The Bank Secrecy Act Fighting Money Laundering Globally, Part Two

The July/August “FraudBasics” covered the USA Patriot Act, passed in the wake of 9-11. Here we continue with a precursor, the Bank Secrecy Act, which has affected anti-money laundering efforts worldwide. 

The Bank Secrecy Act (BSA), which went into effect in 1970, was the first major piece of legislation aimed at detecting and preventing money laundering. The purpose of the law as stated in section 5311 is “to require certain reports or records where they have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings.” The BSA sets forth a system of reporting and recordkeeping requirements designed to help track large or unusual financial transactions.

The BSA consists of two titles. Title I contains provisions requiring that financial institutions and securities brokers and dealers keep extensive records of the transactions and accounts of their customers. It is codified in Title 12 of the United States Code (U.S.C.), Sections 1829b and 1951–1959. Title II of the BSA (originally entitled Currency and Foreign Transactions Reporting Act) requires banks, “financial institutions” (which include casinos, securities brokers and dealers, currency exchanges, and others), and, in some cases, individuals to report to the government certain transactions. Title II is codified at 31 U.S.C., §§ 5311–5330.

Title I – Recordkeeping 

The regulations governing recordkeeping are set forth in Chapter 31 of the Code of Federal Regulations at Part 103, Subpart C. Recordkeeping requirements are set forth for banks, non-bank financial institutions, securities brokers, casinos, and currency dealers and exchangers. All institutions are required to keep a record of any financial transaction of more than $10,000.

These regulations provide, in part, that banks must keep for five years an original, microfilm, or other copy of certain documents relating to demand deposits and checking and savings accounts. The records that must be retained include:

• signature cards;
• statements, ledger cards, or other records disclosing all transactions (that is, deposits and withdrawals);
• copies of both sides of customers’ checks, bank drafts, money orders, and cashier’s checks of more than $100 drawn on the bank, or issued and payable by it;
• identity of each purchaser of a certificate of deposit; and
• each deposit slip or credit ticket reflecting a transaction in excess of $100.

In addition to these requirements, financial institutions are required to capture, verify, and retain information on the identity of purchasers of monetary instruments (such as cashier’s checks) in amounts of $3,000 or more, or any transmittal or transfer of funds involving $3,000 or more. These records are also required to be kept for five years.

Banks also must retain, for two years, all records necessary to reconstruct a customer’s checking account. These records must include copies of customers’ deposit tickets. They must also retain records necessary to trace and supply a description of a check deposited to a customer’s checking account.

Although some of these requirements apply only to checks written or deposits made in excess of $100, most banks find it cheaper to microfilm all such items rather than sorting out those less than $100. The Bank Secrecy Act also requires financial institutions to retain a record of any extension of credit more than $10,000 as well as each transfer of $10,000 or more outside the United States.

The penalties for failure to comply with these recordkeeping requirements are severe. Any insured depository institution and any director, officer, or employee who willfully or through gross negligence violates any regulation can be subject to a $10,000 civil penalty. The statute further provides that a separate violation occurs for each day the violation continues and at each office, branch, or place of business at which the violation occurs. If a violation is committed in furtherance of a felony crime, criminal penalties can be imposed of up to five years in prison and/or a fine of not more than $10,000.

Title II – Reporting and Recordkeeping 

Title II of the Bank Secrecy Act is codified as 31 U.S.C. §§ 5311–5330. The purpose of these sections is to require certain reports or records to be filed or kept by “financial institutions.” Section 5312(a)(2) defines “financial institution” very broadly to include not only banks, but also securities brokers; currency exchange houses; insurance companies; loan companies; travel agencies; telegraph companies; issuers or cashiers of checks or money orders; auto, boat, and airplane dealers; casinos; and persons involved in real estate closings and settlements. Only recently has the Treasury Department begun to rein in much of the non-financial institution transaction business in the U.S. by requiring registration of these diverse enterprises. (See the “Money Services Business” excerpt below.)

Suspicious Activity Reports (SARs) Financial Institutions 

Under Title 31, U.S.C., § 5318, financial institutions are required to report “any suspicious transaction relevant to a possible violation of law or regulation.” For years, suspicious transactions were reported on the Currency Transaction Report (CTR). However, effective October 1, 1995, a new CTR form was issued by the Treasury Department which no longer requires suspicious activity reporting. Such activity is now reported using the Suspicious Activity Report (SAR).

