[Federal Register Volume 61, Number 24 (Monday, February 5, 1996)]
[Rules and Regulations]
[Pages 4326-4332]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 96-2272]



      

[[Page 4325]]

_______________________________________________________________________

Part IV

Department of the Treasury



31 CFR Part 103



Department of the Treasury



Office of the Comptroller of the Currency



12 CFR Part 21



Federal Reserve System



12 CFR Part 208, et al.



_______________________________________________________________________



Suspicious Transactions Reporting Requirements; Final Rules

  Federal Register / Vol. 61, No. 24 / Monday, February 5, 1996 / Rules 
and Regulations   

[[Page 4326]]


DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA13


Amendment to the Bank Secrecy Act Regulations; Requirement To 
Report Suspicious Transactions

AGENCY: Financial Crimes Enforcement Network, Treasury.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: This document contains a final rule requiring banks and other 
depository institutions to report to the Department of the Treasury 
under the Bank Secrecy Act any suspicious transactions relevant to 
possible violations of federal law or regulation. The rule is adopted 
by the Financial Crimes Enforcement Network (``FinCEN'') to implement 
the authority granted to the Secretary of the Treasury by the Bank 
Secrecy Act. The rule is a key to the creation of a new method for the 
reporting by depository institutions, on a uniform ``Suspicious 
Activity Report,'' of suspicious transactions and known or suspected 
criminal violations; related rules have been or will be adopted by the 
five federal financial supervisory agencies that examine and regulate 
the safety and soundness of depository institutions.

EFFECTIVE DATE: April 1, 1996.

FOR FURTHER INFORMATION CONTACT: Pamela Johnson, Assistant Director, 
Office of Financial Institutions Policy, FinCEN (703) 905-3920; Charles 
Klingman, Office of Financial Institutions Policy, FinCEN (703) 905-
3920; Stephen R. Kroll, Legal Counsel, FinCEN (703) 905-3590; or Joseph 
M. Myers, Attorney-Advisor, Office of Legal Counsel, FinCEN, at (703) 
905-3590.

SUPPLEMENTARY INFORMATION:

I. Statutory Provisions

    The Bank Secrecy Act, Pub. L. 91-508, as amended, codified at 12 
U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5330, authorizes 
the Secretary of the Treasury, inter alia, to issue regulations 
requiring financial institutions to keep records and file reports that 
are determined to have a high degree of usefulness in criminal, tax, 
and regulatory matters, and to implement counter-money laundering 
programs and compliance procedures. Regulations implementing Title II 
of the Bank Secrecy Act (codified at 31 U.S.C. 5311-5330), appear at 31 
CFR Part 103. The authority of the Secretary to administer the Bank 
Secrecy Act has been delegated to the Director of FinCEN.
    The provisions of 31 U.S.C. 5318(g) deal with the reporting of 
suspicious transactions by financial institutions subject to the Bank 
Secrecy Act and the protection from liability to customers of persons 
who make such reports.\1\ Subsection (g)(1) states generally:

    \1\ The authority to require reporting of suspicious 
transactions was added to the Bank Secrecy Act by section 1517 of 
the Annunzio-Wylie Anti-Money Laundering Act (``Annunzio-Wylie''), 
Title XV of the Housing and Community Development Act of 1992, Pub. 
L. 102-550; it was expanded by section 403 of the Money Laundering 
Suppression Act of 1994 (the ``Money Laundering Suppression Act''), 
Title IV of the Riegle Community Development and Regulatory 
Improvement Act of 1994, Pub. L. 103-325, to require designation of 
a single government recipient for reports of suspicious 
transactions.
---------------------------------------------------------------------------

    The Secretary may require any financial institution, and any 
director, officer, employee, or agent of any financial institution, 
to report any suspicious transaction relevant to a possible 
violation of law or regulation.

    Subsection (g)(2) provides further:

    A financial institution, and a director, officer, employee, or 
agent of any financial institution, who voluntarily reports a 
suspicious transaction, or that reports a suspicious transaction 
pursuant to this section or any other authority, may not notify any 
person involved in the transaction that the transaction has been 
reported.

    Subsection (g)(3) provides that neither a financial institution, 
nor any director, officer, employee, or agent

that makes a disclosure of any possible violation of law or 
regulation or a disclosure pursuant to this subsection or any other 
authority . . . shall . . . be liable to any person under any law or 
regulation of the United States or any constitution, law, or 
regulation of any State or political subdivision thereof, for such 
disclosure or for any failure to notify the person involved in the 
transaction or any other person of such disclosure.

    Finally, subsection (g)(4) requires the Secretary of the Treasury, 
``to the extent practicable and appropriate,'' to designate ``a single 
officer or agency of the United States to whom such reports shall be 
made.'' This designation is not to preclude the authority of 
supervisory agencies to require financial institutions to submit other 
reports to the same agency ``under any other applicable provision of 
law.'' 31 U.S.C. 5318(g)(4)(C). The designated agency is in turn 
responsible for referring any report of a suspicious transaction to 
``any appropriate law enforcement or supervisory agency.'' Id., at 
subsection (g)(4)(B).

