[Federal Register Volume 61, Number 24 (Monday, February 5, 1996)]
[Rules and Regulations]
[Pages 4338-4344]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 96-2271]



=======================================================================
-----------------------------------------------------------------------

FEDERAL RESERVE SYSTEM

12 CFR Parts 208, 211 and 225

[Regulations H, K and Y; Docket No. R-0885]


Membership of State Banking Institutions in the Federal Reserve 
System; International Banking Operations; Bank Holding Companies and 
Change in Control; Reports of Suspicious Activities Under Bank Secrecy 
Act

AGENCY: Board of Governors of the Federal Reserve System.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Board of Governors of the Federal Reserve System (Board) 
is amending its regulations on the reporting of known or suspected 
criminal and suspicious activities by the domestic and foreign banking 
organizations supervised by the Board. This final rule streamlines 
reporting requirements by providing that such an organization file a 
new Suspicious Activity Report (SAR) with the Board and the appropriate 
federal law enforcement agencies by sending a SAR to the Financial 
Crimes Enforcement Network of the Department of the Treasury (FinCEN) 
to report a known or suspected criminal offense or a transaction that 
it suspects involves money laundering or violates the Bank Secrecy Act 
(BSA).

EFFECTIVE DATE: April 1, 1996.

FOR FURTHER INFORMATION CONTACT: Herbert A. Biern, Deputy Associate 
Director, Division of Banking Supervision and Regulation, (202) 452-
2620, Richard A. Small, Special Counsel, Division of Banking 
Supervision and Regulation, (202) 452-5235, or Mary Frances Monroe, 
Senior Attorney, Division of Banking Supervision and Regulation, (202) 
452-5231. For the users of Telecommunications Devices for the Deaf 
(TDD) only, contact Dorothea Thompson, (202) 452-3544, Board of 
Governors of the Federal Reserve System, 20th Street and Constitution 
Avenue, NW., Washington, DC 20551.

SUPPLEMENTARY INFORMATION:

Background

    The Board, the Office of the Comptroller of the Currency (OCC), the 


[[Page 4339]]
Federal Deposit Insurance Corporation (FDIC), and the Office of Thrift 
Supervision (OTS) (collectively, the Agencies) have issued for public 
comment substantially similar proposals to revise their regulations on 
the reporting of known or suspected criminal conduct and suspicious 
activities. The Department of the Treasury, through FinCEN, has issued 
for public comment a substantially similar proposal to require the 
reporting of suspicious transactions relating to money laundering 
activities.
    The Board's proposed regulation (60 FR 34481, July 3, 1995) noted 
that the interagency Bank Fraud Working Group, consisting of 
representatives from the Agencies, the National Credit Union 
Administration, law enforcement agencies, and FinCEN, has been working 
on the development of a single form, the SAR, for the reporting of 
known or suspected federal criminal law violations and suspicious 
activities. The Board's proposed regulation, as well as those proposed 
by the OCC, FDIC, OTS and FinCEN, attempted to simplify and clarify 
reporting requirements and reduce banking organizations' reporting 
burdens by raising mandatory reporting thresholds for criminal offenses 
and by requiring the filing of only one report with FinCEN.
    The Board's final rule adopts its proposal with a few additional 
changes that have been made in response to the comments received. The 
changes will result in burden reductions even greater than those that 
were proposed. The Board's, the other Agencies', and FinCEN's final 
rules relating to the reporting of suspicious activities are now 
substantially identical, and they:
    (1) Combine the current criminal referral rules of the federal 
financial institutions regulatory agencies with the Department of the 
Treasury's suspicious activity reporting requirements;
    (2) Create a uniform reporting form, the new Suspicious Activity 
Report or SAR, for use by banking organizations in reporting known or 
suspected criminal offenses, or suspicious activities related to money 
laundering and violations of the BSA;
    (3) Provide a system whereby a banking organization need only refer 
to the SAR and its instructions in order to complete and file the form 
in conformance with the Agencies' and FinCEN's reporting regulations;
    (4) Require the filing of only one form with FinCEN;
    (5) Eliminate the need to file supporting documentation with a SAR;
    (6) Enable a filer, through computer software that will be provided 
by the Board to all of the domestic and foreign banking organizations 
it supervises, to prepare a SAR on a computer and file it by magnetic 
media, such as a computer disc or tape;
    (7) Establish a database that will be accessible to federal and 
state financial institutions regulators and law enforcement agencies;
    (8) Raise the thresholds for mandatory reporting in two categories 
and create a threshold for the reporting of suspicious transactions 
related to money laundering and violations of the BSA in order to 
reduce the reporting burdens on banking organizations; and
    (9) Emphasize recent changes in the law that provide a safe harbor 
from civil liability to banking organizations and their employees for 
reporting of known or suspected criminal offenses or suspicious 
activities, by filing a SAR or by reporting by other means, and provide 
criminal sanctions for the unauthorized disclosure of such report to 
any party involved in the reported transaction.

