[Federal Register: March 4, 2002 (Volume 67, Number 42)]
[Proposed Rules]
[Page 9879-9887]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr04mr02-27]
[[Page 9879]]
-----------------------------------------------------------------------
DEPARTMENT OF THE TREASURY
31 CFR Part 103
RIN 1506-AA26, 1506-AA27
Financial Crimes Enforcement Network; Special Information Sharing
Procedures To Deter Money Laundering and Terrorist Activity
AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: FinCEN, a bureau of the Treasury Department, is proposing
regulations to implement provisions of the Uniting and Strengthening
America by Providing Appropriate Tools Required to Intercept and
Obstruct Terrorism (USA PATRIOT) Act of 2001 that encourage information
sharing among financial institutions and federal government law
enforcement agencies to identify, prevent, and deter money laundering
and terrorist activity.
DATES: Written comments on all aspects of the proposed rule must be
received on or before April 3, 2002.
ADDRESSES: Written comments should be submitted to: Special Information
Sharing--Section 314 Comments, PO Box 1618, Vienna, VA 22183-1618.
Comments may also be submitted by electronic mail to the following
Internet address: regcomments@fincen.treas.gov with the caption in the
body of the text, ``Attention: Proposed Rule--Special Information
Sharing--Section 314.'' For additional instructions on the submission
of comments, see SUPPLEMENTARY INFORMATION under the heading
``Submission of Comments.'' Comments may be inspected at FinCEN between
10 a.m. and 4 p.m., in the FinCEN Reading Room in Washington, DC.
Persons wishing to inspect the comments submitted must request an
appointment by telephoning (202) 354-6400 (not a toll-free call).
FOR FURTHER INFORMATION CONTACT: Judith R. Starr, Chief Counsel
(FinCEN), (703) 905-3590; William Langford, Senior Counsel for
Financial Crimes, Office of the Assistant General Counsel
(Enforcement), (202) 622-1932; or Gary W. Sutton, Senior Banking
Counsel, Office of the Assistant General Counsel (Banking & Finance),
(202) 622-1976 (not toll-free numbers). Financial institutions with
questions about their coverage or compliance obligations under this
rule should contact their appropriate federal regulator.
SUPPLEMENTARY INFORMATION:
I. Background
On October 26, 2001, the President signed into law the USA PATRIOT
Act of 2001 (Public Law 107-56) (the Act). Of the Act's many goals, the
facilitation of information sharing among governmental entities and
financial institutions for the purpose of combating terrorism and money
laundering is of paramount importance. Section 314 of the Act furthers
this goal by providing for the sharing of information between the
government and financial institutions, and among financial institutions
themselves. As with many other provisions of the Act, Congress has
charged Treasury with developing regulations to implement these
information-sharing provisions.
Section 314(a) of the Act requires regulations encouraging
cooperation between financial institutions and the federal government
through the exchange of information regarding individuals, entities,
and organizations engaged in or reasonably suspected of engaging in
terrorist acts or money laundering activities. Section 314(b), on the
other hand, permits financial institutions, upon providing notice to
Treasury, to share information with one another in order to better
identify and report to the federal government concerning activities
that may involve money laundering or terrorist activities.
First, utilizing the existing and future communication resources of
the Financial Crimes Enforcement Network (FinCEN), this proposed rule
seeks to create a communication network linking federal law enforcement
with the financial industry so that vital information relating to
suspected terrorists and money launderers can be exchanged quickly and
without compromising pending investigations. FinCEN, a bureau of
Treasury, already maintains a government-wide data access service to
assist federal, state, and local law enforcement agencies in the
detection, prevention, and prosecution of terrorism, organized crime,
money laundering, and other financial crimes. Under the proposed rule,
federal law enforcement will have the ability to locate accounts of,
and transactions conducted by, suspected terrorists or money launderers
by providing their names and identifying information to FinCEN, which
will then communicate that information to financial institutions so
that a check of accounts and transactions can be made. If matches are
found, law enforcement can then follow up with the financial
institution directly. The rule is intended to formalize and streamline
the information sharing and reporting process that the federal
government undertook following the attacks of September 11, 2001, by
permitting FinCEN to serve as a conduit for information sharing between
federal law enforcement agencies and financial institutions.
FinCEN is uniquely positioned to serve as the communication gateway
under section 314(a). Indeed, it already provides considerable
information relating to financial crimes to the financial community in
a variety of ways. It issues Suspicious Activity Report (SAR)
Bulletins, which digest information drawn from SARs to illustrate
indicia of suspicious activity, and SAR Activity Reviews, which present
trends, tips and issues in suspicious activity reporting. FinCEN issues
advisories to alert the financial community to specific activities and
areas that merit enhanced scrutiny, including countries with lax anti-
money laundering controls. In addition, FinCEN provides industry
guidance on its website. The financial services industry also makes
substantial use of FinCEN's regulatory helpline.
Second, Congress authorized the sharing of information among
financial institutions relating to suspected terrorists and money
launderers only after providing notice to Treasury, for the purpose of
identifying and reporting to the federal government such activities.