II. Notice of Proposed Rulemaking

    On September 7, 1995, a notice of proposed rulemaking (the 
``Notice''), under the authority contained in 31 U.S.C. 5318(g), 
relating to the reporting of suspicious transactions by banks and other 
depository institutions,\2\ was published in the Federal Register (60 
FR 46,556). Like this final rule, the Notice was published in 
coordination with the Board of Governors of the Federal Reserve System, 
the Office of the Comptroller of the Currency, the Federal Deposit 
Insurance Corporation, the Office of Thrift Supervision, and the 
National Credit Union Administration (collectively, the ``Supervisory 
Agencies''). An announcement that the time to comment on the Notice had 
been extended until November 13, 1995, was published in the Federal 
Register on October 13, 1995, 60 FR 53,316.

    \2\ References to ``bank'' include not only commercial banks, 
but also thrift institutions, credit unions, other types of 
depository institutions, and certain other institutions. See 31 CFR 
103.11(c) (defining ``bank'' for purposes of 31 CFR Part 103).
---------------------------------------------------------------------------

    The final rule is a key to the creation of a single reporting form, 
filing point, and data base for all reports of suspicious activity made 
by depository institutions. (The background of the new system is 
explained in greater detail in the Notice, see 60 FR at 46557-46558 
(September 7, 1995).) The sifiling point not only eliminates the need 
for multiple copies but also permits magnetic filing of reports by most 
institutions capable of and accustomed to making such filings with the 
Internal Revenue Service. Finally, the single data base will permit 
rapid dissemination of reports to appropriate law enforcement agencies, 
more thorough analysis and tracking of those reports, and, in time, the 
provision to the financial community of information about trends and 
patterns gleaned from the information reported.
    Each Supervisory Agency involved has issued or shortly will issue a 
final rule requiring reporting under its respective authority. The 
final rules have been conformed to one another, so that a bank will 
file a suspicious activity report in satisfaction of both the rules of 
FinCEN and the rules of the applicable Supervisory Agency or Agencies. 
A significant group of activities are required to be reported both 
under the authority of 31 U.S.C. 5318(g) and under the Supervisory 
Agencies' own administrative requirements, but a single filing will 
suffice to comply with all requirements.
    As indicated above, this final rule becomes effective on April 1, 
1996, as do the final rules issued by the Supervisory Agencies. 

[[Page 4327]]


III. Explanation of Revisions and Summary of Comments

A. Comments on the Notice--Overview

    FinCEN received 30 written comments on the Notice. Of these, 14 
comments were submitted by banks or bank holding companies, seven by 
banking trade associations, one by a credit union, three by credit 
union trade associations, three by non-bank financial institutions, one 
by an ad hoc association of non-bank financial institutions, and one by 
a practicing attorney on his own behalf.
    The commenters generally applauded the decision to reduce reporting 
burdens on banks and eliminate the confusion caused by duplicate filing 
requirements. They also supported efforts to enhance the use of the 
information submitted by banks about suspicious transactions and noted 
favorably Treasury's general efforts to work with the financial sector 
to fashion reasonable and cost-effective rules to prevent money 
laundering.
    Commenters expressed a variety of concerns relating to five 
subjects. Four of the subjects--the definition of ``transaction'' 
(especially the treatment of safe deposit box use), the time for filing 
of suspicious activity reports, the nature of the records required to 
be retained by institutions in connection with particular suspicious 
activity reports and the manner and time period for their retention, 
and the confidentiality rules for such reports--concerned the 
operational details of the rule outlined in the Notice. The specifics 
of the comments are outlined below; suggestions made in the comments on 
those subjects have been adopted in large part.
    The fifth subject addressed in the comments was the appropriateness 
of the proposed definition of suspicious transaction itself, especially 
the provisions of proposed 31 CFR 103.21(a)(2)(iii), which would 
require reporting generally of transactions that appear to have no 
business purpose and for which the reporting institution knew of no 
reasonable explanation. This provision has been retained, with 
revision, in the final rule. Specific comments on the provision are 
also discussed below.
    After consideration of all the comments, 31 CFR 103.21, proposed in 
the Notice, is adopted as revised herein.

B. The Final Rule

    While the final rule reflects numerous modifications in response to 
the comments received on the Notice, the format and substance of the 
final rule are generally consistent with the rule proposed in the 
Notice. The changes adopted are intended to improve, clarify, and 
refine the provisions of the proposed rule that required such 
modifications, without fundamentally altering the basic policies 
described in the Notice and reflected in the proposed rule.
    The Notice outlined the importance of the reporting of suspicious 
transactions to Treasury's anti-money laundering and anti-financial 
crime programs. See 60 FR at 46,558-59 (September 7, 1995). Treasury is 
reconfirming, in issuing the final rule, its judgment that reporting of 
suspicious transactions in a timely fashion is a key component of the 
flexible and cost-efficient compliance system required to prevent the 
use of the nation's financial system for illegal purposes. The same 
judgment underlies Treasury's initiatives to sharply reduce the extent 
to which ordinary currency transactions are required to be reported 
with respect to ongoing businesses with a significant business history. 
Reporting of suspicious transactions is also required by the emerging 
international consensus defining the most effective methods for 
fighting international organized crime.

