The popularity of cannabidiol (CBD) products is skyrocketing as a large number of states loosen their grip on the sale of such cannabis-derived products (CBD is a non-psychoactive component of the Cannabis sativa L. plant). Additionally, the DEA’s recent decision to reschedule certain FDA-approved, cannabis-derived CBD drugs, which includes only the drug Epidiolex at current, has many under the false impression that CBD is now completely legal on the federal level. But this is not yet the case. And unfortunately, this false impression could lead to disastrous consequences for financial institutions’ banking businesses selling CBD products and failing to properly report those businesses and their transactions.
As most financial institutions know (or should know) at this point, any financial institution working with a marijuana-related business (an “MRB”) should be performing enhanced risk analysis and extensive due diligence on those MRB’s. Perhaps most importantly, financial institutions working with MRB’s should also be filing suspicious activity reports (“SARs”) as recommended in the February 14, 2014 FinCEN memo (the “FinCEN Memo”). As most will recall, the FinCEN Memo was meant to clarify “how financial institutions can provide services to marijuana-related businesses consistent with their [Bank Secrecy Act] obligations.” The FinCEN Memo also specifically extends a financial institution’s CTR obligations to any and all covered transactions with an MRB.
But is a grocery store, a convenience store, or a pet store that happens to sell CBD products (now legal under its state law) along with its usual assortment of products now deemed an MRB triggering enhanced due diligence and reporting requirements? The answer to this question is much more complex than one might imagine and revolves around the very definition of “marihuana” in the Controlled Substances Act (CSA). The CSA is of course the federal law which makes cannabis illegal by listing it as a Schedule I drug. The CSA defines “marihuana” (and yes, the CSA does continue to spell it that way) as, with a few small exceptions, “all parts of the plant Cannabis sativa L.” The exceptions to this definition are extremely limited but include the mature stalks of the plant and oil and cake made from the seeds of the plant. The CSA also specifically includes “marihuana extract” as a subset of “marihuana.” The inclusion of “marihuana extract” in the CSA was added to clarify the DEA’s position that CBD is found in the parts of the Cannabis sativa L. plant that fall within the definition of marihuana under the CSA. So, any CBD product derived from parts of the Cannabis sativa L. plant covered by the CSA’s very expansive definition of “marihuana” would remain a Schedule I drug, illegal on a federal level, and make its seller an MRB requiring greater due diligence and reporting by that seller’s bank. However, any CBD product derived from a part of the Cannabis sativa L. plant not covered by the CSA’s definition of marihuana would not be a Schedule I drug, would be otherwise legal on a federal level, and would not make its seller an MRB requiring greater due diligence and reporting by its bank. Confusingly then, a CBD product containing marijuana flower oil would be illegal under federal law while a CBD product containing marijuana seed oil would be legal under federal law.
Additionally, the fact that the CBD product may be made from “hemp” makes no difference in the federal scheme or in what makes a business an MRB in the eyes of the federal government. The reason again goes back to the very definition of “marihuana” under the CSA. Hemp is a variety of the Cannabis sativa L. plant and thus by definition under the CSA at least, “marihuana.” Consequently, the federal legality of a CBD product made from hemp faces the exact same definitional questions that a CBD product made from any other variety of the Cannabis sativa L. plant would – namely, from exactly what part of the plant was the CBD product made. And contrary to many opinions, a careful reading and analysis of the Farm Bill (which has expired) does not alter this result. Further, while there is a provision to a new Farm Bill making its way through Congress which would specifically exclude all hemp and CBD products derived therefrom from the definition of “marihuana” under the CSA, as of this writing, that bill has not been passed and is not the law.
In reality, the chances of federal banking regulators investigating and punishing your financial institution for working with a business selling CBD products from unknown parts of the cannabis plant (especially CBD products otherwise legal under state law) is probably small. It seems difficult or even impossible to prove from which part of the plant a particular CBD product was made (labelling notwithstanding). However, those chances are not zero. And given the potential consequences to your financial institution of failing to conduct adequate due diligence on an MRB or to file required SARs and CTRs when dealing with that MRB, especially in this uncertain political climate, it seems the better practice to treat those customers as MRB’s, conduct the heightened due diligence, file the additional paperwork, and be safe as opposed to sorry.