We have reprinted the questions below. The Guidance
from FinCEN also includes numerous citations not included below.
Question 1: Requests by Law Enforcement for Financial Institutions to Maintain Accounts
Can a financial institution maintain an account or customer relationship for which it has received a written “keep open” request from law enforcement, even though the financial institution has identified suspicious or potentially illicit activity?
Yes. Law enforcement may have an interest in ensuring that certain accounts and customer relationships remain open notwithstanding suspicious or potential criminal activity in connection with the account. A financial institution may decide to maintain an account based on a written “keep open” request from a law enforcement agency, however, it is not obligated to do so. The written request should be specific and indicate both that the law enforcement agency has requested that the financial institution maintain the account, as well as the purpose and duration of the request. Keeping such an account open as requested may be highly useful to law enforcement and may further efforts to identify and combat money laundering, terrorist financing, and other illicit financial activities. A financial institution should not be criticized solely for its decision to maintain an account relationship at the request of law enforcement or for its decision to close the account. Ultimately, the decision to maintain or close an account should be made by a financial institution in accordance with its own policies, procedures, and processes. It may be useful for financial institutions to maintain documentation of “keep open” requests, including after a request has expired. If financial institutions keep such an account open as requested by law enforcement, they are still required to comply with all applicable BSA requirements, including requirements to conduct ongoing risk-based monitoring, and, as appropriate, file SARs, including continuing activity SARs consistent with FinCEN guidance.
Question 2: Receipt of Grand Jury Subpoenas/Law Enforcement Inquiries and SAR Filing
Should a financial institution file a SAR solely on the basis of receiving a grand jury subpoena or other law enforcement inquiries?
No. The receipt of a law enforcement inquiry, such as a grand jury subpoena, does not by itself indicate that the criteria requiring the filing of a SAR have been met. However, receipt of a grand jury subpoena or other law enforcement inquiry is pertinent information relevant to a financial institution’s overall assessment of risk and the risk profile for the relevant customer(s) and account(s). Generally, a financial institution will assess and review all relevant information it has about a customer that is the subject of a grand jury subpoena or other law enforcement inquiries, in accordance with its risk-based AML program. For example, the receipt of a grand jury subpoena should cause a financial institution to review relevant account activity and transactions.
The financial institution should determine whether SAR filing is necessary based on its assessment of all information available and applicable regulatory requirements. If a financial institution files a SAR on a customer or transaction following the receipt of a grand jury subpoena or other law enforcement inquiry, the SAR should focus on the facts and circumstances that support a finding of suspicious activity rather than the subpoena or inquiry itself.
Question 3: Maintaining a Customer Relationship Following the Filing of a SAR or Multiple SARs
Is a financial institution required to terminate a customer relationship following the filing of a SAR or multiple SARs?
No. There is no BSA regulatory requirement to terminate a customer relationship after the filing of a SAR or any number of SARs. The decision to maintain or close a customer relationship as a result of the identification of suspicious activity is a determination for a financial institution to make based on the information available to it, its assessment of money laundering or other illicit financial activity risks, and established policies, procedures, and processes. Financial institutions have the flexibility to develop risk-based procedures and monitoring processes for the purpose of updating the customer risk profile and determining when to maintain or close accounts. Generally, financial institutions have policies, procedures, and processes in place that establish an escalation process for decisions to maintain or terminate customer relationships based on relevant factors, including SAR filing(s). These processes establish criteria, including when review by senior management and legal staff is warranted, for the decision to maintain or terminate the customer relationship in light of elevated risk factors. As indicated above, there is no specific number of SAR filings that a financial institution must consider to trigger any particular escalation step. Rather, the number of SAR filings and other factors that trigger escalation steps may vary based upon, among other things, the risk profile of the customer, including the geographical locations involved, the volume and type of transactions conducted by customers, the type of account, and the types of SARs filed by the financial institution in relation to the customer.
Question 4: SAR Filing on Negative News Identified in Media Searches
Is a financial institution required to file a SAR based solely on negative news?
