BSA/AML Compliance: Current Issues in Identifying and Reporting Suspicious Activity

Transcription

1 Computer Services, Inc. Presents BSA/AML Compliance: Current Issues in Identifying and Reporting Suspicious Activity August 10, 2011 Presented by: David Luken, Senior Consultant Professional Bank Services, Inc.

2

3 Faculty David Luken is a Senior Consultant at PBS. Prior to joining the firm in 1992, Mr. Luken was senior vice president and general counsel for a billion dollar metropolitan bank holding company. While at PBS he has served on the faculty of the FDIC's Advanced Consumer Protection School, Bank Operations and Compliance School and the OTS Compliance School. He has also served on the faculties of banking schools conducted by the New York, Pennsylvania, Texas, North Carolina, Iowa, Kansas, Nebraska and Arkansas bankers associations. Mr. Luken conducts over 100 seminars a year in the areas of lending and deposit compliance, Bank Secrecy Act, internet banking, information security and privacy law.

4

5 Meeting Notes

6

7 Meeting Notes

8

9 Meeting Notes

10

11 SUSPICIOUS ACTIVITY REPORTING

12

13 SUSPICIOUS ACTIVITY REPORTING Table of Contents I. Introduction... 2 II. Reportable Transactions... 3 III. The Suspicious Activity Report (SAR)... 5 IV. Limits on Disclosing SAR Information V. Internal Procedures VI. Exam Procedures... 17

14

15 SUSPICIOUS ACTIVITY REPORTING I. INTRODUCTION A. Overview Suspicious activity reporting forms the cornerstone of the BSA reporting system. It is critical to the United States ability to utilize financial information to combat terrorism, terrorist financing, money laundering, and other financial crimes. Financial institutions should recognize that the quality of SAR content is critical to the adequacy and effectiveness of the suspicious activity reporting system. While the federal examiners recognize that for a practical matter, it is not possible for a financial institution to detect and report all potentially illicit transactions that flow through the institution, the examiners will focus on evaluating the institution s policies, procedures, and processes to identify, evaluate, and report suspicious activity. The sophistication of the monitoring systems utilized should be dictated by the institution s risk-profile, with particular emphasis on the composition of higher-risk products, services, clients, entities, and geographic markets. The institution should ensure that adequate staff is assigned to the identification, research, and reporting of suspicious activities, taking into account the institution s overall risk profile and the volume of transactions processed. B. Key Suspicious Activity Monitoring Components Effective suspicious activity monitoring and reporting systems include four interdependent components including: 1. Identification or Alert of unusual activity includes employee identification, law enforcement inquiries, other referrals, and transaction and surveillance monitoring system output; 2. Managing the Alerts the processes used to investigate and evaluate identified unusual activity. (Management should establish a clear and defined escalation process from the point of initial detection to disposition of the investigation). 3. SAR decision making File, or Not File? Institutions should document all SAR decisions, including the specific reasons for either filing, or not filing the SAR. Filing SARs for continuing activity reminds the institution that it should continue to review the suspicious activity to determine whether other action may be appropriate, such as management making the determination to terminate the relationship. 4. SAR Completion and Filing filed SARs must be complete, thorough, and timely. SAR narratives are subjective, and should thoroughly describe the extent and nature of the suspicious activity. C. SAR Activity Review The SAR Activity Review is an online publication available at FinCEN s web site: under the News Room, then Reports & Publications link. The SAR Activity Review is a product of continuing dialogue and close collaboration among the nation s financial institutions, law enforcement officials, and regulatory agencies to provide meaningful information about the preparation, use, and value of SARs filed by financial institutions. Published under the auspices of the Bank Secrecy Act Advisory Group, the Review is published on a semiannual basis. BSA/AML Compliance: Current Issues in -2- ProfessionalBankServices

16 II. REPORTABLE TRANSACTIONS Numerous activities and transactions may be suspicious; however, not all are of interest to law enforcement, and therefore not all suspicious transactions are reportable. A. Definitions Treasury regulation 31 CFR defines reportable suspicious transactions. When a bank knows, or should have known, that a reportable suspicious transaction has taken place, the obligation to file a SAR is created. 1. A suspiciously reportable transaction is: a. Any transaction that involves funds derived from illegal activities or is intended or conducted in order to hide or disguise funds or assets derived from illegal activities (i.e., money laundering); or b. Any transaction designed to evade any regulations promulgated under the Bank Secrecy Act (this includes structuring as well as other attempts to avoid required reporting or recordkeeping); or NOTE: Structuring is the breaking down of currency transactions into amounts under $10,000 for the purpose of evading currency transaction reporting requirements. Failing to observe the reporting requirements, or intentionally splitting a transaction into parts in order to fall below reporting thresholds can be a crime and can result in civil enforcement actions, including fines. These consequences can apply even when the funds involved were derived from legitimate, not criminal, activity. c. Any transaction having no business or apparent lawful purpose, or is not the sort in which the particular customer would normally be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction. 2. For BSA purposes, transaction means any deposit, withdrawal, transfer between accounts, exchange of currency, loan, extension of credit, purchase or sale of any stock/bond/certificate of deposit/other monetary instrument/investment security, or any other payment, transfer, or delivery by, through, or to a bank. B. Reporting Thresholds Since law enforcement cannot pursue all suspicious activity, suspicious are required to be reported only when the amount involved meets certain thresholds. Banks are required to file SARs at these dollar levels; however, they may file SARs on transactions involving lesser amounts. 1. If a bank insider is involved, there is zero tolerance, and any suspicious transaction is reportable. An insider is generally a director, officer, employee, or controlling stockholder, and can also include a shareholder, joint venture partner, accountant, appraiser, attorney or other agent or independent contractor of the bank. 2. If a potential suspect has been identified, transactions involving $5,000 or more are reportable. BSA/AML Compliance: Current Issues in -3- ProfessionalBankServices

17 3. If no potential suspect has been identified, transactions involving $25,000 or more are reportable. 4. If BSA violations, e.g., money laundering or structuring, are involved, transactions involving $5,000 or more are reportable. C. Relationship to Currency Transaction Report BSA mandates that the bank file a CTR whenever a single transaction or series of transactions in currency exceeds $10,000 on any one business day. If a transaction exceeds $10,000 in currency and is suspicious, both a SAR and a CTR must be filed. If a currency transaction involves $10,000 or less and is suspicious, the bank should only file a SAR. D. Exceptions 1. A SAR is not required to be filed for those robberies and burglaries that are reported to local authorities. III. THE SUSPICIOUS ACTIVITY REPORT (SAR) Reportable suspicious activities are reported by banks on Form TDF , which can be obtained from the web site: A. On December 21, 2006, FinCEN released final revised formats to various SAR forms: 1. SAR DI - Suspicious Activity Report by Depository Institutions -FinCEN Form SAR SF - Suspicious Activity Report by the Securities and Futures Industries FinCEN Form SAR IC - Suspicious Activity Report by Insurance Companies -FinCEN Form SAR C - Suspicious Activity Report by Casinos and Card Clubs FinCEN Form 102 NOTE: Effective Implementation Date for the above forms is unknown. Mandatory Utilization Date for the above forms is unknown. 5. SAR MSB - Suspicious Activity Report by Money Services business - FinCEN Form 109. NOTE: FinCEN has begun the design of a new SAR system and on October 15, 2010, solicited industry input on a list of proposed data fields within the new data base that will support SAR report filings. Comments were welcome on or before December 12, (75 FR ). BSA/AML Compliance: Current Issues in -4- ProfessionalBankServices

18 ALWAYS COMPLETE ENTIRE REPORT (see instructions) Reporting Financial Institution Information Suspect Information IRS Cat. No L BSA/AML Compliance: Current Issues in -5- ProfessionalBankServices

19 $,,, , Suspicious Activity Information, Contact for Assistance,, BSA/AML Compliance: Current Issues in -6- ProfessionalBankServices

