A SAR is born – FinCEN, IRS, the Egmont Group and loss of financial privacy worldwide

Share Button


If you’re planning to make cash deposits or withdrawals, use a safety deposit box, put down a cash deposit towards your car purchase, use an ATM on your way to the family’s out-of-state reunion, buy some travelers checks to bring along for your summer vacation, apply for new mortgage, loan modification or foreclosure rescue – you should read this article. Under current banking regulations, most of your everyday transactions, such as those described above, have a great chance of being written up as a Suspicious Activity Report (SAR).

SARs have been around since April of 1996. The Bank Secrecy Act (BSA) requires financial institutions to file suspicious activity reports (SAR) to inform the federal government of transactions related to possible violations of law. SARs were originally intended to be used as supporting documents for existing cases in combating money laundering, terrorist financing and other financial crimes. Now they are being used to initiate new investigations, based on a multitude of routine transactions by individuals and businesses. FinCEN Director James H. Freis, Jr. said, “The Bank Secrecy Act (BSA) makes the financial industry a partner in the government’s efforts to thwart criminals and illicit activity.”

For example, if you deposit more than $10,000.00 dollars, your transaction is being reported to the IRS. If you deposit less than $10,000.00 dollars, your transaction may result in a SAR report of structuring/ money laundering, based on your implied intent to evade the reporting requirement to the IRS. Under the Bank Secrecy Act (BSA), financial institutions are required to report transactions in currency that exceed $10,000 by making Currency Transaction Reports (CTR). “Currency transaction reports provide unique and reliable information that is essential to supporting investigations and detecting criminal activities,” said FinCEN Director James H. Freis, Jr.

If you’re using your safety deposit box often, that may be reported in a SAR. If you rarely use your safety deposit box, that will also be reported as a suspicious activity. If you’re making a cash payment towards the purchase of your vehicle, there goes another SAR. Purchasing anything that costs $3,000 or more and paying by certified checks, money orders or traveler’s checks – a report is going to be made. Your financial privacy is just another casualty in the government’s “war on terror”, which is being used to spy on law-abiding Americans.

Not surprisingly, the numbers of SARs are soaring. Approximately 2.9 million of these reports have been filed between April of 1996 and December 2005, according to a report by FinCEN (a unit of the U.S. Treasury Department, and the single largest repository of personal financial information in the United States). A February 2009 report from the U.S. Government Accountability Office (GAO) found that between 2000 and 2007, suspicious activity report (SAR) filings nearly quadrupled, from 163,000 to 649,000 per year.

Privacy advocates say the SAR crosses the line by making the definition of “suspicious activity” deliberately vague. That forces banks to use their own subjective discretion in filing SARs, paving the way for racial profiling, political motivation and ulterior motives for targeting certain customers. The banks are not worried about violating consumers’ privacy, because it’s illegal for them to inform customers when SARs are filed on them.

“Under this stealth law, banks and banking regulators are starting with the premise that every American is a terrorist, and anything that they do is capable of being a terrorist act,” said James Rockett, co-head of the financial institutions corporate and regulatory group at the San Francisco-based law firm of Bingham McCutchen. “The definition of unusual is so broad under the current construct … anything that happens in any single account in the U.S., even if it’s negligibly different, is going to be reported to the government,” he said.

For example, an independent film company was filming in Arizona, generating large revenues to the local economy and employing state residents. Numerous cash withdrawals and deposits were routinely made in the course of this multi-million dollar film production. Wells Fargo bank officers and officials visited the film set, met the all-star cast and production crew. Although it was self-evident that the funds were being used for legitimate purposes, bank employees have made over sixty (60) SAR reports about the film company and its producers.

In describing cash withdrawals that were used to pay local extras, purchase film props and pay the art department, Wells Fargo bank’s SAR filings reported the company for possible money laundering, stating that the amounts withdrawn were too large for a “photography studio”. Needless to say, that was a blatant, willful misrepresentation and Wells Fargo was well aware of the legitimate need for the financial transactions in question. But the banks are not concerned about violating your privacy. Under 12 U.S.C. §3403(c), financial institutions and their employees have complete immunity from civil liability for the reporting of known or suspected criminal offenses or suspicious activity by filing a Suspicious Activity Report (SAR) with the FinCen.

The FinCEN is a Unit of the U.S. Treasury Department that compiles customer financial data based on SARs reports and other sources. This reporting system evolved in 1992 when Congress amended the Bank Secrecy Act, authorizing the Treasury Department to adopt the SAR requirements, through the Annunzio-Wylie Anti-Money Laundering Act.

The FinCen website states, “Hundreds of thousands of financial institutions are subject to Bank Secrecy Act reporting and recordkeeping requirements. These include depository institutions (e.g., banks, credit unions and thrifts); brokers or dealers in securities; insurance companies that issue or underwrite certain products; money services businesses (e.g., money transmitters; issuers, redeemers and sellers of money orders and travelers’ checks; check cashers and currency exchangers); casinos and card clubs; and dealers in precious metals, stones, or jewels. The USA PATRIOT Act of 2001, enacted shortly after the 9/11 attacks in America, broadened the scope of the Bank Secrecy Act to focus on terrorist financing as well as money laundering.”