Section-by-Section Analysis

    Under the Board's final rule, state member banks, bank holding 
companies and their nonbank subsidiaries, most U.S. branches and 
agencies and other offices of foreign banks, and Edge and Agreement 
corporations need only follow SAR instructions for completing and 
filing the SAR to be in compliance with the Board's and FinCEN's 
reporting requirements. The following section-by-section analysis 
correlates the specific SAR instruction number with the applicable 
section of the Board's final rule:
    Section 208.20(a) (Instruction No. 1 on the SAR) provides that a 
state member bank must file a SAR when it detects a known or suspected 
violation of federal law or a suspicious activity pertinent to a money 
laundering offense.
    Section 208.20(b) provides pertinent definitions.
    Sections 208.20(c) (1), (2), and (3) (Instructions 1 a., b., and c. 
on the SAR) instruct a state member bank to file a SAR with FinCEN in 
order to comply with the requirement to notify federal law enforcement 
agencies if the bank detects any known or suspected federal criminal 
violation, or pattern of violations, committed or attempted against the 
bank, or involving one or more transactions conducted through the bank, 
and the bank believes it was an actual or potential victim of a crime, 
or was used to facilitate a crime. If the bank has a substantial basis 
for identifying one of its insiders or other institution-affiliated 
parties in connection with the known or suspected crime, reporting is 
required regardless of the dollar amount involved. If the bank can 
identify a non-insider suspect, the applicable transaction threshold is 
$5,000. In cases in which no suspect can be identified, the applicable 
transaction threshold is $25,000. These sections were not changed from 
the proposed regulations published for public comment in July 1995.
    Section 208.20(c)(4) (Instruction 1 d. on the SAR) instructs a 
state member bank to file a SAR with FinCEN in order to comply with the 
requirement to notify federal law enforcement agencies and the 
Department of the Treasury of transactions involving $5,000 or more in 
funds or other assets when the bank knows, suspects or has reason to 
suspect that the transaction: (i) Involves money laundering, (ii) is 
designed to evade any regulations promulgated under the Bank Secrecy 
Act, or (iii) has no business or apparent lawful purpose or is not the 
sort in which the particular customer normally engages and, after 
examining the available facts, the bank knows of no reasonable 
explanation for the transaction. Section 208.20(c)(4) has been modified 
in the final rule to reflect comments received on the proposal. Most 
notably, the circumstances under which a transaction should be reported 
under this section were clarified, and a reporting threshold of $5,000 
was added.
    Section 208.20(c)(4) recognizes the emerging international 
consensus that the efforts to deter, substantially reduce, and 
eventually eradicate money laundering are greatly assisted by the 
reporting of suspicious transactions by banking organizations. The 
requirements of this section comply with the recommendations adopted by 
multi-country organizations in which the United States is an active 
participant, including the Financial Action Task Force of G-7 nations 
and the Organization of American States, and are consistent with the 
European Community's directive on preventing money laundering through 
financial institutions.
    Section 208.20(d) (Instruction 2 on the SAR) provides that SARs 
must be filed within 30 calendar days of the initial detection of the 
criminal or suspicious activity. An additional 30 days is permitted in 
order to enable a bank to identify a suspect, but in no event may a SAR 
be filed later than 60 days after the initial detection of the 
reportable conduct. The Board and law enforcement must be notified in 
the case of a violation requiring immediate action, such as an on-going 
violation. These reporting requirements were not changed from the July 
1995 proposal, 