The notice provision outlined below--a yearly certification to FinCEN
that information will be shared and protected from inappropriate
disclosure--combined with the requirement that any money laundering or
terrorist activities uncovered be reported to FinCEN or other law
enforcement, will allow for the sharing of information while protecting
the privacy interests of customers of financial institutions. Given the
importance of this information sharing provision, Treasury is issuing
simultaneously an interim rule implementing section 314(b), which is
published elsewhere in this issue of the Federal Register. The
regulatory text of the interim rule and this proposed rule are
identical with respect to section 314(b).
Nothing in this proposed rule affects the existing authority of
federal agencies to obtain information directly from financial
institutions, as authorized by law or regulation, pursuant to their own
established and approved procedures. Moreover, nothing in the proposed
rule affects a financial institution's obligation to file a SAR, or its
duty to contact directly a federal agency concerning individuals or
entities suspected of engaging in terrorist acts or money laundering
activities.
[[Page 9880]]
II. Analysis of the Proposed Rule
A. General Definitions
Section 103.90--Definitions
As noted above, section 314 authorizes the sharing of information
between the federal government and financial institutions, and among
financial institutions, for the purpose of identifying possible money
laundering or terrorist activities. Although section 314 does not
define ``money laundering'' or ``terrorist activity,'' each of these
terms has well-established definitions. Accordingly, and consistent
with the broad intent underlying section 314, section 103.90(a) defines
``money laundering'' to mean any activity described in section 1956 or
1957 of title 18, United States Code. Similarly, section 103.90(b)
defines ``terrorist activity'' to mean an act of domestic terrorism or
international terrorism as defined in section 2331 of title 18, United
States Code.
B. Information Sharing with Federal Law Enforcement Agencies
Section 103.100--Information Sharing with Federal Law Enforcement
Agencies
Under section 314(a) of the Act, Treasury is required to establish
procedures to encourage information sharing between financial
institutions and federal government authorities concerning accounts and
transactions that may be linked to terrorist activity or involve money
laundering. Treasury also may require each financial institution to
designate persons to serve as contact points to facilitate this
information exchange.
Section 103.100 is intended to fulfill Treasury's statutory mandate
in section 314(a) in a way that will provide a streamlined method for
federal law enforcement agencies to uncover money laundering and
terrorist financing while minimizing burdens on financial institutions
and intrusions on individual privacy.
The Act does not define the term ``financial institution'' for
purposes of the information sharing provisions of 314(a). Under the
Bank Secrecy Act (BSA), which, like section 314(a), is concerned with
information reporting to detect and prevent financial crimes, the term
``financial institution'' is defined broadly.\1\ The purpose of section
314(a) is to facilitate the exchange of information between federal law
enforcement agencies and financial institutions concerning individuals,
entities, and organizations that are engaged in, or reasonably
suspected based on credible evidence of engaging in, terrorist acts or
money laundering activities. Consistent with this purpose, section
103.100(a) defines ``financial institution'' as any financial
institution described in 31 U.S.C. 5312(a)(2).
---------------------------------------------------------------------------
\1\ See 31 U.S.C. 5312(a)(2). See also section 314(d)(2) of the
Act (requiring the Secretary of the Treasury to distribute certain
semiannual reports to financial institutions and incorporating the
BSA definition of ``financial institution'') and 18 U.S.C.
2339B(g)(2) (criminal penalties for providing support or resources
to foreign terrorists and incorporating by reference the BSA
definition of ``financial institution'').
---------------------------------------------------------------------------
Section 103.100(b) through (d) establish a mechanism for federal
law enforcement agencies investigating money laundering and terrorist
activity to use FinCEN as a means of exchanging information with
financial institutions about suspected terrorists and persons engaged
in money laundering.
Section 103.100(b) provides that FinCEN, acting on behalf of a
federal law enforcement agency investigating money laundering or
terrorist activity, may request any financial institution to search its
records to determine whether the financial institution maintains or has
maintained accounts for, or has engaged in transactions with, specified
individuals, entities, or organizations. FinCEN and the federal law
enforcement agency seeking the information will determine the
appropriate time period for the records search, depending on the
circumstances of the underlying investigation, which will be
communicated to financial institutions by FinCEN with the request.
Treasury and FinCEN specifically solicit comments from financial
institutions concerning the length of time they maintain and/or archive
records concerning closed accounts and past transactions, and their
ability to access these records for purposes of this section.
Section 103.100(c) makes clear that the federal law enforcement
agency for which FinCEN makes the request is responsible for
determining that the request meets the statutory requirement that it
relate to individuals, entities, or organizations engaged in or
reasonably suspected based on credible evidence of engaging in
terrorist or money laundering activities. Section 103.100(c) requires
the requesting federal law enforcement agency to provide FinCEN with a
written certification, in such manner and form as FinCEN may prescribe,
that each individual, entity, or organization about which the agency is
seeking information is engaged in, or reasonably suspected based on
credible evidence of engaging in, money laundering or terrorist
activity. FinCEN believes this certification requirement establishes
sufficient accountability in the requesting federal law enforcement
agencies to ensure that such agencies use the authority of the rule in
the manner contemplated by the statute.
