Improving the Suspicious Activity Report

Blueprint for Change
Improving The Suspicious Activity Reporting Process
Challenges in the Current Reporting System -- Our Work to Date
Over the last two years Business Executives for National Security (BENS) has engaged its members on a
project to “Follow the Money” in an effort to improve the government’s ability to identify, follow and
disrupt financial activity related to terrorism. The Suspicious Activity Report (SAR) is the primary method
for financial services firms to report activity that may be related to terrorism. BENS has convened
business leaders from across the country and government officials in working sessions in New York,
Atlanta, and San Francisco to discover what works and what doesn’t work with the SAR process. Our
goal is to identify shortcomings, propose meaningful changes and ultimately improve the way
government collects, analyzes and disseminates critical financial information related to terrorism.
Why BENS?
For more than 20 years, BENS members have been using their business experience and expertise to find
practical solutions to pressing national security challenges. BENS approaches issues in a business-like
way, not only proposing workable solutions but also working to get them implemented. Since December
of 2000 BENS Financial Tracking Working Group has been working with government partners -- including
the Treasury Department’s Financial Crimes and Enforcement Network (FinCEN) and the FBI -- to identify
ways to improve the Suspicious Activity Reporting (SAR) process. Over 75 business leaders across the
country partnered with federal officials to examine the process and determine what specific steps could
be made to make it an effective tool for identifying possible terrorist activity.
Getting It Done
Our working sessions, and this blueprint, represent only the first phase of our work. Much remains to be
done. What follows are a number of specific steps that, once implemented, will substantially improve our
nation’s ability to more effectively use financial tools to fight the war on terrorism. BENS members are
committed to continued work with our government partners to improve this process and win this war. To
execute the changes recommended in this report, BENS recognizes that committed partners will be the
essential element. We have had the good fortune of working with the leadership of FinCEN, the FBI and
the Treasury Department, who have supported these efforts throughout this process. We look forward to
building upon our initial work and beginning implementation of the recommendations that will make the
process an important tool for national security.
-1-
Blueprint for Change
Improving The Suspicious Activity Reporting Process
Recommendations for Implementation By:
FinCEN
FBI
1. Working together, the FBI and FinCEN should create, and
regularly update, coordinated guidance that describes the
characteristics of “Suspicious Activity” transactions and
trends related to terrorist financing.
3
3
2. FinCEN should require, where appropriate, all financial
institutions to file SARs on the Patriot Act Communications
Systems in order to increase the speed, self-editing/omission
prevention capabilities of this system.
3
3. FinCEN should convene a group of financial service firms to
work with them in conducting a six-month review of the
PACS system to identify ways in which to continue to
improve the system.
4. The FBI should expand the regional task forces on financial
tracking and develop a pilot project in one or two field
offices that includes bank officers and compliance personnel
in the initial review of SARs at the field level.
3
3
3
3
3
3
3
3
3
3
3
3
6. FinCEN should publish the SAR Activity Review Report
quarterly instead of bi-annually and include more specific
case studies.
3
7. FinCEN should establish a good SAR Recognition Program in
general and recognize specific financial institutions that
submit outstanding SARs.
3
9. FinCEN, in conjunction with independent third parties such
as BENS, an academic institution, or a professional
management consulting firm, should review its current
information technology systems to determine if the best
commercially available technologies for data collection,
analysis and dissemination are being used.
-2-
JOINT
3
5. FinCEN should post case studies on the PACS website as a
way to better inform and educate financial institutions.
8. FinCEN, in conjunction with independent third parties such
as BENS, an academic institution, or a professional
management consulting firm should review and evaluate the
SAR “workflow process” as it affects FinCEN, financial
institutions, law enforcement and intelligence agencies.
BENS
3
Acknowledgements
Business Executives for National Security (BENS), is a national, non-partisan organization, which
serves as a primary channel through which senior business executives can help enhance America’s
national security practices. BENS members use their business experience and expertise to drive our
agenda, deliver our message to decision makers and make certain the changes we propose can be put
into practice. BENS has only one special interest: to help make America more safe and secure.
