Updated February 24, 2020 – The US Supreme Court denied a petition that challenged the SAR Safe Harbor

On September 13, 2020 a petition was filed with the US Supreme Court asking the Court to take up a case to decide whether the so-called “safe harbor” provision gives banks and bank employees absolute immunity from any liability when filing a Suspicious Activity Report, or SAR, or something less than absolute immunity.  The case is AER Advisors, Inc., Deutsche et al., Petitioners v. Fidelity Brokerage Services, LLC, petition for writ of certiorari, Docket 19-347 (US Supreme Court).[1] It was “distributed for conference” on January 22, 2020, and the conference – or meeting of the Justices – was scheduled for, and held on, February 21, 2020. On February 24th the Court published its decision: PETITION DENIED!

This was a critical case for the US anti-money laundering regime. In this case, the Court of Appeals for the First Circuit held that Fidelity had absolute immunity in filing Suspicious Activity Reports, and dismissed the petitioners’ claims against Fidelity that it filed a SAR against the petitioners in bad faith. The petitioners sought review by way of a petition for writ of certiorari – basically, an appeal – to the US Supreme Court.

The petitioners framed the main question as whether 31 USC section 5318(g), added by the Annunzio-Wylie Money Laundering Act of 1992, confers (a) absolute immunity for any disclosure; or (b) immunity only if the disclosure is an objectively possible criminal violation and/or is made in good faith and/or is not fraudulent.[2] The respondent Fidelity framed the main question differently: Is a financial institution immune from private suit under the Bank Secrecy Act when it files a Suspicious Activity Report as required by the Act?

The section in question is unequivocal:

31 USC s. 5318(g)(3) Liability for Disclosures

(A) In general. –Any financial institution that makes a voluntary disclosure of any possible violation of law or regulation to a government agency or makes a disclosure pursuant to this subsection or any other authority, and any director, officer, employee, or agent of such institution who makes, or requires another to make any such disclosure, shall not be liable to any person under any law or regulation of the United States, any constitution, law, or regulation of any State or political subdivision of any State, or under any contract or other legally enforceable agreement (including any arbitration agreement), for such disclosure or for any failure to provide notice of such disclosure to the person who is the subject of such disclosure or any other person identified in the disclosure.

Leaving aside all the legal arguments, Fidelity’s Opposition Brief includes an interesting description of the policy considerations favoring absolute immunity for financial institutions for filing Suspicious Activity Reports (beginning on page 18, the policy consideration began with “if financial institutions face liability for filing a report …”). As I began reading that section, I (as a former large bank BSA Officer responsible for the filing of well over one million SARs over the years) immediately thought of two things.

First, counsel was (rightly) focused on his client, the financial institution. But as I read the case, I was thinking “what about the BSA Officer who is the FIRST person the plaintiff’s lawyer is going to sue?!” And “who cares about the financial institution that makes a gazillion dollars a year … what about the poor BSA Officer?!”.

After recovering from that, I then thought that the obvious policy consideration favoring absolute immunity was the chilling effect that anything but absolute immunity would have on the way a BSA program is run. Without that absolute immunity, you would need to have multiple layers of review of every possible SAR, quality assurance reviews, testing requirements, auditing of those processes, etc. You would need to have multiple sign-offs on every SAR, then checking and testing of the policies and procedures and processes supporting those sign-offs. You would have checkers checking checkers checking checkers. And with large banks filing hundreds of SARs every business day, the process and personnel requirements to review every SAR for a “good faith” standard, could double the number of people needed to investigate, prepare, and file SARs. (my mind then drifted back to the personal liability of the BSA Officer overseeing such a program and of the supervisors and managers reviewing SARs).

In short, BSA Officers and AML investigations teams would be overwhelmed with oversight, to the point of paralysis. The effect of a limited or qualified immunity would be to have no immunity, and the BSA regime as we know it – monitoring for unusual activity, investigating that activity, and to the best of your ability and based on all the available facts, filing reports of suspicious activity – would end.

But none of that was on the mind of the lawyers. No, they weren’t worried about the potential impact on the suspicious activity reporting regime itself, or the BSA personnel in financial institutions facing personal ruin from plaintiffs/ law suits, they were worried about the burden on the financial institutions and on the institutions’ lawyers and the cost of those lawyers. At page 18 counsel for Fidelity wrote:

“… policy considerations favor absolute immunity. ‘Any qualification on immunity poses practical problems.’ Id. The most immediate problem is ‘a risk of second guessing.’ Id. If financial institutions face liability for filing a report, they may delay reporting or under report. Id. But even where a financial institution has a good-faith belief that a law has been violated, the institution may still think twice before reporting if Petitioners’ view of the law prevailed … In the face of potential litigation burdens of this magnitude, there is a substantial risk that financial institutions would be chilled in the filing of suspicious activity reports. Institutions will certainly think twice before reporting if expensive litigation is the cost of complying with the law. And because institutions file millions of these reports a year, if these reports were subject to litigation, financial institutions would be overwhelmed.”

