Home > News & Events > Speeches, Testimony & Articles
Speeches, Testimony & Articles
Statement of Donald E. Powell Chairman Federal Deposit Insurance Corporation on Regulatory Efforts to Ensure Compliance with the Bank Secrecy Act Before the Committee on Banking, Housing, and Urban Affairs U. S. Senate
9:30 AM - June 3, 2004
Room 534 Dirksen Senate Office Building
Mr. Chairman, Senator Sarbanes, and Members of the Committee, thank you for this opportunity to discuss how the Federal Deposit Insurance Corporation, along with the other bank regulatory agencies, addresses our responsibilities under the Bank Secrecy Act (BSA) and related anti-money laundering and anti-terrorism laws.
My testimony begins with a brief history of the BSA and an overview of the work the FDIC is doing under the law. I also will outline the current initiatives that the FDIC is undertaking to foster a culture more focused on the effective supervision of banks for compliance with BSA and related laws, and to provide assistance to law enforcement agencies. Finally, I will discuss some broader ideas related to the way bank regulators, law enforcement and the banking industry can work together to address money laundering and terrorist financing.
Background and Evolution of BSA
The original purpose of the BSA was to prevent banks from being used to conceal money derived from criminal activity and tax evasion. A process of filing various reports, including currency transaction reports (CTRs), was established and proved highly useful in criminal, tax, and regulatory investigations and proceedings. Banks are required to report cash transactions over $10,000 using the CTR. The information collected in the CTR can provide a paper trail for investigations of financial crimes, including tax evasion and money laundering, and has led to convictions and asset forfeiture actions.
Although the BSA has been in effect for over 30 years, numerous revisions and amendments have been made to enhance the notification and investigation of financial crimes. The Money Laundering Control Act, which was enacted in 1986 to respond to the increase in money laundering activity related to narcotics trafficking, was the first major expansion of the BSA. The Money Laundering Control Act criminalized money laundering and prohibited the structuring of transactions to avoid the filing of CTRs. Additionally, at that time, banks reported suspicious transactions by marking the Suspicious box on the CTR and also filing a Report of an Apparent Crime form (criminal referral) with the banks primary regulator and law enforcement agencies.
Over the years, additional laws and amendments were passed to define how financial institutions share information relating to apparent money laundering activities with law enforcement. These laws included: the Annunzio-Wylie Money Laundering Suppression Act of 1992, which replaced the criminal referral form with the suspicious activity report (SAR) to be used for apparent money laundering activities; the Money Laundering Suppression Act of 1994, which liberalized the rules for using CTR exemptions; and the Money Laundering and Financial Crimes Strategy Act of 1998, which focused on improving cooperation and coordination among regulators, law enforcement, and the financial services industry.
The focus of the BSA was escalated further in the wake of the September 11, 2001, terrorist attacks against the United States with passage of the Uniting and Strengthening America by Providing Appropriate Tools to Restrict, Intercept, and Obstruct Terrorism Act of 2001, otherwise known as the USA PATRIOT Act (PATRIOT Act). Title III of the PATRIOT Act expands the BSA beyond its original purpose of deterring and detecting money laundering to include terrorist financing in the United States. One of the new provisions requires financial institutions to conduct due diligence on customer accounts through a Customer Identification Program (CIP). The CIP requires institutions to maintain records, including customer information and methods used to verify customers' identities.
In 1990, the Financial Crimes Enforcement Network (FinCEN) was established in Treasury to administer the BSA and provide a government-wide, multi-source intelligence and analytical network. In October 2001, the PATRIOT Act elevated the status of FinCEN within Treasury and emphasized its role in fighting terrorist financing. In addition to administering the BSA, FinCEN is responsible for expanding the regulatory framework to other industries (such as insurance, gaming, securities brokers/dealers) vulnerable to money laundering, terrorist financing, and other crimes.
Evolution of 314(a) Requests
Section 314 of the PATRIOT Act requires FinCEN to establish a formal mechanism for law enforcement to communicate names of suspected terrorists and money launderers that are under investigation to financial institutions on a regular basis. The implementing regulations mandate that financial institutions receiving names of suspects search their account and transaction records for potential matches and report positive results to FinCEN in the manner and time frame specified in the request. This new information sharing system, referred to as 314(a) Requests, replaced the Control List.