Since October of 2000, BENS members have been using their business experience to find practical
solutions to pressing national security challenges.
Since December of 2000 BENS Financial Tracking
Working Group has been working with government partners including the Treasury Department’s
Financial Crimes and Enforcement Network (FinCEN) and the FBI to identify ways to improve the
Suspicious Activity Reporting (SAR) process.
BENS gratefully acknowledges the contribution made by the participants of the SAR working sessions
convened in New York City, Atlanta, and San Francisco. We extend special thanks to David Aufhauser,
General Counsel, Treasury Department; Jim Sloan, Director, FinCEN; Denis Lormel, Chief, FBI Terrorist
Financing Operations Section (TFOS); David Vogt, Assistant Director, FinCEN; Frank Waikart, Special
Advisor, FBI TFOS; David Gilles, Acting Assistant Director, Office of Compliance & Regulatory
Enforcement, FinCEN; Jeffery Nuebert, President, and John Mohr of The Clearing House without whom
this work would not have been accomplished. Additionally BENS would like to acknowledge our members
who have driven this project since its inception, especially Alan Silberstein, who has chaired and led our
efforts, Mary Boies, Zenon Nie, Norman Hinerfeld, Greg Wallance, Ramon Marks, Richard Rosenberg, and
Neil Wedewer.
BENS appreciates the genuine cooperation we received from SunTrust Bank, The
Clearing House, Bank of America and Dorsey & Whitney, LLP for co-hosting the SAR working sessions.
The opinions, conclusions, and recommendations expressed in this report are solely those of BENS
and do not necessarily represent the views and conclusions of the participants or the organizations
mentioned above. We encourage readers of this report to provide us with their comments and
suggestions regarding the recommendations and how we can improve our efforts as we continue our
efforts.
BENS prides itself on being a “Do Tank” -- implementing real changes that improve national security.
Our members and staff look forward to building on this work with our partners and implementing the
steps necessary to improve the SAR process as a critical tool in the financial war on terrorism.
-3-
“Money is the lifeblood of terrorist operations. We’re asking the world to stop payment.”
--- President Bush, October 1, 2001
The Issue
For the government to “follow the money” and track and stop terrorists, it must have the
cooperation of the private sector. The nation’s financial institutions are on the front line of gathering the
critical financial information needed by the government to accomplish its mission. One of the primary
ways information flows from financial institutions to the government is through filing reports required by
the Bank Secrecy Act (BSA)1, especially the Suspicious Activity Report (SAR). Business Executives for
National Security (BENS) has partnered with the Treasury Department’s Financial Crimes and
Enforcement Network (FinCEN) and the FBI to identify ways to improve this process.
Background and Methodology
BENS is committed to working with our government partners to improve the effectiveness of the BSA
reporting process, with particular emphasis on Suspicious Activity Reporting. The government’s
recognition of the importance of the SAR process as an intelligence and information-gathering tool in the
financial war on terrorism represents a significant shift from the original purpose of the SAR, which in
general was engineered toward detection of financial activity linked to traditional large-scale narcotics
trafficking, organized crime and fraud.
Given the shift in the government’s understanding of the
comparatively small thresholds of financial activity associated with terrorism. BENS believes there needs
to be a corresponding change in the structure of the SAR process for this effort to work effectively. The
dramatic increase in the number of SARs submitted, combined with the challenges of developing a
comprehensive, fully-integrated information technology system and simultaneously addressing the issues
of inadequate numbers of financial analysts prevent FinCEN, the FBI and other appropriate law
enforcement agencies from making the best use of SARs.
From May through November of 2002, BENS convened three working sessions, in NYC, Atlanta and
San Francisco, to learn, firsthand from the financial institutions what specifically worked and what didn’t
work in the SAR process. FinCEN Director Jim Sloan and Assistant Director David Vogt heard from over
sixty senior level officers from leading financial institutions across the country. As might be expected, we
heard similar concerns with the process in each of the three sessions and conversely, we also heard an
array of good, useful suggestions for improving the process.
