[Federal Register Volume 85, Number 40 (Friday, February 28, 2020)]
[Notices]
[Pages 12032-12035]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-04073]


=======================================================================
-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

[Release No. 34-88272; File No. SR-Phlx-2020-06]


Self-Regulatory Organizations; Nasdaq PHLX LLC; Notice of Filing 
and Immediate Effectiveness of Proposed Rule Change To Amend PSX Rule 
3506 (Anti-Money Laundering Compliance Program) and Options 9, Section 
21 (Anti-Money Laundering Compliance Program)

February 24, 2020.
    Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934 
(``Act''),\1\ and Rule 19b-4 thereunder,\2\ notice is hereby given that 
on February 18, 2020, Nasdaq PHLX LLC (``Phlx'' or ``Exchange'') filed 
with the Securities and Exchange Commission (``SEC'' or ``Commission'') 
the proposed rule change as described in Items I, II, and III, below, 
which Items have been prepared by the Exchange. The Commission is 
publishing this notice to solicit comments on the proposed rule change 
from interested persons.
---------------------------------------------------------------------------

    \1\ 15 U.S.C. 78s(b)(1).
    \2\ 17 CFR 240.19b-4.
---------------------------------------------------------------------------

I. Self-Regulatory Organization's Statement of the Terms of Substance 
of the Proposed Rule Change

    The Exchange proposes to amend PSX Rule 3506 and Options 9, Section 
21, both titled ``Anti-Money Laundering Compliance Program.'' This rule 
change is intended to reflect the Financial Crimes Enforcement 
Network's (``FinCEN'') adoption of a final rule on Customer Due 
Diligence Requirements for Financial Institutions (``CDD Rule''). 
Specifically, the proposed amendments would conform PSX Rule 3506 and 
Options 9, Section 21 to the CDD Rule's amendments to the minimum 
regulatory requirements for members' anti-money laundering (``AML'') 
compliance programs by requiring such programs to include risk-based 
procedures for conducting ongoing customer due diligence. This ongoing 
customer due diligence element for AML programs includes: (1) 
Understanding the nature and purpose of customer relationships for the 
purpose of developing a customer risk profile; and (2) conducting 
ongoing monitoring to identify and report suspicious transactions and, 
on a risk basis, to maintain and update customer information.
    The Exchange has designated this proposal as ``non-controversial'' 
under

[[Page 12033]]

paragraph (f)(6) of Rule 19b-4 \3\ under the Act.
---------------------------------------------------------------------------

    \3\ 17 CFR 240.19b-4(f)(6).
---------------------------------------------------------------------------

    The text of the proposed rule change is available on the Exchange's 
website at http://nasdaqphlx.cchwallstreet.com/, at the principal 
office of the Exchange, and at the Commission's Public Reference Room.

II. Self-Regulatory Organization's Statement of the Purpose of, and 
Statutory Basis for, the Proposed Rule Change

    In its filing with the Commission, the Exchange included statements 
concerning the purpose of and basis for the proposed rule change and 
discussed any comments it received on the proposed rule change. The 
text of these statements may be examined at the places specified in 
Item IV below. The Exchange has prepared summaries, set forth in 
sections A, B, and C below, of the most significant aspects of such 
statements.

A. Self-Regulatory Organization's Statement of the Purpose of, and 
Statutory Basis for, the Proposed Rule Change

1. Purpose
I. Background
    The Bank Secrecy Act \4\ (``BSA''), among other things, requires 
financial institutions,\5\ including broker-dealers, to develop and 
implement AML programs that, at a minimum, meet the statutorily 
enumerated ``four pillars.'' \6\ These four pillars currently require 
broker-dealers to have written AML programs that include, at a minimum:
---------------------------------------------------------------------------

    \4\ 31 U.S.C. 5311, et seq.
    \5\ See U.S.C. 5312(a)(2) (defining ``financial institution'').
    \6\ 31 U.S.C. 5318(h)(1).
---------------------------------------------------------------------------

     The establishment and implementation of policies, 
procedures and internal controls reasonably designed to achieve 
compliance with the applicable provisions of the BSA and implementing 
regulations;
     independent testing for compliance by broker-dealer 
personnel or a qualified outside party;
     designation of an individual or individuals responsible 
for implementing and monitoring the operations and internal controls of 
the AML program; and
     ongoing training for appropriate persons.\7\
---------------------------------------------------------------------------

    \7\ 31 CFR 1023.210(b).

