Anti-Money Laundering Update: Interview with FinCEN Director James Freis

Insights on BSA Compliance, Trends and the Global Fight Against AML
Anti-Money Laundering Update: Interview with FinCEN Director James Freis
Just over one year ago, James H. Freis, Jr. was appointed Director of the Financial Crimes Enforcement Network (FinCEN), the U.S. regulatory body charged with battling the crime of money laundering. In this role, he leads FinCEN's efforts to administrate the Bank Secrecy Act (BSA), cracking down on both money laundering and terrorist financing.

In an exclusive interview, we recently caught up with Freis to discuss anti-money laundering (AML) trends, BSA compliance and the highlights of his first year at FinCEN's helm.

Q: In the aftermath of the recent Spitzer case involving SARs, there has been much comment from institutions about the media naming the two banks that filed the initial reports which led to his resignation. How do you plan to keep these reports confidential in future?

Freis: I can't speak directly to any specific case where a SAR has been filed, but I will address the overall question. It is extremely important that the confidentiality of SARs filings is maintained. The statutory safe harbor for financial institutions and other organizations that file SARs is there because of the essential public policy choice that you need to protect the source to allow them to take comfort in freely sharing information with the government. To make that more clear, any information in respect to customer data and account information is very sensitive, and they take that very seriously. So, it is essential for FinCEN to show not only are they obligated to provide this information, but that we will maintain that information in the public trust in a very secure way. I place a great emphasis on maintaining the security of the data - it's one of the things I talk about publicly. One of the vulnerabilities or limitations that we face in respect to this information when we make this information available to law enforcement and other government agencies at the federal state and local levels for law enforcement or criminal investigations, there are quite a number of contacts that receive this information. We will continue to raise with them the importance of keeping this information maintained properly, and if we see anywhere that this information is leaked, we will take the appropriate action to stop it. It is a system that has a lot of points of contact. Also keep it in the context that there were a million SARs filed last year. There have been other numerous high profile investigations where Bank Secrecy Act information played a very key role, and where they were not disclosed. You shouldn't view it as the exception being the rule. Any banker who is providing information to FinCEN are quite aware that it was extraordinary to have any public discussion that suggested there was a SAR involved.

Q: The talk in the industry is that many of the reports required are onerous and time-consuming for the institutions filing them. What would you point to as the most important reasons for filing them?

Freis: It would be useful to take a look at the GAO study from Feb. 2008. They took a comprehensive look at the issue. They determined that law enforcement uses this information every single day. In fact it has become more valuable over time, and now law enforcement can go through several years to track trends in CTRs filed with the help of IT databases. Also think back to the original reason CTRs were mandated: Cash is anonymous. It was at the time the vehicle of choice to move drug money proceeds and for tax evasion. The information filed through CTRs remain useful for law enforcement to pick up those particular things, but also has become increasingly important to detecting other threats we face today, including terrorist financing investigations and continuing organized crime issues. The GAO came out with some recommendations as to how we can streamline and limit information that might be less valuable. My public response to that was we are happy to take any reasonable suggestion that helps us better streamline the reporting and make it easier for banks and still gets law enforcement the information they need. Some of the ways we're looking at streamlining the reporting process is making an e-filing capability. The GAO interviewed 700 banks during the study, and the report gives a broad picture of CTR reporting.

Q: What are some of the new ways that FinCEN is working globally to fight money laundering? How are other countries faring in their fight against it?

Freis: One of FinCEN's unique roles is as designated financial intelligence unit or (FIU) of the United States. We are the agency that collects the information from financial services industry and disseminates it to the law enforcement agencies. We are connected with 106 countries and their FIUs and work with the Egmont Group, the international secretariat based in Toronto, Canada.