[[Page 4340]]
with the exception of the addition of the requirement that the Board be 
notified about on-going offenses requiring immediate notification to 
law enforcement authorities.
    Section 208.20(e) encourages a state member bank to file a SAR with 
state and local law enforcement agencies. This section is unchanged 
from the July 1995 proposal.
    Section 208.20(f) (Instruction 3 on the SAR) provides that a state 
member bank need not file a SAR for an attempted or committed burglary 
or robbery reported to the appropriate law enforcement agencies. In 
addition, a SAR need not be filed for missing or counterfeit securities 
that are the subject of a report pursuant to Rule 17f-1 under the 
Securities Exchange Act of 1934. This section of the final rule was not 
modified from the version published for public comment in July 1995.
    Section 208.20(g) requires that a state member bank retain a copy 
of the SAR and the original or business record equivalent of supporting 
documentation for a period of five years. The section also requires 
that a state member bank identify and maintain supporting documentation 
in its files and that the bank make available such documentation to law 
enforcement agencies upon their request. The Board made three changes 
to this section from the version published for public comment in July 
1995. First, the record retention period was shortened from 10 years to 
five years. Second, provision was made for the retention of business 
record equivalents of original documents, such as microfiche and 
computer imaged record systems, in recognition of modern record 
retention technology. The third change involves the clarification of a 
state member bank's obligation to provide supporting documentation upon 
request to law enforcement officials. Supporting documentation is 
deemed filed with a SAR in accordance with this section of the Board's 
final rule; as such, law enforcement authorities need not make their 
access requests through subpoena or other legal processes.
    Section 208.20(h) requires the management of a state member bank to 
report the filing of all SARs to the board of directors of the bank, or 
a designated committee thereof. No change was made from the July 1995 
proposal.
    Section 208.20(i) reminds a state member bank and its institution-
affiliated parties that failure to file a SAR may expose them to 
supervisory action. No change from the July 1995 proposal was made.
    Section 208.20(j) provides that SARs are confidential. Requests for 
SARs or the information contained therein should be declined. The final 
rule also adds a requirement that a request for a SAR or the 
information contained therein should be reported to the Board. With the 
exception of the added requirement that requests for SARs be reported 
to the Board, no changes were made to this section from the July 1995 
proposal.
    Section 208.20(k) sets forth the safe harbor provisions of 31 
U.S.C. 5318(g). This new section, which was added to the final rule as 
the result of many comments concerning this important statutory 
protection for banking organizations, states that the safe harbor 
provisions of the law are triggered by a report of known or suspected 
criminal violations or suspicious activities to law enforcement 
authorities, regardless whether the report is made by the filing of a 
SAR in accordance with the Board's rules or for other reasons by 
different means.
    Sections 211.8, 211.24(f), and 225.4(f) of the Board's rules 
relating to the activities of foreign banking organizations and bank 
holding companies have not been changed in a substantive manner. Only 
the references in the sections to ``criminal referral forms'' have been 
changed to reflect the new name for the reporting form, the SAR. The 
SAR filing requirements, as well as the safe harbor and notification 
prohibition provisions of 31 U.S.C. 5318(g), continue to be applicable 
to all foreign banking organizations and bank holding companies and 
their nonbank subsidiaries supervised by the Federal Reserve through 
these provisions.

Comments Received

    The Board received letters from 44 public commenters. Comments were 
received from 15 community banks, 13 multinational or large regional 
banks, eight trade and industry research groups, seven Federal Reserve 
Banks and one law firm.
    The large majority of commenters expressed general support for the 
Board's proposal. None of the commenters opposed the proposed new 
suspicious activity reporting rules. A number of suggestions and 
requests for clarification were received. They are as follows.

Criminal Versus Suspicious Activities

    Many commenters expressed confusion over the difference between the 
known or suspected criminal conduct that would be subject to the dollar 
reporting thresholds (provided such conduct does not involve an 
institution-affiliated party of the reporting entity) and the 
suspicious activities that would be reported regardless of dollar 
amount. Section 208.20(c)(4) has been revised to add a $5,000 reporting 
threshold and to clarify that the suspicious activity must relate to 
money laundering and Bank Secrecy Act violations. A threshold for the 
reporting of suspicious activities was added to reduce further the 
reporting burdens on banking organizations.

Reporting of Crimes Under State Law

    A number of commenters requested clarification of whether 
activities constituting crimes under state law, but not under federal 
law, should be reported on the SAR. The Board continues to encourage 
banking organizations to refer criminal and suspicious activities under 
both federal and state law by filing a SAR. Under the new reporting 
system designed by the Board, the other Agencies, and FinCEN, state 
chartered banking organizations should be able to fulfill their state 
reporting obligations by filing a SAR with FinCEN.

Safe Harbor Protections; Potential Liability Under Federal and State 
Laws

    Some commenters expressed the concern that banking organizations 
and their institution-affiliated parties could be liable under federal 
and state laws, such as the Right to Financial Privacy Act, for filing 
SARs with respect to conduct that is later found not to have been 
criminal. Another concern was that the filing of SARs with state and 
local law enforcement agencies would subject filers to claims under 
state law. Both of these concerns are addressed by the scope of the 
safe harbor protections provided in 31 U.S.C. 5318(g).
    The Board is of the opinion that the safe harbor statute is broadly 
defined to include the reporting of known or suspected criminal 
offenses or suspicious activities, by filing a SAR or by reporting by 
other means, with state and local law enforcement authorities, as well 
as with the Agencies and FinCEN.
    A few commenters requested that the Board make explicit the safe 
harbor protections of 31 U.S.C. 5318(g)(2) and (3) on the SAR. They are 
included in new Section 208.20(k) of this rule and on the form.

Record Retention

    Several commenters expressed the view that the 10-year period for 
the retention of records in Section 208.20(g) was excessive, especially 
in light of a five-year record retention requirement for records that 
is contained in the Bank Secrecy Act. The 10-year period in the Board's 
proposed regulation would have 

[[Page 4341]]
continued the Board's existing record retention requirement for 
criminal referral forms. However, in recognition of the potential 
burden of document retention on financial institutions, the Board has 
limited the record retention period to five years.

