[Federal Register Volume 62, Number 58 (Wednesday, March 26, 1997)]
[Notices]
[Pages 14532-14534]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-7559]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

Financial Crimes Enforcement Network


Privacy Act of 1974; System of Records

AGENCY:Departmental Offices, Treasury.

ACTION: Notice of a proposed New Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, 5 
U.S.C. 552a, the Financial Crimes Enforcement Network (``FinCEN''), 
Department of the Treasury (Treasury), gives notice of a proposed new 
Treasury--wide system of records entitled the ``Suspicious Activity 
Reporting System (the ``SAR System'')--Treasury/DO.212.''

DATES: Comments must be received no later than April 25, 1997. The 
proposed system of records will become effective without further notice 
April 25, 1997, unless comments are received that result in a contrary 
determination and notice is published to that effect.

ADDRESSES: Written comments should be sent to Office of Legal Counsel, 
FinCEN, 2070 Chain Bridge Road, Suite 200, Vienna, VA 22182-2536, 
Attention: SAR System of Records. Comments will be made available for 
inspection and copying by appointment. Persons wishing such an 
opportunity should call Eileen Dolan, (703) 905-3590.

FOR FURTHER INFORMATION CONTACT: Cynthia A. Langwiser, Attorney-
Advisor, Office of Legal Counsel, FinCEN, (703) 905-3582.

SUPPLEMENTARY INFORMATION:
     This new Privacy Act system of records is proposed to be 
established for the retention, retrieval, and dissemination of 
information, reported by financial institutions or certain of their 
affiliates to the Federal Government, concerning suspicious 
transactions and known or suspected criminal violations occurring by, 
at, or through such institutions. Suspicious transaction reporting is 
required by rules issued by FinCEN and the five supervisory agencies 
that examine and regulate the safety and soundness of financial 
institutions, namely the Board of Governors of the Federal Reserve 
System (the ``Board''), the Office of the Comptroller of the Currency 
(``OCC''), the Federal Deposit Insurance Corporation (``FDIC''), the 
Office of Thrift Supervision (``OTS''), and the National Credit Union 
Administration (``NCUA'') (collectively, the ``Federal Supervisory 
Agencies'').\1\
---------------------------------------------------------------------------

    \1\ FinCEN and the Federal Supervisory Agencies have all 
published rules requiring such reporting. See the rules publshed by 
FinCEN, the Board, OCC, FDIC, OTS and NCUA, respectively, at: 61 FR 
4326 (February 5, 1996); 61 FR 4338 (February 5, 1996); 61 FR 4332 
(February 5, 1996); 61 FR 6095 (February 16, 1996); 61 FR 6100 
February 16, 1996); 61 FR 11526 (March 21, 1996).
---------------------------------------------------------------------------

    The requirements of FinCEN and the Federal Supervisory Agencies 
create an integrated system for reporting suspicious activity and known 
or suspected crimes. Under these requirements, financial institutions 
file a single uniform Suspicious Activity Report (a ``SAR'') with 
FinCEN. Previously, a financial institution reporting a known or 
suspected violation of law was required to file multiple copies of 
criminal referral forms with its Federal financial regulatory agency 
and Federal law enforcement agencies. Each Federal financial regulatory 
agency had promulgated a different form. Under the new system, a 
financial institution meets its obligation to report a known or 
suspected violation of law by filing one copy of a SAR with FinCEN.
    SAR records are maintained in an automated database that is 
operated by agreement among FinCEN and the Federal Supervisory 
Agencies. FinCEN manages the automated SAR System, which is housed at 
the Internal Revenue Service Computing Center in Detroit, Michigan. The 
SAR System contains the suspicious activity information filed by 
financial institutions and related information concerning criminal 
prosecutions, civil actions, enforcement proceedings and investigations 
of concern to FinCEN and the Federal Supervisory Agencies. Currently, 
these categories of records are included in an existing Privacy Act 
system of records, FinCEN Data Base, Treasury/DO .200.\2\ However, in 
order to provide more current and detailed information about these 
categories of records, a new and separate Privacy Act system of records 
is being created.
---------------------------------------------------------------------------

    \2\In addition, the Federal Supervisory Agencies have modified 
their existing Privacy Act Systems of Records to reflect the new 
interagency suspicious activity reporting process and the use of the 
database maintained and managed by FinCEN pursuant to the agreement. 
See the notices published by the Board, OCC, FDIC, OTS, and NCUA, 
respectively, at 60 FR 44347 (August 25, 1995); 60 FR 64239 
(December 14, 1995); 60 FR 52001 (October 4, 1995); 60 FR 64241 
(December 14, 1995) and 61 FR 8689 (March 5, 1996).
---------------------------------------------------------------------------