Under the proposed rule, FinCEN has the authority to request
information regarding suspected terrorists and money launderers from
any financial institution as defined in the BSA notwithstanding that
FinCEN has not yet extended BSA regulations to all such financial
institutions. While all financial institutions should be on notice that
FinCEN may contact them for information after this rules becomes
effective, as a practical matter not all financial institutions will
receive requests for information. First, because FinCEN does not
currently regulate all BSA financial institutions, it does not have
contact information effectively to reach large numbers of unregulated
financial institutions. The BSA authorizes FinCEN to require financial
institutions to file with FinCEN reports of suspicious financial
transactions, known as Suspicious Activity Reports (SARs). To date,
FinCEN has extended SAR reporting only to a subset of ``financial
institutions'' as defined in the BSA. In addition, regulations issued
by the federal regulator of certain financial institutions require SAR
reporting to FinCEN. Currently, banks, savings associations, credit
unions, certain money services businesses (MSBs),\2\ and certain
registered securities brokers and dealers \3\ are required to file
SARs. In addition, the Act requires Treasury to extend the SAR
reporting requirement to all registered securities brokers and dealers
by July 1, 2002.\4\ Accordingly, the initial implementation of section
103.100 generally will involve those financial institutions that are
subject to SAR reporting. However, other financial institutions may
also be requested to provide information to FinCEN on a case-by-case
basis. Implementation of section 103.100 will in the future be expanded
to include additional
[[Page 9881]]
categories of financial institutions as FinCEN develops an enhanced
communication network with the larger financial community. Moreover,
Treasury and FinCEN expect that many requests for information will be
targeted to specific subsets of financial institutions based on
information already known to law enforcement agencies. For example, if
a law enforcement agency knows that an individual suspected of
financing terrorism operates in a particular geographic area, or
utilizes particular types of financial institutions, FinCEN would
target its request for information accordingly.
---------------------------------------------------------------------------
\2\ All money services businesses (MSBs) are required to
register with the Treasury Department except persons that are MSBs
solely because they serve as agents of another MSB; issuers,
sellers, and redeemers of stored value; and the U.S. Postal Service.
Issuers, sellers, and redeemers of traveler's checks and money
orders and money transmitters are subject to the MSB SAR
requirement; check cashers and currency dealers and exchangers are
not subject to the MSB SAR requirement.
\3\ Although FinCEN's existing BSA regulations requiring the
filing of SARs do not apply generally to securities brokers and
dealers, those securities brokers and dealers that are affiliates or
subsidiaries of banks or bank holding companies have been required
to report suspicious transactions by virtue of the application to
them of rules issued by the federal bank supervisory agencies.
\4\ See Act section 356. FinCEN has issued proposed amendments
to the BSA regulations to cover all securities brokers and dealers
66 FR 67669 (Dec. 31, 2001).
---------------------------------------------------------------------------
Section 103.100(d) sets forth the obligation of financial
institutions to comply with a request from FinCEN. This section
provides that upon receiving the request, a financial institution shall
search its records to determine whether it maintains or has maintained
any account for, or has engaged in any transaction with, any
individual, entity, or organization named in FinCEN's request. The
financial institution's search must cover accounts maintained and
transactions engaged in during the time period specified in the
request.
If a financial institution identifies a matching account or
transaction, it must report as soon as possible to FinCEN the identity
of the relevant individual, entity, or organization, together with an
identification of the account or the type of transaction (such as wire
transfer), as well as all identifying information (such as date of
birth, address, Social Security number, passport number, etc.) provided
by the individual, entity, or organization in connection with the
transaction or establishment of the account. This information should be
sent to FinCEN via e-mail to patriot@fincen.treas.gov or, if the
financial institution does not have access to e-mail, by calling the
toll-free the Financial Institutions Hotline (1-866-556-3974), or as
FinCEN may otherwise prescribe in the information request.
Although the records search required by section 103.100(d) is
retrospective, Treasury and FinCEN expect that financial institutions
will use the information provided by FinCEN to report to FinCEN
concerning any named individual, entity, or organization that
subsequently establishes an account or engages in a transaction.
Nothing in the rule requires a financial institution to take any
action, or to decline to take any action, with respect to an existing
account or past transaction with, or to decline to establish a new
account for, or to engage in a transaction with, any individual,
entity, or organization specified in a request from FinCEN. Indeed, in
the interests of law enforcement, the proposed rule prohibits a
financial institution from taking any action that could alert an
individual, entity or organization that it has been identified by a
federal law enforcement agency as engaged in, or suspected of engaging
in, terrorist acts, the financing of terrorist acts, or money
laundering. Treasury and FinCEN are acutely aware and are highly
appreciative of the desire of financial institutions not to knowingly
facilitate terrorism or money laundering, and recognize that this
desire may at times be in tension with the need not to alert persons
that have been identified in a request from FinCEN. If, for example, a
financial institution believes that its failure to close an account in
connection with an individual, entity, or organization named in a
request from FinCEN could facilitate terrorism or money laundering, it
may be appropriate for the financial institution to advise FinCEN,
which will refer the matter to the concerned federal law enforcement
agency. Ultimately, however, the decision whether to close an account
or decline a transaction is solely that of the concerned financial
institution.
Section 314(a) clearly contemplates that information provided by
the federal government to financial institutions will be used only for
the purposes of that section. Accordingly, the rule also requires
financial institutions to maintain adequate procedures to protect the
security and confidentiality of information contained in requests from
FinCEN. Maintaining the confidentiality of information sent from law
enforcement is vital to the success of this information sharing
provision and is important to maintaining the privacy interests of the
customers of financial institutions.