In addition to meeting the BSA's requirement with respect to AML 
programs, Exchange members must also comply with PSX Rule 3506 and 
Options 9, Section 21, respectively, which incorporates the BSA's four 
pillars, as well as requires members' AML programs to establish and 
implement policies and procedures that can be reasonably expected to 
detect and cause the reporting of suspicious transactions.
    On May 11, 2016, FinCEN, the bureau of the Department of the 
Treasury responsible for administering the BSA and its implementing 
regulations, issued the CDD Rule \8\ to clarify and strengthen customer 
due diligence for covered financial institutions, \9\ including broker-
dealers. In its CDD Rule, FinCEN identifies four components of customer 
due diligence: (1) Customer identification and verification; (2) 
beneficial ownership identification and verification; (3) understanding 
the nature and purpose of customer relationships; and (4) ongoing 
monitoring for reporting suspicious transactions and, on a risk basis, 
maintaining and updating customer information.\10\ As the first 
component is already required to be part of a broker-dealers AML 
program under the BSA, the CDD Rule focuses on the other three 
components.
---------------------------------------------------------------------------

    \8\ FinCEN Customer Due Diligence Requirements for Financial 
Institutions; CDD Rule, 81 FR 29397 (May 11, 2016) (CDD Rule 
Release); 82 FR 45182 (September 28, 2017) (making technical 
correcting amendments to the final CDD Rule published on May 11, 
2016). FinCEN is authorized to impose AML program requirements on 
financial institutions and to require financial institutions to 
maintain procedures to ensure compliance with the BSA and associated 
regulations. 31 U.S.C. 5318(h)(2) and (a)(2). The CDD Rule is the 
result of the rulemaking process FinCEN initiated in March 2012. See 
77 FR 13046 (March 5, 2012) (Advance Notice of Proposed Rulemaking) 
and 79 FR 45151 (Aug. 4, 2014) (Notice of Proposed Rulemaking).
    \9\ See 31 CFR 1010.230(f) (defining ``covered financial 
institution'').
    \10\ See CDD Rule Release at 29398.
---------------------------------------------------------------------------

    Specifically, the CDD Rule focuses particularly on the second 
component by adding a new requirement that covered financial 
institutions identify and verify the identity of the beneficial owners 
of all legal entity customers at the time a new account is opened, 
subject to certain exclusions and exemptions.\11\ The CDD Rule also 
addresses the third and fourth components, which FinCEN states ``are 
already implicitly required for covered financial institutions to 
comply with their suspicious activity reporting requirements,'' by 
amending the existing AML program rules for covered financial 
institutions to explicitly require these components to be included in 
AML programs as a new ``fifth pillar.''
---------------------------------------------------------------------------

    \11\ See 31 CFR 1010.230(d) (defining ``beneficial owner'') and 
31 CFR 1010.230(e) (defining ``legal entity customer'').
---------------------------------------------------------------------------

    On November 21, 2017, FINRA published Regulatory Notice 17-40 to 
provide guidance to member firms regarding their obligations under 
FINRA Rule 3310 in light of the adoption of FinCEN's CDD Rule. In 
addition, the Notice summarized the CDD Rule's impact on member firms, 
including the addition of the new fifth pillar required for member 
firms' AML programs. FINRA also amended FINRA Rule 3310 to explicitly 
incorporate the fifth pillar.\12\ This proposed rule change amends PSX 
Rule 3506 and Options 9, Section 21 to harmonize these rules with the 
FINRA rule and incorporate the fifth pillar.
---------------------------------------------------------------------------

    \12\ See Securities Exchange Act Release No. 83154 (May 2, 
2018), 83 FR 20906 (May 8, 2018) (File No. SR-FINRA-2018-016).
---------------------------------------------------------------------------