IV. Section-by-Section Analysis

A. 31 CFR 103.11--Definitions

    1. 31 CFR 103.11 (qq)--FinCEN. The definition of FinCEN is adopted 
without change.
    2. 31 CFR 103.11(ii)--Transaction. The Notice proposed to replace 
the definition of ``transaction in currency'' in the Bank Secrecy Act 
regulations with a definition of ``transaction'' that reflected the 
definition of transaction in 18 U.S.C. 1956 (laundering of monetary 
instruments). The Notice specifically requested comments on the 
treatment of the use of safe deposit boxes that would result from the 
proposed change and noted that the proposal was not intended to vary 
the substance of the requirement to report currency transactions under 
31 CFR 103.22, other than in the case of deposits of cash in safe 
deposit boxes.
    a. Appropriateness of New Definition Generally. One group of 
commenters questioned the appropriateness generally of the adoption for 
this rule of a definition of transaction based on the definition in the 
money laundering statute. Those commenters noted that ``Congress 
drafted this statutory definition broadly in order to criminalize every 
conceivable type of criminally-derived property [sic] but not with the 
expectation that it would be used as the basis for imposing a positive 
reporting obligation on financial institutions.'' They asserted that 
``[s]uch a definition simply would not be workable for financial 
institutions that must comply with regulatory requirements.''
    Treasury believes there is a necessary relationship between the 
anti-money laundering statute and the Bank Secrecy Act. The extent to 
which banks should be required to track or monitor certain sorts of 
transactions will also be addressed in the know-your-customer rules 
expected to be proposed later this year. Moreover, the ``transaction'' 
definition in the federal money laundering statute is already 
necessarily embraced in the existing criminal referral rules.
    b. Treatment of Safe Deposit Boxes. The Notice had specifically 
requested comment on the decision to include use of a safe deposit box 
in the definition of transaction. The Notice explained that the 
definition was included to reflect the fact that in appropriate cases 
use of a safe deposit box may constitute a transaction under 18 U.S.C. 
1956, following that statute's amendment to reverse the decision in 
United States v. Bell, 936 F.2d 337 (7th Cir. 1991).
    Commenters strongly felt that a blanket inclusion of safe deposit 
box transactions within the ambit of the rule was inadvisable, 
potentially contrary to state law, and in any event contrary to a long 
established banking practice that a customer's use of a safe deposit 
box was a private transaction in which bank employees studiously sought 
not to interfere. After consideration of the comments, FinCEN has 
excluded use of a safe deposit box from the transaction definition. 
Based on present experience, the risk of the use of a safe deposit box 
by itself as part of a money laundering or similar offense is 
sufficiently rare that a rule mandating blanket changes in long-
established banking practices is uncalled for. At the same time, a 
transaction that involved both the use of a safe deposit box and a use 
of other banking facilities would be included in the transaction 
definition to the extent it involved such other facilities. (Of course, 
use of a safe deposit box by a customer that came to a bank's 
attention, for example, when a box was entered by a bank pursuant to 
accepted procedures, would be a candidate for the voluntary reporting 
contemplated by the second sentence of section 103.21(a).)
    c. Definition of Transaction in Currency. Several commenters 
requested that the definition of ``transaction in currency'' be 
retained in 31 CFR 103.11, in order to avoid confusion in the 
administration of the currency transaction reporting requirement. That 
definition has been 

[[Page 4328]]
retained, solely for purposes of the reporting rule in 31 CFR 103.22.
    d. Investment Securities. One commenter pointed out that the 
proposed definition failed to take account of the fact that the Bank 
Secrecy Act definition of monetary instrument, unlike the 18 U.S.C. 
1956 definition, includes only bearer instruments. The final rule adds 
the term ``investment security'' to the definition of transaction, as a 
cross reference to the definition of investment security in 31 CFR 
103.11(t).

