New York DFS Issues Tough Anti-Money Laundering Regulation

If you do business in New York, you’ll want to make sure to review the new rule from the New York Department of Financial Services (DFS) on monitoring transactions and screening requirements. The rule was issued by the DFS following their investigations into compliance by “Regulated Institutions” with applicable federal economic and trade sanctions requirements (e.g., Bank Secrecy Act/Anti-Money Laundering laws and regulations as well as OFAC regulations). The DFS identified a number of deficiencies in transaction monitoring and filtering programs as well as a “lack of robust governance, oversight and accountability at senior levels.”

Below is a summary of these new requirements. Firms subject to these new requirements will want to make sure that at a minimum they:

• assess their current controls – policies, procedures, monitoring programs, screening systems, testing and so forth – to identify any potential gaps and remediate them by the compliance date;
• develop a process for documenting and tracking relevant efforts to facilitate preparation of the annual compliance report due to the DFS; and
• incorporate recordkeeping requirements from the new rule into their records management and business continuity programs.

Summary of the Regulation

Who is subject to the new rule?

The new DFS rule applies to regulated institutions, such as:

• Bank-Regulated Institutions – all banks, trust companies, private bakers, savings banks and savings and loan associations chartered pursuant to the NY Banking Law and all branches and agencies of foreign banking corporations licensed pursuant to the law to conduct banking operations in New York.
• Nonbank Regulated Institutions – all check cashers and money transmitters licensed pursuant to the Banking Law.

When does the new rule take effect? 

The new DFS rule takes effect on January 1, 2017 with the first compliance-finding report due to the DFS by April 15, 2018.

What does the new rule require?

Under the new DFS rule, regulated institutions must:

• review their transaction-monitoring and filtering programs and ensure that they are capable of detecting unlawful or suspicious funds transfers;
• adopt an annual board resolution or senior officer compliance finding to certify compliance with the regulation as of April 15, 2018*; and retain supporting data for the certification, for review by DFS, for five years.

For a full copy of the final regulation, please click here.

*Note: The rule includes a form to be used for the resolution or finding. The form provides that the resolution or finding must: 1) state that documents, reports, certifications and opinions of officers and relevant parties have been reviewed by the board of directors or senior official to make the relevant representations; and 2) the institution’s program has been assessed and confirmed to comply with the rule.