Understanding the Bank Secrecy Act (BSA)

Money laundering is a thriving global crime industry. Criminals leverage financial institutions to transfer illegal funds, evade taxes, and violate other financial regulations, thereby introducing illicit gains into the economy as legitimate profits. The challenge of tracking and reporting such criminal activities has persisted. Fortunately, the Bank Secrecy Act, enacted in 1970, provides a framework to address these issues. The act answers critical questions, such as how criminal money movements can be tracked, reported, and stopped.

What Is the BSA?

The Bank Secrecy Act (BSA) is a crucial federal legislative requirement designed to combat financial crimes such as money laundering and terrorism financing. Enacted in 1970 as part of the Currency and Foreign Transactions Reporting Act, the BSA mandates compliance from U.S. financial institutions, empowering government agencies to detect and prevent financial crimes. The act requires banks and other financial institutions to maintain records of financial transactions and cash purchases of negotiable instruments and file a report if the daily sum exceeds $10,000 or if suspicious activities are observed during payment processing. Structuring, a payment technique where criminals carry out multiple transactions slightly below the $10,000 reporting cap, is also considered a suspicious activity and must be monitored and reported. In addition, the Office of the Comptroller of the Currency periodically examines banks and financial institutions to ensure compliance with BSA requirements.

The Internal Revenue Service (IRS) also plays a vital role in curbing illicit fund movements in the American financial system. Every business that receives more than $10,000 cash from a single buyer must file Form 8300 within 15 days from the transaction date. This is crucial as criminals prefer cash transactions that leave minimal footprints, making electronic transactions a more traceable option.

Brief History of the BSA

The Bank Secrecy Act (BSA) was established in 1970 with the primary goal of fighting money laundering, also known as anti-money laundering (AML) policies. This legislation was one of the earliest attempts to combat the movement of illegal funds within the financial system. As terrorism financing is also a product of money laundering, the BSA policies simultaneously target terrorism funding. Criminals were using the banking system to launder money, fund terrorism, and acquire weapons of mass destruction, hence the need for the BSA.

Initially, the BSA faced resistance in the U.S. with claims that it violated the fourth and fifth amendments, which are the rights against unwarranted search and seizure and the right to due process, respectively. However, a California court upheld the constitutionality of the BSA regulations. Since then, the BSA has been gradually embraced by U.S. financial institutions, with compliance improving steadily since 1980.

 The BSA has undergone several amendments, including one covered under the 2001 USA PATRIOT ACT, which was a response to the 9/11 terrorist attack. Under this amendment, financial institutions were required to establish internal anti-money laundering policies to combat the financing of terrorism. The Patriot Act specified procedures and controls, such as having designated compliance officers, providing continuous employee training, and conducting independent audits to test these controls.

The Role of FinCEN in BSA

The Financial Crimes Enforcement Network (FinCEN) is responsible for administering the Bank Secrecy Act and enforcing policies and regulations on financial institutions to prevent illicit use by criminals. Its main objective is to protect financial institutions from being exploited by criminals and to combat money laundering and other financial crimes. FinCEN achieves this through collecting and analyzing financial transaction data, utilizing available financial intelligence, and strategically employing financial authorities.

The United States Congress has given FinCEN the responsibility to analyze and manage data reported under FinCEN’s purview, including other related data that helps the government safeguard the financial system. Below is a list of some of these responsibilities:

• Issues and interprets guidance and regulations authorized by the government.
• Enforces compliance with the BSA regulations.
• Manages the data filed by financial institutions under FinCEN’s reporting requirements.
• Supports civil enforcement actions involving law enforcement investigations and prosecutions where needed.
• Exchanges information and coordinates with foreign financial intelligence units (FIU) counterparts on anti-money laundering and terrorism financing efforts.
• Provide support for policymakers, regulatory bodies, law enforcement, and intelligence agencies.

FinCEN is one of the world’s leading Financial Intelligence Units (FIU). It exchanges information with other countries’ FIUs when needed to safeguard the global financial system from criminals. The international body guiding the cooperation and exchange of intelligence between these 166 FIUs worldwide is known as the Egmont Group.

Who Should Be BSA Compliant?

The BSA applies to both banking and non-banking financial institutions in the United States. Any business involved in financial transactions or fund movement can be used for money laundering, making BSA compliance mandatory. Non-banking financial institutions (NBFIs) and depository institutions are required to adhere to BSA regulations in the United States.

Non-Banking Financial Institutions (NBFIs)

Non-Banking Financial Institutions (NBFIs) strengthen a country’s economy. Still, unlike depository institutions, they are not licensed to accept traditional financial deposits or savings from the public. However, they provide other banking-related services such as risk pooling, market brokering, currency exchange, contractual savings, and individual and collective investments.

Examples of NBFIs are:

1. Cryptocurrency Industry
2. Loan/Finance Companies
3. P2P Lenders
4. Insurance Companies
5. Money Service Businesses
6. Casinos
7. Precious Metal/Stone Dealers
8. Securities/Commodities Firms
9. Hedge Funds & Private Equity Funds

Depository Institutions

As the term implies, depository institutions refer to institutions or business organizations that are legally allowed to accept currency deposits for business transactions and savings. These institutions mainly obtain funds through public deposits. Examples are:

1. Banks
2. Savings Associations
3. Credit Unions

Six Key Components of a BSA Compliance Program

The BSA has specified a variety of components of an organization in order to be compliant. These are listed below: 

1. Internal Control System
2. Independent Testing by a third-party auditor
3. Designated BSA Officer
4. Training Program
5. Customer Identification Program
6. Customer Due Diligence

What Is a BSA Compliance Officer?