B. 31 CFR 103.21--Reports of Suspicious Transactions

    1. 31 CFR 103.21(a). Subsection (a) contains the general statement 
of the obligation to file a suspicious activity report, and a general 
definition of the term ``suspicious transaction.'' The obligation 
extends only to transactions conducted or attempted by, at, or through 
a bank; transactions are reportable under this rule and 31 U.S.C. 
5318(g) whether or not they involve currency.
    Paragraph (a)(1) states, in its first sentence, that section 103.21 
implements the regulatory authority granted to the Secretary of the 
Treasury by 31 U.S.C. 5318(g). Language has been added to the sentence 
to make it clear that the reporting of transactions ``relevant to a 
possible violation of law or regulation'' is required only to the 
extent specified in the rule. A second sentence has been added to 
encourage the reporting of transactions as so relevant, even in cases 
in which the rule does not explicitly so require, for example in the 
case of use of a safe deposit box or with respect to a transaction 
below the $5,000 threshold added to the rule, as discussed below. As 
also discussed below, such a voluntary report (that is, the report of a 
suspicious transaction relevant to a possible violation of law or 
regulation, in circumstances not required by the rule) is fully covered 
by the rules relating to non-disclosure and protection against 
liability specified in 31 U.S.C. 5318 (g)(2) and (g)(3) and in 31 CFR 
103.21(e) (added by the final rule).
    The proposed rule designated three classes of transactions as 
requiring reporting. The first class, described in subparagraph 
(a)(2)(i), includes transactions either involving funds derived from 
illegal activity or intended or conducted in order to hide or disguise 
funds or assets derived from illegal activity. The second class, 
described in subparagraph (a)(2)(ii), involves transactions designed to 
evade the requirements of the Bank Secrecy Act. The third class, 
described in subparagraph (a)(2)(iii), involves transactions that 
appear to have no business purpose or that vary so substantially from 
normal commercial activities or activities appropriate for the 
particular customer or class of customer as to have no reasonable 
explanation.
    Commenters raised a number of questions about the terms of the 
proposed definition in paragraph (a)(2). First, they sought to limit 
the terms in which knowledge would be ascribed to a bank by questioning 
a standard that called for reporting when a bank ``knows, suspects, or 
has reason to suspect'' that a transaction requires reporting. The use 
of the term is intended to introduce a concept of due diligence into 
the reporting procedures. As part of the general conforming of the 
rules of FinCEN and the Supervisory Agencies, the same standards have 
been adopted by each agency.
    Second, the Notice asked for the industry's position as to whether 
monetary thresholds should be created for reporting Bank Secrecy Act 
and money laundering violations. Many commenters sought the addition of 
a threshold for reporting transactions, while several other commenters 
argued against thresholds. FinCEN has determined to add a $5,000 
threshold to the reporting rule, so that reports are now required only 
for a transaction (or, as explained below, a series of transactions) 
that involve at least that amount in funds or assets and that otherwise 
satisfy the terms of the rule. Adoption of this threshold is intended 
to reduce the burden of reporting and to conform the treatment of money 
laundering and related transactions to that of other situations in 
which reporting is required by the Supervisory Agencies. As a 
concomitant to the creation of a threshold, language has been added to 
make it clear that related transactions ``aggregating'' $5,000 or more 
may be reportable.
    Several commenters also objected to the requiring of reports of 
``attempted'' transactions, on the ground that an attempted transaction 
may neither be sufficiently obvious to draw a bank's attention nor to 
generate the sorts of records necessary to complete the report. FinCEN 
recognizes that these situations may arise and that the standards 
applied to reporting of attempts must necessarily be somewhat more 
flexible than those requiring reporting of completed transactions. 
However, the reporting of ``attempts'' has been required in the 
criminal referral reports that have evolved into the suspicious 
activity report, and the requirement to report attempts has been 
retained in the final rule.
    The proposed rule required reporting of transactions conducted or 
attempted ``by, at, or through, or otherwise involving'' a bank. 
Several commenters objected to the inclusion in the rule of the words 
``otherwise involving'' because their meaning was unclear and provided 
insufficient guidance for bank officials. The phrase has been deleted.
    2. Subparagraph (a)(2)(i). Several commenters questioned whether 
the requirement to report transactions involving funds derived from 
illegal activity that are conducted in order to hide or disguise funds 
or assets derived from illegal activity extended to all illegal 
activity or only to activity that was illegal under federal law. 
Language has been added to specify plainly that only activity that is 
in violation of federal law or regulation is covered by the 
requirement. Such a limitation does not, of course, make violation of 
state law irrelevant, especially in the many cases under 18 U.S.C. 
1956, 1957 or 1960 in which violations of state law can serve as a 
predicate for a federal offense.
    3. Subparagraph (a)(2)(ii). No comments were directed specifically 
toward subparagraph (a)(2)(ii), and that subparagraph is unchanged, 
except for a revised reference to the Bank Secrecy Act.
    4. Subparagraph (a)(2)(iii). As proposed in the Notice, 
subparagraph (a)(2)(iii) required reporting of a transaction if:

the transaction appears to have no business purpose, the transaction 
varies from the normal methods of financial commerce, or the 
transaction is not the sort in which the particular customer or 
class of customer would normally be expected to engage, and, in each 
case, the bank knows of no reasonable explanation for the 
transaction.

Although a number of commenters opposed the reporting of transactions 
that could not definitively be linked to wrongdoing, FinCEN believes 
that a suspicious transaction reporting rule appropriately can and 
indeed must include a requirement for the reporting of transactions 
that vary so substantially from normal practice that they legitimately 
can and should raise suspicions of possible illegality. Unlike many 
criminal acts, money laundering involves the taking of apparently 
lawful steps--opening bank accounts, wiring funds, or investing or 
reinvesting assets--for an unlawful purpose. A skillful money launderer 
will often split the movement of funds between several institutions so 
that no one institution can have a complete picture of the transactions 
or funds movement 