Section 103.100(e) requires a financial institution, upon a request
from FinCEN, to designate one person who will receive requests for
information from FinCEN and to provide FinCEN with that person's
mailing address, e-mail address, telephone number, and facsimile
number. When requested, a financial institution may provide this
information through FinCEN's website, http://www.treas.gov/fincen, and
enter the information as directed, or by sending the information on
company letterhead to: FinCEN, PO Box 39, Mail Stop 500, Vienna, VA
22183. A financial institution is not required to provide this
information to FinCEN until requested.
Section 103.100(f) clarifies the relationship between a financial
institution's obligations under the rule and the Right to Financial
Privacy Act (RFPA). RFPA generally provides that ``no Government
authority may have access to or obtain copies of, or the information
contained in the financial records of any customer from a financial
institution'' except with the customer's consent or through an
administrative or judicial subpoena or a search warrant, or in response
to a formal written request. 12 U.S.C. 3402. To obtain access to the
records, there must be reason to believe that the records sought are
relevant to a legitimate law enforcement inquiry. 12 U.S.C. 3407.
There are several bases on which an information request and a
responsive disclosure of information required by the rule are exempt
from the requirements of RFPA. First, there is an express exception in
RFPA for disclosure of financial records or information required to be
reported in accordance with any Federal statute or rule promulgated
thereunder. 12 U.S.C. 3413(d). As discussed above, section 314(a) of
the Act requires Treasury to issue regulations to facilitate the
exchange of information between financial institutions and the
government regarding those engaged in or reasonably suspected of
engaging in terrorist activity and money laundering, and the statute
gives Treasury the authority to require a response from financial
institutions. Accordingly, information required to be reported under
the rule would fall under the statutory exception in RFPA for
information required to be reported in accordance with a federal
statute and its implementing regulations. In order to clarify that RFPA
does not inhibit a financial institution from complying with a request
from FinCEN under the rule, section 103.100(f) provides that
information that a financial institution is required to report under
the rule shall be considered to be information required to be reported
in accordance with a federal statute or rule promulgated thereunder,
for purposes of the statutory exception to the coverage of RFPA in 12
U.S.C. 3413(d).
Second, RFPA applies only to financial records of individuals and
to partnerships of five or fewer individuals. Therefore, to the extent
an information request under the rule relates to entities and
organizations that are not partnerships of five or fewer individuals,
RFPA does not apply.
Third, RFPA provides that it does not preclude a financial
institution from notifying the government of the name or other
identifying information
[[Page 9882]]
concerning any individual, corporation, or account involved in a
possible violation of any statute or regulation and the nature of any
suspected illegal act. 12 U.S.C. 3403(c). As discussed above, the rule
requires only the disclosure of the identity of the concerned
individual or entity, and an identification of the account or the type
of transaction involved (such as a wire transfer), for which a
financial institution has a match with FinCEN's request. In addition,
because the disclosure would relate to individuals and entities engaged
in or suspected of engaging in terrorist activity or money laundering,
the disclosure would relate to a possible violation of statue or
regulation.
Fourth, section 358 of the Act amended RFPA to expressly provide
that its disclosure restrictions do not apply to requests from ``a
Government authority authorized to conduct investigations of, or
intelligence or counterintelligence analyses related to international
terrorism.'' 12 U.S.C. 3414(a)(1)(C). Therefore, to the extent that a
request for information made under the rule is made on behalf of such
an agency, RFPA's disclosure restrictions do not apply. As discussed
above, only federal law enforcement agencies investigating terrorist
activities or money laundering are authorized to submit a request to
financial institutions through FinCEN. For those inquiries relating to
terrorism, the new exception plainly applies. In addition, FinCEN
itself is an agency authorized to conduct intelligence and
counterintelligence analyses related to international terrorism.
As discussed above, section 314 of the Act and the rule authorize
new mechanisms to encourage information sharing among the federal
government and financial institutions, in addition to those authorized
by other laws. Section 103.100(g) clarifies that nothing in the rule
affects the authority of a federal agency or officer to obtain
information directly from a financial institution.
Section 103.100(h) is intended to preserve the confidentiality of
law enforcement investigations by prohibiting a financial institution
from using information provided by FinCEN for any purpose other than
responding to the information request or deciding whether to establish
or maintain an account or to engage in a transaction. It also prohibits
the disclosure of the fact that FinCEN has requested or obtained
information under the rule, except to the extent necessary to comply
with the request. Although nothing in this provision would preclude a
financial institution from contracting with a third party to search its
records on its behalf, Treasury and FinCEN expect that such a contract
would include confidentiality and nondisclosure requirements consistent
with this provision. In addition, this provision does not preclude a
financial institution (as defined in section 103.110(a)(2)) from
sharing information received from FinCEN with other such financial
institutions in a manner consistent with applicable laws and
regulations.
