[Federal Register Volume 61, Number 24 (Monday, February 5, 1996)] [Rules and Regulations] [Pages 4326-4332] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 96-2272] [[Page 4325]] _______________________________________________________________________ Part IV Department of the Treasury 31 CFR Part 103 Department of the Treasury Office of the Comptroller of the Currency 12 CFR Part 21 Federal Reserve System 12 CFR Part 208, et al. _______________________________________________________________________ Suspicious Transactions Reporting Requirements; Final Rules Federal Register / Vol. 61, No. 24 / Monday, February 5, 1996 / Rules and Regulations [[Page 4326]] DEPARTMENT OF THE TREASURY 31 CFR Part 103 RIN 1506-AA13 Amendment to the Bank Secrecy Act Regulations; Requirement To Report Suspicious Transactions AGENCY: Financial Crimes Enforcement Network, Treasury. ACTION: Final rule. ----------------------------------------------------------------------- SUMMARY: This document contains a final rule requiring banks and other depository institutions to report to the Department of the Treasury under the Bank Secrecy Act any suspicious transactions relevant to possible violations of federal law or regulation. The rule is adopted by the Financial Crimes Enforcement Network (``FinCEN'') to implement the authority granted to the Secretary of the Treasury by the Bank Secrecy Act. The rule is a key to the creation of a new method for the reporting by depository institutions, on a uniform ``Suspicious Activity Report,'' of suspicious transactions and known or suspected criminal violations; related rules have been or will be adopted by the five federal financial supervisory agencies that examine and regulate the safety and soundness of depository institutions. EFFECTIVE DATE: April 1, 1996. FOR FURTHER INFORMATION CONTACT: Pamela Johnson, Assistant Director, Office of Financial Institutions Policy, FinCEN (703) 905-3920; Charles Klingman, Office of Financial Institutions Policy, FinCEN (703) 905- 3920; Stephen R. Kroll, Legal Counsel, FinCEN (703) 905-3590; or Joseph M. Myers, Attorney-Advisor, Office of Legal Counsel, FinCEN, at (703) 905-3590. SUPPLEMENTARY INFORMATION: I. Statutory Provisions The Bank Secrecy Act, Pub. L. 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5330, authorizes the Secretary of the Treasury, inter alia, to issue regulations requiring financial institutions to keep records and file reports that are determined to have a high degree of usefulness in criminal, tax, and regulatory matters, and to implement counter-money laundering programs and compliance procedures. Regulations implementing Title II of the Bank Secrecy Act (codified at 31 U.S.C. 5311-5330), appear at 31 CFR Part 103. The authority of the Secretary to administer the Bank Secrecy Act has been delegated to the Director of FinCEN. The provisions of 31 U.S.C. 5318(g) deal with the reporting of suspicious transactions by financial institutions subject to the Bank Secrecy Act and the protection from liability to customers of persons who make such reports.\1\ Subsection (g)(1) states generally: \1\ The authority to require reporting of suspicious transactions was added to the Bank Secrecy Act by section 1517 of the Annunzio-Wylie Anti-Money Laundering Act (``Annunzio-Wylie''), Title XV of the Housing and Community Development Act of 1992, Pub. L. 102-550; it was expanded by section 403 of the Money Laundering Suppression Act of 1994 (the ``Money Laundering Suppression Act''), Title IV of the Riegle Community Development and Regulatory Improvement Act of 1994, Pub. L. 103-325, to require designation of a single government recipient for reports of suspicious transactions. --------------------------------------------------------------------------- The Secretary may require any financial institution, and any director, officer, employee, or agent of any financial institution, to report any suspicious transaction relevant to a possible violation of law or regulation. Subsection (g)(2) provides further: A financial institution, and a director, officer, employee, or agent of any financial institution, who voluntarily reports a suspicious transaction, or that reports a suspicious transaction pursuant to this section or any other authority, may not notify any person involved in the transaction that the transaction has been reported. Subsection (g)(3) provides that neither a financial institution, nor any director, officer, employee, or agent that makes a disclosure of any possible violation of law or regulation or a disclosure pursuant to this subsection or any other authority . . . shall . . . be liable to any person under any law or regulation of the United States or any constitution, law, or regulation of any State or political subdivision thereof, for such disclosure or for any failure to notify the person involved in the transaction or any other person of such disclosure. Finally, subsection (g)(4) requires the Secretary of the Treasury, ``to the extent practicable and appropriate,'' to designate ``a single officer or agency of the United States to whom such reports shall be made.'' This designation is not to preclude the authority of supervisory agencies to require financial institutions to submit other reports to the same agency ``under any other applicable provision of law.'' 31 U.S.C. 5318(g)(4)(C). The designated agency is in turn responsible for referring any report of a suspicious transaction to ``any appropriate law enforcement or supervisory agency.'' Id., at subsection (g)(4)(B). II. Notice of Proposed Rulemaking On September 7, 1995, a notice of proposed rulemaking (the ``Notice''), under the authority contained in 31 U.S.C. 5318(g), relating to the reporting of suspicious transactions by banks and other depository institutions,\2\ was published in the Federal Register (60 FR 46,556). Like this final rule, the Notice was published in coordination with the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Office of Thrift Supervision, and the National Credit Union Administration (collectively, the ``Supervisory Agencies''). An