[[Page 4329]]
involved. Although a number of commenters objected to the standard, 
others viewed the standard as a workable compromise between the 
competing needs of enforcement and the financial system and, in one 
case, as consistent with the advice and training already given to line 
staff at the commenter's money center bank.
    In addition, as indicated in the Notice, subparagraph (a)(2)(iii) 
recognizes the emerging international consensus that efforts to deter, 
substantially reduce, and eventually eradicate money laundering are 
greatly assisted by the reporting of suspicious transactions by banks. 
The require-ments of this section comply with the recommendations 
adopted by multilateral organizations in which the United States is an 
active participant, including the Financial Action Task Force of G-7 
nations and the Organization of American States, and are consistent 
with the European Community's directive on preventing money laundering 
through financial institutions.
    Although the basic standard has been retained, a number of changes 
have been made in response to specific comments on the Notice. First, 
the structure of the paragraph (a)(2) now makes it clear that all three 
subparagraphs in the suspicious transaction definition are qualified by 
the standard that the bank must ``know, suspect, or have reason to 
suspect'' that the reportable events have occurred. Second, the 
description of transactions that ``vary from the normal methods of 
financial commerce'' has been deleted because the phrase provided 
insufficient guidance to reporting institutions and was comprehended to 
the extent relevant by the ``no business purpose'' language of the 
preceding clause. Third, the specification of transactions in which the 
``class of customer'' involved would not be expected to engage has been 
deleted, in response to concerns that the language unintentionally 
created a need for comparisons among groups of customers based on their 
personal characteristics. Fourth, the language has been altered to 
require reporting of transactions that appear to have no business ``or 
apparent lawful purpose''; the exception for transactions for which the 
bank knows of a reasonable explanation has been clarified to specify 
that knowledge of such an explanation requires an examination by the 
bank of the available facts, including factors such as the background 
and possible purpose of the transaction.
    It remains true, as indicated in the Notice, that determinations as 
to whether a report is required must be based on all the facts and 
circumstances relating to the transaction and bank customer in 
question. Different fact patterns will require different types of 
judgments. In some cases, the facts of the transaction may clearly 
indicate the need to report. For example, continued payments or 
withdrawals of currency in amounts each beneath the currency 
transaction reporting threshold applicable under 31 CFR 103.22, or 
multiple exchanges of small denominations of currency into large 
denominations of currency, can indicate that a customer is involved in 
suspicious activity. Similarly, the fact that a customer refuses to 
provide information necessary for the bank to make reports or keep 
records required by this Part or other regulations, provides 
information that a bank determines to be false, or seeks to change or 
cancel the transaction after such person is informed of reporting 
requirements relevant to the transaction or of the bank's intent to 
file reports with respect to the transaction, would all indicate that a 
Suspicious Activity Report (``SAR'') should be filed.
    In other situations a more involved judgment may need to be made 
whether a transaction is suspicious within the meaning of the rule. 
Transactions that raise the need for such judgments may include, for 
example, (i) funds transfers, payments or withdrawals that are not 
commensurate with the stated business or other activity of the person 
conducting the transaction or on whose behalf the transaction is 
conducted; (ii) transmission or receipt of funds transfers without 
normal identifying information or in a manner that indicates an attempt 
to disguise or hide the country of origin or destination or the 
identity of the customer sending the funds or of the beneficiary to 
whom the funds are sent; or (iii) repeated use of an account as a 
temporary resting place for funds from multiple sources without a clear 
business purpose therefor. The judgments involved will also extend to 
whether the facts and circumstances and the institution's knowledge of 
its customer provide a reasonable explanation for the transaction that 
removes it from the suspicious category.
    5. 31 CFR 103.21(b). Subsection (b) sets forth the filing 
procedures to be followed by banks making reports of suspicious 
transactions. Reports are to be made within 30 calendar days of the 
initial detection of the suspicious transaction, by completing a SAR 
and filing it in a central location, to be determined by FinCEN. An 
additional 30 days is permitted in order to enable a bank to identify a 
suspect, but in no event may a SAR be filed after 60 days after the 
initial detection of the reportable transaction. The general timing 
rule has been changed so that the period for filing runs not from the 
date of the transaction being reported, but from the date of the 
``initial detection'' of facts that may constitute a basis for the 
filing of a SAR; in many cases the two dates will be the same, but in 
others, where the transaction is detected by the bank's compliance 
screening systems, the dates may differ. If the bank's own internal 
investigation is still ongoing when filing is required the form filed 
may so indicate, but the form must nonetheless be filed within the 
periods specified in the rule. FinCEN recognizes that it is always 
difficult to apply general timing rules to every possible situation in 
which reporting may be required or reportable activity detected, and it 
believes that the change made in the rule adequately balances the need 
to recognize the crucial importance of bank screening systems and to 
provide clear deadlines for reporting. FinCEN is prepared to consider 
further changes in the timing rules if experience dictates a need 
therefor, but it also believes that timely reporting is essential.
    Several commenters requested that a change be made in the 
requirement in the Notice that banks provide immediate telephone notice 
of ongoing violations to ``the'' appropriate law enforcement agency (in 
addition to filing the form as required). As requested, the language 
has been revised to require notice to ``an'' appropriate law 
enforcement agency.
    The new filing procedures represent a significant improvement over 
the procedures currently followed by banks filing criminal referral 
forms. There is no longer any requirement to file multiple copies of 
forms with multiple agencies, and no requirement to file supporting 
documentation with the SAR itself.
    6. 31 CFR 103.21(c). Subsection (c) continues in effect the 
longstanding exception from the obligation to file in the case of a 
robbery or burglary that is otherwise reported to appropriate law 
enforcement authorities. In response to a comment, the second 
longstanding exception contained in the rules of the Supervisory 
Agencies for reports of stolen securities has also been repeated in 
this rule. Treasury and the Supervisory Agencies recognize that bank 
robbery and burglary require the immediate attention of the appropriate 
police authorities, and are not the types of crimes about which this 
regulation is directly concerned.
    7. 31 CFR 103.21(d). Subsection (d) states the obligation of filing 
banks to maintain copies of SARs and their 