Financial Crimes Enforcement Network (FinCEN)
The Financial Crimes Enforcement Network (FinCEN) was created in 1990 to detect financial crimes
and to provide analytical support to law enforcement investigations. It was then merged with the
Treasury Department’s Office of Financial Enforcement in 1994, creating a single organization with
regulatory, intelligence and enforcement functions. FinCEN’s mission is to support law enforcement and
intelligence agency investigative efforts and foster interagency and global cooperation against domestic
and international financial crimes.
1
These reports include the Currency and Monetary Instrument Report (CMIR), Currency Transaction Report (CTR), Report of
Foreign Bank Account (FBAR) and Suspicious Activity Report (SAR).
-4-
FinCEN is the recipient of all the SARS and other reports submitted by financial institutions. Using
that data, FinCEN provides U.S. policy makers with strategic analyses of domestic and worldwide money
laundering developments, trends and patterns. Since 9/11, FinCEN’s profile has changed dramatically and
finds itself with a critical role in the financial war on terrorism.
What is a SAR?
The Suspicious Activity Report (SAR) system was created in 1996 to replace six overlapping methods
of financial information reporting with a single, more uniform process. The SAR was designed to reduce
paperwork for the banking community and to increase the amount of useful information available to
investigators. SARs have been called “haystacks of needles”, therefore it is crucial the information in
these reports is systematically collected and analyzed carefully.
Since the Patriot Act in 2001, the SAR process has expanded from money laundering detection to
intelligence gathering for identifying financial transactions that may be related to terrorism. Moreover,
the Patriot Act requires that many more financial institutions submit SARs resulting in a corresponding
increase in the number of reports.
Guidance for SAR filers
Financial institutions are required under the Bank Secrecy Act to identify which transactions warrant
reporting via SARs. To be most effective, the SAR filers need to know what specific information about
transactions and customers are most valuable to FinCEN. All of the participants in our sessions declared
that they need more guidance in recognizing “suspicious activity” in those financial transactions that may
be related to terrorism. This is unlike most SAR related experience where financial institutions have been
investigating a fraud against itself.
Historically, the government has provided recommendations to recognize traditional moneylaundering activity. The guidance has now been expanded to include possible terrorist activity. These
recommendations include:
•
Financial activity to and from countries identified as state sponsors of terrorism
•
Financial activity inconsistent with the stated purpose of the business
•
Financial activity not commensurate with stated occupation
•
Use of multiple accounts at a single bank for no apparent purpose
•
Importation of high dollar currency/traveler’s checks not commensurate with stated occupation
•
Structuring of deposits at multiple bank branches to avoid BSA requirements
•
Abrupt changes in account activity
•
Use of multiple personal and business accounts to collect and then funnel funds to a small
number of foreign beneficiaries.
This list however, may still be inadequate to identify terrorist related financial activity. Financial
institutions and government agencies need to continue to work together to refine and improve the
indicators and methods of detection for the SAR process to achieve its full potential.
RECOMMENDATION 1: Working together, the FBI and FinCEN should create, and regularly
update, coordinated guidance that describes the characteristics of “Suspicious Activity”
transactions and trends related to terrorist financing.
-5-
Patriot Act Communications Systems (PACS)
"The seminars have proved extremely useful in creating an environment in which we can get on-thespot interaction and feedback on technical issues, such as electronic filing of SARs, that have the
potential to fundamentally affect the way in which the SAR process evolves. There is no question that
any technical fixes we put in place will be better tuned as a result of the BENS seminars."
-- Dave Gilles, Assistant Director for Technology, FinCEN
Since the process was first required in 1996, well over 50% of SARs submitted have been on paper
or magnetic tape. Once received, SARs are then outsourced and the data keypunched into an electronic
format. This step alone can add up to 45 days to a process already subject to long periods of
pattern/problem recognition delay and additional investigation within the financial institution.
