States began legalizing cannabis businesses in 1996, and, ever since, Congress and financial regulators have grappled with how to bank the cannabis industry—so far with little success.
Most of the billions of dollars in annual cannabis sales are still in cash, putting the industry and its employees in dangerous circumstances and leaving law enforcement without access to valuable financial data. Federal legalization would solve the problem, but seems an unlikely savior on which to pin the hopes of an industry given committed opposition on Capitol Hill.
But there is another way forward: Getting federal regulators to take another crack at guidance that would tell credit card networks how to provide financial services to marijuana-related business (MRBs) without running afoul of federal anti-money laundering laws (AML).
The Department of Treasury’s Financial Crimes Enforcement Network (FinCEN)—the primary U.S. AML watchdog—made an initial stab in 2014 at providing this type of guidance, but its suggested compliance methods were better suited for banks than card networks. FinCEN guidance that explicitly addresses this mismatch by recognizing the way card networks do business could go a long way towards reducing cash sales in the cannabis industry.
Cannabis remains a controlled substance under federal law, and knowingly receiving more than $10,000 in proceeds from cannabis sales still constitutes federal money laundering. In turn, the Bank Secrecy Act of 1970 and FinCEN regulations place burdensome reporting and other requirements on covered “financial institutions,” including banks and operators of credit card systems that are intended to prevent their institutions from being exploited by money launderers.
Against this backdrop, state-authorized MRBs have been essentially shut out of commercial banks, and card networks generally refuse to process their transactions. The 2014 guidance tried to address the problem, ostensibly specifying how all covered “financial institutions” could serve MRBs in a manner consistent with BSA obligations.
However, the guidance was tailored almost exclusively toward banks—so much so that it is commonly referred to as FinCEN’s cannabis banking guidance. It discussed the extensive diligence, monitoring, and reporting that should occur with respect to each direct “account” or “relationship” with an MRB.
But it’s the banks that typically maintain account relationships with cardholders and merchants. Card networks generally do not; their direct relationships are with card-issuing and merchant-acquiring banks. This is why network operators are not required by FinCEN to conduct any diligence on a merchant-by-merchant basis, but only on the banks that are their direct customers.
FinCEN’s 2014 guidance, therefore, left card networks without any specific guidance as to how they were expected to fulfill BSA obligations when (indirectly) serving MRBs.
Banks serving MRBs have marginally increased because of the guidance, yet there are very few noncash options for cannabis purchases and MRBs still struggle to reduce cash intake. Although some MRBs claim to accept cards, numerous operators have made public statements that cannabis transactions are not permitted on their networks.
There are some workarounds, but the vast majority involve some level of misrepresentation—either about the nature of the MRB’s business, the nature of the transaction or, in numerous cases, the very identity of the merchant making the sale.
Nonetheless, many MRBs have decided that misrepresentation—and high fees and legal risks—is an acceptable tradeoff to avoid the perils of handling large amounts of cash and to gain access to the increased sales that card payments bring.
FinCEN has already stated that all “financial institutions” can serve MRBs in a manner consistent with BSA obligations, but the guidance in place is not sufficient to reach that goal. New guidance tailored to card networks might be.
FinCEN’s existing guidance is already clear about the types of MRBs that financial institutions should and should not serve, but the rest of the guidance imposes hurdles that operators of card networks structurally cannot follow.
For example, in its 2014 guidance, FinCEN suggested eight different due diligence steps that all “financial institutions” should take when serving MRBs, including verifying appropriate licensure with state authorities, reviewing state license applications, collecting information on related parties, and ongoing monitoring of publicly available sources of adverse information.
Those steps are impossible for operators of card networks, though. They do not, and cannot, conduct diligence on individual merchants who are not their direct customers. FinCEN recognized this in 2002 when it initially imposed AML requirements on operators, stating that its requirements are meant to “ensure that operators of credit card systems conduct sufficient due diligence on banks or other entities that they authorize to be issuing or acquiring institutions,” because that “is what operators can and do control.”
A workable solution would be FinCEN guidance that provides that operators of credit card systems are only required to conduct sufficient diligence to understand if their direct customers—the issuing and acquiring banks—are enabling their own MRB customers to access the network, and if so, how.
The operator’s diligence would be limited to reviewing the banks’ procedures and operations in sufficient detail to gain comfort that banks are not allowing the wrong type of MRB customers to access the card network.
FinCEN could specify that operators are not expected to conduct diligence directly on MRBs that are not their customers. That would be consistent with FinCEN’s historical approach to card networks and workable for the operators. It also might be the solution to decreasing the amount of cash involved in, and increasing the transparency of, cannabis-related transactions.
This column does not necessarily reflect the opinion of The Bureau of National Affairs, Inc. or its owners
Benjamin W. Hutten is counsel in the New York office of Buckley LLP, where he advises clients on anti-money laundering and sanctions regulations and enforcement matters. He also provides regulatory and compliance counsel to foreign and domestic financial institutions on federal and state financial services issues.