Ongoing concern among regulators, law enforcement, and Congress over abusive and fraudulent sales and financing practices in both the primary and secondary residential mortgage markets prompted the Financial Crimes Enforcement Network (FinCEN) to finalize a rulemaking process concerning regulation of non-bank residential mortgage lenders and originators (RMLOs) that started in 2003.

The Advance Notice of Proposed Rulemaking (ANPRM) issued by FinCEN in 2009 and the Notice of Proposed Rulemaking issued in 2010 were follow-ups to the 2003 APNR and resulted in the Final Rule being issued in 2012.  The Final Rule requires RMLOs – mostly non-bank mortgage lenders – to establish an Anti-Money Laundering (AML) program and to file Suspicious Activity Reports (SARs) as required by the Bank Secrecy Act (BSA).

Prior to the Final Rule, RMLOs were exempt from AML and SAR reporting requirements. FinCEN determined that it should close that “regulatory gap” to prevent it from being exploited, particularly in the area of mortgage fraud. “Historically, the focus of the BSA has been on the movement of cash, reporting on large deposits of cash, and ongoing monitoring of account activity — all things traditionally associated with depository institutions or other industries where currency was part of the transaction,” explains Howard Eisenhardt, counsel in BuckleySandler’s Washington, DC office.

Because of the obvious practical obstacles to laundering money through residential mortgage loan transactions, some questioned why RMLOs shoud be subjected to AML and SAR reporting requirements.  Most believe what FinCEN really wanted was the ability to require the filing of SARs to help combat mortgage fraud and that they felt a robust AML program is essential to an adequate, efficient SAR filing program. FinCEN notes that everyone’s best interests are served if we can prevent fraud in a mortgage transaction and that prevention is the core purpose behind requiring RMLOs to establish an AML program.

RMLOs have until August 13, 2012 to implement an AML program. As outlined in the new rule, which was promulgated in February 2012, the basic requirements include “four pillars”:

1. Development of internal policies, procedures, and controls
2. Designation of  a compliance officer
3. An ongoing employee training program
4. An independent audit function to test the programs

“The cost for noncompliance is high,” warns Eisenhardt. He suggests RMLOs study and understand the regulation and get started immediately on implementation of the “four pillars” if they haven’t already.

Time is of the essence, but if done properly, the implementation of an AML program can complement the anti-fraud and general compliance programs already in place and protect an RMLOs business operations.