The Bank Secrecy Act
The Bank Secrecy Act provides the framework guiding the obligations held by all banks and financial institutions to monitor their systems for illicit funds and criminal activity. Banks and other financial institutions are required to maintain systems that check for suspicious activity and to report such activity to law enforcement. They are also responsible for monitoring their systems for transactions above a certain dollar value, usually $10,000.
Who has to comply with the Bank Secrecy Act?
The Bank Secrecy Act applies to banks governed by U.S. laws, as well as some other financial institutions including some registered broker-dealers, cryptocurrency companies, and money-services businesses. Most businesses that facilitate the transfer of money from one person to the other have Bank Secrecy Act obligations. And even some financial firms that do not have Bank Secrecy Act obligations, like investment advisors, may sometimes have to comply with the same reporting requirements depending on their relationships with other financial firms that fall within the law’s ambit. These rules apply to U.S.-based institutions, as well as other financial institutions under U.S. jurisdiction.
The financial institutions that have to comply with the Bank Secrecy Act include:
U.S.-registered banks, including any commercial bank, trust company, private bank, savings and loan association, thrift, or credit union;
Branches and agencies of foreign banks;
Money services businesses, including those engaged in currency exchange, check cashing, traveler’s checks, money orders, prepaid access services, and money transmission;
Many cryptocurrency companies, if they are involved in the transfer of convertible virtual currencies;
Brokers and dealers of securities subject to registration under the Securities Exchange Act;
Mutual funds subject to registration under the Investment Company Act;
Futures commission merchants or introducing brokers subject to registration under the Commodity Exchange Act;
Some other non-bank financial institutions including casinos, real estate businesses, precious metal dealers, and more.
What conduct violates the Bank Secrecy Act?
Designing a functional suspicious activity monitoring system is not an easy task. Large financial institutions see billions of transactions pass through their ATMs, counters, online systems, and other entry points. Sophisticated computer modeling is usually needed to maintain a functional system, as is then a significant investment in person power to check every automated alert, review its accuracy, and check for context.
Such systems require a significant investment to do correctly. When banks and other financial institutions fail to put in the needed resources out of a desire to save costs, they cannot keep up with their regulatory obligations to prevent the movement of dirty money. Suspicious transactions go unchecked, a backlog of unreviewed data occurs, and the criminals wishing to hide their suspicious activities succeed in doing so.
The Bank Secrecy Act requires financial institutions to, at minimum:
Monitor, report, and keep records on suspicious activities through a functional suspicious activity monitoring system;
Submit suspicious activity reports (otherwise known as SARs) for activity reasonably suggesting money laundering, tax evasion, or other criminal activities;
Have an AML compliance program, including policies and procedures reasonably designed to protect against criminal proceeds moving through the institution’s systems;
Have a customer identification program reasonably designed to verify the identity of natural persons and beneficial owners of shell corporations;
Perform due diligence on all accounts, including foreign correspondent accounts and other foreign or private transactions; and
Monitor, report, and keep records on cash purchases of negotiable instruments and cash transactions exceeding $10,000 (what is known as Currency Transaction Reports or CTRs).
Any failures in these systems constitute a serious issue, because the Bank Secrecy Act is a critical component of the United States’s law enforcement efforts—both for domestic and international money movements. It provides the information needed to stop dirty money and therefore stop the criminal enterprises that rely on those funds to facilitate their activities.
With the advent of the new FinCEN Whistleblower Program in 2021, whistleblowers who have information related to banks and other financial institutions not complying with their Bank Secrecy Act violations now have a path to provide that information to the government in exchange for a potential award.
Who can blow the whistle on Bank Secrecy Act violations?
Anyone with non-public information related to a violation of the Bank Secrecy Act can bring that information to FinCEN. You do not need to be an employee of a bank or other regulated entity to blow the whistle. And if you are an employee and work in a compliance function, you are allowed to come forward as a potential whistleblower. Whistleblowers are allowed to report anonymously as long as they are represented by an attorney.
These descriptions of the FinCEN Whistleblower Program are general in nature and do not constitute legal advice. Money laundering and sanctions violations are complex and ever-evolving. The attorneys at Whistleblower Partners understand the complicated, constantly changing legal landscape and are happy to discuss any potential matter further.
If you would like more information or would like to speak to an attorney at Whistleblower Partners, please contact us for a confidential consultation.