Many of my clients chafe at the AML rule, given the cost of compliance and the even higher cost of defending an Enforcement action if the regulators conclude that red flags were somehow missed, or spotted but not dealt with adequately, or soon enough, or both, or spotting the red flags, responding to them, but not memorializing those efforts sufficiently. In short, there are a lot of ways to trigger an AML problem.
A common source of annoyance is when firms find themselves having to defend a decision not to file a SAR, a Suspicious Activity Report. They insist that what FINRA, or the SEC, or FinCEN, deems to be a red flag consistent with money laundering is, in fact, something innocent, and not suspicious once you understand the underlying facts. But, those can be difficult, and expensive, arguments to make, and even harder and more costly to win. So, many firms simply say it’s easier not to fight City Hall, and just go ahead and file SARs even if they believe that nothing truly suspicious happened, with the thought being that you can’t get in trouble for filing a SAR, as opposed to what can happen if you don’t.
Well, not so fast. Today, the SEC filed an AML complaint in federal court against Alpine Securities Corp., and the problem is not that Alpine failed to file SARs in the face of suspicious activity, but that it did file SARs – hundreds of them – and left out the juicy parts. According to the complaint,
Alpine filed hundreds of SARs that omitted material information that was in Alpine’s possession and was required to be reported pursuant to Alpine’s BSA Compliance Program, which incorporated FinCEN guidance, the SAR Form instructions, and the regulations implementing the BSA. Many SARs identified no suspicious activity at all. Even when Alpine reported some suspicious activity in some of its SARs, it systematically omitted other known material information in such a way that the SARs deprived law enforcement, regulatory, and intelligence consumers, including the Commission, of valuable and timely intelligence and undermined the very purpose for which BSA obligations are imposed on financial institutions.
What did Alpine omit? According to the complaint,
- Hundreds of instances in which its customer had prior or ongoing financial fraud charges;
- Approximately 100 instances in which the issuer was previously a shell company, or had filed for bankruptcy, or frequently changed its business;
- Approximately 100 instances in which the ticker being deposited was the subject on an ongoing promotional campaign;
- Approximately 100 instances in which its customer was a foreign financial institution; and
- Dozens of instances in which its customer was depositing millions or billions of shares of a security that had little or no previous trading activity, and dozens more instances in which the issuer could not be verified as an operating entity.
The lesson here is clear and unmistakable: it is not enough merely to file a SAR because it’s easier than not filing and then having to justify your decision not to file. Rather, if you do file a SAR, you have to provide enough detail to make clear what, exactly, was suspicious. In the complaint, the SEC was kind enough to cite to guidance that FinCEN has provided regarding the content of SARs:
FinCEN’s guidance to broker-dealers instructs SAR filers to “identify the five essential elements of information—who? what? when? where? and why?—of the suspicious activity being reported” and to include “a summary of the ‘red flags’ and suspicious patterns of activity that initiated the SAR.” See FinCEN, Guidance on Preparing A Complete & Sufficient Suspicious Activity Report Narrative (November 2003) at pp. 3, 7. FinCEN guidance also states that “SAR narratives should describe, as fully as possible, why the activity or transaction is unusual for the customer, taking into consideration the types of products and services offered by your industry and the nature and typical activities of similar customers. Explaining why the transaction is suspicious is critical.” See FinCEN, Suggestions for Addressing Common Errors Noted in Suspicious Activity Reporting (October 10, 2007) at p. 2 (emphasis added). FinCEN guidance regarding SARs further states: “In answering this question, a filer should describe why the transaction is unusual for the customer or why the activity created a red flag for the filer or triggered an alert within their system.” See FinCEN, The SAR Activity Review, Trends Tips & Issues, Issue 22 (October 2012) at p. 40 (emphasis added).
Thus, if you really believe that it’s easier to file a SAR than not doing so and risking having your decision-making process subjected to close scrutiny, then be sure your SARs contain the necessary information to make them meaningful. Otherwise, you may be worse off than if you hadn’t filed in the first place.