FinCEN Mission Statement

This amendment gave the Treasury Department the power to require reporting of any “suspicious transaction relevant to a possible violation of law or regulation.” 31 U.S.C. § 5318(g)(1). The Right to Financial Privacy Act (RFPA) was enacted to ensure that customers be notified before disclosure of their records to the government, to give customers standing to challenge release of their records to the government; and to require government agencies to produce an audit trail documenting the disclosure of customer info to the government, as well as any interagency transfer of info.

But RFPA contains a large loophole that accommodates financial institution reporting under the Bank Secrecy Act. 12 U.S.C. § 3413(d). Though RFPA contemplates that notice will be given to customers when financial records are transferred from one federal agency to another, notice is not given to customers when SARs are furnished by FinCEN to law enforcement officials. The SARs contain all of your personal data, name, age, Social Security number, address, occupation, account number and other details about your bank transactions. In certain instances, the account could even be frozen until you can prove you are not a criminal.

The definition of a “financial institution” obligated to file SARs now includes many entities most individuals would not consider as such, including the casinos and the U.S. Postal Service. However, these entities are required to report any suspicious activity involving at least $5,000. Thus, gamblers visiting a casino may encounter some difficulties.

Every person engaged in a trade or business, who in the course of that trade or business, receives more than $10,000 cash in one transaction or in two or more related transactions must file a Form 8300 with FinCEN. 31. U.S.C. §5332. This is a very broad requirement, so that many different entities are subject to this regulation. For example, if you purchase jewelry in cash for over $10, 000, a report will be filed on you, even if such activity in itself is not unlawful or suspicious.

On November 16, 2009, FinCEN proposed an expansion of the Bank Secrecy Act (BSA) information sharing rules to allow foreign law enforcement agencies, as well as State and local law enforcement agencies, to submit requests for information to financial institutions. This program is going into effect in 2010.

Expansion of the Bank Secrecy Act to include foreign law enforcement agencies

Complete financial transparency is being sought not only in America, but also throughout the world. In 1995 a group of Financial Intelligence Units (FIUs) met at the Egmont Arenberg Palace in Brussels and decided to establish an informal group whose goal would be to facilitate international cooperation. Now known as the Egmont Group, these Financial Intelligence Units meet regularly and has grown dramatically from 14 units to a recognized membership of 116 worldwide participants.

The Egmont Group Committee of 14 members is an intermediary group between the 116 Heads of member Financial Intelligence Units. This Committee is comprised of seven permanent members and seven regional representatives. The regional representation is based on continental groupings and includes one representative from Asia, two from Europe, two from the Americas, one from Africa and one from Oceania. The Committee, Working Groups and Secretariat meet three times per year, including the annual plenary session.

The 17th Egmont Group Plenary was held in May of 2009 in Doha, Qatar. It was attended by over 300 participants representing Egmont member FIUs and numerous regional and international bodies. The Heads of FIUs unanimously endorsed Mr. Luis Urrutia, Head of FIU Mexico, as the new Chair of the Egmont Group. A record number of more than 50 bilateral cooperation agreements were signed between Egmont members during the week of meetings, calling for “a greater commitment to the Egmont Group principles and international cooperation, as well as the expansion of the organization of the information sharing process among the FIUs around the world.”

Mr. Neil Jensen, Chair of the Egmont Group and Sheikh Ahmed Bin Eid Al Thani, Head of the Qatar Financial Information Unit, congratulated the nine new members who were admitted to the Group, which are the Financial Intelligence Units of Fiji, Kyrgyzstan, Malawi, Macau, Mongolia, Saudi Arabia, Senegal, Sri Lanka and St. Lucia. American Financial Crimes Enforcement Network (FinCen) is one of the organization’s 116 member FIU’s. Since this is an informal group not based within the United States, the obvious concern is that disclosure and sharing of information is not subject to any of the American laws, rules or regulations.

The Egmont Group of Financial Intelligence Units – complete list of members

We should be concerned not only about the government collecting our private financial information, but also that this information may not be properly safeguarded from disclosure to unauthorized third parties. On January 30, 2009, Government Accountability Office (GAO) issued a report entitled “Further Actions Needed to Address Risks to Bank. Secrecy Act Data.”

GAO report (GAO 09-195) states in relevant part, “FinCEN did not always adequately restrict access to sensitive files… IRS did not implement controls to restrict access to data and systems to only those who needed it… IRS did not isolate the systems and data from its other systems and had not restricted user access to the systems and data via a dedicated network. Instead, other paths allowed any of its employees to gain access without detection, most of whom did not have a legitimate need for such access… IRS allowed more than 600 IRS employees to have privileges on the mainframe supporting FinCEN’s mission that they did not need in order to do their jobs… By allowing access to information and systems to individuals who do not have a legitimate job-related need, FinCEN, TCS, and IRS are placing these data and systems at increased risk of unauthorized access or disclosure… As a result of these weaknesses, there is an increased risk that malicious individuals could gain inappropriate access to sensitive BSA applications and data.”

GAO Report “Information Security: Further Actions Needed to Address Risks to Bank Secrecy Act Data GAO-09-195″

One of the best privacy safeguards is to limit the collection of personal information. In a direct contravention to this simple principle, unnecessary data is being stockpiled through SARs. This not only diverts government resources from more productive uses, but also contributes to unprecedented privacy violations. Individuals and businesses are being intentionally kept in the dark as to the disclosures of their private information, under the theory of “What you don’t know can’t hurt you”. However, in this scenario, it SAR can…

Share Button

Leave a Reply