Click to return to BOL home page
Banker Store BOL Vendor Connect BOL Career Connect BOL Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Check CrimeDex Em@il Education ID Verification Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us


Print Friendly! Email This Article! Discuss NOW!


The Security Officer's Role, Part VI

Up to now, we've discussed the security aspect of the Security Officers role and responsibilities. If, as in many financial institutions, the Security Officer is also the Bank Secrecy Act (BSA) Officer, there are some additional training, requirements, and reporting responsibilities.

Suspicious Activity Reporting
It is the BSA Officer's responsibility to ensure that Suspicious Activity Reports (SARs) are filed with the appropriate Federal Law enforcement agencies and the Department of the Treasury when the institution detects a known or suspected violation of Federal law, or a suspicious transaction related to a money laundering activity or a violation of the Bank Secrecy Act. It is also the responsibility of the alert Security Officer to see that such reports are filed with state and local law enforcement when appropriate.
  • A SAR must be filed within 30 days of the discovery when there is any known or suspected employee or other insider abuse - regardless of the loss amount and even if there is no loss.
  • Filing is also required within 30 days after initial detection for a singular or aggregate loss of $5,000 or more in funds or other assets where the suspect can be identified and particularly if an alias was used.
  • If the singular or aggregate loss is $25,000 or more in funds or other assets a SAR must be filed within 30 days from discovery. (60 days if a suspect cannot be identified)
  • A SAR must be filed in 30 days for transactions involving or aggregating $5,000 or more that involves money laundering, terrorist financing, identity theft or any known or suspected BSA violation.
  • A SAR must also be filed for what is termed "suspicious activity." This includes transactions involving funds from illegal activity, or conducted in order to hide or disguise funds. Any attempt to violate or evade any law is considered to be reportable. This would include tax evasion or structuring. The requirement is stated this way: "The transaction has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the financial institution knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction."
  • Computer intrusions (excluding websites and other non-critical information systems) that are designed to compromise funds or critical information, or to disable the information system are also reportable.
  • Robbery or burglary committed or attempted should not be reported as suspicious activity on a SAR. Neither should a SAR be used for reporting lost, missing, counterfeit or stolen securities.
Records
All records substantiating the facts that would normally be filed physically with a Suspicious Activity Report must be kept for five years from the date of filing and made available on request of law enforcement for their investigations. No records are to be sent with the SAR when the report is filed. The details of how to complete the form and how to file it are all included in the instructions on the SAR.

It is the responsibility of the BSA Officer to ensure that the institution is in compliance with all SAR instructions, including timely filing and the retention and maintenance of records.

Report to the Board of Directors
Regulation H and all the other similar regulations require that the filing of SARs be reported to the Board of Directors. Details of the report are not necessary, in the opinion of most BSA officers, but the fact that a report has been filed as required by regulations should be noted in the minutes of the Board.

Confidentiality
SARs are confidential. The fact they are completed and filed must not be disclosed to anyone, even under subpoena. The regulation is very clear on this fact. "Any member bank subpoenaed or otherwise requested to disclose a SAR or the information contained in a SAR shall decline to produce the SAR or to provide any information that would disclose that a SAR has been prepared or filed citing this section, applicable law (e.g., 31 U.S.C. 5318(g)), or both, and notify the Board." FinCEN has instructed that any request for information about a SAR be referred directly to them.

Safe Harbor
You and your financial institution are both protected from any lawsuit from the subject of a SAR by the safe harbor provisions of the United States Code (31 U.S.C. 5318(g), which exempts any financial institution that makes a disclosure of any possible violation of law or regulation from liability under any law or regulation of the United States, regardless of whether such reports are filed pursuant to the regulation or are filed on a voluntary basis.

Monitor BSA Compliance
The regulations also say you must monitor your BSA program, by establishing a compliance program spelling out, in writing, the recordkeeping and reporting requirements. This has to be approved by the Board of Directors.

Your written program must:
  • Provide for a system of internal controls to assure ongoing compliance;
  • Provide for independent testing for compliance to be conducted by bank personnel or by an outside party;
  • Designate an individual or individuals responsible for coordinating and monitoring day-to-day compliance; and
  • Provide training for appropriate personnel.
(This series of training pages is for the new and/or experienced Security Officer. Dana Turner is a security practitioner and the author of the Financial Institution Security Library. He serves as a moderator on BankersOnline.com's Security Forum and is a frequent contributor to the Bankers' Hotline. Dana can be reached at (830)535-6500 or at danaturner@email.com)

Copyright © 2005 Bankers' Hotline. Originally appeared in Bankers' Hotline, Vol. 15, No. 1, 2/05>/span>



Print Friendly! Email This Article! Discuss NOW!


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.