Dollar Thresholds

    A few commenters encouraged the Board to raise the dollar 
thresholds for known or suspected criminal conduct by non-insiders, or 
to establish a dollar threshold for insiders. The Board has considered 
these comments, but at this time it believes that the thresholds meet 
and properly balance the dual concerns of prosecuting criminal activity 
involving banking organizations and minimizing the burden on banking 
organizations. With respect to the suggestion that the Board adopt a 
dollar threshold for insider violations, it is noted that insider abuse 
has long been a key concern and focus of enforcement efforts at the 
Board. With the development of a new sophisticated automated database, 
the Board and law enforcement agencies will have the benefit of a 
comprehensive and easily accessible catalogue of known or suspected 
insider wrongdoing. The Board does not wish to limit the information it 
receives regarding insider wrongdoing. Some petty crimes, for example, 
repetitive thefts of small amounts of cash by an employee who 
frequently moves between banking organizations, may warrant enforcement 
action or criminal prosecution.
    One commenter suggested an indexed threshold, based on the regional 
differences in the various dollar thresholds below which the federal, 
state, and local prosecutors generally decline prosecution. While the 
Board recognizes that there may be regional variations in the dollar 
amount of financial crimes generally prosecuted, the Board's concern is 
to place the relevant information in the hands of the investigating and 
prosecuting authorities. The prosecuting authorities then may consider 
whether to pursue a particular matter. In the Board's view, the dollar 
thresholds proposed and adopted in this final rule best balance the 
interests of law enforcement and banking organizations. The Board also 
believes that indexed thresholds could create more confusion than 
benefit to banking organizations.
    Commenters also suggested the creation of a dollar threshold for 
the reporting of suspicious activities relating to money laundering 
offenses. A $5,000 threshold has been established for reporting of such 
suspicious activities.
    Questions were raised regarding the permissibility of filing SARs 
in situations in which the dollar thresholds for known or suspected 
criminal conduct or suspicious activity are not met and the 
applicability of the safe harbor provisions of 31 U.S.C. 5318(g) to 
such non-mandatory filings. It is the opinion of the Board that the 
safe harbor provisions of 31 U.S.C. 5318(g) cover all reports of 
suspected or known criminal violations and suspicious activities to law 
enforcement authorities, regardless of whether such reports are filed 
pursuant to the mandatory requirements of the Board's regulations or 
are voluntary.

Notification of On-Going Violations and of State and Local Law 
Enforcement Authorities

    Proposed Section 208.20(d) required a banking organization to 
notify immediately the law enforcement authorities in the event of an 
on-going violation. Section 208.20(e) encourages the filing of a copy 
of the SAR with state and local law enforcement agencies in appropriate 
cases. This requirement and guidance were found by some commenters to 
be unclear as to when immediate notification or the filing of the SAR 
with state and local authorities would be required. The Board wishes to 
clarify that immediate notification is limited to situations involving 
on-going violations, for example, when a check kite or money laundering 
has been detected and may be continuing. It is impossible for the Board 
to contemplate all of the possible circumstances in which it might be 
appropriate for a banking organization to advise state and local law 
enforcement authorities. Banking organizations should use their best 
judgment regarding when to alert them regarding on-going criminal 
offenses or suspicious activities.

Supporting Documentation

    The proposed requirements that an institution maintain ``related'' 
documentation and make ``supporting'' documentation available to the 
law enforcement agencies upon request were criticized as inconsistent 
and vague. One commenter questioned whether the Board intended a 
substantive difference in meaning between ``related'' and 
``supporting.'' As a substantive difference is not intended, the Board 
has referred to ``supporting'' documentation in the final rule in 
reference both to the maintenance and production requirements. The 
Board believes that the use of the word ``supporting'' is more precise 
and limits the scope of the information which must be retained to that 
which would be useful in proving that the crime has been committed and 
by whom it has been committed. As to the criticism that the meaning of 
``related'' or ``supporting'' documentation is vague, it is anticipated 
that banking organizations will use their judgment in determining the 
information to be retained. It is impossible for the Board to catalogue 
the precise types of information covered by this requirement, as it 
necessarily depends upon the facts of a particular case.

Scope of Confidentiality Requirement

    One commenter correctly noted that the proposed regulation is 
unclear as to whether the confidentiality requirement applies only to 
the information contained on the SAR itself, or whether the requirement 
extends to the ``supporting'' documentation. The Board takes the 
position that only the SAR and the fact that supporting documentation 
to a SAR exists are subject to the confidentiality requirements of 31 
U.S.C. 5318(g). The supporting documentation itself is not subject to 
the confidentiality provisions of 31 U.S.C. 5318(g). The safe harbor 
provisions of 31 U.S.C. 5318(g), however, apply to the SAR and 
supporting documentation, as set forth in Section 208.20(k).