Section 103.110--Voluntary Information Sharing Among Financial
Institutions
As with section 314(a), the Act does not define the term
``financial institution'' for purposes of the information sharing
provisions of 314(b). Unlike section 314(a), which involves responding
to requests for information from federal law enforcement agencies,
section 314(b) involves the sharing of information among financial
institutions and presents different issues concerning information
privacy.\5\ For these reasons, Treasury and FinCEN believe that it is
appropriate to define the term ``financial institution'' for purposes
of section 314(b) in a manner that is most likely to further the
identification of terrorist and money laundering activities while
minimizing the likelihood that information sharing will inappropriately
intrude on the privacy interests of the customers of those
institutions. Accordingly, section 103.110(a)(2) defines ``financial
institution'' for purposes of section 314(b) to mean (1) a financial
institution that is subject to SAR reporting that is not a money
services business, which includes banks, savings associations, and
credit unions; (2) a broker or dealer registered with the Securities
and Exchange Commission under the Securities Exchange Act of 1934 (15
U.S.C. 78a et seq.); (3) an issuer of traveler's checks or money
orders; (4) a registered money transmitter, or (5) an operator of a
credit card system that is not a money services business. Treasury and
FinCEN specifically request comment concerning whether these entities
should be included within the definition for purposes of section 314(b)
of the Act and regulation section 103.110, and whether the definition
should be expanded to include other categories of BSA financial
institutions.
---------------------------------------------------------------------------
\5\ See Act sections 314(b) and (c), which provide protections
from federal and State prohibitions on the disclosure of information
to financial institutions that engage in information sharing
consistent with the requirements of section 314(b) and its
implementing regulations.
---------------------------------------------------------------------------
Section 103.110(a)(3) defines the term ``association of financial
institutions'' to mean a group or organization comprised of financial
institutions defined in section 103.110(a)(2). Because associations of
such financial institutions can enhance the sharing of information
among their members, the rule permits such associations to participate
in the information sharing process.
Section 103.110(b) provides that upon providing the appropriate
certification to Treasury, as described below, a financial institution
may share information with other financial institutions regarding
individuals, entities, organizations, and countries for purposes of
detecting, identifying, or reporting activities that the financial
institution or association suspects may involve money laundering or
terrorist activity.
Prior to engaging in information sharing, a financial institution
or association of financial institutions must submit to FinCEN a
certification described in new Appendix B to 31 CFR part 103, that
confirms: the name of the financial institution or association of
financial institutions; that the financial institution is a financial
institution as defined in section 103.110(a), or in the case of an
association, that the association's members that intend to engage in
information sharing are financial institutions as defined in section
103.110(a); that the institution or association will maintain adequate
procedures to protect the security and confidentiality of such
information; that the institution or association will not use any
shared information for any purpose other than as authorized in section
103.110; and the identity of a contact person at the financial
institution or association for matters pertaining to information
sharing.
To streamline the certification process, FinCEN has established a
special page on its existing Internet website, http://www.treas.gov/
fincen, where financial institutions can enter the appropriate
information. If a financial institution or association does not have
access to the Internet, the certification may be mailed to FinCEN at
the address specified in the rule.
By requiring notice to Treasury before information is shared among
financial institutions, Congress has injected Treasury into what would
otherwise be a purely private communication. The statute did not
indicate clearly whether prior notice to Treasury was required before
each individual communication or whether a general notice would be
sufficient. After considering both the need for flexibility for
financial institutions as well as the need to ensure that the right to
share
[[Page 9883]]
information under this section is not being used improperly, Treasury
and FinCEN determined that the certification should be effective for a
one-year period beginning on the date of the certification. A re-
certification, provided to FinCEN in the same manner, is required if a
financial institution or association intends to continue to share
information. An annual certification will help Treasury determine which
financial institutions are sharing information, and it will reinforce
the need for financial institutions to protect information shared under
this section. Treasury and FinCEN balanced the minimal burden
associated with completing the brief electronic or paper certification
against its role in protecting the privacy interests of customers of
financial institutions.
Section 103.110(c) requires each financial institution or
association of financial institutions that engages in the sharing of
information to maintain adequate procedures to protect the security and
confidentiality of such information. This section also provides that
information received by a financial institution or association of
financial institutions pursuant to this section shall only be used for
identifying and reporting on activities that may involve terrorist or
money laundering activities, or determining whether to close or
maintain an account, or to engage in a transaction. A financial
institution that fails to comply with these restrictions on the use of
shared information may have its certification revoked or suspended. See
103.110(g).
Section 103.110(d) provides that a financial institution or
association of financial institutions that engages in the sharing of
information and that complies with sections 103.110(b) and (c) shall
not be liable to any person under any law or regulation of the United
States, under any constitution, law, or regulation of any State or
political subdivision thereof, or under any contract or other legally
enforceable agreement (including any arbitration agreement), for such
sharing, or for any failure to provide notice of such sharing, to an
individual, entity, or organization that is the subject of such
sharing.
Section 103.110(e) provides a means for financial institutions to
voluntarily report information to law enforcement concerning suspicious
transactions that may relate to money laundering or terrorist activity
that may come to the financial institution's attention as a result of
discussions with other financial institutions, or otherwise. In order
to accord the highest priority to suspected terrorist activity, a
financial institution should report such information to FinCEN by
calling the Financial Institutions Hotline (1-866-556-3974). The
purpose of the Financial Institutions Hotline is to facilitate the
immediate transmittal of this information to law enforcement. Financial
institutions identifying other suspicious transactions should report
such transactions by promptly filing a SAR in accordance with
applicable regulations, even if they provide information over the
Financial Institutions Hotline. The Financial Institutions Hotline is
intended to provide to law enforcement and other authorized recipients
of SAR information the essence of the suspicious activity in an
expedited fashion. Use of the Financial Institutions Hotline is
voluntary and does not affect an institution's responsibility to file a
SAR in accordance with applicable regulations.
