Pub. 6 2018 Issue 2

Chance Williams brings a wealth of knowledge and practical experience to our banks. Chance developed an expertise in compliance while working as a BSA and Compliance Officer in banks of all sizes during his career. He contributed as a member of Business Devel- opment Teams, Loan Committees, Audit Committees, Product Steering Committees, IT Committees and as a direct liaison with the regulatory agencies. Chance also holds 10 years of experience as a compliance officer/auditor and 4 years as a senior compliance/audit consultant. As a Compliance Officer and Auditor, Chance has spent his career working with banks under enforce- ment action to strengthen bank compliance management systems. Chance holds the ICB CRCM certification; as well as ICBA certifications in BSA (CBAP), Compliance (CCBCO), and IT (CCBTO). He has worked in the banking industry for 20 years in all departments of the bank. He possesses a strong working knowledge of bank operations and compliance. “By expanding the GTOs to other major cities, we will learn even more about the money laundering risks in the national real estate markets, helping us determine our future regulatory course.” chases through shell companies. To better understand the role GTOs play, FinCEN began doing the needed research. FinCEN Acting Director Jamal El-Hindi stated: “The information we have obtained from our initial GTOs suggests that we are on the right track,” “By expanding the GTOs to other major cities, we will learn even more about the money laundering risks in the national real estate markets, helping us determine our future regulatory course.” This new field will further assist FinCEN in protecting against the abuses of illicit actors on a larger scale. The second new field to discuss is located in Part II. This new field is designed to capture “Cyber events” as they pertain to suspicious activity. FinCEN has defined these types of events as: Cyber-Event: An attempt to compromise or gain unau- thorized electronic access to electronic systems, services, resources, or information. Cyber-Enabled Crime: Illegal activities (e.g., fraud, money laundering, identity theft) carried out or facilitated by elec- tronic systems and devices, such as networks and computers. Cyber-Related Information: Information that describes technical details of electronic activity and behavior, such as IP addresses, timestamps, and Indicators of Compromise (IOCs). Cyber-related information also includes, but is not limited to, data regarding the digital footprint of individuals and their behavior. Many times a cyber-event that targets a financial institution constitutes some type of illicit activity and can serve as a con- duit to commit numerous types of wide-ranging crimes. This has resulted in the additional subtype selections being added to Part II. The new subtypes are: new or modified options for Structuring, Fraud, Gaming, Money Laundering, Identifica- tion/Documentation, activities around Securities, Futures, Options, and Mortgage Fraud. Due to these events becoming more prevalent, FinCEN has issued situations in which a SAR filing is required. Third, in Part II the new field, for “Cyber-Event” indicator field that allows the filer to report various events such as Command and control IP addresses, Ports, suspicious files names, and more, was added. This addition was due to the continued and increasing use of electronic systems and resources that are often utilized to perpetrate illicit activities. This increased use of electronic means requires institutions to capture information associated with Cyber-related activities. It is becoming ever more important for BSA and IT departments to work closely together to implement tracking and reporting of potential cyber-related incidents to ensure the institution is aware of all possible suspicious activities occurring. The coop- eration between BSA and IT can help to better understand the possible cyber-related occurrences and know if there is a pattern or practice being utilized when illicit actors are perpetrating these activities. Next, let’s discuss the revisions made to the SAR form that are not due to additional fields. The first revision is located in Part II and allows for subtype selections associated with various suspicious activity types to be made. Selecting these will help the institution better capture the true activity being conducted. FinCEN can also better determine any course of action in regard to the suspicious activity. Looking next at the revised date and time stamp fields, located in Part II, help determine if the activ- ities are being conducted on a schedule or are random in nature. Information of this nature can assist in being prepared for future activities. The third revision, located in Part II, expands on the suspicious activity relating to specific product types. The infor- mation gathered here helps both the institution and FinCEN determine if specific products are being exploited, and are re- sulting in illicit activities being perpetrated. The fourth revision, located in Part III/IV, deals with Securities and Futures. This revision was made to ensure that the institutions are capturing information in relation to where the activity occurred and filing instructions in case of illicit activity. The final addition to the above noted additions and revisions are directed at batch filers. Batch filers will be required to submit SAR information in a XML file format rather than in fixed- length, file delimitation such as the current ASCII. The BSA E-filing system will continue to accept ASCII batch submissions until January 1, 2019 in order to give batch filers a six-month go-live date window from June 2018 until January 2019. This window allows financial institutions the opportunity to ensure they are ready to file batches using the new required XML file format prior to the required date. n