II. PSX Rule 3506 and Options 9, Section 21 and Amendment to Minimum 
Requirements for Members' AML Programs
    Section 352 of the USA PATRIOT Act of 2001 \13\ amended the BSA to 
require broker-dealers to develop and implement AML programs that 
include the four pillars mentioned above. Consistent with Section 352 
of the PATRIOT Act, and incorporating the four pillars, Options 9, 
Section 21 requires each member to develop and implement a written AML 
program reasonably designed to achieve and monitor the member's 
compliance with the BSA and implementing regulations. Among other 
requirements, PSX Rule 3506 and Options 9, Section 21 require that each 
member firm, at a minimum: (1) Establish and implement policies and 
procedures that can be reasonably expected to detect and cause the 
reporting of suspicious transactions; (2) establish and implement 
policies, procedures, and internal controls reasonably designed to 
achieve compliance with the BSA and implementing regulations; (3) 
provide independent testing for compliance to be conducted by member 
personnel or a qualified outside party; (4) designate and identify to 
the Exchange an individual or individuals (i.e., AML compliance 
person(s)) who will be responsible for implementing and monitoring the 
day-to-day operations and internal controls of the AML program and 
provide prompt notification to the Exchange of any changes to the 
designation; and (5)

[[Page 12034]]

provide ongoing training for appropriate persons.
---------------------------------------------------------------------------

    \13\ Uniting and Strengthening America by Providing Appropriate 
Tools Required to Intercept and Obstruct Terrorism Act of 2001, 
Public Law 107-56, 115 Stat. 272 (2001) (``PATRIOT Act'').
---------------------------------------------------------------------------

    FinCEN's CDD Rule does not change the requirements of either PSX 
Rule 3506 or Options 9, Section 21, and members must continue to comply 
with its requirements.\14\ However, FinCEN's CDD Rule amends the 
minimum regulatory requirements for broker-dealers' AML programs by 
explicitly requiring such programs to include risk-based procedures for 
conducting ongoing customer due diligence.\15\ Accordingly, the 
Exchange is proposing to amend PSX Rule 3506 and Options 9, Section 21 
to incorporate this ongoing customer due diligence element, or ``fifth 
pillar'' required for AML programs. Thus, proposed PSX Rule 3506(a)(6) 
and Options 9, Section 21(a)(6) would provide that the AML programs 
required by this Rule shall, at a minimum include appropriate risk-
based procedures for conducting ongoing customer due diligence, to 
include, but not be limited to: (A) Understanding the nature and 
purpose of customer relationships for the purpose of developing a 
customer risk profile; and (B) conducting ongoing monitoring to 
identify and report suspicious transactions and, on a risk basis, to 
maintain and update customer information.
---------------------------------------------------------------------------

    \14\ FinCEN notes that broker-dealers must continue to comply 
with FINRA Rules, notwithstanding differences between the CDD Rule 
and FINRA Rule 3310, which is substantially identical to PSX Rule 
3506 and Options 9, Section 21. See CDD Rule Release 29421, n. 85.
    \15\ See CDD Rule Release at 29420; 31 CFR 1023.210.
---------------------------------------------------------------------------

    As stated in the CDD Rule, these provisions are not new and merely 
codify existing expectations for members to adequately identify and 
report suspicious transactions as required under the BSA and 
encapsulate practices generally already undertaken by securities firms 
to know and understand their customers.\16\ The proposed rule change 
simply incorporates into PSX Rule 3506 and Options 9, Section 21 the 
ongoing customer due diligence element, or ``fifth pillar,'' required 
for AML programs by the CDD Rule to aid members in complying with the 
CDD Rule's requirements. However, to the extent that these elements, 
which are briefly summarized below, are not already included in 
members' AML programs, the CDD Rule requires members to update their 
AML programs to explicitly incorporate them.
---------------------------------------------------------------------------

    \16\ Id. at 29419.
---------------------------------------------------------------------------