Section 103.110(f) clarifies that voluntary reporting under section
103.110 does not relieve a financial institution from any obligation it
may have to file a Suspicious Activity Report pursuant to a regulatory
requirement, or to otherwise directly contact a federal agency
concerning individuals, entities, or organizations suspected of
engaging in money laundering or terrorist activities.
Section 103.110(g) provides that a federal regulator of a financial
institution, or FinCEN in the case of a financial institution that does
not have a federal regulator, may revoke or suspend a certification
provided by a financial institution under this section if the regulator
or FinCEN determines that the financial institution has failed to
comply with the requirements of paragraph (c). Treasury and FinCEN
believe this provision is necessary to preclude further participation
in information sharing under the authority of section 103.110 by a
financial information that fails to accord confidentiality to shared
information, or uses that information for purposes other than as
permitted by section 103.110(c). A financial institution with respect
to which a certification has been revoked or suspended may not engage
in information sharing under this section during the period of such
revocation or suspension.
IV. Submission of Comments
An original and four copies of any comments (other than one sent
electronically) must be submitted. All comments will be available for
public inspection and copying, and no material in any comment,
including the name of any person submitting the comment, will be
recognized as confidential. Accordingly, material not intended to be
disclosed to the public should not be submitted.
V. Regulatory Flexibility Act
It is hereby certified that this proposed rule is not likely to
have a significant economic impact on a substantial number of small
entities. With respect to section 103.100, most financial institutions
subject to SAR reporting are larger businesses. Moreover, the burden
imposed by the requirement that financial institutions search their
records for accounts for, or transactions with, individuals, entities,
or organizations engaged in, or reasonably suspected based on credible
evidence of engaging in, terrorist activity, is not expected to be
significant. Section 103.110 is entirely voluntary on the part of
financial institutions and no financial institution is required to
share information with other financial institutions. Accordingly, the
analysis requirements of the provisions of the Regulatory Flexibility
Act (5 U.S.C. 601 et seq.) do not apply.
VI. Paperwork Reduction Act
The requirement in section 103.100(d)(2), concerning reports by
financial institutions in response to a request from FinCEN on behalf
of a federal law enforcement agency, is not a collection of information
for purposes of the Paperwork Reduction Act. See 5 CFR 1320.4.
The requirement in section 103.110(b)(2), concerning notification
to FinCEN that a financial institution that intends to engage in
information sharing, and the accompanying certification in Appendix B
to 31 CFR part 103, do not constitute a collection of information for
purposes of the Paperwork Reduction Act. See 5 CFR 1320.3(h)(1).
The collection of information contained in section 103.110(e),
concerning voluntary reports to the federal government as a result of
information sharing among financial institutions, will necessarily
involve the reporting of a subset of information currently contained in
a Suspicious Activity Report (SAR). SAR reporting has been previously
reviewed and approved by the Office of Management and Budget (OMB)
pursuant to the Paperwork Reduction Act and assigned OMB Control No.
1506-0001. An agency may not conduct or sponsor, and a person is not
required to respond to, a collection of information unless it displays
a currently valid OMB control number.
[[Page 9884]]
VII. Executive Order 12866
This proposed rule is not a ``significant regulatory action'' for
purposes of Executive Order 12866. Accordingly, a regulatory assessment
is not required.
List of Subjects in 31 CFR Part 103
Authority delegations (Government agencies), Banks and banking,
Currency, Investigations, Law enforcement, Reporting and recordkeeping
requirements.
Dated: February 26, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
Proposed Amendments to the Regulations
For the reasons set forth above, FinCEN proposes to amend 31 CFR
part 103 as follows:
PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND
FOREIGN TRANSACTIONS
1. The authority citation for part 103 is revised to read as
follows:
Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5331;
title III, sec. 314, Pub. L. 107-56, 115 Stat. 307.
2. Add new subpart H to part 103 to read as follows:
Subpart H--Special Information Sharing Procedures To Deter Money
Laundering and Terrorist Activity
Sec.
103.90 Definitions.
103.100 Information sharing with federal law enforcement agencies.
103.110 Voluntary information sharing among financial
institutions.
Subpart H--Special Information Sharing Procedures To Deter Money
Laundering and Terrorist Activity
Sec. 103.90 Definitions.
For purposes of this subpart, the following definitions apply:
(a) Money laundering means an activity described in 18 U.S.C. 1956
or 1957.
(b) Terrorist activity means an act of domestic terrorism or
international terrorism as those terms are defined in 18 U.S.C. 2331.
Sec. 103.100 Information sharing with federal law enforcement
agencies.
(a) Definitions. For purposes of this section:
(1) The definitions in Sec. 103.90 apply; and
(2) The term financial institution means any financial institution
described in 31 U.S.C. 5312(a)(2).
