The U.S. Justice Department has announced new federal guidelines for providing financial services to marijuana-related businesses under the Bank Secrecy Act: “BSA Expectations Regarding Marijuana-Related Businesses.” The guidelines call on financial institutions to check for state licensing; because California lacks a state licensing system it’s questionable whether these guidelines can apply in California—where only local ordinances regulating medical marijuana collectives,. A bill to establish a state MMJ licensing system, AB 604, introduced by state Senator Tom Ammiano, is pending in the State Senate, but until it is passed financial institutions have no state licensing law on which to rely.
The guidelines reiterate that DOJ enforcement is focused on assuring compliance with the so-called Cole Memo priorities; namely, preventing distribution to minors, diversion of revenues to criminal enterprises, diversion to states where marijuana is illegal, growing on public lands, drugged driving, violence, and use of firearms. The memo directs financial institutions to conduct due diligence in assessing customers. In specific, it states:
In assessing the risk of providing services to a marijuana-related business, a financial institution should conduct customer due diligence that includes: (i) verifying with the appropriate state authorities whether the business is duly licensed and registered; (ii) reviewing the license application (and related documentation) submitted by the business for obtaining a state license to operate its marijuana-related business; (iii) requesting from state licensing and enforcement authorities available information about the business and related parties; (iv) developing an understanding of the normal and expected activity for the business, including the types of products to be sold and the type of customers to be served (e.g., medical versus recreational customers); (v) ongoing monitoring of publicly available sources for adverse information about the business and related parties; (vi) ongoing monitoring for suspicious activity, including for any of the red flags described in this guidance; and (vii) refreshing information obtained as part of customer due diligence on a periodic basis and commensurate with the risk. With respect to information regarding state licensure obtained in connection with such customer due diligence, a financial institution may reasonably rely on the accuracy of information provided by state licensing authorities, where states make such information available.