Effective April 1, 1996, the Office of the Comptroller of the Currency (OCC) amended its regulations to require national banks to file SARs with the OCC and the appropriate federal law enforcement agencies by sending the SARs to the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of Treasury. The new reporting requirements are found in Title 12, Part 353 of the Code of Federal Regulations. This is an enormous improvement on the old reporting systems because it establishes a centralized reporting system that is shared throughout government agencies simultaneously. The DEA, for instance, can now access the same information as the IRS when working on a suspicious report. The reporting procedure has also been simplified for banks, making the information much easier for the Department of the Treasury to obtain.

In 2000, the report form was modified to also require financial institutions to report incidents of computer intrusion. The term “computer intrusion” is defined as gaining access to the computer system to remove, steal, or procure customers’ funds or other account information, or to access the institution’s computer system with the intention of damaging or disabling any critical computer systems.

SARs are used to report a known or suspected criminal offense or a transaction that involves money laundering or violates the Bank Secrecy Act. More specifically, a SAR must be filed with FinCEN in each of the following instances:

• any known or suspected criminal violation involving the financial institution when the institution has a substantial basis for identifying one of its directors, officers, employees, agents, or affiliated parties as having committed the act or aided in its commission;
• any known or suspected criminal violation involving the financial institution and aggregating $5,000 or more when the institution has a substantial basis for identifying a possible suspect or group of suspects;
• any known or suspected criminal violation involving the financial institution and aggregating $25,000 or more regardless of whether the institution has a substantial basis for identifying possible suspects; and
• any transaction conducted or attempted to be conducted through the financial institution when the institution has reason to suspect that (1) the funds were derived from illegal activities, (2) the transaction is designed to evade any regulations under the Bank Secrecy Act, or (3) the transaction appears to have no business purposes or appears unusual in normal banking practice.

When a financial institution reports a suspicious transaction to a government agency, the Act (18 U.S.C. 5318(g)(2)) makes it illegal for the financial institution to notify any person involved in the suspicious transaction that such a report has been made.

Section 5318(g)(3) of the Bank Secrecy Act also contains a safe harbor provision for financial institutions that report suspicious transactions or that make voluntary disclosures to a government agency of any other possible violation of a law or regulation. The act provides that these financial institutions shall not be liable under any law, regulation, or contract to any person for making the report. Note that this safe harbor provision only applies to reports made to government agencies, not to self-regulatory organizations.

Money Services Businesses 

Even before the passage of the USA Patriot Act, the Treasury Department was in the process of expanding its reporting guidelines to include businesses which did not fall under the traditional definition of financial institutions but nevertheless perform a myriad of financial services. One of these categories included “Money Services Businesses,” (MSBs) which are comprised of various types of money transmitters, issuers of money orders and travelers checks, and check-cashing businesses. MSBs have long been required to file CTRs, but otherwise very little government regulation has been required.
In August 1999, many of the reporting and registration obligations contained in the Bank Secrecy Act were extended to MSBs. These businesses are now required to register with FinCEN under Chapter 31 C.F.R. part 103, subchapter D. Those that fail to register can incur substantial penalties.

Under the rules (1) money transmitters, (2) issuers, sellers, and redeemers of money orders, (3) issuers, sellers, and redeemers of traveler’s checks, and (4) the U.S. Postal Service (except with regard to the sale of postage or philatelic products) are required to report certain classes of transactions that meet certain dollar thresholds to the Department of the Treasury after Jan. 1, 2002.

The reportable transactions include:

• transactions involving funds derived from illegal activity or intended or conducted in order to hide or disguise funds or assets derived from illegal activity;
• transactions designed, whether through structuring or other means, to evade the requirements of the BSA;
• transactions that appear to serve no business or apparent lawful purpose; and
• transactions that involve the use of a mutual fund to facilitate criminal activity.

The rule includes two different dollar thresholds depending on the stage and type of transaction involved:

• for transactions conducted or attempted by, at, or through a money service business or its agent, a threshold of $2,000 applies; and
• for transactions identified by issuers of money orders or traveler’s checks from a review of clearance records or other similar records of instruments that have been sold or processed, a threshold of $5,000 applies.