announcement that the time to comment on the Notice had been extended until November 13, 1995, was published in the Federal Register on October 13, 1995, 60 FR 53,316. \2\ References to ``bank'' include not only commercial banks, but also thrift institutions, credit unions, other types of depository institutions, and certain other institutions. See 31 CFR 103.11(c) (defining ``bank'' for purposes of 31 CFR Part 103). --------------------------------------------------------------------------- The final rule is a key to the creation of a single reporting form, filing point, and data base for all reports of suspicious activity made by depository institutions. (The background of the new system is explained in greater detail in the Notice, see 60 FR at 46557-46558 (September 7, 1995).) The sifiling point not only eliminates the need for multiple copies but also permits magnetic filing of reports by most institutions capable of and accustomed to making such filings with the Internal Revenue Service. Finally, the single data base will permit rapid dissemination of reports to appropriate law enforcement agencies, more thorough analysis and tracking of those reports, and, in time, the provision to the financial community of information about trends and patterns gleaned from the information reported. Each Supervisory Agency involved has issued or shortly will issue a final rule requiring reporting under its respective authority. The final rules have been conformed to one another, so that a bank will file a suspicious activity report in satisfaction of both the rules of FinCEN and the rules of the applicable Supervisory Agency or Agencies. A significant group of activities are required to be reported both under the authority of 31 U.S.C. 5318(g) and under the Supervisory Agencies' own administrative requirements, but a single filing will suffice to comply with all requirements. As indicated above, this final rule becomes effective on April 1, 1996, as do the final rules issued by the Supervisory Agencies. [[Page 4327]] III. Explanation of Revisions and Summary of Comments A. Comments on the Notice--Overview FinCEN received 30 written comments on the Notice. Of these, 14 comments were submitted by banks or bank holding companies, seven by banking trade associations, one by a credit union, three by credit union trade associations, three by non-bank financial institutions, one by an ad hoc association of non-bank financial institutions, and one by a practicing attorney on his own behalf. The commenters generally applauded the decision to reduce reporting burdens on banks and eliminate the confusion caused by duplicate filing requirements. They also supported efforts to enhance the use of the information submitted by banks about suspicious transactions and noted favorably Treasury's general efforts to work with the financial sector to fashion reasonable and cost-effective rules to prevent money laundering. Commenters expressed a variety of concerns relating to five subjects. Four of the subjects--the definition of ``transaction'' (especially the treatment of safe deposit box use), the time for filing of suspicious activity reports, the nature of the records required to be retained by institutions in connection with particular suspicious activity reports and the manner and time period for their retention, and the confidentiality rules for such reports--concerned the operational details of the rule outlined in the Notice. The specifics of the comments are outlined below; suggestions made in the comments on those subjects have been adopted in large part. The fifth subject addressed in the comments was the appropriateness of the proposed definition of suspicious transaction itself, especially the provisions of proposed 31 CFR 103.21(a)(2)(iii), which would require reporting generally of transactions that appear to have no business purpose and for which the reporting institution knew of no reasonable explanation. This provision has been retained, with revision, in the final rule. Specific comments on the provision are also discussed below. After consideration of all the comments, 31 CFR 103.21, proposed in the Notice, is adopted as revised herein. B. The Final Rule While the final rule reflects numerous modifications in response to the comments received on the Notice, the format and substance of the final rule are generally consistent with the rule proposed in the Notice. The changes adopted are intended to improve, clarify, and refine the provisions of the proposed rule that required such modifications, without fundamentally altering the basic policies described in the Notice and reflected in the proposed rule. The Notice outlined the importance of the reporting of suspicious transactions to Treasury's anti-money laundering and anti-financial crime programs. See 60 FR at 46,558-59 (September 7, 1995). Treasury is reconfirming, in issuing the final rule, its judgment that reporting of suspicious transactions in a timely fashion is a key component of the flexible and cost-efficient compliance system required to prevent the use of the nation's financial system for illegal purposes. The same judgment underlies Treasury's initiatives to sharply reduce the extent to which ordinary currency transactions are required to be reported with respect to ongoing businesses with a significant business history. Reporting of suspicious transactions is also required by the emerging international consensus defining the most effective methods for fighting international organized crime. IV. Section-by-Section Analysis A. 31 CFR 103.11--Definitions 1. 31 CFR 103.11 (qq)--FinCEN. The definition of FinCEN is adopted without change. 2. 