To speed up the process, in October 2002 FinCEN launched the electronic filing system known as the
Patriot Act Communications Systems (PACS). Developed by Deloitte & Touche for FinCEN, PACS serves
as a model for increasing the speed and improving the accuracy of SARs. Without question, this system
helps the government collect, analyze and synthesize the information it receives.
Without question there may be significant upfront costs associated with shifting the filing process to a
web-based system, but given the expected increase in filing volume and the amount of data that must be
collected, analyzed and disseminated, we believe that ultimately it will be more cost effective for both the
private sector and the government to move to an electronic filing system.
RECOMMENDATION 2: FinCEN should require, where appropriate, all financial institutions
to file SARs on the Patriot Act Communications Systems in order to increase the speed, selfediting/omission prevention capabilities of this system.
A December 2002 report by Treasury’s Office of Inspector General also pointed out that the timing
and accuracy of SAR submissions are a critical issue. One significant problem is that SARs are often filled
out with errors, misspellings and omissions of important information. More importantly though, the
current system lacks the capability to detect and auto-correct these errors and omissions. For example,
one participant noted the PACS website lacks a basic spell check function to reduce misspellings on SARs
submitted electronically.
FinCEN has just recently completed an audit of the PACS system and determined that the future
success of the program rests on convincing more financial institutions that it is in their best interest to file
electronically. It follows then that it would be worthwhile for FinCEN to gauge their customer satisfaction
by getting feedback from the first group of users of the PACS system.
RECOMMENDATION 3: FinCEN should convene a group of financial service firms to work
with them in conducting a six-month review of the PACS system to identify ways in which to
continue to improve the system.
-6-
Increasing Stakeholder Participation
Virtually all major financial institutions have compliance experts who could make valuable
contributions to law enforcement and intelligence agencies by providing their services to FinCEN and
other appropriate law enforcement and intelligence agencies. One of the most intriguing ideas presented
during our sessions was to have banks and other financial service companies offer the services of their
money laundering and suspicious activity experts to field task forces now responsible for reviewing SARs
for possible links to terrorism. The benefits would be twofold and we believe significant.
First, by allowing private sector experts to examine SARs with regional task forces on terrorist
financing the federal agencies would get the benefit of having “independent, third party” review the
SARs. This effort would supplement the work of field task forces and allow for the review of more SARs
with additional expertise. Also, building and enhancing informal relationships between financial service
firms, regulators and financial intelligence units can be a critical tool in identifying financial activity that
may be related to terrorism.
Secondly such a program would provide financial institutions with immediate and meaningful
feedback on how best to improve the filing of SARs by financial institutions and other filers.
RECOMMENDATION 4: The FBI should expand the regional task forces on financial tracking
and develop a pilot project in one or two field offices that includes bank officers and
compliance personnel in the initial review of SARs at the field level.
Our working sessions revealed that financial institutions believe that the PACS website is a good way
to disseminate information quickly and effectively, but it has not yet been fully exploited. The PACS
system should develop the capabilities to issue “case study” bulletins on how SARs have been effectively
used and led to an arrest and prosecution.
RECOMMENDATION 5: FinCEN should post case studies on the PACS website as a way to
better inform and educate financial institutions.
SAR Activity Review Report
FinCEN has initiated a feedback process by publishing the SAR Activity Review Report twice a year.
The report was given high praise by our session attendees as an important step in the right direction.
However, at almost 100 pages, a number of compliance officers commented that it is too cumbersome to
be read in detail. There is valuable information and updates as well as case studies in the SAR Review,
but the report could be more concise and published more frequently than twice a year.
RECOMMENDATION 6: FinCEN should publish the SAR Activity Review Report quarterly
instead of bi-annually and include more specific case studies.
-7-
Improving Feedback
The single most common concern of the SAR process expressed by financial institutions and others
was the perceived lack of feedback provided to filers by FinCEN. Financial institutions expressed the
desire for a more “closed loop” feedback system on the SARS they file. The sessions revealed financial
institutions believe there is not sufficient feedback from the government and that their reports have gone
in to a “black hole.” This is despite the fact that FinCEN publishes, through the SAR Activity Review
Report, information about, and examples of, how SAR’s are being utilized. Clearly there is disconnect
between what FinCEN is attempting to communicate and what financial institutions are receiving. We
believe that more frequent, more concise communication from FinCEN to financial institutions would lead
to increases in communication to FinCEN about SAR reports. This approach would benefit both parties.
