96-2272. Amendment to the Bank Secrecy Act Regulations; Requirement To Report Suspicious Transactions  

  • [Federal Register Volume 61, Number 24 (Monday, February 5, 1996)]
    [Rules and Regulations]
    [Pages 4326-4332]
    From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
    [FR Doc No: 96-2272]
    
    
    
          
    
    [[Page 4325]]
    
    _______________________________________________________________________
    
    Part IV
    
    Department of the Treasury
    
    
    
    31 CFR Part 103
    
    
    
    Department of the Treasury
    
    
    
    Office of the Comptroller of the Currency
    
    
    
    12 CFR Part 21
    
    
    
    Federal Reserve System
    
    
    
    12 CFR Part 208, et al.
    
    
    
    _______________________________________________________________________
    
    
    
    Suspicious Transactions Reporting Requirements; Final Rules
    
    Federal Register / Vol. 61, No. 24 / Monday, February 5, 1996 / Rules 
    and Regulations 
    
    [[Page 4326]]
    
    
    DEPARTMENT OF THE TREASURY
    
    31 CFR Part 103
    
    RIN 1506-AA13
    
    
    Amendment to the Bank Secrecy Act Regulations; Requirement To 
    Report Suspicious Transactions
    
    AGENCY: Financial Crimes Enforcement Network, Treasury.
    
    ACTION: Final rule.
    
    -----------------------------------------------------------------------
    
    SUMMARY: This document contains a final rule requiring banks and other 
    depository institutions to report to the Department of the Treasury 
    under the Bank Secrecy Act any suspicious transactions relevant to 
    possible violations of federal law or regulation. The rule is adopted 
    by the Financial Crimes Enforcement Network (``FinCEN'') to implement 
    the authority granted to the Secretary of the Treasury by the Bank 
    Secrecy Act. The rule is a key to the creation of a new method for the 
    reporting by depository institutions, on a uniform ``Suspicious 
    Activity Report,'' of suspicious transactions and known or suspected 
    criminal violations; related rules have been or will be adopted by the 
    five federal financial supervisory agencies that examine and regulate 
    the safety and soundness of depository institutions.
    
    EFFECTIVE DATE: April 1, 1996.
    
    FOR FURTHER INFORMATION CONTACT: Pamela Johnson, Assistant Director, 
    Office of Financial Institutions Policy, FinCEN (703) 905-3920; Charles 
    Klingman, Office of Financial Institutions Policy, FinCEN (703) 905-
    3920; Stephen R. Kroll, Legal Counsel, FinCEN (703) 905-3590; or Joseph 
    M. Myers, Attorney-Advisor, Office of Legal Counsel, FinCEN, at (703) 
    905-3590.
    
    SUPPLEMENTARY INFORMATION:
    
    I. Statutory Provisions
    
        The Bank Secrecy Act, Pub. L. 91-508, as amended, codified at 12 
    U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5330, authorizes 
    the Secretary of the Treasury, inter alia, to issue regulations 
    requiring financial institutions to keep records and file reports that 
    are determined to have a high degree of usefulness in criminal, tax, 
    and regulatory matters, and to implement counter-money laundering 
    programs and compliance procedures. Regulations implementing Title II 
    of the Bank Secrecy Act (codified at 31 U.S.C. 5311-5330), appear at 31 
    CFR Part 103. The authority of the Secretary to administer the Bank 
    Secrecy Act has been delegated to the Director of FinCEN.
        The provisions of 31 U.S.C. 5318(g) deal with the reporting of 
    suspicious transactions by financial institutions subject to the Bank 
    Secrecy Act and the protection from liability to customers of persons 
    who make such reports.\1\ Subsection (g)(1) states generally:
    
        \1\ The authority to require reporting of suspicious 
    transactions was added to the Bank Secrecy Act by section 1517 of 
    the Annunzio-Wylie Anti-Money Laundering Act (``Annunzio-Wylie''), 
    Title XV of the Housing and Community Development Act of 1992, Pub. 
    L. 102-550; it was expanded by section 403 of the Money Laundering 
    Suppression Act of 1994 (the ``Money Laundering Suppression Act''), 
    Title IV of the Riegle Community Development and Regulatory 
    Improvement Act of 1994, Pub. L. 103-325, to require designation of 
    a single government recipient for reports of suspicious 
    transactions.
    ---------------------------------------------------------------------------
    
        The Secretary may require any financial institution, and any 
    director, officer, employee, or agent of any financial institution, 
    to report any suspicious transaction relevant to a possible 
    violation of law or regulation.
    
        Subsection (g)(2) provides further:
    
        A financial institution, and a director, officer, employee, or 
    agent of any financial institution, who voluntarily reports a 
    suspicious transaction, or that reports a suspicious transaction 
    pursuant to this section or any other authority, may not notify any 
    person involved in the transaction that the transaction has been 
    reported.
    
        Subsection (g)(3) provides that neither a financial institution, 
    nor any director, officer, employee, or agent
    
    that makes a disclosure of any possible violation of law or 
    regulation or a disclosure pursuant to this subsection or any other 
    authority . . . shall . . . be liable to any person under any law or 
    regulation of the United States or any constitution, law, or 
    regulation of any State or political subdivision thereof, for such 
    disclosure or for any failure to notify the person involved in the 
    transaction or any other person of such disclosure.
    
        Finally, subsection (g)(4) requires the Secretary of the Treasury, 
    ``to the extent practicable and appropriate,'' to designate ``a single 
    officer or agency of the United States to whom such reports shall be 
    made.'' This designation is not to preclude the authority of 
    supervisory agencies to require financial institutions to submit other 
    reports to the same agency ``under any other applicable provision of 
    law.'' 31 U.S.C. 5318(g)(4)(C). The designated agency is in turn 
    responsible for referring any report of a suspicious transaction to 
    ``any appropriate law enforcement or supervisory agency.'' Id., at 
    subsection (g)(4)(B).
    
