AGENCY:

National Credit Union Administration (NCUA).

ACTION:

Notice and request for comments.

SUMMARY:

The NCUA, as part of their continuing effort to reduce paperwork and respondent burden, invite the general public and other Federal agencies to take this opportunity to comment on information collections, as required by the Paperwork Reduction Act of 1995. NCUA is soliciting comments concerning the Suspicious Activity Report (SAR). As Bank Secrecy Act (BSA) administrator, the Financial Crimes Enforcement Network (FinCEN) transitioned from a system originally designed for collecting industry specific paper forms to a modernized information technology environment centered on electronic reporting. Based on financial institution type, depository institutions, broker-dealers in securities, futures commission merchants and introducing brokers in commodities, insurance companies, mutual funds, money services businesses, and casinos currently filed reports on four separate forms. FinCEN's objective is to have one electronically-filed dynamic and interactive BSA-SAR that will be used by all filing institutions to report suspicious activity as of April 1, 2013.

There are no proposed changes to the regulatory reporting criteria for information collection. Federally insured credit unions will continue to follow the regulation, interagency guidance, and filing instructions to determine when a report should be filed and what information should be included on the report.

DATES:

Written comments should be received on or before September 30, 2013.

ADDRESSES:

Interested parties are invited to submit written comments to the NCUA Contact and the OMB Reviewer listed below:

NCUA Contact: Tracy Crews, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428, Fax No. 703-837-2861, Email: OCIOPRA@ncua.gov.

OMB Contact: Office of Management and Budget, ATTN: Desk Officer for the National Credit Union Administration, Office of Information and Regulatory Affairs, Washington, DC 20503.

FOR FURTHER INFORMATION CONTACT:

Requests for additional information, a copy of the collection, or a copy of submitted comments should be directed to Tracy Crews at the National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314-3428, or at (703) 518-6444.

SUPPLEMENTARY INFORMATION:

The interactive BSA-SAR includes several new data fields and introduces data fields from the SARs of other industries. On March 29, 2012, FinCEN released guidance ^[1] titled, “Filing FinCEN's new Currency Transaction Report and Suspicious Activity Report”. This guidance clarified expectations and notes that FinCEN is making available additional and more specific data elements (i.e., characterizations of suspicious activity and types of financial services) as a more efficient way to bring information about suspicious activity to the attention of FinCEN and law enforcement. The guidance clarified the addition of new and expanded data elements; however, the guidance does not create an expectation that financial institutions will revise internal programs, or develop new programs, to capture Start Printed Page 53786information that reflects the expanded lists.

Additional information about the paperwork burden associated with these requirements, including statutory and regulatory history, a description of the reporting requirements, and how the estimated total annual burden was calculated, is discussed below.

Background and Justification

Since 1996, the federal banking agencies ^[2] and FinCEN have required certain types of financial institutions to report known or suspected violations of law and suspicious transactions. To fulfill these requirements, supervised credit unions file a SARs.^[3] Law enforcement agencies use the information submitted on the reporting form to initiate investigations and NCUA staff use the information in the examination and oversight of supervised institutions.

The NCUA's suspicious activity reporting rules apply to all federally insured credit unions. The NCUA is only responsible for the paperwork burden imposed on these institutions. Other federal banking agencies account for the paperwork burden for the institutions they supervise. The annual burden per respondent varies depending on the nature of the activity being reported.

The suspicious activity report filing requirement became effective on April 1, 1996. Prior to the effective date, the NCUA, the other federal banking agencies, and FinCEN each issued new and nearly identical rules mandating the use of the interagency Suspicious Activity Report by Depository Institutions (SAR-DI) for the reporting of suspicious activities. In separate actions, FinCEN also enacted regulations requiring other types of financial institutions, such as brokers or dealers in securities and futures; money services businesses (money transmitters; issuers and sellers of money orders and travelers' checks; check cashers, and dealers in foreign exchange); casinos and card clubs; and insurance companies to file reports on suspicious activities.

In January 2003, check boxes were added to Part III of the SAR-DI to note terrorist financing and identity theft as suspicious activities and the safe harbor language in the instructions was updated to reflect changes made by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001. In 2006, the SAR-DI form was revised to support a new joint filing initiative aimed at reducing the total number of duplicate reports filed for a single suspicious transaction. On May 1, 2007, FinCEN published a Federal Register notice (72 FR 23891) ^[4] announcing the delayed implementation of these revisions, which ultimately were never implemented.

