The Treasury guidance is not law, and banks are not narcs.

Fact 1: The production and sale of marijuana is legal in approximately 20 states and the District of Columbia for medical use and in Alaska, Colorado and Washington for recreational use.
Fact 2: The production and sale of marijuana is illegal under federal law.
Fact 3: Banks are required to insure their deposits under the Federal Deposit Insurance Act.
Fact 4: The Federal Deposit Insurance Corporation is a federal agency.

Question: Can a bank that enjoys the protection of the FDIC take a deposit from a grower or distributor of legal marijuana without breaking federal law?

In early 2014, the Obama Administration provided guidelines to the banking industry aimed at making it easier for state-legalized marijuana businesses to have access to financial institutions.[1] These guidelines followed shortly after advisories were issued by the Treasury and Justice departments expressing concerns that legal marijuana operations were dealing principally in cash because banks were reluctant to do business with them for fear of repercussions that exist under federal drug and money laundering statutes. Justice Department guidance said that banks can probably avoid federal law enforcement scrutiny if they submit to eight specific conditions, including avoiding dealers who distribute to minors and those that direct revenue from marijuana sales to gangs and cartels.

The Controlled Substances Act[2] (the CSA) makes it illegal under federal law to manufacture, distribute or dispense marijuana. In light of the actions by several states to legalize the medicinal and recreational use of the Schedule 1 drug, U.S. Department of Justice Deputy Attorney James M. Cole issued a memorandum to all U.S. Attorneys General providing updated guidance to federal prosecutors concerning marijuana enforcement under the CSA. The “Cole Memo” applies to both civil and criminal investigations and prosecutions concerning marijuana in all states, regardless of state law. The Cole Memo does not take a position that differs from the CSA but rather tries to focus on enforcement and the use of federal resources. The Cole Memo says that DOJ attorneys and law enforcement will “focus their enforcement resources on persons or organizations whose conduct interferes with any one or more of several priorities:[3]

• preventing the distribution of marijuana to minors;
• preventing revenue from the sale of marijuana from going to criminal enterprises, gangs and cartels;
• preventing the diversion of marijuana from states where it is legal under state law in some form to other states;
• preventing state-authorized marijuana activity from being used as a cover or pretext for the trafficking of other illegal drugs or other illegal activity;
• preventing violence and the use of firearms in the cultivation and distribution of marijuana;
• preventing drugged driving and the exacerbation of other adverse public health consequences associated with marijuana use;
• preventing the growing of marijuana on public lands and the attendant public safety and environmental dangers posed by marijuana production on public lands; and
• preventing marijuana possession or use on federal property.[4]

The Treasury guidance seeks to clarify how financial institutions can provide services to marijuana-related businesses that are consistent with their Bank Secrecy Act obligations but focuses on risk assessment on a case-by-case basis. In assessing the risks of providing services to a marijuana-related business, a financial institution must conduct thorough customer due diligence. It must verify with the appropriate state authorities whether the business is duly licensed and registered; review the license application and related documentation submitted by the business for obtaining a state license to operate its marijuana-related business; request from state licensing and enforcement authorities available information about the business and related parties; develop an understanding of the normal and expected activity for the business, including the types of products to be sold and the type of customers to be served (e.g., medical v. recreational customers); monitor publicly available sources for adverse information about the business and related parties on an ongoing basis; monitor the business for suspicious activity on an ongoing basis, including any of the “red flags” set out in the Cole Memo; and refresh information obtained as part of customer due diligence on a periodic basis. It’s up to the financial institution to figure out whether a marijuana-related business is breaking state law or running afoul of one of the Cole Memo priorities.

If, after reviving the bank’s risk management officer from her heart attack, the bank decides to do business with the marijuana-related business, there are reports to file with the Financial Crimes Enforcement Network (FinCEN):

‘Marijuana Limited’ Suspicious Activity Report Filings

A financial institution that provides financial services to a marijuana-related business that it reasonably believes does not implicate one of the Cole Memo priorities or violate state law must still file a “Marijuana Limited” Suspicious Activity Report (SAR). This filing will provide (i) identifying information of the subject and related parties; (ii) the address of the subject and related parties; (iii) the fact that the filing institution is filing the SAR solely because the business is engaged in a marijuana-related business; and (iv) the fact that no additional suspicious activity has been identified. This lets the government know that the bank has chosen to do business with a marijuana-related business but has no reason to believe, after thorough due diligence, that the business is in bed with the cartels.

‘Marijuana Priority’ Suspicious Activity Report Filings

If a financial institution believes that its marijuana-related business customer has either violated state law or has implicated one or more of the Cole Memo priorities, it must file a “Marijuana Priority” SAR. This report must include the information set out above as well as which enforcement priorities may have been implicated along with dates, amounts, and relevant details about financial transactions involved in the suspicious activity.