    II. Notice of Proposed Rulemaking
    
        On September 7, 1995, a notice of proposed rulemaking (the 
    ``Notice''), under the authority contained in 31 U.S.C. 5318(g), 
    relating to the reporting of suspicious transactions by banks and other 
    depository institutions,\2\ was published in the Federal Register (60 
    FR 46,556). Like this final rule, the Notice was published in 
    coordination with the Board of Governors of the Federal Reserve System, 
    the Office of the Comptroller of the Currency, the Federal Deposit 
    Insurance Corporation, the Office of Thrift Supervision, and the 
    National Credit Union Administration (collectively, the ``Supervisory 
    Agencies''). An announcement that the time to comment on the Notice had 
    been extended until November 13, 1995, was published in the Federal 
    Register on October 13, 1995, 60 FR 53,316.
    
        \2\ References to ``bank'' include not only commercial banks, 
    but also thrift institutions, credit unions, other types of 
    depository institutions, and certain other institutions. See 31 CFR 
    103.11(c) (defining ``bank'' for purposes of 31 CFR Part 103).
    ---------------------------------------------------------------------------
    
        The final rule is a key to the creation of a single reporting form, 
    filing point, and data base for all reports of suspicious activity made 
    by depository institutions. (The background of the new system is 
    explained in greater detail in the Notice, see 60 FR at 46557-46558 
    (September 7, 1995).) The sifiling point not only eliminates the need 
    for multiple copies but also permits magnetic filing of reports by most 
    institutions capable of and accustomed to making such filings with the 
    Internal Revenue Service. Finally, the single data base will permit 
    rapid dissemination of reports to appropriate law enforcement agencies, 
    more thorough analysis and tracking of those reports, and, in time, the 
    provision to the financial community of information about trends and 
    patterns gleaned from the information reported.
        Each Supervisory Agency involved has issued or shortly will issue a 
    final rule requiring reporting under its respective authority. The 
    final rules have been conformed to one another, so that a bank will 
    file a suspicious activity report in satisfaction of both the rules of 
    FinCEN and the rules of the applicable Supervisory Agency or Agencies. 
    A significant group of activities are required to be reported both 
    under the authority of 31 U.S.C. 5318(g) and under the Supervisory 
    Agencies' own administrative requirements, but a single filing will 
    suffice to comply with all requirements.
        As indicated above, this final rule becomes effective on April 1, 
    1996, as do the final rules issued by the Supervisory Agencies. 
    
    [[Page 4327]]
    
    
    III. Explanation of Revisions and Summary of Comments
    
    A. Comments on the Notice--Overview
    
        FinCEN received 30 written comments on the Notice. Of these, 14 
    comments were submitted by banks or bank holding companies, seven by 
    banking trade associations, one by a credit union, three by credit 
    union trade associations, three by non-bank financial institutions, one 
    by an ad hoc association of non-bank financial institutions, and one by 
    a practicing attorney on his own behalf.
        The commenters generally applauded the decision to reduce reporting 
    burdens on banks and eliminate the confusion caused by duplicate filing 
    requirements. They also supported efforts to enhance the use of the 
    information submitted by banks about suspicious transactions and noted 
    favorably Treasury's general efforts to work with the financial sector 
    to fashion reasonable and cost-effective rules to prevent money 
    laundering.
        Commenters expressed a variety of concerns relating to five 
    subjects. Four of the subjects--the definition of ``transaction'' 
    (especially the treatment of safe deposit box use), the time for filing 
    of suspicious activity reports, the nature of the records required to 
    be retained by institutions in connection with particular suspicious 
    activity reports and the manner and time period for their retention, 
    and the confidentiality rules for such reports--concerned the 
    operational details of the rule outlined in the Notice. The specifics 
    of the comments are outlined below; suggestions made in the comments on 
    those subjects have been adopted in large part.
        The fifth subject addressed in the comments was the appropriateness 
    of the proposed definition of suspicious transaction itself, especially 
    the provisions of proposed 31 CFR 103.21(a)(2)(iii), which would 
    require reporting generally of transactions that appear to have no 
    business purpose and for which the reporting institution knew of no 
    reasonable explanation. This provision has been retained, with 
    revision, in the final rule. Specific comments on the provision are 
    also discussed below.
        After consideration of all the comments, 31 CFR 103.21, proposed in 
    the Notice, is adopted as revised herein.
    
    B. The Final Rule
    
        While the final rule reflects numerous modifications in response to 
    the comments received on the Notice, the format and substance of the 
    final rule are generally consistent with the rule proposed in the 
    Notice. The changes adopted are intended to improve, clarify, and 
    refine the provisions of the proposed rule that required such 
    modifications, without fundamentally altering the basic policies 
    described in the Notice and reflected in the proposed rule.
        The Notice outlined the importance of the reporting of suspicious 
    transactions to Treasury's anti-money laundering and anti-financial 
    crime programs. See 60 FR at 46,558-59 (September 7, 1995). Treasury is 
    reconfirming, in issuing the final rule, its judgment that reporting of 
    suspicious transactions in a timely fashion is a key component of the 
    flexible and cost-efficient compliance system required to prevent the 
    use of the nation's financial system for illegal purposes. The same 
    judgment underlies Treasury's initiatives to sharply reduce the extent 
    to which ordinary currency transactions are required to be reported 
    with respect to ongoing businesses with a significant business history. 
    Reporting of suspicious transactions is also required by the emerging 
    international consensus defining the most effective methods for 
    fighting international organized crime.
    