Provisions of Supporting Documentation to Law Enforcement Authorities 
Upon Request

    Many commenters noted that the guidance provided in the Board's 
proposed regulation regarding giving supporting documentation to law 
enforcement agencies upon their request after the filing of a SAR was 
unclear or contrary to law. Some questioned whether law enforcement 
agencies would still need to subpoena relevant documents from a banking 
organization. The Board's regulation requires banking organizations 
filing SARs to identify, maintain and treat the documentation 
supporting the report as if it were actually filed with the SAR. This 
means that subsequent requests from law enforcement authorities for the 
supporting documentation relating to a particular SAR does not require 
the service of a subpoena or other legal processes normally associated 
with providing information to law enforcement agencies.

Civil Litigation

    The Board was encouraged to adopt regulations that would make SARs 
undiscoverable in civil litigation in order to avoid situations in 
which a banking organization could be ordered by a court to produce a 
SAR in civil 

[[Page 4342]]
litigation and could be confronted with the prospect of having to 
choose between being found in contempt or violating the Board's rules. 
In the opinion of the Board, 31 U.S.C. 5318(g) precludes the disclosure 
of SARs. The final rule requires a banking organization that receives a 
subpoena or other request for a SAR to notify the Board so that the 
Board may, if appropriate, intervene in litigation or seek the 
assistance of the U.S. Department of Justice.

Maintenance of Originals

    Proposed Section 208.20(g) required the maintenance of supporting 
documentation in its original form. A number of commenters noted that 
electronic storage of documents is becoming the rule rather than the 
exception, and that requiring the storage of paper originals would 
impose undue burdens on financial institutions. Moreover, some records 
are retained only in a computer database. The proposed regulation 
reflected the concerns of the law enforcement agencies that the best 
evidence be preserved. However, upon further consideration, the Board 
wishes to clarify that the electronic storage of original documentation 
related to the filing of a SAR is permissible. In addition, the Board 
recognizes that a banking organization will not always have custody of 
the originals of documents and that some documents will not exist at 
the organization in paper form. In those cases, preservation of the 
best available evidentiary documents, for example, computer disks or 
photocopies, should be acceptable. This has been reflected in the final 
rule by changing the reference to original documents to ``original 
documents or business record equivalents.''

Investigation and Proof Burdens

    One commenter expressed the concern that a banking organization 
would need to establish probable cause before reporting crimes for 
which an essential element of the proof of the crime was the intent of 
the actor. The Board does not intend that banking organizations assume 
the burden of proving illegal conduct; rather, banking organizations 
are required to report known or suspected crimes or suspicious 
activities in accordance with this final rule.

Supplementary or Corrective Information; Reporting of Multiple Crimes 
or Suspects

    Material information that supplements or corrects a SAR should be 
filed with FinCEN by means of a subsequent SAR. The first page of the 
SAR provides boxes for the reporter to indicate whether the report is 
an initial, a corrected or a supplemental report.
    One commenter requested guidance on the reporting of multiple 
crimes or related crimes committed by more than one individual. The 
instructions to the SAR contemplate that additional suspects may be 
reported by means of a supplemental page. Likewise, multiple crimes 
committed by a suspect may be reported by means of multiple check-offs 
on the SAR, or if needed, by a written addendum to the SAR. In the 
event that related crimes have been committed by more than one person, 
a description of the related crimes may be made by addendum to the SAR. 
The Board encourages filers to make a complete report of all known or 
suspected criminal or suspicious activity. The SAR may be supplemented 
in order to facilitate a complete disclosure.

Calculation of Time Frame for Reporting

    A number of commenters requested that the Board clarify the 
application of the deadline for filing SARs. The Board's proposed 
regulation used the broadest possible language to set the time frames 
for the reporting of known or suspected criminal offenses and 
suspicious activities in order to best guide reporting institutions. 
Absolute deadlines for the filing of SARs are important to the 
investigatory and prosecutorial efforts of law enforcement authorities. 
It is expected that banking organizations will meet the filing 
deadlines once conduct triggering the reporting requirements is 
identified. Further clarification of the time frames is not needed in 
the Board's view.

