Home > News & Events > Financial Institution Letters




Inactive Financial Institution Letters


[Federal Register: March 4, 2002 (Volume 67, Number 42)]
[Proposed Rules]               
[Page 9879-9887]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr04mr02-27]                         


[[Page 9879]]

-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA26, 1506-AA27

 
Financial Crimes Enforcement Network; Special Information Sharing 
Procedures To Deter Money Laundering and Terrorist Activity

AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: FinCEN, a bureau of the Treasury Department, is proposing 
regulations to implement provisions of the Uniting and Strengthening 
America by Providing Appropriate Tools Required to Intercept and 
Obstruct Terrorism (USA PATRIOT) Act of 2001 that encourage information 
sharing among financial institutions and federal government law 
enforcement agencies to identify, prevent, and deter money laundering 
and terrorist activity.

DATES: Written comments on all aspects of the proposed rule must be 
received on or before April 3, 2002.

ADDRESSES: Written comments should be submitted to: Special Information 
Sharing--Section 314 Comments, PO Box 1618, Vienna, VA 22183-1618. 
Comments may also be submitted by electronic mail to the following 
Internet address: regcomments@fincen.treas.gov with the caption in the 
body of the text, ``Attention: Proposed Rule--Special Information 
Sharing--Section 314.'' For additional instructions on the submission 
of comments, see SUPPLEMENTARY INFORMATION under the heading 
``Submission of Comments.'' Comments may be inspected at FinCEN between 
10 a.m. and 4 p.m., in the FinCEN Reading Room in Washington, DC. 
Persons wishing to inspect the comments submitted must request an 
appointment by telephoning (202) 354-6400 (not a toll-free call).

FOR FURTHER INFORMATION CONTACT: Judith R. Starr, Chief Counsel 
(FinCEN), (703) 905-3590; William Langford, Senior Counsel for 
Financial Crimes, Office of the Assistant General Counsel 
(Enforcement), (202) 622-1932; or Gary W. Sutton, Senior Banking 
Counsel, Office of the Assistant General Counsel (Banking & Finance), 
(202) 622-1976 (not toll-free numbers). Financial institutions with 
questions about their coverage or compliance obligations under this 
rule should contact their appropriate federal regulator.

SUPPLEMENTARY INFORMATION:

I. Background

    On October 26, 2001, the President signed into law the USA PATRIOT 
Act of 2001 (Public Law 107-56) (the Act). Of the Act's many goals, the 
facilitation of information sharing among governmental entities and 
financial institutions for the purpose of combating terrorism and money 
laundering is of paramount importance. Section 314 of the Act furthers 
this goal by providing for the sharing of information between the 
government and financial institutions, and among financial institutions 
themselves. As with many other provisions of the Act, Congress has 
charged Treasury with developing regulations to implement these 
information-sharing provisions.
    Section 314(a) of the Act requires regulations encouraging 
cooperation between financial institutions and the federal government 
through the exchange of information regarding individuals, entities, 
and organizations engaged in or reasonably suspected of engaging in 
terrorist acts or money laundering activities. Section 314(b), on the 
other hand, permits financial institutions, upon providing notice to 
Treasury, to share information with one another in order to better 
identify and report to the federal government concerning activities 
that may involve money laundering or terrorist activities.
    First, utilizing the existing and future communication resources of 
the Financial Crimes Enforcement Network (FinCEN), this proposed rule 
seeks to create a communication network linking federal law enforcement 
with the financial industry so that vital information relating to 
suspected terrorists and money launderers can be exchanged quickly and 
without compromising pending investigations. FinCEN, a bureau of 
Treasury, already maintains a government-wide data access service to 
assist federal, state, and local law enforcement agencies in the 
detection, prevention, and prosecution of terrorism, organized crime, 
money laundering, and other financial crimes. Under the proposed rule, 
federal law enforcement will have the ability to locate accounts of, 
and transactions conducted by, suspected terrorists or money launderers 
by providing their names and identifying information to FinCEN, which 
will then communicate that information to financial institutions so 
that a check of accounts and transactions can be made. If matches are 
found, law enforcement can then follow up with the financial 
institution directly. The rule is intended to formalize and streamline 
the information sharing and reporting process that the federal 
government undertook following the attacks of September 11, 2001, by 
permitting FinCEN to serve as a conduit for information sharing between 
federal law enforcement agencies and financial institutions.
    FinCEN is uniquely positioned to serve as the communication gateway 
under section 314(a). Indeed, it already provides considerable 
information relating to financial crimes to the financial community in 
a variety of ways. It issues Suspicious Activity Report (SAR) 
Bulletins, which digest information drawn from SARs to illustrate 
indicia of suspicious activity, and SAR Activity Reviews, which present 
trends, tips and issues in suspicious activity reporting. FinCEN issues 
advisories to alert the financial community to specific activities and 
areas that merit enhanced scrutiny, including countries with lax anti-
money laundering controls. In addition, FinCEN provides industry 
guidance on its website. The financial services industry also makes 
substantial use of FinCEN's regulatory helpline.
    Second, Congress authorized the sharing of information among 
financial institutions relating to suspected terrorists and money 
launderers only after providing notice to Treasury, for the purpose of 
identifying and reporting to the federal government such activities. 
The notice provision outlined below--a yearly certification to FinCEN 
that information will be shared and protected from inappropriate 
disclosure--combined with the requirement that any money laundering or 
terrorist activities uncovered be reported to FinCEN or other law 
enforcement, will allow for the sharing of information while protecting 
the privacy interests of customers of financial institutions. Given the 
importance of this information sharing provision, Treasury is issuing 
simultaneously an interim rule implementing section 314(b), which is 
published elsewhere in this issue of the Federal Register. The 
regulatory text of the interim rule and this proposed rule are 
identical with respect to section 314(b).
    Nothing in this proposed rule affects the existing authority of 
federal agencies to obtain information directly from financial 
institutions, as authorized by law or regulation, pursuant to their own 
established and approved procedures. Moreover, nothing in the proposed 
rule affects a financial institution's obligation to file a SAR, or its 
duty to contact directly a federal agency concerning individuals or 
entities suspected of engaging in terrorist acts or money laundering 
activities.