Every FinCEN 314(a) request is certified and vetted as a valid and significant terrorist/money laundering investigation through the appropriate law enforcement agency prior to being sent to a financial institution. The law enforcement agencies maintain that this new system is an effective and successful tool in their investigations.
Information provided to the FDIC from FinCEN, showing the initial results of the program, indicate some successes. From February 18, 2003, through November 25, 2003, agencies have processed 188 law enforcement requests. Of these cases, 124 were related to money laundering and 64 cases were related to terrorism or terrorist financing. There were 1,256 subjects of interest in these investigations. Of these, financial institutions responded with 8,880 matches, resulting in the discovery or issuance of the following:
The FDIC plays a particularly active role in ensuring that the 314(a) program runs effectively by maintaining point of contact information for FDIC-supervised and national banks. By properly maintaining this information, the FDIC ensures that banks are able to act on 314(a) requests in the timeliest fashion.
The 314(a) requests should not be confused with the list published by the Department of Treasurys Office of Foreign Assets Control (OFAC). The Section 314(a) request pertains to suspects and material witnesses to significant terrorist/money laundering investigations, and is confidential. Further, the names are subject to a one-time search of bank records, and banks are not required by law to terminate account relationships. The OFAC list is a public list which contains names of individuals, organizations and countries against whom the United States has instituted sanctions. Financial institutions must have a formal process for regular searches of records and transactions against updated OFAC lists.
Although the Section 314(a) requests have improved our ability to identify possible money laundering or terrorist financing activity, other provisions of Section 314 may be underutilized or could be improved. For example, under Section 314(b), there is a safe harbor for bankers to discuss suspect transactions with other banks that are counterparties in a transaction. It appears that only 10 percent of insured financial institutions use this safe harbor even though it creates an opportunity to gain a better understanding of, and develop additional information about, questionable transactions before they are reported. In addition, under Section 314(a), financial institutions generally have a 14-day window to report a positive hit. This timeframe should be evaluated to determine whether this permissible reporting delay is realistic since the information may not be received until well after criminal activity occurs. As law enforcement, bank regulators and the industry gain experience with the PATRIOT Act, we must continually evaluate its implementation to ensure that it is as effective as possible.
Responsibilities of the FDIC to Facilitate BSA Compliance
In addition to examining state-chartered nonmember banks for compliance with the BSA and underlying regulations, the FDIC is required to make periodic reports regarding violations of Treasurys financial recordkeeping rules to the Treasury. The purpose of the BSA examination is to determine the effectiveness of a financial institutions anti-money laundering program. Specifically, every BSA examination focuses on the oversight provided by a banks senior management and its respective Board of Directors, as well as the system of controls put in place to identify reportable transactions, prepare CTRs, monitor the purchase and sales of monetary instruments and electronic funds transfer activities, comply with the OFAC laws and regulations, administer information sharing requirements under Section 314(a) of the PATRIOT Act, administer the Customer Identification Program, and report suspicious activities. Although the BSA regulations do not prescribe the frequency with which BSA compliance should be reviewed, examination procedures for BSA compliance are included within the scope of FDIC safety and soundness examinations. Since 2000, the FDIC has conducted almost 11,000 BSA examinations.
The FDIC is the primary federal regulator of approximately 5,300 insured financial institutions holding total assets of almost $1.7 trillion. The majority of FDIC-supervised institutions are small and located outside a Metropolitan Statistical Area (MSA)1, in less-densely populated areas. To effectively supervise BSA compliance at state non-member banks, the FDIC has adopted a risk-focused approach. An institutions level of risk for potential money laundering determines the necessary scope of the BSA examination. For example, an examiner might consider an institution with the following characteristics to have a low money-laundering risk: located in a rural area; not located in a high-risk money laundering and related financial crimes area (HIFCA)2; small asset size; small deposit base; known and stable customer base; stable management and employee base; and relatively few CTRs.