31 CFR 103.11(ii)--Transaction. The Notice proposed to replace the definition of ``transaction in currency'' in the Bank Secrecy Act regulations with a definition of ``transaction'' that reflected the definition of transaction in 18 U.S.C. 1956 (laundering of monetary instruments). The Notice specifically requested comments on the treatment of the use of safe deposit boxes that would result from the proposed change and noted that the proposal was not intended to vary the substance of the requirement to report currency transactions under 31 CFR 103.22, other than in the case of deposits of cash in safe deposit boxes. a. Appropriateness of New Definition Generally. One group of commenters questioned the appropriateness generally of the adoption for this rule of a definition of transaction based on the definition in the money laundering statute. Those commenters noted that ``Congress drafted this statutory definition broadly in order to criminalize every conceivable type of criminally-derived property [sic] but not with the expectation that it would be used as the basis for imposing a positive reporting obligation on financial institutions.'' They asserted that ``[s]uch a definition simply would not be workable for financial institutions that must comply with regulatory requirements.'' Treasury believes there is a necessary relationship between the anti-money laundering statute and the Bank Secrecy Act. The extent to which banks should be required to track or monitor certain sorts of transactions will also be addressed in the know-your-customer rules expected to be proposed later this year. Moreover, the ``transaction'' definition in the federal money laundering statute is already necessarily embraced in the existing criminal referral rules. b. Treatment of Safe Deposit Boxes. The Notice had specifically requested comment on the decision to include use of a safe deposit box in the definition of transaction. The Notice explained that the definition was included to reflect the fact that in appropriate cases use of a safe deposit box may constitute a transaction under 18 U.S.C. 1956, following that statute's amendment to reverse the decision in United States v. Bell, 936 F.2d 337 (7th Cir. 1991). Commenters strongly felt that a blanket inclusion of safe deposit box transactions within the ambit of the rule was inadvisable, potentially contrary to state law, and in any event contrary to a long established banking practice that a customer's use of a safe deposit box was a private transaction in which bank employees studiously sought not to interfere. After consideration of the comments, FinCEN has excluded use of a safe deposit box from the transaction definition. Based on present experience, the risk of the use of a safe deposit box by itself as part of a money laundering or similar offense is sufficiently rare that a rule mandating blanket changes in long- established banking practices is uncalled for. At the same time, a transaction that involved both the use of a safe deposit box and a use of other banking facilities would be included in the transaction definition to the extent it involved such other facilities. (Of course, use of a safe deposit box by a customer that came to a bank's attention, for example, when a box was entered by a bank pursuant to accepted procedures, would be a candidate for the voluntary reporting contemplated by the second sentence of section 103.21(a).) c. Definition of Transaction in Currency. Several commenters requested that the definition of ``transaction in currency'' be retained in 31 CFR 103.11, in order to avoid confusion in the administration of the currency transaction reporting requirement. That definition has been [[Page 4328]] retained, solely for purposes of the reporting rule in 31 CFR 103.22. d. Investment Securities. One commenter pointed out that the proposed definition failed to take account of the fact that the Bank Secrecy Act definition of monetary instrument, unlike the 18 U.S.C. 1956 definition, includes only bearer instruments. The final rule adds the term ``investment security'' to the definition of transaction, as a cross reference to the definition of investment security in 31 CFR 103.11(t). B. 31 CFR 103.21--Reports of Suspicious Transactions 1. 31 CFR 103.21(a). Subsection (a) contains the general statement of the obligation to file a suspicious activity report, and a general definition of the term ``suspicious transaction.'' The obligation extends only to transactions conducted or attempted by, at, or through a bank; transactions are reportable under this rule and 31 U.S.C. 5318(g) whether or not they involve currency. Paragraph (a)(1) states, in its first sentence, that section 103.21 implements the regulatory authority granted to the Secretary of the Treasury by 31 U.S.C. 5318(g). Language has been added to the sentence to make it clear that the reporting of transactions ``relevant to a possible violation of law or regulation'' is required only to the extent specified in the rule. A second sentence has been added to encourage the reporting of transactions as so relevant, even in cases in which the rule does not explicitly so require, for example in the case of use of a safe deposit box or with respect to a transaction below the $5,000 threshold added to the rule, as discussed below. As also discussed below, such a voluntary report (that is, the report of a suspicious transaction relevant to a possible violation of law or regulation, in circumstances not required by the rule) is fully covered by the rules relating to non-disclosure and protection against liability specified in 31 U.S.C. 5318 (g)(2) and (g)(3) and in 31 CFR 103.21(e) (added by the final rule). The proposed rule designated three classes of transactions as requiring reporting. The first class, described in subparagraph (a)(2)(i), includes transactions either involving funds derived from illegal activity or intended or conducted in order to hide or disguise funds or assets derived from illegal activity. The second class, described in subparagraph (a)(2)(ii), involves transactions designed to evade the requirements of the Bank Secrecy Act. The third class, described in subparagraph (a)(2)(iii), involves transactions that appear to have no business purpose or that vary so substantially from normal commercial activities or activities appropriate for the particular customer or class of customer as to have no reasonable explanation. Commenters raised a number of questions about the terms of the proposed definition