Among the startling findings in the FinCEN files were details on the time it took financial institutions to files SARs with FinCEN. Under regulation, banks are required to file SARs within 30 days of criminal activity being detected (and up to 60 days in some cases). The FinCEN Files highlighted, however, that for the sample of SARs contained in the FinCEN files, the median reporting time was 166 days since the suspicious activity started – with one bank taking up to 1200 days on average! Reporting times are just one of the challenges that banks face in meeting their SAR requirements.
In an Sigma Ratings blog post from May 2020 that you can find again below, we discussed how institutions spend 5.4 million hours of work investigating, evaluating cases and filing SARs at an annual cost of approximately $206 million!
5.4+ Million Hours of Work?
ORGINALLY PUBLISHED MAY 30, 2020 by Hamad Alhelal, CAMS & Stuart Jones, Jr.
This week, one in which FinCEN has been increasingly active, the regulator announced that Bank Secrecy Act (BSA) reporting institutions spend 5.4 million hours of work investigating, evaluating cases and filing Suspicious Activity Reports (SARs) at an annual cost of approximately $206 million!
Yet, the release, in which FinCEN hopes will result in feedback as part of its SAR renewal filing, acknowledges that the figures, which represent a weighted average of $48.18 an hour, most likely significantly underestimates the burden of reporting.
According to the American Bankers Association, the regulator “is re-analyzing how it calculates the burden imposed on financial institutions for filing the form, trying to capture the impact that technology has on submitting these reports. Previously, FinCEN based its assessment of the SAR regulatory burden on the functions associated with filling out the SAR form itself, but FinCEN noted that SAR filers spend a great deal of man-hours and money on monitoring systems, alert reviews, case reviews and documentation well before a decision is made to file a SAR.”
As FinCEN noted, the feedback is a “part of its continuing effort to reduce paperwork and respondent burden.” With TM systems producing a substantial amount of false positive alerts, the focus on capturing the real cost of reporting is a step in the right direction and beneficial to all parties involved, which we’ll explore further in Part 2 next week. Stay tuned!
Where Are We Now?
ORGINALLY PUBLISHED JUNE 6, 2020 by Hamad Alhelal, CAMS & Stuart Jones, Jr.
The age-old question within compliance functions is whether it’s in their interest to spend time justifying why a case should be mitigated instead of escalating and reporting. If the justification can’t be defended, then the consequences could be detrimental.
An ever-increasing deluge of suspicious reporting, which increased nearly 15% in the last year for depository institutions in the United States. After all, no one has ever gotten fined for reporting suspicious activity, even if it lacked merit and is ironically both resource intensive and costly for compliance functions.
While FinCEN hopes to reduce “respondent burden,” regulators everywhere stand to benefit from reforming both the SAR and the wider AML regimes. For FinCEN, the Cato Institute notes that the “agency is relatively under resourced despite its leading role in writing and enforcing the Bank Secrecy Act’s many rules.” The agency, with its 333 employees and $118 million budget, possesses approximately 10% of the employees and budget as the Office of the Comptroller of the Currency (OCC). In fact, financial institutions spend more processing alerts than the combined budget responsible for reviewing the work.
According to study by RUSI, on a global basis, “80–90% of suspicious reporting is of no immediate value to active law enforcement investigations, according to interviews conducted with past and present financial intelligence unit (FIU) heads as part of this project,” with the number as high as 97% for one jurisdiction. In the United States, according to McKinsey, “95% of investigations submitted in response to information-sharing requests by FinCEN yield positive results”. From their experience, McKinsey noted that a “leading institution that set up an intelligence-based investigations unit reports productive outputs in excess of 80 percent. Without such information sharing or tangible leads of some kind, less than 2 percent of alerts achieve productive results”. In addition to reinforcing the idea that current transaction monitoring and alert reviews is ineffective, despite the high cost, their findings further underscore the importance of information sharing and access to actionable insight.
Yet, with the rising volume of reports, coupled with the increasing strain on law enforcement resources in the midst of an unprecedented pandemic, each suspicious report will inevitably receive less attention from law enforcement. This further underscores necessary calls for reform, which was most clearly articulated by The Clearing House (TCH) in a 2017 publication.
TCH an association of several of the largest banks, stated that the current framework is “outdated and thus ill-suited for apprehending criminals and countering terrorism in the 21st century,” and listed the core problems that needed to be addressed. In addition to barriers to information sharing and feedback, one of the most critical areas highlighted is the examination standards and processes. TCH notes that while law enforcement, the chief beneficiary of SARs, focus on the quality of the reporting, examiners, on the other hand, focus on auditable processes, which TCH states disincentivizes banks from developing innovative methods. With this mind, the TCH called on the U.S. Treasury to “strongly encourage innovation, and [for] FinCEN to propose a safe harbor rule allowing financial institutions to innovate in a Financial Intelligence Unit (FIU) “sandbox” without fear of examiner sanction.”
So where are we?
Approximately 2 years later, the compliance community welcomed a statement by FinCEN and its regulatory partners encouraging financial institutions to take innovative approaches to illicit finance. In their statement, FinCEN and its regulatory partners (e.g., Federal Reserve, OCC, etc.) recognized that adopting new technology can enhance the effectiveness and efficiency of BSA/AML compliance programs. Notably, the joint statement said that innovative pilot programs in and of themselves should not subject banks to supervisory criticism, even if the pilot programs ultimately prove unsuccessful. Likewise, pilot programs that expose gaps in a BSA/AML compliance program will not necessarily result in supervisory action with respect to that program.
The trick is to have a plan. Fortunately, in our experience, a number of leading financial institutions do. They are willing to try new things, keeping in mind that the prevailing anti-money laundering approaches globally were developed and deployed before the Internet existed. Sure, innovation takes time and carries risk, but given current circumstances, documented inefficiencies and a rise in COVID-19 related financial crime, can we really afford not to try?
To learn more about how Sigma’s technology is currently deployed by institutions to drive efficiencies in investigations and SAR filings, reach out at firstname.lastname@example.org.