Understanding the Bank Secrecy Act: impact on financial institutions

The Bank Secrecy Act (also known as the Currency and Foreign Transactions Reporting Act or BSA) is an important legislative piece for the financial services industry, dictating how crime prevention and detection should happen. We are looking to shed more light onto the relevant context of the BSA, its key provisions, and important implications for the financial industry, all while exploring compliance challenges and looking at future prospects.

Tackling the roots of the Bank Secrecy Act

The BSA was initially passed in 1970 to combat money laundering and other financial crimes. It surfaced during the era when organized crime was flourishing, with a significant share of money laundering activities stemming from illicit drug trade and tax evasion. During its early years, the BSA attempted to close loopholes that allowed perpetrators to anonymously use funds through financial institutions by requiring financial service providers to adhere to strict reporting procedures. 

However, as financial crime evolved, so too did the BSA, which required updating and was amended several times with notable amendments such as the USA Patriot Act which reinforced the position of the BSA as a landmark statute against combatting money laundering and terrorism financing. Indeed, the BSA’s importance comes from the fact that it paved the way for the modern compliance framework implemented by a wide range of financial institutions today.

Key provisions of the Bank Secrecy Act

As previously discussed in our earlier AML Blog, the BSA is structured to require the authorities who supervise financial institutions to adopt regulations to ensure supervised financial institutions’ proactivity in financial crime prevention. The core elements of the BSA include:

• Currency Transaction Reports or CTRs: requiring financial institutions to file such reports for all transactions exceeding USD 10,000 to enable tracking of these high-value financial activities.
• Suspicious Activity Reports or SARs: require financial institutions to file reports about any unusual or suspicious financial activities they detect, marking potential money laundering and fraudulent transactions.
• Customer Identification Program or CIP: requiring financial institutions to verify their end-users’ identities. While this requirement does not appear in the BSA directly, regulations promulgated by the relevant authorities included this requirement to enable financial institutions to furnish the accurate information via the reports referred to in previous points.
• Recordkeeping: requiring financial institutions to retain financial records for a certain amount of time when the records can be used to assist financial crime investigations and audits. 

Together, these provisions can be perceived as a toolkit which enables financial institutions to prevent financial crimes while providing necessary support to authorities when searching for perpetrators of money laundering or financing of terrorism.

Authorities supervising the BSA compliance

The BSA compliance supervision takes a great effort and requires numerous regulatory bodies (governmental agencies) to work in tandem. This comes from the fact that the supervision of financial institutions is scattered across these different authorities, depending on their jurisdiction and regulatory entitlements stemming from the legislation. As a result, there are a wide range of authorities who contribute to the common goal of money laundering prevention. However, we want to focus on those whose share is the most significant for financial institutions. Such notable authorities include:

• Financial Crimes Enforcement Network or FinCEN: a bureau within the US Department of Treasury is considered as the primary authority under the BSA. FinCEN issues regulations for many financial institutions and has an active role in assessing the data from the reports submitted under the BSA.
• Office of the Comptroller of the Currency or OCC: has a more targeted audience, assisting FinCEN with supervision of the BSA compliance practices and anti-money laundering programs of  national banks.
• Federal Deposit Insurance Corporation or FDIC: akin to OCC, the FDIC also supports FinCEN by exercising supervision over a more targeted sample of the financial services industry, namely overseeing insured banks.
• National Credit Union Administration or NCUA: similarly to other regulators mentioned above, the NCUA reviews the BSA compliance of every federally insured credit union.