[[Page 9880]]

II. Analysis of the Proposed Rule

A. General Definitions

Section 103.90--Definitions
    As noted above, section 314 authorizes the sharing of information 
between the federal government and financial institutions, and among 
financial institutions, for the purpose of identifying possible money 
laundering or terrorist activities. Although section 314 does not 
define ``money laundering'' or ``terrorist activity,'' each of these 
terms has well-established definitions. Accordingly, and consistent 
with the broad intent underlying section 314, section 103.90(a) defines 
``money laundering'' to mean any activity described in section 1956 or 
1957 of title 18, United States Code. Similarly, section 103.90(b) 
defines ``terrorist activity'' to mean an act of domestic terrorism or 
international terrorism as defined in section 2331 of title 18, United 
States Code.

B. Information Sharing with Federal Law Enforcement Agencies

Section 103.100--Information Sharing with Federal Law Enforcement 
Agencies
    Under section 314(a) of the Act, Treasury is required to establish 
procedures to encourage information sharing between financial 
institutions and federal government authorities concerning accounts and 
transactions that may be linked to terrorist activity or involve money 
laundering. Treasury also may require each financial institution to 
designate persons to serve as contact points to facilitate this 
information exchange.
    Section 103.100 is intended to fulfill Treasury's statutory mandate 
in section 314(a) in a way that will provide a streamlined method for 
federal law enforcement agencies to uncover money laundering and 
terrorist financing while minimizing burdens on financial institutions 
and intrusions on individual privacy.
    The Act does not define the term ``financial institution'' for 
purposes of the information sharing provisions of 314(a). Under the 
Bank Secrecy Act (BSA), which, like section 314(a), is concerned with 
information reporting to detect and prevent financial crimes, the term 
``financial institution'' is defined broadly.\1\ The purpose of section 
314(a) is to facilitate the exchange of information between federal law 
enforcement agencies and financial institutions concerning individuals, 
entities, and organizations that are engaged in, or reasonably 
suspected based on credible evidence of engaging in, terrorist acts or 
money laundering activities. Consistent with this purpose, section 
103.100(a) defines ``financial institution'' as any financial 
institution described in 31 U.S.C. 5312(a)(2).
---------------------------------------------------------------------------

    \1\ See 31 U.S.C. 5312(a)(2). See also section 314(d)(2) of the 
Act (requiring the Secretary of the Treasury to distribute certain 
semiannual reports to financial institutions and incorporating the 
BSA definition of ``financial institution'') and 18 U.S.C. 
2339B(g)(2) (criminal penalties for providing support or resources 
to foreign terrorists and incorporating by reference the BSA 
definition of ``financial institution'').
---------------------------------------------------------------------------

    Section 103.100(b) through (d) establish a mechanism for federal 
law enforcement agencies investigating money laundering and terrorist 
activity to use FinCEN as a means of exchanging information with 
financial institutions about suspected terrorists and persons engaged 
in money laundering.
    Section 103.100(b) provides that FinCEN, acting on behalf of a 
federal law enforcement agency investigating money laundering or 
terrorist activity, may request any financial institution to search its 
records to determine whether the financial institution maintains or has 
maintained accounts for, or has engaged in transactions with, specified 
individuals, entities, or organizations. FinCEN and the federal law 
enforcement agency seeking the information will determine the 
appropriate time period for the records search, depending on the 
circumstances of the underlying investigation, which will be 
communicated to financial institutions by FinCEN with the request. 
Treasury and FinCEN specifically solicit comments from financial 
institutions concerning the length of time they maintain and/or archive 
records concerning closed accounts and past transactions, and their 
ability to access these records for purposes of this section.
    Section 103.100(c) makes clear that the federal law enforcement 
agency for which FinCEN makes the request is responsible for 
determining that the request meets the statutory requirement that it 
relate to individuals, entities, or organizations engaged in or 
reasonably suspected based on credible evidence of engaging in 
terrorist or money laundering activities. Section 103.100(c) requires 
the requesting federal law enforcement agency to provide FinCEN with a 
written certification, in such manner and form as FinCEN may prescribe, 
that each individual, entity, or organization about which the agency is 
seeking information is engaged in, or reasonably suspected based on 
credible evidence of engaging in, money laundering or terrorist 
activity. FinCEN believes this certification requirement establishes 
sufficient accountability in the requesting federal law enforcement 
agencies to ensure that such agencies use the authority of the rule in 
the manner contemplated by the statute.
    Under the proposed rule, FinCEN has the authority to request 
information regarding suspected terrorists and money launderers from 
any financial institution as defined in the BSA notwithstanding that 
FinCEN has not yet extended BSA regulations to all such financial 
institutions. While all financial institutions should be on notice that 
FinCEN may contact them for information after this rules becomes 
effective, as a practical matter not all financial institutions will 
receive requests for information. First, because FinCEN does not 
currently regulate all BSA financial institutions, it does not have 
contact information effectively to reach large numbers of unregulated 
financial institutions. The BSA authorizes FinCEN to require financial 
institutions to file with FinCEN reports of suspicious financial 
transactions, known as Suspicious Activity Reports (SARs). To date, 
FinCEN has extended SAR reporting only to a subset of ``financial 
institutions'' as defined in the BSA. In addition, regulations issued 
by the federal regulator of certain financial institutions require SAR 
reporting to FinCEN. Currently, banks, savings associations, credit 
unions, certain money services businesses (MSBs),\2\ and certain 
registered securities brokers and dealers \3\ are required to file 
SARs. In addition, the Act requires Treasury to extend the SAR 
reporting requirement to all registered securities brokers and dealers 
by July 1, 2002.\4\ Accordingly, the initial implementation of section 
103.100 generally will involve those financial institutions that are 
subject to SAR reporting. However, other financial institutions may 
also be requested to provide information to FinCEN on a case-by-case 
basis. Implementation of section 103.100 will in the future be expanded 
to include additional