(b) Requests for information relating to money laundering or
terrorist activities. On behalf of a federal law enforcement agency
investigating money laundering or terrorist activity, FinCEN may
require any financial institution to search its records to determine
whether the financial institution maintains or has maintained accounts
for, or has engaged in transactions with, any specified individual,
entity, or organization.
(c) Certification requirement. Prior to FinCEN requesting
information pursuant to paragraph (b) of this section, the federal law
enforcement agency shall provide FinCEN with a written certification,
in such form and manner as FinCEN may prescribe, that each individual,
entity, or organization about which the agency is seeking information
is engaged in, or reasonably suspected based on credible evidence of
engaging in, money laundering or terrorist activity.
(d) Reporting by financial institutions.--(1) Record search
required. Upon receiving a request from FinCEN, a financial institution
shall search its records to determine whether it maintains or has
maintained any account for, or has engaged in any transaction with,
each individual, entity, or organization named in FinCEN's request. The
search shall cover the time period specified in FinCEN's request.
(2) Report to FinCEN required.--(i) In general. If a financial
institution identifies an account or transaction identified with any
individual, entity, or organization named in a request from FinCEN, it
shall report the information specified in paragraph (d)(2)(ii) of this
section to FinCEN as soon as possible via e-mail to
patriot@fincen.treas.gov or, if the financial institution does not have
access to e-mail, by calling the toll-free the Financial Institutions
Hotline (1-866-556-3974), or by such other means as FinCEN may specify
in the request.
(ii) Information required to be reported. A financial institution
shall report the following information to FinCEN:
(A) Account. If the financial institution identifies one or more
accounts identified with any individual, entity, or organization named
in a request from FinCEN, it shall report to FinCEN:
(1) The identity of such individual, entity, or organization;
(2) The number of each such account; and
(3) All identifying information provided by the account holder in
connection with the establishment of each such account (such as Social
Security number, taxpayer identification number, passport number, date
of birth, and address).
(B) Transaction. If the financial institution identifies one or
more transactions (not involving an account) identified with any
individual, entity, or organization named in a request from FinCEN, it
shall report to FinCEN:
(1) The identity of such individual, entity, or organization;
(2) The date and type of each such transaction; and
(3) All identifying information provided by such individual,
entity, or organization in connection with each such transaction (such
as Social Security number, taxpayer identification number, passport
number, date of birth, and address).
(3) No other action required. Nothing in this section shall be
construed to require a financial institution to take any action, or to
decline to take any action, with respect to an account established for,
or a transaction engaged in with, an individual, entity, or
organization named in a request from FinCEN, or to decline to establish
an account for, or to engage in a transaction with, any such
individual, entity, or organization.
(e) Designation of contact person. FinCEN may request a financial
institution to identify one person to receive requests for information
from FinCEN pursuant to paragraph (b) of this section. When requested
by FinCEN, a financial institution shall provide to FinCEN the name,
title, mailing address, e-mail address, telephone number, and facsimile
number of such person, and such other information as FinCEN may
request, in such manner as FinCEN shall specify.
(f) Relation to the Right to Financial Privacy Act. The information
that a financial institution is required to report pursuant to
paragraph (d) of this section shall be considered to be information
required to be reported in accordance with a federal statute or rule
promulgated thereunder, for purposes of section 3413(d) of the Right to
Financial Privacy Act (12 U.S.C. 3413(d)).
(g) No effect on law enforcement or regulatory investigations.
Nothing in this subpart affects the authority of a federal agency or
officer to obtain information directly from a financial institution.
(h) Use, disclosure, and security of information request. (1) A
financial institution shall not use information provided by FinCEN
pursuant to this section for any purpose other than:
(i) Reporting to FinCEN as provided in this section; or
[[Page 9885]]
(ii) Determining whether to establish or maintain an account, or to
engage in a transaction.
(2)(i) A financial institution shall not disclose to any person,
other than FinCEN or the federal law enforcement agency on whose behalf
FinCEN is requesting information, the fact that FinCEN has requested or
obtained information under this subpart H, except to the extent
necessary to comply with such an information request.
(ii) Notwithstanding paragraph (h)(2)(i) of this section, a
financial institution authorized to share information under
Sec. 103.110 may share information concerning an individual, entity, or
organization named in a request from FinCEN in accordance with the
requirements of such section.
(3) Each financial institution shall maintain adequate procedures
to protect the security and confidentiality of requests from FinCEN for
information under this section.
Sec. 103.110 Voluntary information sharing among financial
institutions.
(a) Definitions. For purposes of this section:
(1) The definitions in Sec. 103.90 apply;
(2) The term financial institution means any financial institution
described in 31 U.S.C. 5312(a)(2) that:
(i) Is subject to a suspicious activity reporting requirement of
subpart B of this part and is not a money services business, as defined
in Sec. 103.11(uu);
(ii) Is a broker or dealer in securities, as defined in
Sec. 103.11(f);
(iii) Is an issuer of traveler's checks or money orders, as defined
in Sec. 103.11(uu)(3);
(iv) Is a money transmitter, as defined in Sec. 103.11(uu)(5), and
is required to register as such pursuant to Sec. 103.41; or
(v) Is an operator of a credit card system and is not a money
services business, as defined in Sec. 103.11(uu); and
(3) The term association of financial institutions means a group or
organization the membership of which is comprised entirely of financial
institutions as defined in paragraph (a)(2) of this section.