Compliance with the BSA is crucial for companies, regardless of their industry, to avoid penalties for non-compliance. One step towards achieving compliance is appointing a designated staff member to oversee BSA compliance and report to the board of directors. Known as the BSA compliance officer, this person oversees and coordinates the company’s daily compliance needs. Additionally, they oversee internal compliance programs and are familiar with BSA and AML regulations.

What to Look For in a BSA Compliance Officer

1. Knowledgeable in BSA/AML subject matter or the readiness to learn and be vast within the shortest possible period.
2. Ability to develop a compliance strategy and the road map for executing it.
3. Familiar with the industry or sector the company operates in.
4. Creating a culture of compliance among fellow employees.
5. Continuous training of fellow staff.
6. Ability to collaborate with the board of directors to develop strategies that aid effective compliance programs.

Reporting and Recordkeeping Requirements Under the BSA

Below are the established BSA regulatory requirements for financial institutions:

1. Suspicious Activities Monitoring and Reporting
2. Currency Transaction Reporting
3. Recordkeeping Requirements

Suspicious Activities Monitoring and Reporting 

Banks are to monitor, identify and report unusual & suspicious activities, but it is not the bank’s duty to carry out detailed investigations in search of evidence linking the suspected transaction to a financial crime. The only investigation expected of the bank is one that further cross-checks if a violation indeed happened to help decide if the transaction is worth reporting. The process of reporting involves filling out a SAR form, and banks are to file a SAR when any of the following is suspected:

1. Violations involving insider abuse of any amount.
2. An aggregate of $5,000 or more when the suspect can be identified.
3. An aggregate of $25,000 or more when a potential suspect cannot be identified.
4. Transactions aggregating $5,000 or more with no lawful purpose or transactions violating other BSA regulations on money laundering & terrorism financing.

Suspicious Activities Monitoring & Reporting Processes

While FinCEN and other financial regulatory bodies welcome the reality that not all potential illegal funds or transactions would be detected and reported 100%, it is important to have guidelines and internal controls that make detecting suspicious transactions easier and faster. 

These monitoring and reporting processes are part of each financial institution’s overall responsibility to ensure an effective risk-based BSA compliance program; therefore, the board should approve policies that address the following:

1. 1. Transaction monitoring
   2. Alert management
   3. Suspicious activities investigations
   4. SAR filing decisions.
   5. Ongoing suspicious activities monitoring.

To ensure the correct identification, investigation, and reporting of these suspicious activities, the board should provide adequate resources that measure up to the bank’s overall risk profile and volume of transactions.

Five Components For Suspicious Activities Monitoring And Reporting

1. Identification or alerts of unusual activity: This can come from a transaction-based system or as inquiries from law enforcement.
2. Management of alerts: This refers to processes used to evaluate suspicious activities put in place by the management.
3. SAR filing decision-making: Based on research and analyses, an authorized and knowledgeable staff/team in charge of BSA compliance decides to file or not to file the SAR.
4. SAR completion and filing: Procedures should be in place to ensure the accurate filing of SAR forms within the stipulated time. A sufficient description of the transaction and/or suspected irregularities which is the basis for filing should be provided.
5. Monitoring and SAR filing on future activities: There should be guidelines that monitor future activities in concerned accounts and address recurring SAR filing.

Currency Transaction Reporting (CTR)

CTR is the second BSA regulatory requirement that banks must comply with. Banks must submit an electronic Currency Transaction Report (CTR) for transactions exceeding $10,000, which must be done within 15 days of the transaction. A CTR can also be filed for smaller amounts if it is noticed that the customer is employing a method called “structuring,” which is a deliberate attempt to transact lower amounts to avoid the $10,000 reporting threshold.

Recordkeeping Requirements

The SAR and CTR reports are critical in assisting FinCEN and other law enforcement agencies in detecting and investigating financial crimes. The importance of recordkeeping is also emphasized in the third BSA requirement, which mandates that banks maintain accurate financial records and provide necessary information to law enforcement upon request. These records must be kept for at least five years from the transaction or account closure date, and failure to do so can result in severe penalties. In addition, adequate recordkeeping helps financial institutions comply with the law and enables them to promptly provide the requested information to law enforcement agencies, which aids in investigating and prosecuting financial crimes.

Conclusion

The Bank Secrecy Act (BSA) is a crucial regulation that every financial institution in the U.S. must comply with. The BSA requires financial institutions to implement internal policies and procedures to detect and prevent money laundering and other financial crimes. This is achieved through the collection and analysis of financial transaction data, readily available financial intelligence, and the strategic use of financial authorities. BSA compliance includes several requirements, such as filing Currency Transaction Reports (CTR), Suspicious Activity Reports (SAR), and maintaining financial records. To better understand BSA, it is recommended to read about Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations. By complying with BSA, financial institutions can help safeguard the financial system from illicit use by criminals and protect themselves from potential fines and legal action.

Identity.com

One of the components of BSA compliance includes developing a customer identification program, which involves an effective KYC process. Identity.com is helping many businesses by giving their customers a hassle-free identity verification process. Identity.com is an open-source ecosystem providing access to on-chain and secure identity verification. Our solutions improve the user experience and reduce onboarding friction through reusable and interoperable Gateway Passes. For more info, please refer to our docs.