20 *Suspicious Activity Information Explanation/Description Explanation/description of known or suspected violation of law or suspicious activity critical complete If necessary, continue the narrative on a duplicate of this page. Describe Explain Retain Retain Retain Indicate Indicate Indicate Recommend Indicate Indicate Indicate BSA/AML Compliance: Current Issues in -7- ProfessionalBankServices

21 Suspicious Activity Report Instructions Safe Harbor Federal law (31 U.S.C. 5318(g)(3)) provides complete protection from civil liability for all reports of suspicious transactions made to appropriate authorities, including supporting documentation, regardless of whether such reports are filed pursuant to this report s instructions or are filed on a voluntary basis. Specifically, the law provides that a financial institution, and its directors, officers, employees and agents, that make a disclosure of any possible violation of law or regulation, including in connection with the preparation of suspicious activity reports, shall not be liable to any person under any law or regulation of the United States, any constitution, law, or regulation of any State or political subdivision of any State, or under any contract or other legally enforceable agreement (including any arbitration agreement), for such disclosure or for any failure to provide notice of such disclosure to the person who is the subject of such disclosure or any other person identified in the disclosure. Notification Prohibited Federal law (31 U.S.C. 5318(g)(2)) requires that a financial institution, and its directors, officers, employees and agents who, voluntarily or by means of a suspicious activity report, report suspected or known criminal violations or suspicious activities may not notify any person involved in the transaction that the transaction has been reported. In situations involving violations requiring immediate attention, such as when a reportable violation is ongoing, the financial institution shall immediately notify, by telephone, appropriate law enforcement and financial institution supervisory authorities in addition to filing a timely suspicious activity report. WHEN TO MAKE A REPORT: 1. All financial institutions operating in the United States, including insured banks, savings associations, savings association service corporations, credit unions, bank holding companies, nonbank subsidiaries of bank holding companies, Edge and Agreement corporations, and U.S. branches and agencies of foreign banks, are required to make this report following the discovery of: a. Insider abuse involving any amount. Whenever the financial institution detects any known or suspected Federal criminal violation, or pattern of criminal violations, committed or attempted against the financial institution or involving a transaction or transactions conducted through the financial institution, where the financial institution believes that it was either an actual or potential victim of a criminal violation, or series of criminal violations, or that the financial institution was used to facilitate a criminal transaction, and the financial institution has a substantial basis for identifying one of its directors, officers, employees, agents or other institution-affiliated parties as having committed or aided in the commission of a criminal act regardless of the amount involved in the violation. b. Violations aggregating $5,000 or more where a suspect can be identified. Whenever the financial institution detects any known or suspected Federal criminal violation, or pattern of criminal violations, committed or attempted against the financial institution or involving a transaction or transactions conducted through the financial institution and involving or aggregating $5,000 or more in funds or other assets, where the financial institution believes that it was either an actual or potential victim of a criminal violation, or series of criminal violations, or that the financial institution was used to facilitate a criminal transaction, and the financial institution has a substantial basis for identifying a possible suspect or group of suspects. If it is determined prior to filing this report that the identified suspect or group of suspects has used an alias, then information regarding the true identity of the suspect or group of suspects, as well as alias identifiers, such as drivers licenses or social security numbers, addresses and telephone numbers, must be reported. c. Violations aggregating $25,000 or more regardless of a potential suspect. Whenever the financial institution detects any known or suspected Federal criminal violation, or pattern of criminal violations, committed or attempted against the financial institution or involving a transaction or transactions conducted through the financial institution and involving or aggregating $25,000 or more in funds or other assets, where the financial institution believes that it was either an actual or potential victim of a criminal violation, or series of criminal violations, or that the financial institution was used to facilitate a criminal transaction, even though there is no substantial basis for identifying a possible suspect or group of suspects. d. Transactions aggregating $5,000 or more that involve potential money laundering or violations of the Bank Secrecy Act. Any transaction (which for purposes of this subsection means a deposit, withdrawal, transfer between accounts, exchange of currency, loan, extension of credit, purchase or sale of any stock, bond, certificate of deposit, or other monetary instrument or investment security, or any other payment, transfer, or delivery by, through, or to a financial institution, by whatever means effected) conducted or attempted by, at BSA/AML Compliance: Current Issues in -8- ProfessionalBankServices

22 or through the financial institution and involving or aggregating $5,000 or more in funds or other assets, if the financial institution knows, suspects, or has reason to suspect that: i. The transaction involves funds derived from illegal activities or is intended or conducted in order to hide or disguise funds or assets derived from illegal activities (including, without limitation, the ownership, nature, source, location, or control of such funds or assets) as part of a plan to violate or evade any law or regulation or to avoid any transaction reporting requirement under Federal law; ii. The transaction is designed to evade any regulations promulgated under the Bank Secrecy Act; or iii. The transaction has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the financial institution knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction. The Bank Secrecy Act requires all financial institutions to file currency transaction reports (CTRs) in accordance with the Department of the Treasury s implementing regulations (31 CFR Chapter X). These regulations require a financial institution to file a CTR whenever a currency transaction exceeds $10,000. If a currency transaction exceeds $10,000 and is suspicious, the institution must file both a CTR (reporting the currency transaction) and a suspicious activity report (reporting the suspicious or criminal aspects of the transaction). If a currency transaction equals or is below $10,000 and is suspicious, the institution should only file a suspicious activity report. 2. Computer Intrusion. For purposes of this report, computer intrusion is defined as gaining access to a computer system of a financial institution to: a. Remove, steal, procure, or otherwise affect funds of the institution or the institution s customers; b. Remove, steal, procure or otherwise affect critical information of the institution including customer account information; or c. Damage, disable or otherwise affect critical systems of the institution. For purposes of this reporting requirement, computer intrusion does not mean attempted intrusions of websites or other non-critical information systems of the institution that provide no access to institution or customer financial or other critical information. 3. A financial institution is required to file a suspicious activity report no later than 30 calendar days after the date of initial detection of facts that may constitute a basis for filing a suspicious activity report. If no suspect was identified on the date of detection of the incident requiring the filing, a financial institution may delay filing a suspicious activity report for an additional 30 calendar days to identify a suspect. In no case shall reporting be delayed more than 60 calendar days after the date of initial detection of a reportable transaction. 4. This suspicious activity report does not need to be filed for those robberies and burglaries that are reported to local authorities, or (except for savings associations and service corporations) for lost, missing, counterfeit, or stolen securities that are reported pursuant to the requirements of 17 CFR f-1. HOW TO MAKE A REPORT: 1. Send each completed suspicious activity report to: Detroit Computing Center, P.O. Box 33980, Detroit, Ml For items that do not apply or for which information is not available, leave blank. 3. If you are correcting a previously filed report, check the box at the top of the report (line 1). Complete the report in its entirety and include the corrected information in the applicable boxes. Then describe the changes that are being made in Part V (Description of Suspicious Activity), line k. 4. Do not include any supporting documentation with the suspicious activity report. Identify and retain a copy of the suspicious activity report and all original supporting documentation or business record equivalent for five (5) years from the date of the suspicious activity report. All supporting documentation must be made available to appropriate authorities upon request. 5. If more space is needed to report additional suspects, attach copies of page 1 to provide the additional information. If more space is needed to report additional branch addresses, include this information in the narrative, Part V. 6. Financial institutions are encouraged to provide copies of suspicious activity reports to state and local authorities, where appropriate. BSA/AML Compliance: Current Issues in -9- ProfessionalBankServices

