A 20th Century Law Out of Sync with 21st Century Reality
Issued within the first month of the Trump presidency, Executive Orders 13771 and 13777 called for a reduction in regulation and the enforcement of the administration’s regulatory reform agenda. In response, the Treasury Department proposed a rule in mid-June, asking for “views and recommendations for Treasury Department regulations that can be eliminated, modified, or streamlined in order to reduce burdens.” Comments on the proposed rule are currently under review.
This wide-open call for comment on any Treasury regulation elicited a very specific response from the American Bankers Association (ABA) that focused on the Bank Secrecy Act (BSA). They suggest, and others agree, that it is time to modernize this 1970 law in order to more effectively stop money laundering and terrorist financing while reducing the burden this law places on financial institutions.
Conducive Conditions for Change
Perhaps for the first time in its 47-year history, the prospect of a large-scale BSA overhaul is more than wishful thinking by financial institutions. For one, the President has repeatedly stated his deregulation stance, which his Executive Orders facilitate.
But he is not alone. The Republican-led Congress shares the same desire, and multiple committees have invited industry representatives to testify on regulatory burdens. Notable among them was Lloyd DeVaux, president and CEO of Sunstate Bank ($200 million in assets). Appearing before the House Financial Services Committee on behalf of the Florida Bankers Association, DeVaux spoke persuasively about the BSA. He said 10 percent of his bank’s expenses went to BSA/AML compliance in 2016. Seven of the bank’s 45 total employees (15.5 percent) are in compliance-related functions, and six out of those seven are devoted to BSA/AML.
DeVaux also described the shadow banking system that results when banks de-risk themselves of BSA-designated high-risk industries. He argued that, “it makes no sense to create a system that drives legitimate customers outside the formal banking system to less regulated or even unregulated providers.” He noted that transactions fed through this shadow system fall through law enforcement cracks. His point is valid—digital technology now provides an accessible and affordable infrastructure for this shadow system in which digital currency supplies the anonymity to criminals and terrorists.
Further, the nature and reach of terrorism has changed drastically since 1970. The Internet and social media exponentially help groups like ISIS recruit, fundraise and plan. As DeVaux painfully pointed out, despite the heavy financial toll that it takes on banks, the BSA is woefully ill-equipped to stop such forces.
BSA Recommendations Are Far Ranging
The ABA’s twenty-page response to the Treasury reaffirmed the industry’s commitment to the general principal of the BSA. However, echoing the DeVaux testimony, it argued that the current BSA framework creates a significant amount of unnecessary work. But despite that costly effort, it does not adequately assist law enforcement in the fight against modern-day terrorism and money laundering.
The ABA posited five core recommendations for resolving this disconnect:
- Create an independent BSA gatekeeper
- Take a priority-focused approach to compliance
- Increase the quality of feedback and transparency
- Streamline reporting and validate its usefulness
- Update standards and procedures for criminal sanctions and actions against banks
In relation to these overarching recommendations, the ABA comment letter outlined three general principles for a BSA overhaul. The first calls for a return to basics. It noted that the BSA’s original intention, “require that banks make financial information more readily available to law enforcement without generating undue burden,” was left behind long ago as the onus on banks shifted from information gathering and submission to in-depth investigative work—for which it argued, “law enforcement agencies are far better equipped with training and resources to conduct.”
The second general principle is consistency. Whether due to the significant amount of outdated guidance or the widespread inconsistent application of that guidance among examiners, BSA compliance is a significant challenge. The ABA asked the Treasury to promote consistency and specifically “to conduct uniform training for bankers and examiners.”
Finally, the ABA suggested the implementation of an independent ombudsman who would act as a “gatekeeper” for all things related to BSA.
The ABA then recommended 17 specific ideas, among them such easily actionable suggestions as providing clearer guidance on the new customer due diligence rule (beneficial ownership) and publishing original guidance on the rapidly developing marijuana industry. Not surprisingly, eight of the 17 ideas related to either the currency transaction report (CTR) or the suspicious activity report (SAR).
The Low-Hanging Fruit
Short of a wholesale BSA overhaul, here are four less cumbersome areas that, if implemented, could potentially provide the most benefit to examiners, law enforcement and banks.
