The Currency and Foreign Transactions Reporting Act (frequently referred to as the Bank Secrecy Act or “BSA”) has stood at the heart of regulatory compliance in the United States over the past fifty years. This legislative framework has long required financial institutions (FI’s) to establish potent anti-money laundering (AML) programs to assist U.S. government agencies in the detection and prevention of financial crime. The act also created rigorous record-keeping and reporting requirements for potentially-illicit activity and cash transactions exceeding a $10,000 daily aggregate threshold for national banks, savings associations, credit unions, and other components of the American financial system. The filing of these suspicious activity reports (SAR’s) has effectively become the cornerstone of today’s BSA reporting system, as these filings have been deemed one of the most crucial tools that United States federal authorities have in combatting terrorism financing, money laundering, corruption and other forms of crime with far-reaching implications on national security and global stability.

Today, every national bank and financial institution is required to have a board-approved, fully operational regulatory program in place to continually deter risk while maintaining compliance with BSA/AML legislation, and while regulations vary across international borders, many of the same principles apply to the vast majority of United States counterparts overseas. If institutions are neglectful of their duties in this regard, they face the threat of repercussion in the form of crippling financial penalties, extreme reputational damage, and potential shutdowns by the powers that be in the most extreme of cases. Individuals found to been negligent in their operational roles are no longer exempt from punishment either. Occupational titles ranging from Chief Compliance Officer (CCO) to the bottom of the corporate food chain can share nearly equal liability when it comes to compliance-related mishaps and/or the purposeful circumvention of the BSA. Just how drastic have matters become? As of 2019, individual employees of financial institutions (including those of credit unions) found willfully violating the BSA are subject to a criminal fine of up to $250,000 or five years in prison, or both.¹

 If the person commits a BSA violation in conjunction with violating other U.S. laws or participating in other criminal activity, that individual is subject to a fine of up to $500,000 or ten years in prison, or both.¹ FinCEN’s civil monetary penalty amounts for willful BSA violation penalties made by institutions are potent as well, ranging from $57,317 to $229,269, while violating certain specific due-diligence requirements can result in penalties of up to $1,423,088.

Despite the magnitude of these consequences, instances of advertent misconduct by financial officials of institutions far and wide do occur on a somewhat regular basis. For example, this March, FinCEN levied a $450,000 civil money penalty against a former Chief Operational Risk Officer for U.S. Bank National Association for his failures to prevent violations of the BSA on multiple occasions during his tenure. This activity reportedly included the capping of transaction monitoring alert volumes, which limited the ability of law enforcement to monitor criminal activity, the blatant understaffing of compliance analysts, and weak filing and reporting practices overall.² In 2018, U.S. Bank reached a hefty $613 million settlement with the U.S. Justice Department to remediate its AML failures related to this case that took place between 2009-2014.

From a historical perspective, the stakes for both entities and individuals operating in the realm of finance are arguably higher now than ever before, making the need to stay current with regulatory changes all the more paramount. With the U.S. Department of Treasury consistently working to improve AML/CFT regulations to ease the heavy burden placed on institutions, coupled with significant advancements in accessibility to potent automated solutions and artificial intelligence, the ability to meet these requirements without a reduction in quality has improved exponentially in recent years. Highlighting this movement has been FinCEN’s recent shift to a risk-based approach designed to allow institutions to improve cost-effectiveness when allocating their resources; limiting the wasting of significant funds of lower-risk areas. The bureau released a statement in the summer of 2019 expanding on this idea:

“The extent of examination activities necessary to evaluate a bank’s BSA/AML compliance program generally depends on a bank’s risk profile and the quality of its risk management processes to identify, measure, monitor, and control risks, and to report potential money laundering, terrorist financing, and other illicit financial activity. A bank’s well-developed risk assessment is a critical part of sound risk management that will not only assist regulator to in conducting their examination but also financial institution to allocate efforts in those riskier areas.”³

Following published guidelines and keeping up to date with changes is especially crucial to smaller financial institutions. Not only is their mortality rate from large fines much higher than that of larger institutions, they also simply lack the resources to be inefficient. Taking In addition to having the right technological solutions/software in place, as regulators recommend, taking FinCEN’s lead on risk-profiling is another way these entities can ensure that the bulk of their precious resources are being utilized on areas posing the greatest risks to their overall durability, as well as to the funds of their customers.

Citations

1. 26.7 Bank Secrecy Act Penalties: Internal Revenue Service. IRS.
2. “FinCEN Penalizes U.S. Bank Official for Corporate Anti-Money Laundering Failures.” Office of Strategic Communications, Financial Crimes Enforcement Network, 4 Mar. 2020,
3. “Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision.” Office of the Comptroller of the Currency, 22 July 2019.