On the other hand, an institution located in a HIFCA or engaged in particularly risky business lines will receive significantly more scrutiny under the FDICs risk-focused compliance examinations due to their elevated risk profiles. Current HIFCA designations for money laundering are assigned to the MSAs of New York City, Los Angeles, Chicago, San Francisco, and Miami. HIFCAs also include the Mexican borders with Texas and Arizona as well as San Juan, Puerto Rico. Financial institutions located in a HIFCA, or that have certain characteristics that may indicate a greater risk of money laundering or related vulnerabilities, undergo an expanded-scope BSA examination. These examinations include extensive transaction testing designed to validate managements compliance with BSA and anti-money laundering regulations.
Regardless of the risk profile of a particular institution, the FDIC understands that all institutions are at risk of being utilized to facilitate money laundering and terrorist financing. In todays global banking environment where funds are transferred instantly and communication systems make services available nationally, even a lapse at a small financial institution outside of a major metropolitan area can have significant implications in another location across the nation. The more difficult it is for criminals and terrorists to gain entry into the American financial system, the more likely it is that they will need to rely on less secure and less efficient means of financing their activities.
While it has been our experience that the vast majority of FDIC-supervised institutions are diligent in their efforts to establish, execute, and administer effective BSA compliance programs, there have been instances where controls and efforts were lacking. In those cases, the FDIC implements a range of corrective measures to ensure that banks comply with the law. Generally, weaknesses noted in BSA compliance have been technical in nature and have not resulted in the facilitation of money laundering or terrorist financing activities. Usually, bank management is responsive to correcting the deficiencies within the normal course of business. In cases where significant deficiencies are cited during a BSA examination, bank management is required to address such deficiencies in a written response to the FDIC that outlines the corrective action proposed and establishes a timeframe for implementation.
In cases where an institution has been lax in administering its BSA compliance program and failed to correct previously identified deficiencies, including significant violations of law, the FDIC has procedures to obtain commitments from bank management to correct the deficiencies. The procedures generally require some type of formal or informal enforcement action. The FDIC can also utilize its authority to assess civil money penalties against an institution for non-compliance with BSA. In addition, significant violations are referred to FinCEN, in accordance with the BSA, which also has the authority to assess civil money penalties for non-compliance with the BSA.
The FDIC believes in a flexible supervisory approach using technical guidance, moral suasion, and a gradual escalation of enforcement action as appropriate. However, a more aggressive supervisory approach may be necessary to effect correction when a greater risk for money laundering exists within an institution due to willful non-compliance with the BSA and/or the absence of an effective BSA program. The type of enforcement action pursued by the FDIC against an institution is directly related to the severity of the offense, managements willingness and ability to effectively implement corrective action, as well as the extent to which the program has failed to identify and/or deter potential money laundering. Additionally, the nature of the criticism, the response to prior weaknesses or violation notifications, and the overall risk profile of the institution are factored into the type of supervisory action. When weaknesses are identified at institutions that have a high BSA risk profile, such as those located within a HIFCA, the FDIC has been aggressive in taking formal supervisory action. In addition, the FDIC has the authority to remove and/or prohibit an individual from the banking industry for deliberate or negligent actions related to money laundering.
FDIC Efforts to Thwart Money Laundering and Terrorist Financing Activities
Terrorist financing differs as it generally involves the following factors:
These distinctions between money laundering and terrorist financing are important when evaluating suspicious bank transactions.
The FDIC examines CTRs and SARs to determine, in part, a banks compliance with the BSA. Examiners analyze an institutions volume and trend in CTR and SAR filings to assist in risk scoping the examination. For example, increases in the volume of CTRs filed may be the result of deposit growth, the elimination of exempted businesses, or increases in retail or other high-risk customers. Decreases may be caused by the failure of the bank to file CTRs, an increase in the number of exempted businesses, the elimination of retail and/or other high-risk customers, or structuring transactions to avoid reporting requirements.
Increases in the number of SARs filed may be due to an increase in high-risk customers, entry into a high-risk market or product, or an improvement in the banks method for identifying suspicious activity. Decreases may be the result of deficiencies in the banks process for identifying suspicious activity, the closure of high-risk or suspicious accounts, personnel changes, or the failure of the bank to file SARs.
