The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
Federal Reserve Bank of Dallas 2200 N. PEARL ST. DALLAS, TX 75201-2272 January 30, 2006 Notice 06-07 TO: The Chief Executive Officer of each financial institution and others concerned in the Eleventh Federal Reserve District SUBJECT Interagency Guidance on Sharing Suspicious Activity Reports with Head Offices and Controlling Companies DETAILS The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), along with the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, and Office of Thrift Supervision, has issued an interagency guidance for banking organizations on Sharing Suspicious Activity Reports with Head Offices and Controlling Companies. The guidance confirms that 1. A U.S. branch or agency of a foreign bank may disclose a Suspicious Activity Report to its head office outside the United States; and 2. A U.S. depository institution may disclose a Suspicious Activity Report to controlling companies whether domestic or foreign. The guidance notes that banking organizations should maintain appropriate arrangements for the protection of confidentiality of Suspicious Activity Reports. FinCEN has concurrently issued similar guidance for securities broker-dealers, futures commission merchants, and introducing brokers in commodities. For additional copies, bankers and others are encouraged to use one of the following toll-free numbers in contacting the Federal Reserve Bank of Dallas: Dallas Office (800) 333-4460; El Paso Branch Intrastate (800) 592-1631, Interstate (800) 351-1012; Houston Branch Intrastate (800) 392-4162, Interstate (800) 221-0363; San Antonio Branch Intrastate (800) 292-5810. -2ATTACHMENTS Copies of the Board’s SR letter 06-1 dated January 20, 2006, the interagency guidance, and FinCEN’s guidance are attached. MORE INFORMATION For more information, please contact Gary Krumm, Banking Supervision Department, (214) 922-6218. Previous Federal Reserve Bank notices are available on our web site at www.dallasfed.org/banking/notices/index.html or by contacting the Public Affairs Department at (214) 922-5254. BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM WASHINGTON, D. C. 20551 DIVISION OF BANKING SUPERVISION AND REGULATION SR 06-1 January 20, 2006 TO THE OFFICER IN CHARGE OF SUPERVISION AND APPROPRIATE SUPERVISORY EXAMINATION STAFF AT EACH FEDERAL RESERVE BANK, AND TO EACH DOMESTIC AND FOREIGN BANKING ORGANIZATION SUPERVISED BY THE FEDERAL RESERVE SUBJECT: Interagency Guidance on Sharing Suspicious Activity Reports with Head Offices and Controlling Companies The U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN), along with the Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, and Office of Thrift Supervision, has issued the attached interagency guidance for banking organizations on sharing Suspicious Activity Reports with head offices and controlling companies (as defined in the guidance). The guidance confirms that: (1) a U.S. branch or agency of a foreign bank may disclose a Suspicious Activity Report to its head office outside the United States; and (2) a U.S. depository institution may disclose a Suspicious Activity Report to controlling companies whether domestic or foreign. The guidance notes that banking organizations should maintain appropriate arrangements for the protection of confidentiality of Suspicious Activity Reports. The guidance does not address whether a banking organization may share a Suspicious Activity Report with an affiliate other than a controlling company or head office, whether located inside the United States or abroad. Until further guidance is issued, banking organizations should not share Suspicious Activity Reports with such affiliates. FinCEN has concurrently issued similar guidance (also attached) for securities broker-dealers, futures commission merchants, and introducing brokers in commodities. This SR letter should be distributed to the appropriate management and compliance personnel at the domestic and foreign banking organizations supervised by the Federal Reserve, and Reserve Banks should distribute this SR letter to supervisory and examination staff. If you have any questions, please contact Nina A. Nichols, Assistant Director, at (202) 452-2961, or Bridget M. Neill, Assistant Director, at (202) 452-5235. 1 of 2 Richard Spillenkothen Director Attachments: Interagency Guidance on Sharing Suspicious Activity Reports with Head Offices and Controlling Companie Financial Crimes Enforcement Network Board of Governors of the Federal Reserve System Federal Deposit Insurance Corporation Office of the Comptroller of the Currency Office of Thrift Supervision Guidance on Sharing of Suspicious Activity Reports by Securities Broker-Dealers, Futures Commission Merchants, and Introducing Brokers in Commodities Financial Crimes Enforcement Network 2 of 2 Financial Crimes Enforcement Network Board of Governors of the Federal Reserve System Federal Deposit Insurance Corporation Office of the Comptroller of the Currency Office of Thrift Supervision January 20, 2006 Interagency Guidance on Sharing Suspicious Activity Reports with Head Offices and Controlling Companies The Financial Crimes Enforcement Network, along with the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision (collectively, the “Federal Banking Agencies”) is issuing this guidance to confirm that under the Bank Secrecy Act and its implementing regulations (and parallel provisions issued by the Federal Banking Agencies): (1) a U.S. branch or agency of a foreign bank may disclose a Suspicious Activity Report to its head office outside the United States; and (2) a U.S. bank or savings association (“depository institution”) may disclose a Suspicious Activity Report to controllingcompanies[SeeFootnote1]whether domestic or foreign. This guidance does not address the applicability of any other Federal or state laws. The Bank Secrecy Act prohibits the filer of a Suspicious Activity Report from notifying any person involved in the suspicious transaction that the transaction has beenreported.