In terms of how countries are faring, it is an international consensus that it is critical that every country needs to adopt anti-money laundering, counter-terrorist financing legislation. Not just put requirements on the books, but they must become effective in combating these criminal behaviors. We play a role under Treasury's overall lead in raising that global level of compliance with these standards. Once a country has a functioning anti-money laundering organization established, we share information back and forth with them. We're also working on a more strategic level with several countries on cross-border threats. It's become quite clear that even though I operate within the U.S., and the government is bound by jurisdictional lines and borders, the financial markets are global and criminals certainly don't respect borders. They seek out any vulnerability, so it's only through working with some of our key foreign counterparts that we can stop it.

Q: Feedback to financial institutions - what are some of the ways FinCEN is working to create better feedback mechanisms to institutions?

Freis: Feedback needs to go both ways, and we've put added focus on this in our dialogue with the industry. In terms of my view of the division for feedback, especially feedback regarding SARs, includes reporting of new trends in money laundering and new types we've never encountered before. This information needs to go out to all institutions, so it's not the case in Main Street USA where a criminal can find a loophole in one bank on the left side of the street and then six months later use the same loophole on the bank on the right side of the street. This is the one ability FinCEN has that is unique that we draw upon information from the entire industry to look at things as a whole. Because no matter how diligent or how well trained or how alert they are, the single point of contact in any institution could never see the overall picture of vulnerabilities and risks in the way we can.

Q: Law enforcement says they use the CTRs and SARs to produce valuable intelligence. How can financial institutions do a better job in reporting information on these reports for FinCEN and law enforcement?

Freis: FinCEN put a report out last October that referred to common errors in SAR reporting. Some of them were very elementary, but I think it is important to highlight those in educating financial institutions about it. Because if an institution has gone through the effort and found a transaction that meets the requirements for a SAR filing threshold, then all that benefit is lost if they don't communicate that information properly to FinCEN. It takes only a marginally greater effort once that information is collected to properly fill out the SAR to make it really valuable to law enforcement. In addition to that we have focused a great deal on guidance across all different components in the financial services industry. Calls we receive through our regulatory hotline as well as written requests about guidance also shows us where more clarification is needed. We're also doing our own internal analytical studies across the industry looking for emerging trends. Some are public and go to the industry and some are focused solely for law enforcement purposes.

Q: FinCEN has been extending reporting requirements to other entities out in the business world, including MSBs, jewelers, etc. What is the overall strategy of BSA/AML enforcement strategies that FinCEN has planned?

Freis: When BSA was first passed by Congress in 1970, the original focus was on the banking industry. As it grew over time with the inclusion of MSBs, the real watershed came with the passing of the Patriot Act. This expanded the regulatory reporting requirements out to other components of the financial services industry. We have the broadest definition of what a financial institution is, and it reaches out to casinos, precious metals and jewelry dealers. We go much beyond what people simply consider when they think of the financial services industry. The reason behind this is any vehicle which you can easily transmit value or a type of financial intermediation is a potential vulnerability for the movement of criminal proceeds or funds designed to support terrorism. Congress asked us to look into this in terms of the Patriot Act. The way that some people would have traditionally preferred to carry a duffel bag full of cash, they could also just stuff their pockets with a couple of high quality diamonds that carry more value and are less easily disclosed. That is the reasoning behind the extended reporting requirements -- now our goal is to look at where those risks are in terms of criminal vulnerabilities and financial intermediation and to focus the requirements on those entities that are best able to mitigate those risks. This won't be easy because each of those entities operates in a different area of the industry and requires greater knowledge on our part of how things work in that industry. We strive to make the rest of those areas as hostile to criminals as the banking sector generally has become.

Q: The cost of complying with BSA/AML regulations is a growing concern for many institutions, especially those that haven't automated their monitoring process. What are your recommendations to those institutions facing this problem?