Query: if a parent buys medicinal marijuana for his seizure-prone child in a state in which it is legal to do so, would the marijuana-related business be in violation of one of the Cole Memo priorities that seeks to prevent the distribution of marijuana to minors?

‘Marijuana Termination’ Suspicious Activity Report Filing

If a financial institution deems it necessary or advisable to terminate a relationship with a marijuana-related business in order to maintain an effective anti-money laundering compliance program, it must file a “Marijuana Termination” SAR. This provision of the Treasury guidance goes so far as to say that if the financial institution terminates its relationship with the marijuana-related business and knows or believes that the business is seeking to move its banking relationship to another insured financial institution, the first bank should alert the second bank of the potential illegal activity.

This little “guidance gem” appears to violate every other customer privacy law on the books. What’s a bank risk management officer to do? Call up her buddy at the bank down the street and say that “Grover’s Corners Medical Marijuana Dispensary” might be headed their way and you have just terminated your relationship with the dispensary? It is illegal for a bank to disclose that it has filed a SAR, but the guidance says the terminating bank must file a Marijuana Termination SAR, so the other bank will know that this has been done. It is illegal for a bank to discuss anything at all about a customer relationship except under certain circumstances, most of those requiring a validly issued subpoena.

How is a bank to know whether its customer is waving a red flag? This example is just one among those provided in the guidance:

A customer appears to be using a state-licensed marijuana-related business as a front for money laundering:

• The business receives substantially more revenue than may reasonably be expected given the relevant limitations imposed by the state in which it operates.
• The business receives substantially more revenue than its local competitors or than might be expected given the population demographics (just how many pot users are there in Denver?).
• The business is depositing more cash than is commensurate with the amount of marijuana-related revenue it is reporting for federal and state tax purposes (the bank would have to ask for and receive the business’s tax returns to make this determination).
• The business is unable to demonstrate that its revenue is derived exclusively from the sale of marijuana in compliance with state law, as opposed to revenue derived from the sale of other illicit drugs; the sale of marijuana not in compliance with state law; or other illegal activity (so — if the bank asks, “Are you also selling heroin?” and the business owner says, “Of course not,” has the bank done all the due diligence it needs to do to satisfy this requirement of due diligence?).
• The business makes cash deposits or withdrawals over a short period of time that are excessive relative to local competitors or the expected activity of the business.
• Deposits are apparently structured to avoid the Currency Transaction Report limitations of no more than $9,999 per day without filing a CTR.
• There is rapid movement of funds, such as cash deposits followed by immediate cash withdrawals.
• Deposits are made by third parties with no apparent connection to the accountholder.
• There is excessive comingling of funds with the personal account of the business’ owners or managers or with accounts of seemingly unrelated businesses.
• Individuals conducting transactions for the business appear to be acting on behalf of other, undisclosed parties of interest.
• Financial statements provided by the business to the financial institution are inconsistent with actual account activity.
• There is a surge in activity by third parties offering goods or services to marijuana-related businesses, such as equipment suppliers or shipping servicers.

Can a Customer Use a Credit Card to Buy Pot?

Generally, no. Both Discover and American Express have confirmed that they do not allow card holders to buy medical or recreational marijuana with their cards. Other credit card companies have also placed restrictions on the use of their cards, cancelling merchant agreements with medical marijuana providers across the country. There are some reported work-around measures, such as cash-dispensers on location at dispensaries. At least one Denver medical marijuana dispensary’s website says that it accepts all debit cards, PIN enabled (Visa, MasterCard and Discover), but cannot accept credit cards.

The Treasury guidance is not law, and banks are not narcs. It is virtually impossible for a bank to certify that a dealer’s or grower’s revenue is all coming from legal sales, so rather than guess, many banks simply forgo the opportunity to engage these new customers. Further, the guidance does not protect a bank from future prosecution if a new administration decides to begin prosecuting state-licensed companies for violating federal drug laws.

While at this writing, Tennessee is not among those states that has legalized medical or recreational marijuana use, our financial institutions still may be impacted when a local customer travels to the Mile High City to ski and smoke a joint or two when the bank back home won’t honor the debit or credit transaction. Said one of my conservative bankers, “I might have inhaled once or twice back in college, but I can’t let my bank take the risk.”

Notes

1. FIN-2014-G001 (Feb. 14, 2014), BSA Expectations Regarding marijuana-Related Businesses.
2. 12 U.S.C. § 801, et seq.
3. FIN-2014-G001, p. 2.
4. FIN-2014-G001, p. 2.

KATHRYN REED EDGE is a member in the Nashville office of Butler Snow LLP with offices in Tennessee, Mississippi, Alabama, Colorado, Pennsylvania, Georgia, Louisiana, New York, New Mexico, Washington, D.C. and London, England. She is a member of the firm’s Government and Regulatory Practice group and concentrates her practice in representing regulated financial services companies. She is a past president of the Tennessee Bar Association and a former member of the editorial board for the Tennessee Bar Journal.