Blog

314(b) Information Sharing Practices Should Adapt the Four COCs of a Fusion Center

May 23, 2016 by Denise Hutchings

“A Fusion Center is an effective and efficient mechanism to exchange information and intelligence, maximize resources, streamline operations, and improve the ability to fight crime and terrorism by analyzing data from a variety of sources.”

(Source: U.S. DOJ Global Justice Information Sharing Initiative)

 

The Need for Strong, Insightful Financial Intelligence Has Never Been Greater

The myriad of threats which pose risk that financial institutions can unwittingly be exploited by bad actors as conduits to commit criminal activity seems to continuously grow.

Today’s crime landscape comes equipped with a broad and deep array of enablers ranging from shell companies structured to cloak illicit intent (recently in the spotlight because of numerous revelations in the Panama Papers) to crime-as-a service (CaaS) and illegal markets on the dark web to tech-savvy jihadist groups such as the United Cyber Caliphate.

As the gamut of sinister crimes morphs and new methods emerge, parameters to delineate them as money laundering, one or more of the lengthy list of specified unlawful activities (SUAs), terrorist financing and/or cyber attacks increasingly blur and often become moot points of difference to the criminal outcome.

The far more crucial focus needs to be enhancing information that’s available and transforming it into actionable insight to aid the detection, investigation and prevention of criminal activity. It is this sentiment that prompted me to briefly touch on “Fusion Centers” as an analogy in talking about 314(b) information sharing and collaboration best practices.

The Establishment of Fusion Centers

Fusion Centers were created in the aftermath of the information sharing failures leading to the September 11, 2001 terrorist attacks. A Government Accountability Office (GAO) report for U.S. Congress indicates that “Fusion Centers provide a mechanism for multiple federal, state, and local entities to collaborate and share resources, expertise, and information with the goal of maximizing the ability to detect, prevent, investigate, and respond to all hazards, including criminal or terrorist threats.”

Fusion Centers Define “Fusion” as Turning Information and Intelligence into Actionable Knowledge

As succinctly summed up by a deputy director of one Fusion Center – “The whole concept is to ensure nothing falls through the cracks.”

Whereas a Fusion Center is a force multiplier for generating actionable insight in the law enforcement and intelligence worlds, Section 314(b) of the USA PATRIOT Act should be regarded as its counterpart in the financial services industry.

Section 314(b) recognizes that information sharing is key for financial institutions (FIs) to acquire a fuller understanding of customer activity, gain new insight, and construct more discerning financial intelligence (FININT) to feed decision making. Information sharing and collaboration via 314(b) can expose new revelations to peer investigators at two or more financial institutions and provide meaningful insight about unusual behavior and/or activity for a mutual customer.

On one hand, an insight gleaned from a 314(b) communication exchange might result in multiple financial institutions filing a joint SAR, whereas neither FI would have filed a report absent the fuller picture of financial intelligence they pieced together through their collaborative investigation.

On the other hand, an insight which emerges when investigators at multiple FIs “connect the dots” through 314(b) collaboration could lead to increased confidence that the customer behavior which had initially raised questions at a single FI is explainable, legitimate activity that doesn’t necessitate further investigative time and effort.

FinCEN strongly encourages information sharing through Section 314(b) and notes that one of the key benefits is “shedding more comprehensive light upon overall financial trails, especially if they are complex and appear to be layered amongst numerous financial institutions, entities, and jurisdictions.”

Financial Institutions Should Give Consideration to Select Operational Aspects of a Fusion Center When Modelling Their 314(b) Best Practices

First and foremost, it is important to clarify that specifics with regard to operating environments, information sharing protocols and types of information analyzed are uniquely different for financial institutions versus Fusion Centers. That said, however, I believe that FIs can enhance their 314(b) efforts by applying appropriate variations of the underlying principles for effective information sharing and collaboration that are practiced by Fusion Centers.

A Fusion Center advocates that four fundamental dimensions, which they term “Critical Operational Capabilities” (COCs), are pivotal to achieving effective information sharing and collaborative endeavors. They define these COCs in accordance with their unique mode of operation and elaborate on them with detailed processes. For the purpose of contemplating these four overarching concepts in a context fitting to 314(b) information sharing and collaboration among FIs, however, I will simply use a general reference to their high level categorizations: Receive, Gather, Analyze and Disseminate.

I also want to re-emphasize that the discussion points I provide below in transposing these four general categories into the parallel setting of a 314(b) framework deviate from their unique application in a Fusion Center.

Receive; Gather; Analyze; and Disseminate as Key Components of 314(b) Activity

Financial institutions would be well advised to reflect on the categorizations of Receive, Gather, Analyze and Disseminate as they pertain to 314(b) information sharing and collaboration when developing related policies and procedures.

The example recommendations I have shared below will hopefully serve as a starting point for further contemplation by your FI and a base upon which to build.

Receive
When your FI receives an incoming 314(b) communication, the de facto standard should be to respond in a timely manner. Keep in mind that the investigator who initiated the request would not have done so unless they thought the nature of the inquiry merited consideration by both their and your institution.

Gather
Exercise diligence and scrutiny when collecting any relevant information you have to share in response to a 314(b) communication. The strongest FININT and best insights typically emanate from putting together the most comprehensive picture possible.

This principle (Gather) should also encourage investigators to be proactive in initiating outgoing 314(b) communication when deemed prudent to seek additional information.

Analyze
Collaborate with peer investigator(s) at the other FI(s) associated with a particular 314(b) information sharing exchange. The pursuant dialogue and collective analysis can be instrumental to connecting the dots and tapping into insight that possibly might not present itself outside the enlightenment that often comes from a shared mind space.

Disseminate
If your determined course of action based on the findings of the collaborative investigation is to file a SAR, be sure to reference the 314(b) communication with the FI(s) involved. Where appropriate, a joint SAR can be filed. If the investigative findings are thought to be potentially related to terrorist financing, call FinCEN’s 24/7 hotline.

If relevant as per 314(b) guidelines, reach out to additional financial institutions that also have the individual or business being investigated by the two initial FIs as a mutual customer.

Share information resulting from 314(b) communication with other divisions and departments within your FI when appropriate for decision making and potential courses of action.

Net Takeaway

Fusion Centers have been credited with contributing to outcomes such as an increase in child predator arrests and preempted domestic terror attacks. These achievements inarguably provide strong testament to the power of information sharing and collaboration.

To conclude, I want to restate that the sample recommendations noted above are intended to encourage an initiative for your financial intelligence team to formulate, review and/or assess its 314(b) information sharing and collaboration practices to ensure that your FI is leveraging the full power of this tool and it’s very real potential to be a force multiplier to help financial institutions combat crime. As FinCEN has duly noted, Section 314(b) has “wrought substantial benefits for law enforcement and industry alike.”

 

Verafin is the industry leader in financial crime management, providing a cloud-based cross-institutional FRAMLx software platform for Fraud Detection, Anti-Money Laundering and High-Risk Customer Management, with a customer base of 1700 financial institutions across North America. Powered by cloud technology, Verafin significantly reduces false positive alerts, offers advanced data visualization, and enables collaborative investigations to help customers stay a step ahead of crime, as well as the BSA/AML compliance landscape.