[[Page 9881]]

categories of financial institutions as FinCEN develops an enhanced 
communication network with the larger financial community. Moreover, 
Treasury and FinCEN expect that many requests for information will be 
targeted to specific subsets of financial institutions based on 
information already known to law enforcement agencies. For example, if 
a law enforcement agency knows that an individual suspected of 
financing terrorism operates in a particular geographic area, or 
utilizes particular types of financial institutions, FinCEN would 
target its request for information accordingly.
---------------------------------------------------------------------------

    \2\ All money services businesses (MSBs) are required to 
register with the Treasury Department except persons that are MSBs 
solely because they serve as agents of another MSB; issuers, 
sellers, and redeemers of stored value; and the U.S. Postal Service. 
Issuers, sellers, and redeemers of traveler's checks and money 
orders and money transmitters are subject to the MSB SAR 
requirement; check cashers and currency dealers and exchangers are 
not subject to the MSB SAR requirement.
    \3\ Although FinCEN's existing BSA regulations requiring the 
filing of SARs do not apply generally to securities brokers and 
dealers, those securities brokers and dealers that are affiliates or 
subsidiaries of banks or bank holding companies have been required 
to report suspicious transactions by virtue of the application to 
them of rules issued by the federal bank supervisory agencies.
    \4\ See Act section 356. FinCEN has issued proposed amendments 
to the BSA regulations to cover all securities brokers and dealers 
66 FR 67669 (Dec. 31, 2001).
---------------------------------------------------------------------------

    Section 103.100(d) sets forth the obligation of financial 
institutions to comply with a request from FinCEN. This section 
provides that upon receiving the request, a financial institution shall 
search its records to determine whether it maintains or has maintained 
any account for, or has engaged in any transaction with, any 
individual, entity, or organization named in FinCEN's request. The 
financial institution's search must cover accounts maintained and 
transactions engaged in during the time period specified in the 
request.
    If a financial institution identifies a matching account or 
transaction, it must report as soon as possible to FinCEN the identity 
of the relevant individual, entity, or organization, together with an 
identification of the account or the type of transaction (such as wire 
transfer), as well as all identifying information (such as date of 
birth, address, Social Security number, passport number, etc.) provided 
by the individual, entity, or organization in connection with the 
transaction or establishment of the account. This information should be 
sent to FinCEN via e-mail to patriot@fincen.treas.gov or, if the 
financial institution does not have access to e-mail, by calling the 
toll-free the Financial Institutions Hotline (1-866-556-3974), or as 
FinCEN may otherwise prescribe in the information request.
    Although the records search required by section 103.100(d) is 
retrospective, Treasury and FinCEN expect that financial institutions 
will use the information provided by FinCEN to report to FinCEN 
concerning any named individual, entity, or organization that 
subsequently establishes an account or engages in a transaction.
    Nothing in the rule requires a financial institution to take any 
action, or to decline to take any action, with respect to an existing 
account or past transaction with, or to decline to establish a new 
account for, or to engage in a transaction with, any individual, 
entity, or organization specified in a request from FinCEN. Indeed, in 
the interests of law enforcement, the proposed rule prohibits a 
financial institution from taking any action that could alert an 
individual, entity or organization that it has been identified by a 
federal law enforcement agency as engaged in, or suspected of engaging 
in, terrorist acts, the financing of terrorist acts, or money 
laundering. Treasury and FinCEN are acutely aware and are highly 
appreciative of the desire of financial institutions not to knowingly 
facilitate terrorism or money laundering, and recognize that this 
desire may at times be in tension with the need not to alert persons 
that have been identified in a request from FinCEN. If, for example, a 
financial institution believes that its failure to close an account in 
connection with an individual, entity, or organization named in a 
request from FinCEN could facilitate terrorism or money laundering, it 
may be appropriate for the financial institution to advise FinCEN, 
which will refer the matter to the concerned federal law enforcement 
agency. Ultimately, however, the decision whether to close an account 
or decline a transaction is solely that of the concerned financial 
institution.
    Section 314(a) clearly contemplates that information provided by 
the federal government to financial institutions will be used only for 
the purposes of that section. Accordingly, the rule also requires 
financial institutions to maintain adequate procedures to protect the 
security and confidentiality of information contained in requests from 
FinCEN. Maintaining the confidentiality of information sent from law 
enforcement is vital to the success of this information sharing 
provision and is important to maintaining the privacy interests of the 
customers of financial institutions.
    Section 103.100(e) requires a financial institution, upon a request 
from FinCEN, to designate one person who will receive requests for 
information from FinCEN and to provide FinCEN with that person's 
mailing address, e-mail address, telephone number, and facsimile 
number. When requested, a financial institution may provide this 
information through FinCEN's website, http://www.treas.gov/fincen, and 
enter the information as directed, or by sending the information on 
company letterhead to: FinCEN, PO Box 39, Mail Stop 500, Vienna, VA 
22183. A financial institution is not required to provide this 
information to FinCEN until requested.
    Section 103.100(f) clarifies the relationship between a financial 
institution's obligations under the rule and the Right to Financial 
Privacy Act (RFPA). RFPA generally provides that ``no Government 
authority may have access to or obtain copies of, or the information 
contained in the financial records of any customer from a financial 
institution'' except with the customer's consent or through an 
administrative or judicial subpoena or a search warrant, or in response 
to a formal written request. 12 U.S.C. 3402. To obtain access to the 
records, there must be reason to believe that the records sought are 
relevant to a legitimate law enforcement inquiry. 12 U.S.C. 3407.
    There are several bases on which an information request and a 
responsive disclosure of information required by the rule are exempt 
from the requirements of RFPA. First, there is an express exception in 
RFPA for disclosure of financial records or information required to be 
reported in accordance with any Federal statute or rule promulgated 
thereunder. 12 U.S.C. 3413(d). As discussed above, section 314(a) of 
the Act requires Treasury to issue regulations to facilitate the 
exchange of information between financial institutions and the 
government regarding those engaged in or reasonably suspected of 
engaging in terrorist activity and money laundering, and the statute 
gives Treasury the authority to require a response from financial 
institutions. Accordingly, information required to be reported under 
the rule would fall under the statutory exception in RFPA for 
information required to be reported in accordance with a federal 
statute and its implementing regulations. In order to clarify that RFPA 
does not inhibit a financial institution from complying with a request 
from FinCEN under the rule, section 103.100(f) provides that 
information that a financial institution is required to report under 
the rule shall be considered to be information required to be reported 
in accordance with a federal statute or rule promulgated thereunder, 
for purposes of the statutory exception to the coverage of RFPA in 12 
U.S.C. 3413(d).
    Second, RFPA applies only to financial records of individuals and 
to partnerships of five or fewer individuals. Therefore, to the extent 
an information request under the rule relates to entities and 
organizations that are not partnerships of five or fewer individuals, 
RFPA does not apply.
    Third, RFPA provides that it does not preclude a financial 
institution from notifying the government of the name or other 
identifying information