23 A. Time Frames 1. A SAR must be filed no later than 30 calendar days after the date of initial detection of facts that may constitute a basis for filing a SAR. a. If no suspect was identified on the date of detection of the incident requiring the filing, the filing of the SAR may be delayed for an additional 30 calendar days to identify a suspect. b. Unlike the CTR, the SAR addresses overall suspicious activity, not just transactions occurring on a single business day. A pattern of suspicious activity based on a group or series of transactions on different days may create the obligation to file a SAR. 2. If, after an initial SAR has been filed, related activity continues to occur, the bank should report the continuing suspicious activity with a SAR being filed at least every 90 days (SAR Activity Review #1 October 2000). 3. In cases requiring immediate attention where the bank has contacted its federal regulator and/or appropriate law enforcement, the bank is still obligated to file a SAR within the required time frame. 4. First stated in SAR Activity Review # 10 (May 2006) and further clarified in SAR Activity Review #14 (October 2008), the phrase initial detection should not be interpreted as meaning the moment a transaction is highlighted for review. The institution s automated account monitoring system or initial discovery of potentially suspicious information such as system-generated reports, may flag a transaction, however, that should not be considered initial detection of suspicious activity. The 30-day (or 60-day) period does not begin until an appropriate review is conducted and a determination is made that the transaction under review is suspicious with the meaning of the SAR regulations. A review must be initiated promptly upon identification of unusual activity that warrants investigation, and the timeframe required for completing the review of the identified activity may vary given the situation. In any event, the review should be completed in a reasonable period of time. B. Completing the SAR 1. The SAR must be completed in its entirety. All available information should be entered, and the responses none, not applicable, or unknown entered as appropriate, as opposed to merely leaving fields blank. (Blank fields may result in the bank being contacted by law enforcement to obtain what appears to be missing information.) (SAR Activity Review #6 November 2003). 2. Part V of the SAR requires a detailed narrative explanation/description of the reported activity. This section of the SAR is critical to law enforcement and the regulatory agencies. The narrative should be clear, concise, and thorough, and provide a chronological and complete description of the activity. a. The narrative should identify the six essential elements of information (the 5 Ws and How ): BSA/AML Compliance: Current Issues in -10- ProfessionalBankServices

24 (1) Who is conducting the criminal or suspicious activity? Provide any additional details about the suspect that may be relevant, e.g., employer and occupation information, the relationship between the suspect and the bank, and the length of the financial relationship. (2) What instruments or mechanisms facilitated the suspect activity/transactions? Describe the transactions that raised suspicions, e.g., cash deposits and/or withdrawals, checks, foreign currency, ATM or ACH transfers, etc. (3) When did the criminal or suspect activity occur? Identify the date of a one-time occurrence, when a pattern of activity was initiated together with a description of its duration, and when the suspect activity was detected. (4) Where did the suspicious activity take place? Identify the branch/department locations where the activity occurred and all account numbers and account types affected. (5) Why does the bank think the activity is suspicious? Describe your institution, e.g., commercial bank with 400 branches in five states, state-chartered credit union with one rural location, etc., and why the activity is considered suspicious including any relevant information about suspicious customer activity in the bank s files at the time the SAR is filed. (6) Finally, describe how the suspicious activity occurred, e.g., how the suspect transaction or pattern of transactions were completed. For account activity, provide as completely as possible an explanation of the cycle of funds including the source of the funds and their application. b. Organize the narrative into three parts: (1) Introduction: the purpose of the report, a general description of the activity, description and dates of any previously filed SARs on the subject, and any internal investigative numbers used by the bank to make records of the SAR. (2) Body: all relevant facts and specifics about the activity, identifying the 5 Ws of essential information, and how the activity occurred. (3) Conclusion: summary of the report as well as any planned or completed follow-up actions. c. Do not include supporting documentation or any evidence that has been collected with the SAR. Any such documentation is instead retained with a copy of the SAR. BSA/AML Compliance: Current Issues in -11- ProfessionalBankServices

25 (Guidance on Preparing a Complete and Sufficient SAR Narrative - C. Filing the SAR Paper-based SARs can be filed by mailing to the address specified in the SAR instructions. In addition, SARs can be filed through the BSA E-Filing system. 1. The board of directors must be informed that a SAR has been filed at the next meeting following the filing. Insured credit unions became subject to this requirement on November 27, 2006 (71FR ). 2. A copy of the SAR and all supporting documentation must be retained for a period of five years from the date of filing. IV. SAFE HARBOR A. Protection - Significant personally identifiable information is acquired and reported when a SAR is filed. However, a safe harbor from civil lawsuits is provided to those who have filed a SAR. This safe harbor provides the bank with complete protection from civil liability for all reports of suspected or known criminal violations and suspicious activities to appropriate authorities, including supporting documentation. 1. To fall within the safe harbor protection, the bank must make a good faith effort to investigate suspicious activities, document the investigation, and maintain the underlying reports and evidence that led to the SAR filing. The bank should also respond to appropriate law enforcement information requests following FinCEN Guidance G003 (June 13, 2007). 2. A bank, and any director, officer, employee, or agent of any bank that makes a voluntary disclosure of any possible violation of law or regulation to a government agency, including a disclosure made jointly with another institution, shall be protected for any such disclosure. V. LIMITS ON DISCLOSING SAR INFORMATION A. Confidentiality of SARS A SAR, and any information that would reveal the existence of a SAR are confidential and shall not be disclosed except as authorized in the regulation. B. Prohibition on Disclosures by Banks No bank, and no director, officer, employee, or agent of any bank, shall disclose a SAR or any information that would reveal the existence of a SAR. Any bank, and any director, officer, employee, or agent of any bank that is subpoenaed or otherwise requested to disclose a SAR or any information that would reveal the existence of a SAR shall decline to produce the SAR or such information citing, 31 CFR (e)(1), and 31 U.S.C. 5318(g)(2)(A)(i), and shall notify FinCEN s Office of Chief Counsel ( ), and the financial institution s primary federal regulator of any such request and the response thereto. BSA/AML Compliance: Current Issues in -12- ProfessionalBankServices

26 C. Unauthorized Disclosure Penalties - The unauthorized disclosure of SARs is a violation of federal law. Both civil and criminal penalties may be imposed for SAR disclosure violations. Violations may be enforced through civil penalties of up to $100,000 for each violation, and criminal penalties of up to $250,000 and/or imprisonment not to exceed five years. In addition, financial institutions could be liable for civil money penalties resulting from anti-money laundering program deficiencies that led to the improper SAR disclosure. Such penalties could be up to $25,000 per day for each day the violation continues. (See FinCEN Advisory 2010-A014, 11/23/10). D. Exceptions Provided that no person involved in any reported suspicious transaction is notified that the transaction has been reported, the prohibition on disclosure does not prohibit: 1. The disclosure by a bank, or any director, officer, employee or agent of a bank of a SAR, or any information that would reveal the existence of a SAR to FinCEN, or any Federal, State, or local law enforcement agency, or to any Federal regulatory authority that examines the bank for compliance with the Bank Secrecy Act, or to any State regulatory authority administering a State law that requires the bank to comply with the Bank Secrecy Act or otherwise authorizes the State authority to ensure that the bank complies with the Bank Secrecy Act. NOTE: In the instances where State agencies request that copies of SARs filed with FinCEN be provided to the State authority ( dual-filings ), financial institutions should provide SAR information only to those State entities that administer a State law that requires financial institutions to comply with the BSA, or State entities that otherwise are authorized to ensure that the financial institution complies with the BSA. State entities that do not meet the regulatory test should seek access directly from FinCEN for SAR information. (75FR75598). 2. The disclosure of the underlying facts, transactions, or documents upon which a SAR is based, including but not limited to, disclosures: a. To another financial institution, or any director, officer, employee or agent of a financial institution, for the preparation of a joint SAR; or b. In connection with certain written employment referral requests or termination notices. (Provided the disclosure is not made with malicious intent, there is complete protection from civil liability under this exception. Even though the bank can disclose information contained in a SAR under the written employment referral exception, the bank is prohibited from disclosing the fact that a SAR was filed). NOTE: Clearly, any document or other information that affirmatively states that a SAR has been filed, and by extension, any document that states that a SAR has not been filed, should be afforded confidentiality. Underlying documents (e.g., a document memorializing a customer transaction such as an account statement indicating a cash deposit, or a record of funds transfer) may identify suspicious activity, but if they do not reveal BSA/AML Compliance: Current Issues in -13- ProfessionalBankServices

