The Bank Secrecy Act: What is the BSA?

The Bank Secrecy Act (BSA) is the United States’ most important anti money laundering regulation: banks and other financial institutions must ensure they meet the compliance obligations it involves. Introduced in 1970, the Bank Secrecy Act requires financial institutions to work with the US government to combat financial crime. Also known as the ‘Currency and Foreign Transactions Reporting Act’, the Bank Secrecy Act is primarily concerned with preventing money laundering, although it has been amended over the years by legislation such as the Patriot Act, which expanded its scope to include terrorist financing activities.

The Bank Secrecy Act is intended to not only aid the fight against money laundering but to ensure that banks and financial institutions are not used as tools to facilitate it. Under the Bank Secrecy Act, institutions must work to detect and monitor potential money laundering activities, and report them to the authorities so that AML enforcement actions can be taken.

The Bank Secrecy Act is administered by the Financial Crimes Enforcement Network (Fincen) which imposes a variety of compliance obligations on financial institutions. To meet those obligations, senior management should ensure that they have a detailed understanding of the legislation itself.

Bank Secrecy Act compliance: What you need to know

In order to achieve compliance with the Bank Secrecy Act, financial institutions must navigate a range of regulatory requirements which focus on reporting to, and liaising with, the authorities, and building internal AML controls. That process involves the following important considerations:

BSA AML compliance program

The BSA requires financial institutions to each develop an Anti Money Laundering (AML) program. An effective BSA-AML compliance program should suit the unique needs of the financial institution it serves, including the risk profile it faces. The principal elements of an AML compliance program are as follows:

• Internal systems and controls: An AML program should be built around a set of written policies and procedures, designed to help employees detect and monitor money laundering activities and financial crime.
• Compliance Officer: A principle employee should be appointed to oversee the development and implementation of their institution’s program. In addition to providing oversight for internal controls, a BSA Officer is responsible for arranging independent audits and examinations of their institutions’ AML compliance program.
  
• BSA training: Basic training in Bank Secrecy Act-AML compliance should be provided to all employees. Employees with a greater level of responsibility may need advanced training or certification.
• Independent audits: A regular schedule of independent audits should be established in order to test the ongoing effectiveness of an AML program. Audits must be conducted by qualified third-parties.

Reporting & record keeping

The Bank Secrecy Act involves numerous reporting and filing obligations with FinCen, which relate to specific risk profiles. Those obligations include:

• Currency Transaction Reports (CTR): Currency transaction reports must be filed for cash transactions exceeding $10,000. This requirement concerns only the physical exchange of money (cash and paper) between persons.
• Form 8300: Certain businesses, such as car dealerships, art galleries or insurance firms, which receive more than $10,000 in cash in a single transaction, or in multiple related transactions within 24 hours, must file Form 8300.
• Suspicious Activity Reports (SAR): Transactions which involve suspected BSA violations, or terrorist financing activities, and which aggregate more than $5,000, must be detailed in a Suspicious Activity Report. SARs may be voluntarily filed for suspicious transaction below the $5,000 threshold.
• Foreign Bank and Financial Account Report (FBAR): An annual filing requirement for individuals holding accounts with foreign banks of $10,000 and over.  While the FBAR is generally filed by the account-holder, financial professionals filing on behalf of a client must register to file as an institution.

The majority of FinCen reports must now be filed electronically, using the BSA e-Filing system: organizations must apply to FinCen for a username and password before they can use the system.

In addition to Bank Secrecy Act filing requirements, financial institutions must keep detailed records of suspect activities. In particular, institutions must maintain a log of purchases of monetary instruments (such as a bank, travellers, and cashiers’ checks) of between $3,000 – $10,000. In these instances, the log must record and verify the identities of purchasers, and aggregate the value of their transactions.

What is the importance of Bank Secrecy Act compliance?

In achieving Bank Secrecy Act compliance, a financial institution shows its commitment to helping law enforcement organizations tackle financial crime, and contributes to a wider climate of fairness and justice.

The US government is committed to fighting money laundering, and as such imposes statutory penalties for Bank Secrecy Act violations – which could range from $10,000 dollars for record-keeping violations, to over $200,000 for more serious infractions. In particularly severe cases, fines may reach into the millions and even billions of dollars: in 2018, US Bancorp was fined $613 million for Bank Secrecy Act violations, while in 2012, HSBC paid a record $1.9 billion as settlement for money laundering activities.

Beyond the financial consequences of non-compliance, institutions which violate the BSA may incur much greater reputational damage, losing the confidence of both customers and clients, and of their employees. While the effort to comply with the Bank Secrecy Act represents an ongoing administrative challenge, certain industry tools such as data analytics programs and software automation, are available to make the process easier.