The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) was passed in October 2001 in response to the terrorist acts of September 11. The purpose of the USA PATRIOT Act is to deter and punish terrorist acts in the United States and around the world, to enhance law enforcement investigatory tools, and other purposes.
Section 314(b) of the Act encourages financial institutions and associations to share information on individuals, entities, organizations, and countries suspected of engaging in possible terrorist activity or money laundering. “Financial institution” is any institution required to establish and maintain an anti-money laundering (AML) program, including banks, thrifts, and credit unions regulated by the federal banking agencies.
Section 314(b) also provides a safe harbor from civil liability to financial institutions that appropriately share information within the limitations and requirements specified by the Financial Crimes Enforcement Network (FinCEN) in its implementing regulation [31 CFR 1010.540].
Information subject to the sharing rules includes all forms of “money laundering” and “terrorist financing.” FinCEN guidance has made clear that “money laundering” encompasses a wide range of activities defined as specified unlawful activities (SUA) under 18 USC 1956 and 1957. Some of these SUA directly impact financial institutions, such as a number of types of fraud, including those related to banking transactions, loan and credit applications, and bank entries.
Benefits of information sharing
Sharing information about suspected money laundering or fraud can have several benefits for the parties to the information exchange, as well as to law enforcement and the financial industry in general. Sharing information:
- Allows financial firms to significantly expand their information for assessing potential suspicious activity or accounts (e.g., previously unknown accounts, activities, and/or associated entities or individuals) without increased risk. Information received may provide details the requesting institution may not have had, such as the source of a customer’s funds.
- Helps the institution receiving information by helping the decision whether to close an existing account or decline opening a new account.
- Allows a financial institution to alert other financial institutions about a customer by proactively using the 314(b) process to share information about which the other institutions might not otherwise have been aware.
- Allows participating institutions to build a more comprehensive and accurate picture of a customer’s activities that may involve money laundering by shedding more light on overall financial trails (especially when they are complex and may be layered among a number of financial institutions, jurisdictions, etc.), and allow better decision making in due diligence and transaction monitoring.
- Benefits law enforcement when the information sharing results in filing one or more Suspicious Activity Report(s), particularly since SARs with information derived from more than one financial institution may provide a more detailed and complete narrative of a particular set of transactions.
- Facilitates more efficient SAR reporting decisions by participating financial institutions by providing them with a more complete picture of activity and informing the decision to file or not file a SAR.
- Benefits law enforcement and the financial industry by identifying and aiding in detecting money laundering and terrorist financing methods and schemes.
How to participate
Sharing of information between financial institutions is entirely voluntary. A “financial institution” or “association of financial institutions” must take action to participate in 314(b) information sharing. A participating institution or association may “transmit, receive, or otherwise share information with any other financial institution or association of financial institutions regarding individuals, entities, organizations, and countries for purposes of identifying and, where appropriate, reporting activities that the financial institution or association suspects may involve possible terrorist activity or money laundering.”
There are four main requirements a participating financial institution or association must fulfill to take advantage of the safe harbor from civil liability for sharing covered information. These requirements are:
- A financial institution or association that intends to share information must submit to FinCEN a notice described on FinCEN’s website, fincen.gov. Each such notice to FinCEN is effective for the one-year period beginning on the date of the notice. To continue to engage in the sharing of information after the end of the one-year period, a financial institution or association must submit a new notice. Completed notices may be submitted to FinCEN by accessing FinCEN’s website and entering the appropriate information as directed. If a financial institution does not have internet access, the notice may be submitted by mail.
- Before sharing such information, a financial institution or an association of financial institutions must take reasonable steps to verify that the other financial institution or association with which it intends to share information has submitted to FinCEN the required notice. A financial institution or association may satisfy this verification requirement by confirming that the other financial institution or association appears on a list that FinCEN will periodically make available to financial institutions or associations of financial institutions that have filed a notice with it or by confirming directly with the other financial institution or association that the requisite notice has been filed with FinCEN.
- Information received by a financial institution or association under this process must not be used for any purpose other than identifying and, where appropriate, reporting on money laundering or terrorist activities; determining whether to establish or maintain an account or to engage in a transaction; or assisting the financial institution in complying with any requirement of the Bank Secrecy Act (BSA) regulation.
- Each financial institution or association that shares information under this process must maintain adequate procedures to protect the security and confidentiality of such shared information. These security requirements will be considered satisfied to the extent that a financial institution applies to such information procedures that it has established to satisfy the requirements of section 501 of the Gramm-Leach-Bliley Act (GLBA) and applicable information security regulations issued under the GLBA concerning the protection of its own customers’ nonpublic personal information.
If information sharing under this process causes a financial institution to know, suspect, or have reason to suspect that an individual, entity, or organization is involved in or may be involved in terrorist activity or money laundering, the institution must file a SAR (assuming the institution is subject to SAR requirements). In situations involving violations that require immediate attention, such as when a reportable violation involves terrorist activity or is ongoing, the financial institution must immediately notify, by telephone, an appropriate law enforcement authority and financial institution supervisory authorities, as well as filing a timely SAR.
If a financial institution is interested in taking advantage of the benefits of 314(b) information sharing with other financial institutions to help its BSA/AML compliance, it should be sure that its BSA/AML policies and procedures have appropriate provisions covering this sharing. The bank also needs to designate a point of contact for the sharing and ensure that its affected staff is given relevant training.
William J. Showalter, CRCM, CRP, is a Senior Consultant with Young & Associates, Inc. (younginc.com), with over 35 years of experience in compliance consulting, advising and assisting financial institutions on consumer compliance and compliance management issues. He also develops and conducts compliance training programs for individual banks and their trade associations and has authored or co-authored numerous compliance publications and articles. Bill can be reached at wshowalter@younginc.com.