Board Notification Requirements

    Several commenters expressed general support for the modification 
of the reporting requirement that permits reporting of SARs to a 
committee of the board. As a matter of clarification, notification of a 
committee of the board relieves the banking organization of the 
obligation to disclose the SARs filed to the entire board. It would be 
expected, however, that the appointed committee, such as the audit 
committee, would report to the full board at regular intervals with 
respect to routine matters in the same manner and to the same extent as 
other committees report at board meetings. With respect to serious 
crimes or insider malfeasance, the appointed committee likely should 
consider it appropriate to make more immediate disclosure to the full 
board.
    Some larger banking organizations expressed the view that prompt 
disclosure of SARs to the board or a committee would impose a serious 
burden because larger organizations typically file a larger number of 
criminal referral forms (now, SARs). While the Board acknowledges that 
larger institutions may have more SARs to report to the board or a 
committee, this does not alter the directors' fiduciary obligation to 
monitor, for example, the condition of the institution and to take 
action to prevent losses. The final regulation does not dictate the 
content of the board or committee notification, and, in some cases, 
such as when relatively minor non-insider crimes are to be reported, it 
may be completely appropriate to provide only a summary listing of SARs 
filed. The Board expects the management of banking organizations to 
provide a more detailed notification to the boards or committees of 
SARs involving insiders or a potential material loss to the 
institutions.

Information Sharing

    Commenters suggested that the final regulations should somehow 
facilitate the sharing of information among banking organizations in 
order to better detect new fraudulent schemes. It is anticipated that 
the Treasury Department, through FinCEN, and the Agencies, will keep 
reporting entities apprised of recent developments and trends in 
banking-related crimes through periodic pronouncements, meetings, and 
seminars.

Single Filing Requirement; Acknowledgement of Filings

    Some commenters requested clarification of the single form filing 
requirement. The Board reiterates that the filing of a SAR with FinCEN 
is the only filing that is required. Federal and state law enforcement 
and bank supervisory agencies will have access to the database created 
and maintained by FinCEN on behalf of the Agencies and the Department 
of Treasury; thus, a single filing with FinCEN is all that is required 
under the new reporting system.
    Commenters also requested that the final rule permit the filing of 
SARs via telecopier. Such filings are not compatible with the system 
developed by the Agencies and FinCEN. Banking organizations can file 
the SAR via magnetic media using the computer software to be provided 
to all banking organizations by the Board and each of the other 
Agencies with respect to the institutions they supervise. Larger 
banking organizations that currently file currency transaction reports 
via magnetic tape with FinCEN may also file SARs by magnetic tape. 

[[Page 4343]]


Regulatory Flexibility Act

    The Board certifies that this final regulation will not have a 
significant financial impact on a substantial number of small banks or 
other small entities.

Paperwork Reduction Act

    In accordance with Section 3506 of the Paperwork Reduction Act of 
1995 (44 U.S.C. Ch. 35; 5 CFR 1320 Appendix A.1), the Board reviewed 
the rule under the authority delegated to the Board by the Office of 
Management and Budget.
    The collection of information requirements in this regulation are 
found in 12 CFR 208.20, 211.8, 211.24, and 225.4. This information is 
mandatory and is necessary to inform appropriate law enforcement 
agencies of known or suspected criminal or suspicious activities that 
take place at or were perpetrated against financial institutions. 
Information collected on this form is confidential (5 U.S.C. 552(b)(7) 
and 552a(k)(2), and 31 U.S.C. 5318(g)). The federal financial 
institution regulatory agencies and the U.S. Department of Justice may 
use and share the information. The respondents/recordkeepers are for-
profit financial institutions, including small businesses.
    The Federal Reserve may not conduct or sponsor, and an organization 
is not required to respond to, this information collection unless it 
displays a currently valid OMB control number. The OMB control number 
is 7100-0212.
    No comments specifically addressing the hour burden estimate were 
received.
    It is estimated that there will be 12,000 responses from state 
member banks, bank holding companies, Edge and agreement corporations, 
and U.S. branches and agencies of foreign banks.
    Both the new regulation and revisions made to the proposed 
regulation and reflected in this final rule simplify the submission of 
the reporting form and shorten the records retention requirement. 
However, the same amount of information will be collected under the new 
rule. The burden per respondent varies depending on the nature of the 
criminal or suspicious activity being reported. The Federal Reserve 
estimates that the average annual burden for reporting and 
recordkeeping per response will remain .6 hours. Thus the Federal 
Reserve estimates the total annual hour burden to be 7,200 hours. Based 
on an hourly cost of $20, the annual cost to the public is estimated to 
be $144,000.
    Send comments regarding the burden estimate, or any other aspect of 
this collection of information, including suggestions for reducing the 
burden, to: Secretary, Board of Governors of the Federal Reserve 
System, 20th and C Streets, N.W., Washington, D.C. 20551 and to the 
Office of Management and Budget, Paperwork Reduction Project (7100-
0212), Washington, D.C. 20503.

List of Subjects

12 CFR Part 208

    Accounting, Agriculture, Banks, banking, Confidential business 
information, Crime, Currency, Federal Reserve System, Flood insurance, 
Mortgages, Reporting and recordkeeping requirements, Securities.

12 CFR Part 211

    Exports, Federal Reserve System, Foreign banking, Holding 
companies, Investments, Reporting and recordkeeping requirements.