MSBs are given 30 days after becoming aware of a suspicious transaction to complete a Suspicious Activity Report by Money Services Business (SAR-MSB; Form TDF 90-22.56) and file it with FinCEN; in situations involving violations that require immediate attention, such as ongoing money laundering schemes, the MSB or MSBs are to notify the appropriate law enforcement authority immediately, by telephone, in addition to filing the required form. Supporting documentation relating to each SAR-MSB is to be collected and maintained by the reporting MSB for review as needed by law enforcement and regulatory agencies.

Currency Exchanges 

In a new rule issued Feb. 10, 2003, U.S. currency exchanges would also be required to file Suspicious Activity Reports under the same rule that applies to money services businesses.

Mutual Funds 

As part of the USA Patriot Act, mutual funds are also required to establish anti-money laundering programs. In July 2002, the Department of Treasury and the Securities and Exchange Commission (SEC) proposed a regulation requiring mutual funds to implement “reasonable measures” to establish customer identification procedures and to verify whether customers appear on lists of any known or suspected terrorists. However, as of February 2003, final implementation of that rule had been suspended.

In December 2002, the Treasury Department proposed new regulations that would also require mutual funds to report suspicious activities to FinCEN. Under the proposed rule, mutual funds would be required to report suspicious currency and non-currency transactions of $5,000 or more within 30 days after the mutual fund becomes aware of the transaction. The report would be filed on the new “SAR-SF” (Suspicious Activity for Securities and Futures Industries) form.

The rule states that four categories of transactions will require reporting. These are the same four categories that trigger reporting requirements for money service businesses and currency exchanges:

• transactions involving funds derived from criminal activity, or intended or conducted to hide or disguise funds from criminal activity;
• transactions designed to evade Bank Secrecy Act (BSA) requirements;
• transactions appearing to serve no business or apparent lawful purpose; or
• transactions involving the use of the mutual fund to facilitate criminal activity.

Securities Broker-Dealers 

In 2002, FinCEN announced a new rule requiring brokers and dealers in securities to report suspicious activity via the new Suspicious Activity Report by Securities and Futures Industries (SAR-SF; FinCEN Form 101). These firms are obligated to report suspicious transactions that are conducted or attempted by, at, or through a broker-dealer and involve or aggregate at least $5,000 in funds or other assets. This requirement took effect Dec. 31, 2002.

Brokers and dealers in securities are required to report to FinCEN transactions that fall into one of the four categories below. Again, these categories are substantially similar to those that trigger reports by money service businesses and mutual funds. (See above.)

• transactions involving funds derived from illegal activity or intended or conducted in order to hide or disguise funds derived from illegal activity;
• transactions designed, whether through structuring or other means, to evade the requirements of the Bank Secrecy Act;
• transactions that appear to serve no business or apparent lawful purpose or are not the sort of transactions in which the particular customer would be expected to engage, and for which the broker-dealer knows of no reasonable explanation after examining the available facts; or
• transactions that involve the use of the broker-dealer to facilitate criminal activity.

Broker-dealers are also required to establish anti-money laundering programs that, among other things, are designed to detect suspicious transactions, under recently promulgated self-regulatory organization (SRO) rules. The SEC has the authority to examine broker-dealers for compliance with the rule, and it is expected that the SROs will also be reviewing compliance as part of the enforcement of their rules.

Insurance Companies 

Although insurance companies have always fallen under the definition of a “financial institution” under the BSA, the Treasury Department had never issued any rules pertaining to the industry. The USA Patriot Act, however, requires that all “financial institutions” must establish anti-money laundering programs, and it gives the Secretary of the Treasury the discretion to determine which institutions would be required to file SARs.

In September 2002, FinCEN published proposed rules for anti-money laundering standards for life insurance, annuity contracts, and certain other investment products that can store and transfer value to another person. A related proposal would also require these companies to file Suspicious Activity Reports.

The proposed rule is limited only to life insurance contracts, annuities, and any other product that has “stored value” that can be transferred to another person. It does not include property, casualty, or health insurers.