Now, this is not to say that counsel is wrong. Indeed, he is right: institutions will certainly think twice before reporting suspicious activity if expensive litigation is the cost of doing so. But as a former BSA Officer, I would have felt better if one of the policy considerations favoring absolute immunity for filing Suspicious Activity Reports – even the primary policy consideration – was to protect the men and women on the front lines of financial institutions’ AML programs from second-guessing and personal liability for doing their jobs as best they can: for filing the Suspicious Activity Reports that give law enforcement and intelligence agencies the actionable, timely intelligence they need to protect the financial system from money laundering, terrorism, and other crimes. Not to protect the lawyers.

Interpreting statutes – what does the Supreme Court look at?

There is plenty of case law on how courts interpret a statute, or a part of a statute. An example is a famous case* the US Supreme Court decided in 2015, King et al v Burwell et al, 576 US 988 (2015). This is the “ObamaCare” decision where the Supreme Court was considering the requirement in the law that people had to purchase insurance on an exchange established by their state, or, if there was no such state exchange, the federal exchange. In particular, the Court was considering whether a tax credit was available to individuals who purchased insurance on the federal exchange. The phrase in question was “an Exchange established by the State”, because tax credits were only available to those who purchased insurance on “an Exchange established by the State”. The decision of the majority of the Court was 21 pages long. At the end was the following:

Reliance on context and structure in statutory interpretation is a “subtle business, calling for great wariness lest what professes to be mere  rendering becomes creation and attempted interpretation of legislation becomes legislation itself.” Palmer v. Massachusetts, 308 U. S. 79, 83 (1939).
For the reasons we have given, however, such reliance is appropriate in this case, and leads us to conclude that Section 36B allows tax credits for insurance purchased on any Exchange created under the Act. Those credits are necessary for the Federal Exchanges to function like their State Exchange counterparts, and to avoid the type of calamitous result that Congress plainly meant to avoid.
* * *
In a democracy, the power to make the law rests with those chosen by the people. Our role is more confined—“to say what the law is.” Marbury v. Madison, 1 Cranch 137, 177 (1803). That is easier in some cases than in others. But in every case we must respect the role of the Legislature, and take care not to undo what it has done. A fair reading of legislation demands a fair understanding of the legislative plan. Congress passed the Affordable Care Act to improve health insurance markets, not to destroy them. If at all possible, we must interpret the Act in a way that is consistent with the former, and avoids the latter. Section 36B can fairly be read consistent with what we see as Congress’s plan, and that is the reading we adopt.

The judgment of the United States Court of Appeals for
the Fourth Circuit is Affirmed.

* The case is famous not only because it upheld a main provision of the Affordable Care Act, but also because of the blistering dissent of Justice Antonin Scalia, a dissent that included his famous phrase “interpretive jiggery-pokery”. Among other things, Justice Scalia wrote:

“The Court holds that when the Patient Protection and Affordable Care Act says “Exchange established by the State” it means “Exchange established by the State or the Federal Government.” That is of course quite absurd, and the Court’s 21 pages of explanation make it no less so.” (Dissent, page 1)

Then, after almost 8 pages of examples of the poor reasoning of the majority, Justice Scalia unloads his famous line:

“The Court’s next bit of interpretive jiggery-pokery involves other parts of the Act that purportedly presuppose the availability of tax credits on both federal and state Exchanges.”

Page 12 was, perhaps, an even better line: “For its next defense of the indefensible, the Court turns to the Affordable Care Act’s design and purposes.” And at page 17 is: “Perhaps sensing the dismal failure of its efforts to show that “established by the State” means “established by the State or the Federal Government,” the Court tries to palm off the pertinent statutory phrase as “inartful drafting.” Ante, at 14. This Court, however, has no free-floating power “to rescue Congress from its drafting errors.” Lamie v. United States Trustee, 540 U. S. 526, 542 (2004) (internal quotation marks omitted). Only when it is patently obvious to a reasonable reader that a drafting mistake has occurred may a court correct the mistake.”

And in closing on page 21: “The somersaults of statutory interpretation they have performed (“penalty” means tax, “further [Medicaid] payments to the State” means only incremental Medicaid payments to the State, “established by the State” means not established by the State) will be cited by litigants endlessly, to the confusion of honest jurisprudence. And the cases will publish forever the discouraging truth that the Supreme Court of the United States favors some laws over others, and is prepared to do whatever it takes
to uphold and assist its favorites.  I dissent.”