in paragraph (a)(2). First, they sought to limit the terms in which knowledge would be ascribed to a bank by questioning a standard that called for reporting when a bank ``knows, suspects, or has reason to suspect'' that a transaction requires reporting. The use of the term is intended to introduce a concept of due diligence into the reporting procedures. As part of the general conforming of the rules of FinCEN and the Supervisory Agencies, the same standards have been adopted by each agency. Second, the Notice asked for the industry's position as to whether monetary thresholds should be created for reporting Bank Secrecy Act and money laundering violations. Many commenters sought the addition of a threshold for reporting transactions, while several other commenters argued against thresholds. FinCEN has determined to add a $5,000 threshold to the reporting rule, so that reports are now required only for a transaction (or, as explained below, a series of transactions) that involve at least that amount in funds or assets and that otherwise satisfy the terms of the rule. Adoption of this threshold is intended to reduce the burden of reporting and to conform the treatment of money laundering and related transactions to that of other situations in which reporting is required by the Supervisory Agencies. As a concomitant to the creation of a threshold, language has been added to make it clear that related transactions ``aggregating'' $5,000 or more may be reportable. Several commenters also objected to the requiring of reports of ``attempted'' transactions, on the ground that an attempted transaction may neither be sufficiently obvious to draw a bank's attention nor to generate the sorts of records necessary to complete the report. FinCEN recognizes that these situations may arise and that the standards applied to reporting of attempts must necessarily be somewhat more flexible than those requiring reporting of completed transactions. However, the reporting of ``attempts'' has been required in the criminal referral reports that have evolved into the suspicious activity report, and the requirement to report attempts has been retained in the final rule. The proposed rule required reporting of transactions conducted or attempted ``by, at, or through, or otherwise involving'' a bank. Several commenters objected to the inclusion in the rule of the words ``otherwise involving'' because their meaning was unclear and provided insufficient guidance for bank officials. The phrase has been deleted. 2. Subparagraph (a)(2)(i). Several commenters questioned whether the requirement to report transactions involving funds derived from illegal activity that are conducted in order to hide or disguise funds or assets derived from illegal activity extended to all illegal activity or only to activity that was illegal under federal law. Language has been added to specify plainly that only activity that is in violation of federal law or regulation is covered by the requirement. Such a limitation does not, of course, make violation of state law irrelevant, especially in the many cases under 18 U.S.C. 1956, 1957 or 1960 in which violations of state law can serve as a predicate for a federal offense. 3. Subparagraph (a)(2)(ii). No comments were directed specifically toward subparagraph (a)(2)(ii), and that subparagraph is unchanged, except for a revised reference to the Bank Secrecy Act. 4. Subparagraph (a)(2)(iii). As proposed in the Notice, subparagraph (a)(2)(iii) required reporting of a transaction if: the transaction appears to have no business purpose, the transaction varies from the normal methods of financial commerce, or the transaction is not the sort in which the particular customer or class of customer would normally be expected to engage, and, in each case, the bank knows of no reasonable explanation for the transaction. Although a number of commenters opposed the reporting of transactions that could not definitively be linked to wrongdoing, FinCEN believes that a suspicious transaction reporting rule appropriately can and indeed must include a requirement for the reporting of transactions that vary so substantially from normal practice that they legitimately can and should raise suspicions of possible illegality. Unlike many criminal acts, money laundering involves the taking of apparently lawful steps--opening bank accounts, wiring funds, or investing or reinvesting assets--for an unlawful purpose. A skillful money launderer will often split the movement of funds between several institutions so that no one institution can have a complete picture of the transactions or funds movement [[Page 4329]] involved. Although a number of commenters objected to the standard, others viewed the standard as a workable compromise between the competing needs of enforcement and the financial system and, in one case, as consistent with the advice and training already given to line staff at the commenter's money center bank. In addition, as indicated in the Notice, subparagraph (a)(2)(iii) recognizes the emerging international consensus that efforts to deter, substantially reduce, and eventually eradicate money laundering are greatly assisted by the reporting of suspicious transactions by banks. The require-ments of this section comply with the recommendations adopted by multilateral organizations in which the United States is an active participant, including the Financial Action Task Force of G-7 nations and the Organization of American States, and are consistent with the European Community's directive on preventing money laundering through financial institutions. Although the basic standard has been retained, a number of changes have been made in response to specific comments on the Notice. First, the structure of the paragraph (a)(2) now makes it clear that all three subparagraphs in the suspicious transaction definition are qualified by the standard that the bank must ``know, suspect, or have reason to suspect'' that the reportable events have occurred. Second, the description of transactions that ``vary from the normal methods of financial