3 min read

What does the FinCEN files leak mean for KYC and AML?

Experts have branded failures in the US real estate anti-money laundering (AML) regime ‘madness’. They predict legislation is inevitable, and that rules and regulations will extend to cover real estate professionals.

The banking industry has been reeling since, on September 20th, Buzzfeed News and the International Consortium of Investigative Journalists (ICIJ) published a story on the leak of over 2,500 FinCEN files, mostly pertaining to suspicious transactions which banks had been reporting to the US authorities between 2000 and 2017.

This event shows an increasing worry for banks; there are huge flaws in being able to identify the originator and the beneficiaries of their clients’ transactions, and indeed their clients’ customers, with Know Your Customer’s Customer (KYCC) being a flagged concern and major talking-point for financial institutions across the globe.

As a key access point to data, we here at Arachnys are monitoring the news as it unfolds, adding the information to our database for customer usage. What have we at Arachnys learned from this leaked data already and, more importantly, what does it mean to those working on the frontline of KYC and AML investigations?

The breaking news

The main part of this FinCEN leak concerns Suspicious Activity Reports (or SAR filings). A bank can file SARs for investigations by FinCEN when the bank has suspicions of their accounts being used for money laundering, terrorist financing, and other financial crimes. This does not mean that the bank is certain that the payment is related to any criminal activity, but acts as a red flag to authorities who can use this alongside information obtained from other sources, including other banks, to investigate the suspicion. Investigating SARs involves a lot of work both by the banks and by FinCEN; in 2019 alone, FinCEN received reports of around 2 million suspicious payments which were only being looked into by 300 employees – a near impossible manual task.

To put things into perspective, between 2011 and 2017, 12 millions SARs were filed with FinCEN while this recent leak on Sunday concerns only around 2,500 documents. This leak therefore only scratches the surface of a more far-reaching problem, as it merely reports on around 0.02% of the total reported potential fraudulent activity. What is also worrying is that, despite the initial filing of the SAR by the bank, many of the transactions that may be linked to dirty money were still being processed.

What differentiates the FinCEN leaks compared to similar data leaks like the Panama Papers is that it concerns information reported by and involving a number of the globe’s largest banks rather than a handful of law firms and corporate service providers. The data has since been distributed to 108 news organisations across 88 countries, and interestingly, more than 3,000 UK companies have been named in the files, more than any other nation, providing further evidence for the UK to be deemed a “higher risk jurisdiction” for money laundering activities.

Honing in on the data

To support the data analysis, the ICIJ made a CSV file available online which Arachnys crawled and added as a data source within 24 hours of the leaked information. The nature of this data is, for the moment, relational. For example, it details that a bank (the filer organisation) has filed a SAR for a payment of a certain amount sent by a bank (the originator bank), to another bank (the beneficiary bank). This information which so far has been put online is not particularly rich, as it does not include more pertinent details from the individual SARs. We expect that the ICIJ will release further details in the form of searchable SARs or .pdf documents.


Once richer data has been made accessible, Arachnys can be used by customers for more advanced due diligence. It will be extremely useful for customers investigating any of the originators and beneficiaries of the transactions reported in the leak and those interested in correspondent banking, counterparty risk and KYCC in general. Using a graph or map of counterparties and their connections, the data can identify unknown links between two entities, which could act as a substantial red flag warranting further investigation.

The level of implicit information that was made available by leaks is still to be confirmed, but the information available to us today already reveals the massive scale of possible suspicious transactions, some of them reaching a total sum of £3 billion. We expect this leak to be the start of what could be a more advanced exposé with much richer information being put online over the weeks and months to come.

What is to come?

The leak already highlights some very interesting industry challenges. Banks do not have adequate processes in place nor sufficient resources available to properly investigate suspicious transactions. The same applies to FinCEN for whom it is a virtually impossible task to get through all the millions of SARs which are being reported to them.

The leak also undermines the credibility of the banks as many of these transactions have been completed despite suspicions being raised. It is very clear that the current process is one where there is no shared responsibility for investigating suspicious activities. The problem begs for a more utility based approach, where banks and the regulator work together and share the burden of investigating suspicious transactions with the aim of tackling the problem in a much more efficient and effective way. This is something which is currently being developed in The Netherlands, where a newly established entity, TMNL, is going to be acting as a first-of-its-kind transaction monitoring utility.

The FinCEN files story will continue to unfold, so we will watch this space to see the extent to which these SARs identify actual criminal activity. At the very least, at this moment in time, the event highlights an even clearer need for effective due diligence and investigative methods, and for more collaboration by the different players involved.