The Controlled Substances Act makes it illegal under federal law to manufacture, distribute or dispense marijuana. In light of the fact that many states have legalized certain marijuana-related activities, U.S. Department of Justice Deputy Attorney General James M. Cole issued a memorandum in 2013 that adopted a policy of non-interference with these states. However, the Cole Memorandum was rescinded by Attorney General Jeff Sessions in 2018, resulting in concern that the enforcement on the federal level may change.
The ambiguity of current laws means that many financial institutions are reluctant to serve MRBs. In February 2019, Congress held its first meeting on the issue, discussing the merits of a proposal that would shield financial institutions from the worst of regulatory risks. However, in the absence of such a law, many banks and credit unions are keeping their distance.
Credit unions are required to understand who their members are, what sort of businesses they are servicing, the types of transactions they are performing and the source of funds for those transactions. Due diligence is paramount to a credit union’s survival, and failure could jeopardize the institution’s very existence.
For an MRB due diligence checklist, The Financial Crimes Enforcement Network (FinCEN) recommends:
Financial institutions that decide to provide services to MRBs are required to file suspicious activity reports (SARs).
There are three general types of marijuana-related SAR filings:
FinCEN receives over 2,000 Marijuana Guidance SARs every month. As of September 2018, FinCEN had received a total of 67,024 SARs, with some SARs containing more than one key phrase.
Regardless of whether or not a financial institution decides to do business with MRBs, credit unions need to be aware that they may already have MRBs among their membership.
Since few financial institutions are open to providing MRBs with financial services, MRB owners have incentive to obfuscate their business purpose, often naming their business in an innocuous manner so as not to raise suspicions and to gain access to the banking system. This creates serious risks for the financial institution, and it’s the onus of the bank or credit union to identify MRBs.
Many credit unions have software to filter out possible MRBs, but the first line of defense are the policies and procedures to perform the necessary due diligence. Even with a software solution, there is no guarantee that it is catching everything. It ultimately boils down to whether or not the credit union has developed adequate policies and due diligence procedures in an effort to mitigate as many problems as possible before they even arise.
Working with compliance advisors who can conduct an MRB account analysis to compare your membership records to reliable industry resources is a first step toward identifying existing MRBs in a credit union’s membership. An MRB account analysis can quickly scan a credit union’s membership for potential red flags, alerting them to which accounts may require a more in-depth due diligence investigation. This will help identify existing potential exposure as well as provide resources to ensure compliance in this new and growing industry.