    IV. Section-by-Section Analysis
    
    A. 31 CFR 103.11--Definitions
    
        1. 31 CFR 103.11 (qq)--FinCEN. The definition of FinCEN is adopted 
    without change.
        2. 31 CFR 103.11(ii)--Transaction. The Notice proposed to replace 
    the definition of ``transaction in currency'' in the Bank Secrecy Act 
    regulations with a definition of ``transaction'' that reflected the 
    definition of transaction in 18 U.S.C. 1956 (laundering of monetary 
    instruments). The Notice specifically requested comments on the 
    treatment of the use of safe deposit boxes that would result from the 
    proposed change and noted that the proposal was not intended to vary 
    the substance of the requirement to report currency transactions under 
    31 CFR 103.22, other than in the case of deposits of cash in safe 
    deposit boxes.
        a. Appropriateness of New Definition Generally. One group of 
    commenters questioned the appropriateness generally of the adoption for 
    this rule of a definition of transaction based on the definition in the 
    money laundering statute. Those commenters noted that ``Congress 
    drafted this statutory definition broadly in order to criminalize every 
    conceivable type of criminally-derived property [sic] but not with the 
    expectation that it would be used as the basis for imposing a positive 
    reporting obligation on financial institutions.'' They asserted that 
    ``[s]uch a definition simply would not be workable for financial 
    institutions that must comply with regulatory requirements.''
        Treasury believes there is a necessary relationship between the 
    anti-money laundering statute and the Bank Secrecy Act. The extent to 
    which banks should be required to track or monitor certain sorts of 
    transactions will also be addressed in the know-your-customer rules 
    expected to be proposed later this year. Moreover, the ``transaction'' 
    definition in the federal money laundering statute is already 
    necessarily embraced in the existing criminal referral rules.
        b. Treatment of Safe Deposit Boxes. The Notice had specifically 
    requested comment on the decision to include use of a safe deposit box 
    in the definition of transaction. The Notice explained that the 
    definition was included to reflect the fact that in appropriate cases 
    use of a safe deposit box may constitute a transaction under 18 U.S.C. 
    1956, following that statute's amendment to reverse the decision in 
    United States v. Bell, 936 F.2d 337 (7th Cir. 1991).
        Commenters strongly felt that a blanket inclusion of safe deposit 
    box transactions within the ambit of the rule was inadvisable, 
    potentially contrary to state law, and in any event contrary to a long 
    established banking practice that a customer's use of a safe deposit 
    box was a private transaction in which bank employees studiously sought 
    not to interfere. After consideration of the comments, FinCEN has 
    excluded use of a safe deposit box from the transaction definition. 
    Based on present experience, the risk of the use of a safe deposit box 
    by itself as part of a money laundering or similar offense is 
    sufficiently rare that a rule mandating blanket changes in long-
    established banking practices is uncalled for. At the same time, a 
    transaction that involved both the use of a safe deposit box and a use 
    of other banking facilities would be included in the transaction 
    definition to the extent it involved such other facilities. (Of course, 
    use of a safe deposit box by a customer that came to a bank's 
    attention, for example, when a box was entered by a bank pursuant to 
    accepted procedures, would be a candidate for the voluntary reporting 
    contemplated by the second sentence of section 103.21(a).)
        c. Definition of Transaction in Currency. Several commenters 
    requested that the definition of ``transaction in currency'' be 
    retained in 31 CFR 103.11, in order to avoid confusion in the 
    administration of the currency transaction reporting requirement. That 
    definition has been 
    
    [[Page 4328]]
    retained, solely for purposes of the reporting rule in 31 CFR 103.22.
        d. Investment Securities. One commenter pointed out that the 
    proposed definition failed to take account of the fact that the Bank 
    Secrecy Act definition of monetary instrument, unlike the 18 U.S.C. 
    1956 definition, includes only bearer instruments. The final rule adds 
    the term ``investment security'' to the definition of transaction, as a 
    cross reference to the definition of investment security in 31 CFR 
    103.11(t).
    