27 that a SAR exists that document should not be afforded this SAR confidentiality. (75 FR 75595). NOTE: Additional commenters requested guidance from FinCEN regarding the appropriate use of SARs by agents of the financial institution, including independent auditors or other contracted service providers (E.g. information technology, legal counsel, etc). FinCEN is considering additional guidance on these matters, but until such guidance is issued, FinCEN reminds financial institutions of their ultimate responsibility to protect through reasonable controls or agreements with such agents, the confidentiality of a SAR, or any information that would reveal the existence of a SAR. (75 FR 75601). NOTE: In the BSA/AML Compliance Program Overview section contained within the interagency Bank Secrecy Act/Anti-Money Laundering Examination Manual (2010), it states that the independent testing (for BSA/AML compliance) should at a minimum include an assessment of the overall process for identifying and reporting suspicious activity, including a review of filed or prepared SARs to determine their accuracy, timeliness, completeness, and effectiveness of the bank s policy (Page 36). (See 75 FR , 12/03/2010). E. Sharing SARs by Depository Institutions with Certain U.S. Affiliates - The sharing of a SAR, or any information that would reveal the existence of a SAR with certain affiliates within the bank s corporate organizational structure, provided that the affiliate is subject to a SAR regulation is allowed under the regulations. (This expands on the FinCEN Guidance from January 20, 2006 that stated that a U.S. bank or savings association may share a SAR with its controlling company (whether domestic or foreign), and a U.S. branch or agency of a foreign bank may share a SAR with its head office). An affiliate of an authorized institution that receives shared SAR information may not then share the SAR information with its own affiliates. NOTE: There may be circumstances under which a depository institution, its affiliate, or both entities would be liable for direct or indirect disclosure by the affiliate of a SAR or any information that would reveal the existence of a SAR. Therefore, the depository institution, as part of its internal controls, should have policies and procedures in place to ensure that its affiliates protect the confidentiality of the SAR. (These policies and procedures do not replace the confidentiality agreements required under the January 2006 guidance). NOTE: An Affiliate of a depository financial institution means any company under common control with, or controlled by, that depository institution. Under common control means that another company (1) directly or indirectly or acting through one or more persons owns, controls, or has the power to vote 25% or more of any class of the voting securities of the company and the depository institution; or (2) controls in any manner the election of a majority of the directors or trustees of the company of the depository institution. Controlled by means that the depository institution (1) directly or indirectly has the power to vote 25% or more of any class of the voting securities of the company; or (2) controls in any manner the election of a majority of the directors or trustees of the company. BSA/AML Compliance: Current Issues in -14- ProfessionalBankServices

28 (See FinCEN Guidance 2010-G006, 11/23/2010, and 75FR ). VI. OTHER FINCEN SAR GUIDANCE A. Mortgage Scams - FinCEN has issued an advisory (FIN 2009 A001) requesting the industry s assistance in identifying and reporting any business involved in Loan Modification/Foreclosure Rescue Scams. Persons or entities perpetrating these loan modification/foreclosure rescue scams may seek the services of DFIs for the purpose of receiving, depositing, or moving the funds associated with these scams. DFIs may also become aware of such scams through their interactions with clients who have become the victim of such a scam. (The advisory provides a list of red-flags that could be indicators of the presence of a foreclosure rescue scam). If a DFI suspects that a loan modification/foreclosure rescue scam has taken place, a SAR should be filed containing all relevant information (remembering that the homeowner is not the suspect, they are the victim), and the words Foreclosure Rescue Scam should go on the first line of the SAR narrative. On November 17, 2009, DOJ, DOT, HUD and the SEC announced the establishment of an interagency financial fraud enforcement task force to strengthen efforts to combat financial crime. B. L/E Requests to Maintain Accounts - FinCEN Guidance (2007-G002, June 13, 2007 Requests by Law Enforcement for Financial Institutions to Maintain Accounts) states that if a law enforcement agency requests that a financial institution maintain a particular account to facilitate an ongoing investigation, the financial institution should ask for a written request to support the request. The request should be issued by a supervisory agent or by an attorney in the United States Attorney s Office, or another office in the Department of Justice. If a state or local law enforcement agency requests that an account be maintained, the written request should come from a supervisor of the state or local law enforcement agency or from an attorney within a state or local prosecutor s office. The written request should indicate that the agency has requested that the financial institution maintain the account, and the purpose of the request. The request should also indicate the duration for the request, not to exceed six months. (Law enforcement may issue subsequent requests for account maintenance after the expiration of the initial request). FinCEN recommends that financial institutions maintain documentation of such requests for five years after the request has expired. ULTIMATELY, the decision to maintain or close an account should be made by a FINANCIAL INSTITUTION in accordance with its own standards and guidelines. Although there is no requirement that a financial institution maintain a particular account relationship, financial institutions should be mindful that complying with such a request may further law enforcement efforts to combat money laundering, terrorist financing, and other crimes. If a financial institution chooses to maintain an account in response to a request from law enforcement, it is required to comply with all applicable BSA Rules, including the filing of SARs. C. Requests for SAR Supporting Documentation - FinCEN Guidance (2007- G003, June 13, 2007 Suspicious Activity Reporting Supporting Documentation) states that when a financial institution files a SAR, it is required to maintain a copy of the SAR and the original or business record equivalent of any supporting documentation for a period of five years from the BSA/AML Compliance: Current Issues in -15- ProfessionalBankServices

29 date of filing the SAR. Financial institutions must provide all documentation supporting the filing of the SAR upon request by FinCEN or an appropriate law enforcement or supervisory agency. (Financial institutions should take care to verify that a requestor of information is in fact, a representative of FinCEN or an appropriate law enforcement or supervisory agency. Independent employment verification of the requestor with the requestor s filed office, or face-to-face review of the requestor s credentials are examples of such verification.) Supporting documentation refers to all documents or records that assisted a financial institution in making the determination that certain activity required a SAR filing, and a financial institution must identify supporting documentation at the time the SAR is filed, in the narrative section of the SAR. Examples of supporting documentation include transaction records, new account information, tape recordings, messages, and correspondence. Although the Right to Financial Privacy Act generally prohibits financial institutions from disclosing a customer s financial records to a Government agency without service of legal process, no such requirement applies when FinCEN or an appropriate law enforcement agency or supervisory agency requests either a copy of the SAR or supporting documentation underlying the SAR. D. Regulation GG Impact - Prohibition on Funding of Unlawful Internet Gambling - On November 18, 2008, the Treasury Department and the Federal Reserve Bank published the Final Rule implementing the applicable provisions of the Unlawful Internet Gambling Enforcement Act. All non-exempt participants in designated payment systems shall establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions. Under the final Rule, the term restricted transaction would not include funds going to a gambler, and would only include funds going to an internet gambling business. However, under the final Rule, nothing in such Rule modifies any requirement imposed on any participant by other applicable law or regulation to file a SAR to the appropriate authorities. The effective date of this regulation was January 19, 2009, with compliance by non-exempt participants in designated payment systems not required until June 1, (73 FR and 74 FR 62687). E. Mortgage Scams - FinCEN Advisory 2010-A005 (April 27, 2010) Filing SARs regarding Home Equity Conversion Mortgage Fraud Schemes states that if fraud or potential fraudulent activity is discovered as part of the FHA s Home Equity Conversion Mortgage Program (HECM), financial institutions are encouraged to alert law enforcement through the filing of a SAR. Red-Flag examples of potential HECM fraudulent activity are included in the advisory. The term HECM should be placed early in the SAR narrative, and the victim should be encouraged to contact HUD at (If any other type of FHA-insured mortgage fraud is discovered and reported using a SAR, the term FHA should appear early in the SAR narrative). F. Elder Financial Exploitation FinCEN Advisory 2011-A-003 Advisory to Financial Institutions on Filing Suspicious Activity Reports Regarding Elder Financial Exploitation provides assistance to the industry in reporting instances of financial exploitation of the elderly, which is a form of elder abuse. Often financial institutions are quick to suspect elder financial exploitation based on BSA/AML Compliance: Current Issues in -16- ProfessionalBankServices