Updated Guidance: The fight against money laundering and terrorist financing would significantly benefit from a wholesale update to all BSA guidance, including the Federal Financial Institutions Examination Council’s (FFIEC) BSA/AML Examination Manual. Such a comprehensive update would take time, but the end result would eliminate the current disparity between the original law, its many additions over 47 years, and the reality of today versus tomorrow. It would standardize the various interpretations of the law that currently exist from region to region and agency to agency, and it would allow the Treasury and FFIEC to develop guidance on emerging industries, such as marijuana and digital currency, and to clearly define third-party reliance.
Improved Information Sharing: As the ABA argued, the lack of information sharing across the board impedes BSA efforts. Through their compliance, banks provide law enforcement with information, but the original idea of information flowing back to banks from law enforcement has never really materialized. The ABA views this as a lost opportunity: “While we recognize the need to protect investigations, sharing information about patterns of behavior or other red flags would be extremely helpful for banks to partner in the efforts to achieve BSA purposes.” In addition, the ABA recommended removing the red tape and risks currently associated with banks sharing appropriate information with each other that could further support BSA purposes.
CTR Overhaul: Various problems exist within the current CTR requirements. First, the original $10,000 limit has never been adjusted for inflation, which according to the ABA, would be about $64,000 today. Second, when the SAR was added to the BSA in 1992, no consideration was given to the overlap between the two. This begs the ABA’s question, “Because the Suspicious Activity Report is now the primary focus of the BSA database, is the CTR still a useful tool, or can suspicious cash movements, of whatever quantity, be captured by SAR reporting while avoiding useless reporting of routine cash transactions by law-abiding customers?” If the Treasury determines that CTRs are still useful and does not completely eliminate them, the ABA recommended that the Treasury at least consider the following: increasing the threshold limit, eliminating the aggregation requirements, giving banks discretion on structuring reports and streamlining the CTR exemption process.
Revised SAR Format: As every BSA compliance officer knows, the current SAR format requires a “thorough and complete narrative.” Examiner expectations in this area are pushing banks to conduct investigations on the level of law enforcement. This creates a detrimental lag time in getting information to law enforcement, in a situation where time is of the essence. The ABA recommended that, “Requirements for SAR filings should be adjusted so that banks provide enough information on a SAR to help law enforcement understand why something is suspicious but not to the point that it delays getting information to law enforcement.”
Careful What You Wish For
With any recommended change, there is a risk of unintended consequences. The same is true here, particularly with two of the ABA recommendations. Their implementation could be especially harmful to smaller institutions with fewer compliance resources.
A BSA Ombudsman: There is definite merit in the idea of a single source making BSA judgment calls, determining the need for additional guidance and settling disputes. However, there is a possible downside if this BSA ombudsman is structured like the Consumer Financial Protection Bureau (CFPB). In that case, banks could be examined on BSA by two regulators, just as they are today on consumer regulations.
An OFAC Threshold: The ABA letter made many good points regarding the Office of Foreign Assets Control (OFAC), such as allocating more resources to the OFAC hotline. However, it also recommended that OFAC set a screening threshold. Currently, there is no requirement to screen—only the requirement not to do business with anyone on the list. This allows banks to develop their screening processes based on their risk profiles. Setting a threshold would result in banks having to screen every single transaction over that threshold amount, regardless of their risk profiles.
Only Time Will Tell
The ABA and the Florida Bankers Association are not alone. Groups such as Independent Community Bankers of America (ICBA) have also provided documentation to the Treasury and Congress espousing the economic benefit that would result from reducing regulatory burdens like the BSA. While all make valid arguments for modernizing the BSA, keep in mind that regulatory change in Washington rarely happens quickly, even when conditions for change are conducive. Only time will tell if the Treasury truly has the inclination to take on this much-needed overhaul.
Amber Goodrich, compliance strategist for CSI Regulatory Compliance, has more than 10 years of financial industry experience. She is a Certified Regulatory Compliance Manager (CRCM) and Certified Bank Secrecy Act (BSA) Professional (CBAP).