    B. 31 CFR 103.21--Reports of Suspicious Transactions
    
        1. 31 CFR 103.21(a). Subsection (a) contains the general statement 
    of the obligation to file a suspicious activity report, and a general 
    definition of the term ``suspicious transaction.'' The obligation 
    extends only to transactions conducted or attempted by, at, or through 
    a bank; transactions are reportable under this rule and 31 U.S.C. 
    5318(g) whether or not they involve currency.
        Paragraph (a)(1) states, in its first sentence, that section 103.21 
    implements the regulatory authority granted to the Secretary of the 
    Treasury by 31 U.S.C. 5318(g). Language has been added to the sentence 
    to make it clear that the reporting of transactions ``relevant to a 
    possible violation of law or regulation'' is required only to the 
    extent specified in the rule. A second sentence has been added to 
    encourage the reporting of transactions as so relevant, even in cases 
    in which the rule does not explicitly so require, for example in the 
    case of use of a safe deposit box or with respect to a transaction 
    below the $5,000 threshold added to the rule, as discussed below. As 
    also discussed below, such a voluntary report (that is, the report of a 
    suspicious transaction relevant to a possible violation of law or 
    regulation, in circumstances not required by the rule) is fully covered 
    by the rules relating to non-disclosure and protection against 
    liability specified in 31 U.S.C. 5318 (g)(2) and (g)(3) and in 31 CFR 
    103.21(e) (added by the final rule).
        The proposed rule designated three classes of transactions as 
    requiring reporting. The first class, described in subparagraph 
    (a)(2)(i), includes transactions either involving funds derived from 
    illegal activity or intended or conducted in order to hide or disguise 
    funds or assets derived from illegal activity. The second class, 
    described in subparagraph (a)(2)(ii), involves transactions designed to 
    evade the requirements of the Bank Secrecy Act. The third class, 
    described in subparagraph (a)(2)(iii), involves transactions that 
    appear to have no business purpose or that vary so substantially from 
    normal commercial activities or activities appropriate for the 
    particular customer or class of customer as to have no reasonable 
    explanation.
        Commenters raised a number of questions about the terms of the 
    proposed definition in paragraph (a)(2). First, they sought to limit 
    the terms in which knowledge would be ascribed to a bank by questioning 
    a standard that called for reporting when a bank ``knows, suspects, or 
    has reason to suspect'' that a transaction requires reporting. The use 
    of the term is intended to introduce a concept of due diligence into 
    the reporting procedures. As part of the general conforming of the 
    rules of FinCEN and the Supervisory Agencies, the same standards have 
    been adopted by each agency.
        Second, the Notice asked for the industry's position as to whether 
    monetary thresholds should be created for reporting Bank Secrecy Act 
    and money laundering violations. Many commenters sought the addition of 
    a threshold for reporting transactions, while several other commenters 
    argued against thresholds. FinCEN has determined to add a $5,000 
    threshold to the reporting rule, so that reports are now required only 
    for a transaction (or, as explained below, a series of transactions) 
    that involve at least that amount in funds or assets and that otherwise 
    satisfy the terms of the rule. Adoption of this threshold is intended 
    to reduce the burden of reporting and to conform the treatment of money 
    laundering and related transactions to that of other situations in 
    which reporting is required by the Supervisory Agencies. As a 
    concomitant to the creation of a threshold, language has been added to 
    make it clear that related transactions ``aggregating'' $5,000 or more 
    may be reportable.
        Several commenters also objected to the requiring of reports of 
    ``attempted'' transactions, on the ground that an attempted transaction 
    may neither be sufficiently obvious to draw a bank's attention nor to 
    generate the sorts of records necessary to complete the report. FinCEN 
    recognizes that these situations may arise and that the standards 
    applied to reporting of attempts must necessarily be somewhat more 
    flexible than those requiring reporting of completed transactions. 
    However, the reporting of ``attempts'' has been required in the 
    criminal referral reports that have evolved into the suspicious 
    activity report, and the requirement to report attempts has been 
    retained in the final rule.
        The proposed rule required reporting of transactions conducted or 
    attempted ``by, at, or through, or otherwise involving'' a bank. 
    Several commenters objected to the inclusion in the rule of the words 
    ``otherwise involving'' because their meaning was unclear and provided 
    insufficient guidance for bank officials. The phrase has been deleted.
        2. Subparagraph (a)(2)(i). Several commenters questioned whether 
    the requirement to report transactions involving funds derived from 
    illegal activity that are conducted in order to hide or disguise funds 
    or assets derived from illegal activity extended to all illegal 
    activity or only to activity that was illegal under federal law. 
    Language has been added to specify plainly that only activity that is 
    in violation of federal law or regulation is covered by the 
    requirement. Such a limitation does not, of course, make violation of 
    state law irrelevant, especially in the many cases under 18 U.S.C. 
    1956, 1957 or 1960 in which violations of state law can serve as a 
    predicate for a federal offense.
        3. Subparagraph (a)(2)(ii). No comments were directed specifically 
    toward subparagraph (a)(2)(ii), and that subparagraph is unchanged, 
    except for a revised reference to the Bank Secrecy Act.
        4. Subparagraph (a)(2)(iii). As proposed in the Notice, 
    subparagraph (a)(2)(iii) required reporting of a transaction if:
    
    the transaction appears to have no business purpose, the transaction 
    varies from the normal methods of financial commerce, or the 
    transaction is not the sort in which the particular customer or 
    class of customer would normally be expected to engage, and, in each 
    case, the bank knows of no reasonable explanation for the 
    transaction.
    
    Although a number of commenters opposed the reporting of transactions 
    that could not definitively be linked to wrongdoing, FinCEN believes 
    that a suspicious transaction reporting rule appropriately can and 
    indeed must include a requirement for the reporting of transactions 
    that vary so substantially from normal practice that they legitimately 
    can and should raise suspicions of possible illegality. Unlike many 
    criminal acts, money laundering involves the taking of apparently 
    lawful steps--opening bank accounts, wiring funds, or investing or 
    reinvesting assets--for an unlawful purpose. A skillful money launderer 
    will often split the movement of funds between several institutions so 
    that no one institution can have a complete picture of the transactions 
    or funds movement 
    