Financial institutions do recognize that is impossible to provide individualized feedback on each
report. However, an improved feedback system will increase the quality of the SARs submitted as well as
provide new filers with clear examples of the type of information FinCEN and other law enforcement and
intelligence agencies need. This would include feedback on the selection of particular
accounts/transactions for reporting, and the completeness and usefulness of data provided on the SAR.
In addition, we learned that case histories and feedback on the SAR process are a crucial part of
some financial institution’s training program. Both serve to demonstrate how important it is to provide a
high quality suspicious activity report. This includes the “soft” need for motivation and encouragement
and the hard techniques: electronic edit checks, random sampling and written evaluation, etc. that can
guide financial institutions to improve their future product.
Analysts should visit with financial institution staff that prepare SARs and FinCEN and law
enforcement and intelligence agency staff who use them, identify the key quality indicators, and
recommend some immediate practices for quality improvement and a process for continuous
improvement through feedback.
RECOMMENDATION 7: FinCEN should establish a good SAR Recognition Program in general
and recognize specific financial institutions that submit outstanding SARs.
Next Steps I.
Currently, once SARs are entered into the FinCEN system, they are downloaded to selected federal
law enforcement agencies immediately and made available to all regulatory and law enforcement
organizations through FinCEN’s Gateway process. FinCEN also conducts proactive analysis of the SAR
database to identify leads for possible investigative follow-up by law enforcement, as well as trend and
pattern analysis to identify systemic money laundering methodologies. In addition, all law enforcement
and intelligence agencies may request FinCEN to research the database on their behalf.
We believe that a best business practices approach would be to develop a “workflow study” to
determine that the policies and IT systems being used to route SARs and prioritize analysis by FinCEN
and law enforcement and intelligence agencies, are clear and optimal, giving priority to terrorists threats.
This process and subsequent analysis should also identify how actual practices may veer from
management policy.
-8-
RECOMMENDATION 8: FinCEN, in conjunction with independent third parties such as BENS,
an academic institution, or a professional management consulting firm should review and
evaluate the SAR “workflow process” as it affects FinCEN, financial institutions, law
enforcement and intelligence agencies.
Next Steps II.
Throughout our report we have identified ways in which the SAR system can be improved through
increased optimization of technology systems. While technology alone cannot be the answer, the right
technology can make a significant difference, especially as it relates to collection, analysis and
dissemination of large amounts of information and data. Quite simply, making sure our government can
use the best available technology to the best of their ability is a key component in any effort to improve
the SAR process.
Again, given the expected increase in volume of SARs submitted in the next year, the next two years
and the next five year period, good management would require that mangers plan look ahead to identify
new systems and technologies in order to meet the expected changes. In addition to volume changes the
integration issues associated with the new Department of Homeland Security will pose significant issues
for managers. In short, meeting the IT challenges facing FinCEN and the FBI will be one of the most
important benchmarks in the effort to understand, identify and ultimately disrupt the financing of
terrorism.
RECOMMENDATION 9: FinCEN, in conjunction with independent third parties such as BENS,
an academic institution, or a professional management consulting firm, should review its
current information technology systems to determine if the best commercially available
technologies for data collection, analysis and dissemination are being used.
