Living with Section 314(a) & (b)
With Section 314(a) now in play, we have some questions about the compliance process - and some frustrations. The list and response process was given close attention at the ABA/ABA 2003 Anti-Money Laundering Conference held in Washington, D.C.
The agencies have heard a lot of gripes, especially about burden, and they want you to realize that they do things to keep the burden down. They hear you and want you to realize that they do things behind the scenes to keep the burden down. For example, the regulatory agencies "vet" the names produced by law enforcement to limit requests to names associated with very high priority investigations - terrorism and serious money laundering cases.
While the agencies did not claim that their efforts were as significant as reducing a child's Christmas wish list for Santa to the family budget reality, they did make clear that this gets close attention and effort. What was not said was that the size of the list is an indication of how many serious and active investigations are underway.
What the list is for
The Section 314(a) list exists to support the work of law enforcement pursuing terrorism and money laundering leads. It is limited to that purpose. Do not use the list for anything else.
Panelists got lots of questions about closing accounts for names on the list. The advice was universal: don't close an account simply because a name is on the list. Limit your use of the list to its stated purpose - letting law enforcement know whether you have an account or transaction with an individual named on the list.
The presence of a name on the list may cause you to look more closely at the named customer. This is okay, as long as you remember that the person or company is under investigation and nothing has been proved. If you look closely and conclude that there is suspicious activity, you may close the account if that is your policy. But be sure to follow your account-closing and BSA program guidelines. Al Zarate, FinCEN, added to this caution. He suggested that before closing an account, you check with law enforcement to determine whether closing the account would interfere with the investigation. Remember that any name on that list is under active investigation for something serious.
Each step or rule in the anti-money laundering effort has its own set of rules. Several of the speakers at ABA's conference warned against confusing one safe harbor with another. While there was a strong recommendation to manage all these related issues (OFAC, BSA, Section 314(a) and more) under one program, you still need to keep each element separate, just as you must avoid treating something as a finance charge simply because it is entered on a separate line of the HUD-1.
If you identify suspicious activity, follow the SAR rules, even if the customer is on the Section 314(a) list. And follow the list rules for purposes of reporting whether you have a customer on the list.
SARs and Section 314(a)
The fact that a name is on the list is not, by itself, grounds for filing a Suspicious Activity Report. Whether you Section 314(a) list names on your watch list is a matter for your own decision - risk-based, of course.
Once your attention is called to a customer on the list, you may find information or observe behavior that you believe is suspicious, and would, in other circumstances, trigger a SAR filing. If that arises, file the SAR and include a description in the narrative section that describes the suspicious behavior.
However, filing the SAR is a separate activity from checking whether you have accounts or transactions with anyone named on the list. Treat each activity separately for compliance purposes. While you may want to manage these activities under one umbrella - and doing so is probably a wise idea - each activity has its own set of rules and safe harbors. Don't lose sight of which safe harbor you are aiming for.
Point of Contact
One challenge with the ongoing process will be maintaining an up-to-date point of contact for receiving the Section 314(a) list. Any change must be reported promptly to your regulatory agency. In addition, the current name should be reported on the Call Report, using the new space for the Section 314(a) contact name.
At this point, only the FDIC is using the call report to update contact names - and their process is still in the testing phase. So, until you receive notice to the contrary, continue to notify your agency directly of any change in the point of contact. Also make sure that the folks who prepare and submit the call report are aware of this new requirement and don't simply insert the name of the person responsible for call report questions.
Documenting Compliance with Section 314(a)
Section 314(a) - with its now familiar bi-weekly list - raises questions about documenting compliance. Attendees got some good advice about how to prove compliance without tripping over confidentiality mandates.
First, it is permissible to keep copies of the list, but you must do so with strict controls to ensure that the list does not leak outside of those who are assigned to work with it. The list is comprised of individuals or companies under investigation. Keeping these names confidential is critical to the success of the investigation. If you keep copies, do so under strict security procedures.Second, you may document that files and databases were checked and what ones were checked. This information may enable you to establish compliance to an examiner's satisfaction. In short, documentation may be useful but document with care.
Susan Tuccillo, Citigroup, recommends using a response form for each business or department to complete if they have a hit on the list. Her form includes details of the account and the account holder involved, the customer's name as it appears on the transaction, the named person's role in the transaction, the type of transaction, and the date and amount of the transaction. Keep this information secure. Having this type of internal documentation proves compliance, provides a basis for internal customer review if appropriate, and also will establish a base-line for the customer's activity when the list was circulated. As Tuccillo put it, this documentation enables you to know what you are doing with the customer.
Laurie Bender, Federal Reserve, recommends keeping copies of the list requests or a log of requests and responses. This provides less documentation than Tuccillo gathers, but does document enough to establish compliance.
Section 314(b): To Share or Not To Share
The decisions about whether to share information have not been easy. They have been made more difficult by the lack of clear rules and safe harbors. While the regulators have attempted to minimize burden by refraining from creating a rigid information-sharing regime, the industry seeks certainty.
ABA's conference provided some good ideas - and some certainty - for those institutions that decide to share. Among the BSA compliance industry leaders who spoke at the conference, the consensus was that sharing is the way to go. Fortunately, they also shared their ideas.
Susan Tuccillo recommends setting up a protocol with some key elements. First, she recommends tracking requests coming in and requests going out. This gives you a road map of how information is moving and where it is being used.
To track requests, Tuccillo recommends including key information such as an internal number, date of the communication, name of the person contacted, purpose of the communication which may include why the party was contacted, and response or action taken in your institution. A critical must-do element in this list is to verify that the other institution has filed a notification. She suggests using a box to check, requiring an affirmative step by staff. The box also serves as a reminder to determine the other institution's filing status.
Other useful documentation includes a copy or record of the transaction in question, such as a copy of the check that triggered the request.
It may be a good idea to have a designated Section 314(b) person to monitor and manage information exchanged. Tuccillo described such a person's responsibility as shepherding the process. A step that this person could manage is verifying information from the other institution to be sure that the institution has filed and that the contact from that institution is authorized to make the request and receive information.
Tuccillo's final advice was to use Section 314(b) cautiously. It is intended to support legitimate efforts to pursue money laundering and terrorism activities. It is not intended to be used for routine information and certainly not for CIP.
- Look over your Section 314(a) compliance from top to bottom. Identify weaknesses and shore them up using the ideas presented by the experts.
- Check the status of your Section 314(a) point of contact designation to be sure it is current. Also see what process you have for keeping the name up to date.
- Contact the call report folks and tell them about the new Section 314(a) information box. Be sure they know where to get the information.
- Compare the Section 314(a) lists with your SARs filed and see what activity you did or did not identify. Look for patterns that may be helpful in the future.
Copyright © 2003 Compliance Action. Originally appeared in Compliance Action, Vol. 8, No. 11, 11/03
First published on 11/01/2003