Loading…

A GAO Report on GTOs Reveals the Underlying Flaws In the Entire American BSA/AML Regime

The General Accountability Office, or GAO, issued a Report on August 14, 2020 titled “FinCEN Should Enhance Procedures for Implementing and Evaluating Geographic Targeting Orders”.[1] The Geographic Targeting Orders, or GTOs, subject to this report are a series of nine GTOs issued since 2016 targeting all-cash (or non-financed) purchases of residential real estate in certain areas of the country over a certain amount.

Most people will read this report for what it is – a full-fledged year-long, not-very-positive audit of FinCEN’s management of the real estate Geographic Targeting Order program. But the GTO program, and FinCEN’s management of it (which, by the way, I don’t think FinCEN got enough credit from the GAO for taking the initiative in the first place), are lesser issues than a single observation the GAO reported more than half way through (on page 22) the Report:

“Officials from five federal law enforcement agencies told us that their agencies do not systematically track the specific types of BSA reports used in investigations …”.

The GAO didn’t indicate which five federal law enforcement agencies these were, but the agencies interviewed for the Report were the DEA, FBI, ICE-HSI, IRS-CI, the DOJ’s Criminal Division, the US Attorneys Offices for the Southern District of New York and Southern District of Florida, FinCEN, and two task forces (OCDETF and El Dorado). So it’s likely that at least four of the five agencies that do not systematically track which Bank Secrecy Act or BSA reports are used in investigations are the “big four” of AML/CFT: the FBI, DEA, Homeland Security, and IRS.

Why is this important?

The entire purpose of the BSA regime is for the private sector to provide timely, actionable intelligence to law enforcement in order to protect the financial system, and society at large, from underlying criminal and terrorist activity. In the “Background” section of the Report, on page 5, the GAO explained the purpose behind the BSA:

“The BSA authorizes the Secretary of the Treasury to issue regulations requiring financial institutions to keep records and file reports the Secretary determines ‘have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism.’ The Secretary also is authorized to impose AML program requirements on certain financial institutions. The authority of the Secretary to administer the BSA has been delegated to the Director of FinCEN.” [citations omitted][2]

Approximately 20 million BSA reports are filed by tens of thousands of private sector financial institutions every year: the most common are Currency Transaction Reports or CTRs (roughly 16 million) and Suspicious Activity Reports, or SARs (roughly 2.7 million). Those institutions are spending billions of dollars in running BSA programs intended to allow them to prepare and file those 20 million reports, and they face regulatory and even criminal sanctions for failing to maintain an adequate program or failing to detect and report suspicious activity or large currency transactions. And yet the primary users of those reports, the federal law enforcement agencies, “do not systematically track the specific types of BSA reports used in investigations …”.

It is time that the public sector consumers of BSA reports – primarily law enforcement agencies – provide feedback to the private sector producers of BSA reports – tens of thousands of financial institutions – on exactly which reports “have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism”. It’s not enough for the private sector to know anecdotally that the reports it is filing are generally useful to law enforcement. In this age of machine learning and artificial intelligence, financial institutions are using these tools to teach and train their monitoring, surveillance, and alerting systems that churn through millions or billions of customer, account, and transaction data, in an effort to be more effective and efficient. And all of those machine learning and artificial intelligence efforts are for naught if the private sector doesn’t have the training data needed to identify those reports that are providing tactical and/or strategic value. Training a surveillance and alerting system against the SARs that are filed is a fool’s errand if you don’t know whether that SAR has ever been looked at by law enforcement, whether it was useful, whether it provided tactical or strategic value.

Lack of Law Enforcement Feedback Is One of the Two Main Flaws in the US BSA/AML Regime: the Other is the Lack of Corporate Transparency

The United States does not have an effective beneficial ownership regime. Even the Treasury Secretary calls this a “glaring hole in our system”, and I have written about this on a number of occasions. See, for example, https://regtechconsulting.net/beneficial-ownership-customer-due-diligence/lack-of-beneficial-ownership-information-a-glaring-hole-in-our-system-says-treasury-secretary/. And this GAO Report includes a section on the lack of a true beneficial ownership regime (notwithstanding FinCEN’s 2016 rule on customer due diligence and beneficial ownership), and how a FATF-compliant beneficial ownership regime would enhance the US AML/CFT regime and be complimentary to the real estate GTO.

The other flaw, as described in this article, is lack of law enforcement feedback. I have been writing about this flaw in our system for years. See my article from November 2019 https://regtechconsulting.net/fintech-financial-crimes-and-risk-management/like-sam-loves-free-fried-chicken-law-enforcement-loves-free-suspicious-activity-reports-but-what-if-law-enforcement-had-to-earn-the-right-to-use-the-private-sector/ and my article from July 2020 https://regtechconsulting.net/aml-regulations-and-enforcement-actions/anti-money-laundering-act-of-2020-pay-to-play-arrives-and-perhaps-we-have-an-answer-to-the-whereabouts-of-section-314d/. Both of these articles reference other articles I’ve written on this subject. The July 2020 article offers some solutions.

This is not a criticism of law enforcement or the intelligence community. They simply haven’t had the means to provide feedback to the private sector. Bills, or provisions in bills, currently before Congress aim to address this issue and provide the means for the public sector to begin the process of providing feedback to the private sector. If the purpose of the multi-billion dollar anti-money laundering regime is to compel the private sector to provide law enforcement and the intelligence agencies with timely, actionable reports of cross-border flows of cash, foreign bank accounts, suspicious activity, possible terrorist financing activity, and large cash transactions, then it is incumbent on law enforcement and the intelligence agencies to provide feedback on which of those reports have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism. Without that feedback, both the private and public sector, and society at large, will fail in their collective efforts to keep our financial system safe and secure. And for law enforcement and the intelligence community to get the means to provide that feedback, it is incumbent on Congress to act and pass the necessary legislation.

We all know what needs to be done to make the BSA/AML regime more effective and more efficient. Now Congress must act.

[1] See GAO-20-546 available at https://www.gao.gov/assets/710/708115.pdf

[2] The language “high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism” is pulled directly from the purpose statement of the main “BSA” statute, 31 USC section 5311.