commerce'' has been deleted because the phrase provided insufficient guidance to reporting institutions and was comprehended to the extent relevant by the ``no business purpose'' language of the preceding clause. Third, the specification of transactions in which the ``class of customer'' involved would not be expected to engage has been deleted, in response to concerns that the language unintentionally created a need for comparisons among groups of customers based on their personal characteristics. Fourth, the language has been altered to require reporting of transactions that appear to have no business ``or apparent lawful purpose''; the exception for transactions for which the bank knows of a reasonable explanation has been clarified to specify that knowledge of such an explanation requires an examination by the bank of the available facts, including factors such as the background and possible purpose of the transaction. It remains true, as indicated in the Notice, that determinations as to whether a report is required must be based on all the facts and circumstances relating to the transaction and bank customer in question. Different fact patterns will require different types of judgments. In some cases, the facts of the transaction may clearly indicate the need to report. For example, continued payments or withdrawals of currency in amounts each beneath the currency transaction reporting threshold applicable under 31 CFR 103.22, or multiple exchanges of small denominations of currency into large denominations of currency, can indicate that a customer is involved in suspicious activity. Similarly, the fact that a customer refuses to provide information necessary for the bank to make reports or keep records required by this Part or other regulations, provides information that a bank determines to be false, or seeks to change or cancel the transaction after such person is informed of reporting requirements relevant to the transaction or of the bank's intent to file reports with respect to the transaction, would all indicate that a Suspicious Activity Report (``SAR'') should be filed. In other situations a more involved judgment may need to be made whether a transaction is suspicious within the meaning of the rule. Transactions that raise the need for such judgments may include, for example, (i) funds transfers, payments or withdrawals that are not commensurate with the stated business or other activity of the person conducting the transaction or on whose behalf the transaction is conducted; (ii) transmission or receipt of funds transfers without normal identifying information or in a manner that indicates an attempt to disguise or hide the country of origin or destination or the identity of the customer sending the funds or of the beneficiary to whom the funds are sent; or (iii) repeated use of an account as a temporary resting place for funds from multiple sources without a clear business purpose therefor. The judgments involved will also extend to whether the facts and circumstances and the institution's knowledge of its customer provide a reasonable explanation for the transaction that removes it from the suspicious category. 5. 31 CFR 103.21(b). Subsection (b) sets forth the filing procedures to be followed by banks making reports of suspicious transactions. Reports are to be made within 30 calendar days of the initial detection of the suspicious transaction, by completing a SAR and filing it in a central location, to be determined by FinCEN. An additional 30 days is permitted in order to enable a bank to identify a suspect, but in no event may a SAR be filed after 60 days after the initial detection of the reportable transaction. The general timing rule has been changed so that the period for filing runs not from the date of the transaction being reported, but from the date of the ``initial detection'' of facts that may constitute a basis for the filing of a SAR; in many cases the two dates will be the same, but in others, where the transaction is detected by the bank's compliance screening systems, the dates may differ. If the bank's own internal investigation is still ongoing when filing is required the form filed may so indicate, but the form must nonetheless be filed within the periods specified in the rule. FinCEN recognizes that it is always difficult to apply general timing rules to every possible situation in which reporting may be required or reportable activity detected, and it believes that the change made in the rule adequately balances the need to recognize the crucial importance of bank screening systems and to provide clear deadlines for reporting. FinCEN is prepared to consider further changes in the timing rules if experience dictates a need therefor, but it also believes that timely reporting is essential. Several commenters requested that a change be made in the requirement in the Notice that banks provide immediate telephone notice of ongoing violations to ``the'' appropriate law enforcement agency (in addition to filing the form as required). As requested, the language has been revised to require notice to ``an'' appropriate law enforcement agency. The new filing procedures represent a significant improvement over the procedures currently followed by banks filing criminal referral forms. There is no longer any requirement to file multiple copies of forms with multiple agencies, and no requirement to file supporting documentation with the SAR itself. 6. 31 CFR 103.21(c). Subsection (c) continues in effect the longstanding exception from the obligation to file in the case of a robbery or burglary that is otherwise reported to appropriate law enforcement authorities. In response to a comment, the second longstanding exception contained in the rules of the Supervisory Agencies for reports of stolen securities has also been repeated in this rule. Treasury and the Supervisory Agencies recognize that bank robbery and burglary require the immediate attention of the appropriate police authorities, and are not the types of crimes about which this regulation is directly concerned. 7. 