30 personnel familiarity to their elderly clients. While anyone can be a victim of a financial crime such as identity theft, embezzlement, and fraudulent schemes, certain elderly individuals may be particularly vulnerable. Advisory 2011-A003 contains examples of Red-Flags that COULD indicate the existence of elder financial exploitation. Institutions should evaluate indicators of potential financial exploitation in combination with other red-flags and expected transaction activity being conducted by or on behalf of the elder. Institutions may become aware of persons or entities perpetrating illicit activity against the elderly through monitoring transaction not consistent with expected behavior, and through their direct interactions with the elderly clients who are being financially exploited. When completing the SAR, check box 35 S Other and use the description Elder Financial Exploitation, and check any other block in section 35 that applies to the specific situation being reported. In addition, in the first part of the narrative, display the words Elder Financial Exploitation prominently to assist law enforcement in identifying these situations. NOTE: The elderly victim of the possible abuse is not the suspect, and should not be reported as the subject of the SAR. All available information on the elderly victim should be included in the narrative portion of the SAR. NOTE: Elder abuse, including financial exploitation, is generally reported and investigated at the local level. SAR filers should continue to report all forms of elder abuse according to institutional policies and procedures and the requirements of state and local laws and regulations where applicable. VII. INTERNAL PROCEDURES Taking organizational action is critical since SARs must be filed within specific time frames. Internal procedures should be established for identifying, investigating, and determining whether to report suspicious activity. A. Communication System The bank should set up an internal system for communicating to the proper personnel that suspicious activity or transactions have been detected. Channels for reporting suspected activity or transactions can include phone calls, memos, or internally developed forms. B. Central Office(r) The bank should designate a centralized employee, officer, or department to serve as a clearinghouse for branch or line personnel to report suspicious transactions. This Central Office(r) s duties should include: 1. Reviewing internal reports and determining if additional investigation is necessary. 2. Conducting any necessary investigation. 3. Informing senior management if a SAR filing is warranted. 4. Ensuring that the investigation documents and evidence supporting any SAR filing are obtained and maintained for five years. NOTE: Proper documentation of the investigation is especially critical if the decision not to file a SAR is made. This establishes that the bank acted in good faith and is not guilty of willful blindness regarding the suspect activity. BSA/AML Compliance: Current Issues in -17- ProfessionalBankServices

31 5. Serving as the contact point when regulatory agencies or FinCEN requests additional information. C. Auditing the Suspicious Activity Reporting Program - Tips for developing and administering an audit program to review and independently test compliance with SAR requirements can be found in the SAR Activity Review #6 November 2003, and in the SAR Activity Review #16 October VIII. EXAM PROCEDURES - Contained within the current Interagency BSA/AML Examination Manual are the core examination procedures covering an institution s SAR program. Highly qualitative and subjective in nature, the Federal examiner will evaluate the program to determine whether it is appropriate for the institution. The examiner will also determine whether the suspicious activity monitoring systems and reporting processes are adequate and effectively implemented by considering a number of factors including, but not limited to: Identification of Unusual Activity 1. Lines of communication for the referral of unusual activity to appropriate personnel; 2. Designation of individual(s) responsible for identifying, researching, and reporting suspicious activities; 3. Monitoring systems used to identify unusual activity; 4. Procedures for reviewing and evaluating the transaction activity of subjects included in law enforcement requests for suspicious activity. The examiner is instructed to evaluate policies, procedures, and processes for: a. Responding to National Security Letters (NSLs); b. Evaluating the account of the target for suspicious activity; c. Filing SARs, if necessary; and d. Handling account closures. SAR Decision Making 5. Manual transaction monitoring reports Do they capture all areas that pose money laundering and terrorist financing risks? Do the manual transaction monitoring systems use reasonable filtering criteria that has been independently verified, and that generate accurate reports at a reasonable frequency? 6. Automated Account monitoring surveillance Identify the system methodology and filtering criteria utilized, ask the reasonable question, determine if independently validated, and ensure that access to the system is limited and there is sufficient oversight of assumption changes. BSA/AML Compliance: Current Issues in -18- ProfessionalBankServices

32 Managing Alerts 7. Policies, procedures, and processes to ensure timely generation of, and review of, and response to reports used to identify unusual activity. Determine if such procedures require appropriate research when suspicious activity is identified. 8. Policies, procedures, and processes for referring suspicious activity from all business lines to the personnel or department responsible for evaluating the unusual activity. (Criminal subpoenas, NSLs, 314(a) requests should be effectively evaluated). 9. Staffing levels are sufficient to review reports and alerts and investigate items, and the staff possess the requisite experience level and proper investigatory tools. (The volume of alerts and investigations should NOT be tailored solely to meet existing staffing levels). 10. SAR decision process should consider all available CDD and EDD information. 11. Procedures for documenting decision not to file a SAR - are such decisions supported and reasonable? 12. Procedures for escalating issues identified as the result of repeat SAR filings on accounts. 13. Procedures for considering closing accounts as a result of continuous suspicious activity; SAR Completion and Filing 14. Procedures for completing, filing, and retaining SARs and their supporting documentation; Procedures for reporting SARs to the board of directors, or a committee thereof, and senior management; Procedures for sharing SARs with head offices and controlling companies; 15. Transactional testing of the SAR monitoring systems and reporting processes; Financial institutions may obtain copies of the exam procedures from BSA/AML Compliance: Current Issues in -19- ProfessionalBankServices

33 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! Appendix F: Money Laundering and Terrorist Financing Red Flags >,%$-!9/0%&$1'%2!/%&!5$11,1'45!<'%/%6'%2B! >/-!;$9#!A/%D4!/%&!$(/>'%$14!1$6,2%'E$!#,44'A9$!>,%$-!9/0%&$1'%2!/%&!5$11,1'45! <'%/%6'%2!46;$>$4B!!+/%/2$>$%5F4!#1'>/1-!<,604!4;,09&!A$!,%!1$#,15'%2!404#'6',04! '%-B! 3;$!>$1$!#1$4$%6$!,<!/!1$&!<9/2!'4!%,5!A-!'54$9<!$?'&$%6$!,<!61'>'%/9!/65'?'5-B!! G9,4$1!46105'%-!4;,09&!;$9#!5,!&$5$1>'%$!=;$5;$1!5;$!/65'?'5-!'4!404#'6',04!,1!,%$!<,1! =;'6;!5;$1$!&,$4!%,5!/##$/1!5,!A$!/!1$/4,%/A9$!A04'%$44!,1!9$2/9!#01#,4$B! Potentially Suspicious Activity That May Indicate Money Laundering G045,>$14!H;,!I1,?'&$!J%40<<'6'$%5!,1!K04#'6',04!J%<,1>/5',%!! "!6045,>$1!04$4!0%040/9!,1!404#'6',04!'&$%5'<'6/5',%!&,60>$%54!5;/5!6/%%,5!A$! 1$/&'9-!?$1'<'$&B!! "!6045,>$1!#1,?'&$4!/%!'%&'?'&0/9!5/(!'&$%5'<'6/5',%!%0>A$1!/<5$1!;/?'%2!#1$?',049-! 04$&!/!K,6'/9!K$601'5-!%0>A$1B!! "!6045,>$1!04$4!&'<<$1$%5!5/(!'&$%5'<'6/5',%!%0>A$14!='5;!?/1'/5',%4!,<!;'4!,1!;$1! %/>$B!! '54!A04'%$44!9,6/5',%B!! "!6045,>$1F4!;,>$!,1!A04'%$44!5$9$#;,%$!'4!&'46,%%$65$&B!! 3;$!6045,>$1F4!A/6D21,0%&!&'<<$14!<1,>!5;/5!=;'6;!=,09&!A$!$(#$65$&!,%!5;$!A/4'4!,<! ;'4!,1!;$1!A04'%$44!/65'?'5'$4B!! "!6045,>$1!>/D$4!<1$L0$%5!,1!9/12$!51/%4/65',%4!/%&!;/4!%,!1$6,1&!,<!#/45!,1!#1$4$%5! $>#9,->$%5!$(#$1'$%6$B!! 5,!#1,?'&$!'%<,1>/5',%!,%!6,%51,99'%2!#/15'$4!/%&!0%&$19-'%2!A$%$<'6'/1'$4B!M$%$<'6'/9!,=%$14!>/-!;'1$!%,>'%$$!'%6,1#,1/5',%!4$1?'6$4!5,!$45/A9'4;!4;$99!6,>#/%'$4!/%&!,#$%!A/%D!/66,0%54!<,1!5;,4$!4;$99!6,>#/%'$4!=;'9$!4;'$9&'%2!5;$!,=%$1F4!'&$%5'5-B! ))JNG!MK"O"+.!N(/>'%/5',%!+/%0/9! )PQ! RSOTUOTRQR! BSA/AML Compliance: Current Issues in -20- ProfessionalBankServices