Current Electronic Filing Capability For Existing BSA Forms
Can be filed online:
•
•
Form 4789 Currency Transaction Report (CTR)
Form TD F 90-22.47 Suspicious Activity Report (SAR)
Cannot be filed online:
•
•
•
•
•
•
•
•
•
FinCEN Form 102 - Suspicious Activity Report by Casinos and Card Clubs
FinCEN Form 101 - Suspicious Activity Report by the Securities and Futures Industries
TD F 90-22.56 Suspicious Activity Report by Money Services Business
TD F 90-22.53 Designation of Exempt Person
Form 8362 Currency Transaction Report by Casinos (CTRC)
Form 8852 Currency Transaction Report by Casinos - Nevada (CTRC-N)
Form 4790 Report of International Transportation of Currency or Monetary Instruments (CMIR)
TD F 90-22.1 Report of Foreign Bank and Financial Accounts (FBAR)
FinCEN Form 8300 - Report of Cash Payments Over $10,000 Received in a Trade or Business
-9-
Business Executives for National Security
SAR Working Session Participant List
Joseph Alexander
Michael Amato
David Aufhauser
Matt Avery
Linda Bei
Pamela Brewster
Neill H. Brownstein
Fred Casissa
James Christie
Rodgin Cohen
Frank J. D’Italia
Grace Domingo
Sean Downs
Ed Dunn
Cynthia Eggers
Susan Emmert
Marty Fagan
Alan H. Fishman
Margaret Flanagan
Lisa Fontaine
Joe Frank
Tom Gann
David Gilles
Charlie Ginden
Pete W. Hart
Richard Hartnack
Farol Hettick
Nancy Noonan
John H. O'Byrne
Ed Phillips
Edgar Rabano
Barbara Shea
Steve R. Shpilsky
Alan Silberstein
Margaret Silvers
Robin Slade
Thomas J. Moran
John Mowiser
Norman Nelson
The Clearing House
Washington Mutual
US Treasury
Wells Fargo Funds
Bank of America
Charles Schwab & Co.
BENS Member
First Republic Bank
Bank of America
Sullivan & Cromwell
J. P. Morgan & Chase Co.
PricewaterhouseCoopers
Fair, Isaac and Co., Inc.
Montgomery Asset Management
SunTrust Bank
Synovus Financial Corp.
Choice Point, Inc.
Independence Community Bank
The Bank of New York Company, Inc
Federal Reserve of San Francisco
Bank of America
Siebel Systems
FinCEN
SunTrust Bank
Hart & Associates
UnionBanCal Corporation
Synovus Financial Corporation
Bank of the West
New York Life Insurance Company
SunTrust Bank
Reserve Officer Association
American Express Bank Ltd.
PricewaterhouseCoopers
Silco Associates
Union Bank of California, N.A.
BITS
Mutual of America
SunTrust Bank
The Clearing House
- 10 -
Norman Hinerfeld
Judy Holt
Donald D. Howard
Darryl Jackson
Dave Janiszewski
Thomas S. Johnson
Franklin P. Johnson
Robert Knapp
Barry M. Koch
David LaFontaine
Gene Levake
Peggy Lipps
Marty Lloyd
Dennis Lormel
Richard MacMilian
Mary Madden
Tom Martin
Mitchell Mass
Sue McLaughlin
Deborah Meng
Alvin Mitcham
Wade Mitchell
Fernando Monterey
Jeffrey Neubert
Zenon Nie
James F. Sloan
Richard A. Small
Derek Smith
Bill Snedeker
Michelle South
Fred Stone
Roger G. Strassner
Gordon Teel
Nona Tiedge
Andy Varipapa
David Vogt
Gloria Zaborowski
The Delta Group
SouthTrust Bank
Bank of North Georgia
Searchspace Corp
GreenPoint Financial
Asset Management Associates
USB Paine Webber Inc.,
American Express Bank Ltd.
Regions Bank
Union Bank of California, N.A.
BITS
AmSouth Bank
Director, FBI TFOS
Solomon Smith Barney
Terwilliger Enterprises, Inc.
SunTrust Bank
Cox, Padmore, LLP
BENS member
United Commercial Bank
SunTrust Bank
Trust Company Bank
Golden State Bancorp
The Clearing House
C.E.O. Advisory Board
Director, FinCEN
Citigroup
Choice Point, Inc.
Goodkind Labaton LLP
Union Bank of California, N.A.
Wachovia
Wells Fargo Investments
Bank of North Georgia
SouthTrust Bank
ACS
FinCEN
FBI