In recent months, support for Bank Secrecy Act/anti-money laundering ("BSA/AML") reform has gained momentum in the US Congress as more than 20 pieces of reform-related legislation circulate the financial services committees. Several proposals from both chambers have garnered varying degrees of bipartisan support, including bills and draft legislation intended to address issues such as beneficial ownership, information-sharing, privacy protections, risk management, and examination priorities.1 However, none of these important proposals addresses the fundamental policy flaw within the regime.
The underlying flaw in the US AML regime is that the two principal objectives of the BSA (creating actionable financial intelligence and preventing money laundering) align in theory but conflict in practice. The tension between the two objectives results in conflict among the agencies overseeing the regime, procedure-driven approaches to compliance by financial institutions, and a corresponding misalignment of compliance resources away from AML activities with potentially greater value. In addition, the agencies lack mechanisms to de-conflict entrenched interests, which has undermined attempts to create and implement the practical solutions necessary to make AML compliance activities within financial institutions more effective and efficient.
Conflicting Objectives in the AML Regime
Two laws primarily govern anti-money laundering in the United States: the Money Laundering Control Act ("MLCA") of 1986,2 as amended, criminalizes the act of money laundering, or knowingly engaging in transactions that involve the proceeds of crime; and the Currency and Foreign Transactions Reporting Act of 1970,3 as amended, and more commonly referred to as the BSA, which was originally passed as a tool to collect financial intelligence in support of government investigations. The MLCA applied to all US persons and certain foreign persons, while the BSA generally applied only to financial institutions,4 obligating them to keep records on and report certain financial transactions. The two laws, both designed to address money laundering and its underlying criminal activity, had two different purposes and, generally, were administered separately.
The trouble for financial institutions began with the passage of the Annunzio-Wylie Anti-Money Laundering Act of 1992,5 which effectively merged the regimes of the MLCA and the BSA with respect to financial institutions. Although the federal banking agencies ("FBAs") always examined banks for compliance with all laws, Annunzio-Wylie made a depository institution’s charter and access to federal deposit insurance directly contingent on the institution’s compliance with the MLCA. With the potential for such serious consequences, even the suggestion of less-than-robust compliance with the MLCA could be interpreted by examiners as constituting a critical threat to the depository institution’s safety and soundness. Instead of simply being responsible for collecting and reporting information with a high degree of usefulness to government investigations (the stated purpose of the BSA)6 and not knowingly engaging in money laundering, financial institutions became responsible for actively preventing money laundering through their institutions. This state of play was reinforced in 2001 by the USA PATRIOT Act, which amended the BSA and required covered financial institutions to establish anti-money laundering programs "in order to guard against money laundering."7
A Procedure-driven Approach to BSA/AML Compliance
The practical consequence of the merger between the MLCA and BSA is that it skewed the incentives for financial institutions from a risk-based and reasonableness approach to financial intelligence investigations to a procedure-driven approach that has since become misaligned with the real risks of money laundering.
While one would expect the Financial Crimes Enforcement Network ("FinCEN"), originally created in 1990 and since designated as the administrator of the BSA (with its own regulatory, supervisory and enforcement authorities), and the financial intelligence unit for the US, to be the natural source of incentives encouraging financial institutions to prioritize their resources on actionable and valuable financial intelligence, it has effectively ceded the creation of incentives to FBAs and other federal functional regulators. For most of its history, FinCEN’s resources have been prioritized towards supporting law enforcement investigations by providing ad hoc case support and enabling access to its database of financial intelligence and not on developing higher quality intelligence of greater value to stakeholders. More recently, FinCEN has been making progress on providing greater direction and feedback to financial institutions on their suspicious activity reporting8 and its relationship with the FBAs regarding the oversight of the BSA/AML regime,9 but the compliance regimes within financial institutions are still very much driven by the objectives and expectations of the FBAs.
FBAs expect financial institutions to not only comply with the MLCA but to proactively demonstrate that they are compliant with the law. In other words, depository institutions are required to "prove a negative" by demonstrating that they do not facilitate money laundering. Proving a negative is extremely difficult; as the saying goes, absence of evidence is not evidence of absence. To come close to proving a negative, one must demonstrate comprehensive transparency. Only by demonstrating that one knows everything that has happened, with no reasonable gaps in knowledge, can one demonstrate that something has not happened. For financial institutions to prove that they are not handling the proceeds of crime, they must develop rigorous controls over their activities and prove to examiners that their controls are so comprehensive that it creates a presumption that they are more likely than not to detect, report and prevent transactions involving the proceeds of crime. Additionally, such an MLCA prevention program is easier to examine, from a practical perspective, than a BSA compliance program because there is no need to assess the outputs of an AML program, such as suspicious activity reports, against a subjective standard—namely, having a "high degree of usefulness" to government investigations or proceedings. Instead, examiners may focus on objective standards such as whether a financial institution had a required procedure and whether they followed it.
Initial Responses May Not Go Far Enough
The financial industry has repeatedly expressed its frustration with the current BSA/AML regime, including its lack of transparency into the government’s financial intelligence requirements and its inability to provide objective measures of effectiveness for their BSA/AML compliance programs, both of which are symptoms of the tension between the BSA’s dual purposes.10 Although many of the reform bills under consideration focus on specific issues such as beneficial ownership of legal entity customers, the "Illicit Cash Act" stands out by seeking to address some of the frustrations expressed by industry representatives.
However, even the expansive and well-received "Illicit Cash Act" does not appear to address the larger point outlined in this alert.11 Although it appears to at least partially address some of industry’s concerns, it does not go far enough to address the underlying problem described above. For example, the draft bill requires the Treasury Secretary to consult with other government agencies to establish annual priorities for AML/countering the financing of terrorism policy,12 which should form a key basis on which to examine financial institutions.13 Presumably, this means the Treasury Department would establish priority topic areas like terrorism finance or human trafficking and not programmatic priorities like collecting financial intelligence over preventing money laundering. Both efforts at prioritization are important; the former ensures that whatever intelligence is collected will be useful (setting aside the fact that most investigations at financial institutions are triggered by general financial crime typologies and it is difficult to determine the underlying criminal conduct), but without the latter type of prioritization, financial institutions will not have the flexibility to re-direct investigative resources to higher priority topic areas.
The current US BSA/AML regime results in AML programs at financial institutions that are rigid and process-driven and that align resources to proving a negative rather than addressing real AML risks. It incentivizes financial institutions to focus on demonstrating compliance with the criminal provisions of the MLCA, rather than collecting useful financial intelligence. Clearly, this puts the two stated objectives of the regime (creating actionable financial intelligence and preventing money laundering) at odds with each other. Congress must be clear about the primary purposes of the BSA and the objectives of a financial institution’s AML program, allowing incentives to be properly aligned and financial intelligence to develop into the even more powerful tool it was meant to be. To date, none of the many proposals from Congress are drafted to achieve this result.