34 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! @/'%5/'%!1$?0'1$&!1$6,1&4B!! &$#,4'54!A$9,E!/!4#$6'<'$&!5D1$4D,9&B!! 6,0%51'$4!&$4'2%/5$&!A-!%/5',%/9!/05D,1'5'$4!/%&!)'%/%6'/9!"65',%!3/4>!),16$!,%! +,%$-!./0%&$1'%2!I)"3)J!/4!%,%6,,#$1/5'=$!6,0%51'$4!/%&!5$11'5,1'$4JB!! )0%&4!31/%4<$14!! +/%-!<0%&4!51/%4<$14!/1$!4$%5!'%!9/12$C!1,0%&!&,99/1C!D0%&1$&!&,99/1C!,1!5D,04/%&! D'2D$1N1'4>!2$,21/#D'6!9,6/5',%!E'5D,05!/%!/##/1$%5!A04'%$44!1$/4,%!,1!ED$%!5D$! )0%&4!51/%4<$1!/65'='5-!'4!0%$(#9/'%$&C!1$#$5'5'=$C!,1!4D,E4!0%040/9!#/55$1%4B!! /1$!1$6$'=$&B! )UV! HWTVXTVHLH! BSA/AML Compliance: Current Issues in -21- ProfessionalBankServices

35 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:!! )0%&4!51/%4;$14!/1$!4$%5!,1!1$6$'<$&!;1,=!5>$!4/=$!#$14,%!5,!,1!;1,=!&';;$1$%5! /66,0%54?!! "05,=/5$&!A9$/1'%2!B,04$!31/%4/65',%4!!./12$C</90$D!/05,=/5$&!69$/1'%2!>,04$!E"ABF!51/%4/65',%4!/1$!;1$G0$%59-!'%'5'/5$&! 51/%4/65',%4D!,1!#1,6$44'%2!=/%'#09/5$&!,1!;1/0&09$%5!51/%4/65',%4!,%!J$>/9;!,;!5>$'1! 6045,=$14?!! +095'#9$!9/-$14!,;!3HIH4!5>/5!/##$/1!5,!J$!0%%$6$44/1'9-!'%<,9<$&!'%!51/%4/65',%4?!!! L%040/99-!>'2>!9$<$9!,;!51/%4/65',%4!'%'5'/5$&!,<$1!5>$!M%5$1%$5!,1!J-!5$9$#>,%$?!!! N"AB"!O!3>$!P9$651,%'6!H/-=$%54!"44,6'/5',%!EN"AB"F!'%;,1=/5',%!1$G0$454! "65'<'5-!M%6,%4'45$%5!K'5>!5>$!A045,=$1Q4!R04'%$44!! 3>$!6011$%6-!51/%4/65',%!#/55$1%4!,;!/!J04'%$44!4>,K!/!40&&$%!6>/%2$!'%6,%4'45$%5! K'5>!%,1=/9!/65'<'5'$4?!! '%5,D!,1!#016>/4$&!5>1,02>D!/%!/66,0%5!K>$%!5>$!%/501$!,;!5>$!/66,0%5>,9&$1Q4! J04'%$44!K,09&!%,5!/##$/1!5,!S045';-!406>!/65'<'5-?!! "!1$5/'9!J04'%$44!>/4!&1/=/5'6/99-!&';;$1$%5!#/55$1%4!,;!6011$%6-!&$#,4'54!;1,=!4'='9/1! J04'%$44$4!'%!5>$!4/=$!2$%$1/9!9,6/5',%?!! L%040/9!51/%4;$14!,;!;0%&4!,6601!/=,%2!1$9/5$&!/66,0%54!,1!/=,%2!/66,0%54!5>/5! '%<,9<$!5>$!4/=$!,1!1$9/5$&!#1'%6'#/94?!! 4,016$!,;!6011$%6-?!! T,,&4!,1!4$1<'6$4!#016>/4$&!J-!5>$!J04'%$44!&,!%,5!=/56>!5>$!6045,=$1Q4!45/5$&!9'%$!,;!J04'%$44?!! &1/K%!;1,=!5>$!/66,0%5!,;!5>$!$%5'5-!5>/5!=/&$!5>$!#016>/4$?! ))MPA!RI"U"+.!P(/='%/5',%!+/%0/9! )VW! XYUZ[UZX\X! BSA/AML Compliance: Current Issues in -22- ProfessionalBankServices

36 #/15'609/19-!>=$%!,>%$&!<-!/##/1$%59-!0%1$9/5$&!5='1&!#/15'$4?!! C,11,>$1!&$D/0954!,%!/!6/4=E4$601$&!9,/%!,1!/%-!9,/%!5=/5!'4!4$601$&!<-!/44$54!>='6=! $(#9/%/5',%?!! H=/%2$4!'%!C/%AE5,EC/%A!31/%4/65',%4!! 3=$!4'I$!/%&!D1$J0$%6-!,D!6011$%6-!&$#,4'54!'%61$/4$4!1/#'&9-!>'5=!%,!6,11$4#,%&'%2! '%61$/4$!'%!%,%6011$%6-!&$#,4'54?!! "!</%A!'4!0%/<9$!5,!51/6A!5=$!510$!/66,0%5=,9&$1!,D!6,11$4#,%&$%5!,1!6,%6$%51/5',%! /66,0%5!51/%4/65',%4?!! 2';$%!5=$!</%AK4!9,6/5',%?!! H1,44EC,1&$1!)'%/%6'/9!L%45'505',%!31/%4/65',%4 MNO!! R01'4&'65',%4!,054'&$!,D!+$('6,!5=/5!<$/1!%,!/##/1$%5!<04'%$44!1$9/5',%4='#!>'5=!5=$! MNO! )'%HST!"&;'4,1-!)LTEMUUNE"UUVB!Guidance to Financial Institutions on the Repatriation of Currency Smuggled into Mexico from the United StatesB!"#1'9!MOB!MUUN?! )XY! UYWMZWMU[U! BSA/AML Compliance: Current Issues in -23- ProfessionalBankServices

37 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! 6/4/4!&$!6/;<',. +$('6/%!='%/%6'/9!'%45'505',%B! '%45'505',%4!<-!FBGB!</%H4B!!./12$!>,90;$4!,=!4;/99!&$%,;'%/5',%!FBGB!</%H!%,5$4!<$'%2!4$%5!=1,;!=,1$'2%! 51/%4#,15?!,1!4,9&!&'1$659-!5,!FBGB!</%H4B!! /&$!)'%/%6$!! %,%6,,#$1/5'>$!6,0%51'$4B!! ))NRC!JG"Q"+.!R(/;'%/5',%!+/%0/9! )ST! UVQWXQWUYU! BSA/AML Compliance: Current Issues in -24- ProfessionalBankServices

