Issued November 19,
2020
*3-1876
The Board of Governors of the Federal Reserve System
(Federal Reserve), the Federal Deposit Insurance Corporation (FDIC),
the Financial Crimes Enforcement Network (FinCEN), the National Credit
Union Administration (NCUA), and the Office of the Comptroller of
the Currency (OCC) (collectively, “the agencies”) are
issuing this joint fact sheet to provide clarity to banks
1 on how to apply a risk-based approach to charities
and other non-profit organizations (NPOs), consistent with the customer
due diligence (CDD) requirements contained in FinCEN’s 2016
CDD final rule.
2 Some charities have reported difficulty in
obtaining and maintaining access to financial services, jeopardizing
the important contributions charities make to the most vulnerable.
The agencies remind banks that the U.S. government does not view the
charitable sector as a whole as presenting a uniform or unacceptably
high risk of being used or exploited for money laundering, terrorist
financing (ML/TF), or sanctions violations.
3 The
agencies remind banks that charities vary in their risk profiles and
should be treated according to such profiles. Banks should apply the
risk-based approach and evaluate charities according to their particular
characteristics to determine whether they can effectively mitigate
the potential risk some charities may pose. This approach helps to
minimize illicit finance risks. This joint fact sheet does not alter
existing Bank Secrecy Act/anti-money laundering (BSA/AML) legal or
regulatory requirements, nor does it establish new supervisory expectations.
Helping those in need is a core American value, particularly
in the difficult conditions caused by the coronavirus disease 2019
(COVID-19) pandemic. The United States is committed to ensuring that
humanitarian assistance continues to reach at-risk populations through
legitimate and transparent channels, including during the COVID-19
pandemic.
4 The agencies
recognize that it is vital for legitimate charities and other NPOs
to have access to financial services, including the ability to transmit
funds. Charities and other NPOs rely on banks to facilitate the flow
of funds transfers in a timely fashion. Although some charities and
other NPOs have been misused to facilitate ML/TF
5 or evade sanctions, the agencies
recognize that the vast majority of charities and other NPOs comply
with the law and properly support charitable and humanitarian causes.
CDD Requirements
Like all
bank accounts, those held by charity and NPO customers are subject
to BSA/AML regulatory requirements. These include requirements related
to suspicious activity reporting,
6 customer identification,
7 CDD, and beneficial
ownership,
8 as applicable.
Banks must apply a risk-based approach to CDD in developing
the risk profiles of their customers, including charities and NPOs,
and are required to establish and maintain written
procedures
reasonably designed to identify and verify beneficial owners of legal
entity customers, as applicable.
9 More specifically, banks must
adopt appropriate risk-based procedures for conducting CDD that, among
other things, enable banks to: (i) understand the nature and purpose
of customer relationships for the purpose of developing a customer
risk profile, and (ii) conduct ongoing monitoring to identify and
report suspicious transactions and, on a risk basis, to maintain and
update customer information.
10 Consistent with a risk-based approach, the
level and type of CDD should be appropriate for the risks presented
by each customer. There is no regulatory requirement in the CDD rule,
nor is there a supervisory expectation, for banks to have unique,
additional due diligence steps for charities or other NPO customers.
Considerations for a Risk-Based Approach
As previously stated, charities and other NPOs do
not present a uniform or unacceptably high ML/TF risk; rather, the
risk to banks depends on facts and circumstances specific to the customer
relationship. The ML/TF risk for charitable organizations can vary
dramatically depending on the operations, activities, leadership,
and affiliations of the organization. U.S. charities that operate
and provide funds solely to domestic recipients generally present
low TF risk. However, U.S. charities that operate abroad, provide
funding to, or have affiliated organizations in conflict regions,
can present potentially higher TF risks.
11
Charities and other NPOs are subject to federal and state
reporting requirements and regulatory oversight. For example, charities
report specific information annually on IRS Form 990 regarding their
stated mission, programs, finances (including non-cash contributions),
donors, activities, and funds sent and used abroad.
12 Many NPOs also adhere
to voluntary self-regulatory standards
13 and
controls to improve individual governance, management, and operational
practice, in addition to internal controls required by donors and
others. Although the CDD rule does not require the collection of this
specific information, the following customer information may be useful
for banks in determining the ML/TF risk profile of charities and other
NPO customers:
- Purpose and nature of the NPO, including mission(s),
stated objectives, programs, activities, and services.
- Geographic locations served, including headquarters
and operational areas, particularly in higher-risk areas where terrorist
groups are most active.
- Organizational structure, including key principals,
management, and internal controls of the NPO.
- State incorporation, registration, and tax-exempt
status by the IRS and required reports with regulatory authorities.
- Voluntary participation in self-regulatory programs
to enhance governance, management, and operational practice.
- Financial statements, audits, and any self-assessment
evaluations.
- General information about the donor base, funding
sources, and fundraising methods, and for public charities, level
of support from the general public.
- General information about beneficiaries and criteria
for disbursement of funds, including guidelines/standards for qualifying
beneficiaries and any intermediaries that may be involved.
- Affiliation with other NPOs, governments, or groups.
Additional information that may be useful to
banks in determining the customer risk profile of a charity or other
NPO is available at the U.S. Department of the Treasury’s Resource
Center, Protecting Charitable Organizations.
14 Conclusion
Charitable organizations and other NPOs build communities,
relieve suffering, provide life-saving assistance, and help developing
nations. During this COVID-19 pandemic, charities and other NPOs are
on the front lines, both domestically and internationally, delivering
medical supplies and vital assistance to areas most impacted by COVID-19.
Banks that operate in compliance with applicable laws, properly manage
customer relationships, and effectively mitigate risks by implementing
controls commensurate with those risks are neither prohibited nor
discouraged from providing banking services to charities and other
NPOs. The agencies are issuing this joint fact sheet to reaffirm that
the level of ML/TF risk associated with charities and other NPOs varies;
these bank customers do not present a uniform or unacceptably high
ML/TF risk. The application of a risk-based approach for charities
and other NPOs is consistent with existing CDD and other BSA/AML requirements.