    [[Page 4329]]
    involved. Although a number of commenters objected to the standard, 
    others viewed the standard as a workable compromise between the 
    competing needs of enforcement and the financial system and, in one 
    case, as consistent with the advice and training already given to line 
    staff at the commenter's money center bank.
        In addition, as indicated in the Notice, subparagraph (a)(2)(iii) 
    recognizes the emerging international consensus that efforts to deter, 
    substantially reduce, and eventually eradicate money laundering are 
    greatly assisted by the reporting of suspicious transactions by banks. 
    The require-ments of this section comply with the recommendations 
    adopted by multilateral organizations in which the United States is an 
    active participant, including the Financial Action Task Force of G-7 
    nations and the Organization of American States, and are consistent 
    with the European Community's directive on preventing money laundering 
    through financial institutions.
        Although the basic standard has been retained, a number of changes 
    have been made in response to specific comments on the Notice. First, 
    the structure of the paragraph (a)(2) now makes it clear that all three 
    subparagraphs in the suspicious transaction definition are qualified by 
    the standard that the bank must ``know, suspect, or have reason to 
    suspect'' that the reportable events have occurred. Second, the 
    description of transactions that ``vary from the normal methods of 
    financial commerce'' has been deleted because the phrase provided 
    insufficient guidance to reporting institutions and was comprehended to 
    the extent relevant by the ``no business purpose'' language of the 
    preceding clause. Third, the specification of transactions in which the 
    ``class of customer'' involved would not be expected to engage has been 
    deleted, in response to concerns that the language unintentionally 
    created a need for comparisons among groups of customers based on their 
    personal characteristics. Fourth, the language has been altered to 
    require reporting of transactions that appear to have no business ``or 
    apparent lawful purpose''; the exception for transactions for which the 
    bank knows of a reasonable explanation has been clarified to specify 
    that knowledge of such an explanation requires an examination by the 
    bank of the available facts, including factors such as the background 
    and possible purpose of the transaction.
        It remains true, as indicated in the Notice, that determinations as 
    to whether a report is required must be based on all the facts and 
    circumstances relating to the transaction and bank customer in 
    question. Different fact patterns will require different types of 
    judgments. In some cases, the facts of the transaction may clearly 
    indicate the need to report. For example, continued payments or 
    withdrawals of currency in amounts each beneath the currency 
    transaction reporting threshold applicable under 31 CFR 103.22, or 
    multiple exchanges of small denominations of currency into large 
    denominations of currency, can indicate that a customer is involved in 
    suspicious activity. Similarly, the fact that a customer refuses to 
    provide information necessary for the bank to make reports or keep 
    records required by this Part or other regulations, provides 
    information that a bank determines to be false, or seeks to change or 
    cancel the transaction after such person is informed of reporting 
    requirements relevant to the transaction or of the bank's intent to 
    file reports with respect to the transaction, would all indicate that a 
    Suspicious Activity Report (``SAR'') should be filed.
        In other situations a more involved judgment may need to be made 
    whether a transaction is suspicious within the meaning of the rule. 
    Transactions that raise the need for such judgments may include, for 
    example, (i) funds transfers, payments or withdrawals that are not 
    commensurate with the stated business or other activity of the person 
    conducting the transaction or on whose behalf the transaction is 
    conducted; (ii) transmission or receipt of funds transfers without 
    normal identifying information or in a manner that indicates an attempt 
    to disguise or hide the country of origin or destination or the 
    identity of the customer sending the funds or of the beneficiary to 
    whom the funds are sent; or (iii) repeated use of an account as a 
    temporary resting place for funds from multiple sources without a clear 
    business purpose therefor. The judgments involved will also extend to 
    whether the facts and circumstances and the institution's knowledge of 
    its customer provide a reasonable explanation for the transaction that 
    removes it from the suspicious category.
        5. 31 CFR 103.21(b). Subsection (b) sets forth the filing 
    procedures to be followed by banks making reports of suspicious 
    transactions. Reports are to be made within 30 calendar days of the 
    initial detection of the suspicious transaction, by completing a SAR 
    and filing it in a central location, to be determined by FinCEN. An 
    additional 30 days is permitted in order to enable a bank to identify a 
    suspect, but in no event may a SAR be filed after 60 days after the 
    initial detection of the reportable transaction. The general timing 
    rule has been changed so that the period for filing runs not from the 
    date of the transaction being reported, but from the date of the 
    ``initial detection'' of facts that may constitute a basis for the 
    filing of a SAR; in many cases the two dates will be the same, but in 
    others, where the transaction is detected by the bank's compliance 
    screening systems, the dates may differ. If the bank's own internal 
    investigation is still ongoing when filing is required the form filed 
    may so indicate, but the form must nonetheless be filed within the 
    periods specified in the rule. FinCEN recognizes that it is always 
    difficult to apply general timing rules to every possible situation in 
    which reporting may be required or reportable activity detected, and it 
    believes that the change made in the rule adequately balances the need 
    to recognize the crucial importance of bank screening systems and to 
    provide clear deadlines for reporting. FinCEN is prepared to consider 
    further changes in the timing rules if experience dictates a need 
    therefor, but it also believes that timely reporting is essential.
        Several commenters requested that a change be made in the 
    requirement in the Notice that banks provide immediate telephone notice 
    of ongoing violations to ``the'' appropriate law enforcement agency (in 
    addition to filing the form as required). As requested, the language 
    has been revised to require notice to ``an'' appropriate law 
    enforcement agency.
        The new filing procedures represent a significant improvement over 
    the procedures currently followed by banks filing criminal referral 
    forms. There is no longer any requirement to file multiple copies of 
    forms with multiple agencies, and no requirement to file supporting 
    documentation with the SAR itself.
        6. 31 CFR 103.21(c). Subsection (c) continues in effect the 
    longstanding exception from the obligation to file in the case of a 
    robbery or burglary that is otherwise reported to appropriate law 
    enforcement authorities. In response to a comment, the second 
    longstanding exception contained in the rules of the Supervisory 
    Agencies for reports of stolen securities has also been repeated in 
    this rule. Treasury and the Supervisory Agencies recognize that bank 
    robbery and burglary require the immediate attention of the appropriate 
    police authorities, and are not the types of crimes about which this 
    regulation is directly concerned.
        7. 31 CFR 103.21(d). Subsection (d) states the obligation of filing 
    banks to maintain copies of SARs and their 
    
