Suspicious Activity Reports: Terrorism and you
A government program designed to track down terrorists and money launderers is frightening bank customers, frustrating financial institutions and inundating federal agencies with secret reports of dubious value.
It’s called the Suspicious Activity Report, or SAR, and critics say it victimizes honest citizens who are conducting legitimate financial activities through legitimate banking channels, while generating a flood of useless paperwork and burdening financial institutions with billions of dollars in costs.
Experts predict nearly 1 million will be filed in 2006, a bit more than half by depository institutions, the rest by money-services businesses, casinos, card clubs and the securities and futures industries. Insurance companies had to begin filing in spring 2006, and mutual fund companies will have to establish anti-money-laundering programs and file SARs in fall 2006.
In total, 919,230 SARs were filed in 2005. You cannot find out if one has been filed on you; anyone revealing that information is breaking the law.
What can trigger a SAR? Almost anything out of the ordinary that rouses the suspicion of the personnel where the transaction took place. According to their rules, any group of transactions totaling $5,000 or more that “is not the sort in which the particular customer would normally be expected to engage” can cause enough suspicion to create a SAR. The reports are filed with The Financial Crimes Enforcement Network, or FinCEN, a division of the Department of the Treasury, and shared with law enforcement.
To be sure, the reports have led to criminal investigations and prosecutions. But it also has mushroomed into a paper-generating monster that threatens to create Suspicious Activities Reports in government files on an increasing number of ordinary citizens.
One man’s fears
Unlike other government spying programs, this one is out in the open — and it’s creating fear among people doing ordinary banking activities. Take a recent college graduate from Columbus, Ohio, whose parents offered an interest-free loan to pay off his high-interest credit card debt. While surfing online, a message board post caught his attention.
“A guy said he paid off his credit card and got a call from the bank,” says the graduate, who asked not to be identified. “They held his funds for three weeks because his payment deviated from his normal payment. I did my own research and found it was realistic.
“They could report you to Homeland Security if payments deviate from the norm. It sounded scary and made me nervous. I think it’s ludicrous that anyone should be afraid of paying off their debt.”
The SAR was developed in 1996 as a way for banking organizations to report “suspected criminal violations of federal law or a suspicious transaction related to money laundering activity, or a violation of the BSA (Bank Secrecy Act),” according to Federal Financial Institutions Examination Council, or FFIEC, documents.
The Bank Secrecy Act, according to the FFIEC, was “designed to help identify the source, volume and movement of currency and other monetary instruments transported into or out of the U.S., or deposited in financial institutions.”
Clearly, the Sept. 11 terrorist attacks and the subsequent revelation that the terrorists freely lived here and opened bank accounts at will frightened American citizens and the government. Congress responded with the Patriot Act, aimed at giving government agencies more power to find and clamp down on money laundering and terrorist financing.
Financial institutions, which long had been required to have anti-money laundering, or AML, programs, have come under increased pressure in recent years as identity theft and computer-related financial crimes have grown exponentially. The feds came down hard on banks that failed to adequately guard against money laundering. Among the most heavily fined offenders was Riggs Bank, fined $25 million in 2004, followed by $80 million in penalties against ABN AMRO Bank in 2005 and a $10 million fine against BankAtlantic in 2006.
Banks sat up and took notice, and the SARs began to flow. The reports from depository institutions alone climbed rapidly, more than doubling in four years.
“I believe there will be a million SARs filed (by banks) in 2006,” says Steve Bartlett, president and CEO of Financial Services Roundtable, a Washington, D.C. association of the largest financial services companies. “A million SARs get in the way. The law enforcement agencies have a difficult time finding real suspicious activity. It’s the old joke — where’s the best place to hide a leaf? On the ground with a million other leaves.”
SARs filed by banks or other institutions simply to avoid the risk of penalty are referred to as “defensive filings.” Banks are under pressure to file, not only from the government but from their attorneys. John Hall, spokesman for the American Bankers’ Association, was quoted in the National Law Journal in May 2005 as saying, “Our bank counsel are saying if it smells just the least bit, file. File early and file often.”
The abundance of defensive SAR filings caught the attention of officials at the Financial Crimes Enforcement Network, or FinCEN, the agency that administers the Bank Secrecy Act. In April 2005, then-director William Fox wrote in “The SAR Activity Review”:
“While the volume of filing alone may not reveal a problem, it fuels our concern that financial institutions are becoming increasingly convinced that the key to avoiding regulatory and criminal scrutiny under the Bank Secrecy Act is to file more reports, regardless of whether the conduct or transaction identified is suspicious. These ‘defensive filings’ populate our database with reports that have little value, degrade the valuable reports in the database and implicate privacy concerns. Financial institutions from the smallest community banks to the largest international banks are telling us that they would rather file than face potential criticism after the fact.”
Fox went on to say that the solution to defensive filings is a “single, clear policy on suspicious activity reporting combined with consistency in the application of that policy.” A few months later the federal banking agencies and FinCEN issued a new anti-money-laundering examination manual. The manual was supposed to give clearer guidance to banks and bank examiners and make interpretations of the Bank Secrecy Act more consistent.
But with the new guidance now in place for a year, critics say the situation hasn’t improved much.
