Elliot Berman
Information Sources
Financial service companies (FIs) have a wide variety of information about their customers. Some of it is personal data, gathered at account opening or as part of a specific transaction, such as a loan application; some of it is transaction data gathered to balance accounts and prepare customer statements; and some of it is captured to make required reports to government agencies. In one way or another, much of this data is subject to privacy rules. In the US there are various privacy laws at the federal and state level; in other countries, the laws may be country specific or part of a group of countries such as the European Union.
While maintaining customer privacy is a critical part of the trusted client relationship, privacy laws attempt to strike a balance between those privacy rights and society’s need for information to effectively interdict financial (and other) crimes. One of the ongoing challenges for the financial crimes compliance community is availability of shared information. This information can come from government supervisors or law enforcement or other FIs; the data can relate to broad typologies or industry segments or actions of individual clients.
Why Sharing Matters
This information is valuable for many reasons, including identifying potential bad actors moving funds from one FI to another, distinguishing which Suspicious Activity Reports (SARs) are effective in disrupting criminal activity, and recognizing trends in financial crime. Knowing how bad actors are trying to subvert the financial system is critical in stopping them. To maximize the value of information sharing, FIs must be able to effectively share data among themselves and government agencies must share information with FIs. The challenge of sharing information is that it must still be held and used in accordance with all privacy rules that apply to it.
Official (and Unofficial) Sharing
One sharing mechanism is §314(b) of the Patriot Act[1]; the provision gives certain FIs a process to voluntarily share information to identify and report possible terrorist financing or money laundering. The provision includes a safe harbor from liability to participating FIs. The safe harbor is an important element of the sharing mechanism, since FIs do not want to take on liability exposure from sharing information.
FinCEN has issued guidance to assist FIs in understanding the extent of the safe harbor[2]. FIs subject to FinCEN’s anti-money laundering regulations may share information under §314(b); to share, the FIs must register with FinCEN and may only share with other registered FIs. At the end of 2019 over 7,000 FIs were participating in the §314(b) process.
FIs using §314(b) must have procedures to safeguard the shared information and may only use the information for three purposes:
- Identifying and, where appropriate, reporting on activities that may involve terrorist financing or money laundering;
- Determining whether to establish or maintain an account, or to engage in a transaction; or
- Assisting in compliance with anti-money laundering requirements.[3]
These limitations on the use of the information mean that FI’s security procedures need to include methods to ensure that the information is used only for the authorized purposes.
One practical benefit of §314(b) is the possibility for a SAR not being filed. For example, receiving information that legitimizes the source of funds for a significant, anomalous deposit through §314(b), could result in a FI no longer needing to file a SAR based on the information provided.
Another way that FIs share information is through informal interactions. These unsanctioned conversations have been going on for decades. Often they include information about recently identified suspicious transactions at the FI initiating the contact, which may involve the FI being contacted. The communications are usually undocumented and may not be authorized by regulations or regulators.
Government agencies have provided limited information sharing as well. For many years, FinCEN published The SAR Activity Review[4] - a report published under the auspices of the Bank Secrecy Act Advisory Group (BSAAG[5]). Publication began in October 2000 and continued until April 2013. The introduction to the initial issue stated (in part):
“The SAR Activity Review—Trends, Tips and Issues is the product of a continuing collaboration among the nation’s financial institutions, federal law enforcement, and regulatory agencies to provide meaningful information about the preparation, use, and utility of Suspicious Activity Reports (SARs) filed by financial institutions.
This publication reflects the recognition of both the relevant government agencies and the nation’s financial institutions of the desirability of a continuing public exchange of information about the SAR System and its results.”
The SAR Activity Review analyzed SAR statistics, discussed national trends identified in the SARs, looked at cases brought by law enforcement and provided tips for preparing and filing SARs. Issues covered often included a deep dive into a single industry with a focus on fraud prevention.
Beginning in October 2003 the statistical analysis was pulled out of the main publication and put into a separate document, The SAR Activity Review – By the Numbers. Publication of both The SAR Activity Review and By The Numbers ceased in April 2013 without any officially documented reason.
In June 2014, FinCEN began publishing SAR Stats - focusing on data from SARs filed after March 1, 2012, when use of a new uniform SAR (across all required filing organizations) became mandatory. The most recent edition of SAR Stats was issued in March 2017.
Various federal law enforcement agencies also share information; principally through press releases regarding successful investigations and presentations at national and regional compliance conferences. And as it stands currently, the AML community has place a continued call for elevated levels of information and feedback from law enforcement.
Key Takeaways
- It benefits your FI to ensure participation in the §314(b) program.
- If your FI is not currently registered to participate, we strongly suggest registering now.
- Depending on your FI's status with the program, you should look to establish or review your §314(b) information sharing procedures as well. These procedures should include the consideration for staff training on the limited use of the information (for those who will have access to the information).
- If the training has not been given, or has not been renewed recently, update the training and deliver it!
- Subscribe to the FinCEN publications and watch for press releases and/or subscribe to the federal law enforcement agencies to get additional information about financial crime and money laundering investigations.
[1] The USA Patriot Act, which stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism, was passed in response to the terrorist attacks on September 11, 2001 and signed into law on October 26, 2001.
[2] FIN – 2009-G002 Guidance on the Scope of Permissible Information Sharing Covered by Section 314(b) Safe Harbor of the USA PATRIOT Act; FIN – 2012-R006 Administrative Ruling Regarding the Participation of Associations of Financial Institutions in the 314(b) Program.
[3] FinCEN Section 314(b) Fact Sheet.
[4] Issues of the SAR Activity Review, By the Numbers and SAR Stats can be accesses from the SAR Technical Bulletins page on the FinCEN website.
[5] The 30 member BSAAG was established by the Treasury Department in March 1994, to “give the Department advice on strengthening anti-money laundering programs and simplifying currency reporting forms.”
Do you have questions on your FI's current use of the §314(b) program, or how to get started? Contact our team today for more details.