Safe SARs
Congress passed the safe harbor for suspicious activity reports in 1992. The safe harbor provides that if the financial institution files a SAR in compliance with the law and regulations, the institution is safe from civil liability. The safe harbor was considered necessary because individuals investigated and prosecuted by the government sued the financial institution that filed the report that called the government's attention to them. Since fear of such lawsuits could have a chilling effect on reporting suspicious activity, Congress created the safe harbor.
Although the safe harbor has been in place for more than a decade, there remain questions about how it works and how safe it actually is. Criminals, who by definition are not "good guys" are always seeking a new angle or a way out of a tight spot. One such person sued Whitney National Bank in an attempt to make the bank guilty of something and thus owe him. Fortunately for financial institutions, the plaintiff failed and the court upheld the safe harbor. (Whitney National Bank v. Karam, 306 F. Supp.2d 678 (S.D. Tex 2004)).
The plaintiff sued Whitney National Bank for defamation and asked the court to require the Bank to produce documents related to the SAR. The discovery request included all oral and written communications that the bank may have had with law enforcement concerning the bank's suspicions about the plaintiff's conduct. The court ruled that the documents sought by the plaintiff were not discoverable. The decision stands for several important principles. First, the safe harbor is solid - something that a financial institution should be able to rely on.
Second, compliance with the regulations is critical to staying in the safe harbor.
Third, procedures and training should include close attention to communications about suspicious activity before and after a SAR is filed as well as on the SAR itself.
In response to the decision, the federal financial agencies issued an Interagency Advisory on compliance with SAR filings. The guidance restates the safe harbor and stresses the agencies' belief that the safe harbor will hold for institutions that file in compliance.
What the case means is that certain documents and communications are within the safe harbor while others are not. Documents not included in the safe harbor are basically any documents that exist independently of the SAR, even if they may contain information that could support or cause the suspicions.
For example, a credit report may show differences from the information provided on the application. These differences could be the facts that first gave rise to the institution's suspicious. These two documents, however, exist independently from the communications and documents used to develop and file the SAR. They are therefore not included in the safe harbor.
Documents might be exempted from discovery if they indicate or confirm the existence of the SAR. For example, a loan officer's worksheet that contained notes regarding the suspicions might be exempt from discovery.
The safe harbor includes specific information that is generated by the SAR as well as information that is developed or communicated because of the SAR. The Interagency Guidance reiterates the court's ruling in listing specific types of information that are subject to the safe harbor and are therefore not discoverable. These include the SAR itself, including the fact that it exists.
The safe harbor also includes communications pertaining to the filing of the SAR or its contents, not merely within the institution but also with government authorities. These protected communications include more than reports of suspicious activities. They include conversations or communications that may have begun by testing the waters and led to the filing of the SAR.
Also included are communications that follow the SAR filing, if these explain or clarify information in the SAR. This may happen if law enforcement has questions about why the institution considered the described activity to be suspicious.
Finally, the safe harbor also reaches a very important form of communication: institution communications with authorities about possible suspicious activity that did not result in filing a SAR. This means that you are safe when calling FinCEN or your regulatory agency to discuss situations and seek guidance. You may keep notes of these conversations as long as the notes remain confidential. Keeping this information should be helpful when an examiner asks about situations that you identified and investigated but decided not to file a SAR. If you follow procedures, you remain within the safe harbor. These developments are reassuring in the context of the safe harbor. However, without good compliance, you don't have a safe harbor.
ACTION STEPS
- Review your BSA procedures carefully to see whether they provide adequate guidance on the preparation and confidentiality of SARS. Look for instructions on who communicates with whom, who is responsible for any written communications, who is responsible for communicating with law enforcement, and where and how information is stored.
- Make sure that every person in the institution is fully trained on suspicious activity. Training should include specific instructions on communicating suspicions and maintaining confidentiality.
- Review your SAR files under the Whitney National Bank case to determine whether you are maintaining proper documentation.
Copyright © 2004 Compliance Action. Originally appeared in Compliance Action, Vol. 9, No. 5, 3/04
Privacy Policy Disclaimer Recommend This Site ! Contact Us
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
|
|
Print Friendly!
Email This Article!
Discuss NOW!