news.cuna.org/articles/108465-bsa-conference-fincen-says-enforcement-designed-to-educate-not-just-punish
111715Enforce
Attorney David Reed explains the philosophy behind the Financial Crimes Enforcement Network's enforcement actions at the CUNA/NASCUS Bank Secrecy Act Conference Monday. (CUNA Photo)

BSA Conference: FinCEN says enforcement designed to educate, not just punish

November 17, 2015

FORT LAUDERDALE, Fla. (11/17/15)--More than 10,000 individuals from federal, state and local agencies conduct more than 30,000 Bank Secrecy Act (BSA) searches per day, according to attorney David Reed.

Reed presented information on enforcement actions Monday at the CUNA/National Association of State Credit Union Supervisors BSA Conference.

Reed highlighted the thinking behind many of the U.S. Treasury Financial Crimes Enforcement Network's (FinCEN) activities, which are done publicly and accompany guidance and other information as way to educate other entities.

“FinCEN has publicly stated enforcement should never be a ‘gotcha’ exercise. The agency devotes considerable time and effort to ensure that public enforcement assessments clearly explain the facts and the violations underlying the enforcement action,” Reed said. “It wants the enforcement actions to assist financial institutions and the public as an educational tool.”

The BSA gives FinCEN "overall authority for enforcement and compliance, including coordination and direction of procedures and activities of all other agencies exercising delegated authority.”

FinCEN also has the authority to issue penalties against not only financial institutions, but partners, directors, officers and employees who participate in misconduct.

In 2014, the FBI reported that 16% of its total pending cases had related BSA filings, including 42% of pending drug cases, 33% of pending transactional organized crime cases, 32% of its complex financial crimes cases and nearly 18% of its international terrorism cases.

Reed reminded attendees about FinCEN’s March 2012 bulletin regarding confidentiality, which reminds financial institutions “to be vigilant in maintaining the confidentiality of [Suspicious Activity Reports] (SARs). This includes ensuring all employees, agents, and individuals appropriately entrusted with information in a SAR are informed of the individual obligation to maintain SAR confidentiality.”

Reed recommended five steps for financial institutions to ensure they stay in BSA compliance:

  • Create a culture of BSA compliance from the most experienced board member to the newest teller;
     
  • Create a realistic and thorough BSA risk assessment, and update the assessment any time new products and services are offered;
     
  • Document everything, including policies, procedures, training, reports, due diligence, positive and negative findings. Also document changes made as a result of audits and examinations;
     
  • Continue to test the efficacy of the BSA compliance program; and
     
  • Ensure there is adequate training across the financial institution.

Reed pointed out a few trends that FinCEN has been involved in increasing enforcement actions in recent years, including:

  • Beneficial ownership, which is the use of “shell” and “shelf” companies to engage in or launder the proceeds of illegal activity. Proposed amendments would add a new requirement that these entities know and verify the identities of the real people who own, control and profit from the companies they service; and
     
  • Third-party money launderers, which can be used by some criminal organizations to obtain access to financial services. These can include professional gatekeepers such as attorneys and accountants.

(Editor’s note: For more coverage of CUNA’s BSA Compliance Conference, see the following stories in today’s issue: BSA Conference: BSA Conference: Exploring benefits, pitfalls of remote deposit capture; BSA Conference: Finding red flags for trade-based money laundering; BSA Conference: Well-defined AML program essential for small FIs; and, BSA Conference: Self-assessment crucial for strong cybersecurity framework.)