“I had some hope for the guidelines, but at this point the guidance seems to have made things somewhat worse,” says Bartlett of the Financial Services Roundtable. “It’s guidance rather than regulation. It may sound small but it’s not at all. If they’re regulations, you can count on them. File a SAR in this case, but not in this one. But it’s merely guidance, and if you fail to file a SAR you can be prosecuted.
“The guidelines tend to be quite broad in terms of risk factors. If you’re anywhere in the states of New York, Florida or Minnesota, it’s a risk factor. If it has to do with a nonprofit organization or something international, it’s a risk factor. So, the Buffalo Symphony Orchestra taking a season ticket order from a Canadian should file a SAR because it’s a nonprofit in New York with a subscriber from Canada — that’s three big risk factors, even though there’s nothing risky about it.”
Richard Riese, director of compliance at the American Bankers’ Association, agrees that the revised guidelines could use more revising.
“I still think there are a lot of areas that produce SARs that law enforcement is not very interested in. I think we could be in a better situation with guidance that would allow banks to exclude certain types of filings or give them the comfort of the benefit of the doubt.”
One area Riese is talking about is structuring, which is an attempt to dodge reporting requirements by, for example, making several smaller transactions instead of one large transaction, or by making deposits in several institutions instead of one institution. Already, if a transaction involves $10,000 or more in currency, a Currency Transaction Report, or CTR, must be filed based simply on a dollar amount. There’s no suspicion on the bank’s part that anything illegal is being done. Nevertheless, many customers don’t like having their transactions flagged.
“I think a lot of structuring filing, where no one believes there’s any underlying money laundering going on, is just people shy about being reported, so they compensate by structuring without realizing that will generate a SAR,” Riese says.
“Law enforcement knows that’s the case and has no intent on pursuing legitimate activity so nothing is done about them, but we have to file.”
A FinCEN regulatory specialist who declined to be identified says rules and requirements are risk-based.
“Every time we come out with a new rule we solicit comments from all affected parties. We seek their input and make reasoned judgments based on the comments we get. It’s a careful balancing act. Filings are up but the manual is meant as assistance to examiners and to some extent employees of financial institutions. We think filings are up for a variety of reasons. There are more institutions subject to BSA and greater due diligence post 9/11, and to the fact that these institutions have a new understanding of their obligation.”
The specialist points out that new guidance has been issued to banks on how to document not filing a SAR.
“Every institution will have a tipping point — they’re either going to file or they’re not going to file. If they decide not to file we encourage them to make a document for their records. The examiner must determine if the bank has its policies and procedures in place and if the bank is doing due diligence appropriately. They need to see that. The examiner may look and say this is strange and then the bank can say we thought so, too, but here’s why we decided not to file.”
A concern to civil libertarians is that the proliferation of SARs will enable the government to unnecessarily delve into the legitimate private financial business of American citizens.
Bob Barr is an Atlanta-based attorney, former Republican congressman and former U.S. attorney. He’s now chairman of Patriots to Restore Checks and Balances, a group that monitors the government’s use of the Patriot Act, and president and CEO of Liberty Strategies, a consulting and public relations firm.
“The government has an insatiable appetite for getting more information even though they may never get through it,” Barr says. “Congress ought to be asking how much money is being spent on this, how much time and resources? What are we getting? How many prosecutions have there been? I suspect it’s minuscule in relation to the number of reports filed.
“Something is out of whack. The government isn’t interested in stemming the flow of the information. It’s a free way to get information and the fact that they don’t have the capability to go through it all doesn’t deter them. They like the control over the financial institutions.”
FinCEN’s regulatory specialist disagrees.
“Our mission is to protect the integrity of the financial structure of the United States. The Right to Financial Privacy Act is enforced and something that we value as a country, but we need access.”
The government is trying to balance competing forces.Federal agencies were widely criticized after Sept. 11 for not connecting the dots and averting the disasters. Now, they’re trying to connect the dots, and Americans are chafing a bit under the increased scrutiny.
There have been isolated cases where individuals have claimed their bank account was frozen temporarily while bank officials examined what turned out to be legitimate transactions. These types of incidents will almost certainly continue as more industries are required to guard against money laundering. If the miscues happen with increasing frequency the American public will likely begin howling, something that Barr says isn’t happening yet.
“There doesn’t seem to be any traction in the courts for this. I don’t know whether individual citizens who are victims don’t have the interest or the capability to fight it.”
All of this reporting doesn’t come cheap. “We think it has an impact on banks costing about $7 billion annually in compliance, the number of hours to set up, report, and tell regulators and auditors,” Bartlett says.
The best advice if you’re a law-abiding citizen about to make a banking transaction that’s a bit out of the norm for you is go ahead and do it. Don’t try to figure out some way to avoid detection.
“Conduct your business as you need to,” says FinCEN’s regulatory specialist. “No one particular thing will set off the filing of a SAR. Every institution has its own due diligence procedures. It might involve the bank doing a follow-up phone call asking what’s going on here. And then you can say my parents gave me a gift to pay my credit card debt.”
The debate over SARs will likely continue into the foreseeable future. FinCEN provides reports, rulings, testimony, enforcement issues, news releases and other information on the Bank Secrecy Act and the Patriot Act. The American Bankers’ Association Web site is another resource for those wanting to keep up with this issue.