On July 15, 2011, FinCEN received final approval of the BSA-SAR ^[5] from the Office of Management and Budget which concluded FinCEN's October 15, 2010, request for comment.

Description of Information Collection

Federally insured credit unions follow the SAR instructions to determine when a SAR should be filed and what information should be included on the SAR.

Proposed Revisions

The BSA-SAR would integrate four institution specific SARs into one universal data collection. The previous five parts of the SAR-DI remain with changes to their titles and placement in order of completion.

The proposed BSA-SAR is described below by form Part. Fields from other industry SARs that may be new to depository institutions as well as specific data fields that are new to all types of industry filers have been identified. In the description provided below, questions for which an answer must be provided (referred to as “critical fields”) are identified with the * symbol in front of the data element number.

Type of Filing

Field 1 is the Type of Filing and it would require the filer to designate the category that best describes the filing from the choices of:

* 1. Check all that apply—a. Initial report; b. Correct/amend prior report; c. Continuing activity report; d. Joint report; e. Prior report document control/file number if 1b or 1c are checked

On the current SAR-DI there is only one choice in data field 1 for those reports that corrected a prior report.

Part I: Subject Information

Part I is titled Subject Information and would require the filer to provide information for each subject involved in the suspicious activity. Subject Information is titled Suspect Information on the current SAR-DI. As with the existing SAR-DI, multiple subjects may be included in Part I.

Each of the critical fields (*) in this Part have a new check box that may be used if the information is unknown. If that box is checked, the filer would not need to enter any information in that field.

In Part I, with the exception of the unknown check box, these data fields would remain the same with no additions or changes from the SAR-DI:

* 3.Individual's last name or entity's legal name—a. (check if) unknown

* 4. First name—a. (check if) unknown

5. Middle initial (middle name for electronic filers)

7. Occupation or type of business

* 8. Address—a. (check if) unknown

* 9. City—a. (check if) unknown

* 10. State—a. (check if) unknown

* 11. ZIP/Postal Code—a. (check if)

* 12. Country Code—a. (check if) unknown

* 13. TIN—a. (check if) unknown

* 16. Date of birth mm/dd/yyyy—a. (check if) unknown

Listed below are the remaining data fields in Part I that would be considered new data fields or data fields that would be modified.

2. Check—a. If entity; b. If all critical (*) subject information is unavailable (If 2b is checked this Part may be left blank)

5a. Gender—b. (Check if) Male; c. (Check if) Female; d. (Check if) Unknown

6. Alternate name, e.g. AKA for an Individual or DBA for an Entity

7a. NAICS Code (North American Industry Classification system code that corresponds to 7)

14. TIN type (* if 13 is completed)—a. EIN; b. SSN-ITIN; c. Foreign

* 15. Form of identification for subject—a. (check if) unknown (or not obtained); b. (check if) Driver's license/state ID; c. (check if) Passport; d. (check if) Alien registration; e. Number; f. Issuing state; g. Issuing country; z. (check if) Other

17. Phone number type—a. (check if) Home; b. (check if) Work; c. (check if) Mobile; d. (check if) Fax

18. Phone number—a. Extension (if any)

19. Email address (if available)

19a. Web site (URL) address (if available)

20. Corroborative statement to filer?—a. (check if) Yes; b. (check if) No (This Start Printed Page 53787was Admission/Confession on the SAR-DI)

21. Relationship of the subject to the filing institution (check all that apply)—a. Institution TIN; b. Accountant; c. Agent; d. Appraiser; e. Attorney; f. Borrower; g. Customer; h. Director; i. Employee; j. No relationship to institution; k. Officer; l. Owner or Controlling Shareholder; z. Other

22. If item 21h, 21i, 21j, or 21k is checked, indicate status of relationship—a. (check if) Relationship continues; b. (check if) Terminated; c. (check if) Suspended/barred; d. (check if) Resigned

23. Action date if 22 b, c, or d is checked

* 24. Financial Institution EIN and account number(s) affected that are related to subject, if any—a. (check if) No known account involved; b. (check if) Non-US Financial Institution; c. TIN; d. account number; e. (check if) closed;

25. Subject's role in suspicious activity (if applicable); a. (check if) Purchaser/Sender; b. (check if) Payee/Receiver; c. (check if) Both a & b

Part II—Suspicious Activity Information

Part II, Suspicious Activity Information, would require the filer to describe the suspicious activity that occurred.