Freis: We recognize that compliance with BSA comes at a cost both in terms of money and resources. That was what was intended by Congress, so that some of the work cost of fighting financial crime is picked up by private industry. In terms of automation, it is quite clear that it is helpful in monitoring and detecting such activities as structuring. IT can very much aid an institution, but IT is not a panacea. The best approach is to have smart, bright, well-trained people monitoring AML/BSA for your institution. That's why BSA/AML training of staff is part of the requirements during a BSA exam process. They are the best defense. An institution cannot rely solely on technology to perform its anti-money laundering requirements.

Q: Emerging trends in illicit activity include mortgage fraud and a marked increase in SARs related to it. Does this mean mortgage fraud is increasing, or are banks doing a better job of detecting it and reporting it?

Freis: It probably is a combination of both, in terms of increasing numbers of cases, I want to be careful to point out that some extent it is a lagging indicator. Not in a position to make a prediction where it will be in future. Are banks doing a better job of detecting and reporting SARs related to mortgage fraud? Yes, institutions are reacting to it. They are looking at risk and vulnerabilities in a new way. FinCEN has two whitepapers on mortgage fraud and they analyze how the industry is working to identify the techniques related to the fraud and the vulnerabilities that occur. (See related: Mortgage Loan Fraud SAR Assessment)

Q: What are some of the other emerging trends that FinCEN is seeing when it comes to money laundering and other criminal activities?

Freis: I ask myself and my people that question every day. I would emphasize the increasing focus on risk-based approach in terms of what the regulations require and how individual financial institutions are asked to focus their monitoring based on the risks in their institutions.

This fight against money laundering is really is a partnership between us and the financial services industry, tackling the real threat of criminals moving money through our financial institutions. It's clear to me through discussions with law enforcement and the financial industry there are few if any out there who would want criminals as their customers. We have a common goal to make it more difficult to move money through our institutions. Almost all crime has a monetary motive and following the money trail is one of the most effective ways to track down criminals to find evidence that can be used against them; to find assets that can be subject to criminal or civil forfeiture. People don't share money or a bank account with another person that they don't know. It just doesn't happen. The financial intelligence we receive from financial institutions is some of the best ammunition that law enforcement can use to protect the American public. We can't do it without the dedicated, concerted efforts of financial institutions and the staff at FinCEN.

Q: You've been director of FinCEN for just over a year now. What are some of the highlights of your term?

Freis: Any accomplishments I've been able to make reflect not just on myself but the people here at FinCEN. From day one it was so clear how committed the FinCEN staff is to their mission and how much they try to do for the greater good. Without that level of commitment, I'm sure we could not really have some of the successes that we've had. When I first began here I said I would take a fresh look at everything we do. That being said, some of the things I'm most proud of, and have spearheaded our focus on and have made a difference is doing that, making sure we were doing everything as efficiently and effectively as possible. This means a regulatory framework in dealing with an ever-changing financial services industry, which is its strength, but also that criminals are always changing and trying to remain ahead of the curve. So, we can't be complacent with our regulatory structure. It has to adapt to the changes in industry and limited resources and the obligation of time and resources in order to follow through. We announced an initiative with that last year, and it was a change in the mindset of our overall efforts. There have been follow up announcements on these changes. In addition to that we've put a specific focus on industry outreach and creating a dialogue with the industry itself. I've had a couple of milestones in that regard, with making direct interaction with every sector under banking regulations in the first year. Aside from the broader audiences we speak to through seminars and training sessions, we've made sit-downs with individual institutions a priority. We started with the largest institutions in the country and will look to move it down to other institutions. In order for us to do our job properly, we have to have this partnership with the industry to know what they're doing on a day-to-day basis.

I've personally reached out to principals in both law enforcement agencies and the regulatory bodies to deepen our partnerships with them. FinCEN is a service institution, and we want to make sure we are meeting their needs in terms of the information they need.

Internally, we've filled a lot of key management positions and retained some of our stars. The challenge is dealing with so many issues at once along with so many aspects of the public sector and private sector every single day. It's just an amazing array of challenges. I can tell you it's not an easy job.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.