How did the Supreme Court rule?

The Supreme Court simply denied the petition. But in the original article that appeared on this site, I asked that the US Supreme Court “refuse to take this case up and send it back to the 1st Circuit with an affirmation of the Safe Harbor for banks, lawyers, and BSA Officers alike” and:

To John Roberts and the Supremes, as you consider whether to take this case, please remember the words of Diana Ross and the Supremes:

Stop! In the name of love
Before you break my heart
Think it over
Think it over

[1] https://www.supremecourt.gov/search.aspx?filename=/docket/docketfiles/html/public/19-347.html

[2] An interesting quirk appeared in Annunzio-Wylie. Section 1517, titled “suspicious transactions and enforcement programs”, intended to add subsections (g) and (h) to section 5318 of title 31. As AML practitioners know, 5318(g) is the suspicious activity reporting requirement, and 5318(h) is the AML program requirement. However, section 1517 of Annunzio-Wylie had a typographical error, and instead of adding (g) and (h) to section 5318, it added them to section 5314, the section requiring records and reports on foreign financial agency transactions (the so-called “FBAR” section, or Foreign Bank Account Report section). This typo wasn’t corrected until two years later by section 330017(b) of the Violent Crime Control & Law Enforcement Act of 1994, PL 103-322, enacted on September 13, 1994. That section provided: “Amendment relating to Title 31, U.S.C.— (1) Effective as of the date of enactment of the Annunzio Wylie Anti-Money Laundering Act, section 1517(b) of that Act is amended by striking ‘‘5314’’ and inserting ‘‘5318’’.” In another oddity, one day after the Violent Crime Control Act was sent to the President to be signed, the Money Laundering Suppression Act (MLSA) was sent to the President. The MLSA also included a section to correct the 1992 typo; in fact, section 413(b)(1) of the MLSA was identical to section 330017(b) of the Violent Crime Control Act. Congress made doubly sure to fix the typo!

The Estimate for US Money Laundering – $300 billion a year, or 2% of GDP

The 2015 National Money Laundering Risk Assessment – available at 2015 NMLRA – estimated that the total amount of criminal proceeds generated in the United States was approximately $300 billion, or 2% of gross domestic produce (GDP). The report provided:

“United Nations Office on Drugs and Crime (UNODC) estimated proceeds from all forms of financial crime in the United States, excluding tax evasion, was $300 billion in 2010, or about two percent of the U.S. economy. [Footnote: United Nations Office on Drugs and Crime, Estimating Illicit Financial Flows Resulting From Drug Trafficking and other Transnational Organized Crimes, October 2011.] This is comparable to U.S. estimates. UNODC estimates illicit drug sales were $64 billion, which the DEA believes is a reasonable current estimate, putting the proceeds for all other forms of financial crime in the United States at $236 billion, most of which is attributable to fraud.” (citations omitted)

The figures of $300 billion in 2010 and two percent of the US economy are the midpoints of estimates based on a 2004 report. The UNODC report provided:

“… the criminal income in 2010 (excluding tax evasion) may have amounted to some US$350 bn in the world’s largest national economy [the United States]. This would probably be the upper limit estimate. A lower limit estimate – assuming that the nominal increases found over the 1990-2000 period continued unchanged over the 2000-2010 period, would result in an estimate of around US$235 bn for the year 2010 or 1.6% of GDP. A mid-point estimate would show criminal income of some US$300 bn (rounded) or 2% of GDP for 2010. (UNODC Report, page 20).”

A critical review of the UNODC report, and the reports that it relies on, suggests that these estimates need to updated. For example, the amount of criminal proceeds from illegal drug sales dropped by almost 50% from 1990 to 2010 from $97 billion to $64 billion, but the amount of criminal proceeds from all other crimes (excluding tax evasion), more than doubled in that same period, from $112 billion to $236 billion. And excluding tax evasion is meaningful: the 1990 estimate of tax evasion was $236 billion – dwarfing both drugs and other criminal proceeds.

$300 Billion in Criminal Proceeds – How Much is Reported by Financial Institutions?

We don’t know. But what is interesting about the 2015 National Money Laundering Risk Assessment figure of $300 billion in estimated proceeds of criminal activity, is that it may be reasonably close to the total amount reported in Suspicious Activity Reports. Although FinCEN has not (yet) provided total amounts reported in Suspicious Activity Reports and Currency Transaction Reports, some anecdotal evidence (based on off-the-record discussions with people in the industry) suggests that the average depository institution (bank and credit union) SAR reports approximately $250,000 in suspicious activity, and the average money services business (MSB) SAR reports approximately $35,000 to $40,000. And I’ll guess that all other filers’ SARs average $50,000 each. Using 2018 SAR totals:

Depository Institutions                 975,000 SARs @ $245,000       ~$239 billion

Money Services Businesses          875,000 SARs @ $35,000         ~$   31 billion

“Other” and all other filers          275,000 @ $50,000                   ~$  14 billion

~$284 billion

And if we assume that some of the activity reported in Currency Transaction Reports (CTRs) is, in fact, the proceeds of criminal activity, we could arguably add another $36 billion (18 million CTRs @ $20,000 each with 10% “dirty money”). The total reported by financial institutions in the US is then roughly $320 billion. So US financial institutions may be doing a pretty good job at reporting suspicious activity!

