Money services businesses are subject to the program requirements set forth and cross referenced in this subpart. Money services businesses should also refer to subpart B of part 1010 of this chapter for program requirements contained in that subpart which apply to money services businesses.
(a) Each money services business, as defined by § 1010.100(ff) of this chapter, shall develop, implement, and maintain an effective anti-money laundering program. An effective anti-money laundering program is one that is reasonably designed to prevent the money services business from being used to facilitate money laundering and the financing of terrorist activities.
(b) The program shall be commensurate with the risks posed by the location and size of, and the nature and volume of the financial services provided by, the money services business.
(c) The program shall be in writing, and a money services business shall make copies of the anti-money laundering program available for inspection to the Department of the Treasury upon request.
(d) At a minimum, the program shall:
(1) Incorporate policies, procedures, and internal controls reasonably designed to assure compliance with this chapter.
(i) Policies, procedures, and internal controls developed and implemented under this section shall include provisions for complying with the requirements of this chapter including, to the extent applicable to the money services business, requirements for:
(A) Verifying customer identification, including as set forth in paragraph (d)(1)(iv) of this section;
(B) Filing Reports;
(C) Creating and retaining records;
(D) Responding to law enforcement requests.
(ii) Money services businesses that have automated data processing systems should integrate their compliance procedures with such systems.
(iii) A person that is a money services business solely because it is an agent for another money services business as set forth in § 1022.380(a)(3), and the money services business for which it serves as agent, may by agreement allocate between them responsibility for development of policies, procedures, and internal controls required by this paragraph (d)(1). Each money services business shall remain solely responsible for implementation of the requirements set forth in this section, and nothing in this paragraph (d)(1) relieves any money services business from its obligation to establish and maintain an effective anti-money laundering program.
(iv) A money services business that is a provider or seller of prepaid access must establish procedures to verify the identity of a person who obtains prepaid access under a prepaid program and obtain identifying information concerning such a person, including name, date of birth, address, and identification number. Sellers of prepaid access must also establish procedures to verify the identity of a person who obtains prepaid access to funds that exceed $10,000 during any one day and obtain identifying information concerning such a person, including name, date of birth, address, and identification number. Providers of prepaid access must retain access to such identifying information for five years after the last use of the prepaid access device or vehicle; such information obtained by sellers of prepaid access must be retained for five years from the date of the sale of the prepaid access device or vehicle.
(2) Designate a person to assure day to day compliance with the program and this chapter. The responsibilities of such person shall include assuring that:
(i) The money services business properly files reports, and creates and retains records, in accordance with applicable requirements of this chapter;
(ii) The compliance program is updated as necessary to reflect current requirements of this chapter, and related guidance issued by the Department of the Treasury; and
(iii) The money services business provides appropriate training and education in accordance with paragraph (d)(3) of this section.
(3) Provide education and/or training of appropriate personnel concerning their responsibilities under the program, including training in the detection of suspicious transactions to the extent that the money services business is required to report such transactions under this chapter.
(4) Provide for independent review to monitor and maintain an adequate program. The scope and frequency of the review shall be commensurate with the risk of the financial services provided by the money services business. Such review may be conducted by an officer or employee of the money services business so long as the reviewer is not the person designated in paragraph (d)(2) of this section.
(e) Compliance date. A money services business must develop and implement an anti-money laundering program that complies with the requirements of this section on or before the later of July 24, 2002, and the end of the 90-day period beginning on the day following the date the business is established.
[75 FR 65812, Oct. 26, 2010, as amended at 76 FR 43597, July 21, 2011; 76 FR 45419, July 29, 2011]