[SeeFootnote2] Implementing regulations issued by the Financial Crimes Enforcement Network have construed this confidentiality provision as generally prohibiting a banking organization from disclosing the existence of a Suspicious Activity Report except where such disclosure is requested by appropriate law enforcement agencies, bank supervisory agencies, or the Financial Crimes EnforcementNetwork.[SeeFootnote3]In addition, the Federal Banking Agencies’ regulations, issued pursuant to Title 12 of the United States Code, state that “Suspicious activity reports areconfidential.”[SeeFootnote4] A depository institution that files a Suspicious Activity Report may disclose to entities within its organization information underlying the filing (that is, information about the Footnote 1 --A controlling company is defined as: a) a bank holding company, as defined in Section 2 of the Bank Holding Company Act; b) a savings and loan holding company, as defined in Section 10(a) of the Home Owners’ Loan Act. For purposes of this guidance, a controlling company also includes a company having the power directly or indirectly, to direct the management or policies of an industrial loan company or a parent company or to vote 25% or more of any class of voting shares of an industrial loan company or a parent company.[EndofFootnote1] Footnote 2--See 31 U.S.C. 5318(g)(2) and 31 C.F.R. § 103.18(e).[EndofFootnote2] Footnote 3--See 31 C.F.R. § 103.18(e).[EndofFootnote3] Footnote 4 --See 12 C.F.R. § 353.3(g) [Federal Deposit Insurance Corporation]; 12 C.F.R. § 208.62(j) [Board of Governors of the Federal Reserve System]; 12 C.F.R. § 21.11(k) [Office of the Comptroller of the Currency]; 12. C.F.R. § 563.180(b)(12) [Office of Thrift Supervision].[EndofFootnote4] 1 customer/suspect and transaction(s) reported). However, neither the Financial Crimes Enforcement Network nor the Federal Banking Agencies have taken a definitive position concerning whether a depository institution is permitted under the Bank Secrecy Act and Federal Banking Agency regulations to share or disclose to entities within its corporate structure, the Suspicious Activity Report itself or the fact that a Suspicious Activity Report wasfiled.[SeeFootnot5] e The answer to this question has become a critical issue, particularly in a global context. We have carefully considered this issue, taking into account the need for a head office, controlling entity or party to discharge its oversight responsibilities with respect to enterprise-wide risk management and compliance with applicable laws and regulations. To fulfill those responsibilities, head offices and controlling entities or parties may have a valid need to review a branch’s, office’s, or depository institution’s compliance with legal requirements to identify and report suspicious activity. Accordingly, we have determined that a U.S. branch or agency of a foreign bank may share a Suspicious Activity Report with its head office outside the United States for these purposes. Similarly, a U.S. bank or savings association may disclose a Suspicious Activity Report to its controlling company, no matter where the entity or party is located. In the event that a depository institution’s corporate structure includes multiple controlling companies, the filing institution’s Suspicious Activity Report may be shared with each controllingentity.[SeeFootnote6] There may be circumstances under which a depository institution would be liable for direct or indirect disclosure by its controlling company or head office of a Suspicious Activity Report or the fact that a Suspicious Activity Report was filed. Therefore, the depository institution, as part of its anti-money laundering program, must have written confidentiality agreements or arrangements in place specifying that the head office or controlling company must protect the confidentiality of the Suspicious Activity Reports through appropriate internal controls. The sharing of a Suspicious Activity Report with a non-U.S. entity raises additional concerns about the ability of the foreign entity to protect the Suspicious Activity Report in light of possible requests for disclosure abroad that may be subject to foreign law. These concerns will need to be addressed in the confidentiality agreements or arrangements. The recipient head office, controlling entities or parties may not disclose further any Suspicious Activity Report, or the fact that such report has been filed; however, the institution may disclose without permission underlying information (that is, information about the customer and transaction(s) reported) that does not explicitly reveal Footnote 5 --However, the Federal Banking Agencies’ regulations require notification of the filing of Suspicious Activity Reports to boards of directors, whether domestic or global. See 12 C.F.R. § 353.3(f) [Federal Deposit Insurance Corporation]; 12. C.F.R. § 208.62(h) [Board of Governors of the Federal Reserve System]; 12 C.F.R. § 21.11(h) [Office of the Comptroller of the Currency]; 12 C.F.R. § 563.180(b)(9) [Office of Thrift Supervision].[EndofFootnote5] Footnote 6 --It should be noted that the requirement that knowledge of a Suspicious Activity Report’s filing may not be disclosed to the controlling entity or party remains, even under this guidance, if there is a reason to believe it may be disclosed to any person involved in the suspicious activity that is the subject of the Suspicious Activity Report.