Imagine walking into a bank to withdraw funds to buy a used car from a private party, or withdrawing emergency cash for a friend who becomes unemployed and has no bank account. Suspicious? Do you know that if that amount is $5,000, your trusted bank teller is under a legal requirement to file a report to the Feds on what is deemed ‘suspected criminal activity’?
In what many see as an acceleration of statist control of U.S. citizens, the Justice Department has called on bank employees to report customers whose financial transactions appear to be suspicious or unusual. Known as a Suspicious Activity Report (SAR), this federal requirement has surprised many bank patrons who have discovered that their benign intentions have run afoul of The Feds.
Because banks are required to complete a SAR for questionable transactions (typically $5,000 or more for banks; $2,000 or more for money services businesses), unsuspecting customers are subjected to scrutiny for perfectly legal actions, such as merely withdrawing cash. Banks often file SARs even for smaller amounts due to regulatory fear, in what could be deemed a ‘defensive filing’ approach.
Tragically, this action against an innocent customer could result in a larger enforcement action such as a thorough investigation or even the seizure of their cash. And it could land one on a terrorist watchlist that could result in travel and other restrictions.
Beyond these requirements for brick-and-mortar entities, new legislation aimed at greater cybersecurity transparency between the Feds and financial institutions has taken root with the Cybersecurity Information Sharing Act. Now, these financial institutions are required to be extra vigilant in terms of monitoring and including online information in their suspicious activity reporting.
The concern for many civil liberty and justice advocates is that these sorts of extraordinary actions might result in the taking of property from innocent citizens without due process. The non-profit libertarian public interest law firm Institute for Justice (IJ) has been particularly active in cases involving these and other egregious forms of civil asset forfeiture.
Federal leaders, on the other hand, are quick to point out that these actions are all about our safety as a nation; a small measure of sacrifice with respect to our freedoms, in order to protect us against potential terrorist and criminal activities.
Joe Ciccolo, a regulatory compliance expert in the financial services industry and President of Illinois-based BitAML notes that the Financial Crimes Enforcement Network is extremely data driven, committing significant resources to trend analysis which ultimately drives their decision-making and investigative activities. “It’s of little surprise that FinCEN is seeking more data points”, he says, “especially as it pertains to cybersecurity.”
He does agree that the amount of detailed information required in SAR filings is somewhat concerning. “For starters, banks and traditional financial institutions leverage legacy systems that make it difficult to capture and cull attributes such as IP addresses in a timely and effective manner.
Secondly, the number of detailed fields within the SAR itself continues to rise, along with FinCEN expectations for SAR narratives, particularly among money service businesses.
Thirdly, the sharing of additional information, including that which may be tied to innocent parties, such as an IP address, raises questions about potential over-reach.”
All of this, says Ciccolo, begs the question of how practical this information is in terms of how it is applied to underlying suspicious or unusual activity.
“As I see it”, he says, “these concerns are all valid and worthy of discussion.”
Michael Scott is a Denver-based journalist examining disruptive themes fueling the new digital economy. More of his work can be found on his blog BitDisrupt