12 CFR Part 225

    Administrative practice and procedures, Banks, banking, Federal 
Reserve System, Holding companies, Reporting and recordkeeping 
requirements, Securities.

    For the reasons set forth in the preamble, Parts 208, 211 and 225 
of chapter II of title 12 of the Code of Federal Regulations are 
amended as set forth below:

PART 208--MEMBERSHIP OF STATE BANKING INSTITUTIONS IN THE FEDERAL 
RESERVE SYSTEM (REGULATION H)

    1. The authority citation for 12 CFR Part 208 continues to read as 
follows:

    Authority: 12 U.S.C. 36, 248(a), 248(c), 321-338a, 371d, 461, 
481-486, 601, 611, 1814, 1823(j), 1828(o), 1831o, 1831p-1, 3105, 
3310, 3331-3351, and 3906-3909; 15 U.S.C. 78b, 781(b), 781(g), 
781(i), 78o-4(c)(5), 78q, 78q-1 and 78w; 31 U.S.C. 5318; 42 U.S.C. 
4102a, 4104a, 4104b, 4106, and 4128.

    2. Section 208.20 is revised to read as follows:


Sec. 208.20  Suspicious Activity Reports.

    (a) Purpose. This section ensures that a state member bank files a 
Suspicious Activity Report when it detects a known or suspected 
violation of Federal law, or a suspicious transaction related to a 
money laundering activity or a violation of the Bank Secrecy Act. This 
section applies to all state member banks.
    (b) Definitions. For the purposes of this section:
    (1) FinCEN means the Financial Crimes Enforcement Network of the 
Department of the Treasury.
    (2) Institution-affiliated party means any institution-affiliated 
party as that term is defined in 12 U.S.C. 1786(r), or 1813(u) and 
1818(b) (3), (4) or (5).
    (3) SAR means a Suspicious Activity Report on the form prescribed 
by the Board.
    (c) SARs required. A state member bank shall file a SAR with the 
appropriate Federal law enforcement agencies and the Department of the 
Treasury in accordance with the form's instructions by sending a 
completed SAR to FinCEN in the following circumstances:
    (1) Insider abuse involving any amount. Whenever the state member 
bank detects any known or suspected Federal criminal violation, or 
pattern of criminal violations, committed or attempted against the bank 
or involving a transaction or transactions conducted through the bank, 
where the bank believes that it was either an actual or potential 
victim of a criminal violation, or series of criminal violations, or 
that the bank was used to facilitate a criminal transaction, and the 
bank has a substantial basis for identifying one of its directors, 
officers, employees, agents or other institution-affiliated parties as 
having committed or aided in the commission of a criminal act 
regardless of the amount involved in the violation.
    (2) Violations aggregating $5,000 or more where a suspect can be 
identified. Whenever the state member bank detects any known or 
suspected Federal criminal violation, or pattern of criminal 
violations, committed or attempted against the bank or involving a 
transaction or transactions conducted through the bank and involving or 
aggregating $5,000 or more in funds or other assets, where the bank 
believes that it was either an actual or potential victim of a criminal 
violation, or series of criminal violations, or that the bank was used 
to facilitate a criminal transaction, and the bank has a substantial 
basis for identifying a possible suspect or group of suspects. If it is 
determined prior to filing this report that the identified suspect or 
group of suspects has used an ``alias,'' then information regarding the 
true identity of the suspect or group of suspects, as well as alias 
identifiers, such as drivers' license or social security numbers, 
addresses and telephone numbers, must be reported.
    (3) Violations aggregating $25,000 or more regardless of a 
potential suspect. Whenever the state member bank detects any known or 
suspected Federal criminal violation, or pattern of criminal 
violations, committed or attempted against the bank or involving a 
transaction or transactions conducted through the bank and involving or 
aggregating $25,000 or more in funds or other assets, where the bank 
believes that it was either an actual or potential 