When appropriate, examiners conduct transaction testing during a BSA examination to determine if reportable transactions have been captured on the banks system and if a CTR was filed. In the case of a structured transaction, an examiner will determine if a SAR was filed. As part of the CTR and SAR validation process, an examiner may also note if the SAR reports fraud and/or insider abuse which is closely linked to money laundering and other illicit acts. Also, examination staff may use SARs as a basis for further evaluation of the conduct of insiders who may eventually be removed and/or banned from the banking industry under Section 8(e) of the Federal Deposit Insurance Act.
Since 2001, the FDIC has issued 30 formal enforcement actions against 25 financial institutions and three individuals to address severely deficient BSA compliance efforts and/or ineffective anti-money laundering controls. These actions include 25 Orders to Cease and Desist, three Orders of Prohibitionwhich ban individuals from participating in the banking industryand two Civil Money Penalty Assessments against related entities in the amount of $7,500,000. Fourteen of the 25 Cease and Desist Orders were issued in response to severe and/or chronic BSA-related deficiencies that exposed those institutions to a high vulnerability of possible money laundering activity.
The FDIC also has effectively utilized informal actions such as bank board resolutions and memoranda of understanding to strengthen the BSA compliance efforts of its supervised institutions under appropriate circumstances. The informal actions also put the banks board of directors on notice of their responsibility to ensure BSA compliance. Since 2001, FDIC-supervised institutions have entered into 53 informal actions with BSA-related provisions.
FDIC Participation in Interagency Working Groups
The FDIC also participates in the Bank Secrecy Act Advisory Group, which is a public-private partnership devoted to the discussion of money laundering schemes, enforcement of anti-money laundering laws, and remedies for making all reporting processes more efficient. The BSA Advisory Group has 43 members with representatives from all bank regulatory agencies; law enforcement; the securities, insurance, and gaming industries; and the banking industry. The BSA Advisory Group and its subcommittees are currently evaluating all aspects of the BSA (implementing rules and reporting requirements) and developing recommendations to make these areas more efficient.
International Outreach Programs
In addition, the FDIC provided substantial assistance to the Department of the Treasury in drafting the anti-money laundering/anti-terrorist financing rules for the Iraqi Coalition Provisional Authority in Baghdad. The comprehensive framework was drafted for the new Iraqi government to implement and conform to international standards.
Improving Government and Industry Coordination
The FDIC diligently enforces the BSA by establishing a comprehensive supervisory approach that includes conducting thorough BSA compliance examinations and ensuring an appropriate supervisory approach when BSA concerns exist in FDIC-supervised institutions. In addition, the FDIC is proactive in addressing recent changes to the BSA by incorporating those rules into examiner and industry guidance, providing various forms of examiner and industry training and outreach sessions, and assisting in global anti-money laundering and anti-terrorist financing efforts.
The FDIC is fully committed to preventing the use of the financial system to support criminal or terrorist activities. Highly trained bank examiners are a major resource in this fight that cannot be easily duplicated. They are in every bank in the country, they are able to identify suspicious relationships and transactions and they have the power to dig deeply into the facts when warning flags are raised. While the current system is not perfect, we should approach reforms carefully to ensure that they do not duplicate resources and expertise that already exist and do not inadvertently interfere with the achievement of the goals that we all share.
This concludes my testimony. I would be happy to answer any questions and would like to thank the Committee for providing this opportunity to discuss the FDICs role in enforcing the Bank Secrecy Act and assisting the overall effort to fight money laundering and terrorist financing activity.
1 The Office of Management and Budget defines an MSA as an area with either a minimum population of 50,000 or a Census Bureau-defined urbanized area with a total population of at least 100,000. MSAs comprise one or more counties and may include one or more outlying counties that have close economic and social relationships with the central county. An outlying county must have a specified level of commuting to the central counties and also must meet certain standards regarding metropolitan character. For example, the Washington, D.C. MSA extends from Frederick, Maryland, to Fredericksburg, Virginia, and includes two counties in West Virginia.
2 HIFCA is a term used in the Money Laundering and Financial Crimes Strategy Act of 1998 as a means of concentrating law enforcement efforts at the federal, state, and local levels in high intensity money laundering zones.
|Last Updated email@example.com|