38 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! BC=',04!,=$1D!,1!0%&$1D#1'6'%2!,;!2,,&4!/%&!4$1='6$4A!! BC=',04!?'41$#1$4$%5/5',%!,;!E0/%5'5-!,1!5-#$!,;!2,,&4!'?#,15$&!,1!$(#,15$&A!! 31/%4/65',%! $!/##$/14!0%%$6$44/1'9-!6,?#9$(!/%&!&$4'2%$&!5,!,C4601$!5>$!510$! %/501$!,;!5>$!51/%4/65',%A!! F045,?$1!1$E0$454!#/-?$%5!,;!#1,6$$&4!5,!/%!0%1$9/5$&!5>'1&!#/15-A!! G>'#?$%5!9,6/5',%4!,1!&$461'#5',%!,;!2,,&4!%,5!6,%4'45$%5!H'5>!9$55$1!,;!61$&'5A!! G'2%';'6/%59-!/?$%&$&!9$55$14!,;!61$&'5!H'5>,05!1$/4,%/C9$!I045';'6/5',%!,1!6>/%2$4!5,! 5>$!C$%$;'6'/1-!,1!9,6/5',%!,;!#/-?$%5A!!"%-!6>/%2$4!'%!5>$!%/?$4!,;!#/15'$4!4>,09&! #1,?#5!/&&'5',%/9!B)"F!1$='$HA! J1'=/5$9-!BH%$&!"05,?/5$&!3$99$1!+/6>'%$4!! #1'=/5$9-!,H%$&!,1!C/%LD,H%$&!"3+4!'%!6,?#/1/C9$!2$,21/#>'6!/%&!&$?,21/#>'6! 9,6/5',%4A!! G,016$4!,;!6011$%6-!;,1!5>$!"3+!6/%%,5!C$!'&$%5';'$&!,1!6,%;'1?$&!5>1,02>! H'5>&1/H/94!;1,?!/66,0%5<!/1?,1$&!6/1!6,%51/654<!9$%&'%2!/11/%2$?$%54<!,1!,5>$1! /##1,#1'/5$!&,60?$%5/5',%A! M%401/%6$!! "!6045,?$1!#016>/4$4!#1,&0654!H'5>!5$1?'%/5',%!;$/501$4!H'5>,05!6,%6$1%!;,1!5>$! #1,&065N4!'%=$45?$%5!#$1;,1?/%6$A!! "!6045,?$1!#016>/4$4!'%401/%6$!#1,&0654!04'%2!/!4'%29$<!9/12$!#1$?'0?!#/-?$%5<! #/15'609/19-!H>$%!#/-?$%5!'4!?/&$!5>1,02>!0%040/9!?$5>,&4!406>!/4!6011$%6-!,1! 6011$%6-!$E0'=/9$%54A!! "!6045,?$1!#016>/4$4!/!#1,&065!5>/5!/##$/14!,054'&$!5>$!6045,?$1N4!%,1?/9!1/%2$!,;! ;'%/%6'/9!H$/95>!,1!$45/5$!#9/%%'%2!%$$&4A!! "!6045,?$1!C,11,H4!/2/'%45!5>$!6/4>!4011$%&$1!=/90$!,;!#$1?/%$%5!9';$!'%401/%6$! #,9'6'$4<!#/15'609/19-!H>$%!#/-?$%54!/1$!?/&$!5,!/##/1$%59-!0%1$9/5$&!5>'1&!#/15'$4A!! J,9'6'$4!/1$!#016>/4$&!5>/5!/99,H!;,1!5>$!51/%4;$1!,;!C$%$;'6'/9!,H%$14>'#!'%5$1$454! H'5>,05!5>$!L%,H9$&2$!/%&!6,%4$%5!,;!5>$!'%401/%6$!'440$1A!!3>'4!H,09&!'%690&$! 4$6,%&>/%&!$%&,H?$%5!/%&!C$/1$1!'%401/%6$!#,9'6'$4A!! "!6045,?$1!'4!L%,H%!5,!#016>/4$!4$=$1/9!'%401/%6$!#1,&0654!/%&!04$4!5>$!#1,6$$&4! ;1,?!/%!$/19-!#,9'6-!4011$%&$1!5,!#016>/4$!,5>$1!;'%/%6'/9!/44$54A! ))MOF!PG"Q"+.!O(/?'%/5',%!+/%0/9! )RS! TUQVWQVTXT! BSA/AML Compliance: Current Issues in -25- ProfessionalBankServices

39 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:!! GA$99!H,;#/%-!"65'='5-!! "!F/%C!'4!0%/F9$!5,!,F5/'%!40EE'6'$%5!'%E,1;/5',%!,1!'%E,1;/5',%!'4!0%/=/'9/F9$!5,! #,4'5'=$9-!'&$%5'E-!,1'2'%/5,14!,1!F$%$E'6'/1'$4!,E!/66,0%54!,1!,5A$1!F/%C'%2!/65'='5-! F/%CD?!! 1$4#,%&$%5!F/%C!,1!6A/1/65$1!,E!5A$!E'%/%6'/9!/65'='5-L!/!6,;#/%-!1$E$1$%6$4! 1$;/1C/F9-!&'44';'9/1!2,,&4!/%&!4$1='6$4!'%!1$9/5$&!E0%&4!51/%4E$14L!$(#9/%/5',%!2'=$%! F-!E,1$'2%!1$4#,%&$%5!F/%C!'4!'%6,%4'45$%5!M'5A!,F4$1=$&!E0%&4!51/%4E$1!/65'='5-?!! N%040/99-!9/12$!%0;F$1!/%&!=/1'$5-!,E!F$%$E'6'/1'$4!/1$!1$6$'='%2!E0%&4!51/%4E$14! E1,;!,%$!6,;#/%-?!! )1$<0$%5!'%=,9=$;$%5!,E!;095'#9$!O01'4&'65',%4!,1!F$%$E'6'/1'$4!9,6/5$&!'%!A'2A$1P1'4C!,EE4A,1$!E'%/%6'/9!6$%5$14?!! "!E,1$'2%!6,11$4#,%&$%5!F/%C!$(6$$&4!5A$!$(#$65$&!=,90;$!'%!'54!69'$%5!#1,E'9$!E,1! 51/%4E$14!5A/5!'4!'%6,%4'45$%5!M'5A!'54!%,1;/9!F04'%$44!/65'='5-?!! +095'#9$!A'2AP=/90$!#/-;$%54!,1!51/%4E$14!F$5M$$%!4A$99!6,;#/%'$4!M'5A!%,!/##/1$%5! 9$2'5';/5$!F04'%$44!#01#,4$?!! J01#,4$!,E!5A$!4A$99!6,;#/%-!'4!0%C%,M%!,1!0%69$/1?! Q;F/44-!/%&!),1$'2%!H,%409/5$!"66,0%54!! REE'6'/9!$;F/44-!F04'%$44!'4!6,%&065$&!5A1,02A!#$14,%/9!/66,0%54?!! /65'='5-!,1!#/-/F9$!0#,%!#1,#$1!'&$%5'E'6/5',%!51/%4/65',%4?!! "66,0%54!/1$!E0%&$&!5A1,02A!40F45/%5'/9!6011$%6-!51/%4/65',%4?!! "66,0%54!&'1$659-!E0%&!#$14,%/9!$(#$%4$4!,E!E,1$'2%!%/5',%/94!M'5A,05!/##1,#1'/5$! ))IQH!SG"T"+.!Q(/;'%/5',%!+/%0/9! )UV! WXTYZTYW[W! BSA/AML Compliance: Current Issues in -26- ProfessionalBankServices

40 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! ;<#9,-$$4!! #/15'609/19-!'%!#1'?/5$!>/%D'%2A!! ;<#9,-$$!'4!1$9065/%5!5,!5/D$!/!?/6/5',%A! E5=$1!F%040/9!,1!G04#'6',04!H045,<$1!"65'?'5-!! &$%,<'%/5',%4A!! K1/##$&!'%!10>>$1!>/%&4!5=/5!'4!&'4,12/%'B$&!/%&!&,$4!%,5!>/9/%6$!K=$%!6,0%5$&A!! %,!/##/1$%5!,%9'%$!,1!/065',%!>04'%$44A!! +,%$5/1-!'%4510<$%54!&$#,4'5$&!>-!</'9!/1$!%0<>$1$&!4$I0$%5'/99-!,1!=/?$!0%040/9! 4-<>,94!,1!45/<#4!,%!5=$<A!! #$,#9$!K=,!$%5$1!/!4'%29$!>1/%6=!/5!5=$!4/<$!5'<$A!! '%45'505',%!69,4$1!5,!5=$<A!! H045,<$1!1$#$/5$&9-!04$4!/!>/%D!,1!>1/%6=!9,6/5',%!5=/5!'4!2$,21/#='6/99-!&'45/%5! ))P;H!QG"R"+.!;(/<'%/5',%!+/%0/9! )ST! UVRWXRWUYU! BSA/AML Compliance: Current Issues in -27- ProfessionalBankServices

