Recent FinCEN Guidance Highlights Importance of Policies, Procedures, and Processes
Recently, FinCEN issued guidance regarding seven FAQs related to Suspicious Activity Reporting (SAR) filing requirements and “Keep Open” Requests, with the latter effectively serving as interim guidance pending the forthcoming Treasury Department guidance required by the Anti-Money Laundering Act of 2020.
As expected, the guidance did not include earth-shattering revelations, but since most of the FAQ answers hinge on your institution’s policies, procedures, and processes, it underscores their importance in maintaining an effective BSA/AML program. While this approach provides significant latitude in tailoring your institution’s response to the situations addressed in the guidance, it could also result in increased BSA/AML compliance risk if your institution’s policies, procedures, and processes do not adequately address such situations.
Seven main takeaways are summarized below.
1. “Keep Open” Requests
You are not required to comply with “keep open” requests but may do so – a decision that is ultimately driven by your institution’s policies, procedures, and processes.
FinCEN also addressed “keep open” request requirements, clarifying that they must:
- be in writing;
- clearly state the scope, purpose, and duration; and
- be issued by the proper authority of the requesting law enforcement agency (federal requests—a supervisory agent or DOJ attorney; state requests—an agency supervisor or prosecutor).
2. Grand Jury Subpoenas and Law Enforcement Inquiries
Grand jury subpoenas and other law enforcement inquiries do not automatically trigger a SAR filing, but they should prompt a review of relevant account activity and transactions—the scope of which should be driven by your institution’s policies, procedures, and processes.
3. SAR Filings and Escalation
You are not required to close an account in response to a SAR filing. Rather, the decision of whether to maintain or terminate a customer relationship will ultimately be driven by your institution’s escalation policies procedures, and processes.
4. Negative News
Negative news does not automatically trigger SAR filing requirements. Instead, your response to negative news, including the extent to which it is evaluated and investigated, should be driven by—you guessed it—your institution’s policies, procedures, and processes.
5. Multiple Negative Media Alerts
You do not need to independently investigate each media alert based on the same underlying events. Instead, you should consider whether each alert contains new or different information, or whether the alert otherwise assists or informs you in assessing the relevant activity.
Your institution’s policies, procedures, and processes should address the following:
- managing high alert volume;
- identifying relationships that require news monitoring;
- updating customer information and risk profile;
- investigating transactions; and
- escalating or terminating customer relationships.
6. Duplication of SAR Narrative and Data Field Information
Data field information should not be duplicated in the SAR narrative unless required under a FinCEN advisory or as necessary to provide a clear and complete description of the suspicious activity.
7. SAR Narrative Character Limits
You should not file a separate SAR if the narrative information exceeds the 20,000-character limit, but you may include additional information as an attachment or a note.