    [[Page 4330]]
    supporting documentation following the date of filing. This provision 
    is intended to relieve banks of the need physically to transmit 
    supporting documentation previously required to be filed with criminal 
    referral reports without altering the utility or availability of the 
    supporting documentation to the Supervisory Agencies or law enforcement 
    agencies as needed. The supporting documentation is a part of the SAR 
    and is held by the bank (in effect as agent for the Supervisory 
    Agencies and FinCEN), to avoid requiring often significant masses of 
    paper immediately to be transmitted to investigators or examiners. 
    Thus, identi-fication of supporting documentation must be made at the 
    time the SAR is filed, and such supporting documentation is deemed 
    filed with a SAR in accordance with this paragraph of the final rule; 
    as such, FinCEN, the Supervisory Agencies, and law enforcement 
    authorities need not make their access requests through subpoena or 
    other legal processes.
        Several significant changes requested by commenters in the record 
    retention requirements have been made. First, the time for which 
    retention is required has been reduced from 10 years to five years (the 
    general period for record retention required under the Bank Secrecy 
    Act); a provision authorizing FinCEN to permit earlier destruction has 
    been deleted as unnecessary in light of the reduction of the retention 
    period to five years generally. Second, the wording has been changed to 
    permit record retention in either paper form or in accordance with the 
    bank's general recordkeeping procedures, even if those procedures call 
    for record maintenance in electronic rather than paper form. FinCEN 
    recognizes that a bank will not always have custody of the originals of 
    documents and that some documents will not exist at the bank in paper 
    form. In those cases, preservation of the best available evidentiary 
    documents (for example, computer disks or photocopies) should be 
    acceptable. This has been reflected in the final rule by changing the 
    reference to original documents to ``original document or business 
    record equivalents.''
        The Notice referred both to documents ``supporting'' and documents 
    ``related'' to the SAR. Many commenters found this dual reference 
    confusing. FinCEN believes that the use of the word ``supporting'' is 
    more precise and limits the scope of the information which must be 
    retained to that which would be useful in explaining the terms of and 
    parties to any suspicious transaction reported on a SAR. It is 
    anticipated that banks will use their judgment in determining the 
    information to be retained in light of the purposes of the reporting 
    requirement. It is impossible to catalogue the precise types of 
    information covered by this requirement, as the nature of the 
    documentation that will ``support'' the determination embodied in a SAR 
    necessarily depends upon the facts of a particular case.
        8. 31 CFR 103.21(e). Subsection (e) incorporates the terms of 31 
    U.S.C. 5318 (g)(2) and (g)(3). This subsection thus specifically 
    prohibits those filing SARs from making any disclosure, except to 
    authorized law enforcement and regulatory agencies, about either the 
    reports themselves, the information contained therein, or the 
    supporting documentation (in the latter case if the supporting 
    documentation indicates in any way that it is related to a SAR). This 
    subsection thus also restates the broad protection from liability for 
    making reports of suspicious transactions, and for failures to disclose 
    the fact of such reporting, contained in the statute. As pointed out in 
    the Notice, the regulatory provisions do not extend the scope of either 
    the statutory prohibition or the statutory protection; however, because 
    Treasury recognizes the importance of these statutory provisions to the 
    overall effort to encourage meaningful reports of suspicious 
    transactions, they are described in the regulation in order to remind 
    compliance officers and others of their existence. The terms of 
    subsection (e) have been revised to clarify that the protection of the 
    statute, as well as the statutory prohibition against disclosures of 
    filing, extends to voluntary reports of suspicious activity as well as 
    those reports required by the final rule.
        A number of commenters sought guidance about whether the statutory 
    prohibitions against disclosure extended to subpoenas from third 
    parties in civil litigation. FinCEN believes that the nondisclosure 
    provisions of the statute extend to requests via subpoenas seeking 
    SARs; as noted, the nondisclosure rule does not apply to supporting 
    documentation, so long as no material in the supporting documentation 
    produced in response to a subpoena or other process indicates its 
    relationship to a SAR. The final rule adds a requirement that requests 
    for a SAR or the information contained therein should be reported to 
    FinCEN. (Under the rules of the Supervisory Agencies, reporting of such 
    requests to those Agencies is also required.)
        9. 31 CFR 103.21(f). Subsection (f) notes that compliance with the 
    obligation to report suspicious transactions will be audited, and 
    provides that failure to comply with the rule may constitute a 
    violation of the Bank Secrecy Act and the Bank Secrecy Act regulations. 
    The substitution of the word ``may'' for the word ``shall'' is intended 
    to indicate that the decision whether a failure to report a transaction 
    in fact constitutes a Bank Secrecy Act violation will necessarily 
    depend upon the facts of each situation. FinCEN anticipates that in 
    general the area for inquiry in the case of failure to report will 
    center upon both the facts of the particular failure and what the 
    failure indicates about the bank's compliance systems and attention to 
    the Bank Secrecy Act rules generally.
        The Notice also stated that compliance with the obligation to 
    report suspicious transactions would have no direct bearing on a bank's 
    potential exposure under the criminal provisions of Title 18 of the 
    U.S. Code. One commenter argued that any such statement was a bar to 
    cooperation and urged the Department of the Treasury and the Justice 
    Department to create safe harbors from criminal liability in cases in 
    which SARs are filed.
        The sentence questioned by the commenter was intended simply as a 
    reminder that the language of the ``safe harbor'' provisions of 31 
    U.S.C. 5318(g) does not by its terms protect against criminal 
    prosecutions. The sentence has been deleted in response to the comment, 
    but its deletion in no way alters the scope of the statute.
        Finally, a mistaken reference to Title 15 of the Code of Federal 
    Regulations has been deleted.
    
    C. Other Comments
    
        1. Closing Accounts. FinCEN invited comment concerning the guidance 
    that is appropriate in connection with a bank's decision, after filing 
    a report concerning a particular customer, whether to terminate its 
    relationship with that customer. Treasury continues to believe that 
    unless instructed by an authorized official in writing, this is a 
    decision which must be made by the financial institution.
        2. Non-Bank Financial Institutions. Several comments were filed on 
    behalf of non-bank financial institutions concerned that the rules 
    embodied in the Notice would be extended to such institutions. Those 
    comments were considered to the extent relevant to the Notice and will 
    be held for consideration when rules are proposed governing such 
    institutions.
    