Regulations issued under the BSA

A series of regulations were issued under the BSA to strengthen its enforcement and clarify the specific obligations of supervised institutions with regards to money laundering and terrorism financing prevention. These regulations enable regulatory authorities to remain flexible in addressing emerging threats, while retaining the underlying intent of the BSA. Some notable regulations include:

• FinCEN Regulations under the Code of Federal Regulations, Title 31, Chapter 10 (31 CFR Chapter X): regulations which hold relevance to virtually every segment of financial institutions and hold utmost importance for every financial service provider who wants to operate in the US.
• OCC Regulations under the Code of Federal Regulations, Title 12, Part 21 (12 CFR Part 21): regulations relevant to entities supervised by the OCC, such as national banks or branches and agencies of foreign banks.
• FDIC Regulations under the Code of Federal Regulations, Title 12, Part 326 (12 CFR Part 326): regulations with relevance to insured banks and other financial institutions supervised by the FDIC.
• NCUA Regulations under the Code of Federal Regulations, Title 12, Part 748 (12 CFR Part 748): establishes rules which federally insured credit unions must implement in order to comply with the BSA.

Impact on the financial industry

The BSA and its regulations have created an enormous impact on the financial sector. They have greatly enhanced the accountability and transparency of regulated entities, and therefore strengthened public trust in the financial sector. At the same time, we acknowledge that it may be difficult for financial institutions to effectively navigate the multitude of legislative pieces without investing in technology, personnel, and training programs. However, as  BSA compliance is imperative to the sound functioning of the financial system, the BSA’s rigorous requirements are the cornerstone of safeguarding regulators’ and users’ trust and ensuring the security of the processes of financial organizations. If financial institutions want to retain their appeal to customers, they must not see the BSA as just requiring compliance but recognize their interest in tackling financial crimes to safeguard users and stability of the financial system.

James H. Freis Jr., former Director of FinCEN (2007-2012), emphasizes the dual importance of legal compliance and industry understanding in the financial sector. He advocates not only for mandatory allocation of resources to meet reporting obligations but also for ensuring that financial institutions comprehend the essential purposes and benefits of these efforts:

“It is critical that the financial industry not only be compelled by law to devote the necessary resources to its reporting obligations, but also that the industry understands and is able to take comfort in the specific and necessary purposes for which they bear these costs and dedication of resources”.

Compliance challenges

Despite the prominent place the BSA has taken in safeguarding the financial system, it is important to acknowledge that challenges for financial institutions remain. 

• Evolution of threats: in the era where digitalization is exponential, innovation serves not only for the right cause. The landscape of cybercrime continues to become ever more complex with the invention of new techniques to penetrate institutions’ defenses.
• High costs: implementation and administration of compliance frameworks have never been an easy task, often requiring dedicated personnel and technology to be employed that can create a burden on smaller organizations.
• Regulatory landscape: supervision by various regulatory bodies may often confuse  and lead to duplication of requirements, making desired compliance a complex matter.
• Data risks: the amount of data needed for compliance has often fallen victim to critique to data privacy concerns, which also fuels high costs to ensure retention of necessary data.

Many of these pain points require extra diligence from financial institutions and may require a reliable technological partner, such as Veriff, to reduce the compliance costs by leveraging cutting edge technology.

Predictions and possibilities

As financial crime continues to evolve, so will the BSA’s enforcement practices. And this will be reflected in the complexities faced by financial institutions. Notable future possibilities in money laundering trends include:

• Increased use of artificial intelligence: with AI becoming better, it is clear that technological solutions will play an increasingly important role in supporting financial institutions’ compliance efforts.
• New types of products: regulations will continue to adapt to  emerging financial products such as decentralized finance and blockchain, with likely more new services to come in upcoming years.
• Global cooperation: countries will continue to closely cooperate in prosecution of money laundering and terrorism financing crimes, as the nature of financial crime becomes increasingly of a cross-border nature.

 FAQ

1. What is the primary goal of the Bank Secrecy Act?

The BSA aims to prevent financial crimes like money laundering, tax evasion, and terrorism financing by mandating reporting and record keeping standards for financial institutions.

2. Which organizations enforce BSA compliance?

FinCEN, OCC, FDIC, NCUA are among the primary agencies overseeing BSA compliance.

3. What happens if a financial institution fails to comply with the BSA?

Non-compliance can result in significant fines, reputational damage, and in severe cases, criminal prosecution.

Please note that Veriff does not provide legal advice. This article is provided for informational purposes only. You should always discuss your anti-money laundering controls and compliance framework with a qualified legal counsel or AML specialists.