    This single information system for the use of such reports is a key 
part of the integrated system. The SAR System will permit enhanced 
analysis and tracking of the information contained in the reports, and 
rapid dissemination to appropriate Federal and state law enforcement 
and supervisory agencies. As a central repository for investigatory or 
enforcement information, the SAR System will permit analysis, 
retrieval, and dissemination of information by the Federal Supervisory 
Agencies, by appropriate Federal, state, and local law enforcement 
agencies, state banking supervisory agencies, and by FinCEN itself (SAR 
Users).\3\ In addition, the SAR System will permit dissemination of 
information, where appropriate, to non--United States financial 
regulatory agencies and law enforcement authorities. The SAR System 
will thereby improve efforts to prevent, identify, and enforce the laws 
against financial wrongdoing.
---------------------------------------------------------------------------

    \3\In accordance with 31 U.S.C. 5318(g), data from the SAR 
System is exchanged, retrieved, and disseminated, both manually and 
electronically among FinCEN, the Federal Supervisory Agencies, 
appropriate Federal, state, and local law enforcement agencies, and 
state banking supervisory agencies. Section 5318(g)(4)(B) 
specifically require that the agency designated as the repository 
for suspicious transaction reports refer those reports to any 
appropriate law enforcement or supervisory agency.
---------------------------------------------------------------------------

    Because records in this database are generated under 31 U.S.C. 
5318(g)(4), which authorizes the Secretary of the Treasury to designate 
a single agency to whom suspicious activity reports shall be made, 
access to and use of these records will be governed by the routine uses 
set forth in this notice. Accordingly, the routine uses reflect sharing 
among Federal Supervisory Agencies and law enforcement authorities. 
Additionally, the safeguards provide that on--line access to the 
computerized database is limited to authorized individuals who have 
been issued a password and nontransferable identifier.
    Because information in the SAR System may be retrieved by personal 
identifier, the Privacy Act of 1974 requires the Treasury Department to 
give general notice and seek public comments about creation of this new 
separate system of records. A new system of records report, as required 
by 5 U.S.C. 552a(r), has been submitted to the Committee on Government 
Reform and Oversight of the House of Representatives, the Committee on 
Governmental Affairs of the Senate, and the Office of Management and 
Budget (``OMB''). See Appendix I to OMB Circular A-130, ``Federal 
Agency Responsibilities for Maintaining Records About Individuals,'' 61 
FR 6428, 6435 (February 20, 1996). The proposed system of records, 
Suspicious Activity Reporting System--Treasury/

[[Page 14533]]

 DO 212, is published in its entirety below.

    Dated: February 3, 1997.

Alex Rodriguez,
Deputy Assistant Secretary (Administration).

TREASURY/DO .212

System Name:
     Suspicious Activity Reporting System (the ``SAR System'').

 System Location:
     The SAR System is housed at the Internal Revenue Service Computing 
Center (``DCC'') in Detroit, Michigan and is managed by the Financial 
Crimes Enforcement Network (``FinCEN''), 2070 Chain Bridge Road, Suite 
200, Vienna, VA 22182, with the assistance of the staff of DCC.

 Categories of Individuals Covered by the System:
     The SAR System contains information about--(1) Individuals or 
entities that are known perpetrators or suspected perpetrators of a 
known or suspected Federal criminal violation, or pattern of criminal 
violations, committed or attempted against a financial institution, or 
participants in a transaction or transactions conducted through the 
financial institution, that has been reported by the financial 
institution, either voluntarily or because such a report is required 
under the rules of FinCEN, one or more of the Federal Supervisory 
Agencies (the Board of Governors of the Federal Reserve System (``the 
Board''), the Office of the Comptroller of the Currency (``OCC''), the 
Federal Deposit Insurance Corporation (``FDIC''), the Office of Thrift 
Supervision (``OTS''), and the National Credit Union Administration 
(``NCUA'') (collectively, the ``Federal Supervisory Agencies'')), or 
both.
    (2) Individuals or entities that are participants in transactions, 
conducted or attempted by, at or through a financial institution, that 
have been reported because the institution knows, suspects, or has 
reason to suspect that: (a) the transaction involves funds derived from 
illegal activities, the transaction is intended or conducted to hide or 
disguise funds or assets derived from illegal activities as part of a 
plan to violate or evade any law or regulation or to avoid any 
transaction reporting requirement under Federal law;(b) the transaction 
is designed to evade any regulations promulgated under the Bank Secrecy 
Act, Pub. L. 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 
1951-1959, and 31 U.S.C. 5311-5330; or (c) the transaction has no 
business or apparent lawful purpose or is not the sort in which the 
particular customer would normally be expected to engage, and the 
financial institution knows of no reasonable explanation for the 
transaction after examining the available facts, including the 
background and possible purpose of the transaction;
    (3) Individuals who are directors, officers, employees, agents, or 
otherwise affiliated with a financial institution;
    (4) Individuals or entities that are actual or potential victims of 
a criminal violation or series of violations;
    (5) Individuals who are named as possible witnesses in connection 
with matters arising from any such report;
    (6) Individuals or entities named as preparers of any such report;
    (7) Individuals or entities named as persons to be contacted for 
assistance by government agencies in connection with any such report;
    (8) Individuals or entities who have or might have information 
about individuals or criminal violations described above; and
    (9) Individuals or entities involved in evaluating or investigating 
any matters arising from any such report.