    V. Regulatory Flexibility Act.
    
        FinCEN certifies that this regulation will not have a significant 
    financial 
    
    [[Page 4331]]
    impact on a substantial number of small depository institutions.
    
    VI. Paperwork Reduction Act
    
        The collection of information contained in this rule has been 
    reviewed by the Office of Management and Budget (OMB) in accordance 
    with the Paperwork Reduction Act of 1995, 44 U.S.C. 3507(d).
        The collection of information requirements in this rule are found 
    in 31 CFR 103.21, as issued in final form herein. This information is 
    mandatory and is necessary to inform appropriate law enforcement and 
    bank supervisory agencies of suspicious transactions involving or that 
    take place at or through depository institutions. Information collected 
    hereunder is confidential, see 31 U.S.C. 5318(g), and may be used by 
    FinCEN, the federal financial institution regulatory agencies, federal 
    law enforcement agencies and, where appropriate, state law enforcement 
    and bank supervisory agencies. The respondent recordkeepers are for-
    profit financial institutions, including small businesses.
        FinCEN may not conduct or sponsor, and an organization is not 
    required to respond to, this information collection unless it displays 
    a currently valid OMB control number. The OMB control number is 1506-
    0001.
        No comments specifically addressing the hour burden for filing the 
    SAR were received.
        FinCEN estimates that there will be 15,000 responses from banks 
    subject to the Bank Secrecy Act.
        The revisions made to the final rule from the proposed rule 
    published in the Notice simplify the submission of the reporting form 
    and shorten the records retention period. However, the same amount of 
    information will be collected under the final rule as under the 
    proposed rule published in the Notice. The burden per respondent varies 
    depending on the nature of the suspicious transaction being reported. 
    FinCEN estimates that the average annual burden for reporting and 
    recordkeeping per response will be 1 hour. Thus, FinCEN estimates the 
    total annual hour burden to be 15,000 hours. However, this burden will 
    not result in additional cost to the public because the same 
    information is required to be filed by one or more of the Supervisory 
    Agencies, and a single filing will satisfy all filing requirements.
        Comments regarding the burden estimate, or any aspect of this 
    collection of information, including suggestions for reducing the 
    burden, should be sent to Office of Regulatory Policy and Enforcement, 
    FinCEN, and to the Office of Management and Budget, Paperwork Reduction 
    Project (7100-0212), Washington, D.C. 20503.
    
    VII. Executive Order 12866
    
        The Department of the Treasury has determined that this rule is not 
    a significant regulatory action under Executive Order 12866.
    
    VIII. Unfunded Mandates Act of 1995 Statement
    
        Section 202 of the Unfunded Mandates Reform Act of 1995, Pub. L. 
    104-4 (Unfunded Mandates Act), March 22, 1995, requires that an agency 
    prepare a budgetary impact statement before promulgating a rule that 
    includes a federal mandate that may result in expenditure by state, 
    local and tribal governments, in the aggregate, or by the private 
    sector, of $100 million or more in any one year. If a budgetary impact 
    statement is required, section 202 of the Unfunded Mandates Act also 
    requires an agency to identify and consider a reasonable number of 
    regulatory alternatives before promulgating a rule. FinCEN has 
    determined that it is not required to prepare a written statement under 
    section 202 and has concluded that on balance this rule provides the 
    most cost-effective and least burdensome alternative to achieve the 
    objectives of the rule.
    
    List of Subjects in 31 CFR Part 103
    
        Administrative practice and procedure, Authority delegations 
    (Government agencies), Banks, banking, Currency, Investigations, Law 
    enforcement, Reporting and recordkeeping requirements.
    
    Amendment
    
        For the reasons set forth above in the preamble, 31 CFR Part 103 is 
    amended as set forth below:
    
    PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
    FOREIGN TRANSACTIONS
    
        1. The authority citation for Part 103 is revised to read as 
    follows:
    
        Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5330.
    
        2. Section 103.11 as amended at 60 FR 228 and 44144 effective April 
    1, 1996, is further amended by revising paragraph (ii) and adding 
    paragraph (qq) to read as follows:
    
    
    Sec. 103.11  Meaning of terms.
    
    * * * * *
        (ii) Transaction. (1) Except as provided in paragraph (ii)(2) of 
    this section, transaction means a purchase, sale, loan, pledge, gift, 
    transfer, delivery or other disposition, and with respect to a 
    financial institution includes a deposit, withdrawal, transfer between 
    accounts, exchange of currency, loan, extension of credit, purchase or 
    sale of any stock, bond, certificate of deposit, or other investment 
    security or monetary instrument, or any other payment, transfer, or 
    delivery by, through, or to a financial institution, by whatever means 
    effected.
        (2) For purposes of Sec. 103.22, and other provisions of this part 
    relating solely to the report required by that section, the term 
    ``transaction in currency'' shall mean a transaction involving the 
    physical transfer of currency from one person to another. A transaction 
    which is a transfer of funds by means of bank check, bank draft, wire 
    transfer, or other written order, and which does not include the 
    physical transfer of currency, is not a transaction in currency for 
    this purpose.
    * * * * *
        (qq) FinCEN. FinCEN means the Financial Crimes Enforcement Network, 
    an office within the Office of the Under Secretary (Enforcement) of the 
    Department of the Treasury.
    
    
    Sec. 103.21  [Redesignated as Sec. 103.20]
    
        3. Section 103.21 is redesignated as Sec. 103.20.
        4. New Sec. 103.21 is added to read as follows:
    
    
    Sec. 103.21  Reports by banks of suspicious transactions.
    