III. Summary of Fifth Pillar's Requirements
Understanding the Nature and Purpose of Customer Relationships
    FinCEN states in the CDD Rule that firms must necessarily have an 
understanding of the nature and purpose of the customer relationship in 
order to determine whether a transaction is potentially suspicious and, 
in turn, to fulfill their SAR obligations.\17\ To that end, the CDD 
Rule requires that firms understand the nature and purpose of the 
customer relationship in order to develop a customer risk profile. The 
customer risk profile refers to information gathered about a customer 
to form the baseline against which customer activity is assessed for 
suspicious transaction reporting.\18\ Information relevant to 
understanding the nature and purpose of the customer relationship may 
be self-evident and, depending on the facts and circumstances, may 
include such information as the type of customer, account or service 
offered, and the customer's income, net worth, domicile, or principal 
occupation or business, as well as, in the case of existing customers, 
the customer's history of activity.\19\ The CDD Rule also does not 
prescribe a particular form of the customer risk profile.\20\ Instead, 
the CDD Rule states that depending on the firm and the nature of its 
business, a customer risk profile may consist of individualized risk 
scoring, placement of customers into risk categories or another means 
of assessing customer risk that allows firms to understand the risk 
posed by the customer and to demonstrate that understanding.\21\
---------------------------------------------------------------------------

    \17\ Id. at 29421.
    \18\ Id. at 29422.
    \19\ Id.
    \20\ Id.
    \21\ Id.
---------------------------------------------------------------------------

    The CDD Rule also addresses the interplay of understanding the 
nature and purpose of customer relationships with the ongoing 
monitoring obligation discussed below. The CDD Rule explains that firms 
are not necessarily required or expected to integrate customer 
information or the customer risk profile into existing transaction 
monitoring systems (for example, to serve as the baseline for 
identifying and assessing suspicious transactions on a contemporaneous 
basis).\22\ Rather, FinCEN expects firms to use the customer 
information and customer risk profile as appropriate during the course 
of complying with their obligations under the BSA in order to determine 
whether a particular flagged transaction is suspicious.\23\
---------------------------------------------------------------------------

    \22\ Id.
    \23\ Id.
---------------------------------------------------------------------------

Conduct Ongoing Monitoring
    As with the requirement to understand the nature and purpose of the 
customer relationship, the requirement to conduct ongoing monitoring to 
identify and report suspicious transactions and, on a risk basis, to 
maintain and update customer information, merely adopts existing 
supervisory and regulatory expectations as explicit minimum standards 
of customer due diligence required for firms' AML programs.\24\ If, in 
the course of its normal monitoring for suspicious activity, the member 
detects information that is relevant to assessing the customer's risk 
profile, the member must update the customer information, including the 
information regarding the beneficial owners of legal entity 
customers.\25\ However, there is no expectation that the member update 
customer information, including beneficial ownership information, on an 
ongoing or continuous basis.\26\
---------------------------------------------------------------------------

    \24\ Id. at 29402.
    \25\ Id. at 29420-21. See also FINRA Regulatory Notice 17-40 
(discussing identifying and verifying the identity of beneficial 
owners of legal entity customers).
    \26\ Id.
---------------------------------------------------------------------------

2. Statutory Basis
    The Exchange believes that the proposed rule change is consistent 
with Section 6(b) of the Act,\27\ in general, and furthers the 
objectives of Section 6(b)(5) of the Act,\28\ in particular, in that it 
is designed to promote just and equitable principles of trade, to 
remove impediments to and perfect the mechanism of a free and open 
market and a national market system, and, in general to protect 
investors and the public interest. Specifically, the Exchange believes 
the proposed rule change will protect investors, because it will aid 
members in complying with the CDD Rule's requirement that members' AML 
programs include risk-based procedures for conducting ongoing customer 
due diligence by also incorporating the requirement into PSX Rule 3506 
and Options 9, Section 21.
---------------------------------------------------------------------------

    \27\ 15 U.S.C. 78f(b).
    \28\ 15 U.S.C. 78f(b)(5).
---------------------------------------------------------------------------

B. Self-Regulatory Organization's Statement on Burden on Competition

    The Exchange does not believe that the proposed rule change will 
impose any burden on competition that is not necessary or appropriate 
in furtherance of the purposes of the Act. The proposed rule change 
simply

[[Page 12035]]

incorporates into PSX Rule 3506 and Options 9, Section 21 the ongoing 
customer due diligence element, or ``fifth pillar,'' required for AML 
programs by the CDD Rule. Regardless of the proposed rule change, to 
the extent that the elements of the fifth pillar are not already 
included in members' AML programs, the CDD Rule requires members to 
update their AML programs to explicitly incorporate them. In addition, 
as stated in the CDD Rule, these elements are already implicitly 
required for covered financial institutions to comply with their 
suspicious activity reporting requirements. Further, all Exchange 
members that have customers are required to be members of FINRA 
pursuant to Rule 15b9-1 under the Exchange Act,\29\ and are therefore 
already subject to the requirements of FINRA Rule 3310. Additionally, 
the proposed rule change is virtually identical \30\ to FINRA Rule 
3310. The Exchange is not imposing any additional direct or indirect 
burdens on member firms or their customers through this proposal, and 
as such, the proposal imposes no new burdens on competition.
---------------------------------------------------------------------------

