Skip to content
Compliance & Risk

FinCEN leaks mark inflection point for international AML regime, says former DEA agent

· 5 minute read

· 5 minute read

The leak of a trove of documents from the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) — the so-called FinCEN Files — has highlighted the ineffectiveness of the international anti-money laundering (AML) regime in terms of securing law enforcement outcomes and should trigger a fundamental review, a former senior U.S. law enforcement supervisory special agent has said.

Michael Messier told Thomson Reuters Regulatory Intelligence (TRRI) that the financial crime and risk communities should seize the opportunity to reshape the AML and combatting the financing of terrorism (CFT) regimes. The leaks had shown that suspicious activity reports (SARs) and other transaction reports were failing to generate a satisfactory return either for banks themselves, or for the law enforcement community, he said.

Messier, the principal of Global Compliance and Strategic Solutions, has spent nearly three decades on the public and private sides of the AML profession. For 15 years he was a special agent with the U.S. Drug Enforcement Administration (DEA), including diplomatic postings at the U.S. Embassy in Mexico City. In 2010, he joined Bank of America to lead its financial crime compliance operations in Latin America.

Most articles published on the FinCEN Files have been based on the premise that financial institutions were responsible for preventing financial crimes such as money laundering and terrorist financing, according to Messier. This perspective placed banks and other reporting entities in the “precarious role” of operating as quasi-enforcement agencies, he argued.

“The responsibility to investigate crimes and build a criminal case for executing an arrest and prosecution supported by actual evidence lies with law enforcement,” he said.

“I’m not sure it is even possible to entirely eliminate risks in business, unless you close the institution’s doors,” he added. “Managing risk is an ongoing process that starts from the onboarding of the client and continues through the life of the relationship, to include client refresh and monitoring systems and processes to identify and report on suspicious activity.”

Frontline experience

One of the lessons from the FinCEN Files leak scandal was that financial institutions needed to improve their transaction monitoring and produce more substantive SARs, Messier said. In the future, reporting entities may need to focus on filing higher-quality SARs, rather than a higher quantity of reports. Filing better, more detailed SARs would be extremely valuable for law enforcement agencies, Messier noted.

However, U.S. regulators are seeking to require even more paperwork by banks. Both FinCEN and the Federal Reserve Board last month proposed amending funds-transfer recordkeeping and travel rule regulations under the Bank Secrecy Act, the main U.S. anti-laundering law.

Michael Messier

Financial institutions now must collect, retain, and transmit throughout the payment chain certain information — such as the names of the originator and beneficiary — related to funds transfers and transmittals of funds of more than $3,000.  The proposed rule would lower the threshold from $3,000 to $250 for international transactions, while the threshold for domestic transactions would remain unchanged at $3,000.

The FinCEN Files also have created an opportunity to review the approach that major reporting entities take to account closures following the submission of a SAR.

As a result of the FinCEN leaks, there has been a greater focus on whether financial institutions should maintain customer relationships where suspicious activity has been identified. Terminating accounts could be counterproductive from both a law enforcement and a commercial perspective, Messier said. “To close an account or terminate a client relationship based only on one SAR could harm the client and raise questions about the financial institution’s ability to properly handle risk.”

Messier explained that this level of suspicion alone does not support a conviction — or, for that matter, an arrest — for an illegal act. “A bank does not have access to SARs filed outside of their institution,” he added. “Financial institutions do not have access to ongoing law enforcement investigations or what a client is doing at other institutions.”

Continuing investigations

In some cases, law enforcement agencies may have continuing investigations underway, and these might be compromised were an account to be closed. Prosecutors in the United States sometimes issued “keep open” letters requesting the financial institution to keep the accounts open, Messier said. “It’s beneficial to open up a legally permitted dialogue with law enforcement to align AML and CFT efforts. Likewise, it’s equally beneficial for the compliance units, particularly the AML/CFT risk managers, to enhance communications with the lines of business inside the walls of their own institutions.”

More stringent processes for internal review and dialogue would help compliance teams to understand a client’s business model and reduce the volume of low-value and low-quality SARs. “The ultimate goal here would be to integrate the compliance culture into the sales process,” he said.

The FinCEN Files leak have also underscored the need to improve the alignment of public and private sector efforts to combat financial crime. Reports published in 2017 by the U.K.’s Royal United Services Institute and the Clearing House challenged the effectiveness of the AML/CFT framework at an international level. There had been a surge in “low-quality” SAR reporting by financial institutions, which was “ill-suited” to apprehending criminals, the reports said.

The FinCEN leaks had highlighted the critical importance of public-private partnerships in terms of improving the quality of SARs and the effectiveness of the entire AML/CFT regime, Messier said.

regulatory intelligence

More insights