Categories of Records in the System:
     The SAR System contains information reported to FinCEN by 
financial institutions on a Suspicious Activity Report (``SAR'') 
required under the authority of FinCEN or one or more of the Federal 
Supervisory Agencies, or both. SARs contain information about the 
categories of persons or entities specified in ``Categories of 
Individuals Covered by the System.'' The SAR System may also contain 
records pertaining to criminal prosecutions, civil actions, enforcement 
proceedings, and investigations resulting from or relating to SARs. 
Additionally, it will contain records pertaining to criminal 
prosecutions, civil actions, enforcement proceedings, and 
investigations relating to institutions required to file reports or 
under the supervision of one or more of the Federal Supervisory 
agencies.

Authority for Maintenance of the System:
     The system is established and maintained in accordance with 31 
U.S.C. 5318(g); 31 CFR part 103; 31 U.S.C. 321; and Department of the 
Treasury Order 105-08.

Purpose(s):
     The requirements of FinCEN and the Federal Supervisory Agencies 
create an integrated process for reporting suspicious activity and 
known or suspected crimes by, at, or through depository institutions 
and certain of their affiliates. The process is based on a single 
uniform SAR filed with FinCEN.
     The SAR System has been created, as a key part of this integrated 
reporting process, to permit coordinated and enhanced analysis and 
tracking of such information, and rapid dissemination of SAR 
information to appropriate law enforcement and supervisory agencies. 
The provisions of 31 U.S.C. 5318(g)(4)(B) specifically require that the 
agency designated as repository for SARs refer those reports to any 
appropriate law enforcement or supervisory agency.
     Data from the SAR System will be exchanged, retrieved, and 
disseminated, both manually and electronically among FinCEN, the 
Federal Supervisory Agencies, appropriate Federal, state, and local law 
enforcement agencies, and state banking supervisory agencies. Agencies 
to which information will be referred electronically, which in certain 
cases may involve electronic transfers of batch information, include 
the Federal Supervisory Agencies, the Federal Bureau of Investigation 
(FBI), the Criminal Investigation Division of the Internal Revenue 
Service, the United States Secret Service, the United States Customs 
Service, the Executive Office of the United States Attorneys and the 
Offices of the 93 United States Attorneys, and state bank supervisory 
agencies and certain state law enforcement agencies, which have entered 
into appropriate agreements with FinCEN. (The FBI and Secret Service 
may receive electronic transfers of batch information as forms are 
filed to permit those agencies more efficiently to carry out their 
investigative responsibilities.) Organizations to which information is 
regularly disseminated are referred to as SAR System Users. It is 
anticipated that information from the SAR system will also be 
disseminated to other appropriate Federal, state, or local law 
enforcement organizations and regulatory agencies that enter into 
appropriate agreements with FinCEN. In addition, information may be 
disseminated to non-United States financial regulatory and law 
enforcement agencies.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses:
     These records and information in these records may be used to:
    (1) Provide information or records, electronically or manually, to 
SAR System Users relevant to the enforcement and supervisory programs 
and operations of those Users;
    (2) Provide SAR System Users and their Executive Departments with

[[Page 14534]]