Part II items would cover all filer institution types so all filers would see field options that may not pertain to their report (such as casino activities). Filers would only be required to complete those items that apply to their institution and pertain to the report being filed.

In Part II, with the exception of the unknown check box, these data fields would remain the same as the current SAR-DI:

* 27. Date or date range of suspicious activity for this report—a. From: mm/dd/yyyy; b. To: mm/dd/yyyy

The remaining data fields in this Part, specifically the characterizations of suspicious activity, would be modified and expanded when compared to the current SAR-DI. There are now ten general categories and each category would be further broken down to specific types of suspicious activity.

* 26. Amount involved in this report—a. (check if) Amount unknown; b. (check if) No amount involved.

28. Cumulative amount only if box 1c (continuing activity report) is checked

29. Structuring—a. Alters transaction to avoid BSA recordkeeping requirement; b. Alters transactions to avoid CTR requirement; c. Customer cancels transaction to avoid BSA reporting and recordkeeping requirements; d. Multiple transactions below BSA recordkeeping threshold; e. Multiple transactions below CTR threshold; f. Suspicious inquiry by customer regarding BSA reporting or recordkeeping requirements; z. Other (specify type of suspicious activity in space provided)

30. Terrorist Financing—a. Known or suspected terrorist/terrorist organization; z. Other (specify type of suspicious activity in space provided)

31. Fraud (Type)—a. ACH; b. Business loan; c. Check; d. Consumer loan; e. Credit/Debit card; f. Healthcare; g. Mail; h. Mass-marketing; i. Pyramid scheme; j. Wire; z. Other (specify type of suspicious activity in space provided)

32. Casinos—a. Inquiry about end of business day; b. Minimal gaming with large transactions; c. Suspicious intra-casino funds transfers; d. Suspicious use of counter checks or markers; z. Other (specify type of suspicious activity in space provided)

33. Money laundering—a. Exchanges small bills for large bills or vice versa; b. Suspicion concerning the physical condition of funds; c. Suspicion concerning the source of funds; d. Suspicious designation of beneficiaries, assignees or joint owners; e. Suspicious EFT/wire transfers; f. Suspicious exchange of currencies; g. Suspicious receipt of government payments/benefits; h. Suspicious use of multiple accounts; i. Suspicious use of noncash monetary instruments; j. Suspicious use of third-party transactors (straw-man); k. Trade Based Money Laundering/Black Market Peso Exchange; l. Transaction out of pattern for customer(s); z. Other (specify type of suspicious activity in space provided)

34. Identification/Documentation—a. Changes spelling or arrangement of name; b. Multiple individuals with same or similar identities; c. Provided questionable or false documentation; d. Refused or avoided request for documentation; e. Single individual with multiple identities; z. Other

35. Other suspicious activities—a. Account takeover; b. Bribery or gratuity; c. Counterfeit instruments; d. Elder financial exploitation; e. Embezzlement/theft/disappearance of funds; f. Forgeries; g. Identity theft; h. Little or no concern for product performance penalties, fees, or tax consequences; i. Misuse of “free look”/cooling off/right of rescission; j. Misuse of position or self-dealing; k. Suspected public/private corruption (domestic); l. Suspected public/private corruption (foreign); m. suspicious use of informal value transfer system; n. Suspicious use of multiple transaction locations; o. Transaction with no apparent economic, business, or lawful purpose; p. Two or more individuals working together; q. Unauthorized electronic intrusion; r. Unlicensed or unregistered MSB; z. Other (specify type of suspicious activity in space provided)

36. Insurance—a. Excessive insurance; b. Excessive or unusual cash borrowing against policy/annuity; c. Proceeds sent to or received unrelated third party; d. Suspicious life settlement sales insurance (e.g. STOLI's, Viaticals); e. Suspicious termination of policy or contract; f. Unclear or no insurable interest; z. Other (specify type of suspicious activity in space provided)

37. Securities/Futures/Options—a. Insider trading; b. Market manipulation/wash trading; c. Misappropriation; d. Unauthorized pooling; z. Other (specify type of suspicious activity in space provided)

38. Mortgage fraud—a. Appraisal fraud; b. Foreclosure fraud; c. Loan modification fraud; d. Reverse mortgage fraud; z. Other