        (a) General. (1) Every bank shall file with the Treasury 
    Department, to the extent and in the manner required by this section, a 
    report of any suspicious transaction relevant to a possible violation 
    of law or regulation. A bank may also file with the Treasury Department 
    by using the Suspicious Activity Report specified in paragraph (b)(1) 
    of this section or otherwise, a report of any suspicious transaction 
    that it believes is relevant to the possible violation of any law or 
    regulation but whose reporting is not required by this section.
        (2) A transaction requires reporting under the terms of this 
    section if it is conducted or attempted by, at, or through the bank, it 
    involves or aggregates at least $5,000 in funds or other assets, and 
    the bank knows, suspects, or has reason to suspect that:
        (i) The transaction involves funds derived from illegal activities 
    or is intended or conducted in order to hide or disguise funds or 
    assets derived from illegal activities (including, without limitation, 
    the ownership, nature, source, location, or control of such 
    
    [[Page 4332]]
    funds or assets) as part of a plan to violate or evade any federal law 
    or regulation or to avoid any transaction reporting requirement under 
    federal law or regulation;
        (ii) The transaction is designed to evade any requirements of this 
    part or of any other regulations promulgated under the Bank Secrecy 
    Act, Pub. L. 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 
    1951-1959, and 31 U.S.C. 5311-5330; or
        (iii) The transaction has no business or apparent lawful purpose or 
    is not the sort in which the particular customer would normally be 
    expected to engage, and the bank knows of no reasonable explanation for 
    the transaction after examining the available facts, including the 
    background and possible purpose of the transaction.
        (b) Filing procedures--(1) What to file. A suspicious transaction 
    shall be reported by completing a Suspicious Activity Report (``SAR''), 
    and collecting and maintaining supporting documentation as required by 
    paragraph (d) of this section.
        (2) Where to file. The SAR shall be filed with FinCEN in a central 
    location, to be determined by FinCEN, as indicated in the instructions 
    to the SAR.
        (3) When to file. A bank is required to file a SAR no later than 30 
    calendar days after the date of initial detection by the bank of facts 
    that may constitute a basis for filing a SAR. If no suspect was 
    identified on the date of the detection of the incident requiring the 
    filing, a bank may delay filing a SAR for an additional 30 calendar 
    days to identify a suspect. In no case shall reporting be delayed more 
    than 60 calendar days after the date of initial detection of a 
    reportable transaction. In situations involving violations that require 
    immediate attention, such as, for example, ongoing money laundering 
    schemes, the bank shall immediately notify, by telephone, an 
    appropriate law enforcement authority in addition to filing timely a 
    SAR.
        (c) Exceptions. A bank is not required to file a SAR for a robbery 
    or burglary committed or attempted that is reported to appropriate law 
    enforcement authorities, or for lost, missing, counterfeit, or stolen 
    securities with respect to which the bank files a report pursuant to 
    the reporting requirements of 17 CFR 240.17f-1.
        (d) Retention of records. A bank shall maintain a copy of any SAR 
    filed and the original or business record equivalent of any supporting 
    documentation for a period of five years from the date of filing the 
    SAR. Supporting documentation shall be identified, and maintained by 
    the bank as such, and shall be deemed to have been filed with the SAR. 
    A bank shall make all supporting documentation available to FinCEN and 
    any appropriate law enforcement agencies or bank supervisory agencies 
    upon request.
        (e) Confidentiality of reports; limitation of liability. No bank or 
    other financial institution, and no director, officer, employee, or 
    agent of any bank or other financial institution, who reports a 
    suspicious transaction under this part, may notify any person involved 
    in the transaction that the transaction has been reported. Thus, any 
    person subpoenaed or otherwise requested to disclose a SAR or the 
    information contained in a SAR, except where such disclosure is 
    requested by FinCEN or an appropriate law enforcement or bank 
    supervisory agency, shall decline to produce the SAR or to provide any 
    information that would disclose that a SAR has been prepared or filed, 
    citing this paragraph (e) and 31 U.S.C. 5318(g)(2), and shall notify 
    FinCEN of any such request and its response thereto. A bank, and any 
    director, officer, employee, or agent of such bank, that makes a report 
    pursuant to this section (whether such report is required by this 
    section or is made voluntarily) shall be protected from liability for 
    any disclosure contained in, or for failure to disclosure the fact of 
    such report, or both, to the full extent provided by 31 U.S.C. 
    5318(g)(3).
        (f) Compliance. Compliance with this section shall be audited by 
    the Department of the Treasury, through FinCEN or its delegees under 
    the terms of the Bank Secrecy Act. Failure to satisfy the requirements 
    of this section shall be a violation of the reporting rules of the Bank 
    Secrecy Act and of this part. Such failure may also violate provisions 
    of Title 12 of the Code of Federal Regulations.
    
        Dated: January 30, 1996.
    Stanley E. Morris,
    Director, Financial Crimes Enforcement Network.
    [FR Doc. 96-2272 Filed 2-2-96; 8:45 am]
    BILLING CODE 4820-03-P
    
    

Document Information

Effective Date:
4/1/1996
Published:
02/05/1996
Department:
Treasury Department
Entry Type:
Rule
Action:
Final rule.
Document Number:
96-2272
Dates:
April 1, 1996.
Pages:
4326-4332 (7 pages)
RINs:
1506-AA13: Amendment to the Bank Secrecy Act Regulations--Requirement To Report Suspicious Transactions
RIN Links:
https://www.federalregister.gov/regulations/1506-AA13/amendment-to-the-bank-secrecy-act-regulations-requirement-to-report-suspicious-transactions
PDF File:
96-2272.pdf
CFR: (2)
31 CFR 103.11
31 CFR 103.21