31 CFR 103.21(d). Subsection (d) states the obligation of filing banks to maintain copies of SARs and their [[Page 4330]] supporting documentation following the date of filing. This provision is intended to relieve banks of the need physically to transmit supporting documentation previously required to be filed with criminal referral reports without altering the utility or availability of the supporting documentation to the Supervisory Agencies or law enforcement agencies as needed. The supporting documentation is a part of the SAR and is held by the bank (in effect as agent for the Supervisory Agencies and FinCEN), to avoid requiring often significant masses of paper immediately to be transmitted to investigators or examiners. Thus, identi-fication of supporting documentation must be made at the time the SAR is filed, and such supporting documentation is deemed filed with a SAR in accordance with this paragraph of the final rule; as such, FinCEN, the Supervisory Agencies, and law enforcement authorities need not make their access requests through subpoena or other legal processes. Several significant changes requested by commenters in the record retention requirements have been made. First, the time for which retention is required has been reduced from 10 years to five years (the general period for record retention required under the Bank Secrecy Act); a provision authorizing FinCEN to permit earlier destruction has been deleted as unnecessary in light of the reduction of the retention period to five years generally. Second, the wording has been changed to permit record retention in either paper form or in accordance with the bank's general recordkeeping procedures, even if those procedures call for record maintenance in electronic rather than paper form. FinCEN recognizes that a bank will not always have custody of the originals of documents and that some documents will not exist at the bank in paper form. In those cases, preservation of the best available evidentiary documents (for example, computer disks or photocopies) should be acceptable. This has been reflected in the final rule by changing the reference to original documents to ``original document or business record equivalents.'' The Notice referred both to documents ``supporting'' and documents ``related'' to the SAR. Many commenters found this dual reference confusing. FinCEN believes that the use of the word ``supporting'' is more precise and limits the scope of the information which must be retained to that which would be useful in explaining the terms of and parties to any suspicious transaction reported on a SAR. It is anticipated that banks will use their judgment in determining the information to be retained in light of the purposes of the reporting requirement. It is impossible to catalogue the precise types of information covered by this requirement, as the nature of the documentation that will ``support'' the determination embodied in a SAR necessarily depends upon the facts of a particular case. 8. 31 CFR 103.21(e). Subsection (e) incorporates the terms of 31 U.S.C. 5318 (g)(2) and (g)(3). This subsection thus specifically prohibits those filing SARs from making any disclosure, except to authorized law enforcement and regulatory agencies, about either the reports themselves, the information contained therein, or the supporting documentation (in the latter case if the supporting documentation indicates in any way that it is related to a SAR). This subsection thus also restates the broad protection from liability for making reports of suspicious transactions, and for failures to disclose the fact of such reporting, contained in the statute. As pointed out in the Notice, the regulatory provisions do not extend the scope of either the statutory prohibition or the statutory protection; however, because Treasury recognizes the importance of these statutory provisions to the overall effort to encourage meaningful reports of suspicious transactions, they are described in the regulation in order to remind compliance officers and others of their existence. The terms of subsection (e) have been revised to clarify that the protection of the statute, as well as the statutory prohibition against disclosures of filing, extends to voluntary reports of suspicious activity as well as those reports required by the final rule. A number of commenters sought guidance about whether the statutory prohibitions against disclosure extended to subpoenas from third parties in civil litigation. FinCEN believes that the nondisclosure provisions of the statute extend to requests via subpoenas seeking SARs; as noted, the nondisclosure rule does not apply to supporting documentation, so long as no material in the supporting documentation produced in response to a subpoena or other process indicates its relationship to a SAR. The final rule adds a requirement that requests for a SAR or the information contained therein should be reported to FinCEN. (Under the rules of the Supervisory Agencies, reporting of such requests to those Agencies is also required.) 9. 31 CFR 103.21(f). Subsection (f) notes that compliance with the obligation to report suspicious transactions will be audited, and provides that failure to comply with the rule may constitute a violation of the Bank Secrecy Act and the Bank Secrecy Act regulations. The substitution of the word ``may'' for the word ``shall'' is intended to indicate that the decision whether a failure to report a transaction in fact constitutes a Bank Secrecy Act violation will necessarily depend upon the facts of each situation. FinCEN anticipates that in general the area for inquiry in the case of failure to report will center upon both the facts of the particular failure and what the failure indicates about the bank's compliance systems and attention to the Bank Secrecy Act rules generally. The Notice also stated that compliance with the obligation to report suspicious transactions would have no direct bearing on a bank's potential exposure under the criminal provisions of Title 18 of the U.S. Code. One commenter argued that any such statement