Total Suspected Proceeds of Crime Reported in the US: ~$320 billion. Estimated proceeds of criminal activity in the US: ~$300 billion.

Proceeds of Crime and GDP – Are We Comparing Apples to Oranges?

There is another flaw in comparing the amount of criminal proceeds to global (or national) gross domestic product, or GDP. GDP is a measure of the total final value of everything produced. Its components include personal consumption expenditures, business investment, government spending, and exports less imports (and there is nominal GDP and real GDP, with the latter factoring in inflation). A better measure of the effectiveness of the financial system in identifying, interdicting, and reporting criminal proceeds would be to compare the total amount of criminal proceeds flowing through the financial system to the total amount of funds flowing through the financial system.

The US Financial System – Two Quintilian Dollars A Year

The 2015 National Money Laundering Risk Assessment (pages 35 and 36) estimates that the total amount of FedWire, CHIPS, ACH, debit card, and cash transactions moving through the US financial system in a year is approximately two Quintilian dollars:

“The global dominance of the U.S. dollar generates trillions of dollars of daily transaction volume through U.S. banks, creating significant exposure to potential money laundering activity. The Federal Reserve System’s real-time gross settlement system, Fedwire, which is used to clear and settle payments with immediate finality, processed an average of $3.5 trillion in daily funds transfers in 2014. The Clearing House Interbank Payment System (CHIPS) is the largest private-sector U.S.-dollar funds-transfer system in the world, clearing and settling an average of $1.5 trillion in cross-border and domestic payments daily. CHIPS estimates that it is responsible for processing more than 95 percent of U.S. dollar-denominated cross-border transactions, and nearly half of all domestic wire transactions. The average value of a transaction on Fedwire and CHIPS is in the millions of dollars. The automated clearinghouse network (ACH), through which U.S. banks transfer electronic payments that are not settled in real time, processes more than $10 trillion in transactions annually.”

Converting those daily amounts to annual amounts gives us a total of approximately two Quintilian dollars. Of that, $300 billion is criminal proceeds. Therefore, criminal proceeds make up approximately 0.00000007% of the total amount moving through the American financial system.

The US Government’s National Money Laundering Risk Assessment believes that for every one billion dollars of money flowing through the US financial system, seven dollars is criminal proceeds.

The private sector participants in the US financial system are subject to a regulatory regime that requires them to have complex systems, processes, and programs that collectively cost tens of billions of dollars, if not hundreds of billions of dollars, to develop, operate, and enhance. And the administrative and criminal penalties for failing to have reasonably effective AML programs can be severe. As the 2015 NMLRA concludes (on page 36):

“This exposure to a daily flow of trillions of dollars in transaction volume from large value to small value payment systems requires banks to maintain robust safeguards to minimize the potential for illicit activity. Like any other financial industry, deficient compliance practices and complicit insiders are vulnerabilities, but the stakes are higher for banks given the volume and value of transactions that U.S. banks engage in daily. Preserving the integrity of the U.S. financial system requires that banks effectively monitor and control the money laundering risks to which they are exposed. To this end, banks are required to establish a written AML program reasonably designed to prevent their financial institutions from being used to facilitate money laundering and the financing of terrorist activities. The introduction of illicit proceeds into the financial system is the first and critical step in the money laundering process and banks are most vulnerable to being used for this purpose by criminals. Once illicit proceeds are placed into the financial system, the continued use of banks to move those funds both domestically and internationally can further obscure their criminal origins and facilitate their integration into the system. Therefore, establishing and maintaining an effective customer identification program (CIP) is a key control.”

The American anti-money laundering regime – which is now in its fiftieth year – has been built to identify and report the seven dollars of criminal activity out of every one billion dollars of total activity that flows through that financial system. It is critical that the public and private sectors continue to work together to not only make this regime as effective and efficient as possible; but perhaps because of the daunting task that the private sector has been given – to detect and report the 0.00000007% of activity flowing through the system that is criminal proceeds – the regulatory agencies that examine them for compliance with the regime’s rules and regulations should focus less on how those institutions comply with the rules, and more on how well those institutions provide actionable, timely intelligence to law enforcement.