No. The existence of negative news related to a customer or other activity at a financial institution does not by itself indicate that the criteria requiring the filing of a SAR have been met, and does not automatically require the filing of a SAR by a financial institution. A financial institution may review media reports, news articles and/or other references to assist in its performance of customer due diligence, as well as its evaluation of any transactions or activity it considers unusual or potentially suspicious. For example, negative news may cause a financial institution to review customer activity as well as other related information, such as that of third parties with transactions involving the customer’s account. As with other identified unusual or potentially suspicious activity, financial institutions should comply with applicable regulatory requirements and follow their established policies, procedures, and processes to determine the extent to which it investigates and evaluates negative news, in conjunction with its review of transactions occurring by, at, or through the institution, to determine if a SAR filing is required.
Question 5: SAR Monitoring on Multiple Negative Media Alerts
If there are multiple negative news alerts based on the same event, is a financial institution expected to independently investigate each of those alerts?
No. In circumstances where there are multiple negative news alerts (as identified through monitoring for unusual or suspicious activity) based on the same underlying events, a financial institution does not need to independently investigate each alert, but rather may consider whether the alert contains new or different information that warrants further investigation or whether the negative news otherwise assists or informs the evaluation of the activity at issue. Many financial institutions maintain a process for managing a high volume of alerts generated by news. This type of process will allow the financial institution to identify and evaluate new information and assess whether to update customer information and risk profile, investigate transactions which may result in the filing of a SAR, or escalate or terminate a customer relationship, as appropriate consistent with its policies, procedures, and processes. Financial institutions have flexibility in developing risk-based procedures and monitoring processes for the purpose of complying with customer due diligence requirements and, where appropriate, consideration of negative news.
Question 6: Information in Data Fields and Narrative
Do financial institutions need to repeat information in the SAR narrative that has already been included in other SAR data fields?
No. As stated in the SAR instructions, information provided in other sections of a SAR does not need to be repeated in the narrative unless necessary to provide a clear and complete description of the suspicious activity. Consistent with FinCEN’s SAR instructions, financial institutions should focus the SAR narrative on the information necessary to enable the reader to understand the activity reported, including what was unusual or irregular about the activity that caused suspicion. For example, granular detail (such as subject identification data) that is reported in the appropriate SAR data fields does not need to be repeated in the SAR narrative, unless such information is necessary to clearly describe the activity reported. Additionally, the SAR narrative may benefit from information about the suspicious activity that may not be readily evident from SAR data fields alone, such as an explanation about why the filer selected different characterizations of suspicious activity in the SAR data fields. Note, however, that FinCEN Advisories may include requests for financial institutions to incorporate certain terms in SAR field 2 (Financial Institution Note to FinCEN) and in the narrative to indicate a connection between the suspicious activity being reported and the subject of an advisory.
Question 7: SAR Character Limits
Should financial institutions file additional SARs on the same suspicious activity to accommodate narratives that are longer than the SAR narrative character limits?
No. Filers must provide a clear, complete, and concise description of the suspicious activity that led to the decision to file the SAR. A financial institution that reaches the SAR narrative character limit should not file an additional SAR to continue a narrative in order to avoid duplicate filings on the same activity in the database. Instead, filers should focus the relevant information in the narrative as much as possible, and may include additional, relevant information as an attachment to the SAR, or note that it is available as supporting documentation. To keep narratives within the character limit and enable efficient review of information (such as transaction records) that is displayed most clearly in tabular format, filers can include a single comma-separated values (CSV) file with no more than one megabyte of data as an attachment to a SAR. If a filer wishes to include information in a tabular format in a SAR, the CSV attachment should be used; filers should not include tabular information within the SAR narrative. Filers must retain all supporting documentation or a business record equivalent for five years from the date of the report. All supporting documentation (such as copies of instruments; receipts; sale, transaction or clearing records; photographs; and surveillance audio or video recordings) must be made available to appropriate authorities upon request.
Law-Related Services Disclosure. Please be advised that CSG provides financial services compliance audit and consulting services to our clients. The services that we provide include certain tasks that may be characterized as “law-related services” under Rule 5.7 of the Rules of Professional Conduct governing lawyers. Since some of our employees are lawyers with an active bar license but are NOT engaged in the private practice of law, that Rule requires us to make disclosures clarifying that the services we perform may be law-related services, but they are not legal services. Because they are not legal services, those services and our relationship will not be governed by the Rules of Professional Conduct that guide the client-lawyer relationship, such as rules applicable to privileged communications and prohibitions of conflicts of interest. Notwithstanding this disclaimer, we will continue to govern our relationship with you using reasonable ethical and professional standards that are expected to meet your expectations.