was a bar to cooperation and urged the Department of the Treasury and the Justice Department to create safe harbors from criminal liability in cases in which SARs are filed. The sentence questioned by the commenter was intended simply as a reminder that the language of the ``safe harbor'' provisions of 31 U.S.C. 5318(g) does not by its terms protect against criminal prosecutions. The sentence has been deleted in response to the comment, but its deletion in no way alters the scope of the statute. Finally, a mistaken reference to Title 15 of the Code of Federal Regulations has been deleted. C. Other Comments 1. Closing Accounts. FinCEN invited comment concerning the guidance that is appropriate in connection with a bank's decision, after filing a report concerning a particular customer, whether to terminate its relationship with that customer. Treasury continues to believe that unless instructed by an authorized official in writing, this is a decision which must be made by the financial institution. 2. Non-Bank Financial Institutions. Several comments were filed on behalf of non-bank financial institutions concerned that the rules embodied in the Notice would be extended to such institutions. Those comments were considered to the extent relevant to the Notice and will be held for consideration when rules are proposed governing such institutions. V. Regulatory Flexibility Act. FinCEN certifies that this regulation will not have a significant financial [[Page 4331]] impact on a substantial number of small depository institutions. VI. Paperwork Reduction Act The collection of information contained in this rule has been reviewed by the Office of Management and Budget (OMB) in accordance with the Paperwork Reduction Act of 1995, 44 U.S.C. 3507(d). The collection of information requirements in this rule are found in 31 CFR 103.21, as issued in final form herein. This information is mandatory and is necessary to inform appropriate law enforcement and bank supervisory agencies of suspicious transactions involving or that take place at or through depository institutions. Information collected hereunder is confidential, see 31 U.S.C. 5318(g), and may be used by FinCEN, the federal financial institution regulatory agencies, federal law enforcement agencies and, where appropriate, state law enforcement and bank supervisory agencies. The respondent recordkeepers are for- profit financial institutions, including small businesses. FinCEN may not conduct or sponsor, and an organization is not required to respond to, this information collection unless it displays a currently valid OMB control number. The OMB control number is 1506- 0001. No comments specifically addressing the hour burden for filing the SAR were received. FinCEN estimates that there will be 15,000 responses from banks subject to the Bank Secrecy Act. The revisions made to the final rule from the proposed rule published in the Notice simplify the submission of the reporting form and shorten the records retention period. However, the same amount of information will be collected under the final rule as under the proposed rule published in the Notice. The burden per respondent varies depending on the nature of the suspicious transaction being reported. FinCEN estimates that the average annual burden for reporting and recordkeeping per response will be 1 hour. Thus, FinCEN estimates the total annual hour burden to be 15,000 hours. However, this burden will not result in additional cost to the public because the same information is required to be filed by one or more of the Supervisory Agencies, and a single filing will satisfy all filing requirements. Comments regarding the burden estimate, or any aspect of this collection of information, including suggestions for reducing the burden, should be sent to Office of Regulatory Policy and Enforcement, FinCEN, and to the Office of Management and Budget, Paperwork Reduction Project (7100-0212), Washington, D.C. 20503. VII. Executive Order 12866 The Department of the Treasury has determined that this rule is not a significant regulatory action under Executive Order 12866. VIII. Unfunded Mandates Act of 1995 Statement Section 202 of the Unfunded Mandates Reform Act of 1995, Pub. L. 104-4 (Unfunded Mandates Act), March 22, 1995, requires that an agency prepare a budgetary impact statement before promulgating a rule that includes a federal mandate that may result in expenditure by state, local and tribal governments, in the aggregate, or by the private sector, of $100 million or more in any one year. If a budgetary impact statement is required, section 202 of the Unfunded Mandates Act also requires an agency to identify and consider a reasonable number of regulatory alternatives before promulgating a rule. FinCEN has determined that it is not required to prepare a written statement under section 202 and has concluded that on balance this rule provides the most cost-effective and least burdensome alternative to achieve the objectives of the rule. List of Subjects in 31 CFR Part 103 Administrative practice and procedure, Authority delegations (Government agencies), Banks, banking, Currency, Investigations, Law enforcement, Reporting and recordkeeping requirements. Amendment For the reasons set forth above in the preamble, 31 CFR Part 103 is amended as set forth below: PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS 1. The authority citation for Part 103 is revised to read as follows: Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5330. 