Finding Renewed Purpose in the Bank Secrecy Act

50 Years of the BSA – Part 1

November 7, 2018 by Jim Richards

From its birth on October 26, 1970 as the Foreign Bank Secrecy Act of 1970, through make-overs in 1986 (criminalizing money laundering and structuring), 1990 (establishing FinCEN), 1992 (introducing Suspicious Activity Reports), and 2001 (the biggest make-over with the USA PATRIOT Act), the Bank Secrecy Act (BSA) has evolved and slowly adapted to a rapidly changing world. In this 3-part series — 50 years of the BSA — Jim Richards examines the purpose, storied history, modern challenges, and future direction of the BSA.

In an examination of the Bank Secrecy Act, perhaps the best place to begin is to ask: What is the purpose of the BSA? It’s a seemingly simple question, but one that doesn’t lend itself to a simple answer found in one place. In fact, even after looking in multiple places, one still may not arise with a truly definitive answer. The Bank Secrecy Act itself has a Declaration of Purpose:

“It is the purpose of this subchapter to require certain reports or records where they have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism.” (BSA, 31 USC §5311)

The Role of FinCEN in BSA

While the BSA has a declaration of purpose, the BSA regulations do not. Rather, there are certain requirements laid out in those regulations (31 CFR Part X). The regulations at 31 CFR §1010.810 provide that “overall authority for enforcement and compliance, including coordination and direction of procedures and activities of all other agencies exercising delegated authority under this chapter, is delegated to the Director, Financial Crimes Enforcement Network (FinCEN).”

FinCEN’s original (1990) mission was to:

establish a government-wide multi-source financial intelligence and analysis network to support the detection, investigation, and prosecution of domestic and international money laundering and other financial crimes.

In 1994, FinCEN’s mission expanded to include regulatory responsibilities, so that it currently has overall authority over the BSA and the authority to examine institutions for compliance, which it delegates to ten functional regulators.

Its current Mission Statement is clear:

The mission of the Financial Crimes Enforcement Network is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities.

This is a positive for financial institutions looking to provide financial intelligence to FinCEN. However, those institutions are not examined by FinCEN — that responsibility is delegated to the regulatory agencies (OCC, FDIC, NCUA, FRB, etc.). Those regulatory agencies do a good job in regulating and supervising financial institutions given the mandates that they have, which are “safety and soundness” mandates. The focus of those agencies is on the programmatic aspects of BSA/AML: risk assessments, customer identification programs, monitoring and reporting systems, proper documentation, independent testing programs, etc.

It is only where “effective intelligence” is not part of “safety and soundness” that we see the loss of purpose and drift from effectiveness of the private sector’s BSA/AML efforts.

Through the 1990s, we saw an increasing focus on the nuts and bolts (safety and soundness) of programs. Over time, this resulted in an increasing divergence between the regulators’ mandates and priorities, and the stated purpose of the Act.

By the book: FFIEC BSA/AML Exam Manual

Regulatory guidance was first outlined in the June 2005 Federal Financial Institutions Examination Council’s (FFIEC’s) BSA/AML Examination Manual (amended in 2006, 2007, 2010, and 2014). Keep in mind that FinCEN is not a member of the FFIEC: five of the ten regulators that have delegated BSA compliance responsibilities are members. As early as page seven we find the following statement:

The BSA is intended to safeguard the US financial system and the financial institutions that make up that system from the abuses of financial crime, including money laundering, terrorist financing, and other illicit financial transactions… a sound BSA/AML compliance program is critical in deterring and preventing these types of activities at, or through, banks and other financial institutions.

This statement declares the importance of maintaining a sound program without a reference to the importance of the purpose of a sound program — to provide actionable intelligence to law enforcement.

Stressing the importance of actionable intelligence

Where the regulators believe “a sound BSA/AML compliance program is critical in deterring and preventing these types of activities at, or through, banks and other financial institutions,” myself and many others believe that providing timely and actionable intelligence to law enforcement is critical to the successful prevention of these types of activities occurring at, or through, banks and other financial institutions. Of course, a sound BSA/AML compliance program provides the necessary foundation for providing that intelligence.

Perhaps a first step in reforming the BSA/AML regime in the United States is changing the language of the FFIEC BSA/AML Examination Manual, updating “a sound BSA/AML compliance program is critical in deterring and preventing these types of activities at, or through, and other financial institutions” to “providing timely and actionable intelligence to law enforcement is critical in deterring and preventing these types of activities at, or through, banks and other financial institutions, and a sound BSA/AML compliance program provides the foundation for the ability to provide that intelligence.”

This may be a subtle change — but it’s an important one that strengthens and focuses the very purpose of the BSA.

Part 2/3: A Brief History of the BSA

Nasdaq Verafin provides cloud-based Financial Crime Management Technology solutions for Fraud Detection, AML/CFT Compliance, High-Risk Customer Management, Sanctions Screening and Management, and Information Sharing. More than 2,500 financial institutions globally, representing more than $8T in collective assets, use Nasdaq Verafin to prevent fraud and strengthen AML/CFT efforts. Leveraging our unique consortium data approach in targeted analytics with artificial intelligence and machine learning, Nasdaq Verafin significantly reduces false positive alerts and delivers context-rich insights to fight financial crime more efficiently and effectively. To learn how Nasdaq Verafin can help your institution fight fraud and money laundering, call 1-877-368-9986.