39. Were any of the following instrument/product type(s) involved in the suspicious activity? Check all that apply: a. Bonds/Notes; b. Commercial mortgage; c. Commercial paper; d. Credit card; e. Debit card; f. Forex transactions; g. Futures/Options on futures; h. Hedge fund; i. Home equity loan; j. Home equity line of credit; k. Insurance/Annuity products; l. Mutual fund; m. Options on securities; n. Penny stocks/Microcap securities; o. Prepaid access; p. Residential mortgage; q. Security futures products; r. Stocks; s. Swap, hybrid or other derivative; z. Other (specify type in space provided)

40. Were any of the following instrument type(s)/payment mechanism(s) involved in the suspicious activity? Check all that apply—a. Bank/Cashier's check; b. Foreign currency; c. Funds transfer; d. Gaming instruments; e. Government payment; f. Money orders; g. Personal/Business check; h. Travelers check; i. U.S. Currency; z. Other (specify type in space provided)

41. Commodity type (if applicable)

42. Product/Instrument description (if needed)

43. Market where traded (list of codes will be provided—dropdown menu for electronic filers)

44. IP Address (if available) (multiple entries allowed for electronic filers)Start Printed Page 53788

45. CUSIP number (multiple entries allowed for electronic filers)

46. CUSIP number (multiple entries allowed for electronic filers)

Part III—Information About Financial Institution Where Activity Occurred

Part III information would be about the financial institution(s) where the suspicious activity occurred. A separate Part III record would be completed on each financial institution involved in the suspicious activity. The data fields in Part III would be modified and expanded when compared to the current SAR-DI.

* 47. Type of financial institution (check only one)—a. Casino/Card club; b. Depository institution; c. Insurance company; d. MSB; e. Securities/Futures; z. Other (specify type of institution in space provided)

* 48. Primary Federal Regulator—A = Commodities Futures Trading Commission (CFTC); B = Federal Reserve Board (FRB); C = Federal Deposit Insurance Corporation (FDIC); D = Internal Revenue Service (IRS); E = National Credit Union Administration (NCUA); F = Office of the Comptroller of the Currency (OCC); G = Securities and Exchange Commission (SEC); Z = Not Applicable

49. If item 47a is check indicate type (Check only one)—a. State licensed casino; b. Tribal authorized casino; c. Card club; d. Other (specify)

50. If item 47e is checked, indicate type of Securities and Futures institution or individual where activity occurred—check box(es) for functions that apply to this report—a. Clearing broker-securities; b. Futures Commission Merchant; c. Holding company; d. Introducing broker-commodities; e. Introducing broker-securities; f. Investment Advisor; g. Investment company; h. Retail foreign exchange dealer; i. Subsidiary of financial/bank holding company; z. Other (specify type of institution or individual in space provided)

51. Financial institution identification number (Check one box to indicate type)—a. (check if) CRD number; b. (check if) IARD number; c. (check if) NFA number; d. (check if) RSSD number; e. (check if) SEC number; f. Identification number

52. Financial institution's role in transaction (if applicable)—a. (check if) Selling location; b. (check if) Paying location; (check if) Both a & b

* 53. Legal name of financial institution—a. (check if) unknown

54. Alternate name, e.g., AKA—individual or trade name, DBA—entity

* 55. TIN—a. (check if) unknown

56. TIN type (* if 55 is completed)—a. EIN; b. SSN-ITIN; c. Foreign

* 57. Address—a. (check if) unknown

* 58. City—a. (check if) unknown

59. State

* 60 ZIP/Postal Code—a. (check if) unknown

* 61. Country

62. Internal control/file number

63. Loss to financial institution (if applicable)

64. Branch's role in transaction (if applicable)—a. (check if) Selling location; b. (check if) Paying location; c. (check if) Both a & b

* 65. Address of branch or office where activity occurred—a. (if no branch activity involved, check box a)

66. RSSD number (of the branch)

67. City

68. State

69. ZIP/Postal Code

70. Country (2 letter code—list provided)

Part IV—Filing Institution Contact Information

Part IV information would be about the lead financial institution or holding company that is filing the BSA-SAR. There would be only one Part IV record for each filing. Part IV would take fields previously contained in Part I, Part III, and Part IV on the SAR-DI as well as added new fields.