2. Section 103.11 as amended at 60 FR 228 and 44144 effective April 1, 1996, is further amended by revising paragraph (ii) and adding paragraph (qq) to read as follows: Sec. 103.11 Meaning of terms. * * * * * (ii) Transaction. (1) Except as provided in paragraph (ii)(2) of this section, transaction means a purchase, sale, loan, pledge, gift, transfer, delivery or other disposition, and with respect to a financial institution includes a deposit, withdrawal, transfer between accounts, exchange of currency, loan, extension of credit, purchase or sale of any stock, bond, certificate of deposit, or other investment security or monetary instrument, or any other payment, transfer, or delivery by, through, or to a financial institution, by whatever means effected. (2) For purposes of Sec. 103.22, and other provisions of this part relating solely to the report required by that section, the term ``transaction in currency'' shall mean a transaction involving the physical transfer of currency from one person to another. A transaction which is a transfer of funds by means of bank check, bank draft, wire transfer, or other written order, and which does not include the physical transfer of currency, is not a transaction in currency for this purpose. * * * * * (qq) FinCEN. FinCEN means the Financial Crimes Enforcement Network, an office within the Office of the Under Secretary (Enforcement) of the Department of the Treasury. Sec. 103.21 [Redesignated as Sec. 103.20] 3. Section 103.21 is redesignated as Sec. 103.20. 4. New Sec. 103.21 is added to read as follows: Sec. 103.21 Reports by banks of suspicious transactions. (a) General. (1) Every bank shall file with the Treasury Department, to the extent and in the manner required by this section, a report of any suspicious transaction relevant to a possible violation of law or regulation. A bank may also file with the Treasury Department by using the Suspicious Activity Report specified in paragraph (b)(1) of this section or otherwise, a report of any suspicious transaction that it believes is relevant to the possible violation of any law or regulation but whose reporting is not required by this section. (2) A transaction requires reporting under the terms of this section if it is conducted or attempted by, at, or through the bank, it involves or aggregates at least $5,000 in funds or other assets, and the bank knows, suspects, or has reason to suspect that: (i) The transaction involves funds derived from illegal activities or is intended or conducted in order to hide or disguise funds or assets derived from illegal activities (including, without limitation, the ownership, nature, source, location, or control of such [[Page 4332]] funds or assets) as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under federal law or regulation; (ii) The transaction is designed to evade any requirements of this part or of any other regulations promulgated under the Bank Secrecy Act, Pub. L. 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5330; or (iii) The transaction has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction. (b) Filing procedures--(1) What to file. A suspicious transaction shall be reported by completing a Suspicious Activity Report (``SAR''), and collecting and maintaining supporting documentation as required by paragraph (d) of this section. (2) Where to file. The SAR shall be filed with FinCEN in a central location, to be determined by FinCEN, as indicated in the instructions to the SAR. (3) When to file. A bank is required to file a SAR no later than 30 calendar days after the date of initial detection by the bank of facts that may constitute a basis for filing a SAR. If no suspect was identified on the date of the detection of the incident requiring the filing, a bank may delay filing a SAR for an additional 30 calendar days to identify a suspect. In no case shall reporting be delayed more than 60 calendar days after the date of initial detection of a reportable transaction. In situations involving violations that require immediate attention, such as, for example, ongoing money laundering schemes, the bank shall immediately notify, by telephone, an appropriate law enforcement authority in addition to filing timely a SAR. (c) Exceptions. A bank is not required to file a SAR for a robbery or burglary committed or attempted that is reported to appropriate law enforcement authorities, or for lost, missing, counterfeit, or stolen securities with respect to which the bank files a report pursuant to the reporting requirements of 17 CFR 240.17f-1. (d) Retention of records. A bank shall maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years from the date of filing the SAR. Supporting documentation shall be identified, and maintained by the bank as such, and shall be deemed to have been filed with the SAR. A bank shall make all supporting documentation available to FinCEN and any appropriate law enforcement agencies or bank supervisory agencies upon request. (e) Confidentiality of reports; limitation of liability. No bank or other financial institution, and no director, officer, employee, or agent of any bank or other financial institution, who reports a suspicious transaction under this part, may notify any person involved in the transaction that the transaction has been reported. Thus, any person subpoenaed or otherwise requested to disclose a SAR or the information contained in a SAR, except where such disclosure is requested by FinCEN or an appropriate law enforcement or bank supervisory agency, shall decline to produce the SAR or to provide any information that would disclose that a SAR has been prepared or filed, citing this paragraph (e) and 31 U.S.C. 5318(g)(2), and shall notify FinCEN of any such request and its response thereto. A bank, and any director, officer, employee, or agent of such bank, that makes a report pursuant to this section (whether such report is required by this section or is made voluntarily) shall be protected from liability for any disclosure contained in, or for failure to disclosure the fact of such report, or both, to the full extent provided by 31 U.S.C. 5318(g)(3). (f) Compliance. Compliance with this section shall be audited by the Department of the Treasury, through FinCEN or its delegees under the terms of the Bank Secrecy Act. Failure to satisfy the requirements of this section shall be a violation of the reporting rules of the Bank Secrecy Act and of this part. Such failure may also violate provisions of Title 12 of the Code of Federal Regulations. Dated: January 30, 1996. Stanley E. Morris, Director, Financial Crimes Enforcement Network. [FR Doc. 96-2272 Filed 2-2-96; 8:45 am] BILLING CODE 4820-03-P