Live Life Federal Credit Union, a $69 million-asset credit union based in Fraser, Michigan, recently consented to a cease-and-desist order issued by the National Credit Union Administration Board (NCUA). The enforcement action levied by the NCUA stipulates that Live Life Federal Credit Union, among other things, must stop opening new marijuana-related accounts, immediately file all missing Suspicious Activity Reports (SARs), and develop and implement an automated system to effectively monitor and identify all transactions for suspicious activity.
The NCUA’s enforcement action is widely considered to be the first example of a U.S. regulator publicly criticizing and penalizing a financial institution for compliance-related failures explicitly related to the cannabis industry. For banks and credit unions, the enforcement action is a critical reminder of the importance of adhering to the Financial Crimes Enforcement Network’s (FinCEN) marijuana-related business (MRBs) guidance issued in 2014, describing how banks and credit unions may do business with MRBs without triggering Bank Secrecy Act (BSA) enforcement by FinCEN. FinCEN’s guidance primarily requires financial institutions to conduct extensive and ongoing due diligence on any MRBs to which they provide or wish to provide banking services, in order to ensure compliance, and to file SARs for transactions related to MRBs.
MRBs currently have extraordinarily limited access to financial services because many financial institutions are concerned with potentially violating federal anti-money laundering laws and other related laws by engaging in transactions with proceeds obtained by federally illegal marijuana operations. Although marijuana is currently legal in 33 states and the District of Columbia for medical purposes, and 11 states plus the District of Columbia for recreational, adult-use purposes, from a federal standpoint, marijuana is still considered a prohibited controlled substance. This legal limbo is the primary reason why most financial institutions continue to avoid providing banking services to MRBs. Also concerning to financial institutions, whether they are servicing this industry or not, is whether they have the requisite staff and compliance programs and resources to adhere to FinCEN’s compliance guidance for banks and credit unions ,and the related guidance by other federal and state banking regulators.
The NCUA’s order is a reminder that financial institutions that choose to serve MRBs run the risk of incurring penalties for lacking the requisite wherewithal (financial or otherwise) to meet the relevant guidance. Financial institutions choosing to serve MRBs must do so with the understanding that appropriate funding and staffing, as well as increased investments in automated compliance processes, must be allocated to their compliance functions in proportion to their level of engagement with MRBs. Appropriate compliance policies and procedures, as well as appropriate levels of staffing in the applicable compliance departments, are critical to ensure that financial institutions servicing MRBs are doing so sufficiently and within the framework established by the relevant guidance. Financial institutions serving MRBs should consider working with attorneys who are knowledgeable about FinCEN’s requirements regarding MRBs.