41 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:!! ;045,<$1!1$%54!<095'#9$!4/?$!&$#,4'5!>,($4!5,!45,1$!9/12$!/<,0%54!,?!6011$%6-A! <,%$5/1-!'%4510<$%54A!,1!='2=DB/90$!/44$54!/E/'5'%2!6,%B$14',%!5,!6011$%6-A!?,1! 6045,&-!/66,0%54!5,!#/1F!9/12$!/<,0%54!,?!4$601'5'$4!/E/'5'%2!4/9$!/%&!6,%B$14',%! '%5,!6011$%6-A!<,%$5/1-!'%4510<$%54A!,052,'%2!?0%&4!51/%4?$14A!,1!/!6,<>'%/5',%! ;045,<$1!=/4!$45/>9'4=$&!<095'#9$!/66,0%54!'%!B/1',04!6,1#,1/5$!,1!'%&'B'&0/9!%/<$4! 5=/5!9/6F!40??'6'$%5!>04'%$44!#01#,4$!?,1!5=$!/66,0%5!6,<#9$('5'$4!,1!/##$/1!5,!>$!/%! ;045,<$1!</F$4!<095'#9$!/%&!?1$C0$%5!6011$%6-!&$#,4'54!5,!B/1',04!/66,0%54!5=/5!/1$! ;,%B$14$9-A!/%!/66,0%5!E'5=!9'559$!/65'B'5-!</-!40&&$%9-!$(#$1'$%6$!9/12$!&$#,4'5!/%&! ;045,<$1!</F$4!='2=DB/90$!51/%4/65',%4!%,5!6,<<$%401/5$!E'5=!5=$!6045,<$1I4! Potentially Suspicious Activity That May Indicate Terrorist Financing 3=$!?,99,E'%2!$(/<#9$4!,?!#,5$%5'/99-!404#'6',04!/65'B'5-!5=/5!</-!'%&'6/5$!5$11,1'45!?'%/%6'%2!/1$!#1'</1'9-!>/4$&!,%!20'&/%6$!7J0'&/%6$!?,1!)'%/%6'/9!K%45'505',%4!'%! MNO!)"3)!'4!/%!'%5$12,B$1%<$%5/9! >,&-!E=,4$!#01#,4$!'4!5=$!&$B$9,#<$%5!/%&!#1,<,5',%!,?!#,9'6'$4A!>,5=!/5!%/5',%/9!/%&! MNO! Guidance for Financial Institutions in Detecting Terrorist FinancingA!"#1'9!MPA!MQQMA!'4!/B/'9/>9$!/5! ))KS;!TG"R"+.!S(/<'%/5',%!+/%0/9! )UO! QPRMORMQVQ! BSA/AML Compliance: Current Issues in -28- ProfessionalBankServices

42 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:! 6,0%51'$4!&$4'2%/5$&!C-!%/5',%/9!/05>,1'5'$4!/%&!)"3)!/4!%,%6,,#$1/5';$!6,0%51'$4! /%&!5$11'5,1'$4KI!! /65';'5-I!! 8$2/1&'%2!%,%#1,E'5!,1!6>/1'5/C9$!,12/%'M/5',%4J!E'%/%6'/9!51/%4/65',%4!,6601!E,1! C$!%,!9'%G!C$5D$$%!5>$!45/5$&!/65';'5-!,E!5>$!,12/%'M/5',%!/%&!5>$!,5>$1!#/15'$4!'%!5>$! 51/%4/65',%I!! )0%&4!31/%4E$14!! 5>$!51/%4E$14J!#/15'609/19-!D>$%!5>'4!/65';'5-!'%;,9;$4!>'2>$1F1'4G!9,6/5',%4I!! $(#$65$&I!! +095'#9$!#$14,%/9!/%&!C04'%$44!/66,0%54!,1!5>$!/66,0%54!,E!%,%#1,E'5!,12/%'M/5',%4!,1! C$%$E'6'/1'$4I!! E,99,D$&!C-!E0%&4!51/%4E$14!5,!9,6/5',%4!>/;'%2!%,!/##/1$%5!C04'%$44!6,%%$65',%!D'5>! P5>$1!31/%4/65',%4!3>/5!"##$/1!Q%040/9!,1!R04#'6',04!! C-!E0%&4!51/%4E$14!5,!>'2>$1F1'4G!9,6/5',%4I! )UVW! WXTYZTYWVW! BSA/AML Compliance: Current Issues in -29- ProfessionalBankServices

43 "##$%&'(!)*!+,%$-!./0%&$1'%2!/%&!3$11,1'45!)'%/%6'%2!78$&!)9/24:!! +095'#9$!/66,0%54!/1$!04$&!5,!6,99$65!/%&!;0%%$9!;0%&4!5,!/!4</99!%0<=$1!,;!;,1$'2%! "!6045,<$1!,=5/'%4!/!61$&'5!'%4510<$%5!,1!$%2/2$4!'%!6,<<$16'/9!;'%/%6'/9! 5?$1$!/##$/1!5,!=$!%,!9,2'6/9!=04'%$44!1$/4,%4!;,1!&$/9'%2!D'5?!5?,4$!9,6/5',%4B!! F%401/%6$!#,9'6-!9,/%4!,1!#,9'6-!4011$%&$1!C/90$4!5?/5!/1$!40=G$65!5,!/!40=45/%5'/9! 4011$%&$1!6?/12$B! ))FHI!EJ"K"+.!H(/<'%/5',%!+/%0/9! )LMM! NOKPQKPNMN! BSA/AML Compliance: Current Issues in -30- ProfessionalBankServices

44 (Blank Page) BSA/AML Compliance: Current Issues in -31- ProfessionalBankServices

45 Department of the Treasury Financial Crimes Enforcement Network Advisory FIN-2011-A003 Issued: February 22, 2011 Subject: Advisory to Financial Institutions on Filing Suspicious Activity Reports Regarding Elder Financial Exploitation The Financial Crimes Enforcement Network (FinCEN) is issuing this advisory to assist the financial industry in reporting instances of financial exploitation of the elderly, a form of elder abuse. 1 Financial institutions can play a key role in addressing elder financial exploitation due to the nature of the client relationship. Often, financial institutions are quick to suspect elder financial exploitation based on bank personnel familiarity with their elderly customers. The valuable role financial institutions can play in alerting appropriate authorities to suspected elder financial exploitation has received increased attention at the state level; this focus is consistent with an upward trend at the federal level in Suspicious Activity Reports (SARs) describing instances of suspected elder financial exploitation. 2 Analysis of SARs reporting elder financial exploitation can provide critical information about specific frauds and potential trends, and can highlight abuses perpetrated against the elderly. This advisory contains examples of red flags based on activity identified by various state and federal agencies and provides a common narrative term that will assist law enforcement in better identifying suspected cases of financial exploitation of the elderly reported in SARs. Older Americans hold a high concentration of wealth as compared to the general population. In the instances where elderly individuals experience declining cognitive or physical abilities, they may find themselves more reliant on specific individuals for their physical well-being, financial management, and social interaction. While anyone can be a victim of a financial crime such as identity theft, embezzlement, and fraudulent schemes, certain elderly individuals may be particularly vulnerable. Potential Indicators of Elder Financial Exploitation The following red flags could indicate the existence of elder financial exploitation. This list of red flags identifies only possible signs of illicit activity. Financial institutions 1 Abuse and exploitation of the elderly is statutorily defined at the state level. The National Center on Elder Abuse offers the following definition of exploitation as a type of elder abuse: the illegal taking, misuse, or concealment of funds, property, or assets of a vulnerable elder. 2 Bank Secrecy Act data reflects increasing use of terms related to elder financial exploitation/abuse in SAR narratives. 1 BSA/AML Compliance: Current Issues in -32- ProfessionalBankServices