[[Page 4330]]
supporting documentation following the date of filing. This provision 
is intended to relieve banks of the need physically to transmit 
supporting documentation previously required to be filed with criminal 
referral reports without altering the utility or availability of the 
supporting documentation to the Supervisory Agencies or law enforcement 
agencies as needed. The supporting documentation is a part of the SAR 
and is held by the bank (in effect as agent for the Supervisory 
Agencies and FinCEN), to avoid requiring often significant masses of 
paper immediately to be transmitted to investigators or examiners. 
Thus, identi-fication of supporting documentation must be made at the 
time the SAR is filed, and such supporting documentation is deemed 
filed with a SAR in accordance with this paragraph of the final rule; 
as such, FinCEN, the Supervisory Agencies, and law enforcement 
authorities need not make their access requests through subpoena or 
other legal processes.
    Several significant changes requested by commenters in the record 
retention requirements have been made. First, the time for which 
retention is required has been reduced from 10 years to five years (the 
general period for record retention required under the Bank Secrecy 
Act); a provision authorizing FinCEN to permit earlier destruction has 
been deleted as unnecessary in light of the reduction of the retention 
period to five years generally. Second, the wording has been changed to 
permit record retention in either paper form or in accordance with the 
bank's general recordkeeping procedures, even if those procedures call 
for record maintenance in electronic rather than paper form. FinCEN 
recognizes that a bank will not always have custody of the originals of 
documents and that some documents will not exist at the bank in paper 
form. In those cases, preservation of the best available evidentiary 
documents (for example, computer disks or photocopies) should be 
acceptable. This has been reflected in the final rule by changing the 
reference to original documents to ``original document or business 
record equivalents.''
    The Notice referred both to documents ``supporting'' and documents 
``related'' to the SAR. Many commenters found this dual reference 
confusing. FinCEN believes that the use of the word ``supporting'' is 
more precise and limits the scope of the information which must be 
retained to that which would be useful in explaining the terms of and 
parties to any suspicious transaction reported on a SAR. It is 
anticipated that banks will use their judgment in determining the 
information to be retained in light of the purposes of the reporting 
requirement. It is impossible to catalogue the precise types of 
information covered by this requirement, as the nature of the 
documentation that will ``support'' the determination embodied in a SAR 
necessarily depends upon the facts of a particular case.
    8. 31 CFR 103.21(e). Subsection (e) incorporates the terms of 31 
U.S.C. 5318 (g)(2) and (g)(3). This subsection thus specifically 
prohibits those filing SARs from making any disclosure, except to 
authorized law enforcement and regulatory agencies, about either the 
reports themselves, the information contained therein, or the 
supporting documentation (in the latter case if the supporting 
documentation indicates in any way that it is related to a SAR). This 
subsection thus also restates the broad protection from liability for 
making reports of suspicious transactions, and for failures to disclose 
the fact of such reporting, contained in the statute. As pointed out in 
the Notice, the regulatory provisions do not extend the scope of either 
the statutory prohibition or the statutory protection; however, because 
Treasury recognizes the importance of these statutory provisions to the 
overall effort to encourage meaningful reports of suspicious 
transactions, they are described in the regulation in order to remind 
compliance officers and others of their existence. The terms of 
subsection (e) have been revised to clarify that the protection of the 
statute, as well as the statutory prohibition against disclosures of 
filing, extends to voluntary reports of suspicious activity as well as 
those reports required by the final rule.
    A number of commenters sought guidance about whether the statutory 
prohibitions against disclosure extended to subpoenas from third 
parties in civil litigation. FinCEN believes that the nondisclosure 
provisions of the statute extend to requests via subpoenas seeking 
SARs; as noted, the nondisclosure rule does not apply to supporting 
documentation, so long as no material in the supporting documentation 
produced in response to a subpoena or other process indicates its 
relationship to a SAR. The final rule adds a requirement that requests 
for a SAR or the information contained therein should be reported to 
FinCEN. (Under the rules of the Supervisory Agencies, reporting of such 
requests to those Agencies is also required.)
    9. 31 CFR 103.21(f). Subsection (f) notes that compliance with the 
obligation to report suspicious transactions will be audited, and 
provides that failure to comply with the rule may constitute a 
violation of the Bank Secrecy Act and the Bank Secrecy Act regulations. 
The substitution of the word ``may'' for the word ``shall'' is intended 
to indicate that the decision whether a failure to report a transaction 
in fact constitutes a Bank Secrecy Act violation will necessarily 
depend upon the facts of each situation. FinCEN anticipates that in 
general the area for inquiry in the case of failure to report will 
center upon both the facts of the particular failure and what the 
failure indicates about the bank's compliance systems and attention to 
the Bank Secrecy Act rules generally.
    The Notice also stated that compliance with the obligation to 
report suspicious transactions would have no direct bearing on a bank's 
potential exposure under the criminal provisions of Title 18 of the 
U.S. Code. One commenter argued that any such statement was a bar to 
cooperation and urged the Department of the Treasury and the Justice 
Department to create safe harbors from criminal liability in cases in 
which SARs are filed.
    The sentence questioned by the commenter was intended simply as a 
reminder that the language of the ``safe harbor'' provisions of 31 
U.S.C. 5318(g) does not by its terms protect against criminal 
prosecutions. The sentence has been deleted in response to the comment, 
but its deletion in no way alters the scope of the statute.
    Finally, a mistaken reference to Title 15 of the Code of Federal 
Regulations has been deleted.