[[Page 9882]]

concerning any individual, corporation, or account involved in a 
possible violation of any statute or regulation and the nature of any 
suspected illegal act. 12 U.S.C. 3403(c). As discussed above, the rule 
requires only the disclosure of the identity of the concerned 
individual or entity, and an identification of the account or the type 
of transaction involved (such as a wire transfer), for which a 
financial institution has a match with FinCEN's request. In addition, 
because the disclosure would relate to individuals and entities engaged 
in or suspected of engaging in terrorist activity or money laundering, 
the disclosure would relate to a possible violation of statue or 
regulation.
    Fourth, section 358 of the Act amended RFPA to expressly provide 
that its disclosure restrictions do not apply to requests from ``a 
Government authority authorized to conduct investigations of, or 
intelligence or counterintelligence analyses related to international 
terrorism.'' 12 U.S.C. 3414(a)(1)(C). Therefore, to the extent that a 
request for information made under the rule is made on behalf of such 
an agency, RFPA's disclosure restrictions do not apply. As discussed 
above, only federal law enforcement agencies investigating terrorist 
activities or money laundering are authorized to submit a request to 
financial institutions through FinCEN. For those inquiries relating to 
terrorism, the new exception plainly applies. In addition, FinCEN 
itself is an agency authorized to conduct intelligence and 
counterintelligence analyses related to international terrorism.
    As discussed above, section 314 of the Act and the rule authorize 
new mechanisms to encourage information sharing among the federal 
government and financial institutions, in addition to those authorized 
by other laws. Section 103.100(g) clarifies that nothing in the rule 
affects the authority of a federal agency or officer to obtain 
information directly from a financial institution.
    Section 103.100(h) is intended to preserve the confidentiality of 
law enforcement investigations by prohibiting a financial institution 
from using information provided by FinCEN for any purpose other than 
responding to the information request or deciding whether to establish 
or maintain an account or to engage in a transaction. It also prohibits 
the disclosure of the fact that FinCEN has requested or obtained 
information under the rule, except to the extent necessary to comply 
with the request. Although nothing in this provision would preclude a 
financial institution from contracting with a third party to search its 
records on its behalf, Treasury and FinCEN expect that such a contract 
would include confidentiality and nondisclosure requirements consistent 
with this provision. In addition, this provision does not preclude a 
financial institution (as defined in section 103.110(a)(2)) from 
sharing information received from FinCEN with other such financial 
institutions in a manner consistent with applicable laws and 
regulations.
Section 103.110--Voluntary Information Sharing Among Financial 
Institutions
    As with section 314(a), the Act does not define the term 
``financial institution'' for purposes of the information sharing 
provisions of 314(b). Unlike section 314(a), which involves responding 
to requests for information from federal law enforcement agencies, 
section 314(b) involves the sharing of information among financial 
institutions and presents different issues concerning information 
privacy.\5\ For these reasons, Treasury and FinCEN believe that it is 
appropriate to define the term ``financial institution'' for purposes 
of section 314(b) in a manner that is most likely to further the 
identification of terrorist and money laundering activities while 
minimizing the likelihood that information sharing will inappropriately 
intrude on the privacy interests of the customers of those 
institutions. Accordingly, section 103.110(a)(2) defines ``financial 
institution'' for purposes of section 314(b) to mean (1) a financial 
institution that is subject to SAR reporting that is not a money 
services business, which includes banks, savings associations, and 
credit unions; (2) a broker or dealer registered with the Securities 
and Exchange Commission under the Securities Exchange Act of 1934 (15 
U.S.C. 78a et seq.); (3) an issuer of traveler's checks or money 
orders; (4) a registered money transmitter, or (5) an operator of a 
credit card system that is not a money services business. Treasury and 
FinCEN specifically request comment concerning whether these entities 
should be included within the definition for purposes of section 314(b) 
of the Act and regulation section 103.110, and whether the definition 
should be expanded to include other categories of BSA financial 
institutions.
---------------------------------------------------------------------------

    \5\ See Act sections 314(b) and (c), which provide protections 
from federal and State prohibitions on the disclosure of information 
to financial institutions that engage in information sharing 
consistent with the requirements of section 314(b) and its 
implementing regulations.
---------------------------------------------------------------------------

    Section 103.110(a)(3) defines the term ``association of financial 
institutions'' to mean a group or organization comprised of financial 
institutions defined in section 103.110(a)(2). Because associations of 
such financial institutions can enhance the sharing of information 
among their members, the rule permits such associations to participate 
in the information sharing process.
    Section 103.110(b) provides that upon providing the appropriate 
certification to Treasury, as described below, a financial institution 
may share information with other financial institutions regarding 
individuals, entities, organizations, and countries for purposes of 
detecting, identifying, or reporting activities that the financial 
institution or association suspects may involve money laundering or 
terrorist activity.
    Prior to engaging in information sharing, a financial institution 
or association of financial institutions must submit to FinCEN a 
certification described in new Appendix B to 31 CFR part 103, that 
confirms: the name of the financial institution or association of 
financial institutions; that the financial institution is a financial 
institution as defined in section 103.110(a), or in the case of an 
association, that the association's members that intend to engage in 
information sharing are financial institutions as defined in section 
103.110(a); that the institution or association will maintain adequate 
procedures to protect the security and confidentiality of such 
information; that the institution or association will not use any 
shared information for any purpose other than as authorized in section 
103.110; and the identity of a contact person at the financial 
institution or association for matters pertaining to information 
sharing.
    To streamline the certification process, FinCEN has established a 
special page on its existing Internet website, http://www.treas.gov/
fincen, where financial institutions can enter the appropriate 
information. If a financial institution or association does not have 
access to the Internet, the certification may be mailed to FinCEN at 
the address specified in the rule.
    By requiring notice to Treasury before information is shared among 
financial institutions, Congress has injected Treasury into what would 
otherwise be a purely private communication. The statute did not 
indicate clearly whether prior notice to Treasury was required before 
each individual communication or whether a general notice would be 
sufficient. After considering both the need for flexibility for 
financial institutions as well as the need to ensure that the right to 
share

[[Page 9883]]

information under this section is not being used improperly, Treasury 
and FinCEN determined that the certification should be effective for a 
one-year period beginning on the date of the certification. A re-
certification, provided to FinCEN in the same manner, is required if a 
financial institution or association intends to continue to share 
information. An annual certification will help Treasury determine which 
financial institutions are sharing information, and it will reinforce 
the need for financial institutions to protect information shared under 
this section. Treasury and FinCEN balanced the minimal burden 
associated with completing the brief electronic or paper certification 
against its role in protecting the privacy interests of customers of 
financial institutions.
    Section 103.110(c) requires each financial institution or 
association of financial institutions that engages in the sharing of 
information to maintain adequate procedures to protect the security and 
confidentiality of such information. This section also provides that 
information received by a financial institution or association of 
financial institutions pursuant to this section shall only be used for 
identifying and reporting on activities that may involve terrorist or 
money laundering activities, or determining whether to close or 
maintain an account, or to engage in a transaction. A financial 
institution that fails to comply with these restrictions on the use of 
shared information may have its certification revoked or suspended. See 
103.110(g).
    Section 103.110(d) provides that a financial institution or 
association of financial institutions that engages in the sharing of 
information and that complies with sections 103.110(b) and (c) shall 
not be liable to any person under any law or regulation of the United 
States, under any constitution, law, or regulation of any State or 
political subdivision thereof, or under any contract or other legally 
enforceable agreement (including any arbitration agreement), for such 
sharing, or for any failure to provide notice of such sharing, to an 
individual, entity, or organization that is the subject of such 
sharing.
    Section 103.110(e) provides a means for financial institutions to 
voluntarily report information to law enforcement concerning suspicious 
transactions that may relate to money laundering or terrorist activity 
that may come to the financial institution's attention as a result of 
discussions with other financial institutions, or otherwise. In order 
to accord the highest priority to suspected terrorist activity, a 
financial institution should report such information to FinCEN by 
calling the Financial Institutions Hotline (1-866-556-3974). The 
purpose of the Financial Institutions Hotline is to facilitate the 
immediate transmittal of this information to law enforcement. Financial 
institutions identifying other suspicious transactions should report 
such transactions by promptly filing a SAR in accordance with 
applicable regulations, even if they provide information over the 
Financial Institutions Hotline. The Financial Institutions Hotline is 
intended to provide to law enforcement and other authorized recipients 
of SAR information the essence of the suspicious activity in an 
expedited fashion. Use of the Financial Institutions Hotline is 
voluntary and does not affect an institution's responsibility to file a 
SAR in accordance with applicable regulations.
    Section 103.110(f) clarifies that voluntary reporting under section 
103.110 does not relieve a financial institution from any obligation it 
may have to file a Suspicious Activity Report pursuant to a regulatory 
requirement, or to otherwise directly contact a federal agency 
concerning individuals, entities, or organizations suspected of 
engaging in money laundering or terrorist activities.
    Section 103.110(g) provides that a federal regulator of a financial 
institution, or FinCEN in the case of a financial institution that does 
not have a federal regulator, may revoke or suspend a certification 
provided by a financial institution under this section if the regulator 
or FinCEN determines that the financial institution has failed to 
comply with the requirements of paragraph (c). Treasury and FinCEN 
believe this provision is necessary to preclude further participation 
in information sharing under the authority of section 103.110 by a 
financial information that fails to accord confidentiality to shared 
information, or uses that information for purposes other than as 
permitted by section 103.110(c). A financial institution with respect 
to which a certification has been revoked or suspended may not engage 
in information sharing under this section during the period of such 
revocation or suspension.

IV. Submission of Comments

    An original and four copies of any comments (other than one sent 
electronically) must be submitted. All comments will be available for 
public inspection and copying, and no material in any comment, 
including the name of any person submitting the comment, will be 
recognized as confidential. Accordingly, material not intended to be 
disclosed to the public should not be submitted.

V. Regulatory Flexibility Act

    It is hereby certified that this proposed rule is not likely to 
have a significant economic impact on a substantial number of small 
entities. With respect to section 103.100, most financial institutions 
subject to SAR reporting are larger businesses. Moreover, the burden 
imposed by the requirement that financial institutions search their 
records for accounts for, or transactions with, individuals, entities, 
or organizations engaged in, or reasonably suspected based on credible 
evidence of engaging in, terrorist activity, is not expected to be 
significant. Section 103.110 is entirely voluntary on the part of 
financial institutions and no financial institution is required to 
share information with other financial institutions. Accordingly, the 
analysis requirements of the provisions of the Regulatory Flexibility 
Act (5 U.S.C. 601 et seq.) do not apply.

VI. Paperwork Reduction Act

    The requirement in section 103.100(d)(2), concerning reports by 
financial institutions in response to a request from FinCEN on behalf 
of a federal law enforcement agency, is not a collection of information 
for purposes of the Paperwork Reduction Act. See 5 CFR 1320.4.
    The requirement in section 103.110(b)(2), concerning notification 
to FinCEN that a financial institution that intends to engage in 
information sharing, and the accompanying certification in Appendix B 
to 31 CFR part 103, do not constitute a collection of information for 
purposes of the Paperwork Reduction Act. See 5 CFR 1320.3(h)(1).
    The collection of information contained in section 103.110(e), 
concerning voluntary reports to the federal government as a result of 
information sharing among financial institutions, will necessarily 
involve the reporting of a subset of information currently contained in 
a Suspicious Activity Report (SAR). SAR reporting has been previously 
reviewed and approved by the Office of Management and Budget (OMB) 
pursuant to the Paperwork Reduction Act and assigned OMB Control No. 
1506-0001. An agency may not conduct or sponsor, and a person is not 
required to respond to, a collection of information unless it displays 
a currently valid OMB control number.

[[Page 9884]]

VII. Executive Order 12866

    This proposed rule is not a ``significant regulatory action'' for 
purposes of Executive Order 12866. Accordingly, a regulatory assessment 
is not required.

List of Subjects in 31 CFR Part 103

    Authority delegations (Government agencies), Banks and banking, 
Currency, Investigations, Law enforcement, Reporting and recordkeeping 
requirements.

    Dated: February 26, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.

Proposed Amendments to the Regulations

    For the reasons set forth above, FinCEN proposes to amend 31 CFR 
part 103 as follows:

PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
FOREIGN TRANSACTIONS

    1. The authority citation for part 103 is revised to read as 
follows:

    Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331; 
title III, sec. 314, Pub. L. 107-56, 115 Stat. 307.

    2. Add new subpart H to part 103 to read as follows:
Subpart H--Special Information Sharing Procedures To Deter Money 
Laundering and Terrorist Activity
Sec.
103.90   Definitions.
103.100   Information sharing with federal law enforcement agencies.
103.110   Voluntary information sharing among financial 
institutions.

Subpart H--Special Information Sharing Procedures To Deter Money 
Laundering and Terrorist Activity


Sec. 103.90  Definitions.

    For purposes of this subpart, the following definitions apply:
    (a) Money laundering means an activity described in 18 U.S.C. 1956 
or 1957.
    (b) Terrorist activity means an act of domestic terrorism or 
international terrorism as those terms are defined in 18 U.S.C. 2331.


Sec. 103.100  Information sharing with federal law enforcement 
agencies.

    (a) Definitions. For purposes of this section:
    (1) The definitions in Sec. 103.90 apply; and
    (2) The term financial institution means any financial institution 
described in 31 U.S.C. 5312(a)(2).
    (b) Requests for information relating to money laundering or 
terrorist activities. On behalf of a federal law enforcement agency 
investigating money laundering or terrorist activity, FinCEN may 
require any financial institution to search its records to determine 
whether the financial institution maintains or has maintained accounts 
for, or has engaged in transactions with, any specified individual, 
entity, or organization.
    (c) Certification requirement. Prior to FinCEN requesting 
information pursuant to paragraph (b) of this section, the federal law 
enforcement agency shall provide FinCEN with a written certification, 
in such form and manner as FinCEN may prescribe, that each individual, 
entity, or organization about which the agency is seeking information 
is engaged in, or reasonably suspected based on credible evidence of 
engaging in, money laundering or terrorist activity.
    (d) Reporting by financial institutions.--(1) Record search 
required. Upon receiving a request from FinCEN, a financial institution 
shall search its records to determine whether it maintains or has 
maintained any account for, or has engaged in any transaction with, 
each individual, entity, or organization named in FinCEN's request. The 
search shall cover the time period specified in FinCEN's request.
    (2) Report to FinCEN required.--(i) In general. If a financial 
institution identifies an account or transaction identified with any 
individual, entity, or organization named in a request from FinCEN, it 
shall report the information specified in paragraph (d)(2)(ii) of this 
section to FinCEN as soon as possible via e-mail to 
patriot@fincen.treas.gov or, if the financial institution does not have 
access to e-mail, by calling the toll-free the Financial Institutions 
Hotline (1-866-556-3974), or by such other means as FinCEN may specify 
in the request.
    (ii) Information required to be reported. A financial institution 
shall report the following information to FinCEN:
    (A) Account. If the financial institution identifies one or more 
accounts identified with any individual, entity, or organization named 
in a request from FinCEN, it shall report to FinCEN:
    (1) The identity of such individual, entity, or organization;
    (2) The number of each such account; and
    (3) All identifying information provided by the account holder in 
connection with the establishment of each such account (such as Social 
Security number, taxpayer identification number, passport number, date 
of birth, and address).
    (B) Transaction. If the financial institution identifies one or 
more transactions (not involving an account) identified with any 
individual, entity, or organization named in a request from FinCEN, it 
shall report to FinCEN:
    (1) The identity of such individual, entity, or organization;
    (2) The date and type of each such transaction; and
    (3) All identifying information provided by such individual, 
entity, or organization in connection with each such transaction (such 
as Social Security number, taxpayer identification number, passport 
number, date of birth, and address).
    (3) No other action required. Nothing in this section shall be 
construed to require a financial institution to take any action, or to 
decline to take any action, with respect to an account established for, 
or a transaction engaged in with, an individual, entity, or 
organization named in a request from FinCEN, or to decline to establish 
an account for, or to engage in a transaction with, any such 
individual, entity, or organization.
    (e) Designation of contact person. FinCEN may request a financial 
institution to identify one person to receive requests for information 
from FinCEN pursuant to paragraph (b) of this section. When requested 
by FinCEN, a financial institution shall provide to FinCEN the name, 
title, mailing address, e-mail address, telephone number, and facsimile 
number of such person, and such other information as FinCEN may 
request, in such manner as FinCEN shall specify.
    (f) Relation to the Right to Financial Privacy Act. The information 
that a financial institution is required to report pursuant to 
paragraph (d) of this section shall be considered to be information 
required to be reported in accordance with a federal statute or rule 
promulgated thereunder, for purposes of section 3413(d) of the Right to 
Financial Privacy Act (12 U.S.C. 3413(d)).
    (g) No effect on law enforcement or regulatory investigations. 
Nothing in this subpart affects the authority of a federal agency or 
officer to obtain information directly from a financial institution.
    (h) Use, disclosure, and security of information request. (1) A 
financial institution shall not use information provided by FinCEN 
pursuant to this section for any purpose other than:
    (i) Reporting to FinCEN as provided in this section; or

[[Page 9885]]

    (ii) Determining whether to establish or maintain an account, or to 
engage in a transaction.
    (2)(i) A financial institution shall not disclose to any person, 
other than FinCEN or the federal law enforcement agency on whose behalf 
FinCEN is requesting information, the fact that FinCEN has requested or 
obtained information under this subpart H, except to the extent 
necessary to comply with such an information request.
    (ii) Notwithstanding paragraph (h)(2)(i) of this section, a 
financial institution authorized to share information under 
Sec. 103.110 may share information concerning an individual, entity, or 
organization named in a request from FinCEN in accordance with the 
requirements of such section.
    (3) Each financial institution shall maintain adequate procedures 
to protect the security and confidentiality of requests from FinCEN for 
information under this section.


Sec. 103.110  Voluntary information sharing among financial 
institutions.

    (a) Definitions. For purposes of this section:
    (1) The definitions in Sec. 103.90 apply;
    (2) The term financial institution means any financial institution 
described in 31 U.S.C. 5312(a)(2) that:
    (i) Is subject to a suspicious activity reporting requirement of 
subpart B of this part and is not a money services business, as defined 
in Sec. 103.11(uu);
    (ii) Is a broker or dealer in securities, as defined in 
Sec. 103.11(f);
    (iii) Is an issuer of traveler's checks or money orders, as defined 
in Sec. 103.11(uu)(3);
    (iv) Is a money transmitter, as defined in Sec. 103.11(uu)(5), and 
is required to register as such pursuant to Sec. 103.41; or
    (v) Is an operator of a credit card system and is not a money 
services business, as defined in Sec. 103.11(uu); and
    (3) The term association of financial institutions means a group or 
organization the membership of which is comprised entirely of financial 
institutions as defined in paragraph (a)(2) of this section.
    (b) Information sharing among financial institutions.--(1) In 
general. Subject to paragraphs (b)(2) and (g) of this section, a 
financial institution or an association of financial institutions may 
engage in the sharing of information with any other financial 
institution (as defined in paragraph (a)(2) of this section) or 
association of financial institutions (as defined in paragraph (a)(3) 
of this section) regarding individuals, entities, organizations, and 
countries for purposes of detecting, identifying, or reporting 
activities that the financial institution or association suspects may 
involve possible money laundering or terrorist activities.
    (2) Notice requirement.--(i) Certification. A financial institution 
or association of financial institutions that intends to engage in the 
sharing of information as described in paragraph (b)(1) of this section 
shall submit to FinCEN a certification described in Appendix B of this 
part.
    (ii) Address. Completed certifications may be submitted to FinCEN:
    (A) By accessing FinCEN's Internet website, http://www.treas.gov/
fincen, and entering the appropriate information as directed; or
    (B) If a financial institution does not have Internet access, by 
mail to: FinCEN, PO Box 39, Mail Stop 100, Vienna, VA 22183.
    (iii) One year duration of certification. Each certification 
provided pursuant to paragraph (b)(2)(i) of this section shall be 
effective for the one year period beginning on the date of the 
certification. In order to continue to engage in the sharing of 
information after the end of the one year period, a financial 
institution or association of financial institutions must submit a new 
certification.
    (c) Security and confidentiality of information.--(1) Procedures 
required. Each financial institution or association of financial 
institutions that engages in the sharing of information pursuant to 
this section shall maintain adequate procedures to protect the security 
and confidentiality of such information.
    (2) Use of information. Information received by a financial 
institution or association of financial institutions pursuant to this 
section shall not be used for any purpose other than:
    (i) Detecting, identifying and reporting on activities that may 
involve terrorist or money laundering activities; or
    (ii) Determining whether to establish or maintain an account, or to 
engage in a transaction.
    (d) Safe harbor from certain liability.--(1) In general. A 
financial institution or association of financial institutions that 
engages in the sharing of information pursuant to this section shall 
not be liable to any person under any law or regulation of the United 
States, under any constitution, law, or regulation of any State or 
political subdivision thereof, or under any contract or other legally 
enforceable agreement (including any arbitration agreement), for such 
sharing, or for any failure to provide notice of such sharing, to an 
individual, entity, or organization that is identified in such sharing.
    (2) Limitation. Paragraph (d)(1) of this section shall not apply to 
a financial institution or association of financial institutions to the 
extent such institution or association fails to comply with paragraph 
(b) or (c) of this section.
    (e) Information sharing between financial institutions and the 
federal government.--(1) Terrorist activity. If, as a result of 
information sharing pursuant to this section, a financial institution 
suspects that an individual, entity, or organization is involved in, or 
may be involved in terrorist activity, such information should be 
reported to FinCEN:
    (i) By calling the toll-free Financial Institutions Hotline (1-866-
556-3974); and
    (ii) If appropriate, by filing a Suspicious Activity Report 
pursuant to subpart B of this part or other applicable regulations.
    (2) Money laundering. If as a result of information sharing 
pursuant to of this section, a financial institution suspects that an 
individual, entity, or organization is involved in, or may be involved 
in money laundering, such information should generally be reported by 
filing a Suspicious Activity Report in accordance with subpart B of 
this part or other applicable regulations. If circumstances indicate a 
need for the expedited reporting of this information, a financial 
institution may use the Financial Institutions Hotline (1-866-556-
3974).
    (f) No limitation on financial institution reporting obligations. 
Nothing in this subpart affects the obligation of a financial 
institution to file a Suspicious Activity Report pursuant to subpart B 
of this part or any other applicable regulations, or to otherwise 
directly contact a federal agency concerning individuals or entities 
suspected of engaging in money laundering or terrorist activities.
    (g) Revocation or suspension of certification.--(1) Authority of 
federal regulator or FinCEN. Notwithstanding any other provision of 
this section, a federal regulator of a financial institution, or FinCEN 
in the case of a financial institution that does not have a federal 
regulator, may revoke or suspend a certification provided by a 
financial institution pursuant to paragraph (b)(2) of this section if 
the concerned federal regulator or FinCEN, as appropriate, determines 
that the financial institution has failed to comply with the 
requirements of paragraph (c) of this section. Nothing in this 
paragraph (g)(1) shall be construed to affect the authority of any 
federal regulator with respect to any financial institution.

[[Page 9886]]

    (2) Effect of revocation or suspension. A financial institution 
with respect to which a certification has been revoked or suspended may 
not engage in information sharing under the authority of this section 
during the period of such revocation or suspension.
    3. The Appendix to part 103 is redesignated as Appendix A to part 
103 and the heading is revised to read as follows:

Appendix A to Part 103--Administrative Rulings

* * * * *
    4. Appendix B is added to part 103 to read as follows:

Appendix B to Part 103--Certification for Purposes of Section 314(b) of 
the USA PATRIOT Act and 31 CFR 103.110

BILLING CODE 4810-02-P

[[Page 9887]]

[GRAPHIC] [TIFF OMITTED] TP04MR02.027

[FR Doc. 02-5007 Filed 3-1-02; 8:45 am]
BILLING CODE 4810-02-C

Last Updated 03/06/2008 communications@fdic.gov