* 78. Primary Federal Regulator—A = Commodities Futures Trading Commission (CFTC); B = Federal Reserve Board (FRB); C = Federal Deposit Insurance Corporation (FDIC); D = Internal Revenue Service (IRS); E = National Credit Union Administration (NCUA); F = Office of the Comptroller of the Currency (OCC); G = Securities and Exchange Commission (SEC); Z = Not Applicable

* 79. Filer name (Holding company, lead financial institution)

* 80. TIN

* 81. TIN type—a. EIN; b. SSN/ITIN; c. Foreign

* 82. Type of financial institution (check only one)—a. Casino/Card club; b. Depository institution; c. Insurance company; d. MSB; e. Securities/Futures; z. Other (specify type of institution in space provided)

83. Type of Securities and Futures institution or individual filing this report-check box(es) for function that apply to this report—a. Clearing broker—securities; b. CPO/CTA; c. Futures Commission Merchant; d. Holding company; e. Introducing broker—commodities; f. Introducing broker—securities; g. Investment Adviser; h. Investment company; i. Retail foreign exchange dealer; j. SRO Futures; k. SRO Securities; l. Subsidiary of financial/bank holding company; z. Other (specify type of institution or individual in space provided)

84. Filing institution identification number (Check one box to indicate type)—a. (check if) CRD number; b. (check if) IARD number; c. (check if) NFA number; d. (check if) RSSD number; e. (check if) SEC number; f. Identification number

* 85. Address

* 86. City

87. State

* 88. ZIP/Postal Code

* 89. Country

90. Alternate name, e.g., AKA—individual or trade name, DBA—entity

91. Internal control/file number

92. LE contact agency

93. LE contact name

94. LE contact phone number—a. Extension (if any)

95. LE contact date

* 96. Designated contact office

* 97. Designated contact office phone number including area code—a. Extension (if any)

* 98. Date filed

Part V—Suspicious Activity Information Explanation/Description

Part V would require the filer to provide a chronological and complete narrative account of the activity, including what is unusual, irregular, or suspicious about the activity. In the BSA-SAR this part would be a text file that is limited to 17,000 characters (approximately six pages). Institutions may, but are not required to, attach a MS Excel-compatible file (no larger than 1 MB) providing details in tabular form of transactions subject to the suspicious activity discussed in the text file.

Consultation Outside the Agency

As set forth above, the SAR was originally developed in 1996 by an interagency group that consisted of the federal banking agencies, the U.S. Departments of Justice and Treasury, and several law enforcement agencies. The general framework of the BSA-SAR report and revisions to the BSA-SAR data elements have been discussed on an interagency basis.

Estimate of Respondent Burden

The burden per institution varies depending on the nature of the activity being reported. Because of these changes to the BSA-SAR, the estimated Start Printed Page 53789average burden would increase to 2 hours per response. Between January 1, 2012, and December 31, 2012, federally insured credit unions filed 67,537 ^[6] SARs. Based on this data the annual reporting burden for the federally insured credit unions is estimated to be 135,074 hours with the proposed revisions.

Title: Suspicious Activity Report by Depository Institutions (SAR).

OMB Control Numbers: 3133-0094.

Form Numbers: 2362.

Abstract: In 1985, the Banking Supervisory Agencies issued procedures to be used by banks and certain other financial institutions operating in the United States to report known or suspected criminal activities to the appropriate law enforcement and Banking Supervisory Agencies. Beginning in 1994, the Banking Supervisory Agencies and FinCEN redesigned the reporting process resulting in the Suspicious Activity Report, which became effective in April 1996. The report is authorized by 12 CFR 748.1 (NCUA). The regulation was issued under the authority contained in Section 1789(a) (NCUA).

Current Action: NCUA proposes to renew, with revision, the previously approved form.

Type of Review: Reinstatement of a previously approved collection.

Affected Public: Business, for-profit institutions, and non-profit institutions.

Estimated Number of Respondents: 6,753.

Estimated Total Annual Responses: 67,537.

Estimated Total Annual Burden: at an estimated 2 hours per form, Total Annual Burden: 135,074 hours.

Records required to be retained under the Bank Secrecy Act and these regulations issued by the Banking Supervisory Agencies must be retained for five years. Generally, information collected pursuant to the Bank Secrecy Act is confidential, but may be shared as provided by law with regulatory and law enforcement authorities.

Request for Comments: Comments submitted in response to this notice will be summarized and/or included in the request for Office of Management and Budget approval. All comments will become a matter of public record. Comments are invited on: (a) Whether the collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility; (b) the accuracy of the agency's estimate of the burden of the collection of information; (c) ways to enhance the quality, utility, and clarity of the information to be collected; (d) ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques or other forms of information technology, and (e) estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to provide information.

Footnotes