C. Other Comments

    1. Closing Accounts. FinCEN invited comment concerning the guidance 
that is appropriate in connection with a bank's decision, after filing 
a report concerning a particular customer, whether to terminate its 
relationship with that customer. Treasury continues to believe that 
unless instructed by an authorized official in writing, this is a 
decision which must be made by the financial institution.
    2. Non-Bank Financial Institutions. Several comments were filed on 
behalf of non-bank financial institutions concerned that the rules 
embodied in the Notice would be extended to such institutions. Those 
comments were considered to the extent relevant to the Notice and will 
be held for consideration when rules are proposed governing such 
institutions.

V. Regulatory Flexibility Act.

    FinCEN certifies that this regulation will not have a significant 
financial 

[[Page 4331]]
impact on a substantial number of small depository institutions.

VI. Paperwork Reduction Act

    The collection of information contained in this rule has been 
reviewed by the Office of Management and Budget (OMB) in accordance 
with the Paperwork Reduction Act of 1995, 44 U.S.C. 3507(d).
    The collection of information requirements in this rule are found 
in 31 CFR 103.21, as issued in final form herein. This information is 
mandatory and is necessary to inform appropriate law enforcement and 
bank supervisory agencies of suspicious transactions involving or that 
take place at or through depository institutions. Information collected 
hereunder is confidential, see 31 U.S.C. 5318(g), and may be used by 
FinCEN, the federal financial institution regulatory agencies, federal 
law enforcement agencies and, where appropriate, state law enforcement 
and bank supervisory agencies. The respondent recordkeepers are for-
profit financial institutions, including small businesses.
    FinCEN may not conduct or sponsor, and an organization is not 
required to respond to, this information collection unless it displays 
a currently valid OMB control number. The OMB control number is 1506-
0001.
    No comments specifically addressing the hour burden for filing the 
SAR were received.
    FinCEN estimates that there will be 15,000 responses from banks 
subject to the Bank Secrecy Act.
    The revisions made to the final rule from the proposed rule 
published in the Notice simplify the submission of the reporting form 
and shorten the records retention period. However, the same amount of 
information will be collected under the final rule as under the 
proposed rule published in the Notice. The burden per respondent varies 
depending on the nature of the suspicious transaction being reported. 
FinCEN estimates that the average annual burden for reporting and 
recordkeeping per response will be 1 hour. Thus, FinCEN estimates the 
total annual hour burden to be 15,000 hours. However, this burden will 
not result in additional cost to the public because the same 
information is required to be filed by one or more of the Supervisory 
Agencies, and a single filing will satisfy all filing requirements.
    Comments regarding the burden estimate, or any aspect of this 
collection of information, including suggestions for reducing the 
burden, should be sent to Office of Regulatory Policy and Enforcement, 
FinCEN, and to the Office of Management and Budget, Paperwork Reduction 
Project (7100-0212), Washington, D.C. 20503.

VII. Executive Order 12866

    The Department of the Treasury has determined that this rule is not 
a significant regulatory action under Executive Order 12866.

VIII. Unfunded Mandates Act of 1995 Statement

    Section 202 of the Unfunded Mandates Reform Act of 1995, Pub. L. 
104-4 (Unfunded Mandates Act), March 22, 1995, requires that an agency 
prepare a budgetary impact statement before promulgating a rule that 
includes a federal mandate that may result in expenditure by state, 
local and tribal governments, in the aggregate, or by the private 
sector, of $100 million or more in any one year. If a budgetary impact 
statement is required, section 202 of the Unfunded Mandates Act also 
requires an agency to identify and consider a reasonable number of 
regulatory alternatives before promulgating a rule. FinCEN has 
determined that it is not required to prepare a written statement under 
section 202 and has concluded that on balance this rule provides the 
most cost-effective and least burdensome alternative to achieve the 
objectives of the rule.

List of Subjects in 31 CFR Part 103

    Administrative practice and procedure, Authority delegations 
(Government agencies), Banks, banking, Currency, Investigations, Law 
enforcement, Reporting and recordkeeping requirements.

Amendment

    For the reasons set forth above in the preamble, 31 CFR Part 103 is 
amended as set forth below:

PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
FOREIGN TRANSACTIONS

    1. The authority citation for Part 103 is revised to read as 
follows:

    Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5330.

    2. Section 103.11 as amended at 60 FR 228 and 44144 effective April 
1, 1996, is further amended by revising paragraph (ii) and adding 
paragraph (qq) to read as follows:


Sec. 103.11  Meaning of terms.

* * * * *
    (ii) Transaction. (1) Except as provided in paragraph (ii)(2) of 
this section, transaction means a purchase, sale, loan, pledge, gift, 
transfer, delivery or other disposition, and with respect to a 
financial institution includes a deposit, withdrawal, transfer between 
accounts, exchange of currency, loan, extension of credit, purchase or 
sale of any stock, bond, certificate of deposit, or other investment 
security or monetary instrument, or any other payment, transfer, or 
delivery by, through, or to a financial institution, by whatever means 
effected.
    (2) For purposes of Sec. 103.22, and other provisions of this part 
relating solely to the report required by that section, the term 
``transaction in currency'' shall mean a transaction involving the 
physical transfer of currency from one person to another. A transaction 
which is a transfer of funds by means of bank check, bank draft, wire 
transfer, or other written order, and which does not include the 
physical transfer of currency, is not a transaction in currency for 
this purpose.
* * * * *
    (qq) FinCEN. FinCEN means the Financial Crimes Enforcement Network, 
an office within the Office of the Under Secretary (Enforcement) of the 
Department of the Treasury.