(b) Information sharing among financial institutions.--(1) In
general. Subject to paragraphs (b)(2) and (g) of this section, a
financial institution or an association of financial institutions may
engage in the sharing of information with any other financial
institution (as defined in paragraph (a)(2) of this section) or
association of financial institutions (as defined in paragraph (a)(3)
of this section) regarding individuals, entities, organizations, and
countries for purposes of detecting, identifying, or reporting
activities that the financial institution or association suspects may
involve possible money laundering or terrorist activities.
(2) Notice requirement.--(i) Certification. A financial institution
or association of financial institutions that intends to engage in the
sharing of information as described in paragraph (b)(1) of this section
shall submit to FinCEN a certification described in Appendix B of this
part.
(ii) Address. Completed certifications may be submitted to FinCEN:
(A) By accessing FinCEN's Internet website, http://www.treas.gov/
fincen, and entering the appropriate information as directed; or
(B) If a financial institution does not have Internet access, by
mail to: FinCEN, PO Box 39, Mail Stop 100, Vienna, VA 22183.
(iii) One year duration of certification. Each certification
provided pursuant to paragraph (b)(2)(i) of this section shall be
effective for the one year period beginning on the date of the
certification. In order to continue to engage in the sharing of
information after the end of the one year period, a financial
institution or association of financial institutions must submit a new
certification.
(c) Security and confidentiality of information.--(1) Procedures
required. Each financial institution or association of financial
institutions that engages in the sharing of information pursuant to
this section shall maintain adequate procedures to protect the security
and confidentiality of such information.
(2) Use of information. Information received by a financial
institution or association of financial institutions pursuant to this
section shall not be used for any purpose other than:
(i) Detecting, identifying and reporting on activities that may
involve terrorist or money laundering activities; or
(ii) Determining whether to establish or maintain an account, or to
engage in a transaction.
(d) Safe harbor from certain liability.--(1) In general. A
financial institution or association of financial institutions that
engages in the sharing of information pursuant to this section shall
not be liable to any person under any law or regulation of the United
States, under any constitution, law, or regulation of any State or
political subdivision thereof, or under any contract or other legally
enforceable agreement (including any arbitration agreement), for such
sharing, or for any failure to provide notice of such sharing, to an
individual, entity, or organization that is identified in such sharing.
(2) Limitation. Paragraph (d)(1) of this section shall not apply to
a financial institution or association of financial institutions to the
extent such institution or association fails to comply with paragraph
(b) or (c) of this section.
(e) Information sharing between financial institutions and the
federal government.--(1) Terrorist activity. If, as a result of
information sharing pursuant to this section, a financial institution
suspects that an individual, entity, or organization is involved in, or
may be involved in terrorist activity, such information should be
reported to FinCEN:
(i) By calling the toll-free Financial Institutions Hotline (1-866-
556-3974); and
(ii) If appropriate, by filing a Suspicious Activity Report
pursuant to subpart B of this part or other applicable regulations.
(2) Money laundering. If as a result of information sharing
pursuant to of this section, a financial institution suspects that an
individual, entity, or organization is involved in, or may be involved
in money laundering, such information should generally be reported by
filing a Suspicious Activity Report in accordance with subpart B of
this part or other applicable regulations. If circumstances indicate a
need for the expedited reporting of this information, a financial
institution may use the Financial Institutions Hotline (1-866-556-
3974).
(f) No limitation on financial institution reporting obligations.
Nothing in this subpart affects the obligation of a financial
institution to file a Suspicious Activity Report pursuant to subpart B
of this part or any other applicable regulations, or to otherwise
directly contact a federal agency concerning individuals or entities
suspected of engaging in money laundering or terrorist activities.
(g) Revocation or suspension of certification.--(1) Authority of
federal regulator or FinCEN. Notwithstanding any other provision of
this section, a federal regulator of a financial institution, or FinCEN
in the case of a financial institution that does not have a federal
regulator, may revoke or suspend a certification provided by a
financial institution pursuant to paragraph (b)(2) of this section if
the concerned federal regulator or FinCEN, as appropriate, determines
that the financial institution has failed to comply with the
requirements of paragraph (c) of this section. Nothing in this
paragraph (g)(1) shall be construed to affect the authority of any
federal regulator with respect to any financial institution.
[[Page 9886]]
(2) Effect of revocation or suspension. A financial institution
with respect to which a certification has been revoked or suspended may
not engage in information sharing under the authority of this section
during the period of such revocation or suspension.
3. The Appendix to part 103 is redesignated as Appendix A to part
103 and the heading is revised to read as follows:
Appendix A to Part 103--Administrative Rulings
* * * * *
4. Appendix B is added to part 103 to read as follows:
Appendix B to Part 103--Certification for Purposes of Section 314(b) of
the USA PATRIOT Act and 31 CFR 103.110
BILLING CODE 4810-02-P
[[Page 9887]]
[GRAPHIC] [TIFF OMITTED] TP04MR02.027
[FR Doc. 02-5007 Filed 3-1-02; 8:45 am]
BILLING CODE 4810-02-C
|