    \29\ 17 CFR 240.15b9-1.
    \30\ The Exchange notes that changes between the proposed Rule 
and FINRA Rule 3310 are non-substantive and relate to cross 
references.
---------------------------------------------------------------------------

C. Self-Regulatory Organization's Statement on Comments on the Proposed 
Rule Change Received From Members, Participants, or Others

    No written comments were either solicited or received.

III. Date of Effectiveness of the Proposed Rule Change and Timing for 
Commission Action

    Because the foregoing proposed rule change does not: (i) 
Significantly affect the protection of investors or the public 
interest; (ii) impose any significant burden on competition; and (iii) 
become operative for 30 days from the date on which it was filed, or 
such shorter time as the Commission may designate, it has become 
effective pursuant to Section 19(b)(3)(A)(iii) of the Act \31\ and 
subparagraph (f)(6) of Rule 19b-4 thereunder.\32\
---------------------------------------------------------------------------

    \31\ 15 U.S.C. 78s(b)(3)(A)(iii).
    \32\ 17 CFR 240.19b-4(f)(6). In addition, Rule 19b-4(f)(6) 
requires a self-regulatory organization to give the Commission 
written notice of its intent to file the proposed rule change at 
least five business days prior to the date of filing of the proposed 
rule change, or such shorter time as designated by the Commission. 
The Exchange has satisfied this requirement.
---------------------------------------------------------------------------

    At any time within 60 days of the filing of the proposed rule 
change, the Commission summarily may temporarily suspend such rule 
change if it appears to the Commission that such action is necessary or 
appropriate in the public interest, for the protection of investors, or 
otherwise in furtherance of the purposes of the Act. If the Commission 
takes such action, the Commission shall institute proceedings to 
determine whether the proposed rule should be approved or disapproved.

IV. Solicitation of Comments

    Interested persons are invited to submit written data, views, and 
arguments concerning the foregoing, including whether the proposed rule 
change is consistent with the Act. Comments may be submitted by any of 
the following methods:

Electronic Comments

     Use the Commission's internet comment form (http://www.sec.gov/rules/sro.shtml); or
     Send an email to [email protected]. Please include 
File Number SR-Phlx-2020-06 on the subject line.

Paper Comments

     Send paper comments in triplicate to Secretary, Securities 
and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090.

All submissions should refer to File Number SR-Phlx-2020-06. This file 
number should be included on the subject line if email is used. To help 
the Commission process and review your comments more efficiently, 
please use only one method. The Commission will post all comments on 
the Commission's internet website (http://www.sec.gov/rules/sro.shtml). 
Copies of the submission, all subsequent amendments, all written 
statements with respect to the proposed rule change that are filed with 
the Commission, and all written communications relating to the proposed 
rule change between the Commission and any person, other than those 
that may be withheld from the public in accordance with the provisions 
of 5 U.S.C. 552, will be available for website viewing and printing in 
the Commission's Public Reference Room, 100 F Street NE, Washington, DC 
20549, on official business days between the hours of 10:00 a.m. and 
3:00 p.m. Copies of the filing also will be available for inspection 
and copying at the principal office of the Exchange. All comments 
received will be posted without change. Persons submitting comments are 
cautioned that we do not redact or edit personal identifying 
information from comment submissions. You should submit only 
information that you wish to make available publicly. All submissions 
should refer to File Number SR-Phlx-2020-06 and should be submitted on 
or before March 20, 2020.

    For the Commission, by the Division of Trading and Markets, 
pursuant to delegated authority.\33\
---------------------------------------------------------------------------

    \33\ 17 CFR 200.30-3(a)(12).
---------------------------------------------------------------------------

J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2020-04073 Filed 2-27-20; 8:45 am]
 BILLING CODE 8011-01-P