[[Page 4344]]
victim of a criminal violation, or series of criminal violations, or 
that the bank was used to facilitate a criminal transaction, even 
though there is no substantial basis for identifying a possible suspect 
or group of suspects.
    (4) Transactions aggregating $5,000 or more that involve potential 
money laundering or violations of the Bank Secrecy Act. Any transaction 
(which for purposes of this paragraph (c)(4) means a deposit, 
withdrawal, transfer between accounts, exchange of currency, loan, 
extension of credit, purchase or sale of any stock, bond, certificate 
of deposit, or other monetary instrument or investment security, or any 
other payment, transfer, or delivery by, through, or to a financial 
institution, by whatever means effected) conducted or attempted by, at 
or through the state member bank and involving or aggregating $5,000 or 
more in funds or other assets, if the bank knows, suspects, or has 
reason to suspect that:
    (i) The transaction involves funds derived from illegal activities 
or is intended or conducted in order to hide or disguise funds or 
assets derived from illegal activities (including, without limitation, 
the ownership, nature, source, location, or control of such funds or 
assets) as part of a plan to violate or evade any law or regulation or 
to avoid any transaction reporting requirement under federal law;
    (ii) The transaction is designed to evade any regulations 
promulgated under the Bank Secrecy Act; or
    (iii) The transaction has no business or apparent lawful purpose or 
is not the sort in which the particular customer would normally be 
expected to engage, and the bank knows of no reasonable explanation for 
the transaction after examining the available facts, including the 
background and possible purpose of the transaction.
    (d) Time for reporting. A state member bank is required to file a 
SAR no later than 30 calendar days after the date of initial detection 
of facts that may constitute a basis for filing a SAR. If no suspect 
was identified on the date of detection of the incident requiring the 
filing, a state member bank may delay filing a SAR for an additional 30 
calendar days to identify a suspect. In no case shall reporting be 
delayed more than 60 calendar days after the date of initial detection 
of a reportable transaction. In situations involving violations 
requiring immediate attention, such as when a reportable violation is 
on-going, the financial institution shall immediately notify, by 
telephone, an appropriate law enforcement authority and the Board in 
addition to filing a timely SAR.
    (e) Reports to state and local authorities. State member banks are 
encouraged to file a copy of the SAR with state and local law 
enforcement agencies where appropriate.
    (f) Exceptions. (1) A state member bank need not file a SAR for a 
robbery or burglary committed or attempted that is reported to 
appropriate law enforcement authorities.
    (2) A state member bank need not file a SAR for lost, missing, 
counterfeit, or stolen securities if it files a report pursuant to the 
reporting requirements of 17 CFR 240.17f-1.
    (g) Retention of records. A state member bank shall maintain a copy 
of any SAR filed and the original or business record equivalent of any 
supporting documentation for a period of five years from the date of 
the filing of the SAR. Supporting documentation shall be identified and 
maintained by the bank as such, and shall be deemed to have been filed 
with the SAR. A state member bank must make all supporting 
documentation available to appropriate law enforcement agencies upon 
request.
    (h) Notification to board of directors. The management of a state 
member bank shall promptly notify its board of directors, or a 
committee thereof, of any report filed pursuant to this section.
    (i) Compliance. Failure to file a SAR in accordance with this 
section and the instructions may subject the state member bank, its 
directors, officers, employees, agents, or other institution-affiliated 
parties to supervisory action.
    (j) Confidentiality of SARs. SARs are confidential. Any state 
member bank subpoenaed or otherwise requested to disclose a SAR or the 
information contained in a SAR shall decline to produce the SAR or to 
provide any information that would disclose that a SAR has been 
prepared or filed citing this section, applicable law (e.g., 31 U.S.C. 
5318(g)), or both, and notify the Board.
    (k) Safe harbor. The safe harbor provisions of 31 U.S.C. 5318(g), 
which exempts any state member bank that makes a disclosure of any 
possible violation of law or regulation from liability under any law or 
regulation of the United States, or any constitution, law or regulation 
of any state or political subdivision, covers all reports of suspected 
or known criminal violations and suspicious activities to law 
enforcement and financial institution supervisory authorities, 
including supporting documentation, regardless of whether such reports 
are filed pursuant to this section or are filed on a voluntary basis.

PART 211--INTERNATIONAL BANKING OPERATIONS (REGULATION K)

    1. The authority citation for 12 CFR Part 211 continues to read as 
follows:

    Authority: 12 U.S.C. 221 et seq., 1818, 1841 et seq., 3101 et 
seq., 3901 et seq.


Secs. 211.8 and 211.24  [Amended]

    2. In Secs. 211.8 and 211.24(f), remove the words ``criminal 
referral form'' and add, in their place, the words ``suspicious 
activity report''.

PART 225--BANK HOLDING COMPANIES AND CHANGE IN BANK CONTROL 
(REGULATION Y)

    1. The authority citation for 12 CFR Part 225 continues to read as 
follows:

    Authority: 12 U.S.C. 1817(j)(13), 1818, 1831i, 1831p-1, 
1843(c)(8), 1844(b), 1972(l), 3106, 3108, 3310, 3331-3351, 3907, and 
3909.


Sec. 225.4  [Amended]

    2. In Sec. 225.4, the heading of paragraph (f) is revised to read 
``Suspicious Activity Report.''.
    3. In Sec. 225.4(f), remove the words ``criminal referral form'' 
and add, in their place, the words ``suspicious activity report''.

    By order of the Board of Governors of the Federal Reserve 
System, January 30, 1996.
William W. Wiles,
Secretary of the Board.
[FR Doc. 96-2271 Filed 2-2-96 8:45 am]
BILLING CODE 6210-01-P