would be too high, FIs cannot justify providing services to them from a profitability perspective.
Arguably, this claim in the Strategy suffers from, at best, a certain lack of self-awareness and, at worst, a degree of hypocrisy, used to deflect a Congressional demand that the DOT address and ameliorate the problem of de-risking. Increasingly onerous BSA/AML regulations, the occasionally haphazard enforcement of those regulations, and the practical disconnect between the expectations of AML examiners and law enforcement agents arguably represent the true source of the compliance-related fears and costs that drive FIs to de-risk. If banks and other FIs are rejecting certain customers wholesale, it’s often because they fear that they will get “dinged” during a regulatory examination for servicing such customers if perceived problems develop after the application of 20/20 hindsight, and because the compliance hoops can range from the onerous to the practically impossible. Similar considerations are partially why FIs now file over four million Suspicious Activity Reports (“SARs”) annually, regardless of whether any given SAR is actually helpful to law enforcement: no one has been subjected to an enforcement action for filing too many SARs.
According to the Strategy, the main types of customers impacted by de-risking are (1) small- and medium-sized money service businesses (“MSBs”), (2) non-profit organizations (“NPOs”) operating in high-risk foreign jurisdictions, and (3) foreign financial institutions with low correspondent banking transaction volumes. For all three customer types, their tendency to engage in cross-border transactions makes their risk profile particularly high, and there are examples of terrorist groups or sanctioned individuals using all three customer types for illicit transactions.
The Strategy then describes the regulatory requirements that apply to banks and their potential customers, such as customer due diligence, enhanced due diligence, filing SARs, Office of Foreign Assets Control compliance, plus related regulations and guidance issued by a variety of federal banking agencies. After describing the web of regulations that can apply, the Strategy notes the following: “[B]anks continue to report ‘uncertainty regarding regulatory expectations around the complex risk assessments and due diligence needed on [high-risk] accounts [which] has contributed to [banks’] decisions to limit or terminate [these customer accounts].’” The Strategy recognizes the existence of regulatory uncertainty, but as described below, does not fully account for it in calculating the root cause of de-risking.
The causal factors provided in the Strategy are relativity simplistic and arguably circular: profitability and cost-benefit considerations are the main drivers for FIs, based on the necessary (and costly) due diligence required for certain customer categories. This is especially true for smaller FIs that do not have substantial resources to devote to training staff and otherwise implementing internal compliance measures to navigate a risk-based approach to individual customers. Interestingly, the interviews with participant FIs reflected the idea that “this assessment is based on their perception that there is a lack of sufficient guidance as to what a ‘risk-based approach’ means, and that they err on the side of caution by taking a risk-averse approach with respect to certain customer types.” This is not surprising, given the ambiguity of the “risk based” approach driving AML compliance: a standard that is easy to articulate, but which can be very difficult to implement in practice. Further, its opacity can encourage after-the-fact findings by examiners or law enforcement that a particular decision or policy was insufficiently “risk based,” because it turned out to produce a BSA/AML violation.
As the Strategy later acknowledges, industry participants interviewed by the DOT stated that not only is a perceived lack of BSA/AML regulatory clarity a driver of de-risking, but also “a lack of consistency in how examiners are evaluating banks’ AML/CFT programs.”
The Strategy provides a number of recommendations, while acknowledging that “[n]o individual recommendation is likely to be transformative on its own.” Consistent with its conclusion that the primary cause of de-risking is the profit motive of FIs, the Strategy also claims that “the U.S. government has limited authority to effectively address some drivers of de-risking, especially those related to business decisions of financial institutions.”
Nonetheless, the Strategy’s list of proposed steps for policymakers to take strongly suggests that, in fact, there are many things that the U.S. government can do to ameliorate de-risking. All of the steps are logical, although many have been proposed before.
Here are the proposed steps:
- Promote consistent supervisory expectations, including through training to federal examiners, that consider the effects of de-risking, as mandated by Section 6307 of the AMLA;
- Analyze account termination notices and notice periods that banks give NPO and MSB customers and identify ways to support longer notice periods where possible;
- Propose regulations implementing Section 6101(b) of the AMLA, which requires FIs to have effective, reasonably designed and risk-based AML/CFT programs; these regulations should satisfy the requirements in Section 6101(b) that the DOT should “consider [the fact] that the extension of financial services to the underbanked and the facilitation of certain financial transactions, including remittances, while protecting the financial system from abuse are key policy goals of the United States[;]”
- FinCEN should consider, under Section 6212 of the AMLA, clarifications or regulatory changes to promote financial inclusion and reduce de-risking, including by reviewing BSA/AML regulations and guidance for MSBs;
- Bolster international engagement to strengthen the AML/CFT regimes of foreign jurisdictions;
- Expand international cooperation and consider creative options, such as regional consolidation projects, with our international counterparts;
- Support efforts by international financial institutions to address de-risking through related projects and technical assistance;
- Continue to assess the opportunities, risks, and challenges of innovative and emerging technologies for AML/CFT compliance solutions;
- Build on Treasury’s work to modernize the U.S. sanctions regime and its recognition of the need to specifically calibrate sanctions to mitigate unintended economic, political, and humanitarian impacts;
- Reduce burdensome requirements for processing humanitarian assistance transactions;
- Track and measure aggregate changes in banking relationships with respondent banks, MSBs, and NPOs; and
- Encourage an open dialogue among public and private sector stakeholders and MSBs, NPOs, banks and regulators.
Overall, the Strategy disappoints in its identification of the causal factors behind de-risking. The DOT’s failure to acknowledge its own role in the de-risking phenomenon is troubling.
That said, one important takeaway of the Strategy is that DOT acknowledges that the AMLA requires the DOT to take further concrete steps to reduce de-risking, including through regulations, additional guidance and examiner training. But for these steps to work, they cannot simply pile additional burdens on FIs. Rather, they must embody a degree of self-awareness by the DOT and provide, in a practical way, breathing room for FIs to service categories of customers, lest FIs continue to engage in de-risking because they fear after-the-fact adverse actions by regulators.