reports that indicate the number, amount, individual identity, and 
other details concerning potential violations of the law that have been 
the subject of Suspicious Activity Reports;
    (3) Provide information or records to any appropriate domestic or 
non-United States governmental agency or self-regulatory organization 
charged with the responsibility of administering law or investigating 
or prosecuting violations of law, or charged with the responsibility of 
enforcing or implementing a statute, rule, regulation, order, or 
policy, or charged with the responsibility of issuing a license, 
security clearance, contract, grant, or benefit, when relevant to the 
responsibilities of these agencies or organizations.
    (4) Provide information or records, when appropriate, to 
international and foreign governmental authorities in accordance with 
law and formal or informal international agreement;
    (5) Disclose on behalf of a SAR System User, the existence, but not 
necessarily the content, of information or records to a third party, in 
cases where a SAR System User is a party or has a direct interest and 
where the SAR System User has concluded that such disclosure is 
necessary;
    (6) Provide information or records to the Department of Justice, or 
in a proceeding before a court, adjudicative body, or other 
administrative body before which the SAR System User is authorized to 
appear, when (a) the SAR System User, or any component thereof; or (b) 
any employee of the SAR System User in his or her official capacity; or 
(c) any employee of the SAR System User, where the Department of 
Justice or the SAR System User has agreed to represent the employee; or 
(d) the United States is a party to litigation or has an interest in 
such litigation, when the SAR System User determines that litigation is 
likely to affect the SAR System User or any of its components and the 
use of such records by the Department of Justice or the SAR System User 
is deemed by the SAR System User to be relevant and necessary to the 
litigation, provided, however, that in each case it has been determined 
that the disclosure is compatible with the purpose for which the 
records were collected;
    (7) Disclose information or records to individuals or entities to 
the extent necessary to elicit information pertinent to the 
investigation, prosecution, or enforcement of civil or criminal 
statutes, rules, regulations, or orders;
    (8) In accordance with Executive Order 12968 (August 2, 1995), 
provide information or records to any appropriate government authority 
in connection with investigations and reinvestigations to determine 
eligibility for access to classified information to the extent relevant 
for matters that are by statute permissible subjects of inquiry.
    (9) Provide, when appropriate, information or records to a bar 
association, or other trade or professional organization performing 
similar functions, for possible disciplinary action;
    (10) Provide information or records to the Department of State and 
to the United States Intelligence Community, within the meaning of 
Executive Order 12333 (December 4, 1981) to further those agencies' 
efforts with respect to national security and international narcotics 
trafficking;
    (11) Furnish analytic and statistical reports to government 
agencies and the public providing information about trends and patterns 
derived from information contained on Suspicious Activity Reports, in a 
form in which individual identities are not revealed; and
    (12) Disclose information or records to any person with whom 
FinCEN, the DCC or a SAR System User contracts to provide consulting, 
data processing, clerical, or secretarial functions relating to the 
official programs and operations of FinCEN, DCC, or the SAR System 
User.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, 
and Disposing of Records in the System:
Storage:
     Records are maintained in magnetic media and on hard paper copy.

Retrievability:
     Data in the SAR System may be retrieved by sectionalized data 
fields (i.e., name of financial institution or holding company, type of 
suspected violation, individual suspect name, witness name, and name of 
individual authorized to discuss the referral with government 
officials) or by the use of search and selection criteria.

Safeguards:
     The system is located in a guarded building that has restricted 
access. Access to the computer facilities and any paper records is 
subject to additional physical safeguards that restrict access. Access 
to any electronic records in the system is restricted by means of 
passwords and non-transferable identifiers issued to authorized SAR 
System Users. The system complies with all applicable security 
requirements of the Department of the Treasury.

Retention and Disposal:
     Records in this system will be updated periodically to reflect 
changes, and will be maintained in electronic form as long as needed 
for the purpose for which the information was collected. Records will 
then be disposed of in accordance with applicable law.

System Manager and Address:
     Deputy Director, Financial Crimes Enforcement Network, United 
States Department of the Treasury, 2070 Chain Bridge Road, Suite 200, 
Vienna, Virginia 22182.

Notification Procedure:
     This system is exempt from notification requirements, record 
access requirements, and requirements that an individual be permitted 
to contest its contents, pursuant to the provisions of 5 U.S.C. 
Sec. 552a(j)(2) and (k)(2).

Record Access Procedures:
     See ``Notification Procedure'' above.

Contesting Record Procedures:
     See ``Notification Procedure'' above.

Record Source Categories:
     Records in this system may be provided by or obtained from: 
individuals; financial institutions and certain of their affiliates; 
Federal Supervisory Agencies; State financial institution supervisory 
agencies; domestic or foreign governmental agencies; foreign or 
international organizations; and commercial sources. Pursuant to the 
provisions of 5 U.S.C. 552a(j)(2) and (k)(2), this system is exempt 
from the requirement that the record source categories be disclosed.

Exemptions Claimed for the System:
     This system is exempt from 5 U.S.C. 552a(c)(3), (c)(4), (d)(1), 
(d)(2), (d)(3), (d)(4), (e)(1), (e)(2), (e)(3), (e)(4)(G), (e)(4)(H), 
(e)(4)(I), (e)(5), (e)(8), (f) and (g) of the Privacy Act pursuant to 5 
U.S.C. 552a(j)(2) and (k)(2).

[FR Doc. 97-7559 Filed 3-25-97; 8:45 am]
BILLING CODE: 4820-03-F