[EndofFootnote6] 2 that a Suspicious Activity Report was filed and that is not otherwise subject to disclosure restrictions. The Financial Crimes Enforcement Network and the Federal Banking Agencies are considering whether a depository institution may share a Suspicious Activity Report with an affiliate other than a controlling company or head office, both in instances where the affiliate is located inside the United States and where the affiliate is located abroad. We expect to issue guidance on this issue shortly; but, until such time, depository institutions should not share Suspicious Activity Reports with such affiliates. 3 Financial Crimes Enforcement Network January 20, 2006 Guidance on Sharing of Suspicious Activity Reports by Securities Broker-Dealers, Futures Commission Merchants, and Introducing Brokers in Commodities The Financial Crimes Enforcement Network, after consulting with staff of the U.S. Securities and Exchange Commission and the Commodity Futures Trading Commission, is issuing this guidance to confirm that, under the Bank Secrecy Act and its implementing regulations, securities broker-dealers, futures commission merchants, and introducing brokers in commodities may share Suspicious Activity Reports with parent entities, both domestic and foreign. This guidance does not address the applicability of any other Federal or state laws. The Bank Secrecy Act prohibits the filer of a Suspicious Activity Report from notifying any person involved in the suspicious transaction that the transaction has been reported.[See construed this confidentiality provision as generally prohibiting a securities brokerdealer, futures commission merchant, or introducing broker in commodities from disclosing the existence of a Suspicious Activity Report, except where such disclosure is requested by appropriate law enforcement agencies, securities and futures industry regulatory agencies or self-regulatory organizations, or the Financial Crimes Enforcement Network. A securities broker-dealer, futures commission merchant, or introducing broker in commodities that files a Suspicious Activity Report may disclose to entities within its organization information underlying the filing (that is, information about the customer/suspect and the transaction(s) reported). However, the Financial Crimes Enforcement Network has not taken a definitive position concerning whether a securities broker-dealer, futures commission merchant, or introducing broker in commodities is permitted under the Bank Secrecy Act to share or disclose to entities within its larger corporate structure, the Suspicious Activity Report itself or the fact that a Suspicious Activity Report was filed. The answer to this question has become a critical issue, particularly in a global context. We have considered this issue carefully, taking into account the need for a parent entity to discharge its oversight responsibilities with respect to enterprise-wide risk management and compliance with applicable laws and regulations. To fulfill those responsibilities, parent entities may have a valid need to review compliance by a securities broker-dealer, futures commission merchant, or introducing broker in commodities which has legal requirements to identify and report suspicious activity. Accordingly, we have determined that a securities broker-dealer, futures commission merchant, or introducing broker in commodities may share a Suspicious Activity Report with parent entities, both domestic and foreign, for these purposes. In the event that the Footnote 1-- See 31 U.S.C. § 5318(g)(2) and 31 C.F.R. §§ 103.17(e) and 103.19(e).[EndofFootnote1] Footnote corporate structure of a securities broker-dealer, futures commission merchant, or introducing broker in commodities includes multiple parent entities, the filing institution’s Suspicious Activity Report may be shared with each entity in the chain of control. There may be circumstances under which a securities broker-dealer, futures commission merchant, or introducing broker in commodities would be liable for direct or indirect disclosure of a Suspicious Activity Report by a recipient parent entity, or the fact that a Suspicious Activity Report had been filed. Therefore, the securities broker-dealer, futures commission merchant, or introducing broker in commodities, as part of its antimoney laundering program, must have written confidentiality agreements or arrangements in place specifying that the parent entity (or entities) must protect the confidentiality of the Suspicious Activity Reports through appropriate internal controls. The sharing of a Suspicious Activity Report with a non-U.S. entity raises additional concerns about the ability of the foreign entity to protect the Suspicious Activity Report in light of possible requests for disclosure abroad that may be subject to foreign law. These concerns will need to be addressed in the confidentiality agreements or arrangements. The recipient foreign parent entity (or entities) may not disclose further any Suspicious Activity Report, or the fact that such report has been filed; however, the foreign parent entity (or entities) may disclose without permission underlying information (that is, information about the customer and transaction(s) reported) that does not explicitly reveal that a Suspicious Activity Report was filed and that is not otherwise subject to disclosure restrictions. The Financial Crimes Enforcement Network, in consultation with staff from the Securities and Exchange Commission and the Commodity Futures Trading Commission, is considering whether a securities broker-dealer, futures commission merchant, or introducing broker in commodities may share a Suspicious Activity Report with an affiliate other than its parent entities, both in instances where the affiliate is located inside the United States and where the affiliate is located abroad. We expect to issue guidance on this issue shortly; but, until such time, securities broker-dealers, futures commission merchants, and introducing brokers in commodities should not share Suspicious Activity Reports with non-parent entities. 2