On December 14, the Financial Crimes Enforcement Network (“FinCEN”) issued a request for information (“RFI”), seeking comment on ways to “streamline, modernize, and update” the anti-money laundering (“AML”) and counter-terrorism financing (“CTF”) regime of the United States. As we will discuss, the RFI is the latest development in a protracted inquiry into how to try to leverage technology in order to maximize the usefulness to the government of Bank Secrecy Act (“BSA”) reporting and record-keeping, and minimize the compliance costs imposed on industry. However, as we also discuss, the RFI may add fuel to ongoing efforts to expand the coverage and reporting requirements of BSA regulations.
Modernization and the AML Act
The RFI comes amid a flurry of regulatory activities from FinCEN and highlights the modernization of the AML/CTF regime as a key priority for the agency. These initiatives, including the RFI, are being driven in part by the Anti-Money Laundering Act of 2020 (“AMLA”). Specifically, Section 6216 of the AMLA directs the Secretary of the Treasury to solicit public comment, consult with other government stakeholders, and broadly “undertake a formal review of the regulations implementing the BSA and related guidance” in order to:
- Ensure the Treasury Department provides “appropriate safeguards” on a continuing basis to protect the financial system from threats, money laundering, financing terrorism, and financial crime;
- Ensure that BSA regulations continue to require reports or records that are “highly useful” in countering financial crime;
- Identify regulations that may be outdated, redundant, or otherwise do not promote a risk-based AML/CFT regime;
- Identify regulations that do not meet international standards for combating money laundering, financing of terrorism, serious tax fraud or other financial crimes; and
- Make appropriate changes to regulations and guidance in order to improve the efficiency of the AML/CTF regime.
Section 6216 is the final provision in a 16-part section of the AMLA Act entitled “Modernizing the Anti-Money Laundering and Countering the Financing of Terrorism System.” As we blogged, the other provisions in this section are related but more targeted, and in part require FinCEN to collect data and make findings on the utility and compliance costs of Suspicious Activity Report (“SAR”) and Currency Transaction Report (“CTR”) filings; whether the current monetary filing thresholds for those reports are appropriate; and – importantly – how to improve government feedback to reporting institutions on the usefulness of particular SAR filings.
Efforts to “modernize” the AML/CFT regime have been ongoing for years. Last year, FinCEN issued an Advance Notice of Proposed Rulemaking soliciting comment on what it described as “a wide range of questions pertaining to potential regulatory amendments to the [BSA]” because, according to the ANPRM, existing BSA regulations have failed to keep pace with technological innovations. Consequently, financial institutions expend substantial resources to implement programs that inefficiently generate vast amounts of information that often do not serve the BSA’s purpose of providing information with a “high degree of usefulness” to government authorities.
Further, the RFI summarizes other modernization efforts preceding the AML Act, highlighting the fact that Section 6216 represents the culmination of a long and sometimes haphazard process:
Numerous provisions of the AML Act codify and elaborate upon existing or prior Treasury initiatives on innovation, regulatory reform, and industry engagement, in response to evolving threats. These various efforts include: The BSA Advisory Group; an interagency AML Task Force led by Treasury’s Under Secretary for Terrorism and Financial Intelligence; a Regulatory Reform Working Group for Treasury and the Federal Banking Agencies (FBAs); FinCEN Exchange; studying the value of BSA data; and, the FinCEN Innovation Hours Initiative. FinCEN has also issued final rules in recent years that have aimed to close AML regulatory gaps that represent vulnerabilities in the U.S. financial system that illicit actors could exploit. In addition, to fulfill its obligations under the Paperwork Reduction Act, FinCEN issued multiple notices soliciting input from the public in an effort to better understand and estimate the burden and cost of various BSA regulations. Many of the comments that FinCEN received are relevant to the formal review required under Section 6216 of the AML Act.
Not surprisingly, the RFI emphasizes technological innovation. In a press release accompanying the RFI, FinCEN’s Acting Director Himamauli Das stated, “We recognize that the illicit finance threat landscape continues to evolve and that technology and innovation now play an important role in the efficient application of resources to combat illicit finance. I urge all relevant stakeholders to review the RFI and comment on ways that FinCEN can modernize AML/CFT regulations and guidance and better promote a risk-based approach to AML/CFT compliance.” The RFI repeats this view and similarly states that “FinCEN is particularly interested in new and innovative approaches to [BSA] compliance that promote a risk-based approach to protecting the financial system from threats to national security posed by various forms of financial crime.”
The RFI therefore invites the public to propose changes to BSA regulations and guidance that would make them more efficient. The RFI, perhaps acknowledging the breadth of its subject matter, attempts to be specific about the information it seeks. In particular, the RFI defines “efficiency” as including the ability of financial institutions to focus resources on providing information that is more useful to law enforcement, reporting highly useful information in a timely manner, or reducing redundancies and information of little use to law enforcement. In pursuit of that goal, the RFI provides 26 questions on the five objectives laid out by the AML Act noted above.
The RFI suggests that FinCEN may be developing practical advice concerning the best use cases for emerging technologies and, in particular, how financial institutions can leverage those technologies to enhance their monitoring and compliance programs. For example, the RFI asks whether BSA regulations or guidance could be made more efficient in light of digital identification, machine learning and artificial intelligence – in a report of July 2021 by the Financial Action Task Force, artificial intelligence and machine learning were touted as breakthrough technologies that can help combat illicit finance threats in myriad ways, including through the identification and verification of customers, analyzing transactional behavior and detection of anomalous behavior.
For these goals to succeed, however, it is incumbent for regulators – and, perhaps most importantly, for front-line examiners of financial institutions – to allow financial institutions room for error in the implementation of any new technologies. Some financial institutions may be reluctant to pursue technological innovation in the day-to-day implementation of their AML compliance programs because they are concerned that examiners will respond negatively or will make adverse findings against the financial institution if the new technology creates unforeseen problems. Similarly, some financial institutions may be concerned that new technologies may reveal unwitting historical compliance failures that otherwise would not have been uncovered, and which then will haunt the financial institution in the absence of some sort of regulatory safe harbor. For innovation to succeed and be utilized to a meaningful degree, the RFI’s aspirational language must be matched by the tempering of on-the-ground expectations and demands by regulators.
Further, and despite the repeated references to efficiency and innovation, it would be a mistake to assume that the inevitable net outcome of the RFI will be reduced or more streamlined regulation. Section 6216’s first stated goal is the protection of the financial system against money laundering and terrorist financing threats. Accordingly, “FinCEN is soliciting input regarding financial services and related activity that present risk of exploitation by illicit actors or otherwise present a risk to the U.S. financial system but might not be addressed, in whole or in part, by existing regulations.” Likewise, although the RFI is asking about the usefulness of current required reports and records, it also asks whether there are “any reports or records that are not currently required to be filed or maintained that, if required, would be highly useful in countering financial crime?” Accordingly, and consistent with other efforts by FinCEN – particularly in the areas of cryptocurrency and real estate – Section 6216 ultimately may serve to expand the BSA’s coverage and requirements.
Comments are due no later than February 14.