The New York rule became effective January 1, 2017.
The New York State Department of Financial Services (DFS) has issued a regulation that requires certain New York regulated financial institutions to maintain programs to monitor and filter transactions for potential Bank Secrecy Act (BSA), anti-money laundering (AML) violations, and to prevent transactions with sanctioned entities. The rule, which became effective January 1, is Part 504 of DFS Superintendent’s Regulations [Rule] and details which institutions subject to DFS jurisdiction must comply. This regulation “will be enforced pursuant to [DFS’] authority under any applicable laws.” It is thus possible that violation of the rule could lead to penalties under New York’s banking and penal laws for falsifying business records, offering a false statement for filing, or failing to maintain accurate books and records.
This rule, which creates a requirement for the minimum attributes of a mandatory compliance program, is even more stringent than the economic sanctions requirements enforced by the US Department of the Treasury’s Office of Foreign Assets Control [OFAC], with respect to institutions subject to DFS jurisdiction under the rule.
No OFAC sanction regulation mandates the creation and maintenance of a screening or compliance protocol with any particular attributes per se. However, as a practical matter, the best practice has always been to maintain an OFAC compliance program to avoid any prohibited dealings or transactions with an OFAC-blocked or sanctioned party.
The New York regulation requires state-regulated institutions to submit annually a board resolution or senior officer compliance finding that confirms steps taken to ascertain compliance with the rule.
The rule also requires regulated institutions to review their transaction-monitoring and filtering programs and ensure that they are reasonably designed to comply with risk-based safeguards. The institutions also must adopt (at the institution’s option) an annual board resolution or senior officer compliance finding to certify compliance with the DFS regulation beginning April 15, 2018. The resolution or finding must state that documents, reports, certifications and opinions of officers and other relevant parties have been reviewed by the board of directors or senior official to certify compliance with the regulation.
Institutions must maintain supporting data for the certification, for review by DFS, for five years. Some key requirements of the new DFS regulation include the following:
Each regulated institution shall maintain a reasonably designed filtering program to interdict transactions that are prohibited by federal economic and trade sanctions, and which shall, to the extent they are applicable,
Each Transaction Monitoring and Filtering Program shall require the following, to the extent they are applicable:
To ensure compliance with the requirements, each regulated institution shall adopt and submit to DFS a board resolution or senior officer compliance finding by April 15 of each year. Each regulated institution shall maintain for examination by DFS all records, schedules and data supporting adoption of the board resolution or senior officer compliance finding for a period of five years.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers: