|
FDIC Federal Register Citations
This information is offered
in response to a February 3, 2005 request for comments on reducing the
regulatory burden imposed on banks. My related experience is in Bank
Secrecy Act (BSA) and Anti-Money Laundering compliance, so my remarks are
limited to those areas. I am employed as an independent trainer within the
banking industry and have the opportunity to talk to and, more
importantly, listen to a few thousand bankers every year. The opinions
expressed are entirely my own and I am not compensated for offering them.
In most cases, they reflect the perspective of community financial
institutions that are unlikely to respond to requests such as this one.
Clearly, BSA requirements have increased exponentially in the decades
since the initial laws passage. A number of laws, most recently the USA
PATRIOT Act, have added new branches to BSA, some without adequate
consideration of how they fit into the overall regulatory framework. Also,
in the absence of a sunset provision, some elements have taken on a life
of their own without regard to their intended purpose or whether
subsequent changes have eliminated the need for their protections.
However, the most problematic issues today do not emanate from the laws
requirements, but its enforcement. Banks are charged with complying with
BSA, but they are subjected to varying and oftentimes unpredictable
interpretations of those requirements. The agencies recently responded to
an entreaty for continuity in enforcement from the ABA and state bankers
associations with letter saying there was no zero tolerance policy
toward BSA compliance. The following week, I have knowledge of an exit
interview where the EIC told a banks staff that the FDICs policy on BSA
was zero tolerance. A review of the comment letters already filed in
response to this request will find several writers who heard the same
phrase from their regulatory personnel.
Either the agencies are misleading the industry as to their philosophy
(which I doubt) or they have simply lost control over their field
examiners. I have been in this industry 30 years and I have never seen the
regulator bank credibility gap so broad. (By the way, I have yet to hear
a banker ask for tolerance, only instructions that can be followed.)
The suggestions for improvement I would offer are:
*Calls to the IRS Detroit Computing Center Hotline, 1-800-800-2877 should
be answered or at least callers should receive the courtesy of having
messages returned. I have had dozens of anecdotes offered by seminar
attendees where they never received a response to the message they left. I
have had the same experience. (Ive had no reports of similar experiences
with banks using the FinCEN 800 number. They have also answered or
returned my calls promptly.) However, sometimes what a bank needs is
simple information regarding form completion or assistance with a
backfiling problem on CTRs; that is the Computing Centers responsibility,
not FinCENs.
*The IRS Detroit Computing Center should provide banks, for a fee if
necessary, with lists of CTRs, DEPs, and SARs they have filed upon
request. Apparently, banks can order copies of individual forms, but not
lists of forms received between given dates. Such reports are readily made
available to regulatory personnel when they are establishing the scope of
their on-site examinations. They would be invaluable to banks in the
conduct of independent examinations and their preparation for regulatory
examinations. Helping the banks monitor their compliance would reduce the
need for oversight from regulatory personnel.
*FinCEN should conduct all BSA compliance training for federal and state
bank examiners. While the impending reinstatement of interagency
examination procedures for BSA is a long overdue step in the right
direction, there is no basis for assuming that just because all the
students had they same text they all received the same instruction.
Training should be homogenized so an examination of a national bank is
comparable to that conducted for a credit union with adjustments made only
on the factors unique to that individual institution. The recent
involvement of state departments of banking in BSA examinations is having
the effect of further balkanizing BSA compliance into regulatory fiefdoms
one state examiner, when offered a FinCEN ruling as a counter to her
comments said she did not care how FinCEN interpreted the law, her
organization was the banks primary regulatory agency and it was her
interpretation of the law that mattered to that bank.
*Amend the current definition of established customer to indicate it is
a customer from whom the bank has already obtained the information
required by 31 CFR 103.121(b)(2)(i). Amend existing 31 CFR 103.29 to
replace references to deposit account holder and person who has a
deposit account with established customer. The net effect of this
change is to homogenize references made in different parts of the
regulation that were written at different times with different purposes.
The end result would be the existence of customer as defined in the CIP
regulations and an established customer as one whose basic information
has been obtained. Once a customer has been subjected to the CIP, there
should not be any other hurdles to jump just because he wants to send or
receive a wire transfer or purchase an official check for cash.
*Revise the record retention requirements for selling monetary instruments
for between $3,000 and $10,000 in currency so only banks who engage in
such transactions with people who not established customers (as defined
are above) must continue to keep the records. Those banks would also be
required to address those sales in their written AML program. Thus, banks
that do not engage in covered transactions with anyone other than
established customers will have no specific record retention requirements.
The records themselves were never the goal of record retention
requirements the sole purpose of the requirement was to eliminate the
practice of smurfing. It did. Yet, this requirement has taken on a life
of its own. Even though a November, 2002 FinCEN letter clearly said the
practice refusing to sell official checks for cash was acceptable,
the purpose behind its publication was so obtuse that it confused many
banks regarding their ability to make policies that would eliminate
specialized record retention programs. Moreover, current FDIC examination
procedures inquire as to whether the bank has a procedure for monitoring
whether multiple sales below the record retention threshold take place.
The records currently being kept simply have no tangible value, yet the
agencies act as if the records themselves were required for some ancillary
use.
*Revise the record retention requirements in general to remove antiquated
references; e.g. ledger card and acknowledge the fact that most of
todays records will be maintained electronically.
*Subject the 314(a) query system to cost justification. I have read the
statistics that demonstrate that the program is a success, but note the
stark absence of even an estimate as to how much it costs for thousands of
banks to conduct those searches every two weeks. From my perspective, the
statistics cited are not impressive; if the amount spent by banks to
conduct those searches was coming out of the FBIs budget, the program
would be scrapped tomorrow.
*Although it is perhaps beyond the scope of this review and, like the
suggestion above, is unlikely to be considered seriously, I suggest that
there should be a safe harbor for banks in OFAC compliance. The
following OFAC response to a question about whether banks should check
cashiers checks against the list is typical: Every transaction that a
U.S. financial
institution engages in is subject to OFAC regulations. If a bank knows or
has reason to know that a target is party to a transaction, the bank's
processing of the transaction would be unlawful.
With all due respect, thats not an answer, its a mantra. Its something
short of obvious that a bank is engaging in a transaction with the payee
when it issues an official check made payable in accordance with the
customers instructions. Nevertheless, regulatory personnel communicate
this guidance as a requirement, without regard to the fact the bank is
entitled to make a risk based decision. So, many banks are now checking
payees on official check sales sold to established customers and the
sellers of real estate when the bank is financing a loan to the borrower.
I would be curious to know if any transaction has ever been blocked as a
result of thousands of repetitions this tedious exercise. If the purpose
of the OFAC list was actually to catch people, then the list would not
be publicly available. Again, at some point in years past the OFAC
exercise would have failed any attempt at cost justification.
*Issue the commentary to the BSA regulations mandated by Congress several
years ago. (I am well aware that it has recently been re-promised, but
no such commitment should be necessary in response to a Congressional
mandate.)
*The regulatory agencies should relay the message to those they supervise,
in writing, that banks are not to file SARs defensively. Last October,
FinCENs Chairman indicated that defensive filing of SARs had the effect
of diluting the value of the SAR data base and that banks should file SARs
only when they believe it to be necessary. Only the OCC has since
acknowledged that SAR filing is a subjective process and that banks are
entitled to some discretion in their decisions. I have anecdotal evidence
that indicates examiners from at least one agency actually believe they
can order a bank to file a SAR when a bank has made a documented decision
not to do so. At present, only a great fool would not follow the
advice, When in doubt, file.
*If FinCEN determines to follow the recent OIG recommendation that it
require banks to use BSA Direct E-Filing, it should be evaluated in the
context of the dollar filing threshold ($10,000) and exemptions from
currency transaction reporting. Such a change will have a ripple effect on
banks interest in using exemptions. It would also have implications for
whether it would be appropriate to increase the $10,000 dollar threshold
for CTR filing. The IRS information returns program might provide a
valuable model for renovating and automating the CTR filing process. For
example, banks might file CTRs that include much less information
electronically on a calendar month basis rather than within a set number
of days from the date the transaction took place. (Even if this occasions
some delay in sending the information, according to the OIG report, the
information would still be the data base much more quickly than it is
under the current system and it would eliminate a number of manual
processes.)
It is axiomatic to say that banks can be powerful allies with law
enforcement in fighting money laundering and terrorist financing. From my
perspective, they are willing allies, but they are being treated like
draftees assigned to drill sergeants with differing agendas. The banks'
resources and their goodwill are being squandered by agencies that do not
communicate with each other, let alone those they supervise. Those
agencies appear to balk at any suggestion that FinCEN might have the
greater insight and expertise.
Changes in law and regulation are not enough.
Ken Golliher
Louisville, KY
|