Addressing SIFMA’s Anti-Money Laundering (“AML”) conference Wednesday, SEC Enforcement Director Andrew Ceresney said that – when it comes to AML – the lack of red flags itself is a red flag.

Bank Secrecy Act (“BSA”) AML requirements under the Currency & Foreign Transactions Reporting Act of 1970, as amended, 31 U.S.C. §5311, et seq. (31 C.F.R. Chap. X and related laws / regulations: here) require financial institutions to file “suspicious activity reports” (“SARs”) with the Financial Crimes Enforcement Network (“FinCEN”) within the Department of Treasury.

Examples of some activity that trigger a SAR filing include: funds derived from illegal activity (or to hide or launder them); structuring transactions; transactions without lawful apparent purpose or unusual for a given customer and lacking reasonable explanation; insider abuse; and, currency transactions over $10,000.

The SEC has access to SARs. The Enforcement Division’s Office of Market Intelligence has a Bank Secrecy Act Review Group that reviews all SARs within about two weeks of filing – some 27,000-30,000 per year. The SEC also maintains a SAR Hotline: Calls provoke a SAR review within 24 hours.

Ceresney reports that SAR review lead to Enforcement seeking an average of one TRO each month over the past six to enjoin securities violations and seize assets before they dissipate. And over the past year, SAR filings lead to seven pyramid or Ponzi-scheme actions (involving over $100 million) and eight insider trading cases. So the SEC’s Enforcement Division finds SAR filings a very useful source of investigative leads.

But Ceresney points out that, overall, SAR filings are disproportionately few, given the size and scope of the industry. He warns that “no news is bad news” – that is, a lack of red flags (here, SAR filings) may well indicate only that those broker-dealers aren’t taking their compliance obligations seriously or have AML surveillance and compliance systems that just aren’t working.

Ceresney used the Commission’s recent Wedbush and Oppenheimer enforcement actions as examples of its aim. The Oppenheimer case was a joint action with FinCEN and its combined $20 million penalty is the largest civil monetary penalty against a brokerage firm for AML failures. Oppenheimer ignored red flags and failed in its AML obligations (including no SAR filings) while facilitating unregistered penny-stock distributions by its customer, an unregistered Bahamian broker-dealer. See Press Rel. No. 2015-14, SEC Charges Oppenheimer With Securities Law Violations Related to Improper Penny Stock Sales (Jan. 27, 2015), available here.

Enforcement’s Broker-Dealer Task Force is targeting SAR compliance. They’re looking very closely at those broker-dealers who file fewer SARs than circumstances would suggest or whose filings are “check the box” reports lacking useful information (like why the filer thought it was suspicious).

Director Ceresney’s address is here.