Sec. 103.21  [Redesignated as Sec. 103.20]

    3. Section 103.21 is redesignated as Sec. 103.20.
    4. New Sec. 103.21 is added to read as follows:


Sec. 103.21  Reports by banks of suspicious transactions.

    (a) General. (1) Every bank shall file with the Treasury 
Department, to the extent and in the manner required by this section, a 
report of any suspicious transaction relevant to a possible violation 
of law or regulation. A bank may also file with the Treasury Department 
by using the Suspicious Activity Report specified in paragraph (b)(1) 
of this section or otherwise, a report of any suspicious transaction 
that it believes is relevant to the possible violation of any law or 
regulation but whose reporting is not required by this section.
    (2) A transaction requires reporting under the terms of this 
section if it is conducted or attempted by, at, or through the bank, it 
involves or aggregates at least $5,000 in funds or other assets, and 
the bank knows, suspects, or has reason to suspect that:
    (i) The transaction involves funds derived from illegal activities 
or is intended or conducted in order to hide or disguise funds or 
assets derived from illegal activities (including, without limitation, 
the ownership, nature, source, location, or control of such 

[[Page 4332]]
funds or assets) as part of a plan to violate or evade any federal law 
or regulation or to avoid any transaction reporting requirement under 
federal law or regulation;
    (ii) The transaction is designed to evade any requirements of this 
part or of any other regulations promulgated under the Bank Secrecy 
Act, Pub. L. 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 
1951-1959, and 31 U.S.C. 5311-5330; or
    (iii) The transaction has no business or apparent lawful purpose or 
is not the sort in which the particular customer would normally be 
expected to engage, and the bank knows of no reasonable explanation for 
the transaction after examining the available facts, including the 
background and possible purpose of the transaction.
    (b) Filing procedures--(1) What to file. A suspicious transaction 
shall be reported by completing a Suspicious Activity Report (``SAR''), 
and collecting and maintaining supporting documentation as required by 
paragraph (d) of this section.
    (2) Where to file. The SAR shall be filed with FinCEN in a central 
location, to be determined by FinCEN, as indicated in the instructions 
to the SAR.
    (3) When to file. A bank is required to file a SAR no later than 30 
calendar days after the date of initial detection by the bank of facts 
that may constitute a basis for filing a SAR. If no suspect was 
identified on the date of the detection of the incident requiring the 
filing, a bank may delay filing a SAR for an additional 30 calendar 
days to identify a suspect. In no case shall reporting be delayed more 
than 60 calendar days after the date of initial detection of a 
reportable transaction. In situations involving violations that require 
immediate attention, such as, for example, ongoing money laundering 
schemes, the bank shall immediately notify, by telephone, an 
appropriate law enforcement authority in addition to filing timely a 
SAR.
    (c) Exceptions. A bank is not required to file a SAR for a robbery 
or burglary committed or attempted that is reported to appropriate law 
enforcement authorities, or for lost, missing, counterfeit, or stolen 
securities with respect to which the bank files a report pursuant to 
the reporting requirements of 17 CFR 240.17f-1.
    (d) Retention of records. A bank shall maintain a copy of any SAR 
filed and the original or business record equivalent of any supporting 
documentation for a period of five years from the date of filing the 
SAR. Supporting documentation shall be identified, and maintained by 
the bank as such, and shall be deemed to have been filed with the SAR. 
A bank shall make all supporting documentation available to FinCEN and 
any appropriate law enforcement agencies or bank supervisory agencies 
upon request.
    (e) Confidentiality of reports; limitation of liability. No bank or 
other financial institution, and no director, officer, employee, or 
agent of any bank or other financial institution, who reports a 
suspicious transaction under this part, may notify any person involved 
in the transaction that the transaction has been reported. Thus, any 
person subpoenaed or otherwise requested to disclose a SAR or the 
information contained in a SAR, except where such disclosure is 
requested by FinCEN or an appropriate law enforcement or bank 
supervisory agency, shall decline to produce the SAR or to provide any 
information that would disclose that a SAR has been prepared or filed, 
citing this paragraph (e) and 31 U.S.C. 5318(g)(2), and shall notify 
FinCEN of any such request and its response thereto. A bank, and any 
director, officer, employee, or agent of such bank, that makes a report 
pursuant to this section (whether such report is required by this 
section or is made voluntarily) shall be protected from liability for 
any disclosure contained in, or for failure to disclosure the fact of 
such report, or both, to the full extent provided by 31 U.S.C. 
5318(g)(3).
    (f) Compliance. Compliance with this section shall be audited by 
the Department of the Treasury, through FinCEN or its delegees under 
the terms of the Bank Secrecy Act. Failure to satisfy the requirements 
of this section shall be a violation of the reporting rules of the Bank 
Secrecy Act and of this part. Such failure may also violate provisions 
of Title 12 of the Code of Federal Regulations.

    Dated: January 30, 1996.
Stanley E. Morris,
Director, Financial Crimes Enforcement Network.
[FR Doc. 96-2272 Filed 2-2-96; 8:45 am]
BILLING CODE 4820-03-P